Is it posiable to have an AP cluster serve different SM’s and only pick certian SM’s to connect as the same network?
Take for instance…
I have an AP that serves SM1, SM2, SM3, SM4, SM5, and SM6.
I want to only connect SM1, SM4 and SM6 into one network(ie they are branches and need to have the same network resources).
The others (SM2, SM3, SM5) are just customers that need internet access.
I guess the real question is can I provide Internet access to certian SM’s and others serve as a backbone with just an AP and SM modules?
Thanks in advance!
Jonathan
You can use the VLAN feature of the radios for this.
Is there a limit to how many SM’s can use the same VLAN?
I’m sure there is some type of theoretical limit…how many do you plan to have on one single VLAN?
9 different SM’s will need to connect through VLAN. But they will not be connecting on the same AP.
I will have 4 AP Clusters. The clusters will be connected with backhauls(don’t know what model or speed).
AP Cluster1 will have three of the SM’s connected to it.
AP Cluster2 will have one SM connected to it.
AP Cluster3 will have three SM’s connected to it.
AP Cluster4 will have two SM’s connected to it.
Does this work, or is this not a feasible situation?
Jonathan
Let me also say I might have a customer the needs more than 9 in one VLAN. I am just courious as to what the limit is…
Jonathan
I don’t see any reason why this would not work. My experience with Canopy and VLAN’s is limited. I have tested them on the bench with (2) SM’s connected to (1) AP. All the tests that I conducted worked.
Maybe if Canopy Support sees this post they can respond with a limit value.
Thanks for your input.
I was looking on the Forums last night and found some more on VLANS. Do you have to have a CMM and/or am managed switch to create VLANS?
This is the first time that I have ever heard of VLANS. Is this something proprietary to Motorola or is it a term used in relation to managed switches?
I deal alot with small networks but I have never delt with a network that has managed switches.
If some one knows the limit to how many SM’s you can have on a VLAN it would benefit me alot!
Thanks for the great input!
Jonathan
Is your Canopy network used strictly to connect multiple locations together, internet, or for both? If you are simply connecting multiple locations together then the VLAN feature should work perfectly.
VLAN is not proprietary to Motorola. It is a feature that is usually implemented in switches to provide an extra-layer of security and broadcast control to devices connected to the switch. I am not an expert by far, but I know a little-about-a-little.
The way Canopy implements VLAN is more or less at the radio-level. Suppose you have (1) AP with (6) SM’s connected. Let’s say that (3) of those SM’s belong to Customer-A, and the other (3) belong to Customer-B. You do not want Customer-A to be able to see Customer-B and vice-versa, and you also do not want any broadcast traffic generated by either customer to be seen by the other customer.
So, you would place SM’s 1,2,3 on VLAN-10 and SM’s 4,5,6 on VLAN-20. Suppose Customer-A SM #1 needs to send data to SM #2. As soon as that data hits the Ethernet interface of SM #1, a VLAN-ID is added to the data packet. This packet will arrive at the AP, the AP will look to its VLAN table and see that it is indeed supposed to forward packets that contain a VLAN-ID of 10, and it will forward it on. Now, I “believe” that ALL SM’s connected to this AP will “see” this packet (including Customer-B) however only SM’s that are members of VLAN-10 will be able to actually process the data.
The way I tested it on the bench is as follows.
(1) AP
(1) SM - VLAN # 10
(1) SM - VLAN # 20
Both SM’s terminated into Windows PC’s with IP addresses on the same subnet. Before I enabled the VLAN, both could talk, ping, etc.
Enabled the VLAN feature on the AP and the SM’s, they could no longer talk which is what is supposed to happen. I then put them on the same VLAN, they could both talk again, which is good. Put them back on seperate VLAN’s, no talk, good.
Great!
This is exactly what I needed!
But just one more thing…
If I were to have more than one AP, say AP1 has SM1 connected to it and AP2 has SM2 connected to it (the SM’a are in opposite directions of the tower which has the AP’s mounted on).
Both SM1 and SM2 are on the same VLAN (VLAN #10)
Would an unmanaged switch (connecting both AP’s togeather) be able to connect the two SM’s or would the switch have to be able to recognize the packet header(a managed switch) and the forward it on to the appropriate AP then on to the correct SM?
Thanks
Jonathan
To answer the first question of your last post.
I am primarily targeting customers that need T1 replacement to X number of branches for their organization.
I do not know if I need to explore Motorola’s E1/T1 device for this. Some customers might have VOIP requirements and I have head you either need to do strictly VOIP or Data and not both at the same time for performance issues.
If along the way I find a community that needs internet access I would have both VLANS user and internet subscribers on the same equipment.
Thoughts?
Thanks
Jonathan
We run vlan for branches quite extensively, the biggest we have is an 8 branch vlan, but soon looking to get a 15 branch. No problems.
If you imagine currently by default everyone is on VLAN 1 so I guess you don’t really need to worry about the limit of vlan.
