Architecture Overview
Overview of Radiator Server's architecture, request flow, and core components including async processing, protocol servers, policies, handlers, and execution pipelines.
Architecture Overview
Radiator Server is a high-performance AAA server built with Rust, designed for async processing and modern cloud and on premises environments. It is designed with security and scalability as primary objectives.
Testing is fully automated with high test coverage using unit, integration, performance and UI testing frameworks.
Modern encryption for data in transit and passwords are built into the system.
Request Flow
The following diagram illustrates how Radius authentication requests flow through Radiator Server:
This is the flow irrespective of the protocol used.
Server
The server handles incoming requests the following protocols.
- RADIUS: UDP, TCP, TCP with TLS (RadSec)
- TACACS+: TCP with optional TLS
- HTTP: Customizable web server for constructing APIs with JSON support
It also handles networking related items. Like ip access lists, rate limiting, PROXY protocol support and other similar activities.
AaaContext
The AaaContext is a concurrent, thread-safe context that holds all request state.
See Execution Context for available variables and namespaces.
Policy & Handler
Server routes requests to appropriate handlers based on conditional expressions. Policies can select handlers based on request attributes, client identity, or any variable in the context.
See Policy configuration and Handler conditions for details.
Handle contains execution pipelines for doing business logic. Main items are @execute and @final-execute.
Actions
Individual processing units within pipelines:
- Protocol Actions: PAP, CHAP, MS-CHAP, EAP
- Backend Actions: SQL queries, LDAP lookups, HTTP calls
- Data Actions: Set/copy attributes, conditions, transformations
- Control Actions: Stop, continue, log
Architecture Overview
Backend Load Balancing
Basic Installation
Comparison Operators
Configuration Editor
Configuration Import and Export
Data Types
Duration Units
Execution Context
Execution Pipelines
Filters
Health check /live and /ready
High Availability and Load Balancing
High availability identifiers
HTTP Basic Authentication
Introduction
Local AAA Backends
Log storage and formatting
Management API privilege levels
Namespaces
Password Hashing
Pipeline Directives
Probabilistic Sampling
Prometheus scraping
PROXY Protocol Support
Radiator server health and boot up logic
Radiator sizing
Radiator software releases
Rate Limiting
Rate Limiting Algorithms
Reverse Dynamic Authorization
Template Rendering CLI
Tools radiator-client
TOTP/HOTP Authentication
What is Radiator?