all 54 comments

[–]beef-o-lipso 4 points5 points  (22 children)

Cat 3850 https://www.cisco.com/c/en/us/products/switches/catalyst-3850-series-switches/index.html has built in controllers.

The big question is do you even need a controller based wireless network?

[–]jasonlitka 4 points5 points  (3 children)

I thought that feature was getting removed?

[–]relax88 1 point2 points  (2 children)

Yeah it's not on the Cat 9300. Seems it will die with the Cat 3000 series.

[–]jasonlitka 1 point2 points  (1 child)

I’m pretty sure it’s dead on the 3650 & 3850 past 16.3 too. They extended the lifespan of 16.3 by 3-4 years as a result.

[–]Hrast 1 point2 points  (0 children)

Welp, I guess that explains why the person I inherited this network from had a 3504 in the rack that he never got around to configuring.

[–]fergie434CCNA 1 point2 points  (1 child)

Can a 3850 run as a Mobility Controller or only agent? My 3650's will only run as an agent.

[–]Hrast 0 points1 point  (0 children)

Controller. I've got a stack of 3850s and that's the only controller we have configured. We've got a 3504 that only has console cable attached to it at the moment.

[–]scritty 1 point2 points  (0 children)

I'm still bitter about the 3850/5760 series wireless being killed.

[–]JustAnotherToxicDude[S] 0 points1 point  (14 children)

The big answer is...i don't even know hahah. I have literally no knowledge about wireless. so far what i plan on doing is just create a vlan for wireless users, connect to APs and hope it runs

Also, luckily i added the 3850 on the list of equipement i'd like to work with, although the client seems to be a cheap one, so i might end up with Arubas instead

[–]3LollipopZ-1Red2BlueCisco Data Center Architecture Design Specialist / Aruba SE 0 points1 point  (13 children)

lol. nothing wrong with Aruba switches. As long as a switch does what you need it to do the Aruba switches have true lifetime warranty so they are often perceived as cheap.

How many APs are we talking about? There are a lot of scenarios where controllers aren't needed, but do extra functions, like VPN concentrators or perform hitless upgrades or something.

[–]JustAnotherToxicDude[S] 0 points1 point  (12 children)

I have nothing against the Arubas really, I worked on a 2930F recently. It's just that i still lean towards cisco since i'm a bit more comfortable with it

as for AP, it's just about a dozen AP. It's enough to cover the entire premise

[–]3LollipopZ-1Red2BlueCisco Data Center Architecture Design Specialist / Aruba SE 1 point2 points  (10 children)

ok, and you just need WiFi access? then I don't see a need for a controller. Just a cluster of APs, put them in the same native / untagged vlan, configure the first one, and the rest will grab their configs automagically....

Grab some more requirements for why you need a 2930M switch. a 2930F or 2540 or something cheap might be fine. 2930M for the dual power supplies and routing, or multigig/smartrate/40G uplinks, but otherwise the 2930F with single power supplies are good edge switches that stack up to 8.

If it's only 12 APs then you might just need a single consolidated / collapsed core / edge switch stack with dual power supplies. The 2930M will do that and more... no need to upgrade to a 3850 or something more expensive...

[–]JustAnotherToxicDude[S] 0 points1 point  (9 children)

I was planning on using the 2930M at the access layer, and a 3810M as the CC. And then I'd link the APs to the 2930M switches..

[–]3LollipopZ-1Red2BlueCisco Data Center Architecture Design Specialist / Aruba SE 1 point2 points  (8 children)

Do you need BGP or better routing on the core for the 3810M?

2930M is fine for an edge switch. It will last you longer than the 2930F due to the 40G and SmartRate and Dual Power supplies (more PoE in the future perhaps?). So 2930M at the edge is a good investment.

3810M is often expensive compared to even the 5400R. Depending on the region you might be able to get 3Y 24x7x4h support included in the price of the 5400R. But they are 4RU minimum....

Sounds fine though. I've sold plenty of 3810M Cores and 2930Ms for edge switches, especially for big stacks and smartrate.

[–]JustAnotherToxicDude[S] 0 points1 point  (7 children)

If i go with the 2930M as the core, then what do i use for user access?

[–]3LollipopZ-1Red2BlueCisco Data Center Architecture Design Specialist / Aruba SE 1 point2 points  (6 children)

Well, same, then self spare :)

do you want dual power supplies? (2930M)

do you need 740W (2930F or M)

do you want smartrate (2930M)

Do you want layer 3 to the edge? (2930M or F - I wouldn't use 2530/2540, but never tried)

Do you need to stack on the edge? (2930F or M)

Otherwise, you could go a 2540 with 10G uplinks or 2530 with 1G uplinks and be really cheap :)

[–]JustAnotherToxicDude[S] 0 points1 point  (5 children)

I'm sorry but what do you exactly mean by edge? when i see "edge" i think about something that is facing the firewall and the outside world.