CMM is a manged switch and if you use that to connect your AP togetther then no problem. If you are using a thirdparty switch then as long as they support 802.1q standard you will have no problems. Just be careful if you are working with a cisco switch, its a bit more intelligent and will require more configuration. You will not have any problems with an unmanaged switch aslong as it supports the VLAN (its an easier and safer way of doing it)
If I do not use a managed switch or the CMM, where does the VLANs get created?
At the AP/SM or one of the two?
If the AP/SM are capiable of this would this be a good idea from management stand point(ie would I have to connect directly to each SM/AP to reconfigure 1 or all VLANs)?
Thanks
Jonathan
Take a look at an SM and its VLAN options. The “Untagged Ingress VID” parameter is where you enter the VLAN ID that you want this radio to have. Specifically this paramater will “tag” any previously “untagged” packets arriving at the SM’s Ethernet interface. So if a packet is leaving the SM and it is untagged, the SM will add whatever is configured in this parameter to the packet.
You have to be careful with the “Management VID” parameter. Whatever you enter for this value is checked when you attempt to view the web-based GUI of the radio, and only devices with this VID can view the GUI. For example, if you configure an SM to be on VLAN 20 and the “Management VID” is defaulted to 1, and you have a direct Ethernet connection to the SM using an unaware NIC that does not tag packets, you will not be able to view the interface. The SM is looking for a device on VID 1. If you have a VLAN aware NIC, then you could configure it to tag all outbound packets with VID 1, then it should work.
The recommended way to do this from a management point of view is to keep all your AP and SM Management VID set to 1. This way, the AP will be the device accessing the SM and since the SM is expecting a Managment VID of 1, this should work.
I’m no expert but this is the extent of my understanding with Canopy and VLAN. Hope it helps.
I sure do appericate all your input. Looks like that next step is to set up a test site and just play with it.
Once again thanks for the info.
Thanks
Jonathan
No problem.
There is two size limits to the VLAN implementation. The first is the number of VLANs recognized by any 802.1q aware devices (switches or NICs). So far I have not seen any gear that will support anything more than 4096 unigue VIDs. The other limit is just the subnet you are using - same as networking without VLANs. You can only have devices talking within a VLAN that are on the same subnet (unless you have something routing between the subnets or VLANs).
Also, although the CMM Micro has been called a managed switch it is only because one can turn PoE on and off and use SNMP with it. The managed switches that have been mentioned here are switch that do a lot more than that - including 802.1q tagging, untagging, ingress and egress filtering as well as a plethora of other features.
Legacy switches that do not recognize 802.1q tags will still pass the packets and build routing tables using the rest of the packet headers - but no filtering will be done. This means that you can have a normal switch between your APs and it will still pass VLAN tagged packets. At this point you are relying on the radios (both APs and SMs) to do the ingress/egress filtering.
One question I have is if you are providing internet access to some of the SMs, where is that coming from? Another SM in the network? Backhaul to the APs? Or wire-line to the APs? This will determine how easy it is to logically divide the traffic on your two applications.
Aaron
The field is open on where the internet connection comes from.
I had planed to bring the connection in through a BH and then bounce it from AP cluster to AP cluster as needed.
I would like to build the network the correct way from the start as to not to have to rebuild it several times during high subscription.
I have been taking a look at the PrizmEMS software. Is this software capable of controlling the VLANS and seeing what SM/AP’s belong to which VLAN? Is the software strictly just for detecting outages and logging purposes only?
Is the PrizmEMS software worth the cost, or is it just a fancy tool to see what is on the network?
Hate to keep adding questions (and stupid ones at that) but what is timing needed for and is the CMM the only device that can disperse timing for the canopy system?
Thanks
Jonathan
If you want to have one VLAN for internet customers and multiple others for customer who simply want a LAN extension then the point you bring in your internet connection will not matter and you shouldn’t need any special equipment. Should you want to provide LAN extension as well as internet connection to multiple customers and still keep all of this traffic separate you will need a router/gateway where the internet enters your network that will handle multiple VLANs into one physical interface (the NIC your Canopy network is connected to). I understand that there are many out there that will do this including a lot of Cisco routers. I have been using m0n0wall since the start so I don’t have any experience with others - perhaps someone else can chime in here with other ideas.
As far as PrizmEMS is concerned I do not know much about it. Although it is tailored specifically to Canopy radios it will also manage (?) othe network devices - maybe just monitor them. I have been using other products for a while (before PrizmEMS came out) and have been happy with them so I haven’t looked into it too much. I imagine others can give you insight into it’s capabilities. I do recommend having some sort of remote monitoring tools to keep an eye on your network. It is very handy to know when something fails without having a customer call you complaining - they like to hear that you are working on the problem if/when they phone in. 
In terms of the timing situation, so far the only thing I know of to bring timing into a cluster is the CMM (other than some custom wiring). The timing synchronizes all of the APs in a colocated cluster as well as close proximity APs. The keeps one AP from transmitting while another is trying to receive. It just keeps interference and desense out of your possible trouble list. I think it’s explained in more detail in the manuals.
Aaron