For so many years, the Wi-Fi story at most campuses has been pretty similar: hundreds or thousands of access points connect to some number of controllers, and it’s all managed by a network management system. Sounds simple enough, but this basic formula of WLAN building blocks has a number of implications that many of us who keep these networks up frequently get weary of. I recently took part in a panel discussion webinar where some notable wireless network managers and architects from the higher ed space discussed these implications. Let me share what we talked about, and we’ll see if any of it resonates with you- and I’m sure that you’d agree that the topics covered here certainly apply well beyond higher ed.
Mist Systems Hosts the Panel Discussion
Mist Systems isn’t the first company to bring cloud-managed wireless to market, but they do offer some fairly comprehensive strategies for those interested in different options. During the panel session, we talked with Bryan Ward from Dartmouth College and Brian Stephens from MIT. Both of these gents are now using Mist for their respective campus WLAN environments, albeit in different topologies. Rounding out the panel was Rowell Dionicio of Packet6.com, Wes Purvis and Jussi Kiviniemi (Mist Product Management team), and myself. Though Rowell and I both have deep backgrounds in higher ed wireless, we joined this session as independent consultants.
The Layer 2 Elephant in the Room
Back in the day when controllers first hit the market, they gave the WLAN world a major gift at Layer 2. With “fat APs”, any VLAN in use by the access point needs to be part of a trunk on the Ethernet uplink. But when the AP is controller based, a single management VLAN can be used to encapsulate a number of VLANs using CAPWAP tunnels. Using controllers allows for a much simpler L2 paradigm from the perspective of AP-uplink switch and switchport configurations- by an order of magnitude in large environments. To me, this is perhaps one of the most significant single benefits of using controller-based WLAN, and is one potential obstacle when going to a cloud-managed model. Old L2 concerns come back to haunt us when the controller gives way to a cloud-managed management plane, and not all vendors have an answer to the dilemma.
During our discussion, we learned that Dartmouth re-engineered their LAN network and embraced configuration automation to reduce the L2 admin burden when they migrated away from their old Cisco controllers to Mist’s cloud-managed WLAN. By contrast, MIT’s timeline for WLAN upgrades required that they NOT re-engineer their L2 environment, meaning they needed a solution to the L2 dilemma.
How do you take advantage of CAPWAP/similiar tunnel terminations afforded by controllers, when you are abandoning controllers? Mist provides an appliance called the Mist Edge which allows for termination of AP-management tunnels and VLAN aggregation, while still keeping the rest of Management Plane functions out in the cloud. This option allowed MIT to quickly get their Wi-Fi moved to the cloud paradigm while preserving their legacy LAN topology.
There was a lot of good discussion about what exactly a controller is versus solutions like Mist Edge and similar building blocks from other vendors. Wes presented this graphic to guide discussion:
Why Else is the Controller Construct so Important When Considering Cloud W-Fi?
Aside from Layer 2 concerns, we heard from both MIT and Dartmouth the various ways their admin time has gotten more productive since they jettisoned controllers. We all spoke of reliability and such, and there is no doubt that a move to the cloud simplifies major administrative tasks. I’ve used cloud-managed networking in almost twenty branch locations of varying sizes for at least a decade, and I can say that not having to upkeep both controller code and quirky, feature-bloated management servers is nothing short of liberating.
The panel as a group seemed to agree that many WLAN professionals get hung up on the loss of nerd-knobs and command-line deep debug capabilities when they consider a move away from controllers to cloud. I wasn’t the only one to vocalize that often the deeper debugs we do on controllers are when we are troubleshooting controller code for TAC rather than actually trying to figure out Wi-Fi or client issues (this gets extremely old). Dartmouth’s Bryan Ward spoke highly of the ease of use and effectiveness of Mist’s API capabilities from first-hand experience when deeper-than-GUI information is needed, while MIT’s Brian Stephens reflected on the Mist interface being comprehensive enough for daily use. Both perspectives are good news for the controller-weary. Competing cloud systems have similar API functionality, and one point of analysis at evaluation time is always “is there the right balance between GUI and API?” from the usability perspective.
A Lot to Consider, Digest
For me, this discussion does scrape off a significant portion of apprehension about potentially moving a large WLAN of many thousands of access points to the cloud-managed paradigm. (In my perfect world, I’d be able to keep my existing very expensive controller-based APs and use them with another vendor’s cloud solution- but the world doesn’t work that way, and likely never really will at enterprise scale.) We covered a lot of ground, with these among some of the other details to ponder:
• Rowell asked a great question- can we make a Mist Edge in VM? Wes replied that it could be done, but most customers don’t.
• Bryan Ward pointed out that SNMP completely goes away with the Mist deployment.
• Brian Stephens made the case that so many other enterprise systems are moving to a cloud-managed model that taking Wi-Fi there really isn’t that much of a leap.
• We all talked about the “what if your Internet connection goes down?” I’ll say that your Mist Wi-Fi will be fine during the downtime, but let you hear the rest of the conversation for yourself when you watch the session.
• We also hit on how funding changes from Capex to Opex with cloud management, and the value of scripting skills for network admins
There’s a lot more to hear, and it’s better firsthand so I hope you spend an hour or so and watch it. I will close by saying this: regardless of what system you are contemplating, you really have to do an honest eval with it the way you would actually use it daily, and you also have to talk to real-world customers that have been empowered to speak freely about the good and less-than-great of the solution you’re interested in.
This panel discussion was especially useful to me because Bryan and Brian have already gone down a road I think about often, and Rowell’s insights are always right on. I’m now better equipped to think about the WLAN future of environments that I manage.
If you missed one of the embedded links above, find the webinar here.