Re: [WIRELESS-LAN] ARuba VLAN pooling
Assuming you you have multiple client side vlans already configured on your controller, you assign those vlans to the vap (currently your only specifying one vlan, just comma seperate and add another ). Now when a user associates, there is hash done on the client mac address and they are placed in a vlan based on the output of the hash. That mac will always hash out the same, and they will therefore always be put into the same vlan. Just be careful if you have any static clients or use reserved DHCP, cause once you add another vlan to the pool, they'll more than likely hash out to a diff vlan and therefore require a diff IP of course We've been using that since it was available and have no complaints. Ken Connell Intermediate Network Engineer Computer Communication Services Ryerson University 350 Victoria St RM AB50 Toronto, Ont M5B 2K3 416-979-5000 x6709 -Original Message- From: Jason Appah jason.ap...@oit.edu Date: Thu, 28 May 2009 08:16:07 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] ARuba VLAN pooling What is this VLAN pooling? How does it work? ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] ARuba VLAN pooling
We find that Vlan Pooling does a really good job at balancing the users across our 24 client vlans. We have eighteen client vlans on our main SSID and I'm impressed with the even distribution this feature offers. If you have multiple local controllers make sure that the client vlans are properly configured on each controller for both L2 and L3. This will ensure that the clients can roam across controller boundaries with the same IP address. Also, we found it helpful to size each client vlan/subnet the same (again we use /24 subnets) Hope this helps. Mike *** Michael Dickson Network Analyst University of Massachusetts Network Systems and Services Ken Connell wrote: Assuming you you have multiple client side vlans already configured on your controller, you assign those vlans to the vap (currently your only specifying one vlan, just comma seperate and add another ). Now when a user associates, there is hash done on the client mac address and they are placed in a vlan based on the output of the hash. That mac will always hash out the same, and they will therefore always be put into the same vlan. Just be careful if you have any static clients or use reserved DHCP, cause once you add another vlan to the pool, they'll more than likely hash out to a diff vlan and therefore require a diff IP of course We've been using that since it was available and have no complaints. Ken Connell Intermediate Network Engineer Computer Communication Services Ryerson University 350 Victoria St RM AB50 Toronto, Ont M5B 2K3 416-979-5000 x6709 *From*: Jason Appah *Date*: Thu, 28 May 2009 08:16:07 -0700 *To*: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject*: [WIRELESS-LAN] ARuba VLAN pooling What is this VLAN pooling? How does it work? ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] ARuba VLAN pooling
We've also loved vlan pooling, and the distribution of clients across the /24's is excellent. As we start to see our vlans becoming highly utilized, we simply add another /24 to the pool and slowly the distribution evens out again, current users are not affected until they disconnect and reconnect at which point they'll likely receive a new vlan assignment, while new users immediately get hashed into the new algorithm. Garrett Harmon Network Engineer Office of Information Technology The Ohio State University 614.292.2122 (o) 614.747.5539 (c) On May 28, 2009, at 11:45 AM, Michael Dickson wrote: We find that Vlan Pooling does a really good job at balancing the users across our 24 client vlans. We have eighteen client vlans on our main SSID and I'm impressed with the even distribution this feature offers. If you have multiple local controllers make sure that the client vlans are properly configured on each controller for both L2 and L3. This will ensure that the clients can roam across controller boundaries with the same IP address. Also, we found it helpful to size each client vlan/subnet the same (again we use /24 subnets) Hope this helps. Mike *** Michael Dickson Network Analyst University of Massachusetts Network Systems and Services Ken Connell wrote: Assuming you you have multiple client side vlans already configured on your controller, you assign those vlans to the vap (currently your only specifying one vlan, just comma seperate and add another ). Now when a user associates, there is hash done on the client mac address and they are placed in a vlan based on the output of the hash. That mac will always hash out the same, and they will therefore always be put into the same vlan. Just be careful if you have any static clients or use reserved DHCP, cause once you add another vlan to the pool, they'll more than likely hash out to a diff vlan and therefore require a diff IP of course We've been using that since it was available and have no complaints. Ken Connell Intermediate Network Engineer Computer Communication Services Ryerson University 350 Victoria St RM AB50 Toronto, Ont M5B 2K3 416-979-5000 x6709 *From*: Jason Appah *Date*: Thu, 28 May 2009 08:16:07 -0700 *To*: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject*: [WIRELESS-LAN] ARuba VLAN pooling What is this VLAN pooling? How does it work? ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/ . ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/ . -- BEGIN-ANTISPAM-VOTING-LINKS -- Teach CanIt if this mail (ID 879804209) is spam: Spam:https://antispam.osu.edu/b.php?c=si=879804209m=307de3940232 Not spam:https://antispam.osu.edu/b.php?c=ni=879804209m=307de3940232 Forget vote: https://antispam.osu.edu/b.php?c=fi=879804209m=307de3940232 -- END-ANTISPAM-VOTING-LINKS ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] ARuba VLAN pooling
