WLAN AP License Sharing Technology White Paper

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Contents

Overview·· 1

Technical background· 1

WLAN AP license sharing implementation· 1

WLAN IRF license sharing· 1

WLAN AP license synchronization between ACs· 2

Dual-AC mode· 2

N+1 mode· 3

Distributed UWAC deployment license sharing· 4

In dual-MPU mode· 4

In IRF mode· 5

License sharing in AC hierarchy deployment 6

License sharing through license server and license clients· 7

Application scenarios· 7

AP license sharing in dual-link backup mode· 7

AP license sharing in N+1 backup mode· 8

AP license sharing in dual-central AC backup for headquarters and branch hierarchy· 9

 

Overview

Technical background

On an enterprise network, ACs use AP licenses to control the number of concurrent online APs. In a large-scale wireless network, the following problems arise:

·     In a large-scale wireless network with AC backup configured, AP licenses are usually installed on the master AC rather than on a per-AC basis. If the master AC fails, the backup AC cannot provide access services for APs.

·     In a large-scale wireless network with multiple ACs configured, the license planning and installation on a per-AC basis bring a large workload. The license management becomes even more complicated when the device license and network planning change or a device failure occurs. In addition, the central management of licenses on multiple ACs is required.

To solve these problems, the WLAN AP license sharing technology is introduced. It allows ACs to share AP licenses with the ACs without any AP licenses installed. This technology also achieves centralized management of licenses and efficient use of license resources.

WLAN AP license sharing implementation

WLAN AP license sharing technology functions in different networks to implement different purposes.

·     To achieve license sharing with backup devices:

¡     WLAN IRF license sharing.

¡     WLAN AP license synchronization between ACs.

¡     License sharing in distributed unified wireless AC (UWAC) deployment.

·     To achieve centralized and flexible license management:

¡     License sharing in AC hierarchy deployment.

¡     License sharing through license server and license clients.

This document describes the WLAN AP license sharing implementation in different networking scenarios. Unless otherwise specified, licenses in this document refer to AP licenses.

WLAN IRF license sharing

The WLAN IRF technology virtualizes multiple physical devices into one virtual fabric. AP licenses installed on member devices are shared across the IRF fabric.

The maximum number of concurrent online APs in the entire IRF fabric cannot exceed the following limits:

·     The sum of AP count allowed by all licenses on member devices.

·     The upper limit on the AP count supported by the connected device.

As shown in Figure 1, AC 1 has L1 licenses installed, allowing L1 concurrent online APs. AC 2 has L2 licenses installed, allowing L2 concurrent online APs.

·     After an IRF fabric is formed, it has a total of L1 + L2 licenses, allowing L1 + L2 concurrent online APs.

·     If a member device is faulty or leaves the IRF fabric, its licenses continue to function for a 30-day grace period in the IRF fabric to ensure service continuity.

·     After the grace period, the licenses on the leaving member device are no longer available. The license capacity reduces to the sum of the remaining licenses in the fabric. The license capacity change will not bring the existing online APs offline even if the number of existing online APs exceeds the license limit. The new limit takes effect after the number of existing online APs goes below the limit.

Figure 1 WLAN IRF license sharing

 

WLAN AP license synchronization between ACs

In this solution, each AC manages their own APs independently. You can configure the AP license synchronization feature on the ACs that can reach each other.

According to the number of ACs configured with the AP license synchronization feature, WLAN license sharing functions in the following modes: dual-AC mode and N+1 mode (N≥2).

Dual-AC mode

When two ACs are configured with the license synchronization feature, they work in the dual-AC mode. In this mode, the number of licenses is accumulated.

The maximum number of concurrent APs associated with an AC cannot exceed the following limits:

·     The sum of AP count allowed by all licenses on the two ACs.

·     The upper limit on the AP count supported by the connected AC.

As shown in Figure 2, AC 1 has L1 licenses installed, allowing L1 concurrent online APs. AC 2 has L2 licenses installed, allowing L2 concurrent online APs.

·     After configuring AP license synchronization, each AC has L1 + L2 licenses, allowing L1 + L2 concurrent online APs.

·     If an AC is faulty, its licenses continue to function for a 30-day grace period to ensure service continuity.

·     After the grace period, the licenses on the leaving AC are no longer available. The license capacity reduces to the number allowed by the licenses on the remaining AC. The license capacity change will not bring the existing online APs offline even if the number of existing online APs exceeds the license limit. The new limit takes effect after the number of existing online APs goes below the limit.

