On Sat, 6 Apr 2013, David Lang wrote:
On Sat, 6 Apr 2013, Matt Simmons wrote:
how large do you need to be fore this to break? I've done this at
conferences with over 2000 people, 40 APs across a large hotel. >There were
no signs of problems. I'm interested to learn what problems to look for.
Consider the case of a campus-type installation where a single company has
multiple buildings, and mobile users that roam between them.
I'm missing something as to why this would be a problem.
Yes, you have multiple building, but until you get to a lot of buildings, you
should be able to still bridge your wifi network between them. With multiple
buildings on one campus, you can run very high speed (1G or 10G ethernet)
between the buildings.
So, I had a couple of hours of solo driving tonight and started thinking
about this more.
Thinking about it, if your users are very mobile, I think it's probably better
to try and have everything bridged (tunneling things back and forth is extra
overhead.
But if you only have a few users moving between zones, shrinking the bridged
broadcast domain has value.
So then I started thinking what it would take to do this just with normal Linux
tools. when some proprietary tool has something useful, I like to think about
what it takes to do it for for free :-) and I think just about all of it is
available.
What I'm thinking is the following setup.
in each 'zone', you have a system that is your DHCP, gateway, etc box for that
zone (actually, you probably want this to be a HA pair)
setup each DHCP system to allocate IP addresses in a different subnet with a
different range. Then setup the DHCP systems to forward DNCP renewal requests
for the other ranges to the appropriate systems (this is the part I'm not sure
can be done with stock DHCP software)
Then setup tunnels from this box to the boxes in all the other zones.
Then for each zone, on the boxes for that zone, setup a bridge that has tunnels
to all the other systems, and an interface to the 'local' APs.
Use ANYCAST configuration techniques to configure the gateway IP for this zone
on the interface for the local APs, then on the far end of each of the tunnels,
setup that same ANYCAST IP, with it configured to forward all traffic to that IP
across the tunnel.
This way, a system will get a IP in the local zone, but if it moves to a
different zone, DHCP renewals will continue to work so that it keeps the IP it
has, and any traffic destined for the gateway will get picked up by the local
box and forwarded.
when the return traffic hits the gateway box, the bridging logic will figure out
if it should go out the local interface or over one of the tunnels to the other
systems
Does this sound like it would work?
Can stock DHCP software be configured to do this?
David Lang
_______________________________________________
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
