Enterprise Wireless LAN Reliability
-
Upload
mark-cowtan -
Category
Technology
-
view
471 -
download
0
description
Transcript of Enterprise Wireless LAN Reliability
Keys to Enterprise Keys to Enterprise WLAN ReliabilityWLAN Reliability
How to Achieve Wire-like Reliability
Over the AirOctober 28, 2010
Today’s SpeakersToday’s SpeakersToday’s SpeakersToday’s Speakers
Mark Cowtan, Director Product Marketing, Trapeze Networks
Matthew Herzog, Customer Support Manager, Trapeze Networks
WLAN Reliability AgendaWLAN Reliability AgendaWLAN Reliability AgendaWLAN Reliability Agenda
I. Why WLAN reliability matters
II. Five focus areas for reliability
• Downtime
• Traffic jams
• Disrupted roaming
• RF & Access limitations
• Competing services
III. Conclusions, Q&A
WLAN Reliability – The Tipping PointWLAN Reliability – The Tipping PointWLAN Reliability – The Tipping PointWLAN Reliability – The Tipping Point
a\b\g\na\b\g\n
bba/b/ga/b/g
Outdoor AccessOutdoor Access
MobilityMobility
WIDS/WIPSWIDS/WIPS
VoiceVoice
RTLSRTLS
TelemetryTelemetry
Asset Management
Asset Management
MultiMediaMultiMedia
Guest AccessGuest Access
Security
Management
LAN Extension
Performance
Scalability
Complete Coverage
Reliability
Unwired Enterprise
0
100
200
300
400
500
DevicesThousands
2008
2009
2010
2011
2012
2013
2014
Device Growth in Enterprise WLANs
Dual-Mode PhonesOther Wi-Fi DevicesIndustrial HandheldsWi-Fi PhonesLaptops, Notebooks
Rapid Device Proliferation(SmartPhones and Other Clients)
Rapid Growth in Devices and UtilizationRapid Growth in Devices and UtilizationRapid Growth in Devices and UtilizationRapid Growth in Devices and Utilization
CAGRCAGR90%90%
CAGRCAGR25%25%
CAGRCAGR44%44%
Source: Gartner 04/2010
SpringSummer
Break
Fall
3x Growth in Sessions(Multiple Devices per Student)
~50,000 Students
3x3x
Source: UoM 10/2010
What is WLAN Reliability to You?What is WLAN Reliability to You?What is WLAN Reliability to You?What is WLAN Reliability to You?
Wire-like Experience
• Always available
• Always connects
• Fast Ethernet rates
End-User Expectations• Predictable applications
• Landline quality voice
• Cable-quality video
• No restraints on mobility
• Supports my devices
IT Manager Expectations• Secure and assured sessions
• Easy management / provisioning
• Optimized resource utilization
• Scales easily and incrementally
• Low maintenance, no new staff
Is Wire-like Reliability Achievable?Is Wire-like Reliability Achievable?Is Wire-like Reliability Achievable?Is Wire-like Reliability Achievable?
