1. WLAN 2.0
The death of the controller
Patrice PUICHAUD – patrice@aerohive.com
Confidential 2010
2. Key dates of WLAN history
802.11-1997 802.11g 802.11e 802.11k,r 802.11ac/ad
2.4 GHz 2.4 GHz QoS Radio mgmt, Wi-Fi Gigabit
2 Mbps LWAPP 54 Mbps WMM Roaming 6 GHz, 60 GHz
RFC 5412
1997 2003 2005 2008 2012
2001
1999 2004 2009
802.11a 802.11b 802.11i 802.11n
5 GHz 2.4 GHz Security 2,4 and 5 GHz
54 Mbps 11 Mbps WPA/WPA2 600 Mbps
WLAN 0.9 WLAN 1.0 WLAN 2.0
Autonomous Access Points Coordinated Access Points
Centralized Control (controllers) Distributed Control
WLAN 2.0 – The death of the controller 2 Confidential 2010
3. From WLAN 1.0 to WLAN 2.0
WLAN 2.0
Productivity - Client explosion
Flexibility - Mobile applications
Mobility - 10 x Bandwidth (.11n)
Applications - Voice / FMCL
- Location service
Users - Ubiquitous coverage
- Ethernet replacement
WLAN 1.0
- Convenience Wi-Fi
Problems
- Guest Access - Security, Mgmt & Mobility
- Nomadic Users - Single Points of Failure
- Scanners / Voice
- Performance Limitations
- Determinism
Problems Market trends: the overall WLAN
enterprise market is growing - Scalability
rapidly, doubling in size within the - Linear growth
- Security next 3 years as enterprise look to
- Management increase mobility and productivity. - Cost
WLAN 2.0 – The death of the controller 3 Confidential 2010
4. WLAN 1.0: a centralized architecture
Components of a traditional WLAN infrastructure
FW
Management
$
VPN
and other applications
Management Location service IDS Licence$
Voice and
Module$
Mesh
Controller$ AP
…
Central controller$ Branch controller$
« Thin »
Access Points
Indoor Outdoor Mesh Points Remote AP
WLAN 2.0 – The death of the controller 4 Confidential 2010
5. The bygone era of the controller
Controller$: a centralized architecture in
a distributed network AD/LDAP
Distribution
Accss
STP
Limits of branch office solutions: IPBX
– Hybrid mode/Remote AP
– Multiplication of small controllers
Core
Limits of central controllers:
– Engineering (capacity planning)
– Limited capacity (#APs, #traffic), nonlinear
growth
– Overprovisoning Campus
– Overlay network
– Bottleneck
– Single point of failure WAN
– Complex H.A. / failover (stateful ?) Internet
– Increased latency/jitter (u-turn) Local
server
Control xDSL
Branch Switch
Branch Office
User traffic/Data
WLAN 2.0 – The death of the controller 5 Confidential 2010
6. 802.11n is killing the controller
Let’s do some math!
– Vendor data:
Max. # Max. # FW AES-CCMP # of Max. FW / Max. AES /
Controller
of APs of Users throughput throughput clients client client
6000 series 8192 32768 80 Gbps 16 Gbps 16384 5 Mbps 1 Mbps
3000 series 512 2048 4 Gbps 4 Gbps 1024 4 Mbps 4 Mbps
2400 series 48 768 2 Gbps 400 Mbps 96 21 Mbps 4 Mbps
800 series 16 256 1 Gbps 200 Mbps 32 32 Mbps 6,25 Mbps
600 series 64 512 2 Gbps 1,6 Gbs 128 16 Mbps 12,8 Mbps
200 series 8 100 1 Gbps 200 Mbps 16 64 Mbps 12,5 Mbps
– Assumptions: 4 Wi-Fi clients connected Paradoxically, the best
simultaneously on half of the access points performances are given
by multiplying small
– Reminder: theoretical maximum throughput per controllers…
802.11n client (3x3:2) 300 Mbps Moore’s law?
