Wireless Access

Hi forum

Is there some way you can assign more than one VLAN per layer 2 GRE tunnel?  I guess I'd really like to have a 'GRE dot1q trunk'.  At present all I know about doing this is creating one tunnel per VLAN.

I'd like a big guest network, but I'd like to assign a VLAN pool to it to break up the broadcast domain, I'd like to bridge the VLANs across a GRE tunnel as I find offloading the defautl gateway of a guest from the main controller to a DMZ controller very desirable (I am currently routing multiple VLANS across a layer 3 GRE tunnel)

Anyone addressed this kind of capacity issue to events ~2000 nodes plus?

many thanks

I guess what I am really trying yo achieve here is not having to create 10 (or 20 tunnels including fault tolerance) between internal and DMZ controllers per VLAN, and looking to have a single IP used only.

I'd rather not assign a /16 address block for broadcast domain reduction.

The configuration syntax is there to support multiple VLANs in a single static GRE tunnel yes. My 6.3.1.1 controller allow me seemingly to put lots of VLANs in it (hundreds). My understanding is that the VLAN IDs are retained within it.

I can't say I've implemented it on that scale though, so couldn't comment on performance. I've done a few with a couple of VLANs in GRE inside IPSEC (public traversal). I supose as long as the controller is a big one, and the network topology throughout could sustain the tunnel scale/potential, it sounds like a reasonable idea (unless the Aruba guys say different).

Personally, I'm not a big fan of these architectures, but in some cases, it's needed of course.

you should be able to add multiple VLANs to the the "tunnel vlan" command of the tunnel interface.  You should be able to use a "," or "-" to designate multiple.  For example:

interface tunnel 500

  tunnel vlan 500-510

OR

interface tunnel 500

  tunnel vlan 500,505,510

I can't beleive I didn't know that - thanks a million guys