Wireless Access

last person joined: 5 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Less is definitely more with SSIDs

This thread has been viewed 4 times

  • 1.  Less is definitely more with SSIDs

    Posted Dec 13, 2013 06:36 AM

     

    I was directed to a very interesting article by a customer this week. It has been known by wireless engineers for many years that high numbers of SSIDs being advertised on a system are the enemy of good performance. As the number of SSIDs increases, the amount of useful airtime for carrying payload traffic decreases. This problem is compounded when we consider that by default, per the IEEE standards requirements, in order to support legacy client devices back to the .11b standard, management traffic including beacons are sent at the 1 and 2Mbps rates. This means that even though the beacon frames are relatively small, if there are lots of them, and adjacent APs can hear each other on the same channel, a relatively long time will elapse just to send out all of the beacons.

     

    Here is an excellent article on Revolution WiFi blog with a downloadable spreadsheet calculator that allows you to model the effects of changing the beacon frame minimum transmit rate and beacon intervals.

     

    http://www.revolutionwifi.net/2013/10/ssid-overhead-how-many-wi-fi-ssids-are.html#comment-form

     

    So, what does this mean for Aruba users? The great news is that if you’re already an Aruba customer, you have some very powerful tools available to you to build a highly efficient RF environment. Nirvana on an Aruba system is a simple 2 SSID configuration – an 802.1x RADIUS authenticated SSID for everything corporate, and an Open SSID for Guest users. How is this possible you may ask? Taking advantage of a decade of development in Aruba infrastructure products, at the core is the concept of role based access. Whereas other systems simply offer a basic mapping of SSID to static VLAN, or maybe dynamic VLAN based on RADIUS attributes, Aruba’s full Role Based Access capabilities allow very granular control, on a per user and per device basis.

     

    Within a role a multitude of parameters can be controlled, including VLAN assignment (with vlan pooling now supported in RADIUS derived roles), a feature rich firewall policy allowing access control based on L2-4 traffic with L7 application layer gateways for common voice and video protocols, including Microsoft Lync, bandwidth controls and time based access controls.

    Couple this infrastructure with Aruba’s Clearpass Policy manager, having capabilities to reference multiple AD domains and a multitude of other authentication sources, such as LDAP, SQL and Device Profiler together with very flexible authorisation policies to differentiate users, devices, location of access, time of day etc.,  and a highly RF efficient, minimalist SSID deployment becomes very much a reality.

     

    So less if definitely more when it comes to SSID count, in your network.



  • 2.  RE: Less is definitely more with SSIDs

    Posted Dec 13, 2013 07:44 AM

    I've actually seen some instances where high SSID counts have fairly catastrophic effects.

     

    When working with a hospital customer about 5 years ago, the density of APs combined with the SSID count (8) meant some "cheaply made" devices (Dell handhelds at the time), simply couldn't cope with the beacon rate, and wouldn't even attempt to associate. Their little CPU spent all it's time computing all the beacons, and not a lot else!

     

    My general design ethic for customers, is that you'd have to have a very definite and specific use case for more than 3 concurrent SSIDs. Using 3 (1 open, 1 psk (restricted fw), and 1 dot1x) you can achieve most things via derivation. Multi-tenant environments need a bit more effort to control.

     

    At the time when I was working with the hospital mentioned, Aruba worked with me and a feature called "Beacon Regulate" became available (can't recall if it was for this, or co-incidence). It's in the radio profiles. I haven't had to use it for a couple of years, but suspect it still works. It might be useful in some cases. It staggers the beacons from APs, rather than them coming out in unison from all APs. This isn't a substitute for a good design, but worth knowing!

     



  • 3.  RE: Less is definitely more with SSIDs

    Posted Dec 13, 2013 08:14 AM

    Sometimes this make the Brand look bad... i mean it just people doing wrong configuration, then they thing that the brand is really bad and is not worth the money!

    I once saw on my fluke an hotel that has Aruba which we didnt sell... around 8 SSID

    8!!!!! wth!!!

     

    Cheers

    Carlos



  • 4.  RE: Less is definitely more with SSIDs

    Posted Dec 13, 2013 08:28 AM

    Agreed. I visited a school once with 12 SSIDs, which unsurprising was running slow!

     

    They had defined a SSID for each year in the school, and different ones for each staff group. The thinking was they wanted each group in a different VLAN for scaling and administrative purposes. They then couldn't understand why it was slow...

     

    I helped them put some derivation on the MS NPS into play, which gave back a VLAN attribute based on AD group. Then filtered out broadcast/multicast (which was flooding in their config). Cut down the SSIDs to 2. Voila, about 80% performance uplift.

     

    Also, nice to see that chart in the original post seems to support the rough numbers in my head I'd never written down!



  • 5.  RE: Less is definitely more with SSIDs

    Posted Dec 13, 2013 08:31 AM

    If you tell them they are wrong they can get offended... it once happened me with an end user! :(

     

    Cheers

    Carlos



  • 6.  RE: Less is definitely more with SSIDs

    EMPLOYEE
    Posted Dec 13, 2013 01:49 PM

    A picture is worth 1000 words.  I ran into a customer that had a "slow" network.  Turns out they had a few things wrong but one was the amount of SSIDs.  Using Airwave - they didn't own it but evaled it (and then bought it!!) - they looked at 7.7's RF Capacity dashboard.  This is an AWESOME tool.  It shows pretty much all APs greater that 50% channel utlilization.  What's more, they were above 40% with 0 clients!!!

     

    So...we tweaked some things and got their idle RF on 2.4 down to 12% or better.  Happy customer - happy SE!



  • 7.  RE: Less is definitely more with SSIDs

    Posted Dec 13, 2013 02:19 PM

    There is a great Aruba document describing utilization by #SSID here:  http://community.arubanetworks.com/aruba/attachments/aruba/115/1358/1/ .

     

    It is a bit dated but the concept remains the same.



  • 8.  RE: Less is definitely more with SSIDs

    Posted Dec 13, 2013 08:45 PM
      |   view attached

    Ill add another document

    Attachment(s)

    pdf
    wp_Virtual-Access-Points.pdf   769 KB 1 version


  • 9.  RE: Less is definitely more with SSIDs

    Posted Dec 13, 2013 08:49 PM

    And yes i had to show this to you guys!

    I was doing a Site Survey on a client, and while i was walking into the Building i turn on the AirChecker and look what i saw!!!

    15 SSID

     

    SSID.PNG



  • 10.  RE: Less is definitely more with SSIDs

    Posted Jun 23, 2016 05:16 AM

    External link update to the Revolution Wifi Site for the excellent SSID Overhead calculator:

     

    http://www.revolutionwifi.net/revolutionwifi/2013/10/ssid-overhead-how-many-wi-fi-ssids-are.html?rq=SSID%20overhead

     

    Enjoy

     

    Regards

     

    Neil