search

socallinuxexpo / scale-network

SCaLE's on-site expo network configurations, wifi, tooling, and scripts
https://www.socallinuxexpo.org/
BSD 3-Clause "New" or "Revised" License
46 stars 19 forks source link

Wi-Fi MAC Address Count Monitoring & Alerting #776

Open MrHamel opened 1 month ago

MrHamel commented 1 month ago

Description

Document MAC address limitations of routers switch chips, which is important for usage monitoring and exhaustion alerting.

Belkin RT3200/Linksys E8450 - 2K MACs (https://repo.librerouter.org/misc/lr2/MT7531_switch_Reference_Manual_for_Development_Board.pdf) Netgear WNDR3800 - 1K MACs (http://realtek.info/pdf/rtl8366s_8366sr_datasheet_vpre-1.4_20071022.pdf)

Acceptance Criteria

Grafana monitoring and alerting of the 1K client threshold (lowest common denominator) in either building.

davidelang commented 1 month ago

see the option option 'enable_vlan4k' '1' to enable vlan ids up to 4k on the 3800s

David Lang

On Sun, 22 Sep 2024, Ryan Hamel wrote:

Date: Sun, 22 Sep 2024 14:35:42 -0700 From: Ryan Hamel @.> Reply-To: socallinuxexpo/scale-network @.> To: socallinuxexpo/scale-network @.> Cc: Subscribed @.> Subject: [socallinuxexpo/scale-network] Wi-Fi MAC Address Count Monitoring & Alerting (Issue #776)

Description

Document MAC address limitations of routers switch chips, which is important for usage monitoring and exhaustion alerting.

Belkin RT3200/Linksys E8450 - 2K MACs Netgear WNDR3800 - 1K MACs

Acceptance Criteria

Grafana monitoring and alerting of the 1K client threshold (lowest common denominator) in either building.

MrHamel commented 1 month ago

Please provide the documentation where it allocates more resources in hardware on the switch chip. Thanks!

davidelang commented 1 month ago

I misunderstood the issue and thought this was about the vlan ids, instead of the total mac addresses that the chip will keep track of.

As we are currently using the 3800s, this is not a problem because we don't have the wifi bridge VLANs going through the switch, they go over the uplink port which is connected directly to the CPU.

On the new APs, there is no option to bypass the switch.

The question is what happens when the mac table is overloaded.

  1. does the switch go into open mode, forwarding the packet to all ports? or
  2. does the switch dump some other MAC from it's table, possibly causing thrashing of the mac table (and a lot of arp traffic) or
  3. does the switch crash or otherwise become unavailable.

One work-around for this is to create a tunnel between the CPU on the APs and the router (so that the switch chips don't see the wifi mac addresses). In a discussion, Ryan mentioned a 'standard' way to tunnel layer 2, but mentioned that juniper devices as old as ours don't support it

the other thing would be to implement mobile IP addresses and route the wifi clients at the AP level, I believe this is still 'lab research' level of implementation.