{"id":37766,"date":"2019-08-14T02:49:16","date_gmt":"2019-08-14T02:49:16","guid":{"rendered":"https:\/\/mec.ph\/?p=37766"},"modified":"2022-02-16T17:33:07","modified_gmt":"2022-02-16T09:33:07","slug":"ip-address-plan","status":"publish","type":"post","link":"https:\/\/mec.ph\/aruba-news\/ip-address-plan\/","title":{"rendered":"Aruba Networks: Developing an IP Address Plan for Wi-Fi"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"37766\" class=\"elementor elementor-37766\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-13feffa elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"13feffa\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1982680\" data-id=\"1982680\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-2f15564 elementor-widget elementor-widget-text-editor\" data-id=\"2f15564\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h3><strong>Architecture\u00a0overview<\/strong><\/h3><p>Your address\u00a0plan\u00a0ought to\u00a0be created in conjunction\u00a0with your\u00a0<a href=\"https:\/\/mec.ph\/products\/wireless\/\">wireless<\/a>\u00a0design.\u00a0<a href=\"http:\/\/mec.ph\/aruba\" target=\"_blank\" rel=\"noopener\">Wireless APs<\/a>\u00a0among\u00a0your four-building\u00a0campus, managed by controllers in your off-campus\u00a0data\u00a0center,\u00a0can\u00a0have address allocation\u00a0significantly different\u00a0from\u00a0a worldwide\u00a0environment\u00a0with controllers in\u00a0every\u00a0<a href=\"https:\/\/beta.mec.ph\/digital-workplace\/\">workplace<\/a>. Additionally, forcing all wireless traffic through a tagged VLAN on your centrally placed controllers instead of dumping traffic local to the end-user LAN changes the plan and troubleshooting strategies.<\/p><p>\u00a0<\/p><p>As I\u00a0run through\u00a0an\u00a0address\u00a0plan\u00a0for wireless, I approach it in\u00a0IP\u00a0address-to-User ratios\u00a0based on\u00a0SSID\u00a0function\u00a0and region. Sound odd? Follow me\u00a0on this.<\/p><p>\u00a0<\/p><ul><li><strong>Corporate-user SSID:<\/strong>\u00a0Most\u00a0company\u00a0users have a\u00a0laptop, company-issued\u00a0mobile phone\u00a0and perhaps\u00a0a\u00a0tablet. Expect {that\u00a0each|that every}\u00a0of these\u00a0devices\u00a0can\u00a0connect with\u00a0the wireless network\u00a0at the same time\u00a0each\u00a0consuming\u00a0an\u00a0IP\u00a0address. If there\u00a0are\u00a0four hundred\u00a0staff\u00a0within the\u00a0campus\u00a0connecting\u00a0to that\u00a0SSID, you\u2019ll\u00a0want\u00a0a minimum of\u00a0a 4:1\u00a0ratio\u00a0for coverage.\u00a0During this\u00a0example, that\u2019s 1,600 addresses, therefore, you should\u00a0reserve a \/21.<\/li><li><strong>Vendor SSID:<\/strong>\u00a0For your\u00a0vendor\u00a0guests giving\u00a0presentations,\u00a0you\u2019ll be able to\u00a0expect\u00a0every\u00a0user\u00a0can\u00a0have a\u00a0laptop\u00a0and a\u00a0mobile phone\u00a0(2:1 ratio).\u00a0how\u00a0frequently\u00a0these guests show up to your\u00a0workplace\u00a0are some things\u00a0for you\u00a0to analyze\u00a0but\u00a0plan\u00a0for\u00a0an average\u00a0of one-hour conferences. Add\u00a0an extra\u00a030 minutes\u00a0to that\u00a0time, shorten the DHCP lease to avoid address exhaustion and\u00a0you\u2019ll be able to\u00a0avoid DHCP exhaustion. If you\u00a0carved\u00a0out a \/24\u00a0you\u2019d probably\u00a0have enough addresses.\u00a0it\u2019d\u00a0be\u00a0laborious\u00a0to imagine\u00a0a region\u00a0hosting 255 simultaneous devices.<\/li><li><strong>Guest SSID:<\/strong>\u00a0Guest access gets a bit difficult. For the company environment, I plan a similar ratio as I do vendor access. For the service industry\u2014bars, restaurants, and retail\u2014I\u2019ll consider only mobile devices, and perhaps add a \u201cpoint\u201d for the occasional man that\u2019s \u201cworking from home.\u201d The good thing concerning the service industry is you recognize the absolute most quantity of bodies you want to support. Look on top of the doorway and you\u2019ll see the fire marshals required, \u201cmaximum occupancy\u201d sign. If it\u2019s a hundred individuals, use a 1.5:1 ratio. meaning a \/24 would work for your operation.<\/li><\/ul><p>\u00a0<\/p><p>The CIDR mask\u00a0might\u00a0change\u00a0depending on\u00a0how\u00a0wireless traffic is offloaded to the\u00a0local\u00a0area\u00a0network.\u00a0When I mentioned the\u00a0off-site controllers handling all the\u00a0campus\u00a0access points,\u00a0you\u2019d\u00a0probably\u00a0want\u00a0a complete\u00a0\/21 for\u00a0four hundred\u00a0users with four devices.