Maximum DHCP count

BenVanThom
Here to help

Maximum DHCP count

At the moment we can only use a VLAN size of /19 with DHCP. Is it intended to improve the DHCP?

 

If not, what would be the solution?

7 Replies 7
BrandonS
Kind of a big deal

That’s a lot of clients. What is your application that is using up 8000 addresses? How long is your lease?
- Ex community all-star (⌐⊙_⊙)
PhilipDAth
Kind of a big deal
Kind of a big deal

Are you lucky enough to have an MX450?  As that is the only MX rated to handle that handle clients.

 

If this is for handling WiFi guest access then you could consider using NAT mode on the SSID.  This hashes the users MAC address to form a DHCP address, so can scale to client counts that large.

NolanHerring
Kind of a big deal

Does the MX actually cap the size of a scope you can create? Never tried anything larger than /21.

 

@PhilipDAth Are you referencing the recommended client count?

 

Not entirely certain how much I trust that because the MX84 says '200', which seems really low. I use the MX mostly as a firewall for the guest SSID to terminate to (so that we can do a non-routed VLAN vs NAT because roaming etc.) at our sites, with its own dedicated ISP.

 

What I look at more often is the throughput capabilities and go from there.

 

I usually default to a /21 for the MX to hand out DHCP for guest users (its only job really other than sending them out the internet).  While this 'seems' high since /21  = 2k client count. I use it more as a deterrent for DHCP leases not being exhausted, not because we actually have 2k active clients connecting.

 

I set lease time to 4 hours. On average we might have around 300 to 500 active clients, but wireless works fine, WAN utilization rarely goes over 400Mbps (this specific circuit is 500Mbps), but every now and then it does (which is fine, just means its being used).

 

However right now it says there is around 750 clients on the DHCP table, (right now only 370 active). I 'could' use a /22 but it is getting a little close for comfort for the table to run out and its just a simple fix to me to avoid that by making it a /21.

 

CPU utilization has not gone over 25% from what I've seen (daytime usage).

 

222222222.JPG

 

**EDIT - I have top site content filtering enabled, but no AMP/IPS or any other fancy features (FYI).

Nolan Herring | nolanwifi.com
TwitterLinkedIn
BrechtSchamp
Kind of a big deal


@NolanHerring wrote:

Does the MX actually cap the size of a scope you can create? Never tried anything larger than /21.

No it doesn't, but it does display a warning when you do in the DHCP section, each time you "Save settings":

warning_DHCP_size.PNG

Confirming that means that you'll effectively use the larger subnet, but the DHCP server will probably only hand out addresses from a smaller /19 pool. No issues with that apart from the fact that you'll likely have a large part of your subnet unused.

 

Edit: And possibly running into performance issues of course.

NolanHerring
Kind of a big deal

Ah ok, well that that clears things up. In my mind I would read that as /19 being the max in reality, so don't go larger. Thanks for checking !
Nolan Herring | nolanwifi.com
TwitterLinkedIn
PhilipDAth
Kind of a big deal
Kind of a big deal

>@PhilipDAth Are you referencing the recommended client count?

 

Yes.  I have had one client I was called in to help.  They were using a client count much larger than on the specificatoin sheet, but had an Internet circuit smaller than the throughput stated - but could not use it all up.  The MX simply ran out of CPU punch.

 

Aaron Willette has written an excellent sizing guide.

http://www.willette.works/meraki-mx-sizing/

BenVanThom
Here to help

I saw more than 7000 clients yesterday on 2pm. But I use more than one VLAN. So my question is, why doesn't work this in a single VLAN?

 

Screenshots from a MX250.

 

Unbenannt2.PNG

Unbenannt.PNG

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels