Solved: WLC design ? - going from 1 master to multiple WLC

ddirksenump · ‎06-22-2010

OK I will try to be quick....

Currently we have 1 WLC 4402-50 controller (at our "non-critical" data center in the office). This WLC controls ALL access points at 9 locations, all connected to the office (with WLC) via 10-50mb qmoe links.

We have a problem in that since all locations share the same WLC one site can slow down the others especially when we distribute applications (a few of our sites have laptops 100% wireless, no docking).

Most of our distrobution bandwidth/issues surrounds the fact that all wireless at any location are on the same subnet and can't use the local distrobution servers at their location (on the local network) and have to go through and back on the WAN.

Our network team is telling us, that to rectify this situation we would have to spend 100k to put 1 controller at each location. This is too high for our boss to swallow, and I assume they are talking about adding more 4402-50s which I assume is overkill...

I assume we could use 44xx-6 at most locations which costs about 50% less but could there be other options? Can the 22xx series possibly work with the 44xx that we have for master/slave controllers even???? My boss would flip if we essentially threw away the 440x...

Needs:

1. Central control of both private secure ssid and limited open guest ssid (DNS redirector security)

2. Each location's wlan should ultimatly dump to the local lan before going through WAN (aka controller at each site)

3. SSIDs should still be universal from 1 location to the next so laptops can roam from 1 location to any of the others....

4. 6-8 APs at MOST, heavier usage is about 20 laptops at each location.

I unfortuneately am NOT a network/Cisco guy, just need some basic info to point our network team to cheaper solutions...

Thank you for your time.

George Stefanick · ‎06-22-2010

Hi Dan,

If i am understand your post correctly you are stating the fact of the slow data connectivity is due to 1 large broadcast domain. Then you may want to consider leverage your existing WLC and deploy AP groups. This will allow you to break up the wired side broadcast domains while keeping the same SSID intact. I created a video how AP groups work at the below link ... Youwill still have taffic going through and back again but not as large a broadcast domain as you currently have.

http://www.my80211.com/cisco-wlc-labs/2009/3/22/cisco-ap-group-nugget.html

If you want to dump on the local lan then you may want to consider HREAP with LOCAL switching as an option.

http://www.cisco.com/en/US/docs/wireless/controller/6.0/configuration/guide/c60hreap.html

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

View solution in original post

George Stefanick · ‎06-23-2010

Dan,

I have hreap depolyed at 30 different locations. It is pretty soild and will keep your traffic local. The thing you want to consider is if you use dot1x for your client authentication. The only thing that is sent over the wan link is traffic going out, controller managment traffic and dot1x authenications. So if you lose teh controller you will lose authenication..

If this works out you need to ask for a big raise! Please rate the post if this was helpful ... Thanks much

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

View solution in original post

George Stefanick · ‎06-22-2010

Hi Dan,

If i am understand your post correctly you are stating the fact of the slow data connectivity is due to 1 large broadcast domain. Then you may want to consider leverage your existing WLC and deploy AP groups. This will allow you to break up the wired side broadcast domains while keeping the same SSID intact. I created a video how AP groups work at the below link ... Youwill still have taffic going through and back again but not as large a broadcast domain as you currently have.

http://www.my80211.com/cisco-wlc-labs/2009/3/22/cisco-ap-group-nugget.html

If you want to dump on the local lan then you may want to consider HREAP with LOCAL switching as an option.

http://www.cisco.com/en/US/docs/wireless/controller/6.0/configuration/guide/c60hreap.html

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

ddirksenump · ‎06-22-2010

Hello and thank you George,

We don't really have slow connectivity per se... we just have problems when pushing larger apps (100mb) to all devices. Mainly because all wireless traffic crosses the wan. Where as for the lan, there are local servers at each site that provide the files for wired machines.

The hybred REAP option seems to be the solution, thanks for the link. I was floored when our network team said multiple controllers were the only option. I was sort of hoping for at least suggestions for cheaper small office controllers but the hybred REAP might be FREE!

George Stefanick · ‎06-23-2010

Dan,

I have hreap depolyed at 30 different locations. It is pretty soild and will keep your traffic local. The thing you want to consider is if you use dot1x for your client authentication. The only thing that is sent over the wan link is traffic going out, controller managment traffic and dot1x authenications. So if you lose teh controller you will lose authenication..

If this works out you need to ask for a big raise! Please rate the post if this was helpful ... Thanks much

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________