Whats the actual spec? # of client per router/wifi

[rsutoratosu]

So I have an office with 50 laptops, 50 android/iphone, 25 ipads and now 35 blackberry. Our blackberry have been disconnecting randomly to the wifi.

I googled and found there is like a max of 25-35 per AP.

We only have 2 AP and this is just internet hearsay. Is there a definite number or specs somewhere ? I need this white paper to increase the number of AP in the office.. can't just say oh you need x amount more AP. If its not a real spec. What can cause these blackberry to drop off wifi ?

 

[imagoon]

It varies based on the AP and the system implementation / local noise. I have found "10-15 / AP" works for office. 35 tends to be a nightmare even thought it might work sort of.

 

[spidey07]

Best practice is to keep it under 15 per AP for good performance, that is on 802.11n as well as a and g. Each and every client eats up bandwidth in managment frames constantly sent between AP and client, even if the client isn't doing anything.

The more clients you have, the more of your bandwidth is eaten up by management traffic = less thruput for all. At about 25 it gets to be unbearable.

The reason your blackberrys are having trouble is because they have very poor radios (all handhelds and tablets do). Along with only having only two APs.

There's no "real" specification on the maximum because then you're getting into the wireless design aspect of understanding what's the min thruput you want to achieve, what applications are running on it (voice, video, data) number of devices, etc. 15 is best practice. Will it work with 20 or 25 or even 30?

Yes, but not very well as you are experiencing.

Please tell me you have those 50 laptops wired, and that you have a good functional LAN the APs attach to.

As for good white paper see here. SRND from cisco on wireless.

http://www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps10981/design_guide_c07-693245.html

 

[gsaldivar]

There is no definite number (and if you find one, it won't be accurate for all situations) because of the differences in AP / wireless saturation as described above.

First, I would try switching off DHCP on your wireless routers (turning them into APs), and use a decent router to handle that (I use pfsense for high-density public access with good results). Also, try using multiple routers on non-overlapping channels (such as channels #1, 6, 11). Then monitor the status of the APs to see if the traffic is being distributed evenly. If not, change credentials on one of the APs and give the new password to only some of the users (instruct them not to share it). This will force some of the traffic to a different AP/channel. I'm sure you can accomplish the same things if you buy an expensive commercial router, but you'll have to spend thousands for that.

Good luck.

 

[RadiclDreamer]

I try to keep it around 10-15 clients per AP

 

[JackMDS]

I try to keep it around 10-15 clients per AP

+1 for regular use.

10 or less if there are legit heavy users on the node.

But it really a matter of price rather than pure numbers of APs.

Depending on the environment one new Wireless arrays can cover it all ( http://www.xirrus.com/Products/Wireless-Arrays.aspx ).

Look here at the 2nd segment 8:30 minutes into the show.

http://twit.tv/show/this-week-in-enterprise-tech/2

 

[spidey07]

+1 for regular use.

10 or less if there are legit heavy user on the node.

Properly designed wireless networks you will actually force a max client count per AP of 15. These are for really small cell sizes and a regular office building could have 100s of APs.

 

[greenhawk]

of course, if the AP's are set to the same channel or have interferance from someone else's AP, then getting much through them at all is unlikly.

 

[drebo]

Once you realize that wireless is functionally a shared medium (much like a hub) you'll start understanding why there is a max number of clients per AP. On a wireless network, there can be only one sender or receiver at a time. The more clients you have, the less time each of those clients gets to speak. With management frames constantly being required, if you have a significant amount of clients, sometimes those management frames will never get to be sent.

This is why proper design is to have a higher number of lower power access points.

 

[rsutoratosu]

So the office space is a rectangle shaped. About 30ft x 130ft.

Yes, all laptop are hardwired but when they go into meetings, they all undock. So at any random time, there could be 20 laptops on wireless. iPhone/iPad are personal devices, they're idle but still eats up an ip address and some sort of background data transfers.

