1 / 13

WLAN Architecture - Considerations

WLAN Architecture - Considerations. Christoffer Jacobsson. What will I talk about?. Some enterprise WLAN history. Explaining the three working planes of a WLAN. Centralized architecture, pros and cons. Distributed architecture, pros and cons. Summary and an extra slide on redundancy.

megan-ware
Download Presentation

WLAN Architecture - Considerations

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. WLAN Architecture - Considerations Christoffer Jacobsson

  2. What will I talk about? • Some enterprise WLAN history. • Explaining the three working planes of a WLAN. • Centralized architecture, pros and cons. • Distributed architecture, pros and cons. • Summary and an extra slide on redundancy.

  3. Where did enterprise WLAN begin? • Fat/Autonomous APs • Secondary access method • Unique solutions for every need • Limited coverage • Little or no visibility • Management nightmare

  4. The three working planes of a WLAN Data plane Management plane Control plane • Data Forwarding • Configuration • Firmware • Monitoring/Reporting • Dynamic radio control • Mobility/Roaming • Load balancing • Encryption/Decryption • QoS tagging • Data filtering

  5. How do we leverage these working planes? Wireless Network Management System (WNMS) Management plane Management plane Management plane Management plane Control plane Control plane Control plane Control plane Data plane Data plane Data plane Data plane SSID: Awsome-CompanySecurity: WPA2-PSK SSID: Awsome-CompanySecurity: WPA2-PSK SSID: Awsome-CompanySecurity: WPA2-PSK SSID: Awsome-CompanySecurity: WPA2-PSK SSID: Awsome-companySecurity: WPA2-PSK

  6. Centralized architecture – ”The overlay implementation” YeahBaby Inc. WLAN project. 500 employees, 2 devices per person. 7 floor building. • New VLANs exist only in controller and Core/Distribution • Seamless roaming accross all floors • Centralized channel and power dynamics • Encryption from client to controller • One RADIUS client • One point of management Trunk port including new WLAN client WLANs Management Control Data s

  7. Centralized architecture for a distributed company NearYou AB WLAN project. 20 Offices spread out over the country All internet and server access goes through HQ Management Control Data • New VLANs exist only in HQ • All APs configured the same way • Client traffic encrypted to HQ • One RADIUS client • One point of management

  8. Drawbacks of a centralized architecture NearYou AB WLAN project. 20 Offices spread out over the country All internet and server access goes through HQ Management Control Data • Dependancy on controllers • Possible traffic U-turns and bottlenecks • Scalability issues • Controllers and licenses are expensive

  9. Distributed architecture – Optimizing traffic flows UpUpAndAway Inc. WLAN project. 4 offices globally. Demands local survivability. • Client traffic forwarded locally • Local RADIUS client • Central management on premises or in the cloud • Local shared control plane • Distributed architecture is redundant by design Control Management Data Control Control Data Data

  10. Distributed architecture – an MSPs perspective Aranya AB, WLAN as a service. Customers totally separated from eachother. No operational dependencies on Aranya datacenter Management Control Control Control Control Data Data Data Data Data Data Data Data

  11. Drawbacks of a distributed architecture Management • Alot of more wired side management • More RADIUS clients • Wireless encryption ends at AP • Changing architecture can sometimes require hardware replacement. Control Control Data Data Data Data

  12. Extra redundancy considerations • Who and where are your RADIUS clients and servers? • Are those server certificates under control? • Are you querying more than one LDAP server? • Who and where are your DHCP servers and IP-helpers? • Always test your redundancy!

  13. Questions and comments are welcome! Mail: Christoffer@aranya.se Phone: +46700 92 10 92

More Related