Buy or Renew
Buy or Renew
NEW: Try the Beta AI Summary feature on posts in the Routing and SD-WAN forum. Click to go to the forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1488
Views
15
Helpful
4
Replies

flex connect

bluesea2010
Level 7
Level 7

‎01-28-2023 11:54 PM

Hi,

 

 

Hi ,
Acces points are running in flexconnect mode . Access Layer is layer 3
single SSID , Dynamically allowing vlans based on group membership .

group 1 -vlan 100
group 2 - vlan 200
VLAN 100 and 200 on every floor.


Each vlan has a total of 500 to 1000 users on all floors.

I want to divide 10.0.0.0/16 Between each floor

VLAN 100, for instance.
10.0. 0.0/23 -- ground.
10.0. 2.0/23 -- first.
10.0. 4.0/23 --second.
10.0. 6.0/23 -- third

Since layer 3's access layer is where all of the gateways are located, is it ok /23 in each floor for all vlan ?

Given that layer 3's access layer is where all of the gateways are located on edge switches, is it acceptable to have /23 in each floor for all vlans.
Any pros and cons

Thanks

.

 

Flexconnect.jpg

0 Helpful
4 Replies 4

Rich R
VIP
VIP

‎01-29-2023 05:50 AM

Well /23 gives you about 500 IPs - so question is how many unique users per VLAN per floor.
Also take into account the amount of user churn (users leaving and arriving) and how long your DHCP lease time is.
Eg. if you have 500 possible unique users each with at least 2 devices each then you need at least 1000 IPs so you'd need to use at least /22 and maybe more to make sure you have plenty of spare capacity for proliferation of devices.

------------------------------
Please click Helpful if this post helped you and Accept as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
Field Notice: FN74383 APs Running 17.12.4/5/6/6a May Run Out of Flash Space Preventing Upgrades
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
Default AP console baud rate from 17.12.x is 115200 - introduced by CSCwe88390

bluesea2010
Level 7
Level 7
In response to Rich R

‎01-29-2023 10:22 PM

Hi,

Layer 3 roaming Requires, Access layer is layer 3 .
So the user moving from floor to floor the the first ip address will be retained.

Let's assume half of the users are moving from the first floor (10.0.0.0/22) to ground floor (10.0.4.0/22) ,

does it impact the ip address space in the ground floor

Thanks

WLC-new.jpg

 

 

 

 

 

 

 

0 Helpful

Arshad Safrulla
VIP Alumni
VIP Alumni

‎01-30-2023 03:33 PM

/23 subnets must be decided based on your network and clients. You might have to fine tune the dhcp lease timers according to what you see on your network and how users roam between floors. Its very difficult to answer this without much insight in to the design as whole

Running Flex connect APs on Layer 3 routed access switches is going to be challenging. You will have a nightmare troubleshooting the issues. For example if a user moves from ground floor to first floor user may need to acquire new IP address if the subnet is different for the new VLAN. And also it is perfectly possible while the user is in ground floor he will connect to first floor (if the coverage is leaking) and then when roaming to ground floor AP disconnections may happen. 

For any Layer 3 routed access network recommended setup would be local mode APs where the traffic is tunneled to the WLC.

___________________________________________
TAC recommended codes for AireOS WLC's
Best Practices for AireOS WLC's
TAC recommended codes for 9800 WLC's
Best Practices for 9800 WLC's
Cisco Wireless compatibility matrix
___________________________________________
Arshad Safrulla

bluesea2010
Level 7
Level 7
In response to Arshad Safrulla

‎01-30-2023 09:21 PM

Hi @Arshad Safrulla 

 

Hi,

1.if a user moves from ground floor to first floor user may need to acquire new IP address if the subnet is different for the new VLAN

As I Understand when we enable layer 3 roaming ,the client can continue using its current IP address.

2. For any Layer 3 routed access network recommended setup would be local mode APs where the traffic is tunneled to the WLC.


It means I have to create layer 2 (trunk) connection to  wlc from the core switch

And the ssid vlans gateways (svi) will be on core switch

Correct me if I am wrong

Thanks

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card