Figure 2 License sharing in dual-AC mode

 

NOTE: 1+1 backup is a typical example of dual-AC mode. In this mode, licenses are installed on only the master AC. After configuring AP license synchronization, the master AC synchronizes its licenses to the backup AC. When the master AC fails, the backup AC will take over the service, and APs will be reassociated with the backup AC.

 

N+1 mode

When more than two ACs are configured with the license synchronization feature, they work in the N+1 (N≥2) mode.

In this mode, N master ACs are configured, and one AC acts as the backup AC. The master ACs do not share their licenses with each other. They only synchronize their licenses to the backup AC. In this case, the license capacity on the ACs varies:

·     Each master AC allows the number of APs that are licensed by its own licenses.

·     The backup AC allows the accumulated number of licensed APs allowed on all master ACs.

In addition, the maximum number of concurrent APs associated with an AC cannot exceed the upper limit supported by the AC.

When a master AC fails, the APs associated with to the AC switch to the backup AC. When the faulty AC recovers, the APs are reassociated with the recovered AC.

As shown in Figure 3, AC 1 through AC n act as master ACs, and AC n+1 acts as the backup AC. AC 1 has L1 licenses installed, allowing L1 concurrent online APs. AC n has Ln licenses installed, allowing Ln concurrent online APs. No licenses are installed on the backup AC.

·     After configuring AP license synchronization on the ACs, the license capacity on the backup AC equals the accumulated number of licenses on the master ACs. The license capacity on each master AC remains unchanged.

·     If a master AC is faulty, its licenses continue to function for a 30-day grace period to ensure service continuity. The APs associated with the AC switch to the backup AC.

·     After the grace period, the licenses on the leaving AC are no longer available. The license capacity on the backup AC reduces to the number of the licenses on the remaining master ACs. The license capacity change will not bring the existing online APs offline even if the number of existing online APs exceeds the license limit. The new limit takes effect after the number of existing online APs goes below the limit.

Figure 3 License sharing in N+1 mode

 

Distributed UWAC deployment license sharing

The unified wireless AC (UWAC) technology enables a switch to support the WLAN function through a unified wired-wireless AC feature pack installed on the switch. The unified wired-wireless AC feature pack is installed on the MPU of a modular switch or on a fixed-port switch.

Switches in distributed UWAC deployment operate in the following modes: dual-MPU mode or IRF mode. The unified wired-wireless AC feature packs are installed on both master and backup devices. All WLAN packets received by the master and backup devices are sent to the master device and only one unified AC provides WLAN access service at a time.

The license sharing in a distributed UWAC network functions similarly as the license sharing in a WLAN IRF network.

In dual-MPU mode

Typically, a high-end modular switch uses two MPUs. After installing unified wired-wireless AC feature packs on two MPUs, AC functionality is enabled and the standby MPU functions as a backup AC.

As shown in Figure 4, the master MPU has L1 licenses, allowing L1 concurrent online APs. The standby MPU has L2 licenses installed, not allowing any APs to access.

·     With license sharing enabled, each MPU has L1 + L2 licenses, but only the master MPU allows L1 + L2 concurrent online APs.

·     If the master MPU is faulty, the backup MPU takes over the services. The master MPU's licenses continue to function for a 30-day grace period to ensure service continuity.

·     After the grace period, the licenses on the leaving MPU are no longer available. The license capacity reduces to the licenses on the remaining MPU. The license capacity change will not bring the existing online APs offline even if the number of existing online APs exceeds the license limit. The new limit takes effect after the number of existing online APs goes below the limit.

Figure 4 Dual-MPU mode license sharing

 

NOTE: In a live network, the standby MPU has no licenses installed, and it uses the licenses shared by the master MPU.

 

In IRF mode

As shown in Figure 5, multiple switches form an IRF fabric. The unified wired-wireless AC feature pack is installed on each IRF member device and each IRF standby device functions as a backup AC.

·     The master switch has L1 licenses installed, allowing L1 concurrent online APs. The standby switch n has Ln licenses installed, not allowing any APs to access.

·     After an IRF fabric is formed, the license capacity on each AC equals the accumulated number of licenses on all ACs, but only the master AC allows the access of APs.

·     If the master switch is faulty or leaves the IRF fabric, a standby switch becomes the master to provide AP access services. The licenses of the original master device continue to function for a 30-day grace period in the IRF fabric to ensure service continuity.

·     After the grace period, the licenses on the leaving member device are no longer available. The license capacity reduces to the sum of the remaining licenses in the fabric. The license capacity change will not bring the existing online APs offline even if the number of existing online APs exceeds the license limit. The new limit takes effect after the number of existing online APs goes below the limit.

