What supervisor were you running in the 6500's ? -Neil
-- Neil Johnson Network Engineer The University of Iowa W: 319 384-0938 M: 319 540-2081 http://www.uiowa.edu -----Original Message----- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of Karl Reuss Sent: Tuesday, July 01, 2008 9:51 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] NAT in large scale wireless networks Last academic year we ran NAT on our main wireless network. We had about 13,000 unique users per day and about 8,000 simultaneous connections at peak times, roughly 95% student traffic. It worked, but there were a couple of issues for us: 1) Picking the correct NAT box. Catalysts 6500s do wirespeed NAT, but they can't keep up with the number of new connections per second. A single ASA5550 handled the job well, now we have a pair. 2) The NAT logs are enormous. Finding space to keep them is fun, going through them to find incidents is painful. We did NAT because we added wireless to our dorms last year and we weren't sure what the pace of our rollout would be, or how fast the users would migrate over. We didn't want to be shuffling IP ranges all year. We'll be going back to fixed IP addresses next year for most wireless use. -Karl Reuss University of Maryland, College Park Michael Dickson wrote: > Though we currently have enough available routed IP space for our > wireless clients we are looking toward the future and wondering if > NAT-ing the wireless network makes sense. > > Does anyone have any experiences, good or bad, using NAT for the > wireless client pool in a large scale environment? What features "go > away" (i.e. RFID or user tracking, etc.) Are there any gotchas? > > We're an Aruba shop and expect about 3000+ wireless clients this > semester and have been adding more APs by the week. > > Thanks, > Mike > > *************************************************************** > Michael Dickson Phone: 413-545-9639 > Network Analyst [EMAIL PROTECTED] > University of Massachusetts > Network Systems and Services > *************************************************************** > > ********** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
