Link Search Menu Expand Document
calendar_month 10-Sep-24

Aruba ESP Campus Reference Architectures

This section describes the components and features of an Aruba ESP campus, with reference designs for small, medium, and large campus networks. Each design includes a sample bill-of-materials.

Select the reference design that most closely aligns with specific production requirements as a starting point for building the required campus solution.

Table of contents

HPE GreenLake for Aruba

HPE GreenLake for Aruba Networking offers an experience leveraging the breadth of HPE Aruba solutions with a flexible way to consume network infrastructure via monthly subscription versus an up-front capital expenditure.

HPE GreenLake for Aruba networking solutions are enabled using modular “Service Packs”. Each Service Pack consists of the required Aruba hardware (“Systems”), software, and service components for the specific use case. Service Packs are delivered as a monthly subscription invoiced in advance and can include options for customers to flex their subscription to Service Pack quantities up or down as their needs change.

Where available, a service pack is listed for each product in the reference architecture tables.

Campus Components

The following products and features provide the foundation for the campus architecture. Use the tables below for guidance on designing a properly sized campus network.

Switches

 6100620063006400v2832583608400
Reccommended FunctionAccessAccessAccessAccess / CoreAggregation / CoreAggregation / CoreAggregation / Core
VSF SupportNoYesYesNoNoNoNo
VSX SupportNoNoNoYesYesYesYes
Redundant power optionNoNoYesYesYesYesYes
Layer 3 routes576
(static only)
102464K64K131K600K1M
MAC addresses8,19216K32K32K98K212K786K

Access Points

 510530550630650
Wi-Fi 6 SupportYesYesYesYesYes
Radio configuration2 radio
2x2:2 (2.4GHz), 4x4:4 (5GHz)
2 radio
4x4:4
2 or 3 radio
4x4:4 (2.4GHz), single 8x8:8 or dual 4x4:4 (5GHz)
3 radio
2x2:2
3 radio
4x4:4
AP peak data rate2.7Gb/s3Gb/s5.4Gb/s3.9 Gb/s7.8Gb/s
Max clients per radio (recommended)100150150100150
Ethernet ports1x2.5GE, 1xGE2x5GE2x5GE2x2.5GE2x5GE
Max active PoE consumption20.8W26.4W38.2W23.8W32W

UXI Sensors

Sensor ModelUX-G5UX-G5CUX-G6UX-G6C
Arm CPU1.3GHz1.3GHz2.0GHz2.0GHz
Wi-Fi 2G/5G Radio.11ac.11ac.11ax.11ax
BLEYesYesYesYes
Cellular as back-haul-Yes-Yes
eMMC4GB4GB8GB8GB
RAM1GB1GB2GB2GB
TPM2.01111
1GBE PHY1111
PoE 802.3af1111
Power Backup-30s->30s
Power Consumption (limit)12W12W12W12W
Ambient T & V sensing0011

Cables and Transceivers

Refer to the following document to ensure proper selection of supported cables and transceivers when planning for physical connectivity within the campus:

ArubaOS-Switch and ArubaOS-CX Transceiver Guide

Campus Features

Additional design consideration should be given to enabling the following features within the campus network.

Switching

 Small campusMedium campusLarge campus
IP RoutingOptionalYesYes
Multicast routingOptionalOptionalYes
NTPYesYesYes
sFlowOptionalYesYes
Spanning treeYesYesYes, consider layer 3 access
QoSYes, if voice trafficYesYes

Wireless

 Small campusMedium campusLarge campus
DMOOptionalOptionalYes
NTPYesYesYes
QoSYes, if voice over Wi-FiYesYes
RADIUSYesYesYes

Services

ServicesDescriptionNotes
Aruba ClearPassVirtual applianceRecommended (on-premises)
Aruba CentralCloud servicesRecommended

Small Campus

The small campus typically supports up to 5000 users with 2-3 devices per user. The network can be a single building, several floors in a larger building, or a group of small buildings located near one another.

The illustration below depicts a small campus consisting of three IDFs in a single location connected to a VSX collapsed core.

Example Design

The example small campus design includes one combined server room/MDF, and three intermediate IDFs that connect to the MDF using multimode fiber. This small campus reference design supports 750 employees and requires 75 APs to provide 2.4 GHz and 5 GHz coverage.

Building characteristics:

  • 3 floors, 75,000 square feet total size
  • 10 wiring closets (IDFs)
  • 750 employees with up to 2500 concurrent IPv4 clients
  • 75 APs
  • 1 combined server room/MDF

Example Bill-of-Materials

The example small campus bill-of-materials includes redundancy and bandwidth suitable for a highly reliable LAN and WLAN for a US based, small campus.

