Actually, it doesn't need a database. Each time it wakes up, it queries the
portmasters, looks for duplicates, kicks them off, and logs it's action and
some statistics about how many ports were in use.
> Here again, consider what other uses the machine does. We run two bsdi
> boxes which we do graphic work from under xwindows. One machine is at 28
> meg the other is at 32 meg. There have been times I've gotten core dumps
That's way too little memory. My _smallest_ PC has 32Mb, the largest 192Mb,
and I don't run X-windows anywhere. Our graphic design guys use Macintoshes.
> because two many things were happening at once. I haver a customer base
> of less than 700. If I'm putting that much of a drain on resources with
> less than 700 customers what happens if I hit the holy grail and reach
> 20,000 like some others? I can't just keep loading things into memory and
> hope for the best. My system needs to be up 24/7 like most people here
> and worrying about memory crashes is something I really don't need.
That's why the box _doesn't_have_any_other_uses. It strictly acts as a
radius server and duplicate-kicker-offer.
The drain depends on the number of portmasters and modems you have, not
the number of total accounts.
> > The PORTMASTER is _NOT_ "tacking on about 135 ms thru routing of traffic",
> > 99.9% of the lag is due to the modem and asynchronous serial port. If the
> > portmaster had to check who is one, it would only do so at login, and
> > might add a second to the time it takes to initially log in, but would
> > CAUSE NO ADDITIONAL DELAY ON ESTABLISHED CIRCUITS.
>
> Then how do you explain cisco terminal servers get ping times of around
> 50 or 60 ms? I used to work for another isp before I started my own and
> had access to cisco products. And a year ago 486 66's to 486100's with
> 28.8's were the dominant computers in our area. Now we have pentium 133's
> with 33.6's being the dominant platform. Ideally this should mean faster
> response times. So tell me, I really am curious, how can cisco terminal
> servers have a faster ping time when by your reckoning they should be the
> same? After all it is an asynchronous serial port and there is a modem...
I'd like to see any terminal server that shows ping times of 50-60 ms from
the ISP lan, through the TS and an analog-async modem, over POTS, and to
an async modem/serial port on a P133 at the customer.
I get 40ms on a 64K ISDN connection from an PM-2i to an OR-U, or 70-80ms
from a PM-2i to a BitSURFR pro connected with a 115K async 16550.
> > There is _zero_ reason to believe that tracking multipole logins would
> > have _any_ affect on latency. If it's done pro-actively at login, it
> > might take them a little longer to log in, and it's hard to prevent kicking off
> > a user who doesn't deserve it (due to missing accounting packets, etc).
>
> Check your stats again my friend... there are only two places to track
> multiple logins, server side or the portmaster. If the portmaster does it
> it will have to have database of some kind for those who are allowed and
> those who arent' to have multiple logins.
Agreed.
> Since the portmaster will dump customers at around 160 unless you expand
>the memory or go to server side validation
Of course you go to server-side validation, put the RADIUS server on the
same dedicated machine you use as a duplicate-kicker-offer.
> You're talking about some hardware and software modifications
> to the portmaster. Great idea for new customers lousy for old customers.
> Implementng a scanner on any typew of platform is just going to take
> resources no ifs ands or bullshit about it.
Your accounting of the cost of resources differs from mine. We are a small ISP,
based from a BBS started in 1983, plenty of hardware and software experience...
> > Let's see- a free Unix-like OS on a $900 P133, about two hours to set it up,
> > if you consider the savings of freeing up a phone line or getting a customer
> > who shares his account to cough up the payment for a second account, it
> > should pay for itself in under a year.
>
> Not necessaarily. At 900$ for a pc running linux you most likely left out
> the monitor. So now you have a linux box just setting there. Could be a
> web server or a mail server or an ftp server or any combination of the
> above... but if you're a full service isp you need a graphical
> environment to work n web pages or other projects. Unix/linux is great
> for multitasking and if you don't take advantage of tha6t you're wasting
> money in the long run.
I have to admit this train of thought is foreign to us. If we blow $900 on
a Unix (never Linux) box just sitting there, but that box kicks off enough
abusers that we avoid adding just TWO modems+ports+lines over a year's time,
it's just paid for itself, even if most of the CPU cycles are "wasted".
In reality (if not in the mind of the IRS) the $900 PC I buy today depreciates
to ZERO a year from now.
> > The "cost in labor" and hardware is, IMHO, justified by keeping users from
> > sharing accounts and hogging ports, catching compromised passwords, and
> > having actual port-utilization statistics.
>
> If you offer metered service you accomplish the same thing.
In our market (Chicago) metered service is unheard of. All provider's and
accounts are flat rate- some are a very _high_ flat rate, but still flat...