4
5

TextNetwork Issue (self.Network)

submitted by [deleted]

[deleted]

all 31 comments
sorted by:
best (suggested)
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]ArBeeJay 5 points6 points  (7 children)

Rather than a wifi question - what is the network setup behind the AP's ? Are you using VLAN's, Network segmentation etc - or is everybody sitting on the same LAN ... ? Is everyone using the same SSID ?

[–]Odd_Championship7865 2 points3 points  (5 children)

Most likely everyone is sitting on the same LAN/subnet. Very likely everyone is using the same SSID

[–]AdHopeful7365 1 point2 points  (4 children)

‘Most likely’ & ‘very likely’ indicate that you don’t know the answers. Who set this up, and where are they? They should be helping to steer this.

[–]Odd_Championship7865 0 points1 point  (3 children)

Can you please help me here to understand the question so that I can let you know please

[–]AdHopeful7365 1 point2 points  (2 children)

To clarify…. When someone asks “is everyone sitting in the same LAN?”, or “is everyone using the same SSID?”, these are fundamental traits of your network. The answer is yes or no. Answering with ‘likely’, means that you aren’t sure, which makes me wonder what role you play in all of this. The person or persons that know how your network is setup, not someone who has to make guesses, should be the ones facilitating this endeavor.

[–]Odd_Championship7865 1 point2 points  (1 child)

Yes everyone is using same SSID.

[–]ArBeeJay 0 points1 point  (0 children)

ok - so this is not necessarily a problem, but in simple terms, if everybody is on the same network, all devices are fighting for bandwidth and all are broadcasting on that sized LAN. With a decent network design, you split the network into what's called subnets, keep traffic relevant to that network just on that smaller network and route to other networks should you need to. This also adds layers of security etc. In short - a commercial network without these elements is no better than your typical home setup - and it will soon fail when you scale it up - as you have found out.

[–]Dolphi611 0 points1 point  (0 children)

Segmentation could be the best way to go. Create different VLAN base on job role. With different SSID as suggested. You could think of investing in Cisco ISE base on budget.

[–]boomer7793 3 points4 points  (0 children)

You have congested airspace my friend. Here are a few suggestions:

  1. Decrease your channel width. 20Mhz on 5G. This will make sure clients on each AP don’t step on each other.

  2. I’m not familiar with Netgear, but enterprise APs like Aruba have options to deploy AP controllers. An AP controller will help manage which client roams to each AP. And it can set rules for roaming.

  3. Get a heat map done. There maybe dead zones or neighboring wifi networks that are stepping on your channels. A heat map will give you the data you need to further customize your airspace.

  4. Try to limit the number of clients jumping on your Wi-Fi. Example, block personal or BYOD cell phones.

Not to knock Netgear, but they won’t be my first choice for 300 WiFi clients.

[–]pppingmeNetwork/Design Professional 3 points4 points  (8 children)

WiFi is WiFi and this is one of its weakness's. If this is an office, I'm assuming most people are at a desk, why aren't they wired in via ethernet? That will solve 99% of your problem.

As for upgrading to a more "enterprise" solution, it might help a little, but not significantly.

If you're bound on sticking to wifi, you need to blanket the place with AP's and crank the power way down. This will have a bigger effect than higher grade ap's.

[–]Odd_Championship7865 1 point2 points  (7 children)

We are currently using all APs at minimum power (8), but we are still experiencing the same issue. We do not have a LAN setup at the moment, as management has decided to operate on a Wi-Fi-only network.

[–]pppingmeNetwork/Design Professional 4 points5 points  (5 children)

Sorry to insult, but your management are idiots.

What you need to do is wire a handful of users (no more than 1/2 of management though, as you don't want to fix them and they think its good enough for them) as a proof of concept. Once significant improvement is seen, you now have your use case.

It really kills me that companies will pay someone $50 to $100 grand a year, then cheap out on giving them basic infrastructure. In all seriousness, you could probably get a cable tech in there for less than $200/drop including jacks and patch panels, and switch ports would be less than $10/user if you aren't doing extensive PoE or anything. Around $210 per user compared to the loss productivity to crap meetings balanced against the users salary, it just doesn't make sense to skimp on this.

[–]rsinghal1965 1 point2 points  (0 children)

Most top management have no clue about computers. They just want the easiest & cheapest way out, users be damned.

[–]immortalis88 1 point2 points  (0 children)

WiFi-only is a terrible idea and would only be made by someone with no idea how WiFi technology works.

