If you are currently using IPv4 address translation for your client networks, will you please share with me the ratio you are currently using for real-->mapped IP addresses?
We have our ratio to be about 1 public to 80 private addresses.
I guess you're the only education customer doing address translation . . . ? :-/
We're not doing it now, but with our Large Public Venue (LPV) install in progress for our basketball coliseum, I anticipate having to do it as part of the implementation.
We NAT all our smartphones/Guests/Labs. We do 1 public address for every /24 private address.
While my environment is totally different (retail), I have looked at the number of sessions I typically see by devices and it seems to be in the 10-15 sessions per mobile device, with my iPhone having 20 sessions established most times due to several push accounts.
With a safe margin of 30 sessions per device you would likely have no issues with at least 1000 devices per IP address. At my companies retail stores we have 1 address per /21 and I have not run into any issues with running out of sessions, however my average utilization (during business) on these /21s are in the 400 device range with peaks at high traffic locations hitting 800-900 devices, again never having any issue running out of sessions.
If you plan at peak times to have your subnets at high utilizations at peak times I would likely do 1 per /23 or /22. I think us doing /21s pushes it, but not my call.
Too bad to see osuwireless needing to move to RFC1918 space. I'm a big propoent of global addressing. Maybe make best buds with some guys at MERIT and get a couple of /16s from their /8? ;)
Thanks for your response, Matt. Good to know.
Yeah, I hate moving to RFC1918 for our non-guests. NAT64 is what we would like to be doing, but the urgency of doing *something* exceeds the time required to implement NAT64 well. We'll do this move then get underway for building NAT64 and ideally placing these clients on IPv6 only.
We're considering going to NAT as well. IPv4 space is getting sopped up.
Is there anyone NATing one ssid and not another? We have an open (CP) ssid and a .1x ssid with about a 20/80 split, favoring .1x. As a start I'd like to just NAT the open ssid, if that's possible.
The NAT/PAT ratios discussed here are very helpful so far!
Ryan, I have a higher education customer in MA that is NAT'ing 1 public IP per /24. Each controller has about 15 x /24 networks for each 802.1X network (2 at the moment). This has been in place this semester with no apparent issues. Check Point is NAT'ing.
We're using 50 public IP's for around a total of 25,000 internal (in use) IP's.
We do 1 public for every /22 (we do not do this on our aruba gear though...) This seems to give us quite a bit of headroom - even during peak times...
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.