Hi Everyone, Thanks for all the responses thus far—this community is always extremely helpful.
I should add that we have L2 connectivity in each location and that all APs run in Local Mode (tunneled back to controller), so aside from DHCP at boot, there would be very little broadcast traffic. @Bruce - I like your idea of having them on the building VLANs. We do that for some now and I had not considered that for all of them. However, we are also looking at Cisco's DNA for management, and I think that would be easier to manage if the APs were on a dedicated set of networks. We moved our switches to this model (dedicated management network) starting last year, and it has worked well for us. To ease management, my preference would be for a pair of /22s, or even one /21, but I worry a little about that many APs in one segment. Has anyone gone "too big", and had issues as a result? Thank you again, -- Jesse Thomas Network & Systems Administrator Hamilton College 315-859-4211 On Thu, Jun 18, 2020 at 2:46 PM Adam T. Ferrero <[email protected]> wrote: > > We have ~6k APs and place them on AP mgmt. subnets of /22. We tunnel > all traffic back to controllers so the broadcast isn't significant (no user > broadcast on the AP mgmt. vlan). The weakest devices we have are VoIP > phones where 200 broadcast packets per second can hurt them but broadcast > pps above 50 is abnormal here. > > Adam > > -----Original Message----- > From: The EDUCAUSE Wireless Issues Community Group Listserv < > [email protected]> On Behalf Of Curtis, Bruce > Sent: Thursday, June 18, 2020 2:19 PM > To: [email protected] > Subject: [External] Re: [WIRELESS-LAN] AP Management Network Size > > We take a more Zero Trust approach and don’t put APs on a separate Vlan. > > The APs are on the same Vlan as other devices in the building.. > > No problems in more than 14 years. > > We do give them private IPv4 numbers but they get public IPv6 numbers. > > > On Jun 17, 2020, at 2:56 PM, Jesse Thomas <[email protected]> wrote: > > > > Hi Everyone, > > > > We are preparing to replace our existing Cisco WiSM2 controllers with > 9800s. Part of this upgrade will include redesigning our AP management > network(s)—currently, we have about 500 APs spread across 3 different > /24's. > > > > As we move towards an in-room design in our residence halls and provide > denser 5GHz coverage throughout campus in the coming years, we expect the > number of APs to grow by quite a bit. > > > > I am interested in how others have sized your AP management networks? I > have not found any concrete guidance from Cisco and various recommendations > elsewhere range from /25 to /21. Larger ranges would of course be easier to > manage, but at the same time we don't want to introduce issues related to > broadcast traffic. > > > > Thanks for any input that you can provide. > > > > Regards, > > > > > > -- > > Jesse Thomas > > Network & Systems Administrator > > Hamilton College > > 315-859-4211 > > ********** > > Replies to EDUCAUSE Community Group emails are sent to the entire > > community list. If you want to reply only to the person who sent the > > message, copy and paste their email address and forward the email > > reply. Additional participation and subscription information can be > > found at https://www.educause.edu/community > > > > Bruce Curtis > Network Engineer / Information Technology NORTH DAKOTA STATE UNIVERSITY > phone: 701.231.8527 > [email protected] > > > ********** > Replies to EDUCAUSE Community Group emails are sent to the entire > community list. If you want to reply only to the person who sent the > message, copy and paste their email address and forward the email reply. > Additional participation and subscription information can be found at > https://www.educause.edu/community > > ********** > Replies to EDUCAUSE Community Group emails are sent to the entire > community list. If you want to reply only to the person who sent the > message, copy and paste their email address and forward the email reply. > Additional participation and subscription information can be found at > https://www.educause.edu/community > ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