If my memory serves me well, there is a capacity caveat to Aruba's VLAN pooling at the moment: (might change in a future code release) 1 SSID = 1 VAP = 1 Pool = Max 32 VLANs So if you use /24, a maximum of 8096 ((256 - 3(gateway, network, broadcast)) * 32) users is the limit for one SSID. Not too many places have to worry about exceeding this number, but it's good to keep in mind! Philippe Univ. of TN On May 28, 2009, at 12:34 PM, Garrett Harmon wrote: We've also loved vlan pooling, and the distribution of clients across the /24's is excellent. As we start to see our vlans becoming highly utilized, we simply add another /24 to the pool and slowly the distribution evens out again, current users are not affected until they disconnect and reconnect at which point they'll likely receive a new vlan assignment, while new users immediately get hashed into the new algorithm. Garrett Harmon Network Engineer Office of Information Technology The Ohio State University 614.292.2122 (o) 614.747.5539 (c) On May 28, 2009, at 11:45 AM, Michael Dickson wrote: We find that Vlan Pooling does a really good job at balancing the users across our 24 client vlans. We have eighteen client vlans on our main SSID and I'm impressed with the even distribution this feature offers. If you have multiple local controllers make sure that the client vlans are properly configured on each controller for both L2 and L3. This will ensure that the clients can roam across controller boundaries with the same IP address. Also, we found it helpful to size each client vlan/subnet the same (again we use /24 subnets) Hope this helps. Mike *** Michael Dickson Network Analyst University of Massachusetts Network Systems and Services Ken Connell wrote: Assuming you you have multiple client side vlans already configured on your controller, you assign those vlans to the vap (currently your only specifying one vlan, just comma seperate and add another ). Now when a user associates, there is hash done on the client mac address and they are placed in a vlan based on the output of the hash. That mac will always hash out the same, and they will therefore always be put into the same vlan. Just be careful if you have any static clients or use reserved DHCP, cause once you add another vlan to the pool, they'll more than likely hash out to a diff vlan and therefore require a diff IP of course We've been using that since it was available and have no complaints. Ken Connell Intermediate Network Engineer Computer Communication Services Ryerson University 350 Victoria St RM AB50 Toronto, Ont M5B 2K3 416-979-5000 x6709 *From*: Jason Appah *Date*: Thu, 28 May 2009 08:16:07 -0700 *To*: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject*: [WIRELESS-LAN] ARuba VLAN pooling What is this VLAN pooling? How does it work? ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/ . ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/ . -- BEGIN-ANTISPAM-VOTING-LINKS -- Teach CanIt if this mail (ID 879804209) is spam: Spam:https://antispam.osu.edu/b.php?c=si=879804209m=307de3940232 Not spam:https://antispam.osu.edu/b.php?c=ni=879804209m=307de3940232 Forget vote: https://antispam.osu.edu/b.php?c=fi=879804209m=307de3940232 -- END-ANTISPAM-VOTING-LINKS ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/ . ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] ARuba VLAN pooling
Thanks Philippe, Is load-balancing the only algorithm available for this method of VLAN assignment? --Bruce Johnson From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:wireless-...@listserv.educause.edu] On Behalf Of Philippe Hanset Sent: Thursday, May 28, 2009 12:56 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ARuba VLAN pooling If my memory serves me well, there is a capacity caveat to Aruba's VLAN pooling at the moment: (might change in a future code release) 1 SSID = 1 VAP = 1 Pool = Max 32 VLANs So if you use /24, a maximum of 8096 ((256 - 3(gateway, network, broadcast)) * 32) users is the limit for one SSID. Not too many places have to worry about exceeding this number, but it's good to keep in mind! Philippe Univ. of TN On May 28, 2009, at 12:34 PM, Garrett Harmon wrote: We've also loved vlan pooling, and the distribution of clients across the /24's is excellent. As we start to see our vlans becoming highly utilized, we simply add another /24 to the pool and slowly the distribution evens out again, current users are not affected until they disconnect and reconnect at which point they'll likely receive a new vlan assignment, while new users immediately get hashed into the new algorithm. Garrett Harmon Network Engineer Office of Information Technology The Ohio State University 614.292.2122 (o) 614.747.5539 (c) On May 28, 2009, at 11:45 AM, Michael