QuantityExample
SKU
DescriptionGreenLake for NaaS
20Aruba 6300M 48-port HPE Smart Rate 1/2.5/5GbE Class 6 PoE and 4-port SFP56 Switch (JL659A)Operate the access switches as 2-device, VSF stacks providing 96 access ports per IDF with redundant 25 Gb/s uplinks.HPE GreenLake for NaaS Wired Aggregation Service Pack (JN038AAS)
2Aruba 8360-32Y4C v2 32p 25G SFP/+/28 4 Sec 4p 100G QSFP+/28 Front-to-Back 3 Fans 2 AC (JL700C)Operate the collapsed core switches as a VSX pair with 25 Gb/s downlinks to the access stacksHPE GreenLake for NaaS Wired Core Service Pack (JN037AAS)
75Aruba AP-635 (US) Tri-radio 2x2:2 802.11ax Wi-Fi 6E Internal Antennas Campus AP (R7J28A)A cost-effective, 3-radio AP providing market leading Wi-Fi 6 services and performance.HPE GreenLake for NaaS Wireless Indoor Service Pack (JN039AAS)
 Aruba ClearPassAuthentication and policy services for the campus network.HPE GreenLake for NaaS Network Policy Service Pack (S1F99AAS)
 Aruba CentralCloud management and AI-driven insights for the campus network.Included with above service packs.

Medium Campus

The medium campus architecture is targeted for organizations supporting 5,000–15,000 users with multiple devices per user. The network can be a group of buildings located near one another, one large building, or several large or high-density floors in a building. This architecture uses access aggregation switches to consolidate traffic onto higher bandwidth uplinks toward the core and to provide layer 3 services to the access layer.

The illustration below depicts a medium campus consisting of six IDFs connecting to two, VSX access aggregation points that are further connected to a VSX core with directly connected gateways.

Example Design

The example medium campus design includes a VSX redundant core with directly connected gateway cluster and WAN services. Each floor includes two IDFs that connect to the MDF. This medium campus reference design supports 5,000 employees and requires 500 APs to provide full 2.4 GHz and 5 GHz coverage.

Campus characteristics:

  • 3 buildings of 5 floors each and 500,000 square feet total size
  • 2 IDFs per floor
  • 1 aggregation point per building
  • 5,000 employees with up to 18,000 concurrent IPv4 clients
  • 500 APs
  • 2 gateways
  • 1 MDF/computer room

Example Bill-of-Materials

The example medium campus bill-of-materials includes redundancy and bandwidth suitable for a highly reliable LAN and WLAN for a US-based, medium campus.

QuantityExample
SKU
DescriptionGreenLake for NaaS
90Aruba 6300M 48-port HPE Smart Rate 1/2.5/5GbE Class 6 PoE and 4-port SFP56 Switch (JL659A)Operate the access switches as 3-device, VSF stacks providing 144 access ports per IDF with redundant 25 Gb/s uplinks.HPE GreenLake for NaaS Wired Aggregation Service Pack (JN038AAS)
6Aruba 6200F 48G Class4 PoE 4SFP+ 370W Switch (JL727A)Use alternative switches for wired access service to low-density areas or a management LAN.HPE GreenLake for NaaS Wired Access Service Pack (JN036AAS)
66Aruba 25G SFP28 LC eSR 400m MMF XCVR (JL485A)25 Gb/s links to aggregation switches from access switches.Configured with wired service pack.
6Aruba 8360-32Y4C v2 32p 25G SFP/+/28 4 Sec 4p 100G QSFP+/28 Front-to-Back 3 Fans 2 AC (JL700C)Operate the aggregation switches as a VSX pair with 25 Gb/s downlinks to the access stacks and 100Gb/s uplinks to the core.HPE GreenLake for NaaS Wired Core Service Pack (JN037AAS)
66Aruba 25G SFP28 LC eSR 400m MMF XCVR (JL485A)25 Gb/s links to access switches from aggregation switches.Configured with wired service pack.
12Aruba 100G QSFP28 LC CWDM4 2km SMF Transceiver (R0Z30A)100 Gb/s links to core switches from aggregation switches.Configured with wired service pack.
2Aruba 8360-12C v2 12-port 100G QSFP+/QSFP28 Front-to-Back 3 Fans 2 AC (JL708C)12-port, VSX capable core switches with 100 Gb/s ports.HPE GreenLake for NaaS Wired Core Service Pack (JN037AAS)
12Aruba 100G QSFP28 LC CWDM4 2km SMF Transceiver (R0Z30A)100 Gb/s links to building aggregation switches from core switches.Configured with wired service pack.
4Aruba 25G SFP28 LC SR 100m MMF Transceiver (JL484A)25 Gb/s links to WLAN gateway cluster from core switches.Configured with wired service pack.
2Aruba 9240 (US) Campus Gateway 4xSFP28 1 Expansion Slot (R7H95A)Gateway cluster.HPE GreenLake for NaaS SD-Branch Service Pack (JN043AAS)
4Aruba 25G SFP28 LC SR 100m MMF Transceiver (JL484A)25 Gb/s links to core from gateway cluster.Configured with wired service pack.
500Aruba AP-655 (US) Tri-radio 4x4:4 802.11ax Wi-Fi 6E Internal Antennas Campus AP (R7J39A)A high-performance, 3-radio AP providing best-in-class Wi-Fi 6E services and performance.HPE GreenLake for NaaS Wireless Indoor Service Pack (JN039AAS)
 Aruba ClearPassAuthentication and policy services for the campus network.HPE GreenLake for NaaS Network Policy Service Pack (S1F99AAS)
 Aruba CentralCloud management and AI-driven insights for the campus network.Included with above service packs.

