I recently installed a residential wireless hotspot solution in a student residence with ~150 users allowed to connect with 5 device, so 750 maximum hotspot sessions.
My config is based on 2x Mikrotik RB1100AHx4 for the routing/dhcp/hotspot part, and Unifi for the switching and wireless part (cf. attached schema).
I have two Gigabit FTTH WAN lines from two different ISP, and I wanted to maximize bandwidth but also provide HA, so I went to a VRRP based config (2 VRRP in load sharing mode).
I've splitted the wireless network with 2 SSID, and users have been told to register on both, so they can 'roam" when moving inside the (large) residence.
SSID XXX1 is tagged on VLAN 100, and SSID XXX2 is tagged on VLAN200, each VLAN being handled by a different router for load sharing and failover (each router can also handle both VLAN).
It works well, but I would prefer a similar solution with only one SSID.
I've tried, but with 2 different subnets there is an issue when users roam because they don't ask for a new DHCP lease (for the device it is still the same SSID, so the same network). Lets say user A connects to SSID XXX1, he his served by DHCP on router 1 in the subnet 172.16.0.0/22, Ip 172.16.0.10, gw 172.16.0.1. Now he moves on SSID XXX2, he is now handled by router 2, but keep its ip. As VRRP200 is in different subnet (172.16.4.0/22), client can't reach its gateway/network anymore.
In the other hand, if I keep only one subnet, one VLAN, I don't know how to tell to the DHCP server "give this client gateway A, this one gateway B". Maybe I could just put 2 DHCP servers on the VLAN, each one serving the same network but sending a different gateway, but I'm not sure it will works and load balance clients equally among both routers.
I precise that RADIUS MAC Auth on the DHCP server is not an option (I could have sent gateway via RADIUS attrs), because I authorize and authenticate users at hotspot level (login/pwd) and don't want to handle user's devices MAC.
Any idea to keep load sharing, HA and one one SSID?