Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

how many virtual AP's is too many?

This thread has been viewed 4 times

  • 1.  how many virtual AP's is too many?

    Posted Apr 24, 2017 11:01 AM

    We are a K-12 system.  We have 7210 controllers running 6.5.0.3 with AP models 105, 114, 115, 214, 215, 224, and 225.  We do not use ClearPass.  Most AP's are in dense deployment (one in every classroom, roughly 50 feet apart).  I have 4 or 5 virtual AP's applied to a given AP group (depending on the site).  Each VAP has a separate SSID, appropriate aruba firewall rules for the type of client connecting, and puts them on VLANs with access to various resources within our network or routes them directly out to the internet.  I've gotten requests to add 2 more virtual AP's, and apply them to all AP groups.  I'm wondering at what point I would start to see performance issues.  I ran across a helpful Airheads post entitled "What is the effect of virtual access points on the available throughput?" which was helpful in understanding how / why having multiple VAP's can cause issues, but I wasn't really able to determine when it could become a problem for us in a real-world scenario.  What's your opinion?  How many VAP's do you think are too many in our kind of environment?



  • 2.  RE: how many virtual AP's is too many?

    EMPLOYEE
    Posted Apr 24, 2017 11:14 AM

    Stop right there.  The performance only gets worse.  How are the two other SSIDs different from the 5 others?



  • 3.  RE: how many virtual AP's is too many?

    Posted Apr 24, 2017 11:20 AM

    You should be using 802.1x and using that to dynamically assign VLAN's when possible.



  • 4.  RE: how many virtual AP's is too many?
    Best Answer

    Posted Apr 24, 2017 11:27 AM

    Although you can have up to 16 BSSIDs on most Aruba APs, the Aruba products/solutions leave little reason to have more than 3 different SSIDs (Virtual APs) per AP.   The reason is because through authentication and firewall rules, you can typically keep networks to 1 per encryption type.  Open (Captive Portal), 802.1X, and WPA2-PSK..(to support non-dot1x devices).

     

    You may have reason to have additional SSIDs (Virtual APs); but as a general guideline, the less you have the better.  Refer to the link you included as well as  and the "SSID Overhead Calculator" from revolution Wi-Fi to give you an idea of the impact of additional SSIDs/Virtual APs:  .

     

     



  • 5.  RE: how many virtual AP's is too many?

    Posted Apr 25, 2017 10:58 AM

    Thank you for the prompt and helpful responses.  The SSID calculator was rather eyebrow-raising.  I will begin to work towards 802.1x authentication for these devices and users.  My goal is to get down to two SSID's, and I think I can do it by using 802.1x authentication instead of having separate SSID's.