09-17-2020 05:46 AM - edited 07-05-2021 12:31 PM
Hi,
Now with the new configuration model for 9800 WLC I wonder which is the recommendation for "Site" definition. I was unable to find a document that clearly explains it. For a campus deployment for example, would a "site" be a building? the whole campus? an office area? Are there any recommendations for the APs to be included in a site? (eg: APs were client roaming is likely to ocurr).
If anyone has a reference to a design guideline, I'd appreciate it.
Thanks,
LeoC.
Solved! Go to Solution.
11-12-2020 05:54 PM
1.Use custom site tags and not the default site tag.
2.Assign the same site tag to all the APs in the same roaming domain.
3.Limit the number of APs to 500 per site tag (for best performance).
more details in Configuration Best Practices Doc here:
09-17-2020 05:51 AM
Cat 9800 Follow DNAC Defination i guess ( personally not deployed)
But as per DNAC please refer below document :
09-17-2020 07:20 AM
Thanks Balaji, but I could not find an answer in those documents either.
LeoC
09-17-2020 07:21 AM
This is not the only design requirement that DNA-C is not matching c9800. As you said DNA-C configuration paradigm is plain and completely different from IOS-XE (even from AireOS):
• This is 100% based on Cisco full stack: WLC, AAA server, security
• Not possible to configure different WLAN profiles with same SSID. User cases:
> Central vs. Local forwarding for the same SSID in different offices
> Anchored SSIDs, how do you configure them?
> Hybrid WPA2/WPA3 or WPA2 + WPA3 different SSID's depending on the site
> Support different 802.11 amendments (802.11 r/w) in different offices
> Provide different radios for the same SSID per office: we only broadcast Corp SSID in 5GHz, but some single sites restricted us to doing so because of internal policies in customer sites
• There is no support to standard PMF (802.11w) but only for Cisco-based MFP that is not been supported by current vendors
• Not possible to use MAB for Guest with CWA if there is no Cisco ISE defined in DNA-C (there is no option for MAB with third-party AAA servers)
• Not possible to use MAB if no Cisco ISE defined in DNA-C. Usecase for VoWLAN or IoT to allow certain voice devices bsed on MAC address.
• AAA override with 3rd-party server is not supported to deploy NAC-based access: policing, isolation
• CWA policy very difficult to implement if not impossible (pre-auth-acl)
• Mapping WLAN to Interface group
• 802.11 tuning impossible: PMF+SHA256/SHA1 simultaneously, FT opt/mandatory simultaneously, WPA2/WPA3 mixed WLAN profile
• Design of sites is flat in terms of site tags (AP groups) and RF, so no possibility to separate high density areas from low density: Floor X is unique, and cannot create canteen, auditoriums or event room, with separate RF features than corridors or leisure areas.
• I understand advanced RF Tuning is always to be done in WLC (data rates, channels, thresholds) but isn’t DNA-C focus on avoiding customers to configure anything on WLC?
And many other fatures you cannot relay on DNA-C.
11-12-2020 05:54 PM
1.Use custom site tags and not the default site tag.
2.Assign the same site tag to all the APs in the same roaming domain.
3.Limit the number of APs to 500 per site tag (for best performance).
more details in Configuration Best Practices Doc here:
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide