Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

AP Groups, Single SSID, Different VLANs, DHCP problem

I have a WLC 4404, Cisco 4506 core, 3560G edge switches, and cisco 1142 AP.  I have a single SSID and have created two AP groups.  One for each building.  Each AP group is part of its own separate VLAN. 

My goal is to split up my network to shrink my broadcast domain.  If you are in building A, then I want you to be in AP group A and which means you have the subnet/ip info of VLAN A.  If you decide to close your laptop down, walk across campus to building B, then I want you to be part of AP group B and have your subnet/IP info match that of VLAN B.

The problem I am having is when a user connects to AP group A, and they move over to the other building which puts them on AP group B, they keep the same IP address as AP group A.  This is a problem because I have certain projectors that use broadcasts to announce themselves.  So if you are not a part of that broadcast domain, you cannot connect wirelessly to the projectors.

I have tried no ip proxy-arp on both VLAN interfaces and I have disabled DHCP Proxy on the WLC but the same results.  Again I am not having any problems with things working fine with email/internet/servers, no matter which AP group you are in.  But I want your IP address to come from which AP group you are connected too aka which building you are in.

VLAN A

172.25.0.0/240

VLAN B

172.26.0.0/240

Any thoughts on how to do this?

Everyone's tags (3)
7 REPLIES

Re: AP Groups, Single SSID, Different VLANs, DHCP problem

Dover,

Great question... I had a similar issue as well...

First, your understanding of AP grouping is SPOT on. Its the logical separation of broadcast domains while using the same ssid.

By design you keep the same IP so that a client isn't interrupted during the layer 3 roam process between AP groups. Whereby causing lost of network connectivity during the re-DHCP process.

Thinking outside of the box. If you have 2 controllers. Building A on controller 1 and Building B on controller 2, remove the mobility group between the controllers. This would prevent the controllers to share mobility packets, thus causing your clients to re-IP.

your other option would be to have your clients disconnect and then reconnect (i know its not a good option)

However, not knowing your network design you would want to think this process through especially for failover...

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
Community Member

Re: AP Groups, Single SSID, Different VLANs, DHCP problem

gstefanick wrote:

Dover,

Great question... I had a similar issue as well...

First, your understanding of AP grouping is SPOT on. Its the logical separation of broadcast domains while using the same ssid.

By design you keep the same IP so that a client isn't interrupted during the layer 3 roam process between AP groups. Whereby causing lost of network connectivity during the re-DHCP process.

Thinking outside of the box. If you have 2 controllers. Building A on controller 1 and Building B on controller 2, remove the mobility group between the controllers. This would prevent the controllers to share mobility packets, thus causing your clients to re-IP.

your other option would be to have your clients disconnect and then reconnect (i know its not a good option)

However, not knowing your network design you would want to think this process through especially for failover...

My understanding of AP groups has alot to do with your site and videos that you made.  So thank you.  I think I might just have to do different SSIDs.  Which is not what I wanted to do but that will fix the issue.

Re: AP Groups, Single SSID, Different VLANs, DHCP problem

Dover,

Yea, a different SSID is another option. Not want you wanted to hear for sure ... Thanks, im glad folks get value from the videos. Makes it worth the effort and time.

If you found this informative, do you mind rating the post ? I would really appreciate it !

Thanks

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

Re: AP Groups, Single SSID, Different VLANs, DHCP problem

Dover,

Have you thought about doing a dynamic vlan assignment for these users who need to access the projectors? This would work ...

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
Community Member

AP Groups, Single SSID, Different VLANs, DHCP problem

Perhaps this can also be a solution

https://supportforums.cisco.com/thread/2183082

Community Member

AP Groups, Single SSID, Different VLANs, DHCP problem

Kindly go through the document this should address your query.

http://www.cisco.com/en/US/docs/wireless/controller/7.0/configuration/guide/c70cg.pdf

Community Member

Re: AP Groups, Single SSID, Different VLANs, DHCP problem

Hi;

Not really a solution, but something to think about. I manage a largish network, where every subnet is a /22 (we have thousands of them). From your question, I think you have two /24's (not /240s :-) )

I bet you would be surprised to discover, via Wireshark or some other monitor, that broadcast traffic is a trivial fraction of your network bandwidth. None of our /22's has a problem with excessive broadcast traffic, even with over 800 clients on a subnet. In modern fast networks, the old rules and FUD about broadcast domains are just  not as much of a factor as in the old days. (and I'm old so I remember those days ...)

If all the above is true and you measure your bcast traffic and find it low, then just expand your subnet size to /23 or /22, use one subnet for both buildings, and problem solved.

Steve

Message was edited by: Stephen Crye - corrected typo

2320
Views
10
Helpful
7
Replies
CreatePlease to create content