Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
11018
Views
25
Helpful
19
Replies

The truth about the WLC traffic without using Flex connect

Go to solution
bhupenderrawat79
Level 1
Level 1

‎08-25-2018 11:43 PM - edited ‎07-05-2021 09:02 AM

Hello Experts!

 

Can someone please clarify how does the Client traffic traverse the network when there is a local WLC without Flex connect.

 

Lets say I have the following easy topology

 

ISP Router

Firewall

Transport Switch

Core Switch ----------WLC and Access Points Attached

Access Switch--------Clients and Access points attached

 

Hence, is it true that ALL traffic generated from a computer(Wifi Client) will traverse the network via the Access Point and it will exit via the WLC ports? If so, does this mean that ALL in/out traffic is tunneled from the AP to the Controller?

Is this why you want to make sure you bundled all ports on the WLC to the switch that this is connected to? in order to be able to provide more bandwidth to the wifi clients? but then what good does this do if you have a 15mb to the internet? and nothing else local for the users to connect to. This ISP internet connection will create a bottleneck regardless of bonding the ports at the wlc is this correct?

 

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rasika Nayanajith
VIP Alumni
VIP Alumni
In response to bhupenderrawat79

‎08-30-2018 10:07 PM

Hi

"Thanks for the response. Then what you are saying is that ALL in/out traffic comming or going to the AP traverse the WLC. Instead of routing it via the Switch of where the AP is connected. Although I actually to clarify this I did test using a wire tap and what I saw was that."

 

This is true in Local Mode AP (both control & data traffic tunnel back to WLC)

 

"THE AP does talks with the WLC but it seems that only for control CAPWAP purposes,  BUT all other traffic in/out from the AP s routed via the local egress switch of where the AP is connected to. Hence the traffic traversing the WLC is very mininal as opposed to the traffic coming out from the AP directly to switch."

This is true when APs are in FlexConnect mode & WLAN configured for Local Switching. In that case only control traffic hits WLC & data traffic locally switched.

 

In either case WLC to SW connectivity won't become a bottleneck for a reasonable size network (less than 500 APs). If you have very large deployments (In our campus setup with 2500+ APs, I see traffic around 2Gbps aggregate)

 

For redundancy point of view always recommended to bundle those WLC ports (at least 2) & connect that to switch as etherchannel port. If you have a WLC HA pair that that would be ideal.

 

HTH

Rasika

 

 

View solution in original post

19 Replies 19

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎08-26-2018 12:41 AM

When APs are in local mode or when AP’s are in FlexConnect local switching, all traffic passes the WLC. Now this doesn’t mean you are going to oversubscribed a one gig link. Cisco has looked at customer installs and validated that majority of the traffic will not hit over 80%. Now I’m some cases it might be way less or even more (4K video). So you would have to look at the utilization on the switch port and see if in your case your one port is a bottleneck. I really doubt it. I have seen customer sites when they only connected a single gig port and never ever added a second. I also had a site which had around 200 AP’s and never hit over 75% utilization from our snmp monitoring tool. You want to LAG for redundancy in most cases.
-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
bhupenderrawat79
Level 1
Level 1
In response to Scott Fella

‎08-26-2018 11:17 AM

Scott,

 

Thanks for your response. So basically adding or setting up LAG is more for a redudant peace of mind rather that providing more traffic out to the network via the WLC is this correct?

 

but what about in the case when using an mgig port at this point you only have one uplink to the switch from the controller which in the case of the 3504 WLC will have no redudancy. and it seems in this case that this type of setup is used more for bandwidth expansion right?

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to bhupenderrawat79

‎08-26-2018 11:29 AM

I do believe you can LAG the mGIG and the 1Gig ports on the 3504.
-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
Rasika Nayanajith
VIP Alumni
VIP Alumni
In response to Scott Fella

‎08-26-2018 04:22 PM

but what about in the case when using an mgig port at this point you only have one uplink to the switch from the controller which in the case of the 3504 WLC will have no redudancy. and it seems in this case that this type of setup is used more for bandwidth expansion right?

 

Do you have mGig switch that connect to 3504 ? If not you are limited to 1Gbps as that what switch supports.

 

If it is mGig, you have enough bandwidth for APs that can supported by a 3504, you do not require any bandwidth expansion. Even 1Gbps is more than enough.

 

Redundancy is the only thing you missing in that scenario, do not worry about bandwidth

 

HTH

Rasika

*** pls rate all useful responses ***

0 Helpful

Go to solution
bhupenderrawat79
Level 1
Level 1
In response to Rasika Nayanajith

‎08-26-2018 10:56 PM

Rasika,

 

Thanks for your response. So it basically comes to what the client wants correct?.

Whether they want the bandwidth (by using an mgig port) with no redundancy. Or by perhaps sacrificing bandwidth but instead having redundancy and according to what I have read, links from the WLC to the switch hardly get saturared is this statement also correct in your experience?.

Rasika, what is still not clear to me is IF all the client traffic traversing the AP GOES through the WLC before going to the switch infrastructure. Thanks again for your time

0 Helpful

Go to solution
RichardAtkin
Level 3
Level 3
In response to bhupenderrawat79

‎08-27-2018 12:45 AM

Yes. The AP and WLC have a CAPWAP Tunnel between them and ALL traffic to/from the Client always* (*in a centrally switched deployment) goes via the WLC and AP. You can verify this by looking on the Access later switch where the AP connects - you will never see the Client’s MAC Address appear on the switch because it’s all tunnelled.

I agree with what everyone else has said too - most places just use WiFi for e-mail & browsing - bursty traffic patterns that don’t use much bandwidth overall unless you have thousands and thousands of Clients. Even VoIP and Video streaming isn’t that demanding for most customers when compared to a 1Gbps interface.

