For example after your wonderful explanation about local mode AP and Flexconnect, I dont really see a reason as to why to have a local WLC at every site as opposed to have few WLC's (redundant HA) geographically positioned at a datacenter  (for example in USA, Europe, Asia and Latin America to control several sites / Access Points accross the world ? or am I missing something? 

 

Yes, I agree with you. if it is a global deployment like what you described, having HA pair in each geographic region make sense. As long as you got high speed links (100Mbps+) to that DC from those sites, you can leverage local mode. However if you concern about branch link speeds/hair pinning of traffic even for communication between wireless users in same branch, then FlexConnect is the way  to go for those small sites (less than 100 APs).

 

HTH

Rasika

Rasika,

 

So It seems that I could have a global deployment with HA pairs of WLC's in different Parts of the world (datacenters) to control the AP's in different Sites with different bandwidth's and it this set up will work pretty well. Is there any major limitations when using flex connect on a controller to handle several sites? I heard you saying 100 AP's, does this mean that a controller configured with Flexconnect can only support 100 AP's? or this is not the case? 

 

Also what I am not understanding from you is the following statement "As long as you got high speed links (100Mbps+) to that DC from those sites, you can leverage local mode."

 

And Correct me If I am wrong, but if for example I have 5 sites using flex connect registered to a WLC (HA) in a datacenter and the WLC(HA) looses connection or goes down for a or b reasons, will the AP's at the 5 sites be able to continue to work, meaning processing authentication and services for local users?

I heard you saying 100 AP's, does this mean that a controller configured with Flexconnect can only support 100 AP's? or this is not the case? 

Not a limit on controller side. In FlexConnect design, you have to put those branch AP in to a group named "FlexConnect Group". Max number of APs in a FlexConnect group is 100. Therefore, if you have more than 100 AP in a site, that FlexConnect design may not a fit for it.

 

And Correct me If I am wrong, but if for example I have 5 sites using flex connect registered to a WLC (HA) in a datacenter and the WLC(HA) looses connection or goes down for a or b reasons, will the AP's at the 5 sites be able to continue to work, meaning processing authentication and services for local users?

Yes, AP still able to serve the client as they go into mode called "standalone". Already authenticated clients still work. No new authentications if WLC is down.

 

With FlexConnect there is an option for Local Switching & Local Authentication as well. In that case when WLC is not reachable, AP itself act as authenticator & can authenticates clients as long as it can reach your RADIUS server. 

 

Pls have a look at this webinar that we recently did on FlexConnect.(Do not worry about CCIE wireless, it is an overview of FlexConnect)

https://learningnetwork.cisco.com/docs/DOC-35439

 

HTH

Rasika

One point not yet mentioned (I think), Flexconnect lacks a few features that local mode offers, depending on the WLC and software version and AP model.
Details are found in the respective release notes, here an example of 8.5.135.0 (I've chosen the worst variant):
https://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/crn85mr3.html
Key Features Not Supported in Cisco 2504 WLC:
Domain-based ACLs
Autoinstall
Cisco WLC integration with Lync SDN API
Application Visibility and Control (AVC) for FlexConnect locally switched APs
Application Visibility and Control (AVC) for FlexConnect centrally switched APs
Note
AVC for local mode APs is supported.
URL ACL
...
...
...

Also some APs are usually lacking new software features in Flexconnect mode, while the local mode APs already support them.