ArubaOS and Controllers

Reply
Frequent Contributor I

VLAN Pooling

Does somebody know if the Aruba controller checks with the DHCP server (to see if one pool is depleted) before doing the "magic" to put a user in a vlan from a pool of vlans. I don't think it does, but just double checking. We have 10 vlans in the pool, and the pooling is working well, but sometimes we do end up with many available on one and none on the other. With so many mobile devices grabbing IPs automatically just walking by a building, we probably need to add some more vlans.
Is somebody out there doing any trickery on DHCP (or Aruba) to differentiate between mobile devices (iphones, palms, etc) and laptops? For instance, give mobile devices a shorter lease time..

Marcelo
University of Denver
Marcelo Lew
Wireless Network Architect-Engineer
University of Denver
Guru Elite

Vlan Pooling


Does somebody know if the Aruba controller checks with the DHCP server (to see if one pool is depleted) before doing the "magic" to put a user in a vlan from a pool of vlans. I don't think it does, but just double checking. We have 10 vlans in the pool, and the pooling is working well, but sometimes we do end up with many available on one and none on the other. With so many mobile devices grabbing IPs automatically just walking by a building, we probably need to add some more vlans.
Is somebody out there doing any trickery on DHCP (or Aruba) to differentiate between mobile devices (iphones, palms, etc) and laptops? For instance, give mobile devices a shorter lease time..

Marcelo
University of Denver




Vlan pooling is not DHCP server lease aware.. No. The more devices you move to encryption, the less your drive-by depletion.

Not saying I'm advising this, but one user degraded the performance on his unencrypted network to encourage use of the encrypted network. He had separate leases for VLANs that were on the unencrypted (short) as opposed to the encrypted (a little longer). You can also use the "show ap vlan-usage" command to see how many users are on each VLAN at the time: http://airheads.arubanetworks.com/vBulletin/showthread.php?t=703


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Frequent Contributor I

Re: VLAN Pooling

Yup, we do have the unencryoted network with ACL restrictions, so 95% of users use the encrypted network. However, even on an encrypted network most devices connect automatically after the 1st time. Very few users turn off their wi-fi if not being used...
Marcelo Lew
Wireless Network Architect-Engineer
University of Denver
MVP

We are experiencing the same thing

Unfortunately, it seems all you can do to battle these transient devices is to throw more address space (additional vlans) at the pool.

The huge issue I have with this is that when you change a vlan pool, users are re-allocated and TAC recommends *flushing* all users off the controller to force reassociation and re-derive their vlan. This is horrible in that this kind of change can only happen during a maintenance window.

Would anyone else like the ability to add a vlan to a pool and simply only affect NEW users?
==========
Ryan Holland, ACDX #1 ACMX #1
The Ohio State University
Frequent Contributor I

Re: VLAN Pooling

Yes, that would be great.
Marcelo Lew
Wireless Network Architect-Engineer
University of Denver
Frequent Contributor I

Re: VLAN Pooling

Actually, I just added 5 vlans to the pool (like I have done before), and I lost my VAP for about 2 minutes. When I do "show ap vlan-usage", I see even distribution of the old 10 subnets and the 5 recently added. It seems to me in 3.3.2.21 after adding the subnets, users associated to that VAP got "flushed" and re-authenticated. I wish I would have known this before doing the change in the middle of the day :(
Marcelo Lew
Wireless Network Architect-Engineer
University of Denver
Aruba Employee

Re: VLAN Pooling

Vlan pooling used a hash based on mac address to determine which vlan to place the client. In some sense, this is similar mechanism to port-channel where the switch has to determine which physical interface to send the egress traffic. The hash algorithm accounts for the number of vlan so if the number of vlan changes, so do the hash index.

-michael
MVP

True, Michael

Yes, michael - you're right. But the algorithm runs at association to determine in what vlan a user is placed. There's no reason that existing users need to be flushed. If users were placed amongst 5 vlans, and then 5 MORE vlans were added (total = 10), yes, any new clients should be hashed against 10 vlans instead of 5. But again, the original users that were hashed against the pre-existing 5 vlans should be unaffected.

WLANs are too dynamic to have simple expansion disrupting users. In fact, I recall one of the marketing tactics for vlan pooling to be "no longer do you need to reallocate a subnet or change a mask to expand -- simply add another vlan to the pool". Well, adding a vlan to a pool is just as disruptive to users as having to reallocate a network (size).

Hmph. My two cents. Sounds like some others agree. Hopefully, Aruba listens (as they typically do).
==========
Ryan Holland, ACDX #1 ACMX #1
The Ohio State University

Re: VLAN Pooling

I wonder if once the hash is calculated, when new vlans are added to the pool and this changes the hash, if that new hash gets applied when the user roams? I honestly don't know, but seems that might be the case.

edit: Maevis Beacon applied
Jerrod Howard
Sr. Techical Marketing Engineer
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: