Controller Based WLANs

 View Only
last person joined: one year ago 

APs, Controllers, VIA
Back to Library

Vlan Pooling best practices. 

Feb 23, 2017 06:48 PM

Q:

Aruba allows multiple vlans to be added in a pool for a particular VAP. what are best practices regarding:

 

a. Vlan pooling algorithm.

b. subnet sizes.

c. Broadcast and multicast optimizations.

d. DHCP lease times.


 



A:

1. Use hash based pooling algorithm:

 

(Master) (config) #vlan-name pool-a assignment hash

(Master) (config) #vlan pool-a 1,2

 

(Master) (config) #show vlan mapping

Vlan Mapping Table

VLAN Name  Assignment Type  VLAN IDs

---------  ---------------  --------

pool-a     Hash             1-2

 

2. All the vlan subnet sizes should be the same.

3. Enable bc-mc optimization on the vlan:

(Master) (config) #interface vlan 1
(Master) (config-subif)#bcmc-optimization
(Master) (config-subif)#
(Master) (config-subif)#show interface vlan 1

VLAN1 is up line protocol is up
Hardware is CPU Interface, Interface address is 00:0B:86:6E:D8:2C (bia 00:0B:86:6E:D8:2C)
Description: 802.1Q VLAN
Internet address is 10.1.1.2  255.255.255.0
IPv6 is enabled, link-local address is fe80::b:8600:16e:d82c
Global unicast address(es):
    2001::1, subnet is 2001::/64
IPv6 Router Advertisements are disabled
Routing interface is enable, Forwarding mode is enable
Directed broadcast is disabled, BCMC Optimization enable ProxyARP disabled Suppress ARP enable
Encapsulation 802, loopback not set
MTU 1500 bytes
Last clearing of "show interface" counters 1 day 9 hr 23 min 16 sec
link status last changed 1 day 9 hr 19 min 45 sec
Proxy Arp is disabled for the Interface

 

4. Configure broadcast filters on VAP:

(Master) (config-subif)#

(Master) (config-subif)#wlan virtual-ap default

(Master) (Virtual AP profile "default") #broadcast-filter arp

(Master) (Virtual AP profile "default") #broadcast-filter all

 

 

(Master) (Virtual AP profile "default") #show wlan virtual-ap default

 

Virtual AP profile "default"

----------------------------

Parameter                                       Value

---------                                       -----

AAA Profile                                     default

802.11K Profile                                 default

Hotspot 2.0 Profile                             N/A

SSID Profile                                    default

Virtual AP enable                               Enabled

VLAN                                            N/A

Forward mode                                    tunnel

Allowed band                                    all

Band Steering                                   Disabled

Steering Mode                                   prefer-5ghz

Dynamic Multicast Optimization (DMO)            Disabled

Dynamic Multicast Optimization (DMO) Threshold  6

Drop Broadcast and Unknown Multicast            Enabled

Convert Broadcast ARP requests to unicast       Enabled

Authentication Failure Blacklist Time           3600 sec

Blacklist Time                                  3600 sec

Deny inter user traffic                         Disabled

Deny time range                                 N/A

DoS Prevention                                  Disabled

 

5. Reduce the DHCP lease time.

 

a. For client server based applications like VOIP clients / Vocera badges, configure it a few hours more than the expected time that device will be alive on the network. For example for 8 hours shift, we can set the DHCP lease times to 10-11 hours.

 

b. For guest SSIDs, we can set the DHCP lease times to even lesser value. However if the client gets a different IP address from the DHCP server, it might be again presented with captive portal page once it gets a different IP address.

Statistics
0 Favorited
16 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.