Solved

2000 possible wifi connections, network design questions

Posted on 2013-01-30
7
287 Views
Last Modified: 2013-07-25
Hi experts, i have a question on network design.  I will be setting up a wireless network for some 2000 possible 5ghz wireless clients.  I will be bringing in a 100m pipe into the venue for the internet.  This will only be for internet access, simple browsing.  I have a FortiGate-100D router that i will use for the router and dhcp.  I have some netgear GS7487 switches laying around, so i want to used those.  I will be using Xirrus access points for the wireless.  Here is my question:  Would it be best that i create Vlans to break down the network?  I can create vlans on the switches and the router supports creating multiple dhcp scopes and vlan tagging.  Or would i be ok just making a class B /20 network and let it ride?
0
Comment
Question by:kabrutus
  • 3
  • 2
  • 2
7 Comments
 
LVL 20

Expert Comment

by:agonza07
ID: 38836545
2000 wifi connections is a lot. Here's the thing, windows machines are very chatty, so you usually don't want to put in more than 200 computers on one subnet.

The other thing to consider is security. Do you want your wireless computers to be able to see each other and talk to each other. Some people dont have a software firewall and they might expose their files.

Lastly, I would recommend you talk to Xirrus and try to get their opinion on designing this because of how many access points you are going to have to put up to give a good signal and bandwidth. They might even lend you an access point controller with a guest wireless feature. This would address your security and would allow your access points to be centrally and better managed.

You can try out a class B network and let it ride, but you'll get complications from just how chatty the network will be. If you divide the network into VLANs then you will run into issues with roaming if you use the same SSID.

You need to think this through a little better.I would suggest you go the access point controller way.
0
 

Author Comment

by:kabrutus
ID: 38836946
chatty is why i thought breaking it down to vlans would be best, but then the roaming issue comes in to play because it will need to get a new dhcp lease.  I'm not too worried about the security because i can set up the access point to create a walled garden and have it drop all station to station packets.  So if the source it wireless and the destination is wireless it will get dropped.  I have the access points and the central management software, that is not an issue.  i am looking for more back-end networking, not necessarily the wireless portion.
0
 
LVL 20

Expert Comment

by:agonza07
ID: 38837087
If you can do the walled garden, then I'd go with the class B network. That way you dont have to worry about the roaming, and having to dhcp renew.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:kabrutus
ID: 38837524
yeah, i was just looking for more info just in case i was missing something.
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 38841330
Yeah if you can block inter-client communication across the wireless network you can use a /20 network no problem.

For 2000 clients you'd need somewhere close to 66 APs +/- if you want to give them any kind of decent service (going on 30 clients per AP).  That's being nice.  If it was me I'd be looking at 20 clients per AP maximum.

This might be interesting...

http://www.xirrus.com/cdn/pdf/xirrus_solutionbrief_highdensity
0
 

Author Comment

by:kabrutus
ID: 38841812
@ craigbeck

thanks, i am very aware of the the Xirrus products, they are excellent.  I have used them many times for events like this.  I am looking for more back-end networking.
0
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 38843480
@kabrutus - which is why:

1] I posted a link to Xirrus' High-Density Design Guide.  Design guides (more often than not) suggest how best to design the access and distribution systems.

2] I suggested that you might not need to do any 'back-end networking' if the APs support blocking intra-client communication.

Point [2] would completely mitigate the need for creating smaller subnets and therefore relieves any complex network design, therefore you should determine whether this is an option or not before you get into the nitty-gritty of VLANs and routing.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article is a step by step guide on how to create a basic PTP link using Ubiquiti airOS devices. This guide can be used on the following Ubiquiti AirMAX devices. Nanostation, Bullets, AirBridge, Nanobeam, NanoBridge to name a few. Please review …
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question