Figure 5 IRF mode license sharing

 

NOTE: In a live IRF network, standby devices typically have no licenses installed, and they use the licenses shared by the master device.

 

License sharing in AC hierarchy deployment

As shown in Figure 6, the central AC has licenses installed and the local ACs have no licenses. The central AC manages all local ACs, and local ACs provide network access to APs by using licenses shared by the central AC. The total number of APs associated with the local ACs cannot exceed the license limit.

Figure 6  License sharing in AC hierarchy deployment

 

NOTE: You can use two central ACs for 1+1 backup. To share licenses between central ACs, use WLAN AP license synchronization. After the WLAN AP license synchronization is enabled, the number of licenses will be accumulated and the master central AC allocates licenses to local ACs.

 

License sharing through license server and license clients

In the license server/client solution, licenses are installed on a license server instead of individual ACs. A PC or a WBC AC can acts as the license server. ACs, acting as the license clients, request and release licenses depending on the license demand. This solution facilitates license sharing among multiple ACs and license backup, avoiding waste of license resources.

As shown in Figure 7, the license client (AC) and license server use the tunnel to establish the connection. Upon receiving a tunnel establishment request from an AP, the AC requests an AP license from the license server. After the AP goes offline, the AC releases the license.

When you use the server-client mode, the following rules apply:

·     The total number of concurrent APs requested by license clients cannot exceed the number allowed by the licenses installed on the license server.

·     You can define the number of licenses per request. By default, an AC request one AP license each time.

·     The license server supports VRRP that virtualizes multiple licenses servers into one virtual license server.

·     The license server does not support Comware 5 licenses but only Comware 7 licenses.

Figure 7 License sharing through license server and license clients

 

Application scenarios

AP license sharing in dual-link backup mode

Dual-link backup enables two ACs to back up each other to reduce risks of service interruption caused by single-AC failures. With dual-link backup enabled, an AP establishes a master CAPWAP tunnel and a backup CAPWAP tunnel with the master AC and the backup AC, respectively.

As shown in Figure 8, the master AC has L1 licenses installed but the backup AC has no licenses installed.

·     With AP license synchronization enabled, the backup AC obtains L1 licenses shared by the master AC through the license synchronization connections.

·     When the master AC fails, the backup AC will take over the service, and APs will be reassociated with the backup AC.

·     When the failed master AC recovers, the master CAPWAP tunnel preemption feature determines the master CAPWAP tunnel based on the AP connection priority.

Figure 8 License sharing in dual-link backup mode

 

AP license sharing in N+1 backup mode

In the N+1 (N≥2) mode, N master ACs can provide services at the same time, and one AC acts as the backup. The upper limit on the AP count supported by each AC is the same. Compared to the 1+1 backup, the N+1 backup is low cost because it only provides partial redundancy.

As shown in Figure 9, the number of L1, L2, L3, and L4 licenses are installed on AC 1, AC 2, AC 3, and AC 4, respectively. No licenses are installed on the backup AC.

·     With license synchronization enabled, the license capacity on the backup AC equals the accumulated number of licenses on the master ACs. The license capacity on each master AC remains unchanged.

·     The backup AC is configured with the templates of all online APs. When all master ACs function correctly, the backup AC does not provide network access to APs.

·     When a master AC fails, the APs associated with this AC switch to the backup AC.

·     When the faulty AC recovers, the APs are reassociated with the recovered AC because the CAPWAP tunnel is configured with the preemption feature.

Figure 9 License sharing in N+1 mode

 

AP license sharing in dual-central AC backup for headquarters and branch hierarchy

AC hierarchy is becoming popular for headquarters and branches of an organization. The central AC is deployed at the headquarters and local ACs are deployed at branches. When the central AC is faulty or the connection between the central AC and local ACs is faulty, the local ACs can still provide network access to APs independently. In addition, you can deploy two central ACs for 1+1 backup.

As shown in Figure 10, the master central AC has licenses installed and the backup central AC has no licenses installed. The master central AC manages all local ACs and share licenses with local ACs. Local ACs provide network access to APs and report AP information only to the master central AC.

·     With license synchronization enabled, the backup AC has N licenses.

·     When the master central AC fails, the APs associated with this AC switch to the backup central AC.

·     When the faulty AC recovers, the APs are reassociated with the recovered AC because the CAPAC tunnel is configured with the preemption feature.

For more information about AC hierarchy network, see the relevant documents.

Figure 10 Dual-AC hierarchy license sharing