Wireless Access

I have a group of buildings with a different wireless client VLAN per building.  What would be the best option that would allow clients to roam between buildings without requesting a new DHCP address?  Is it possible to do this?  All the AP's for each building are connected to the same local controller.  The goal is to cut down on the load on the DHCP server.

Put all of the APs into the same ap group and make everyone use the same WLAN in both buildings.

Colin, the client vlans are all on seperate L3 subnets per building.  Would putting all the AP's in the same ap group and adding the all client VLAN's to the VAP would still require the client to request a new IP when roaming between buildings?

I think I answered my own question.  There would be no need to request a new IP if all the client VLAN's are availabe on each AP in the ap group for all the buildings.

 

So, I think my question should be how can I have 3,000 clients roam between 3 different buildings with 3 different L3 client VLAN's allowing 1,000 IP's per VLAN? 

 

All AP's will be in the same ap group with the same WLAN profiles.

 

Would I have to use VLAN pooling in order not to run out of IP's per VLAN, keep the broadcast domains broken up between the client VLAN's, and to prevent any unecessary DHCP request?  Or are there other options?

Enable IP mobility and VLAN pooling will take care of mobility part and VLAN allocation and assignment to the user. 3000 Clients is not going to be a huge number and we could also have all buildings on same VLAN with broadcast filters enabled on VAP profile which would be even simpler. May we know the type of DHCP server and capactiy of the switch which maintain the arp entries ?

 

Thank you,

Sriram 

Sriram,

 

I'm in the planning phase of a project and 3,000 is just an example of the potiential number of clients. It could possibly be more since it's a college environment with up to 30,000 clients daily during the school year.  Our network architect is requiring a VLAN per building for the clients.  It would be great if I could do a single VLAN.  That was my first thought with the broadcast filters enabled.

 

I'm not sure on the switches but I believe will be Cisco 3650's and the DHCP server is BlueCat.

 

Thanks,

William

Truthfully, you would only need a vlan pool to support the target number of clients that would connect in all 3 buildings. When clients roam, they should get the same vlan all the time. You could even have a single large subnet, and put all of your clients in all 3 buildings into that subnet on the same SSID. Just make sure you have drop broadcast and unknown multicast enabled in the virtual AP and you should be fine. With that option, no downstream broadcasts are sent to clients except for the mandatory DHCP and ARP.

A single large VLAN was my plan and it has always worked well for me with the drop broadcast and unknown multicast enabled.  Our network architect is requiring a client VLAN per building.  So, I'm trying to find a simple solution without making the config so complex.

A single large VLAN works even for /22 to /16 networks as long as we have the broadcast filters enabled.

However we need to make DHCP server can handle large scope and your switch/router can handle those many arp tables. VLAN should be only for wireless and shouldn`t be extending to wired side.

 

If your architect wants to have a separate VLAN then we need to go with VLAN pooling, IP mobility enabled if we need to L3 roaming between buidlings along with best practices of broadcast filters.

 

Thank you,

Sriram

How would this work if allowing clients to access the wired ports on the AP?  We are using 103H and the plan is to allow the clients wired access to the ethernet ports on the AP in the same VLAN as the wireless clients?  It's really complicated what they are looking to do.

Yes allowing the same VLAN on the wired port on AP 103H would just work fine however when we talk about huge Capacity and Client population we need to make sure that VLAN exist ony on the controller and not shared on the wired network. This could be just simple by creating new VLAN mapped to second port on wired port for 103H and the AP`s port can be trunked to take care of it.

 

How many 103H we got and use case of enabling second port and why it had to be on same VLAN?

 

Thank you,

Sriram

The second port on the AP will used to connect wired gaming consoles or other devices that need to be on the same VLAN/Subnet as the wireless clients but don't support wireless.  It will not be shared with the wired network.

 

I think all of my questions have been answered.  Enable IP Mobility/VLAN Pooling if going with multiple buildings with a single client VLAN per building. 

 

What are they looking to do on the second port? Please remember, we are only answering questions based on our best knowledge of your situation. It is NOT a design.