Large Campus

The large campus architecture is targeted for organizations supporting more than 15,000 users with multiple devices per user. The network would typically be a group of large buildings located near one another. This architecture uses a standalone, layer 3 core and services aggregation points connecting to gateways and WAN services.

The illustration below depicts a large campus comprising six IDFs connecting to two access aggregation points that are further connected to a standalone, layer 3-only core with gateways connected to a services aggregation VSX pair.

Large Campus 1

Example Design

The example large campus design includes a standalone, layer 3 redundant core and services aggregation points for WLAN and WAN. Each floor includes two IDFs that connect to the MDF. This large campus reference design supports 15,000 employees and requires 1500 APs to provide full 2.4 GHz and 5 GHz coverage.

Building characteristics:

  • 10 buildings of 3 floors each and 1.8 million square feet total size
  • 2 IDFs per floor
  • 1 aggregation point per building
  • 15,000 employees with up to 50,000 concurrent IPv4 clients
  • 1,500 APs
  • 6 gateways (2 for optional MultiZone cluster)
  • 1 MDF/on-prem data center

Optional

  • 2 gateways in DMZ

Example Bill-of-Materials

The example large campus bill-of-materials includes redundancy and bandwidth suitable for a highly reliable LAN and WLAN for a US based, large campus.

QuantityExample
SKU
DescriptionGreenLake for NaaS
180Aruba 6300M 48-port HPE Smart Rate 1/2.5/5GbE Class 6 PoE and 4-port SFP56 Switch (JL659A)Operate the access switches as 3-device, VSF stacks providing 144 access ports per IDF with redundant 25 Gb/s uplinks.HPE GreenLake for NaaS Wired Aggregation Service Pack (JN038AAS)
10Aruba 6200F 48G Class4 PoE 4SFP+ 370W Switch (JL727A)Use alternative switches for wired access service to low-density areas or a management LAN.HPE GreenLake for NaaS Wired Access Service Pack (JN036AAS)
190Aruba 25G SFP28 LC eSR 400m MMF XCVR (JL485A)25 Gb/s links to aggregation switches from access switches.Configured with wired service pack.
10Aruba 8360-32Y4C v2 32p 25G SFP/+/28 4 Sec 4p 100G QSFP+/28 Front-to-Back 3 Fans 2 AC (JL700C)Operate the aggregation switches as a VSX pair with 25 Gb/s downlinks to the access stacks and 100Gb/s uplinks to the core.HPE GreenLake for NaaS Wired Core Service Pack (JN037AAS)
190Aruba 25G SFP28 LC eSR 400m MMF XCVR (JL485A)25 Gb/s links to access switches from aggregation switches.Configured with wired service pack.
20Aruba 100G QSFP28 LC CWDM4 2km SMF Transceiver (R0Z30A)100 Gb/s links to core switches from aggregation switches.Configured with wired service pack.
2Aruba 8325-32C 32-port 100G QSFP+/QSFP28 Front-to-Back 6 Fans 2 AC (JL626A)32-port, VSX capable core switches with 100 Gb/s ports.HPE GreenLake for NaaS Wired Aggregation Service Pack (JN038AAS)
10Aruba 100G QSFP28 LC CWDM4 2km SMF Transceiver (R0Z30A)100 Gb/s links to building aggregation switches from core switches.Configured with wired service pack.
2Aruba 8360-16Y2C v2 16p 25G SFP/SFP+/SFP28 2p 100G QSFP+/28 Front-to-Back 3 Fans 2 AC (JL702C)16-port, VSX capable WLAN aggregation switches.HPE GreenLake for NaaS Wired Core Service Pack (JN037AAS)
4Aruba 100G QSFP28 LC CWDM4 2km SMF Transceiver (R0Z30A)100 Gb/s links to core switches from aggregation switches.Configured with wired service pack.
8Aruba 25G SFP28 LC SR 100m MMF Transceiver (JL484A)25 Gb/s links to WLAN gateway cluster from aggregation switches.Configured with wired service pack.
4Aruba 9240 (US) Campus Gateway 4xSFP28 1 Expansion Slot (R7H95A)Gateway cluster.HPE GreenLake for NaaS SD-Branch Service Pack (JN043AAS)
8Aruba 25G SFP28 LC SR 100m MMF Transceiver (JL484A)25 Gb/s links to core from gateway cluster.Configured with wired service pack.
2*Aruba 9240 (US) Campus Gateway 4xSFP28 1 Expansion Slot (R7H95A)DMZ gateway cluster.HPE GreenLake for NaaS SD-Branch Service Pack (JN043AAS)
4*Aruba 25G SFP28 LC SR 100m MMF Transceiver (JL484A)25 Gb/s links from DMZ gateway cluster.Configured with wired service pack.
1500Aruba AP-655 (US) Tri-radio 4x4:4 802.11ax Wi-Fi 6E Internal Antennas Campus AP (R7J39A)A high-performance, 3-radio AP providing best-in-class Wi-Fi 6E services and performance.HPE GreenLake for NaaS Wireless Indoor Service Pack (JN039AAS)
 Aruba ClearPassAuthentication and policy services for the campus network.HPE GreenLake for NaaS Network Policy Service Pack (S1F99AAS)
 Aruba CentralCloud management and AI-driven insights for the campus network.Included with above service packs.

