Intranet Infrastructure
Wireless clients need the same TCP/IP configuration settings and connectivity as wired clients, but there are differences in how you should configure wireless clients because of their inherent mobility. For this reason, place your wireless clients on different subnets than your wired clients rather than have a mixture of wired and wireless clients on the same subnet.
Subnet Design for Wireless Clients
Creating separate subnets for your wireless clients provides the following benefits:
- Wired network components do not have to draw from the same pool of existing IPv4 addresses as your wireless clients.
- Wireless clients are easier to identify from their IPv4 and IPv6 address prefixes, which makes it easier to manage and troubleshoot wireless clients.
- Separate IPv4 subnets give you increased control over DHCP lease times.
- You can associate each of your physical subnets (both wireless and wired) with sites within Active Directory, which allows you to assign Group Policy settings to specific subnets.
- If all of your wireless APs are on the same subnet, your wireless clients can seamlessly perform network-layer roaming.
Network-layer roaming occurs when a wireless client connects to a different wireless AP for the same wireless network within the same subnet. For network-layer roaming, the wireless client renews its current DHCP configuration. When a wireless client connects to a different wireless AP for the same wireless network that is on a different subnet, the wireless client gets a new DHCP configuration that is relevant to that new subnet. When you cross a subnet boundary, applications that cannot handle a change of IPv4 or IPv6 address, such as some e-mail applications, might fail.
When creating an IPv4 subnet prefix for your wireless clients, consider that you need at least one IPv4 address for the following:
- Each wireless AP's LAN interface that is connected to the wireless subnet
- Each router interface that is connected to the wireless subnet
- Any other TCP/IP-capable host or device that is attached to the wireless subnet
- Each wireless client that can connect to the wireless network. If you underestimate this number, Windows wireless clients that connect after all of the available IPv4 addresses have been assigned through DHCP to connected wireless clients will automatically configure an IP address with no default gateway using Automatic Private IP Addressing (APIPA). This configuration does not allow connectivity to the intranet. Wireless clients with APIPA configurations will periodically attempt to obtain a DHCP configuration.
Because each IPv6 subnet can support a very large number of hosts, you do not need to determine the number of IPv6 addresses needed for the IPv6 subnet prefix.
DHCP Design for Wireless Clients
With different subnets for wired and wireless clients, you must configure separate DHCP scopes. Because wireless clients can easily roam from one wireless subnet to another, you should configure the lease for the DHCP scopes to have a shorter duration for wireless subnets than for wired subnets.
The typical lease duration for a DHCP scope for wired networks is a specified number of days. Because wireless clients do not release their addresses when roaming to a new subnet, you should shorten the lease duration to several hours for DHCP scopes corresponding to wireless subnets. By setting a shorter lease duration for wireless subnets, the DHCP server will automatically make IPv4 addresses that are no longer being used by wireless clients available for reuse throughout the day instead of leaving the addresses unavailable for days. When determining the optimal lease duration for the wireless clients in your environment, keep in mind the additional processing load that the shorter lease duration places on your DHCP server.
In this tutorial:
- IEEE 802.11 Wireless Networks
- Support for IEEE 802.11 Standards
- Wireless Security
- WPA
- Planning and Design Considerations
- Wireless Authentication Modes
- Intranet Infrastructure
- Wireless AP Placement
- Authentication Infrastructure
- Wireless Clients
- Windows Vista Wireless Policy
- Windows XP Wireless Policy
- Command-Line Configuration
- PKI
- 802.1X Enforcement with NAP
- Deploying Protected Wireless Access
- Configuring Active Directory for Accounts and Groups
- Deploying Wireless APs
- Configuring Wireless Clients
- Configuring and Deploying Wireless Profiles
- Maintenance for a Protected Wireless
- Troubleshooting Wireless Connections
- Network Diagnostics Framework Support for Wireless Connections
- Wireless Diagnostics Tracing
- NPS Event Logging
- Troubleshooting the Windows Wireless Client
- Troubleshooting the Wireless AP
- Common Wireless AP Problems
- Troubleshooting the Authentication Infrastructure
- Troubleshooting Certificate-Based Validation
- Troubleshooting Password-Based Validation