Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1567
Views
0
Helpful
5
Replies

No Inter-VLAN, Just the Internet, Still Layer3 needed?

Go to solution
Saman Shamim
Level 1
Level 1

‎11-02-2011 10:04 PM - edited ‎07-03-2021 09:01 PM

Hi Guys,

If inter-VLAN communications is not required on a LAN, and clients at each VLAN just need outside (Internet) access, then do I still need to have a layer 3 device in my network?

To be more specific, wireless VLANs are going to be created on a WLC for a Hotel. There is no layer 3 device involved in the network. There is a gateway made by a company called SolutionIP which is used for Internet billing and management. The only reason that I'm creating wireless VLANs and AP groups is to break up broadcast domains because of the size of the network (122 APs and up to 2000 users). So actually there is no need for users on a building to communicate with users on another building. All they need is to connect to that gateway, pick up a connection in their browser, pay with the credit card and surf the Internet.

If the answer of the above question is "no", then what IP address should I use for the default gateway when I'm creating dynamic interfaces on the controller?

Regards,

Saman

Internet Billing and Management

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame

‎11-02-2011 10:07 PM

It is not a recommended practice to put your WLC and WAPs IP address in the same IP subnet as your client.

So you need at least a Layer 3 device to route traffic to the two IP subnet.

View solution in original post

0 Helpful

Go to solution
Saravanan Lakshmanan
Cisco Employee
Cisco Employee
In response to Saman Shamim

‎12-04-2011 01:09 PM

You need routing enabled to use services like dhcp, radius,...irrespective of the servers hosted on management or different L3 interface.

if you prefer to have 'internet access only' from all wireless vlans then you don't need inter-vlan routing enabled. However, if you have dhcp proxy enabled on WLC then routing is required. With dhcp proxy disabled and dhcp server on different layer 3 then routing required here.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame

‎11-02-2011 10:07 PM

It is not a recommended practice to put your WLC and WAPs IP address in the same IP subnet as your client.

So you need at least a Layer 3 device to route traffic to the two IP subnet.

0 Helpful

Go to solution
Saman Shamim
Level 1
Level 1
In response to Leo Laohoo

‎11-02-2011 10:16 PM

Thanks for your reply.

I do want to have separate subnets for each wireless VLAN to break up broadcast domains. WLC and APs will be on the native VLAN on wired side. If this is the case, then your conclusion is that I still need a layer 3 device even if Inter-VLAN routing is not required? If the answer is yes, just out of curiosity, could you please go in-depth about routing?

0 Helpful

Go to solution
Saravanan Lakshmanan
Cisco Employee
Cisco Employee
In response to Saman Shamim

‎12-04-2011 01:09 PM

You need routing enabled to use services like dhcp, radius,...irrespective of the servers hosted on management or different L3 interface.

if you prefer to have 'internet access only' from all wireless vlans then you don't need inter-vlan routing enabled. However, if you have dhcp proxy enabled on WLC then routing is required. With dhcp proxy disabled and dhcp server on different layer 3 then routing required here.

0 Helpful

Go to solution
andyirving
Level 1
Level 1
In response to Saravanan Lakshmanan

‎12-06-2011 08:11 AM

You don't need routing on this deployment, APs can be contained within a VLAN and configure the WLC with an interface defined as AP management with a IP address.  You will need DHCP for this VLAN to serve the APs.

Configure multiple interfaces on the controller for clients, these can be configured to be a member of an interface-group, this interface-group is then mapped to the WLAN profile you create.  Users will then be dropped onto the interfaces in a round robin fashion, this way you can serve 1000 users with 4 subnets each of 250 addresses (Class C).  No requirement for routing or large CIDR (supernetted) addresses.  Each interface would need its own DHCP scope which can be done on the internal DHCP server on the WLC. 

As long as your default gateway device, in your case the SolutionIP can be configured with multiple VLANs and IP addresses so it can handle the different subnets then no problem.

0 Helpful

Go to solution
Saman Shamim
Level 1
Level 1
In response to andyirving

‎12-06-2011 02:26 PM

I have configured multiple interfaces on the controllers, but instead of using interface-group feature, I've used AP Group VLANs, also called Site-Specific VLANs. That should work fine, right?

Management Interface (which also is AP Manager Interface with the 5500 controller), 122 LAPs, and my DHCP server are all located in the same VLAN (sub-net). Now considering that there is no layer 3 device anywhere, should I set DHCP proxy off or on?

Thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card