\u00a0The situation\u00a0changes if you offload that traffic\u00a0locally\u00a0to the building,\u00a0tho\u2019\u00a0the address block\u00a0might\u00a0stay\u00a0the same.<\/p><p>\u00a0<\/p><p>In that case,\u00a0you\u2019ll\u00a0only\u00a0want\u00a0a \/24 per building to service those DHCP\u00a0needs\u00a0and\u00a0you\u2019re taking\u00a0that from your supernet. It\u2019s\u00a0necessary\u00a0to understand\u00a0the\u00a0function,\u00a0estimated\u00a0device count and\u00a0where\u00a0wireless is offloaded on a per SSID basis\u00a0when\u00a0considering your address allocations.<\/p><p>\u00a0<\/p><h3><strong>Carving Out Space<\/strong><\/h3><p>\u00a0<\/p><p>When I\u00a0begin\u00a0planning\u00a0an addressing scheme\u00a0in a\u00a0brownfield\u00a0environment, I prefer\u00a0to start with\u00a0the present\u00a0IP address usage. Let\u2019s use the medium-sized\u00a0campus\u00a0example.\u00a0There\u2019s\u00a0an\u00a0off-site\u00a0data\u00a0center,\u00a0however, Wi-Fi traffic is offloaded to the wire\u00a0nearest\u00a0to the\u00a0client. Let\u2019s additionally assume that there\u00a0are\u00a05\u00a0branch offices connected via\u00a0a wide\u00a0area\u00a0network.<\/p><p>\u00a0<\/p><p>In the figure, I show IP address blocks in use for this instance. For Wi-Fi, I\u2019d open a brand new block within the RFC 1918 area for wireless clients. Keep in mind to keep your subnets within the natural CIDR boundaries so that your route lookups and summarization is optimal.<\/p><p>\u00a0<\/p><p>Within the\u00a0campus, you may\u00a0expect\u00a0a hundred\u00a0users per building and at a 4:1\u00a0ratio, that\u2019s\u00a0four hundred\u00a0IP\u00a0addresses per building for your\u00a0company\u00a0wireless SSID.\u00a0I\u2019d\u00a0reserve a \/23\u00a0for every\u00a0building. Your WAN connected offices\u00a0are\u00a0a bit\u00a0smaller and a \/24 would meet their\u00a0needs, even at the device\u00a0ratio, we\u2019re considering. With\u00a0a remote\u00a0data\u00a0center, you wouldn\u2019t expect\u00a0loads\u00a0of wireless devices at\u00a0once. planning\u00a0a \/25 with 126-usable addresses, or a \/26 with 62-useable addresses would be enough for engineers\u00a0needing to\u00a0work in\u00a0the data center.<\/p><p>\u00a0<\/p><p>I\u00a0recommend\u00a0utilizing address\u00a0space\u00a0outside the \u201cnormal\u201d\u00a0corporate\u00a0wired network blocks.\u00a0within the\u00a0figure, I showed usage\u00a0within 10.0.0.0\/8. If this were my network, I\u2019d assign wireless to 192.168.0.0\/16 or 172.16.0.0\/12.\u00a0After I\u00a0log into a router\u00a0to examine\u00a0routes, seeing the 172\u2019s or 192\u2019s\u00a0within the routing table\u00a0instantly\u00a0informs\u00a0me of these\u00a0are wireless networks. It\u2019s\u00a0just one\u00a0of those\u00a0\u201chints\u201d that\u00a0facilitate me\u00a0with troubleshooting and I\u2019ll take all the hints I\u00a0will get at 3 am!<\/p><p>\u00a0<\/p><p>This exercise applies to IPv4. If\u00a0you wish\u00a0to induce\u00a0bold, reserve and assign IPv6 address\u00a0space\u00a0for your Wi-Fi clients\u2026then\u00a0you merely\u00a0think about\u00a0subnets\u00a0instead of\u00a0host IPs.\u00a0However, that\u2019s another discussion.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-bfeec4e elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"bfeec4e\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-c75e28f\" data-id=\"c75e28f\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-3e41bc8 elementor-widget elementor-widget-video\" data-id=\"3e41bc8\" data-element_type=\"widget\" data-settings=\"{&quot;youtube_url&quot;:&quot;https:\\\/\\\/youtu.be\\\/_mG1XEQyISY&quot;,&quot;video_type&quot;:&quot;youtube&quot;,&quot;controls&quot;:&quot;yes&quot;}\" data-widget_type=\"video.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-wrapper elementor-open-inline\">\n\t\t\t<div class=\"elementor-video\"><\/div>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-e24e5e3 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"e24e5e3\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-e13e7c7\" data-id=\"e13e7c7\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-af13595 elementor-widget elementor-widget-text-editor\" data-id=\"af13595\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h3><strong>Parting Thoughts<\/strong><\/h3><p>\u00a0<\/p><p>Some of these ratios won\u2019t apply to your organization. I wouldn\u2019t expect them to. What I\u2019m\u00a0attempting\u00a0to do\u00a0in this article is to offer\u00a0some concepts\u00a0concerning\u00a0correct\u00a0planning. In my\u00a0experience, improper\u00a0planning\u00a0causes\u00a0massive problems\u00a0but\u00a0is one\u00a0that is\u00a0most\u00a0easily\u00a0avoided.