IP Addressing for AP's connected to 4404 controllers?

Discussion in 'Cisco' started by DarkFiber, Apr 4, 2007.

  1. DarkFiber

    DarkFiber Guest

    Is there a pro/con, or best practice regarding the ip addressing for
    your AP's when having them connected to wireless controllers?

    Basically I am trying to decide if the AP's should just use the same
    VLAN and subnet as what the wireless clients will use, or something
    different?

    I know that part of the LWAPPs process for finding controllers depends
    on it grabbing a DHCP address which if you configure the switch port
    right for the AP according to the deployment guide you are setting the
    access vlan to that which your wireless clients will use. So the AP
    will grab DHCP from the client scope then broadcast out on that subnet
    looking for a controller.

    So far all seems fine and good, and I know you can change the IP
    address of the AP if you want once it is homed into the controller.
    But I simply don't know if there is a best practice regarding this.

    Leave the APs IP on same subnet/vlan as the wireless clients or move
    the AP's to a new one.

    Maybe I am over thinking this, and it really doesn't matter?

    I have two controllers at two main locations, each going to support
    about 15 AP's. Same SSID at each location and using PEAP.

    Thinking about basically allocating two class c's one for each
    location for the wireless clients and just do some reservations from
    each class c scope for the AP's.

    Also plan to use L3, not sure if that changes anything.

    What would be the negatives of doing things this way? Any suggestions
    or pros/cons would be appreciated.
     
    DarkFiber, Apr 4, 2007
    #1
    1. Advertising

  2. DarkFiber

    Thrill5 Guest

    First, you want your AP's to obtain a DHCP address from the subnet that
    wired connections are on. I see no reason to change the IP to an address
    that is on the subnet you have created for you wireless clients. Keep the
    wired connections on one subnet, and you wireless clients on another, and
    don't mix the two (if your troubleshooting a problem, the IP will tell you
    if its a wired device or a wireless one.) The only wired connection on your
    wireless subnet should be the WLC interface for that WLAN. On our network,
    each wiring closet gets two subnets/VLANs that exist ONLY in that closet.
    One for phones and the other for everything else. No subnets/VLANs span
    multiple closets. There are NO exceptions to this rule. (If you move your
    device from closet A to closet B, you get a different IP address, period.)

    There is no reason you should care what the IP's of the AP's are. When
    using a WLC, there is nothing to configure on them or to monitor. After the
    AP has connected to the WLC, all I do is set its name of the AP using our
    naming convention and I'm done. Why go through all the hassle of changing
    switch port configurations and assigning a different IP address when it
    doesn't buy you anything.

    If your AP's are on a different subnet than the management IP address of the
    WLC you will need to use either DHCP option 43, or use DNS to allow the AP
    to find the controller. I use DNS because it is simpler to implement. I
    just add a CNAME for the WLC management interface of
    "cisco-lwapp-controller.pcdomain.mycompany.com" and everything works great,
    where "pcdomain.mycompany.com" is the domain given out by my DHCP server for
    the subnet the AP's are on. Use DHCP option 43 only if your DHCP server
    supports it along with DHCP option classes. (When the AP boots up for the
    first time it does a DNS lookup of "cisco-lwapp-controller".)

    If you are using code version 4.0.206.0, be aware that there are issues if
    the default gateway of any of your WLC interfaces is an HSRP address. The
    AP's will loose connectivity to the WLC every 5 to 10 minutes for 30 seconds
    to a couple minutes. There is an engineering fix (4.0.207.0) available, or
    as a workaround you can use the actual IP address of one of the routers as
    the gateway address instead of the HSRP address. To get the engineering fix
    you will have to open a TAC case.

    http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCsh85278

    The first rule to follow in networking is the KISS principle (Keep It
    Simple, Stupid. and yes "stupid" refers to the person uttering it). If you
    can do it two ways, do it the simplest way. Simple doesn't mean
    EASIEST!!!!, it's the least complicated way to do you need to get done. To
    measure simple, ask yourself these questions... "which is simpler to
    configure, which is simpler to maintain, which is simpler to support, which
    is simpler to troubleshoot, which is the simpler topology, which gives you
    the simplest routing tables, etc" NEVER ask yourself "which one is simpler
    to implement"!! That leads to shortcuts, which generally come back to bite
    you in the ass sometime later. Remember that simple doesn't mean easy!

