Link Search Menu Expand Document
calendar_month 22-Aug-24

Wireless Design

There is very little difference between how the wireless design is implemented for the Routed Access design compared to the Scaled Edge Access design in NetConductor solution. The following features and requirements are identical for both designs.

  • Mobility Gateways and Access Points must run AOS version 10 firmware.
  • Mobility Gateways should be deployed in clusters for high availability and sized according to expected throughput, client count, etc. Depending on the gateway model, up to 12 gateways can be in a single cluster.
  • Access Points connected to access switches establish a secure control plane to the Mobility gateways. Access points may be connected directly to the underlay network or be part of an overlay network.
  • Standalone Access Points can also be deployed. Access Points connected to access switches participate in the underlay/overlay network to establish connection to Aruba Central for management and configuration services.
  • · Access Point onboarding in Underlay:
    • Routed-Access design:
      • Each access switch with access-point connected must have dedicated VLAN - IP subnet with SVI routable in the underlay network.
    • Scaled-Access design:
      • Each access-aggregation switch must have dedicated VLAN - IP subnet(s) with SVI routable in the underlay network.
      • Each access switch with access-point connected must have VLAN configured with multi-chassis LAG allowing the VLAN to access-aggregation device in the underlay.
  • Access Point onboarding in Overlay:
    • Access Points and Mobility Gateways must be onboarded on the same overlay network (VRF).
    • Mobility Gateways are connected to the Fabric Stub nodes via multi-chassis LAG.
    • Mobility Gateways onboarding VLAN is part of the overlay network segment (VRF) on the WLAN-Aggregation Stub switches.
    • Access Points connected to Edge, Extended-Edge switches are part of the same overlay network (VRF) as the Mobility Gateway but in a different overlay segment (VLAN).
    • The overlay network (VRF) should have reachability to Internet/Cloud for Access Points and Mobility Gateways to register with Aruba Central.
    • Access Point overlay segment (VLAN) should not exceed /23 subnet (distributed anycast-gateway) across the Fabric network reducing the broadcast and fault-domain to 500 access-points. Multiple overlay segments (VLANs) can be provisioned within the same overlay network (VRF) to accommodate for large-scale wireless deployment.

Tunnel Mode deployment

  • A Wireless WLAN configured in Tunnel mode tunnels client traffic from access points to mobility gateways.

  • Campus wide roaming across layer 3 networks is enabled at scale.

  • Wireless infrastructure is integrated to the Fabric with Static VXLAN tunnels from each Mobility Gateway to WLAN-Aggregation stub switches.

  • Mobility Gateway cluster secures client onboarding with authentication, role assignment, and enforcement of security policies.

  • Distributed gateways for wireless clients are configured at the WLAN-Aggregation Stub switches.

  • WLAN-Aggregation Stub switches relay segmentation (Role, L2VNI) from Static VXLAN to the rest of the BGP EVPN VXLAN fabric and to Mobility Gateway.

Wireless with Extended Edge

Bridge Mode deployment

  • A Wireless WLAN configured in Bridge mode terminates wireless traffic on the standalone access point and bridges traffic to a local ethernet segment.

  • Access switches(Edge, Extended-Edge nodes) have network segments (VLAN) provisioned for WLAN Bridge mode VLAN.

  • The network segment is part of the overlay segment (VLAN) associated to overlay network (VRF).

  • An overlay segment provisioned with distributed anycast-gateway extends the segment across the fabric for seamless roaming.

  • Standalone access point secures client onboarding with authentication, vlan assignment, and enforcement of security policies.

  • User Roles associated to wireless client on the standalone access point is not shared to Edge or Extended-Edge switches.

  • Seamless roaming in BGP EVPN Fabric is supported starting Aruba CX 10.13.1000 release.

  • Refer to AOS10 guide and AOS 10 Fundamentals Guide for recommended scale and design considerations for bridge mode deployments.

Wireless with Bridged Mode


Back to top

© Copyright 2024 Hewlett Packard Enterprise Development LP. The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. Aruba Networks and the Aruba logo are registered trademarks of Aruba Networks, Inc. Third-party trademarks mentioned are the property of their respective owners. To view the end-user software agreement, go to Aruba EULA.