02-09-2016 11:47 PM
Hi Experts,
How does ISE count the total number of NAD?
[Condition]
There are 10,000 switches as NAD in the network. These NAD's ip are within 10.10.0.0/16. ISE's configuration of Network Device List is only one record with ip address range like 10.10.0.0/16.
Does ISE count 10,000 NAD though the configuration is only one record?
Thanks in advance.
Best regards,
Makoto
02-10-2016 05:53 AM
Adding an entire /16 range will count as 65,536 Network Devices - in theory.
There are no hard-limits (licensing wise) with ISE. With that said, it is never recommended to add them in these bulk ranges - because it will can hurt things like CoA/SNMP queries/Shared Secrets, etc.
I.e.: if you go to change the shared secret, you have to change it at exactly the same time on all 10,000 switches.
-Aaron
02-10-2016 07:16 AM
Thinking out loud, 30K NAD limit (or recommendation) is probably based on number of records in the database. A /16 definition is still just one row in the database. Shouldn't that count as a single device as far as the 30k limit is concerned.
Thanks
02-11-2016 10:54 AM
Viktor, it's all about what's tested and therefore supported, too.
02-11-2016 10:58 PM
Hi Aaron, Viktor,
Thanks for your reply.
Customer may move some NAD to other locations, then these NAD has different ip address but these NAD has same address range. The total number of NAD is still 10,000. In this case, if ISE still has NAD's old ip address in database, the limitation(recommendation limit) will be reached in future. That's why I asked it. Don't I need to consider old ip NAD?
Regards,
Makoto
02-17-2016 12:36 PM
Each NAD can take multiple IP addresses so we may retain the same number of NADs with old and new addresses.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: