MX450 Maximum DHCP scope size (per VLAN and global)
I'm about to deploy a network for an event. We are expecting around 7,000 devices which will require an IP all of them on a single VLAN/subnet (it is a very large wireless network and we are expecting tons of roaming so using the MR on NAT mode is not an option) plus we will also need some other leases (size of /24) for other VLANs/subnets.
I know the DHCP on the MX can be configured with a maximum /19 scope which is fine with me, but I need to know if thats the max for a single VLAN or for the overall MX box.
Any one here whith experience deploying large DHCP scopes using the MX who could chime in with some experiences and gotchas that I may need to be aware.
If so, try and use MR NAT mode. It doesn't use a DHCP server under the hood - it creates a hash of the user's MAC address to form an IP address (so a specific MAC address always gets exactly the same IP address). Because of this, it is safe from DHCP starvation attacks, and can scale "real big".
ps. I just saw your comment about MR NAT mode (doh!).
With this you can use lots of subnets and VLANs. When a user roams to an AP outside of the current VLAN they get to keep their IP address - and the destination AP just unicast forwards the traffic back to the anchor AP and then it gets processed.
Depending on your physical topology, you could use 4 subnets/VLANs with 2048 host entries.
I think I would try using one of those tools that sends DHCP requests from random MAC addresses (designed for doing starvation attacks ...), and make sure you can allocate that many DHCP addresses without killing the MX450.
@javier_l we use the MXs with a /16 DHCP scope, that will of course only issue enough IPs to fill a /19, for the public Internet at each of our sites. Even an MX64 handles the scope, though we put larger units at the larger sites. The largest site we have dishes out up to 2000 IP addresses a day and that is currently using an MX84, but it was fine with the previous MX65.