[Kea-users] Will v1.2 Support Massive Amounts of Subnets?

Joe Nelson josephnelson at gmail.com
Wed Sep 14 21:26:54 UTC 2016 

We looked at private VLAN's initially and it would definitely be a
more elegant solution.  At the time we did our testing it didn't look
like our wireless gear was going to play nice with the private VLAN's.
I wonder if I should re-visit that though.

Joe

On Wed, Sep 14, 2016 at 12:18 PM, Hugo Slabbert <hugo at slabnet.com> wrote:
>
> On Tue 2016-Sep-13 13:25:09 -0600, Joe Nelson <josephnelson at gmail.com>
> wrote:
>
>> Hello, everyone.  I'm looking for some advice/help/suggestions.
>>
>> I work for a fixed wireless ISP.  We deliver a last mile connection to
>> our customers via a modified 802.11N or 802.11AC device (Ubiquiti).
>> We're working on an entirely new network topology that relies on
>> having a single VLAN per customer. Each VLAN will have a /29 of
>> private IPv4 or /30 public IPv4 and a /64 of IPv6 space. Without this
>> VLAN setup, all customers on a wireless access point would be in one
>> broadcast domain which is not acceptable to us.  In addition, the
>> individual VLAN's provide other benefits that are specific to a
>> wireless network.
>
>
> This may have floated already, but what about private VLANs?  Restrict
> direct inter-user access at L2, but still permit you to slice the VLANs
> based on capacity (i.e. more than a single VLAN per AP if that would be too
> large a broadcast domain, but less than 1 VLAN per customer) rather than
> requiring a single VLAN per customer.
>
> That may create its own set of challenges, though?
>
>
>> The problem I'm having is finding a DHCP server to hand out addresses
>> to so many VLAN's - and to configure it on the fly.  My idea is to
>> have DHCP relay enabled on the router at each site and a pair of DHCP
>> servers at the head end listening on anycast IP's.  The relay would
>> set option 82 with the appropriate router and VLAN information that
>> the DHCP server can use to classify the customer with.  Each time a
>> customer is provisioned, a new network/pool would need to be created
>> for their VLAN.  I would need to be able to load a new network/pool
>> into the server without manually editing config files or reloading the
>> server.  I'm not at all interested in tracking individual hosts since
>> these are end customer devices and can change without our knowledge, I
>> just need to configure the subnet per VLAN.
>>
>> I've been watching Kea for some time now and I believe that this will
>> be able to be done in the 1.2 version that's scheduled for (hopefully)
>> later this year.  Specifically, ticket 4285
>> (http://kea.isc.org/ticket/4285) seems to reference an API for
>> subnets.  Am I correct in understanding what this new API will do?
>> Also, how well will this scale?  We currently have approximately 9000
>> customers and provision about 20-25 new customers per day.  I don't
>> doubt that the server could handle the number of leases, but I don't
>> know if having everything split into so many subnets would affect
>> performance.
>>
>> Thank you,
>>
>> Joe Nelson
>> Senior Network Engineer
>> Utah Broadband
>
>
> --
> Hugo Slabbert       | email, xmpp/jabber: hugo at slabnet.com
> pgp key: B178313E   | also on Signal

More information about the Kea-users mailing list