Right now we have 2 apple thingys, sorry, someone put this in before I got here. Originally it was 1 wrt54g then switched to a e4200. It was 1 device in the center of the office so people at the end of the office has virtually no signal.

The 2 ap are set to roam, is this the correct term ?, basically same SSID on different channels and same password.

I guess one way to test is introduce a few more AP or introduce AP dedicated to blackberry ie setup 1 wifi and call it WiFi-Mobile and add a few blackberry to it and see if it still disconnects or not and either fully isolate the traffic between laptops to 1 set of AP and blackberry to another set of AP or just add more AP to the main wireless network.

 

[mammador]

Perhaps just have APs placed a quarter of the length of the room (so one every 30-32 feet).

This should be enough to cover all potential hosts, if there is a maximum of 20 nodes per AP. Another option may be to complement wired with wireless. It may be best to have specific wired/Ethernet workstations, and have access points for tablets, laptops, smartphones, etc.

As for the BB, it may be the NIC on the device, or the settings aren't configured properly (SSID/Network key). It could also be the radio on it is poor, since smartphone wifi radios aren't often as strong as laptops.

 

[TerryMathews]

Nobody's touched on the fact that the NAT table requires a certain amount of RAM per connection.

Depending on how many connection your "clients" open, the router may run out of RAM.

Usage is as important as the raw number of clients. Also keep topology in mind, if everything is fed through one gateway you could still have issues.

 

[Ghiedo27]

I thought NAT tables didn't use much memory unless you were running something like BitTorrent that opens a swarm of sessions.

Have you considered segregating the smartphone devices from the laptops? Laptops in the 5ghz range on 2-3 different routers and the smartphones on 2 routers running 2.4ghz? That leaves plenty of room for channel spacing unless you're getting interference from your neighbor(s).

 

[spidey07]

Access points don't have NAT tables. They are strictly layer 2 device.

 

[TerryMathews]

Access points don't have NAT tables. They are strictly layer 2 device.

How much do you want to bet the OP isn't using true APs but instead home wireless routers?

 

[imagoon]

How much do you want to bet the OP isn't using true APs but instead home wireless routers?

Minimal. People asking the question he is asking would be well aware that NAT would break any enterprise apps and use AP's or if really cheap, Routers converted to APs. He mentions laptops running in conference rooms which also indicates APs and not NAT routers.

 

[Ghiedo27]

Access points don't have NAT tables. They are strictly layer 2 device.

Sorry, I was kinda derailing. I didn't mean to imply anything regarding the OP's config.

How much do you want to bet the OP isn't using true APs but instead home wireless routers?

Even with soho routers wouldn't you bypass nat when you plug the AP into the network with the LAN port? The WAN port is the only port that's going to be a NAT outside port, right? Assuming you don't manually change it with custom firmware, anyways.

 

[TerryMathews]

Minimal. People asking the question he is asking would be well aware that NAT would break any enterprise apps and use AP's or if really cheap, Routers converted to APs. He mentions laptops running in conference rooms which also indicates APs and not NAT routers.

Sorry, I was kinda derailing. I didn't mean to imply anything regarding the OP's config.

Even with soho routers wouldn't you bypass nat when you plug the AP into the network with the LAN port? The WAN port is the only port that's going to be a NAT outside port, right? Assuming you don't manually change it with custom firmware, anyways.

Both of your points are valid, but I guess I read into the OP, that the owner/boss is a cheapskate and doing things on the cheap. Also that the OP lacks the knowledge to convince the boss of his opinion.

In my head I see a road runner turbo pipe into a home wireless router on one end of the office and a second router on the other end.

We really need more information about the setup. There can be a multitude off things wrong depending on the setup.

