Broadcast suppression.

  • 1
  • Question
  • Updated 4 years ago
  • Answered
What is Aerohives approach If 200+ AP's were deployed in a flat network with one open user profile? How do you protect the network from excessive broadcasts? Expected number of devices 1200+ Single open SSID?

Hardware: Core Switch, Fiber backbone L3 POE Switches 121AP large campus environment.
Photo of Peter Mears

Peter Mears

  • 14 Posts
  • 6 Reply Likes

Posted 5 years ago

  • 1
Photo of Tash Hepting

Tash Hepting

  • 55 Posts
  • 29 Reply Likes
I would do a couple of things:

1. Make sure proxy-arp is still enabled (it defaults to on, so it should be)
2. I would map an IP policy to the user profile on which allows DHCP, but blocks broadcasts on the subnet. The "Guest-Internet-Access-Only" default policy is a good place to start, though you may want to customize it if the clients need to access anything besides just the plain internet.
Photo of Joel Satterley

Joel Satterley

  • 6 Posts
  • 0 Reply Likes
Hi, are there any recommendations around this scenario, i.e. for large broadcast domains on the Aerohive switches? Or should we just follow normal standards regarding this? Normally I would think a /22 or below would require splitting up.

I'm looking at a similar deployment size as the one mentioned and one much larger in a couple of months time and we wondered if the large broadcast domain would be an issue for the Aerohive switches.

I suppose if we are strict with the AP firewall rules that should help?