Careful what you wish for......I can recall installing my first AP and wishing/watching for days until I got my first wireless user......now I wish they'd get lost!...;+)
We peak at approx. 6000 IPs dhcp'd out but only approx 80% of those IPs are actually used. The rest are sucked up by devices whose radios are simply powered on. We still assign public IPs and are good for a while yet but there may come a day when PAT will be necessary. We try to make our subnets as large as we dare. Eg. A /22 subnet facilitates a more efficient use of IPs than 4 /24s. ..........J James Savage York University Senior Communications Tech. 108 Steacie Building [email protected] 4700 Keele Street ph: 416-736-2100 ext. 22605 Toronto, Ontario fax: 416-736-5830 M3J 1P3, CANADA From: Jason Appah <[email protected]> To: [email protected] Date: 12/15/2009 11:00 AM Subject: Re: [WIRELESS-LAN] Private IP space for wireless users- anyone? Sent by: The EDUCAUSE Wireless Issues Constituent Group Listserv <[email protected]> I wish we had your volume, 650 peak -----Original Message----- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [ mailto:[email protected]] On Behalf Of Lee H Badman Sent: Tuesday, December 15, 2009 3:36 AM To: [email protected] Subject: Re: [WIRELESS-LAN] Private IP space for wireless users- anyone? Thanks for all of the responses- I wonder if anyone with a peak usage like ours is doing NAT- almost 6500 clients? -Lee ________________________________________ From: The EDUCAUSE Wireless Issues Constituent Group Listserv [[email protected]] On Behalf Of Jason Appah [[email protected]] Sent: Monday, December 14, 2009 11:03 PM To: [email protected] Subject: Re: [WIRELESS-LAN] Private IP space for wireless users- anyone? Yes, that is what we do. I just wondered how big if a bear it would be to track pat in a university wireless environment. In a second related note, we recently changed our NAT timeout from 3 to 2 hours as we were beginning to run out of 1 to 1 NAT ranges Sent from my iPhone Jason Appah Systems Administrator Oregon Tech On Dec 14, 2009, at 6:33 PM, "Phil Trivilino" <[email protected]> wrote: > We do 1to1 dynamic NAT on the ASA firewall and log all the > translations to a syslog server. Easy to get the private ip from > the log given the time and global ip. It is all we've seen the need > for to this point. > Phil > > On Dec 14, 2009, at 8:55 PM, Lee H Badman wrote: > >> Wondering how many other schools are using private IP space for >> wireless users, how you accomplish the NAT, and what mechanisms you >> use for user tracking for the private-public mappings for forensic/ >> investigatory purposes. >> >> Thanks- >> >> Lee >> ********** >> Participation and subscription information for this EDUCAUSE >> Constituent Group discussion list can be found at http://www.educause.edu/groups/ >> . > > ********** > Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at http://www.educause.edu/groups/ > . ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