[–]NewdlesCCNA-RS, CCNA-V 1 point2 points  (0 children)

I roll Aruba L2, including IAP-305s paired with Aruba central. These all use virtual controllers that are configured from Aruba central. I have 5 sites, some with over 40 APs. Rock solid for the last 9 months since jumping on the Aruba train. Previously had aerohive with various problems at this company.

In the past I've also used meraki(never again), ubiquiti, controller based Aruba, as well as controller based Cisco. These Aruba Instant APs have treated me the best. But then again we aren't doing anything crazy. Just need solid WiFi, no RAPs needed, no VPN on Aruba, just good ol' wifi.

[–]3LollipopZ-1Red2BlueCisco Data Center Architecture Design Specialist / Aruba SE 2 points3 points  (1 child)

Don't buy switches with controllers in them.

Aruba 2930Ms do not support AP terminations. The only thing they do regarding APs is detect them, auto configure the port (LLDP) and power them. All the Aruba switches do that... You might have been told about Aruba Instant APs, which cluster together and for a big cluster of APs - good for less than 128 APs and a couple of thousand clients. You do have to trunk every VLAN up to each AP though, that's why the auto-config on the Aruba switches were probably mentioned.

How many APs? and do you really need a controller or can you get away with something like Aruba instant?

[–]JustAnotherToxicDude[S] 1 point2 points  (0 children)

Just a dozen or so. And i don't think i'm gonna reach thousand users, i'd say 400 at best

[–]CMGoose 1 point2 points  (2 children)

At this size, I would look at the following options -

Aruba IAP

Meraki MRs

Cisco Aironet 2802s withe mobility express, or with a 3500 series controller, or if a vmware shop, the virtual lan controller

[–]JustAnotherToxicDude[S] 0 points1 point  (1 child)

i will check those out, thanks. but is the controller a must for the cisco APs? won't they work without it?

[–]CMGoose 0 points1 point  (0 children)

If you have more than one wap or two waps, you pretty much want to have a controller. It is a gigantic pain to maintain a bunch of autonomous access points - and they can't do the things like automatically adjusting transmit power and having visibility into each other without it. There effectively are three models of controller based solutions - cloud based (meraki), a controller (software like unifi, virtual appliance, embedded in something like a cisco 3850 switch, or actual hardware), or an embedded controller. Aruba calls their solution the instant access point (where one WAP is basically the controller for the others and another fails over if that wap goes down). Cisco's solution for that, which basically does the exact same thing, is called Mobility Express. So, to answer your question, if you buy autonomous cisco access points, they will work without a controller, but I wouldn't recommend that. Same thing goes for Aruba. https://www.cisco.com/c/en/us/solutions/enterprise-networks/mobility-express/index.html

[–]docmn612CCNP Wireless, CWAP, CWDP, CWSP 1 point2 points  (8 children)

Just don’t. I’ve had to undo several botched deployments of converged access. It’s a broken technology. Get a WLC if you need central control.

[–]JustAnotherToxicDude[S] 0 points1 point  (4 children)

And I suppose I'm gonna need central control if I have a dozen APs...Where do I deploy the controller anyway? at the access switches? or the core switch?

[–]docmn612CCNP Wireless, CWAP, CWDP, CWSP 0 points1 point  (3 children)

You should have central control for that many access points, yes. You deploy it at the core, typically.

[–]JustAnotherToxicDude[S] 0 points1 point  (2 children)

And then i plug the APs at the access layer? or straight into the controller?

Can you recommend me any source where i can learn the basics of the wireless world? just enough to provide wireless access, nothing too complicated

[–]docmn612CCNP Wireless, CWAP, CWDP, CWSP 0 points1 point  (1 child)

The APs will go into access ports on whatever switch you want, typically on the access layer.

For setting up a wireless controller, YouTube and config guides will be your best bet. Feel free to PM me with questions. If you can’t tell by the alphabet soup next to my name, I specialize in enterprise wireless architecture.

[–]JustAnotherToxicDude[S] 0 points1 point  (0 children)

Thanks a lot! will do in case i run into some difficulties

[–]3LollipopZ-1Red2BlueCisco Data Center Architecture Design Specialist / Aruba SE 0 points1 point  (2 children)

I certainly used to share that view when I did Cisco for 11 years, but not for the past couple of years. I think there are plenty of vendors today that support hundreds if not thousands of APs with a distributed controller architecture. All with single points of management as an AP electing itself the controller of some sort.

And vendors have been doing this for many years now... I think it's a well tested opportunity.

