DD-WRT Linksys-n Enterprise Networking

2

2

I am the network manager and I have about 30 Linksys Wireless N routers positioned in different rooms at the campus I manage. The campus is saturated however when a user walks from one access point to another they lose connection and have to reconnect and lose all their current browsing data.

I want clients to be able to connect to one access point and when walking around campus stay online and not lose their data or require re-authentication. Also important, each router allows an entire room of computers to get on (20-25 clients).

A few of the routers have DD-WRT installed so I'm curious if it has some of this functionality already as buying more equipment at this point is not an option.

Is it possible to configure the Linksys-n (DD-WRT) routers to act like an Enterprise network?

I define an Enterprise Network as having the following criteria met:

load-balancing
not requiring reconnection between access points
Full possible campus saturation without issues (20 clients per AP)

Thanks in advance:

CoderWalker

CoderWalker

Posted 2012-08-01T02:47:56.100

Reputation: 21

Are you using 802.1X authentication (WPA/WPA2 "Enterprise"), or just WPA/WPA2 "Personal" (a.k.a. "PSK")? – Spiff – 2012-08-01T03:42:46.750

Answers

5

So you're trying to create an enterprise-class roaming Wi-Fi network with consumer-class gear, is that it?

To create a roaming network, make sure all the APs are publishing the exact same SSID, with the exact same security mode (ex: WPA2 Personal, AES-CCMP only), and the same if you're using PSK/Personal, the exact same key. Make sure adjacent APs are on non-overlapping channels (in 2.4GHz, channels 1, 6, and 11 don't overlap).

Make sure they are all in bridge mode, all connected to the same Ethernet LAN. Make sure you have a single DHCP server on that Ethernet LAN. If your LAN needs NAT, make sure you have a single NAT gateway for the whole Ethernet LAN. I'm basically saying don't have each AP do NAT and DHCP service; have one box do it once for the whole LAN.

Clients should automatically roam when the signal strength on the current AP gets weak, and there's another AP publishing the same SSID and same security mode whose signal strength is significantly better. The 802.11 spec leaves roaming decisions up to the clients, and doesn't specify an algorithm for determining when to roam; that's left as an implementation detail, so every client vendor does it differently. Some clients do a good job of smoothly roaming from one AP to another to keep the best data rates. Other clients are terrible at roaming and never really roam until they are so far from the original AP that they completely fall off of it.

Load balancing is hard to achieve with consumer-class gear, because the 802.11 spec doesn't really address load balancing (some more recent addenda to the standard help address this, but those technologies are not widely deployed). It's up to each client implementation to pick which AP to join, and it's hard for a client to know how loaded a given AP is, so most client implementations just join the AP with the strongest signal that's publishing the SSID the client wants to join.

Enterprise-class APs provide proprietary load-balancing methodologies based on doing tricky things behind the scenes, like kicking off clients or not letting them join APs that are too loaded, even going as far as making the most-loaded APs not respond to Probe Requests, so the least-loaded APs are the only ones that show up in scans.

By the way, you're not using web portal-based authentication, are you?

Spiff

Posted 2012-08-01T02:47:56.100

Reputation: 84 656

Thanks for the information thus far. :) It is a requirement to use iBoss on this campus. iBoss - [link]http://www.iboss.com/enterprise.html%5B/link]

– CoderWalker – 2012-08-01T14:43:46.530

Asked: 2012-08-01T02:47:56.100

Viewed: 1 256 times

Active: 2012-08-01T03:56:15.173