Month: August 2018

Long Live the Controller!

Lately, it appears that every time I turn around, I read somewhere where everything, and I mean EVERYTHING is moving to the cloud.  Maybe I am an “old geezer” in this respect, but I believe that not everything belongs in “The Cloud.”

In this particular post I want to focus on the heart of WLAN infrastructure, the venerable WLC.  Now granted, there are situations and the always present “It Depends” that can call for a controller in the cloud, or offsite controller, or controller-less, or mesh, or whatever the vendor is calling it this week, but sometimes, in some situations, having a physical, on-site good old fashioned controller just can’t be beat.

In my current employment, I work at a facility that covers 53 square miles.  Granted, not all of that space if covered in buildings and facilities that have Wi-Fi, or network connectivity (although we have received that request more than once) but we do have facilities that are pretty well spread out.  While I don’t want to spell out all the details, we also have a massive fiber infrastructure that allows us to do some pretty cool things all in house, and we don’t rely on leased lines, or ISP’s, for anything other than our internet connectivity.

Hopefully, at this point, you get the idea of where I am coming from when I say that in an environment like mine, having a centralized, on-premises, good old fashioned chunk of metal and electronics programmed to be a Wireless LAN Controller is a great thing!

Look, I get it.  Not every customer is going to be.  Not every customer can provide their own dedicated fiber between buildings miles apart to get sub-millisecond latency between hardware, but I can.  Not every customer benefits from centralized forwarding, and that’s fine.  I’m not saying that all of the other solutions are not warranted, and don’t have their advantages; they really do.  I can think of a myriad of customers and/or situations where either fully cloud based or a hybrid solution is definitely the way to go.  Companies that have a large central office with branch offices spread across the country immediately springs to mind of a situation where either a full cloud based or hybrid solution would be, and should be, the solution of choice.

Everybody can agree that when it comes to RF coverage, AP placement and AP count, that it all depends on the requirements of the space.  The same thing applies to selecting how the WLAN will be managed and controlled and which type of solution is eventually installed.  Requirements should be the first decision, then cost.  Whether or not your chosen vendor has just rolled out a new shiny cloud based solution should NEVER factor into that decision making process.  I get that sometimes cost will over-ride everything, I’ve been on that side of the fence before, but please don’t immediately jump there, give hardware a chance!

Let me give you some examples in my argument for centralized forwarding to an on-site controller.  Sorry, I can’t bring myself to call in “on prem” or “on premises” or whatever marketing calls it this year.

  1. Configuration of my access layer switch ports has been standardized to a single configuration.  Since I only need an access port with a single VLAN, the wired network team now knows how to configure a switch port where an AP is being installed without the wireless “team” getting involved.  You would be surprised how confusing WLAN technology can be to wired guys who have never dealt with it in the past.  If I need to do a flex connect type scenario, it’s rare enough that I don’t mind dealing with it personally.
  2. VLAN segmentation is much, MUCH easier.  I currently have 28 active VLAN’s off of my WLC’s, and only having to deal with them on a couple of switches relieves a lot of stress, questions and mis-configurations from the wired team.
  3. Security is easier to implement.  I run a Cisco WLAN, so there is an encapsulated (not encrypted) CAPWAP tunnel between the AP and the WLC.  In my environment we added an additional routing “feature” around the CAPWAP to keep it locked down.  That was a one-time configuration challenge that we haven’t had to go back and touch, no matter how many VLAN’s I have added to the WLC.
  4. Using the CAPWAP functionality allows me to “get around” network segmentation on the logical network.  In certain circumstances, it can be very advantageous to have 2 devices 10 miles apart but on the same subnet since they both terminate at the same location.  Yes, concentrators can be used to achieve the same thing but if I have to add hardware onsite, why add just that?  A concentrator will add complexity and another point of failure to deal with, so now I need to add in redundancy.
  5. I have full control over when and how my upgrades are done.  Yes, in theory this shouldn’t be an argument since it is your cloud instance, but how many times have you had a service in the cloud have an update or reboot done simply by accident?  As the engineer/architect on record, I am always the first one blamed.  This leads to the next point.
  6. Troubleshooting during outages is frustrating.  Even when things are in the cloud we are blamed for outages, and in our group alone we have spent countless hours trying to show that issues with reaching an offsite service is an ISP problem, not ours or the cloud data center’s fault.  What ends up happening is we point the finger at the cloud provider, the cloud provider points the finger at us.  Eventually we point a finger at an ISP.  Ever try to get two different ISP’s working together to solve a problem?  It’s bad enough when you are paying them for service and you need them to work for you, let alone work with a different ISP to figure out routing problems between themselves.  It’s a nightmare, and as the customers technical people we are always left holding the bag.

I could go on, but I think you get the point.  Keep in mind, I am not here to say that cloud based controller solutions are the devil or should go away.  On the contrary, I think in the correct situation, cloud based is 100% the way to go, and all vendors should be able to support that model.  I am just here to argue that in that same vein of thought, in the correct situation, physical, on-site, metal chassis based controllers are still very pertinent and needs to be considered as a viable, if not the correct, solution for some solutions. And just like with cloud based controllers, all vendors should be able to support that model.  If not, in my mind, they will always be a second tier vendor since they can’t support ALL possible solutions needed for any given customer.

As Lee Badman reminded us in the #WIFIQ for 8/21/18, try and take emotions out of the discussion.  Emotion should never be part of the conversation when designing the correct WLAN solution for any customer.  Define the requirements and design the solution based on those requirements.  The solution will change based on other factors but to say that I won’t recommend a physical controller no matter what just isn’t fair, and isn’t in keeping with the spirit of designing the best Wi-Fi for any given scenario.

Let me know your thoughts on the subject, sometimes 288 characters just isn’t enough to make your argument.

P.S. – I also don’t think 2.4 GHz is dead and will argue that one until the end of time!  Maybe I am the old geezer who won’t change!