WLAN Controller Geodiverse Failover

Scott Pickles · ‎05-23-2011

All -

Hypothetical scenario:

Three branch offices each with their own 5508 controller and a local spare for backup. Each has their own VLANs and routing between offices over an MPLS network. For simple math, each of the three controllers has a max of 100 APs. For disaster recovery purposes, I want to provide a fourth controller at a separate location from the three branches, but with IP connectivity (something like a co-lo). I would then have to configure that backup controller to have a dynamic interface for each of the VLANs used at the three branches, and something like GRE tunnels to connect them to the default gateways for those interfaces at each branch.

Sound crazy or do-able?

Regards,
Scott

Leo Laohoo · ‎05-23-2011

Hey Scott,

Haven't seen you making posts.

So let me see if I understand this correctly: You have three sites with WLC. Each site has two WLC, the primary/main and the secondary/backup. You propose to set up a fourth site and to use it exclusively as a redundant?

What disaster scenario would happen to force the AP to go to the 4th site? My guess would be the link to the primary and secondary would go down.

In my opinion, this is do-able but un-heard of. The most serious "disaster" I could think of is when you loose your WAN link. When the WAN link goes down so goes your WLAN. But other than that, that is a very, very remote chance of that happening.

Scott Pickles · ‎05-25-2011

Leo -

Yep, haven't been on much. I have another side of our business that's been consuming a lot of my cycles (Motorola mobile computing). I'm proposing the 4th site as a way to save the customer $$ by not having to buy 3 controllers to provide failover locally at each site, and it's a small enough deployment that it could accommodate any 2 of the 3 controllers failing. It isn't a WAN thing because if the WAN went down, they wouldn't be able to reach that 4th controller as they don't have dual redundant connections. The backup WAN is a much smaller pipe and builds VPN tunnels to other sites. I would rather see H-REAP used, but with the 80:20 rule now being 20:80 and only 20 percent stays local while the other 80 percent goes into the core, they'd really need to be setup as a routed access layer, and they're not. So that would be a lot of rearchitecture for a WLAN upgrade. So I'm kinda stuck, and I think they're going to end up having to buy the controllers. In addition to getting the APs over the tunnel to the backup controller, extending those layer 2 VLANs back over the WAN over a layer 3 infrastructure would require building more tunnels to extend the VLANs and that would be messy.

Leo Laohoo · ‎05-25-2011

If you are trying to buy a 4th controller to handle H-REAP only, then the new 7500 is a good candidate. This model does nothing BUT H-REAP.

weterry · ‎05-25-2011

I'm not following the reason against hreap... what is this 80:20/20:80 rule?

From what I'm understanding, you have a WLC at each location and you want a centralized redundant WLC somewhere else....

So in theory, all of your traffic is aleady local at each location, and then would only go across the wan in case of failure (which is where you have to figure out how to get your centralized WLC to have dynamic interfaces for each of the remote sites...)

So why not use HREAP?

WIth HREAP you'd be able to switch traffic off the APs and then it really doesnt matter where the wLC is that the APs connect to (as long as you meet the minimal bandwidth/latency requirements)

Maybe the 80:20 was in reference to why you have to route the traffic back to the remote site?