Dickson wrote: We find that Vlan Pooling does a really good job at balancing the users across our 24 client vlans. We have eighteen client vlans on our main SSID and I'm impressed with the even distribution this feature offers. If you have multiple local controllers make sure that the client vlans are properly configured on each controller for both L2 and L3. This will ensure that the clients can roam across controller boundaries with the same IP address. Also, we found it helpful to size each client vlan/subnet the same (again we use /24 subnets) Hope this helps. Mike *** Michael Dickson Network Analyst University of Massachusetts Network Systems and Services Ken Connell wrote: Assuming you you have multiple client side vlans already configured on your controller, you assign those vlans to the vap (currently your only specifying one vlan, just comma seperate and add another ). Now when a user associates, there is hash done on the client mac address and they are placed in a vlan based on the output of the hash. That mac will always hash out the same, and they will therefore always be put into the same vlan. Just be careful if you have any static clients or use reserved DHCP, cause once you add another vlan to the pool, they'll more than likely hash out to a diff vlan and therefore require a diff IP of course We've been using that since it was available and have no complaints. Ken Connell Intermediate Network Engineer Computer Communication Services Ryerson University 350 Victoria St RM AB50 Toronto, Ont M5B 2K3 416-979-5000 x6709 *From*: Jason Appah *Date*: Thu, 28 May 2009 08:16:07 -0700 *To*: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject*: [WIRELESS-LAN] ARuba VLAN pooling What is this VLAN pooling? How does it work? ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can
Re: [WIRELESS-LAN] ARuba VLAN pooling
Philippe, If that's a vlan limit could I just size my vlans as /23's instead and get twice the user count? Mike ** Michael Dickson Network Analyst University of Massachusetts Network Systems and Services *** Philippe Hanset wrote: If my memory serves me well, there is a capacity caveat to Aruba's VLAN pooling at the moment: (might change in a future code release) 1 SSID = 1 VAP = 1 Pool = Max 32 VLANs So if you use /24, a maximum of 8096 ((256 - 3(gateway, network, broadcast)) * 32) users is the limit for one SSID. Not too many places have to worry about exceeding this number, but it's good to keep in mind! Philippe Univ. of TN On May 28, 2009, at 12:34 PM, Garrett Harmon wrote: We've also loved vlan pooling, and the distribution of clients across the /24's is excellent. As we start to see our vlans becoming highly utilized, we simply add another /24 to the pool and slowly the distribution evens out again, current users are not affected until they disconnect and reconnect at which point they'll likely receive a new vlan assignment, while new users immediately get hashed into the new algorithm. *Garrett Harmon* Network Engineer Office of Information Technology The Ohio State University 614.292.2122 (o) 614.747.5539 (c) On May 28, 2009, at 11:45 AM, Michael Dickson wrote: We find that Vlan Pooling does a really good job at balancing the users across our 24 client vlans. We have eighteen client vlans on our main SSID and I'm impressed with the even distribution this feature offers. If you have multiple local controllers make sure that the client vlans are properly configured on each controller for both L2 and L3. This will ensure that the clients can roam across controller boundaries with the same IP address. Also, we found it helpful to size each client vlan/subnet the same (again we use /24 subnets) Hope this helps. Mike *** Michael Dickson Network Analyst University of Massachusetts Network Systems and Services Ken Connell wrote: Assuming you you have multiple client side vlans already configured on your controller, you assign those vlans to the vap (currently your only specifying one vlan, just comma seperate and add another ). Now when a user associates, there is hash done on the client mac address and they are placed in a vlan based on the output of the hash. That mac will always hash out the same, and they will therefore always be put into the same vlan. Just be careful if you have any static clients or use reserved DHCP, cause once you add another vlan to the pool, they'll more than likely hash out to a diff vlan and therefore require a diff IP of course We've been using that since it was available and have no complaints. Ken Connell Intermediate Network Engineer Computer Communication Services Ryerson University 350 Victoria St RM AB50 Toronto, Ont M5B 2K3 416-979-5000 x6709 *From*: Jason Appah *Date*: Thu, 28 May 2009 08:16:07 -0700 *To*: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject*: [WIRELESS-LAN] ARuba VLAN pooling What is this VLAN pooling? How does it work? ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. -- BEGIN-ANTISPAM-VOTING-LINKS -- Teach CanIt if this mail (ID 879804209) is spam: Spam: https://antispam.osu.edu/b.php?c=si=879804209m=307de3940232 https://antispam.osu.edu/b.php?c=si=879804209m=307de3940232 Not spam: https://antispam.osu.edu/b.php?c=ni=879804209m=307de3940232 https://antispam.osu.edu/b.php?c=ni=879804209m=307de3940232 Forget vote: https://antispam.osu.edu/b.php?c=fi=879804209m=307de3940232 https://antispam.osu.edu/b.php?c=fi=879804209m=307de3940232 -- END-ANTISPAM-VOTING-LINKS ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] ARuba VLAN pooling
