Re: WLAN AP & Client subnet sizing

Nigel Bowden · ‎10-20-2010

Does anyone know of any recommendations regarding sizing of:

- AP subnets
- Client subnets

when designing Cisco wireless networks?

I've checked out the design guides and various FAQ's etc., but haven't come across anything obvious.

In the case of AP subnets, I wonder if there is a recommended point at which the number of APs in a subnet becomes too high. There must be a break-point where the level of broadcast traffic starts to have negative impact on performance for all APs in the subnet. I often use an AP subnet range per switch stack or per floor, which seems to work fine, but may not be best use of limited IP address space. But, would it really be advisable to create a 24 bit AP range and then put 250 APs into it?

The same question applies to client subnets. Again, if I have 500 users, I wouldn't usually create a single 23 bit subnet to accomodate them and then allow that single range to be assigned to a single SSID to cover a campus. Generally, I would use a number of ranges and use AP groups on an SSID to keep the broadcast domains down to reasonable sizes on the client side. Again, what is a 'reasonable' size (in terms of numbers of clients on a subnet)?

I'm guessing there are a lot of variables in here (for instance the levels & types of traffic). But, I would be interested to hear of any tried & tested (or Cisco recommended) rules of thumb.

Thanks in advance.

Nigel.

Kayle Miller · ‎10-20-2010

Nigel,

In larger environments I usually split everything up by either floor or closet and use /24 subnets, in smaller deployments I use either a /24 in rare ocassions I have used a /22. Generally I seperate the AP's on to 1 VLAN/Subnet, Data users on another, and Voice Users on a another. I am not any of any necessarily best practices or rules of thumb so to speak specifically documented by Cisco.

Thanks,

Nigel Bowden · ‎10-20-2010

Kayle,

Thanks for the feedback, much appreciated.

Nigel.

Nicolas Darchis · ‎10-20-2010

Hi Nigel,

In a Controller environment, broadcast forwarding is disabled by default, so client subnet size should not matter too much. In IOS, it does and broadcasts over wireless are a killer.

For APs, although there is rule of thumb, but as TAC engineer, I saw troubles in situations where 200 APs were in the same subnet. The problem is not that it's a hard limit. But if for some reason there is a arp/broadcast storm, the APs will really suffer that. So out of experience, 100 AP in the same subnet was a nice limit.

But that's personal experience.

Regards,

Nicolas

===

Please rate posts that you find useful.

Nigel Bowden · ‎10-20-2010

Nicolas,

Thanks for the information regarding AP subnet sizing - very useful!

With regards to the client subnets, I am interested to understand the broadcast side of things. Are you saying that a layer 2 broadcast (for instance an ARP broadcast from the client subnet default gateway) from the wired network will not be broadcast to all clients on a subnet?

Thanks

Nigel.

George Stefanick · ‎10-20-2010

How I understand ARP and the controller is that the ARP record for the wireless clients LIVE one the WLC. Which means there is no need for ARPing out to the wireless clients. In fact, if you look at the controller tab on the WLC. Look at the bottom you will see ARP Timeout (seconds). This is the time out for the ARP in the WLC.

But I could be wrong ...

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

Nicolas Darchis · ‎10-20-2010

Indeed, WLC act as ARP and DHCP proxy. So WLC replies to wired network on behalf of wireless clients and blocks broadcasts coming from wired side.

Broadcast from wireless clients are not send to other wireless clients (by default).

Nigel Bowden · ‎10-20-2010

George/Nicolas,

Thank you both for your feedback. It's interesting to learn something new.

Regards

Nigel.

George Stefanick · ‎10-20-2010

It was a great question ... George Stefanick --- aka Wirelesssguru on Twitter ...

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

Leo Laohoo · ‎10-20-2010

Hey George,

New star!

George Stefanick · ‎10-20-2010

Leo ... Its a twitter thang ... You boys from down under would not understand ... LOL

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

Leo Laohoo · ‎10-20-2010

I meant your new gold badge.

George Stefanick · ‎10-21-2010

LOL .... Yea, it looks nice, no ?

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

Leo Laohoo · ‎10-21-2010

You bet!

Anders Marius Jorgensen · ‎11-14-2011

Nigel,

I have seen wireless client subnets with /20 without problems.

The build-in proxy ARP (as someone mentioned in this thread) limits the broadcast traffic taking away some of the pain having many clients in one big subnet.

However given the fact 'VLAN select' has been introduced 7.0.116.0 I would consider using that feature instead.

VLAN select lets You bind a number of /24 to the same SSID.

http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080b78900.shtml

If needed, You can add more /24's to the interface group as the number of clients using the particular SSID increases.

In terms of the subnets where the AP's is connected, I would stick with Your classical /24 subnet plan.

If Your infrastructure supports it You could consider placing the AP LAN interfaces in a dedicated VRF.

Thereby You can make sure the control-plane of the AP's are not being hit by a broadcast storm on the user segments.

But on the other hand, having the AP's in a VRF may increase the operational complexity.

Kind regards,

Anders