Skip to main content

Radperf - Man Page

· loading · loading · ·
Jeremy Browne
Author
Jeremy Browne
Dad, nerd, aeroplane pilot, and wannabe racecar driver.
Table of Contents

Radperf: Network RADIUS
#

I couldn’t find this very specific information anywhere else online, so if you’re reading this; I hope you find it useful! I needed to use Radperf for some RADIUS network performance testing. In my case, the command I ended up using was:

`radperf -a none -A 600,600 -c 1 -f attributes.txt -r 3 -s -t 3 -x [IP ADDRESS] acct [SHARED SECRET]`

The following is the output of running man radperf

NAME
#

radperf - RADIUS client for performance testing

SYNOPSIS
#

radperf [options] server {acct|auth|status|disconnect|auto} secret

DESCRIPTION
#

radperf is a RADIUS client program similar to the FreeRADIUS “radclient” program. It sends packets to a RADIUS server and then waits for the reply. It can do performance testing of a RADIUS server and can synthesize accounting packets from Access-Request packets.

OPTIONS
#

-a type
#

Send Access-Requests using type authentication method: pap, chap, or none. The default is pap, which sends a User-Password. The method chap sends a CHAP-Password. The method none makes radperf not send any Access-Request packets but instead proceed directly to sending Accounting-Request packets. The method none MUST be used with the command-line option -A.

It is often useful to perform the same test with both PAP and CHAP authentication methods. This option lets you create a file that contains User-Password, and then use -a chap to make radperf send packets containing CHAP-Passsword.

The default is to use whatever is in the input file.

-A delay,lifetime
#

After receiving an Access-Accept, start sending Accounting-Request packets. The interval between Accounting-Request packets is delay seconds. The Accounting-Request packets are sent for a total of lifetime seconds.

If the Access-Accept contains a Session-Timeout that is smaller than lifetime, then that value is used for the lifetime of the session.

Attributes such as NAS-IP-Address, NAS-Port, etc. are copied from the Access-Request to the Accounting-Request.

Attributes such as Class are copied from the Access-Accept to the Accounting-Request.

If there is no NAS-Port attribute in the Access-Request, then one is created, with a unique value.

-c count
#

Send each input packet count times.

-C attr[,attr]
#

Copy these attributes from an Access-Accept to the Accounting-Request.

-d freeradius_dictionary_path
#

The directory that contains the RADIUS dictionary files. This defaults to share/, in the same directory where the radperf binary is located.

The environment variable FREERADIUS_DICTIONARY_PATH may also be set, in which case it is used in preference to the default. However, specifying -d on the command line will override the environment variable.

-D statistics_file
#

Write a CSV file of num,time,delay, for each packet that was sent. The num field contains the packet number 0..N. The time field contains the time when the packet was sent, as an offset in seconds since the start of the program. The delay field contains the delay in seconds between sending the requests, and then the response was received.

-f file
#

If specified, attributes are read from file, and not from standard input.

The default is for the file to contain attribute names and values. Blank lines in the input separate individual packets. e.g.

Related

How I Built this Website with Hugo, Blowfish, and GitHub Actions
·· loading · loading
About Me
· loading · loading