 

[Paperlantern]

The fact that the office allows 50 employees personal devices on the company wireless is one thing I see wrong here. That wireless is business, personal devices have no need to be connected to it. Knock off the handhelds and you'll be halfway to working well. We MAC filter, password protect, and hide our office wireless so the average user with iStuff can't just get a seat and start hogging up bandwidth with thier pandora.

 

[mammador]

In my firm (I'm not a network engineer, but it's what our IT Dept. does) there is a hidden staff wifi (hidden SSID) with full service functionality, and a guest wifi. Softphones and NAS can be accessed via the staff wifi, but not via the guest wifi. This way, visitors cannot get access to secure files.

I think a wireless only business is OK, but the issue here is careful placement of APs (and a large enough subnet to accommodate them, say a /19 or 20 to be scalable). I'll still stand by my earlier point, of complementing wired with wireless. it may seem unpopular to some staff, but maybe limit use of wireless hosts to managers, or generally those who need mobile internet access. Somebody who is generally desk-bound in a 40 hour week doesn't overly need a wireless host for his or her work, unless s/he brings a smartphone/tablet to work to browse in lunch or call their SO during the day or something.

Another option could be a closed 4G (if it's in your area) user group, so staff with selected phones/tablets can have unlimited Internet access for a regular fee by the firm.

 

[JackMDS]

Hidden SSID indicates that they are Not very sophisticated because it is useless as a real security measure.

In any case, the problem is that No matter what is done, Wireless when using Entry Level Wireless Routers/AP can not really be secured on Business level because the credentials on the Wireless devices can be easily revealed and duplicated onto other devices. And I mean easily with software that is available for free on legit mainstream download sites.

I.e., minimally savvy employes can get the info of their personal or business Network devices that they are allowed to use and "spoof" them into other devices.

That said there are sophisticated Corporate level hardware that can provide secure Wireless but it is much more expensive and thus many medium to small entities shy away from them and resort to silly deceiving solution like Hidden SSID.

 

[Paperlantern]

Hidden SSID indicates that they are Not very sophisticated because it is useless as a real security measure.

I had a feeling someone would say this. The intent on hiding is NOT, a security measure. It is simply hiding it from the everyday employee, who does not try to connect to what tey cannot see. It's a bandwidth saving step. NOT a security measure.

 

[VirtualLarry]

I always thought that when Windows 7 listed a WiFi network as "Other Network", that that was one with a hidden SSID. At least on my equipment, Windows 7 still picks them up.

 

[spidey07]

I know we're getting way off topic here, but if you think you'll be able to keep smart phones, tablets, non IS equipment off your wireless the business is going to over ride it. Bring your own device (BYOD) is coming, whether you want it or not.

Better to embrace it or get ready for it now instead of having to slam something in without planning.

Hiding the SSID? That will be found out and employees will all share it so they can get their phones on the wireless.

Using enterprise WPA2 with radius authentication? Employees will just use their credentials on their smart phone/tablet.

Using a pre-shared key? That WILL get found out and distributed no matter how much you try to keep it secret.

This also gets back to wireless capacity and performance planning, you're going to have to get used to the fact that you're going to have all these piss poor radios on wireless and design for the worst case device (a phone or tablet).

 

[TerryMathews]

I know we're getting way off topic here, but if you think you'll be able to keep smart phones, tablets, non IS equipment off your wireless the business is going to over ride it. Bring your own device (BYOD) is coming, whether you want it or not.

Better to embrace it or get ready for it now instead of having to slam something in without planning.

Hiding the SSID? That will be found out and employees will all share it so they can get their phones on the wireless.

Using enterprise WPA2 with radius authentication? Employees will just use their credentials on their smart phone/tablet.

Using a pre-shared key? That WILL get found out and distributed no matter how much you try to keep it secret.

This also gets back to wireless capacity and performance planning, you're going to have to get used to the fact that you're going to have all these piss poor radios on wireless and design for the worst case device (a phone or tablet).

The only surefire way is MAC white lists.

And that can still be gamed, but it's usually beyond the skills of most users.