You could also ask where most of the bandwidth is consumed from - increasingly it’s the internet. How fast is their Internet connection compared to available WLC bandwidth?

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to bhupenderrawat79

‎08-27-2018 06:10 AM

All traffic from the AP goes through the switch to the WLC and then egress from the switch the controller is connected to.

mGIG you can still LAG with the 1Gig ports so you can still have redundancy. The thing here is, what bandwidth do you need? You should be able to look at utilization on the existing infrastructure to see how much traffic you are currently using. Like I mentioned in the previous post, you might not even get close to oversubscribing a gig link on wireless. If you have mGIG switches, then go for it, if you don’t, then you can’t do mGIG and will have to utilize the 1Gig ports.
-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
bhupenderrawat79
Level 1
Level 1
In response to Scott Fella

‎08-27-2018 06:41 AM

Scott,

 

Thanks for the clarification and how does the traffic traverse with flexconnect. Because I put a tap on the link between the WLC and the switch and I do see capwap traffice but i do not see client traffic. Does this mean that when the wlc is using or configured as flexconnect then the client traffic does not traverse the WLC to go out.?

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to bhupenderrawat79

‎08-27-2018 06:46 AM

FlexConnect local switching means that control traffic goes to the WLC for processing and data traffic is handled by the switch and the infrastructure. You have control and data traffic on the AP so when you are looking at traffic, you need to understand which is the control traffic vs data traffic.

Makes sense?
-Scott
*** Please rate helpful posts ***

Go to solution
Rasika Nayanajith
VIP Alumni
VIP Alumni
In response to bhupenderrawat79

‎08-27-2018 01:47 PM

 

Rasika, what is still not clear to me is IF all the client traffic traversing the AP GOES through the WLC before going to the switch infrastructure.

 

As Richard explain in his response, AP will add CAPWAP header (UDP port 5246 or 5247 for control & data traffic) destined to WLC source from AP IP address. That packet hitting your switch infrastructure & hop by hop it goes to WLC. However original IP packet source/destination is not known by those interim hop, as they only see capwap header source/destination.

 

When it hits WLC, then it remove those CAPWAP header and look at original IP packet destination. Therefore rest of wired network see original packet IP coming from WLC (infact CAPWAP tunneled by AP to WLC)

 

Hope it clear

 

Rasika

*** Pls rate all useful responses ***

Go to solution
bhupenderrawat79
Level 1
Level 1
In response to Rasika Nayanajith

‎08-30-2018 09:48 PM

Rasika,

 

Thanks for the response. Then what you are saying is that ALL in/out traffic comming or going to the AP traverse the WLC. Instead of routing it via the Switch of where the AP is connected. Although I actually to clarify this I did test using a wire tap and what I saw was that.

 

THE AP does talks with the WLC but it seems that only for control CAPWAP purposes,  BUT all other traffic in/out from the AP s routed via the local egress switch of where the AP is connected to. Hence the traffic traversing the WLC is very mininal as opposed to the traffic coming out from the AP directly to switch.

Hence in my opinion the WLC uplinks to the network or the bandwidth of these does not really matter too much.

0 Helpful

Go to solution
Rasika Nayanajith
VIP Alumni
VIP Alumni
In response to bhupenderrawat79

‎08-30-2018 10:07 PM

Hi

"Thanks for the response. Then what you are saying is that ALL in/out traffic comming or going to the AP traverse the WLC. Instead of routing it via the Switch of where the AP is connected. Although I actually to clarify this I did test using a wire tap and what I saw was that."

 

This is true in Local Mode AP (both control & data traffic tunnel back to WLC)

 

"THE AP does talks with the WLC but it seems that only for control CAPWAP purposes,  BUT all other traffic in/out from the AP s routed via the local egress switch of where the AP is connected to. Hence the traffic traversing the WLC is very mininal as opposed to the traffic coming out from the AP directly to switch."

This is true when APs are in FlexConnect mode & WLAN configured for Local Switching. In that case only control traffic hits WLC & data traffic locally switched.

 

In either case WLC to SW connectivity won't become a bottleneck for a reasonable size network (less than 500 APs). If you have very large deployments (In our campus setup with 2500+ APs, I see traffic around 2Gbps aggregate)

 

For redundancy point of view always recommended to bundle those WLC ports (at least 2) & connect that to switch as etherchannel port. If you have a WLC HA pair that that would be ideal.

 

HTH

Rasika

 

 

Go to solution
bhupenderrawat79
Level 1
Level 1
In response to Rasika Nayanajith

‎08-30-2018 10:48 PM

Rasika,

 

This is exactly what I was looking for. So in your opinion why would an enterprise set or configure Local Mode AP on a WLC? Thanks a million again for your valuable time.

0 Helpful

Go to solution
Rasika Nayanajith
VIP Alumni
VIP Alumni
In response to bhupenderrawat79

‎08-30-2018 10:59 PM

So in your opinion why would an enterprise set or configure Local Mode AP on a WLC?

 

That is a good question :), It is the simplest way to manage & operate. As everything is going through WLC, you have better control with it (feature rich). Troubleshooting is very easy as you have to touch one single point.

 

Cisco using its controllers for past 10-15 years (since purchase of Airespace) & it is proven to working. Even today they could not come up with better alternative (SDA-Wireless is yet to adapt by customers-it is not that simple, Flexconnect is there for particular market segment -retail, limited to 100 APs max at those sites& have its own limitations.) Meraki is there to make it real simple for customers, but limited  to what you can do compare to Cisco enterprise wireless products.

 

So if you are looking at Cisco wireless technology, still controllers play its role & many deploying local mode with it.

 

Thanks for rating our responses as well.

 

HTH

Rasika

 

 

 

0 Helpful
Review Cisco Networking for a $25 gift card
Top