Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1036
Views
1
Helpful
1
Replies

C9800 policy-tags & site-tags

iores
Level 3
Level 3

‎10-22-2023 06:27 AM

Hi,

consider following scenario. There is a 3 floor building with 4 WLANs/SSIDs:

  • SSID A
  • SSID B
  • SSID C
  • SSID D

Flexconnect is used and the limit is 100 APs per site tag. The number of APs is around 300.

There are various combinations of SSIDs per floor, for example:

  • Floor 1: A, B, C, D
  • Floor 2: A, B
  • Floor 3: C

Considering the best practices, would it be correct to:

  • Create one site tag per floor
  • Create one policy tag per floor which will include all desired SSIDs

 

Is there something I have missed out?

Thanks in advance.

Labels:
0 Helpful
1 Reply 1

eglinsky2012
Spotlight
Spotlight

‎10-22-2023 10:28 AM

Some additional things to consider: How mobile are the clients? Do they roam floor to floor (for example, a client on SSID A on floor 1 roams to floor 2)? Are you using the same or different policy profiles for each SSID on different floors? Is there signal overlap between floors broadcasting the same SSID? Are these 300 APs the only ones associated to this particular WLC, or are there more? What model 9800?

If there's a lot of foot traffic and roaming clients, along with signal overlap of an SSID floor to floor, it might be best to keep them all in one site tag to keep inter-wncd roaming down (but see info on different policy profiles below). You could still use a filter or location tag to assign different policy tags to APs on each floor while putting them all in the same site tag.

The 9800 best practice guide provides a lot of relevant information. These two sections are the most interesting to me in this context:

https://www.cisco.com/c/en/us/products/collateral/wireless/catalyst-9800-series-wireless-controllers/guide-c07-743627.html#Designingwithsitetagsinmind

2.     Assign the same site tag to all the APs in the same roaming domain

3.     Limit the number of APs per site tag to 500, whenever possible <<See per-WLC-model limitations

https://www.cisco.com/c/en/us/products/collateral/wireless/catalyst-9800-series-wireless-controllers/guide-c07-743627.html#Roamingbetweenpolicytags

Currently, a client roaming between two APs configured with the same SSID but different associated policies will result in a slow roam. In other words, roaming across two different policy tags (same SSID, but different policy profile name) will force client to go through a full authentication and DHCP process to renew its IP address. This is true even if doing intra-controller roaming, and it is meant to prevent clients from jumping from one policy to another without a full reauthentication.

Note:     If the policy profile associated to the SSID is the same (same name and content) in different policy tags, then roaming for that SSID is seamless. The slow roam happens if there is a change in the policy profile associated to the SSID"

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card