WLAN 2.0 – The death of the controller 6 Confidential 2010
7. WLAN 1.1: distributed…
…but not too much
2 different solutions for distributed networks:
– Multiplication of branch (local) controllers
– Hybrid mode with central controllers:
• Better known as:
– H-REAP (Hybrid Remote Edge Access Point)
– RAP (Remote Access Point)
• Local forwarding of (some) user traffic to save WLAN links
• Controller is required to take decision and dictates the AP action
• Traffic switched locally does not benefit from controller features
• Many functions are inoperative if the access point is disconnected
from the controller:
– Mesh, Captive Web Portal, Authentication (802.1X), FW, RF management,
roaming,… backup SSID required,…
• Hybrid approach, complex to setup and operate
WLAN 2.0 – The death of the controller 7 Confidential 2010
8. WLAN 2.0: distributed architecture
Reduction of:
802.11n, mobility and mission critical applications on the - Components
- Complexity
WLAN networks are pushing for a distributed architecture, - Failures
- Costs
simplified, more integrated.
FW
$
VPN
SW Config. & Policy RF Planner
IDS
Management Location service
Voice
Guest Management Reporting
Mesh
AP WLAN 2.0
… Heat maps SLA
Central controller$ Branch controller$ Management
RF
FW
QoS
VPN
Mesh SLA
Radius
WIDS
PPSK
Indoor Outdoor Mesh Points Remote AP CWP Indoor Outdoor
WLAN 2.0 – The death of the controller 8 Confidential 2010
9. WLAN 2.0: similare to wired LAN
Cooperative control: a distributed
architecture in a distributed network AD/LDAP
Distribution
Access
STP
Suitable for all types of networks: IPBX
– Centralized, high density
– Branch/Remote offices, SMB Core
Distributed control provides:
– Virtually unlimited capacity (x #AP)
– Flexible deployments (linear, scalable)
– No single point of failure Campus
– Inherent stateful resilience
– Best path forwarding (voice, video)
– Policy and QoS enforcement at the edge WAN
– Natural integration into Ethernet Internet
networks Local
server
– Cost effective WLAN networks
Control xDSL
Branch switch
Branch Office
User traffic/Data
WLAN 2.0 – The death of the controller 9 Confidential 2010
10. What they say…
Vincent Cerf – VP Chief Internet Evangelist Google / Father of Internet
“Part of my motivation when I was working at the Internet was exactly to build a system that did
not have any central control recall that this was being supported by the US defense department,
and one of the things that the defense department wants is highly reliable and resilient systems.
One way to achieve that is to not have any central place that could be attacked and destroyed in
therefore interfere with the operation of the net. So the consequence of this, I would say
decentralized architecture is that it is highly resilient to a variety of impairments and in
consequence of that it's very hard for anybody to shut the internet down entirely.”
(Ref. : http://www.bbc.co.uk/programmes/p005c79p)
Bob O’Hara – Co-Founder & CEO Airespace / Board of Advisors Aerohive
“The advantages to fully distributed system are the ability to have a much more reliable system.
You can have any single point network fails and as long as the radio coverage is sufficient to
cover the areas lost by that failed device, you still got full services, full connectivity.”
(Ref. : http://www.aerohive.com/webcast/AH_Ep1.wmv)
Gartner – Magic Quadrand for Wireless LAN Infrastructure 2009
“Aerohive is an appropriate solution for enterprises with many small or branch offices or any
small and midsize business (SMB) with its structured communication solution, integrated security
and policy management, which does not require a physical controller. The solution should also
be considered for enterprises that need the high availability achieved by Aerohive's meshing
functionality. With failover and security functionality built into the access point mesh, and no
single point of failure (the controller), Aerohive's solution supports a high degree of redundancy.”
WLAN 2.0 – The death of the controller 10 Confidential 2010