[–]docmn612CCNP Wireless, CWAP, CWDP, CWSP 1 point2 points  (1 child)

Yeah, I have to expand into other wireless vendors. I’ll be working with Aruba soon. Cisco converged access was a train wreck though

[–]3LollipopZ-1Red2BlueCisco Data Center Architecture Design Specialist / Aruba SE 0 points1 point  (0 children)

lol. well, that is why it's discontinued.

[–]mikemosh511 0 points1 point  (10 children)

How many access points are you looking at getting and/or how many users need to connect? That will help us know the scale and offer better help

[–]JustAnotherToxicDude[S] 0 points1 point  (9 children)

I'd say about 400 wireless users maybe? and the premise is quite small, so about a dozen APs should be enough for them.

[–]mikemosh511 -2 points-1 points  (8 children)

I'd look at unifi https://unifi-sdn.ubnt.com We have them deployed at all of our clients which go up to 500 users in size. Never any issues.

Throw the controller software on a VM and it's all super easy to manage

[–]JustAnotherToxicDude[S] 0 points1 point  (7 children)

I don't think my boss will be enthusiastic about a manufracturer he doesn't recognize. he's a fool for big brands

[–]mikemosh511 -2 points-1 points  (6 children)

Your boss hasn't been paying attention to the industry if he hasn't heard of ubiquiti

[–]JustAnotherToxicDude[S] 1 point2 points  (5 children)

For him, if it's not Cisco or HP then it's garbage.

[–]fsweetser 2 points3 points  (4 children)

One major caveat of Ubiquiti - their idea of support is "go hop on the forums and see if someone there can help." Their product is pretty decent, so long as you understand it's limitations, but you're not going to find anything like the extensive docs, design guides, or support engineers that you'd get from Aruba/HPE, Cisco, or even Ruckus or Aerohive.

[–]JustAnotherToxicDude[S] 0 points1 point  (2 children)

Yeah i imagine, Ubiquiti is based on Linux isn't it? so I guess it's only natural that everything can be found on the community rather than manufracturer. But again, i don't think the boss will accept that.

[–]fsweetser 1 point2 points  (0 children)

No, any Linux bits are way too far under the hood to matter, just like it doesn't matter much that Aruba controllers and APs run Linux, or Juniper gear runs FreeBSD.

Ubiquiti has made a strategic decision to create low cost, no frills hardware targeting those who know exactly what they want and what to do with it. Part of how they achieve their low prices is by forgoing the kinds of massive sales and support infrastructure you expect in the enterprises price bracket.

When I first started talking to Aruba, they sent out an engineer and sales guy in person, as well as a pile of demo gear, eval licenses, and extensive docs. When I first looked into Ubiquiti, I got an voicemail box, and left a message that never got returned.

[–]hackmiester 0 points1 point  (0 children)

Almost everyone's stuff is based on Linux. Some variants of Cisco IOS, NX-OS, Aruba, etc. It doesn't really matter, as other commenters have mentioned.

[–]demonfurbie 0 points1 point  (0 children)

You can also pay for unifi support now with the unifi elite service.

[–]Matt_In_MI 0 points1 point  (0 children)

We do a lot of Ruckus wireless with a ZoneDirector with around that many APs. Never really had any issues with them.

[–]xylopia 0 points1 point  (1 child)

Hello friend, seems like you're asking the completely wrong question here. What you are asking relates to one specific part of a WiFi design that comes way down the track. For now you should be asking "where can Iearn about the basics"

Gotta walk before you can run etc.

[–]JustAnotherToxicDude[S] 0 points1 point  (0 children)

You're right, but at the moment I've been charged with putting together a recommended equipement list, but since we're on the topic, where can i learn wifi basics?

As I mentionned before, I just need to provide wireless connectivity for guest users, I just want to put together something simple and that does the job. Besides, i'm kind of short on time anyway so I can't really learn everything about Wifi right now..

[–]supertechy06 0 points1 point  (1 child)

If you are going to need to send guest traffic out a different egress then you need to look at a 3 WLCs. One for managing the APs and internal traffic and a second setup as a guest anchor to send traffic out a separate egress from the corporate network. The third would be either an HA for the primary or to do SSO with the primary. Cisco has the WLC 3504 for small companies as it supports 150 APs and 3000 clients.

The WLC built into the 3850 is a dying technology as it was replaced by mobility express, if you don't need the separate guest egress as I mentioned above then you could use mobility express. Mobility express is limited to 100 APs and 2000 clients for the x800 series APs.

[–]JustAnotherToxicDude[S] 0 points1 point  (0 children)

I don't think there will ever be a 100 APs, so the mobility express should be enough. as i mentionned in other replies, i just need to give internet access to wireless guest users. they won't be doing anything or seeing anything else on the internal network

[–]simroo23ACMP,CCNP,JNCIP 0 points1 point  (0 children)

Also the Aruba 2930M cant act as a controller.

I dont think so at least unless you read the tunnled ports thing which is not the same