How many clients in a topology?


Userlevel 3
Hi,
how big can a subnet in a bridged@EWC topology be? I am planning to use topology groups but am unsure how big the subnets in the participating subnets actually may be without getting negative impacts. /23? /22?

5 replies

Userlevel 5
Hello
That is one of the nobody can really answer that type of questions. It depends... It depends many things broadcast levels, are they using multicast, bonjour etc.. In a perfect world it is a single /24 vlan but that hardly ever is enough. If you expand it to get more users and start to have issues we may need to do some policies on the Ethernet ports the AP's plug into to cut down/filter out any unneeded packets such as maybe all IPv6 packets or network neighborhood stuff. I know that wasn't a clear exact answer but it is the truth. Smaller the better, hope it helps.
Userlevel 7
You should also take a look on the max. user limit per controller and in the case of bridge@EWC that the whole traffic will pass thru the controller which could be the bottleneck in todays 802.11ac networks.
Userlevel 3
Why so big HWC topology? You can change de topology once the user have been validated in the captive portal.
If you are in the same L2 you can use the same dhcp scope to avoid the dhcp renew, or better config 30 sec lease@EWCto force the dhcp request@AP.
Also you can change the topology based on ldap field, or because you deploy differents wlan services with the same ssid but with differents roles at auth.
why is EWC better for you?
regards
Userlevel 3
It is an campus installation with BYOD clients (currently up to 4000 concurrent clients) who authenticate with 802.1x and are heavily roaming over a large campus area.@HWC has the advantage that you only need to configure the AP-management/CAPWAP-VLAN tagged to the access switches uplink ports. We use NAC to set switch access ports to AP-management-VLAN when an AP shows up there for easier AP and switch mass deployment. The client can stay in its topology and IP-Adress when roaming over APs on same EWC. NAC is also used to deploy different roles to EWC clients depending on LDAP groups. Users also don't want to wait for topology changes.

The disadvantage is of course that all traffic has to pass over EWCs but in our environment experience shows that total traffic sum stays under 1 Gbps. 60%-70% of devices are smartphones and tablets with relatively low traffic and there are no WAN-linked remote locations where B@AP would be reasonable to save WAN-Link capacity.

802.11ac brings high speeds... in theory. On EWC in european frequency domain is only room for one 160 MHz channel or three 80 MHz channels. In the end you have to work with 40 MHz channels to avoid co-channel interference in buildings with lots of APs even if you reduce reduce transmitting power. Okay, on the plus side that means one can continue to use 1Gbps-Ports for APs and need no fancy 2.5Gbps or 5Gbps-Multigigabit-Ports. 🙂

We plan to use captive portal only for welcome info and guest portals.
Userlevel 3
htw wrote:

It is an campus installation with BYOD clients (currently up to 4000 concurrent clients) who authenticate with 802.1x and are heavily roaming over a large campus area.@HWC has the advantage that you only need to configure the AP-management/CAPWAP-VLAN tagged to the access switches uplink ports. We use NAC to set switch access ports to AP-management-VLAN when an AP shows up there for easier AP and switch mass deployment. The client can stay in its topology and IP-Adress when roaming over APs on same EWC. NAC is also used to deploy different roles to EWC clients depending on LDAP groups. Users also don't want to wait for topology changes.

The disadvantage is of course that all traffic has to pass over EWCs but in our environment experience shows that total traffic sum stays under 1 Gbps. 60%-70% of devices are smartphones and tablets with relatively low traffic and there are no WAN-linked remote locations where B@AP would be reasonable to save WAN-Link capacity.

802.11ac brings high speeds... in theory. On EWC in european frequency domain is only room for one 160 MHz channel or three 80 MHz channels. In the end you have to work with 40 MHz channels to avoid co-channel interference in buildings with lots of APs even if you reduce reduce transmitting power. Okay, on the plus side that means one can continue to use 1Gbps-Ports for APs and need no fancy 2.5Gbps or 5Gbps-Multigigabit-Ports. 🙂

We plan to use captive portal only for welcome info and guest portals.

We have similar scenario, we have 7000 concurrent users, and nerly to 700 aps. We deploy vlan model to the port of the ap that have the vlan for ap and a lot of vlans to deploy the topologies.
We are 802.1x and the next step is autentication using the AP and not the controller. Then if there are any problem with the controller all B@AP works perfectil. We can do this because we have six routing domains and only one controller (HA).

with 38xx ac you have mora traffic, and with ac wave2 MU-MIMO i think we will see increased the traffic of the users.

thanks for your info.

Reply