Actually, the VLANs are assigned to a particular controller, so your limit (using /24 - 8096) is per controller. If you need more, go with /23 subnets. Any way you cut it, it's a lot of users per VAP or per Controller. We've been using VLAN pooling for something like 3 or 4 years now and it's been freaking AWESOME for scaling our wireless network. The MAC hashing for load balancing clients wireless clients had been great. It may not give a perfect user distribution across the pooled VLANs but it gets very close. Aruba's layer 3 roaming (mobility) works with the VLAN pooling to truly make a decent scalable wireless solution. After hearing about different wireless deployments with a /20 subnet or larger just to handle roaming, I shudder at the thought of NOT having VLAN pooling an mobility. - Stan Brooks - CWNA/CWSP Emory University University Technology Services 404.727.0226 AIM/Y!/Twitter: WLANstan MSN: wlans...@hotmail.commailto:wlans...@hotmail.com GoogleTalk: wlans...@gmail.commailto:wlans...@gmail.com From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:wireless-...@listserv.educause.edu] On Behalf Of Philippe Hanset Sent: Thursday, May 28, 2009 12:56 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ARuba VLAN pooling If my memory serves me well, there is a capacity caveat to Aruba's VLAN pooling at the moment: (might change in a future code release) 1 SSID = 1 VAP = 1 Pool = Max 32 VLANs So if you use /24, a maximum of 8096 ((256 - 3(gateway, network, broadcast)) * 32) users is the limit for one SSID. Not too many places have to worry about exceeding this number, but it's good to keep in mind! Philippe Univ. of TN On May 28, 2009, at 12:34 PM, Garrett Harmon wrote: We've also loved vlan pooling, and the distribution of clients across the /24's is excellent. As we start to see our vlans becoming highly utilized, we simply add another /24 to the pool and slowly the distribution evens out again, current users are not affected until they disconnect and reconnect at which point they'll likely receive a new vlan assignment, while new users immediately get hashed into the new algorithm. Garrett Harmon Network Engineer Office of Information Technology The Ohio State University 614.292.2122 (o) 614.747.5539 (c) On May 28, 2009, at 11:45 AM, Michael Dickson wrote: We find that Vlan Pooling does a really good job at balancing the users across our 24 client vlans. We have eighteen client vlans on our main SSID and I'm impressed with the even distribution this feature offers. If you have multiple local controllers make sure that the client vlans are properly configured on each controller for both L2 and L3. This will ensure that the clients can roam across controller boundaries with the same IP address. Also, we found it helpful to size each client vlan/subnet the same (again we use /24 subnets) Hope this helps. Mike *** Michael Dickson Network Analyst University of Massachusetts Network Systems and Services Ken Connell wrote: Assuming you you have multiple client side vlans already configured on your controller, you assign those vlans to the vap (currently your only specifying one vlan, just comma seperate and add another ). Now when a user associates, there is hash done on the client mac address and they are placed in a vlan based on the output of the hash. That mac will always hash out the same, and they will therefore always be put into the same vlan. Just be careful if you have any static clients or use reserved DHCP, cause once you add another vlan to the pool, they'll more than likely hash out to a diff vlan and therefore require a diff IP of course We've been using that since it was available and have no complaints. Ken Connell Intermediate Network Engineer Computer Communication Services Ryerson University 350 Victoria St RM AB50 Toronto, Ont M5B 2K3 416-979-5000 x6709 *From*: Jason Appah *Date*: Thu, 28 May 2009 08:16:07 -0700 *To*: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject*: [WIRELESS-LAN] ARuba VLAN pooling What is this VLAN pooling? How does it work? ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. -- BEGIN-ANTISPAM-VOTING-LINKS -- Teach CanIt if this mail (ID 879804209) is spam: Spam:https://antispam.osu.edu/b.php?c=si=879804209m=307de3940232 Not spam:https://antispam.osu.edu/b.php?c=ni=879804209m=307de3940232 Forget vote: https://antispam.osu.edu/b.php?c=fi
Re: [WIRELESS-LAN] ARuba VLAN pooling
