How to do vlans with physical nic's to AP's?
-
@JKnott said in How to do vlans with physical nic's to AP's?:
I've never heard of an AP with separate connectors for each SSID.
They don't
-
@johnpoz said in How to do vlans with physical nic's to AP's?:
They don't
I guess that's why I've never heard of them.
The only other thing is some APs support LAG.
-
@NogBadTheBad said in How to do vlans with physical nic's to AP's?:
All connecting to a single lan port on the AP, just wasting lan ports IMO.
And what else is on these vlans other than wireless.. If you do not understand the traffic flow, nor the amount of data then you can not say that it would be wasting ports..
I already went over 1 example where it was just AP and wifi clients and you could have a bottleneck with hairpinning your intervlan traffic down the same physical interface.
edit: they don't, change that to normally your typical AP they don't. But you might be able to have specific interfaces for specific vlans in this AP
https://inwall-hd.ui.com/edit2: Here is easy example to see where just couple of clients and 1 server could be a bottle neck on a hairpinned shared interface with vlans on it..
The UAP-AC-PRO is rated at 5ghz 1300 and 2.4ghz 450.. So lets cut that in half of the phy your at 650+225, for a total of 875... Which what a gig connection can carry... But now you hairpin it and now your bottleneck is your vlans sharing a uplink.
clients are in say vlan X, this rides uplink A, but so does vlan Y which is where the server they are moving data to and from... So now XY both flow over your single uplink reducing your overall bandwidth so now a bottleneck to what the wireless can actually do.
-
@johnpoz said in How to do vlans with physical nic's to AP's?:
@NogBadTheBad said in How to do vlans with physical nic's to AP's?:
All connecting to a single lan port on the AP, just wasting lan ports IMO.
And what else is on these vlans other than wireless.. If you do not understand the traffic flow, nor the amount of data then you can not say that it would be wasting ports..
Yup agreed but I was going from the subject of the post "How to do vlans with physical nic's to AP's?" and the fact the OP stated "3 networks, Main Lan, Guest, IoT. Guest and IoT use VLANs, 69 and 101 to be exact."
If there's a huge amount of data I'd LAG the 3 lan ports.
-
@NogBadTheBad said in How to do vlans with physical nic's to AP's?:
If there's a huge amount of data I'd LAG the 3 lan ports.
To what??? If the AP has only 1 port, how are you going to connect 3 to it. Are there APs with 3 or more ports that can be used with LAG? I've seen 2 ports. Of course, with Gb Ethernet, it won't take much to overwhelm what the WiFi side is capable of.
-
@NogBadTheBad said in How to do vlans with physical nic's to AP's?:
If there's a huge amount of data I'd LAG the 3 lan ports.
Suggested that as one way to skin cat yes, but using different interfaces as different uplinks for the different vlans is also an option.
Also jknott see my link there is a AP with 5 ports out by unifi..
Keep in mind that some of these AP will have 10ge, the highend AP from unifi have that as an option, or support 802.3bz etc... So then yeah your going to need multiple gig uplinks to your router to not be a bottleneck, etc.
-
@JKnott said in How to do vlans with physical nic's to AP's?:
To what??? If the AP has only 1 port, how are you going to connect 3 to it. Are there APs with 3 or more ports that can be used with LAG? I've seen 2 ports. Of course, with Gb Ethernet, it won't take much to overwhelm what the WiFi side is capable of.
To the LAN switch assuming that quite a bit of the traffic is non Wi-Fi.
Also if you think about it two of the vlans ( Guest & IoT ) should only be accessing the internet.
-
Then you're going to need 3 cables to the switch, which funnel into 1 between the switch and AP. In the process, you've wasted 2 ports on the switch and 2 NICs on pfSense. It's just as easy to connect a VLAN to allow access only to the internet as it is to do the same with a NIC.
-
What - dude yeah your going to have to connect multiple nics to the switch and possible nics to the AP that support more than 1, or have a higher one..
This NOT wasting ports.. its using them - which is the whole freaking port of having them..
Splitting vlans across multiple physical interface is not rocket science or new.. Not sure what your not understanding..
should only be accessing the internet.
Says who? And what does that have to do with anything, maybe he has 10ge internet.. the OP asked a simple question.. He already got the answer he was looking for... If you think using more than 1 physical interface is wasting them... Then sure you use 1.. And run your 27 different vlans over that 1 interface..
-
@JKnott said in How to do vlans with physical nic's to AP's?:
Then you're going to need 3 cables to the switch, which funnel into 1 between the switch and AP. In the process, you've wasted 2 ports on the switch and 2 NICs on pfSense. It's just as easy to connect a VLAN to allow access only to the internet as it is to do the same with a NIC.
The OP has two access-points, so effectively you could have more than 1 Gbps flowing over the Wi-Fi if there are clients on both access-points if you LAG.
-
@johnpoz said in How to do vlans with physical nic's to AP's?:
This NOT wasting ports.. its using them - which is the whole freaking port of having them.
Does he have a LAG AP? I got the impression he might be using a switch to combine the 3 into 1. I also get the impression the OP is a bit weak on VLANs. Is he familiar with LAG?
-
^ exactly... I have 3 AP all at gig.. And multiple clients on different vlans across different AP... So why should I bottleneck them by only uplinking those vlans via 1 gig interface.
-
@JKnott said in How to do vlans with physical nic's to AP's?:
@johnpoz said in How to do vlans with physical nic's to AP's?:
This NOT wasting ports.. its using them - which is the whole freaking port of having them.
Does he have a LAG AP? I got the impression he might be using a switch to combine the 3 into 1. I also get the impression the OP is a bit weak on VLANs. Is he familiar with LAG?
You can't LAG the Ubiquity AC-PRO the second LAN port is for daisy chaining additional APs.
-
Lagg was brought up as an OPTION for uplinking to from his switch to router if he wanted to go that route, nothing more - it was a discussion point.
-
Thanks all.
Think I'll use the NICs for each vlan. No point having them if I never use them. Might as well make use of what is already there and available to me.Also my APs are already using LAGG just fyi
-
What exact access points do you have.. I was not aware that the Pro's for example that do have 2 interface could leverage them as a lagg.
-
You should not even sweat it until the single gig link to your switching is like 500Mbit sustained when you're busy.
When that happens make a 2x1G lagg to your switching. When you are at about 1200Mb sustained make a 3x1G lagg to your switching.
My guess is you will never even get close to 500Mb sustained.
You want to be able to put any wireless network (VLAN) on any AP so attaching the APs directly to router ports makes zero sense. LAGG to your switches and connect your APs to those.
-
As already stated lagg is another way to skin the cat, but sometime $40 smart switches that do vlans don't support lagg ;) Also with lagg your never sure which physical path traffic will take. So it is possible for intervlan traffic to hairpin over the same physical path. Which is not possible when you split your vlans across multiple uplinks.
Again you prob not have to worry about it and you could just use the single uplink with your vlans on it.
Derelicts lagg solution is common practice yes.
-
One other point that seems to be missing is how much bandwidth is actually needed. If most of the WiFi traffic goes out to the Internet, then all that bandwidth between the AP and router won't do much good, if the Internet connection is only 100 Mb or so.
-
@johnpoz I have the Unifi AP HD's.
They have 2 ports for LAGG and I've already set this up with my Unifi switches.https://unifi-hd.ui.com/ - For reference.
Devices > UAP HD > Config > Network > Port aggregation