LAN Access
Stationary user
Dedicated bandwidth
Fixed capacity
WLAN Access
Mobile user
Shared bandwidth
Variable capacity
Five Focus Areas for WLAN Reliability Five Focus Areas for WLAN Reliability Five Focus Areas for WLAN Reliability Five Focus Areas for WLAN Reliability
• Downtime• AP and controller resiliency
• Configuration and maintenance
• Traffic Jams • Forwarding / encryption bottlenecks
• Disrupted Roaming• Losing sessions or quality
• Crossing network boundaries
• RF & Access Limitations• Wasted bandwidth or sessions
• Rogues, Interference, Old clients
• Competing Services• Multimedia versus mission-critical
Hot Standby Approach
Configuring Controller RedundancyConfiguring Controller RedundancyConfiguring Controller RedundancyConfiguring Controller Redundancy
Controller Virtualization
• Each controller has a unique configuration
• Each controller operates independently
• Back-up continuously polls front-line devices
• Many-to-one standby resiliency
• Back-up connects upon learning of failure
• All controllers get common configuration
• Cluster acts collectively as "virtual controller"
• Many-to-many in-service resiliency
• Dynamic AP load sharing across controllers
• Lowers maintenance: upgrades, changes
Virtual Controller Cluster
Hot Standby Approach
How Controller Failover WorksHow Controller Failover WorksHow Controller Failover WorksHow Controller Failover Works
• Fully loaded hot standby required
• Catastrophic failure – all APs go down
• APs restart using hot standby controller
• Voice calls lost, data sessions stalled/lost
• Failover with no impact to session quality
•Even for active voice calls
• APs instantly remapped to in-service controller
• Dynamic AP load balancing across controllers
• No additional equipment required
Virtual Controller Cluster
Controller Virtualization
Immunity to Data Center BurnoutImmunity to Data Center BurnoutImmunity to Data Center BurnoutImmunity to Data Center Burnout
• Virtual Controller can span multiple Data Centers
• Boot from Group 1, Fail over to Group 2
Data Center 1 Data Center 2
Group 1 Group 2Virtual Controller
Virtualization Can Eliminate DowntimeVirtualization Can Eliminate DowntimeVirtualization Can Eliminate DowntimeVirtualization Can Eliminate Downtime
• APs have connections to primary and secondary controller
• APs load re-balanced when controller added or removed
• New AP additions evenly spread across cluster
• Allows in-service maintenance, at your convenience!
WLAN Reliability AgendaWLAN Reliability AgendaWLAN Reliability AgendaWLAN Reliability Agenda
I. Why WLAN reliability matters
II. Five focus areas for reliability
• Downtime
• Traffic jams
• Disrupted roaming
• RF & Access limitations
• Competing services
III. Conclusions, Q&A
Where Do Different Functions Belong?Where Do Different Functions Belong?Where Do Different Functions Belong?Where Do Different Functions Belong?
• Forwarding
• Packet classification
• Encryption
• Session keys
• Security profile
Internet
Internet
Distributed Switching Scales for 802.11nDistributed Switching Scales for 802.11nDistributed Switching Scales for 802.11nDistributed Switching Scales for 802.11n
• All traffic flows through controller
• Traffic flows twice through network core
• 802.11n increases load up to 10x
• May require expensive upgrades
Centralized Switching Reaches Capacity Sooner With Increased Load from 802.11n
Distributed Switching Provides More Robust Handling of 802.11n Traffic
• Traffic can be forwarded by the AP
• Reduces burden on controller
• Optimizes traffic flows – ideal for voice
• Reduces 802.11n impact on controller
11n increases load by up to 10x
Internet
Distributed Cryptography Scales with APsDistributed Cryptography Scales with APsDistributed Cryptography Scales with APsDistributed Cryptography Scales with APs
Clear
En
crytped
Centralized Cryptography Distributed Cryptography
Clear
Mg
mt T
un
nel
WP
A2
etc
Distributed Improves Voice ReliabilityDistributed Improves Voice ReliabilityDistributed Improves Voice ReliabilityDistributed Improves Voice Reliability
• Longer path, more latency and jitter
• 3-6 times more latency
• Vulnerable to controller congestion
Centralized Switching Distributed Switching
• Most direct path, optimal flows
• Lowest latency
• Toll-quality, no dropped calls
WLAN Reliability AgendaWLAN Reliability AgendaWLAN Reliability AgendaWLAN Reliability Agenda
I. Why WLAN reliability matters
II. Five focus areas for reliability
• Downtime
• Traffic jams
• Disrupted roaming
• RF & Access limitations
• Competing services
III. Conclusions, Q&A
Ensuring Reliable RoamingEnsuring Reliable RoamingEnsuring Reliable RoamingEnsuring Reliable Roaming
• Roaming within APs managed by same controller• Everyone expects this and most vendors very reliable• Part of IEEE 802.11i standard. Well defined mechanisms
• Roaming between controllers not a given• No standards for cross-controller roaming• Usually requires tunneling to home controllers• Distributed session keys improve reliability• One solution is fewer, bigger controllers
• Roaming across indoor / outdoor boundaries• Some vendors don’t have common indoor / outdoor architecture• Some vendors OEM outdoor solution
• Important evaluation criteria
Reliable Secure Roaming Expectations Reliable Secure Roaming Expectations Reliable Secure Roaming Expectations Reliable Secure Roaming Expectations
The way it should be…. The way it should be….
• Privileges and services follow users as they roam from AP to AP
• User credentials define access and network resource privileges
• Different groups with different privileges share infrastructure
• Privileges and services adjusted based on time, location, activity
• No network boundaries
MOBILITY – SECURITY – SERVICES
AAA
Centralized Policies
User roams
1
Credentials& servicesfollow user
2
Client A on Subnet 1
Standard Multi-Controller RoamingStandard Multi-Controller RoamingStandard Multi-Controller RoamingStandard Multi-Controller Roaming
Standard Roaming
•Client anchored to "home" controller
for credentials and session info
•New controller unaware prior to
connection, so must query network
•Long round trip through tunnel to
original controller to maintain session
•High rate of timeout & dropped calls
• Increases load on controllers and
doubles traffic on LAN core
•What about new .11k standard?
Anchored Mobility for Basic Roaming
Controller A
Roam
Client A on Subnet 1
Client B on Subnet 1
Subnet 1 Subnet 2
Controller B
Client A on Subnet 1
Flexible Mobility for Reliable Roaming
Reliable Multi-Controller RoamingReliable Multi-Controller RoamingReliable Multi-Controller RoamingReliable Multi-Controller Roaming
Reliable Roaming•Credentials and session data
spread across controllers
•Distributed session keys means
mobile profile precedes roam
•Shorter data path
•Less risk of interruption
•Less risk of latency, overload
•Optimizes infrastructure flows
•No dependence on controller
•Local switching for further gains
•Optimized for toll-quality VoIP
Controller A Controller B
Subnet 1 Subnet 2
Client A on Subnet 1
Client B on Subnet 1
Roam
Mobility Mobility DomainDomain
A A
WLAN Reliability AgendaWLAN Reliability AgendaWLAN Reliability AgendaWLAN Reliability Agenda
I. Why WLAN reliability matters
II. Five focus areas for reliability
• Downtime
• Traffic jams
• Disrupted roaming
• RF & Access limitations
• Competing services
III. Conclusions, Q&A
Considerations for Reliable RF AccessConsiderations for Reliable RF AccessConsiderations for Reliable RF AccessConsiderations for Reliable RF Access
• Radio transmission is a mysterious black art!
• Unlicensed spectrum, becoming crowded
• Legacy clients on a/b/g slow everyone else down
• What’s the right cell size? Do I need 2x2, 2x3, 3x3?
• What you can control up front:• RF Coverage and Capacity design
• Managing and monitoring your WLAN
• What you can only respond to:• Radio interference, Unwanted visitors, Malicious attacks
Keys to Reliable RF & AccessKeys to Reliable RF & AccessKeys to Reliable RF & AccessKeys to Reliable RF & Access
• Careful RF planning and layout of WLAN• Main use of spectrum analysis, if desired
• Good management tools are essential
• Auto-Tuning and standard roaming features• Automatic mitigation of AP down
• Wireless Intrusion Protection and Firewall• Scanning for Rogue APs, entrants, and attacks
• “Radio Firewall” around perimeter of building
• Load balancing / management techniques• Band-steering, Client load balancing
• Call Admission Control for assured access
• Emerging methods for marginal enhancements• Beamforming in sparse environments
• Spectrum Analysis to detect and avoid interference
Designing for Maximum CapacityDesigning for Maximum CapacityDesigning for Maximum CapacityDesigning for Maximum Capacity
• Turn off low-data rates areas in outlying bands
• Turn down the power to reduce interference
• Smaller cells yield higher data rates for everyone
• Adjacent channel interference is easily avoided in 5 GHz band
• Reserve 2.4 GHz for legacy clients
All clients enjoy high data rates
Tradeoff: Coverage or CapacityTradeoff: Coverage or CapacityTradeoff: Coverage or CapacityTradeoff: Coverage or Capacity
