Wireless Access

Reply
Highlighted
Frequent Contributor I

Re: Large client base - vlan pools or large subnet


@cjoseph wrote:

Nezz,

 

Quite frankly, the "single large subnet" approach is very new.  It also goes completely against what people think of large subnets, so it will not show up in a VRD anytime soon until we can validate it with more deployments.  We do have it running in quite a few environments, currently, but we are trying to make sure that users that do it, have proper information on what to avoid and how to configure it.  All of that information is in this thread here.  It is not complicated conceptually.

 

Again, your deployment seeks to put a VLAN per building.  We are looking for people who are looking to do a VLAN for an entire campus.  Again, this is a cutting edge approach and we definitely want to counsel users who would like to take the single large VLAN for an entire campus approach.

 


We are doing seperate vlans for students and faculty, but are keeping each of those as a single subnet.  I would like to just have a single one, but it makes it so much easier to handle our content filtering and bandwidth shaping (sonicwall firewall) based on vlan membership (we can simply check the source and then apply our policies...). That being said I want to see what happens with these sites that use the single subnet/vlan approach.  Can we get a sticky on this subject and or keep this thread or something similar active?

Highlighted
Guru Elite

Re: Large client base - vlan pools or large subnet

danstl,

 

We will probably not have anything to report publicly.  The only reason it was even mentioned because it is possible.  This is not a formal initiative.

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Trusted Contributor I

Re: Large client base - vlan pools or large subnet

Colin, 

 

I'm interested as well in having this conversation as we prepare to build out our new campus. Please PM me

=======================================
If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users.
Highlighted
Occasional Contributor II

Re: Large client base - vlan pools or large subnet

We are now running with these large subnets.
On my VAPS
i have DROP broadcast and multicast enabled
i have Convert Broadcast ARP requests to unicast enabled

 

The SSID profile has
BC/MC Rate Optimization enabled

 

The VLAN IP profile has
Enable IGMP and Snooping both enabled

---> I do not have bc/mc optimization on the vlan ip profile enabled because I do have one SSID needing multicast to work.

 

OTHER INFO:
ARuba 7240's in master, standby master, and locals configuration

version 6.2.1.2

I have and use ipv6 as well as ipv4

 

What I see happening is:
on the vaps where I do not want multicast, I am unabled to access the test stream i have.
on the vaps where I do want multicst, I am able to access the test stream i have.

 

Currently I have no AP's configured with multicast enabled VAP.

 

I see some problems (I think) occuring.

I see 15- 30 % multicast traffic from the AP's to the clients (According to the dashboards)

 

in my controller logs I see these errors a lot.

 

Jul 23 17:52:48 pim[3291]: <204203> <ERRS> |pim| Could not add IP multicast group member 10.20.97.2 to group 224.0.0.251
Jul 23 17:52:48 pim[3291]: <204299> <ERRS> |pim| Could not add member 20:c9:d0:63:4c:52 to IP multicast group (10.20.97.2, 224.0.0.251), limit of 300 per group reached

 

 

Any suggestions/ideas?

Highlighted
Guru Elite

Re: Large client base - vlan pools or large subnet

MattV,

 

I will speak in general, without knowing the details of your deployment.  This thread is specifically about accomodating large client populations and  did not have multicast in mind.

 

- For a multicast application, you would need a dedicated SSID (VAP)  that does not have "Drop Broadcast and Multicast" enabled

 

For more tips on Multicast Optimization, please see  the knowledgebase article here:  https://arubanetworkskb.secure.force.com/pkb/articles/HowTo/R-1645

 

Please also see the page on multicast in the document here:  http://www.arubanetworks.com/wp-content/uploads/NextGenAppNote_2012-06_28.pdf?repo=tech

 

BCMC rate optimization on the SSID profile will send multicast, at the highest control rate (24m) instead of the management trafic rate.  That can be enabled safely on any SSID.

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Occasional Contributor II

Re: Large client base - vlan pools or large subnet

We are currently looking to transfer from a multiple vlan/subnet environment to a single subnet/vlan setup.

Our wireless population is 1000+, could u pm me some info regarding this topic?

Useful post? kudos appreciated!
Highlighted
Guru Elite

Re: Large client base - vlan pools or large subnet


@Jef wrote:

We are currently looking to transfer from a multiple vlan/subnet environment to a single subnet/vlan setup.

Our wireless population is 1000+, could u pm me some info regarding this topic?


Jef,

 

Please ask all questions here.  There is no secret to large subnets, besides robust broadcast controls.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Occasional Contributor II

Re: Large client base - vlan pools or large subnet

Our current setup:

- Aruba 4324 controller (x2)

- 1000+ users

- Multiple /23 vlan pools

- 802.1x + NPS authentication

- One SSID

 

New setup:

- Aruba 7200 controller (x2)

- One /20 or /21 vlan pool

 

More info:

- No wired clients connected to the wireless network.

 

During busy parts of the day some scopes get full and users can't obtain an IP address. Therefore In our new setup we want to simplify our dhcp setup and chose for fewer, but larger subnets. Can we choose for /21 or even /20 subnets or will this have a negative peformance impact? 

Useful post? kudos appreciated!
Highlighted
Guru Elite

Re: Large client base - vlan pools or large subnet

As long as you are dropping broadcasts at the virtual ap, no.

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Moderator

Re: Large client base - vlan pools or large subnet

/21 and /22 is the new trend. I've heard of some as large as /18. As long as you have Drop BC/MC enabled, you should be fine.



If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: