Filter
Top Products
24 | Mobility Controller and Access Point Deployment Campus Wireless Networks Validated Reference Design Version 3.3 | Design Guide
The Master is responsible for processing wireless intrusion detection system events, presenting the
event and the corresponding wireless vulnerability and exploit (WVE) identifier. The Master is also
responsible for handling location services correlation algorithms that compute the position of clients as
well as rogue APs using signal strength measurements from APs in the network. All heat maps and
location events will be handled through the Master Controller’s web interface without needing an
additional location appliance. This is the strategy depicted in the VRD model, and is the recommended
model when two or more controllers exist in the same network.
If the Master becomes unreachable, the network will continue to operate as expected, but without the
ability to perform operations such as configuration, heat map analysis or location services, until
connection to the Master Controller is restored.
Local Controllers reside at the Aggregation layer of the Aruba Overlay Architecture. They handle AP
termination, user authentication, and policy enforcement. When configuring any Local Controller, you
will need to know the IP address of the Master as well as the Pre-Shared Key used to encrypt
communication between the controllers. If the Master becomes unavailable and no standby Master has
been configured, the wireless network will continue to operate, but some management functionality
will be unavailable until the connection is re-established.
The control channel between all Mobility Controllers is protected by an IPSec connection. This applies
to both a data plane contained within the Local Controller, and a distributed control plane with some
components on the Local and some on the Master Controller.
Mobility Controller High Availability
As Wi-Fi
®
networks move beyond conference rooms and become the primary network connection for
users, the system must be robust enough to continue operation in the event of any network component
failure. The Aruba system offers multiple configuration options to insure that the system operates in a
highly available manner.
There are two different redundancies that must be considered: network management redundancy and
network operations redundancy. Management redundancy is achieved by having redundant Master
Controllers in the network at the Control layer; and operationally, by having two Local Controllers
working together to share a load at the Aggregation layer, with each Local Controller acting as a backup
for the other.
NOTE
In a large Campus WLAN with separate Management and Aggregation layers, Access Points and Air
Monitors should never terminate on the Master Controller, they should only terminate on Local
Controller.
NOTE
While the Master Controller is needed to perform configuration and reporting, it is not a single point
of failure in the network..
NOTE
The controllers have a pre-configured key at first boot; this key must be changed for secure
operation of the Master/Local cluster.