Wireless Access

last person joined: 17 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

How do you handle RAP pools

This thread has been viewed 1 times

  • 1.  How do you handle RAP pools

    Posted Nov 21, 2017 03:41 PM

    I have an Aruba 7210 controller that all my RAPs terminate to. I am wondering how you guys handle your RAP pools. Currently, my pools are encompassed by a static route and the routing is taking a much less desireable path to a secondary data center and then back to the primary data center. If I recall correctly, the RAP pool is local and should not be routed, yet mine seem to egress out of our firewall. So there are really two questions here:

     

    1) Do you guys make your RAP pools any unused network that will not be encompassed by a routing table entry?

    2) Do you make your RAP pools local to the controller and non routable? 



  • 2.  RE: How do you handle RAP pools

    EMPLOYEE
    Posted Nov 21, 2017 03:59 PM
    RAP pools are local to each controller and the vast majority should be nonroutable.

    There are a couple instances like if you are using RTLS on that AP or you are streaming packet captures from that AP (rare) where you should give it a routable ip address. There are a couple more reasons, but they are definitely corner cases.



  • 3.  RE: How do you handle RAP pools

    Posted Nov 22, 2017 01:48 AM
    @Layer3 wrote:

     

     

    1) Do you guys make your RAP pools any unused network that will not be encompassed by a routing table entry?

    2) Do you make your RAP pools local to the controller and non routable? 

    to item 1, yes, in general you should avoid letting the rap pool reside within any connected subnet or route that exists within your controller routing table. These IPs are allocated in a point to point manner and generally when they overlap with other routes or subnets undesirable things can happen. Quite simply, you can allocate anyrange of IP addresses to it, especially if the controller is operating at layer 2, as the end user traffic will not be routed by the controller.  Just don't overlap it with anything in the route table or connected subnets

     

    to item 2, see Colins answer, with the added note that if you stick to the above, then you have achieved what you wrote for item 2. You can also re-use the pools between controllers, as only the controller cares about that IP address for mgmt traffic, any airwave info to do with "APs" comes from the controller and doesn't care about the APs inner IP.

     

    As Colin also mentioned, there are caveats to the above, they are pretty rare and/or, come into play when you are talking about putting HPE 2930/3801 switches at remote locations, but I digress...