*Optional for MultiZone support

MultiZone

If an organization’s security policy mandates wireless guest traffic to be tunneled to the DMZ, ArubaOS 10’s MultiZone feature can be configured to send Wi-Fi client traffic from a campus AP or switch to other gateway clusters through IPsec and GRE tunnels. It is supported by the following:

  • Campus APs using profiles configured for mixed or tunnel forwarding
  • Microbranch APs with profiles configured for Centralized Layer 2 (CL2) forwarding
  • CX switches configured for User-Based Tunneling (UBT).

For more information, visit the MultiZone section on the WLAN Features page.

NetConductor

The NetConductor section provides guidance on selecting the correct topology and platforms in a campus network when deploying a NetConductor overlay network.

Platform Support

The table below lists the switch models appropriate for each persona required in a NetConductor overlay design. Bold model numbers are the preferred options for each persona.

Fabric PersonaPlace in the NetworkSupported Platforms
Route Reflector (RR)Campus Core6300 ,6400, 8100, 8325, 8360, 8400, 9300, 9300S, 10000
EdgeCampus Access6300, 6400, 8100
Extended EdgeExtending Campus Access6200, 6300, 6400
Border (Single Fabric)WAN Aggregation6400, 8325, 8360, 8400, 9300, 9300S, 10000
Border Leader (Multi-Fabric)Fabric Interconnection6400, 8325, 8360, 9300, 10000
StubWireless Aggregation6300, 6400, 8360 , 8100
StubAccess Aggregation Distribution8360
WLAN GatewayWLAN Gateway7XXX, 9XXX

Platform Collocation

For small and medium campuses, it is more cost effective to collocate multiple fabric personas on the same switch. The following options are supported in NetConductor. Bold model numbers are the preferred options for each persona collocation.

Collocated Fabric PersonasPlace in the NetworkSupported Platforms
Border + Route Reflector (RR)Campus Core6400, 8325, 8360, 8400, 9300
Border + Route Reflector (RR) + WLAN-StubCampus Core6400, 8360
Border + WLAN-StubWAN-Aggregation6400, 8360

Collocated Personas

Routed Access Validated Scale

The below scale validation was conducted on a large campus topology with each persona located on dedicated devices. More scaling information can be found in the NetConductor Architecture Guide. To achieve the scale below all switches must be running AOS-CX 10.14 or higher.

 Scale
VRFs16
IPv4 routes2,000
IPv6 routes2,000
MAC23,000
IPv4 ARP20,000
IPv6 ND10,000
L2 VNIs/VLANs32
Overlay hosts (MAC / ARP / ND)30,000
EVPN VTEP peers (number of VXLAN tunnels)256

Licensing

All switches, gateways, and APs that participate in the NetConductor fabric require Central Advanced subscriptions. Advanced licenses are sold for CX switches but are not required when a Central Advanced subscription is assigned to the switch. Unique switch and gateway subscriptions are available to cover models with different capabilities and capacities. For example, a subscription for a CX6200 switch is not interchangeable with one for a CX8360, and, likewise, 9004 and 9240 gateways use different subscriptions. Subscriptions can be purchased in 1, 3, 5, 7 and 10 year increments.

SKUs and pricing for these subscriptions can be found in this ordering guide. SKUs with a suffix of “AAS” are flexible and allow delayed activation (up to 90 days), license co-termination, mid-cycle tier upgrade, and seamless license renewals. “AAE” suffix subscriptions are activated immediately.


Table of contents