    Scott

    "DarkFiber" <> wrote in message
    news:...
    > Is there a pro/con, or best practice regarding the ip addressing for
    > your AP's when having them connected to wireless controllers?
    >
    > Basically I am trying to decide if the AP's should just use the same
    > VLAN and subnet as what the wireless clients will use, or something
    > different?
    >
    > I know that part of the LWAPPs process for finding controllers depends
    > on it grabbing a DHCP address which if you configure the switch port
    > right for the AP according to the deployment guide you are setting the
    > access vlan to that which your wireless clients will use. So the AP
    > will grab DHCP from the client scope then broadcast out on that subnet
    > looking for a controller.
    >
    > So far all seems fine and good, and I know you can change the IP
    > address of the AP if you want once it is homed into the controller.
    > But I simply don't know if there is a best practice regarding this.
    >
    > Leave the APs IP on same subnet/vlan as the wireless clients or move
    > the AP's to a new one.
    >
    > Maybe I am over thinking this, and it really doesn't matter?
    >
    > I have two controllers at two main locations, each going to support
    > about 15 AP's. Same SSID at each location and using PEAP.
    >
    > Thinking about basically allocating two class c's one for each
    > location for the wireless clients and just do some reservations from
    > each class c scope for the AP's.
    >
    > Also plan to use L3, not sure if that changes anything.
    >
    > What would be the negatives of doing things this way? Any suggestions
    > or pros/cons would be appreciated.
    >
     
    Thrill5, Apr 5, 2007
    #2
    1. Advertising

  3. DarkFiber

    t0 Guest

    On Apr 5, 3:54 am, "Thrill5" <> wrote:
    > First, you want your AP's to obtain a DHCP address from the subnet that
    > wired connections are on. I see no reason to change the IP to an address
    > that is on the subnet you have created for you wireless clients. Keep the
    > wired connections on one subnet, and you wireless clients on another, and
    > don't mix the two (if your troubleshooting a problem, the IP will tell you
    > if its a wired device or a wireless one.) The only wired connection on your
    > wireless subnet should be the WLC interface for that WLAN. On our network,
    > each wiring closet gets two subnets/VLANs that exist ONLY in that closet.
    > One for phones and the other for everything else. No subnets/VLANs span
    > multiple closets. There are NO exceptions to this rule. (If you move your
    > device from closet A to closet B, you get a different IP address, period.)
    >
    > There is no reason you should care what the IP's of the AP's are. When
    > using a WLC, there is nothing to configure on them or to monitor. After the
    > AP has connected to the WLC, all I do is set its name of the AP using our
    > naming convention and I'm done. Why go through all the hassle of changing
    > switch port configurations and assigning a different IP address when it
    > doesn't buy you anything.
    >
    > If your AP's are on a different subnet than the management IP address of the
    > WLC you will need to use either DHCP option 43, or use DNS to allow the AP
    > to find the controller. I use DNS because it is simpler to implement. I
    > just add a CNAME for the WLC management interface of
    > "cisco-lwapp-controller.pcdomain.mycompany.com" and everything works great,
    > where "pcdomain.mycompany.com" is the domain given out by my DHCP server for
    > the subnet the AP's are on. Use DHCP option 43 only if your DHCP server
    > supports it along with DHCP option classes. (When the AP boots up for the
    > first time it does a DNS lookup of "cisco-lwapp-controller".)
    >
    > If you are using code version 4.0.206.0, be aware that there are issues if
    > the default gateway of any of your WLC interfaces is an HSRP address. The
    > AP's will loose connectivity to the WLC every 5 to 10 minutes for 30 seconds
    > to a couple minutes. There is an engineering fix (4.0.207.0) available, or
    > as a workaround you can use the actual IP address of one of the routers as
    > the gateway address instead of the HSRP address. To get the engineering fix
    > you will have to open a TAC case.
    >
    > http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCsh85278
    >
    > The first rule to follow in networking is the KISS principle (Keep It
    > Simple, Stupid. and yes "stupid" refers to the person uttering it). If you
    > can do it two ways, do it the simplest way. Simple doesn't mean
    > EASIEST!!!!, it's the least complicated way to do you need to get done. To
    > measure simple, ask yourself these questions... "which is simpler to
    > configure, which is simpler to maintain, which is simpler to support, which
    > is simpler to troubleshoot, which is the simpler topology, which gives you
    > the simplest routing tables, etc" NEVER ask yourself "which one is simpler
    > to implement"!! That leads to shortcuts, which generally come back to bite
    > you in the ass sometime later. Remember that simple doesn't mean easy!
    >
    > Scott
    >
    > "DarkFiber" <> wrote in message
    >
    > news:...
    >
    >
    >
    > > Is there a pro/con, or best practice regarding the ip addressing for
    > > your AP's when having them connected to wireless controllers?

    >
    > > Basically I am trying to decide if the AP's should just use the same
    > > VLAN and subnet as what the wireless clients will use, or something
    > > different?

    >
    > > I know that part of the LWAPPs process for finding controllers depends
    > > on it grabbing a DHCP address which if you configure the switch port
    > > right for the AP according to the deployment guide you are setting the
    > > access vlan to that which your wireless clients will use. So the AP
    > > will grab DHCP from the client scope then broadcast out on that subnet
    > > looking for a controller.

    >
    > > So far all seems fine and good, and I know you can change the IP
    > > address of the AP if you want once it is homed into the controller.
    > > But I simply don't know if there is a best practice regarding this.

    >
    > > Leave the APs IP on same subnet/vlan as the wireless clients or move
    > > the AP's to a new one.

    >
    > > Maybe I am over thinking this, and it really doesn't matter?

    >
    > > I have two controllers at two main locations, each going to support
    > > about 15 AP's. Same SSID at each location and using PEAP.

    >
    > > Thinking about basically allocating two class c's one for each
    > > location for the wireless clients and just do some reservations from
    > > each class c scope for the AP's.

    >
    > > Also plan to use L3, not sure if that changes anything.

    >
    > > What would be the negatives of doing things this way? Any suggestions
    > > or pros/cons would be appreciated.- Hide quoted text -

    >
    > - Show quoted text -


    KISS as quoted, for support purposes, you do not want your
    infrastructure nodes on DHCP, set a range of fixed IPs and assign one
    to each AP/SW/RTR/FW/SRV/PRT, DHCP is for endpoints i.e PCs.

    peace
    t0
     
    t0, Apr 6, 2007
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?UG9naW5nQmFzdGU=?=

    Demoting Domain Controllers not connected to the network

    =?Utf-8?B?UG9naW5nQmFzdGU=?=, Jun 13, 2007, in forum: MCSE
    Replies:
    2
    Views:
    720
    =?Utf-8?B?UG9naW5nQmFzdGU=?=
    Jun 20, 2007
  2. Rainer
    Replies:
    2
    Views:
    2,820
    Rainer
    Sep 4, 2007
  3. bodomodo
    Replies:
    0
    Views:
    840
    bodomodo
    Sep 19, 2007
  4. bodomodo
    Replies:
    1
    Views:
    5,565
  5. Giuen
    Replies:
    0
    Views:
    1,182
    Giuen
    Sep 12, 2008
Loading...

Share This Page