Using VLANS for Access Points

[SurpriseSlayer1]

So I have a three access point network. Each AP will have a high volume of guest traffic. I want to be able to roam between the three access points as well. So I created one guest VLAN for all three access points. Will I get the same efficiency as I would if i created separate guest VLANS for each AP?

 

[failboat]

Every client is going to do some broadcasts. with only 3 AP it's not likely a big deal. you should probably have client isolation on a public guest network. this won't allow the broadcasts to go anywhere and be much more secure.

 

[SurpriseSlayer1]

Every client is going to do some broadcasts. with only 3 AP it's not likely a big deal. you should probably have client isolation on a public guest network. this won't allow the broadcasts to go anywhere and be much more secure.

Could you explain what you mean by “every client will do some broadcast”? Yes network isolation will be enabled

 

[failboat]

Every client is going to do some broadcasts. with only 3 AP it's not likely a big deal. you should probably have client isolation on a public guest network. this won't allow the broadcasts to go anywhere and be much more secure.

Could you explain what you mean by “every client will do some broadcast”? Yes network isolation will be enabled

broadcasts go to every client on the same bridge. when a new client connects it doesn't know the mac address of the gateway so it broadcasts. so you create the vlan on every access point the broadcast would go to every client on every access point. with client isolation each client can only communicate with the gateway. this also prevents people from trying to hack into other guests. unifi supports this.

 

[SurpriseSlayer1]

Every client is going to do some broadcasts. with only 3 AP it's not likely a big deal. you should probably have client isolation on a public guest network. this won't allow the broadcasts to go anywhere and be much more secure.

Could you explain what you mean by “every client will do some broadcast”? Yes network isolation will be enabled

broadcasts go to every client on the same bridge. when a new client connects it doesn't know the mac address of the gateway so it broadcasts. so you create the vlan on every access point the broadcast would go to every client on every access point. with client isolation each client can only communicate with the gateway. this also prevents people from trying to hack into other guests. unifi supports this.

Oh okay I understand what you are saying now. Thanks for your help!