<\/p><p>\u00a0<\/p><p>I have worked in organizations that\u00a0owned\u00a0massive\u00a0swaths of non-RFC 1918 subnets\u00a0that\u00a0they used internally. You wouldn\u2019t\u00a0need to\u00a0re-IP your\u00a0data\u00a0center for\u00a0an\u00a0unforeseen\u00a0IP\u00a0conflict.\u00a0However, I\u00a0never\u00a0needed\u00a0to burn that\u00a0space\u00a0for wireless.\u00a0Using\u00a0RFC 1918 blocks for wireless sounded like\u00a0a decent\u00a0plan\u00a0because\u00a0it was\u00a0simple\u00a0to adjust within the\u00a0event of overlap and you\u00a0preserved\u00a0valuable IPv4 addresses. Your situation might\u00a0vary,\u00a0however, the concept\u00a0remains\u00a0the same.<\/p><p>\u00a0<\/p><p>The troubleshooting problem at the start of this article related to a) offloading all wireless traffic in the data center instead of on the local LAN, b) junior employees assuming all subnets were \/24\u2019s, and c) poorly documented global address assignments. Your address plan must be thought out, documented, and versatile. Particularly in the IPv4 space. If you\u2019re adjusting your Wi-Fi infrastructure, have all the heat maps, all the BOMs, however, leave address planning to chance and you\u2019re hurting yourself and therefore the guys who help fix problems.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-1d5f64a elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"1d5f64a\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-33 elementor-top-column elementor-element elementor-element-69de23b\" data-id=\"69de23b\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-bc40436 elementor-widget elementor-widget-image\" data-id=\"bc40436\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/storage.googleapis.com\/stateless-mec-ph-storage\/2019\/08\/dab91c8e-screen-shot-2019-06-25-at-9.49.53-am-1.png\" title=\"\" alt=\"\" loading=\"lazy\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-66 elementor-top-column elementor-element elementor-element-63e9ca2\" data-id=\"63e9ca2\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-c5830f2 elementor-widget elementor-widget-text-editor\" data-id=\"c5830f2\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h3>Download Free\u00a0<strong>Aruba Resource<\/strong><\/h3><p>\u00a0<\/p><p>Get access to authentic content from one of the leading experts in the world from the Philippines\u2019 premiere technology provider.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6508e53 elementor-align-center elementor-widget elementor-widget-button\" data-id=\"6508e53\" data-element_type=\"widget\" data-widget_type=\"button.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-button-wrapper\">\n\t\t\t<a class=\"elementor-button elementor-button-link elementor-size-sm\" href=\"https:\/\/mec.ph\/products\/switching-and-routing\/aruba\/downloadable-aruba-resources\/\">\n\t\t\t\t\t\t<span class=\"elementor-button-content-wrapper\">\n\t\t\t\t\t\t\t\t\t<span class=\"elementor-button-text\">Download Aruba Resource<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Check out the impact of WiFi 6 and Aruba Networks<\/p>\n","protected":false},"author":5,"featured_media":37770,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"footnotes":""},"categories":[10,11,13,14],"tags":[186,1262,1264,2619,2675,2712,2713],"_links":{"self":[{"href":"https:\/\/mec.ph\/wp-json\/wp\/v2\/posts\/37766"}],"collection":[{"href":"https:\/\/mec.ph\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mec.ph\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mec.ph\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/mec.ph\/wp-json\/wp\/v2\/comments?post=37766"}],"version-history":[{"count":0,"href":"https:\/\/mec.ph\/wp-json\/wp\/v2\/posts\/37766\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mec.ph\/wp-json\/wp\/v2\/media\/37770"}],"wp:attachment":[{"href":"https:\/\/mec.ph\/wp-json\/wp\/v2\/media?parent=37766"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mec.ph\/wp-json\/wp\/v2\/categories?post=37766"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mec.ph\/wp-json\/wp\/v2\/tags?post=37766"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}