Higher Education

Reply
This is an open group. Sign in and click the "Join Group" button to become a group member and start posting.
Highlighted
New Contributor

IP mobility Setup

I am in the process of reading the documentation for IP mobility and just want to confirm I understand it properly.

 

We have one master and two local controllers all with the same vlans.  Each controller has an IP on each vlan.

 

All of our buildings are on separate vlans and I would like our users to be able to roam between buildings.  Currently some devices don’t ask for a new IP address properly so when the user roams to a new building their devices don’t work.

 

Based on the documentation, I should add the Home agent address which would be the ip address of the master switch.  Do I also add all the ips for each vlan as home agents?  Do I add the ips of the local controllers and all the ips they have for each vlan?

 

 

Thank you for your time.

 

 

18 REPLIES
MVP

Re: IP mobility Setup

Gustie, I'm confused by your setup. Perhaps I misinterpreted . . .

You said your controllers share all the same VLANs. I presume you mean all the client vlans exist at all controllers. You said that buildings have separate vlans; are your controllers centrally located or is there one at each building? If it's the former, then your clients could be placed into the same vlan wherever they go, as traffic is tunneled from the AP back to the controller, at which point vlan placement is made, DHCP requests forwarded, etc.

I will say that we've had a lot of experience with MobileIP and recently disabled it across the board, as the risk vs. reward assessment indicated disabling was a better move. Unless you have an application that needs session persistence as it roams across controllers, you likely do not need MobileIP and would instead only incur added complexity to your configuration, and especially when it comes to troubleshooting. My $0.02, but I've battled a lot with this for whatever it's worth.

Nevertheless, to answer your question, the "Home Agent" portion of the MobileIP configuration should either be the controller-ip of the controller or the VRRP-IP address of a controller pair (active-standby).

- Ryan -
==========
Ryan Holland, ACDX #1 ACMX #1
The Ohio State University
New Contributor

Re: IP mobility Setup

Yes i meant all clients vlans are on all three controllers.  All the controllers are centrally located.

 

We do have all the ap ports on the same vlan and they are tunneled back to the controller.  We have AP groups setup with Virtual AP's per bulding to set the client vlan for a specific ssid to that builidng.  These vlans are seperate subnets so when a client roams to another builidng and tries to use the same ip address (which some clients(iphones) seem to do) it doesn't work of course.

 

 

 

 

 

Occasional Contributor II

Re: IP mobility Setup

Gustie - 

 

We have a simular setup here at UPenn, expect that all of our APs are in different VLANs based on building.

 

As Ryan said, your HAT table should have the subnet, VLAN, and the controller that is housing subnet.

 

We have seen some of the issues you stated about clients not re-IPing correctly, and sadly we are at the mercy of the clients. What code train are you running? Aruba has re-written the IP Mobility for 6.3 that dosen't use the IP address, but uses the MAC address and a look up across controllers.

 

Also, are you running IPv6? There is a bug in the IP Mobility that casues all traffic to stop when running dual stack.

 

I wish that I could follow Ryan's lead and turn off IP Mobility in our setup. It would save me a ton of time and hassle.

MVP

Re: IP mobility Setup

I could be missing something here, but I just don't understand the business case for this design.

You are separating clients on separate vlans per building, segmenting them into logical building groups. I understand this. Clients in one building are on a different network than another. This could facilitate all sorts of things, such as file sharing, AppleTVs, etc. I get it.

Then, you want mobile IP enabled so that when a client leaves the building, they can retain their address. Now you have a client in building-2 with an IP/vlan from building-1. If this is an acceptable outcome, it conflicts with the first business case. If this is an acceptable outcome, your design will be incredibly simplified by simple aggregating your vlans into a pool back at the controller. Users will persist their vlan as they roam, without mobile IP.

(Caveat is that vlan pooling requires a significant amount of overhead in the pool, i.e., wasted IP address space. This is my challenge today.)
==========
Ryan Holland, ACDX #1 ACMX #1
The Ohio State University
New Contributor

Re: IP mobility Setup

How can you aggregate all your vlans into one vlan and not notice horrible broadcast traffic.  This would be well above the suggested range for a wireless subnet.

Occasional Contributor II

Re: IP mobility Setup

I use to run a wireless network at another university that had a single VLAN with almost 9,000 clients, and didn't have any problems as long as you have broadcast/multicast suppression on. It does present some problems if you are using AppleTVs or anything that requires broadcast traffic.

Frequent Contributor II

Re: IP mobility Setup

How is there much wasted overhead in vlan pooling? It actually can make more efficient use of the ip addresses while reducing broadcast domains.

 

We hse /23 subnets in our pools using hashing.

Recently, we accidentally ran out of addresses in one pool. All subnets filled up at almost the same time. We quickly reduced lease time and then added additional subnets to the pool during a slack time.


Bruce Osborne - Wireless Engineer
ACCP, ACMP
New Contributor

Re: IP mobility Setup

I am very interested in looking into the ip pooling more.

 

We also need to support Apple TV's and projectors in all our classrooms that work the same way so that wouldn't be a good solution to use bcmc-optimization which is what I assume you are referring to.

 

We also use IPv6 which throws in a another wrench.

Guru Elite

Re: IP mobility Setup


gustie wrote:

I am very interested in looking into the ip pooling more.

 

We also need to support Apple TV's and projectors in all our classrooms that work the same way so that wouldn't be a good solution to use bcmc-optimization which is what I assume you are referring to.

 

We also use IPv6 which throws in a another wrench.


Gustie,

 

I don't mean to interrupt the communal flow of this thread, but you can:

 

- Turn on Drop Broadcast and Multicast at the Virtual AP level

- Have a single large VLAN for your wireless clients

- Support IPv6 on the same VLAN, depending on your configuration.

 

Broadcast suppression makes large VLANs possible and that can simplify your configuration to a single Virtual AP and at minimum a single AP-Group.

 

Bcmc optimization is something that can be applied at the VLAN level that will function like (supersede) the Drop Broadcast and Multicast at the Virtual AP level, and do the same thing on the wired network connected to the controller.  For example if you enable drop broadcast and multicast on vlan 10, any virtual AP you configure with traffic going to VLAN 10 will have broadcast and multicast dropped when bcmc optimization is configured on that VLAN.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: