I'm making some big changes to the LAN that will affect how our APs and ZoneDirector are configured. I'm at the planning stage so nothing is set in stone yet. This is what I would like, not necessarily what I'll end up doing.
We have a large site, about 200 acres, each building or open area has it's own subnet (about 12 subnets). APs have the ZD's IP set static. The APs get a local management IP address via DHCP and connects back to the ZD over the Layer-3 (routed) network. I'll need to have 3 or 4 SSIDs that ultimately need varying levels of security, I'll call the SSIDs LOW, MID, HIGH, and GUEST. I'd like to keep the number of WLAN subnets down and keep the same vlan on the SSID regardless of which LAN switch it is serviced through.
So two wireless clients who are relatively close and on the same SSID could be in different subnets, this wouldn't be a problem. But if a client roams from one subnet to another it would need to renew it's IP and some of our applications will not survive this. So how do I get around this? I've worked with other products that solve this issue by using L3 tunneling between APs and the controller so the wireless client can retain it's IP even when that subnet isn't directly attached to it's current AP. Of course this add to the LAN traffic on the APs and to the mesh traffic on APs that aren't root. Most of the security would be ACLs not vlans or subnets.
What are my alternatives? Am I over thinking this? Will it tunnel the L3 traffic? Is the extra traffic too little to be concerned with?
Thoughts?
Thanks