Coverage Capacity
$/Mbps
100 Users40 MHz Channels
Identical area
$/Sq. Ft. $/Mbps $/Sq. Ft. $/Mbps
3x Access points 3x Access points 2x Total cost2x Total cost7x Avg 7x Avg throughput throughput
3x Access points 3x Access points 2x Total cost2x Total cost7x Avg 7x Avg throughput throughput
Client Balancing Across APs and BandsClient Balancing Across APs and BandsClient Balancing Across APs and BandsClient Balancing Across APs and Bands
Most clientsdefault to 2.4Ghz on the AP with
strongest signal
5 Ghz
1 2
2.4 Ghz
Point of Entry
Differences in Call Admission ControlDifferences in Call Admission ControlDifferences in Call Admission ControlDifferences in Call Admission Control
• Mobile phones connect to WLAN in idle, non-used state
• If your WLAN has Session CAC• It counts sessions not active calls
• Is blind to non “voice” clients
• Drops roaming calls if at CAC limit
• Denies new calls if at CAC limit
Session CAC
Roam deniedcall dropped
2 active calls
New callersession denied
Any new clientsession denied
New callercall accepted
Roamaccepted
8 voice devicesassociated but idle
limit 10 reached
• Dynamic CAC does not carry a false load• Recognizes voice flows
• Only considers active calls
• Accepts roaming calls at CAC limit
Voice-gradeservice
8 voice devicesassociated but idle
Dynamic CAClimit 10 not reachedcan accept more calls
2 active calls
WLAN Reliability AgendaWLAN Reliability AgendaWLAN Reliability AgendaWLAN Reliability Agenda
I. Why WLAN reliability matters
II. Five focus areas for reliability
• Downtime
• Traffic jams
• Disrupted roaming
• RF & Access limitations
• Competing services
III. Conclusions, Q&A
INTERNET COMMUNICATION SURVEILLANCE ASSET TRACKING
Separate Management for Everything!Separate Management for Everything!
Closed system, independent services, limited integration
Poor User
Experience
• Inconsistent service level for mission-critical applications
• Dropped sessions with peak loads
• Unaware of user context, location
• No proactive fault resolution
High
OpEx
• Unique UI for each service
• More devices to manage
• Cryptic disjointed information
• More complex, takes longer
• Need more skilled IT staff
The Penalty of Services in SilosThe Penalty of Services in SilosThe Penalty of Services in SilosThe Penalty of Services in Silos
Fully Integrated Services Enables SLAsFully Integrated Services Enables SLAsFully Integrated Services Enables SLAsFully Integrated Services Enables SLAs
WIDS/WIPSServer
RF Firewall
LocationAppliance
FCAPSManagement
WIDS/WIPSServer
RF Firewall
LocationAppliance
FCAPS & Services
Management
Typical WLAN Management Unified WLAN Management
Guest Server Guest
Server
WLAN Reliability AgendaWLAN Reliability AgendaWLAN Reliability AgendaWLAN Reliability Agenda
I. Why WLAN reliability matters
II. Five focus areas for reliability
• Downtime
• Traffic jams
• Disrupted roaming
• RF & Access limitations
• Competing services
III. Conclusions, Q&A
ConclusionConclusionConclusionConclusion
• Reliability is needed for mission-critical applications• Economics of mobility and “unwired enterprise” unstoppable
• End-to-end session reliability is a test-bed must do!
• Achieving Wire-like reliability IS possible!• Controller virtualization eliminates downtime• Distributed switching and crypto avoids traffic jams• Distributed session keys improve roaming reliability • RF Planning and load management assures access to medium• Unified infrastructure & service management will allow SLAs
• Least mature aspect of whole solution for most vendors• Drill down on vendor claims, and test them
Q & AQ & AQ & AQ & A
Mark Cowtan, Director Product Marketing, Trapeze Networks
Matthew Herzog, Customer Support Manager, Trapeze Networks