Valid questions. Perhaps they should follow a few strategic thoughts. o What does my network look like now? (Collapsed or distributed layer 3. Vlans per school, per building, per floor, etc.)
o What will my network look like in 3 years? o Do you want vlans to exist in your core? o Which WLAN vendor provides enough knobs for me to architect the optimal solution? Given the adoption of .1X it could be argued that wireless users no longer need to be logically segmented from wired users on my trusted network. Access Points simply extend the access layer to a new media. I should have the option to tunnel certain networks to a particular end point. Layer 3 roaming can be optimized through network logic design and software. These should not be mutually exclusive. Also, in the interest of full disclosure I should mention that I am employed by a promising local WLAN vendor. I monitor but rarely post to this list. However it would be nice to discuss these issues as well as other operational/architecture topics in a vendor neutral environment. I'd be happy to host a NANOG type list if there is interest. /rf On Fri, Mar 6, 2009 at 3:34 PM, Zeller, Tom S <[email protected]> wrote: > In a recent discussion here we produced at least two issues with > decentralized architecture. > > #1. Mobility. One of the main attractions of the controller-based > architecture (CBA) in the first place was to improve the experience for > hand-held devices which don’t hibernate between locations. The device can’t > know that it has changed subnets when it roams. So it either breaks or > there is tunneling of some sort. It’s not clear which approach, centralized > or decentralized, has the more difficult scaling issue once mobile tunneling > is taken into account. > > #2. IP space use. With centralized you create a pool of X number of subnets > with some headroom. Quite efficient. With distributed, you first have to > choose to have wireless traffic on the building vlan or not. If you put it > on the building vlan wireless users are behind any existing departmental > firewall or ACL. If that’s unacceptable you have to create a new vlan in > each building and allocate IP space for each, with headroom, which is a much > less efficient use of IP space. > > Tom Zeller > Indiana University > > ********** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/groups/. -- /rf ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
