I'm about to commmence the deployment of 4 x 4402-50 WLCs and 170 Access Points into a 3 storey building, and have a couple of questions around the IP addressing, which I'd like to clarify with those more knowledgeable than I.
Current plan is to install each WLC using LAG, and create a Management and AP Manager on each device from within the same subnet. All good so far. My query comes when connecting the Access Points on an IP level. From what I've read, clients connecting to the APs will connect to the network on an address within the same vlan as the Access Point connects, so if I were to connect the APs to the WLCs on the same vlan as the Mgmt/AP Managers are configured within, I'd need quite a large vlan (WLCs + APs + DHCP Scope for clients) to accomodate everything. Correct?
Moving forward, I think a solution would be to create the the Mgmt/Ap Manager in Vlan A, then add the Access Points (and DHCP Scope) within another vlan, lets say vlan B, for all the APs across the building. Whilst this scenario may work, I'd again end up with quite a large vlan, probably a /22 in trying to accomodate all the Access Points and DHCP scope for all the wireless clients.
The solution that seems to fit best, would again be to create all the Mgmt/Ap Manager interfaces within a single vlan, then create a vlan for each floor of the building (3 in total) for the Access Points/wireless clients within that floor, in effect, cutting down on the size of the vlans required. In this scenario, I'd then be able to use mobility groups on the WLCs, to allow for roaming throughout the building.
Obviously, going with either of the last 2 options, I'd need to look at DNS/DHCP in order to have the Access Points initially register with the WLCs.
Thoughts appreciated on the above
Clients do not need to be in the same subnet as your APs nor Management interface. You can, but it isn't a requirement. You just make a new dynamic interface in a vlan that you put your clients in.
So, a typical design you may see in your situation could be the following:
All controllers MGMT/AP-MGR in the same subnet/vlan.
All APs on Floor 1 in a different vlan.
All APs on Floor 2 in a different vlan.
All APs on Floor 3 in a different vlan.
So 4 vlans so far.
Then you can actually create a different vlan to put all clients in (5th vlan), or you could create 3 vlans to put clients in based on the floor they are on (with AP-Groups).