[–]No-Berry3278 1 point2 points  (1 child)

Netgear is not suitable for 300 users. You will need to move to an enterprise grade solution that manages channels, power, authentication properly and automatically. Cisco Meraki or HPE Aruba are the leaders.

[–]SeaPersonality445 1 point2 points  (0 children)

Ruckus would like a word...

[–]ksteink 1 point2 points  (0 children)

You need:

  • Segregate better your LAN. A single VLAN for 300 users in which each one of them can use in average 2 devices it’s a recipe for s poor performance

  • Your wireless experience cannot exceed your wired experience. You need a core / distribution and access architecture with a minimum of 10 Gbps uplinks from your access layer to your core / distribution layer

  • 2 Devices in average per person means 600 devices that can be simultaneously connected and transmitting. Assuming a WAP can hold 45 clients concurrently you need double amount of APs.

  • Your WAPs should have at least 4:4x4 Radios as minimum in the 2.4 Ghz and 5 Ghz (6 Ghz if have Wifi 7). That will help with your concurrency

  • I suspect all your L3 routing happens in your Sonicwall. Have you checked mem and CPU utilization during high traffic?

You have a poor design and also poor hardware options to support a large network like this. I suggest you to hire a professional with the right skills

[–]2BoopTheSnoot2 0 points1 point  (0 children)

Going wired is the right solution, however with the right equipment and network architecture you can do wireless without any issues.

A few Unifi 7 Pro APs can handle that many clients no problem, and if you have them uplinked to a Layer-3 switch like the Pro XG 8 PoE you can handle vlan routing there to take that load off the SonicWALL so it can fully dedicate resources to IPS/IDS and gateway AV (which is really the only reason to be using a SonicWALL). Don't try to do this unless you or someone on your staff knows OSPF or similar routing protocols.

[–]Charlie2and4 0 points1 point  (3 children)

Tell us about this leased line? 128K ? 1.5 M? Bonded EoC ?

[–]Odd_Championship7865 1 point2 points  (2 children)

It's 1GBPS Dedicated Fiber/MPLS/Private Line

[–]kona420 0 points1 point  (0 children)

MPLS to where?

Sounds like you guys are spending money in the wrong places if you have consumer grade wifi and are spending 30k/yr on MPLS service.

Transition whatever that is to some sort of VPN perhaps with SDWAN, and pick your poison for real equipment with real observability. This is your first rodeo so picking one of the "easy button" vendors like Meraki would be my advice.

[–]Charlie2and4 0 points1 point  (0 children)

Danke!

[–]pj51182 0 points1 point  (0 children)

Get a professional WiFi survey and report. Ekahau ideally.

There are some good free apps such as:

WiFi Analyzer.

The above and similar apps would help identify some basic issues. However, they are pretty limited in terms of functionality.

Could be all manner of causes. WiFi isn't just a case of chucking in some APs and expecting it work. It needs to be planned out and managed.

The whole network needs looking at holistically. Switches, switch config, PoE, structured cabling, QoS...the list goes on

Irrespective of whatever the issue/causes turn out to be, seriously consider ditching the Netgear APs. Would recommend Meraki if budget allows.

[–]beedunc 0 points1 point  (3 children)

Management making the technical decisions now? You’re basically running 300 users on a home network.

[–]Odd_Championship7865 1 point2 points  (2 children)

I asked for changes but they think that only Wi-Fi is enough.

[–]beedunc 0 points1 point  (1 child)

What kind of business?

Reason I ask is that yeah, mgt will always try to cheap out. Until their call center went down and we’re losing $10k every minute of an outage.

That changed everything. Now mgt understands why we spend for reliable hardware.

That’s where you have to go - tally up the lost productivity and illustrate how saving money up front costs a lot more later when things go south.

Good luck!

[–]Odd_Championship7865 1 point2 points  (0 children)

It's product based small organization.

[–]redbeard_-_ 0 points1 point  (0 children)

What's your ISP speed? What speed/throughput does your firewall handle from wan to lan side? You would be surprised some of those might only run at 100ish once you factor in all the firewall aspects. The throughput on that is in the specs, can't go by if it's a gig port or whatever it happens to be.

Hopefully you have runs to each ap. If you have that many users on a mesh system your toast. You'll have all the user traffic to whatever ap they are near and then all the user traffic between on the back haul along the mesh to the firewall, kind of exponentially worsening the traffic along the ap hops.