Bruce, VLAN pooling is the default assignment method. On top of that you still have MAC address assignment, 802.1x, Portal based identity... Does that answer your questions? Philippe On May 28, 2009, at 12:59 PM, Johnson, Bruce T wrote: Thanks Philippe, Is load-balancing the only algorithm available for this method of VLAN assignment? --Bruce Johnson From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU ] On Behalf Of Philippe Hanset Sent: Thursday, May 28, 2009 12:56 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ARuba VLAN pooling If my memory serves me well, there is a capacity caveat to Aruba's VLAN pooling at the moment: (might change in a future code release) 1 SSID = 1 VAP = 1 Pool = Max 32 VLANs So if you use /24, a maximum of 8096 ((256 - 3(gateway, network, broadcast)) * 32) users is the limit for one SSID. Not too many places have to worry about exceeding this number, but it's good to keep in mind! Philippe Univ. of TN On May 28, 2009, at 12:34 PM, Garrett Harmon wrote: We've also loved vlan pooling, and the distribution of clients across the /24's is excellent. As we start to see our vlans becoming highly utilized, we simply add another /24 to the pool and slowly the distribution evens out again, current users are not affected until they disconnect and reconnect at which point they'll likely receive a new vlan assignment, while new users immediately get hashed into the new algorithm. Garrett Harmon Network Engineer Office of Information Technology The Ohio State University 614.292.2122 (o) 614.747.5539 (c) On May 28, 2009, at 11:45 AM, Michael Dickson wrote: We find that Vlan Pooling does a really good job at balancing the users across our 24 client vlans. We have eighteen client vlans on our main SSID and I'm impressed with the even distribution this feature offers. If you have multiple local controllers make sure that the client vlans are properly configured on each controller for both L2 and L3. This will ensure that the clients can roam across controller boundaries with the same IP address. Also, we found it helpful to size each client vlan/subnet the same (again we use /24 subnets) Hope this helps. Mike *** Michael Dickson Network Analyst University of Massachusetts Network Systems and Services Ken Connell wrote: Assuming you you have multiple client side vlans already configured on your controller, you assign those vlans to the vap (currently your only specifying one vlan, just comma seperate and add another ). Now when a user associates, there is hash done on the client mac address and they are placed in a vlan based on the output of the hash. That mac will always hash out the same, and they will therefore always be put into the same vlan. Just be careful if you have any static clients or use reserved DHCP, cause once you add another vlan to the pool, they'll more than likely hash out to a diff vlan and therefore require a diff IP of course We've been using that since it was available and have no complaints. Ken Connell Intermediate Network Engineer Computer Communication Services Ryerson University 350 Victoria St RM AB50 Toronto, Ont M5B 2K3 416-979-5000 x6709 *From*: Jason Appah *Date*: Thu, 28 May 2009 08:16:07 -0700 *To*: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject*: [WIRELESS-LAN] ARuba VLAN pooling What is this VLAN pooling? How does it work? ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/ . ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/ . -- BEGIN-ANTISPAM-VOTING-LINKS -- Teach CanIt if this mail (ID 879804209) is spam: Spam:https://antispam.osu.edu/b.php?c=si=879804209m=307de3940232 Not spam:https://antispam.osu.edu/b.php?c=ni=879804209m=307de3940232 Forget vote: https://antispam.osu.edu/b.php?c=fi=879804209m=307de3940232 -- END-ANTISPAM-VOTING-LINKS ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/ . ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/ . The information in this e-mail is intended only for the person to whom it is addressed. If you believe this e-mail was sent to you in error and the e-mail contains patient information, please contact the Partners Compliance HelpLine at http://www.partners.org
Re: [WIRELESS-LAN] ARuba VLAN pooling
In our case we do Mobility by using VLAN pooling (layer 2 roaming). So our VLANs are defined on all controllers (and terminated on our Routers). The limit of 8096 still persists, unless we use a different size subnet per VLAN (/23, /22 etc...) If one decides to terminate a VLAN on a specific controller only, IP- Mobility needs to be enabled for roaming purposes. Code release 3.4 will change all this by introducing the concept of VLAN names (more than one pool!!!) (to be tested) Philippe Univ. of TN On May 28, 2009, at 1:12 PM, Brooks, Stan wrote: Actually, the VLANs are assigned to a particular controller, so your limit (using /24 - 8096) is per controller. If you need more, go with /23 subnets. Any way you cut it, it’s a lot of users per VAP or per Controller. We’ve been using VLAN pooling for something like 3 or 4 years now and it’s been freaking AWESOME for scaling our wireless network. The MAC hashing for load balancing clients wireless clients had been great. It may not give a perfect user distribution across the pooled VLANs but it gets very close. Aruba’s layer 3 roaming (mobility) works with the VLAN pooling to truly make a decent scalable wireless solution. After hearing about different wireless deployments with a /20 subnet or larger just to handle roaming, I shudder at the thought of NOT having VLAN pooling an mobility. - Stan Brooks - CWNA/CWSP Emory University University Technology Services 404.727.0226 AIM/Y!/Twitter: WLANstan MSN: wlans...@hotmail.com GoogleTalk: wlans...