- What does Cisco have against Quebec?
- Attrition.org nails another nitwit
- Diary of a deliberately spammed housewife
- Seven cloud-computing security risks
- 20 great Windows open source projects
News | Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
Aruba Wireless Networks last week released software for its wireless LAN controllers, featuring changes designed to simplify administration of large-scale networks.
The new features let the powerful Aruba Mobility Controller take on additional tasks. First, the software simplifies the assigning of IP addresses for many mobile users through a technique called virtual LAN pooling. Second, it offloads authentication traffic from back-end RADIUS servers, minimizing the load on those servers.
VLAN pooling is Aruba's attempt to make VLAN administration and IP addressing on WLANs simpler for network professionals. Today mobile users log on and are assigned to a VLAN with a set of allocated IP addresses. Users moving to other wireless access points on different subnets need new IP addresses.
To assign new addresses using a traditional VLAN structure - especially for environments with many mobile users - is a painstakingly complex process, says Keerti Melkote, Aruba's co-founder and vice president of marketing. Aruba's software abstracts VLAN assignments from the switches and routers on the wired network, and the WLAN controller manages the entire process.
That's just what the University of Calgary, in Alberta, Canada, discovered as it deployed an Aruba-based campuswide WLAN. At one point, 600 students with wireless laptops might get online in a big auditorium, says Dean Berschl, senior security analyst with the university's IT group. Previously Berschl would have to guess how many students might be in the room and then preassign enough IP addresses in enough subnets.
Preallocating the right number of addresses to the right number of subnets in the right locations "becomes a managerial nightmare," Berschl says. With VLAN pooling as part of Aruba's software, the nightmare goes away.
"If I expect 5,000 wireless users on campus, I can simply assign 5,000 IP addresses divided up among the appropriate number of subnets, in this case 20, to cover all the users," he says. "The Aruba controller goes through that pool of subnets, assigning addresses on a round-robin basis [as each user logs in]."
"If we didn't have VLAN pooling, our network would be much more complex administratively," Berschl says.
The second Aruba update, dubbed AAA FastConnect, lets an Aruba controller's onboard encryption processor take over processing a big chunk of the 802.1X authentication traffic to and from a back-end RADIUS server. In the past, when a wireless user connected to an access point, the authentication process exchanged a set of messages - including sending the encryption key - directly between the client device and the RADIUS server, with the controller simply passing messages back and forth.
Rss FeedRss Feed
3com 5500g is really very fast! - Anonymous
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Comment