Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Best practices for wireless subnetting in high-rise buildings

Neekap
Comes here often
‎Sep 18 2023 5:41 AM
‎Sep 18 2023 5:41 AM

Best practices for wireless subnetting in high-rise buildings

Hey gang... We're replacing the existing wireless network in a 25-story building with a Meraki implementation and I'm scratching my head on how best to subnet this.

 

The building has a couple 'natural' breaks, with mechanical floors that won't have any wireless coverage.

 

My thoughts were:

  • Single /16 for the building (duplicating what we already have today)
  • /24 or /23 per floor
  • /22 or /21 per section of the building (top/middle/bottom), separated by those mechanical floors

 

The Broadcast Suppression and Control Technologies for MR Access Points article seems to hint that there may be enough intelligence within the APs to let me get away with a single wireless subnet for the building without causing too many issues with broadcast traffic, but I also ran across Wireless Layer 3 Roaming Best Practices, which leaves me with a few questions and potential pitfalls to this solution.

 

Say I opted to do a per-floor subnet, I know there's signal bleed through the floors so I'd run the risk of someone on the 11th floor connecting to a 10th floor AP and getting an address in their subnet.  But it sounds like if I allow the VLANs for each floor on the AP's trunk port, the client will be anchored to that original 10th floor subnet even if it roams to an 11th floor AP due to the tunneling between the Meraki APs.  This feels like a lot of administrative overhead for a 25-story building, though.

 

The other option I was thinking about was similar to above, but instead of per-floor wireless VLANs, I'd just chunk the building up into thirds with larger subnets.

 

My only hesitation with either of those two above scenarios is clients associating with the first floor APs in the building when they first walk in, and maintaining addresses in that subnet when they roam to other floors/thirds of the building via the stairs/elevators.  If I'm reading the article correctly, this would ONLY be an issue if they lost network connectivity for 30 seconds or less?

 

Curious to hear what others in my situation may have done, and how well that's worked out (or if your implementation created any unintended side-effects)

0 Kudos
Subscribe
2 Replies 2
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Sep 18 2023 1:40 PM
‎Sep 18 2023 1:40 PM

How many total devices are you expecting (or planning to allow) to connect?

 

Depending on the number of devices, I would either run with a single subnet for the whole building, or split the subnets into chunks above and below the mechanical floors.  Failing that, a subnet per floor and enable L3 roaming.

https://documentation.meraki.com/Architectures_and_Best_Practices/Cisco_Meraki_Best_Practice_Design/... 

 

If this is an apartment building, I would also consider using WPN, and making each apartment their a separate virtual network.

https://documentation.meraki.com/MR/Encryption_and_Authentication/Wi-Fi_Personal_Network_(WPN) 

 

 

0 Kudos
Subscribe
In response to PhilipDAth
Neekap
Comes here often
‎Sep 18 2023 1:59 PM
‎Sep 18 2023 1:59 PM

Purely a guess at this point since we have almost zero visibility into the current Wi-Fi environment.  Going solely off of DHCP statistics, I'd hazard a guess that we'll have about 1,500 or so clients but that will ebb and flow.

 

That first link you provided was one I referenced above.  We don't have any MX devices in our environment so if we go that route I'd need to use their 10 floor example as a starting point, but I'm not really seeing how much 'better' it's making the network by adding that complexity (even if I chunk up the building into three sections instead of floor-by-floor) versus using a flat /20 or /21 for the entire building.  I'd be worried that, although unlikely, clients might still roam from floor to floor while going up in an elevator and keep their original IP from the lower floor/section and we'd exhaust that address space while the upper floor/sections would be emptier.  Though I'm probably giving the coverage too much credit and that there won't be a 30-second period where the client would lose its connectivity.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.