@gmail.com From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU ] On Behalf Of Philippe Hanset Sent: Thursday, May 28, 2009 12:56 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ARuba VLAN pooling If my memory serves me well, there is a capacity caveat to Aruba's VLAN pooling at the moment: (might change in a future code release) 1 SSID = 1 VAP = 1 Pool = Max 32 VLANs So if you use /24, a maximum of 8096 ((256 - 3(gateway, network, broadcast)) * 32) users is the limit for one SSID. Not too many places have to worry about exceeding this number, but it's good to keep in mind! Philippe Univ. of TN On May 28, 2009, at 12:34 PM, Garrett Harmon wrote: We've also loved vlan pooling, and the distribution of clients across the /24's is excellent. As we start to see our vlans becoming highly utilized, we simply add another /24 to the pool and slowly the distribution evens out again, current users are not affected until they disconnect and reconnect at which point they'll likely receive a new vlan assignment, while new users immediately get hashed into the new algorithm. Garrett Harmon Network Engineer Office of Information Technology The Ohio State University 614.292.2122 (o) 614.747.5539 (c) On May 28, 2009, at 11:45 AM, Michael Dickson wrote: We find that Vlan Pooling does a really good job at balancing the users across our 24 client vlans. We have eighteen client vlans on our main SSID and I'm impressed with the even distribution this feature offers. If you have multiple local controllers make sure that the client vlans are properly configured on each controller for both L2 and L3. This will ensure that the clients can roam across controller boundaries with the same IP address. Also, we found it helpful to size each client vlan/subnet the same (again we use /24 subnets) Hope this helps. Mike *** Michael Dickson Network Analyst University of Massachusetts Network Systems and Services Ken Connell wrote: Assuming you you have multiple client side vlans already configured on your controller, you assign those vlans to the vap (currently your only specifying one vlan, just comma seperate and add another ). Now when a user associates, there is hash done on the client mac address and they are placed in a vlan based on the output of the hash. That mac will always hash out the same, and they will therefore always be put into the same vlan. Just be careful if you have any static clients or use reserved DHCP, cause once you add another vlan to the pool, they'll more than likely hash out to a diff vlan and therefore require a diff IP of course We've been using that since it was available and have no complaints. Ken Connell Intermediate Network Engineer Computer Communication Services Ryerson University 350 Victoria St RM AB50 Toronto, Ont M5B 2K3 416-979-5000 x6709 *From*: Jason Appah *Date*: Thu, 28 May 2009 08:16:07 -0700 *To*: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject*: [WIRELESS-LAN] ARuba VLAN pooling What is this VLAN pooling? How does it work? ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found
RE: [WIRELESS-LAN] ARuba VLAN pooling
Thanks Philippe, Certainly a nice option to have. --Bruce Johnson From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:wireless-...@listserv.educause.edu] On Behalf Of Philippe Hanset Sent: Thursday, May 28, 2009 2:26 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ARuba VLAN pooling Bruce, VLAN pooling is the default assignment method. On top of that you still have MAC address assignment, 802.1x, Portal based identity... Does that answer your questions? Philippe On May 28, 2009, at 12:59 PM, Johnson, Bruce T wrote: Thanks Philippe, Is load-balancing the only algorithm available for this method of VLAN assignment? --Bruce Johnson From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:wireless-...@listserv.educause.edu] On Behalf Of Philippe Hanset Sent: Thursday, May 28, 2009 12:56 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ARuba VLAN pooling If my memory serves me well, there is a capacity caveat to Aruba's VLAN pooling at the moment: (might change in a future code release) 1 SSID = 1 VAP = 1 Pool = Max 32 VLANs So if you use /24, a maximum of 8096 ((256 - 3(gateway, network, broadcast)) * 32) users is the limit for one SSID. Not too many places have to worry about exceeding this number, but it's good to keep in mind! Philippe Univ. of TN On May 28, 2009, at 12:34 PM, Garrett Harmon wrote: We've also loved vlan pooling, and the distribution of clients across the /24's is excellent. As we start to see our vlans becoming highly utilized, we simply add another /24 to the pool and slowly the distribution evens out again, current users are not affected until they disconnect and reconnect at which point they'll likely receive a new vlan assignment, while new users immediately get hashed into the new algorithm. Garrett Harmon Network Engineer Office of Information Technology The Ohio State University 614.292.2122 (o) 614.747.5539 (c) On May 28, 2009, at 11:45 AM, Michael Dickson wrote: We find that Vlan Pooling does a really good job at balancing the users across our 24 client vlans. We have eighteen client vlans on our main SSID and I'm impressed with the even distribution this feature offers. If you have multiple local controllers make sure that the client vlans are properly configured on each controller for both L2 and L3. This will ensure that the clients can roam across controller boundaries with the same IP address. Also, we found it helpful to size each client vlan/subnet the same (again we use /24 subnets) Hope this helps. Mike *** Michael Dickson Network Analyst University of Massachusetts Network Systems and Services Ken Connell wrote: Assuming you you have multiple client side vlans already configured on your controller, you assign those vlans to the vap (currently your only specifying one vlan, just comma seperate and add another ). Now when a user associates, there is hash done on the client mac address and they are placed in a vlan based on the output of the hash. That mac will always hash out the same, and they will therefore always be put into the same vlan. Just be careful if you have any static clients or use reserved DHCP, cause once you add another vlan to the pool, they'll more than likely hash out to a diff vlan and therefore require a diff IP of course We've been using that since it was available and have no complaints. Ken Connell Intermediate Network Engineer Computer Communication Services Ryerson University 350 Victoria St RM AB50 Toronto, Ont M5B 2K3 416-979-5000 x6709 *From*: Jason Appah *Date*: Thu, 28 May 2009 08:16:07 -0700 *To*: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject*: [WIRELESS-LAN] ARuba VLAN pooling What is this VLAN pooling? How does it work? ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. -- BEGIN-ANTISPAM-VOTING-LINKS -- Teach CanIt if this mail (ID 879804209) is spam: Spam:https://antispam.osu.edu/b.php?c=si=879804209m=307de3940232 Not spam:https://antispam.osu.edu/b.php?c=ni=879804209m=307de3940232 Forget vote: https://antispam.osu.edu/b.php?c=fi=879804209m=307de3940232 -- END-ANTISPAM-VOTING-LINKS ** Participation
Re: [WIRELESS-LAN] ARuba VLAN pooling
Have any of you that are using the VLAN pooling run into problems with users that want to do link-local-ish stuff with people physically co- located close to them? Our classic example is accessing iTunes between computers co-located near one another. Unless they both end up on the same VLAN they won't see one another without other fix-up's in place. This has been one of the concerns we have had with moving to pooling since our students (and staff for that matter) are likely using this feature today. Thanks! David On May 28, 2009, at 12:06 PM, Johnson, Bruce T wrote: Thanks Philippe, Certainly a nice option to have. --Bruce Johnson From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU ] On Behalf Of Philippe Hanset Sent: Thursday, May 28, 2009 2:26 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ARuba VLAN pooling Bruce, VLAN pooling is the default assignment method. On top of that you still have MAC address assignment, 802.1x, Portal based identity... Does that answer your questions? Philippe On May 28, 2009, at 12:59 PM, Johnson, Bruce T wrote: Thanks Philippe, Is load-balancing the only algorithm available for this method of VLAN assignment? --Bruce Johnson From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU ] On Behalf Of Philippe Hanset Sent: Thursday, May 28, 2009 12:56 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ARuba VLAN pooling If my memory serves me well, there is a capacity caveat to Aruba's VLAN pooling at the moment: (might change in a future code release) 1 SSID = 1 VAP = 1 Pool = Max 32 VLANs So if you use /24, a maximum of 8096 ((256 - 3(gateway, network, broadcast)) * 32) users is the limit for one SSID. Not too many places have to worry about exceeding this number, but it's good to keep in mind! Philippe Univ. of TN On May 28, 2009, at 12:34 PM, Garrett Harmon wrote: We've also loved vlan pooling, and the distribution of clients across the /24's is excellent. As we start to see our vlans becoming highly utilized, we simply add another /24 to the pool and slowly the distribution evens out again, current users are not affected until they disconnect and reconnect at which point they'll likely receive a new vlan assignment, while new users immediately get hashed into the new algorithm. Garrett Harmon Network Engineer Office of Information Technology The Ohio State University 614.292.2122 (o) 614.747.5539 (c) On May 28, 2009, at 11:45 AM, Michael Dickson wrote: We find that Vlan Pooling does a really good job at balancing the users across our 24 client vlans. We have eighteen client vlans on our main SSID and I'm impressed with the even distribution this feature offers. If you have multiple local controllers make sure that the client vlans are properly configured on each controller for both L2 and L3. This will ensure that the clients can roam across controller boundaries with the same IP address. Also, we found it helpful to size each client vlan/subnet the same (again we use /24 subnets) Hope this helps. Mike *** Michael Dickson Network Analyst University of Massachusetts Network Systems and Services Ken Connell wrote: Assuming you you have multiple client side vlans already configured on your controller, you assign those vlans to the vap (currently your only specifying one vlan, just comma seperate and add another ). Now when a user associates, there is hash done on the client mac address and they are placed in a vlan based on the output of the hash. That mac will always hash out the same, and they will therefore always be put into the same vlan. Just be careful if you have any static clients or use reserved DHCP, cause once you add another vlan to the pool, they'll more than likely hash out to a diff vlan and therefore require a diff IP of course We've been using that since it was available and have no complaints. Ken Connell Intermediate Network Engineer Computer Communication Services Ryerson University 350 Victoria St RM AB50 Toronto, Ont M5B 2K3 416-979-5000 x6709 *From*: Jason Appah *Date*: Thu, 28 May 2009 08:16:07 -0700 *To*: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject*: [WIRELESS-LAN] ARuba VLAN pooling What is this VLAN pooling? How does it work? ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/ . ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/ . -- BEGIN-ANTISPAM-VOTING-LINKS -- Teach CanIt if this mail (ID
Re: [WIRELESS-LAN] ARuba VLAN pooling
-With VLAN pooling you will see Music from people scattered around the campus on the same VLAN -If you assign VLANs for locations, they will see each other in close proximity but will complain that they cannot see the music of their friends in the dorms... (interesting VLAN management as well!) -If you have a large VLAN across campus, the broadcasting from Itunes (and other Bonjour contraptions) might kill it! (we had to block Bonjour, MDNS etc.. to make our large VLAN survive until we moved to VLAN pooling) You cannot please everyone... Philippe On May 28, 2009, at 4:41 PM, David Sinn wrote: Have any of you that are using the VLAN pooling run into problems with users that want to do link-local-ish stuff with people physically co-located close to them? Our classic example is accessing iTunes between computers co-located near one another. Unless they both end up on the same VLAN they won't see one another without other fix-up's in place. This has been one of the concerns we have had with moving to pooling since our students (and staff for that matter) are likely using this feature today. Thanks! David On May 28, 2009, at 12:06 PM, Johnson, Bruce T wrote: Thanks Philippe, Certainly a nice option to have. --Bruce Johnson From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU ] On Behalf Of Philippe Hanset Sent: Thursday, May 28, 2009 2:26 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ARuba VLAN pooling Bruce, VLAN pooling is the default assignment method. On top of that you still have MAC address assignment, 802.1x, Portal based identity... Does that answer your questions? Philippe On May 28, 2009, at 12:59 PM, Johnson, Bruce T wrote: Thanks Philippe, Is load-balancing the only algorithm available for this method of VLAN assignment? --Bruce Johnson From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU ] On Behalf Of Philippe Hanset Sent: Thursday, May 28, 2009 12:56 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] ARuba VLAN pooling If my memory serves me well, there is a capacity caveat to Aruba's VLAN pooling at the moment: (might change in a future code release) 1 SSID = 1 VAP = 1 Pool = Max 32 VLANs So if you use /24, a maximum of 8096 ((256 - 3(gateway, network, broadcast)) * 32) users is the limit for one SSID. Not too many places have to worry about exceeding this number, but it's good to keep in mind! Philippe Univ. of TN On May 28, 2009, at 12:34 PM, Garrett Harmon wrote: We've also loved vlan pooling, and the distribution of clients across the /24's is excellent. As we start to see our vlans becoming highly utilized, we simply add another /24 to the pool and slowly the distribution evens out again, current users are not affected until they disconnect and reconnect at which point they'll likely receive a new vlan assignment, while new users immediately get hashed into the new algorithm. Garrett Harmon Network Engineer Office of Information Technology The Ohio State University 614.292.2122 (o) 614.747.5539 (c) On May 28, 2009, at 11:45 AM, Michael Dickson wrote: We find that Vlan Pooling does a really good job at balancing the users across our 24 client vlans. We have eighteen client vlans on our main SSID and I'm impressed with the even distribution this feature offers. If you have multiple local controllers make sure that the client vlans are properly configured on each controller for both L2 and L3. This will ensure that the clients can roam across controller boundaries with the same IP address. Also, we found it helpful to size each client vlan/subnet the same (again we use /24 subnets) Hope this helps. Mike *** Michael Dickson Network Analyst University of Massachusetts Network Systems and Services Ken Connell wrote: Assuming you you have multiple client side vlans already configured on your controller, you assign those vlans to the vap (currently your only specifying one vlan, just comma seperate and add another ). Now when a user associates, there is hash done on the client mac address and they are placed in a vlan based on the output of the hash. That mac will always hash out the same, and they will therefore always be put into the same vlan. Just be careful if you have any static clients or use reserved DHCP, cause once you add another vlan to the pool, they'll more than likely hash out to a diff vlan and therefore require a diff IP of course We've been using that since it was available and have no complaints. Ken Connell Intermediate Network Engineer Computer Communication Services Ryerson University 350 Victoria St RM AB50 Toronto, Ont M5B 2K3 416-979-5000 x6709 *From*: Jason
