Guest

Cisco 5700 Series Wireless LAN Controllers

Converged Access Mode for Cisco 5760 Wireless LAN Controller and Cisco Catalyst 3850 FAQ

  • Viewing Options

  • PDF (213.1 KB)
  • Feedback
Q. What is converged access mode?
A. The wireless way of access is becoming the primary mode of access. Customers want higher scale, performance, and higher resiliency for Wi-Fi networks, yet want those networks to continue to support the wired connectivity and keep the management of wired and wireless networks as simple as possible. To address all these primary requirements, Cisco has introduced a new mode of deployment called “converged access” mode. This new mode enables customers to achieve the benefits of one policy, one management, and one network.
Q. What are the benefits of converged access mode?
A. Converged access mode provides several benefits to customers. Some primary benefits include:

Maximum scale and performance: Hierarchical network design that distributes the wireless data plane at the access layer on Cisco® Catalyst® switches combined with a Unified Access Data Plane (UADP) application-specific integrated circuit (ASIC) that provides maximum performance and scale.

Higher resiliency: Constrains network failure to smaller domains, thereby providing a more resilient wireless network.

Simpler management: Ability to apply consistent configuration policies such as quality of service (QoS) and access control lists (ACLs) at the same switch port, providing similar experience across wired and wireless clients.

Q. How do the Cisco 5760 Wireless LAN Controller (WLC) and the Cisco Catalyst 3850 switch better prepare the network for the upcoming wave of 802.11ac?
A. The Cisco 5760 WLC and Cisco Catalyst 3850 are both based upon the same innovative UADP ASIC that enables uncompromised wireless performance with advanced services. This ASIC is capable of terminating CAPWAP tunnel, which provides line-rate performance regardless of packet size, encryption, enforcement of security and QoS policies, and advanced visibility through Flexible NetFlow v9.
Q. What are the benefits that Cisco IOS ® Software provides?
A. The rich Cisco IOS Software provides a variety of benefits such as:

Ability to use a common interface for configuration using Secure Shell (SSH) Protocol on the Cisco 5760 WLC and Cisco Catalyst 3850

Secure FTP to transfer files to and from the controller

Multiple link aggregation to enable increased resiliency

Scripting using Tool Command Language (Tcl)/TK

Embedded Event Manager

Flexible NetFlow v9 for networkwide visibility

Advanced ACL functionality, including downloadable ACLs

Advanced Cisco IOS Software-based QoS

Q. What are the components of the converged access mode, and what functionality is provided by each component?
A. In converged access mode, controller functionality is distributed among the following two primary components:

Mobility controller: A mobility controller provides mobility management tasks and systemwide coordination tasks, including interswitch peer group roaming, radio resource monitoring, Cisco CleanAir®, and guest access. One Cisco Catalyst 3850 switch (or a stack of Cisco Catalyst 3850 switches) can serve as a mobility controller for deployments of up to 50 access points. Up to eight Cisco Catalyst 3850 running mobility controller functionality can be grouped together to support a deployment of up to 250 access points. For deployments larger than that, mobility controller functionality should be enabled on a dedicated WLC such as the Cisco 5760 WLC, Cisco Wireless Services Module 2 (WiSM2), or Cisco 5508 Wireless LAN Controller.

Mobility agent: A mobility agent is a function on Cisco Catalyst 3850 switches to manage a wireless client database that includes client association or authentication status. Each Cisco Catalyst 3850 switch stack supports one mobility agent. The mobility agent is also responsible for providing access point connectivity and CAPWAP termination.

Q. Can I reuse the existing access points and controllers?
A. Converged access operates with the following indoor 802.11n access points: Cisco Aironet ® 1140, 1260, 1600, 2600, and 3600 Series. Existing customers that have deployed these access point models can convert them to operate in converged access mode.
Similarly, if the customer has deployed Cisco 5508 WLC or WiSM2 as controllers, they can be used to operate as mobility controllers in converged access mode, simultaneously supporting some clients with central mode or flex mode. Thus there is significant investment protection for customers that migrate to converged access mode.

Notes:

1. 802.11a/g access points and Cisco Aironet 1250 Series are not supported with the converged access solution.

2. The wireless security and spectrum intelligence (WSSI) module on the Cisco Aironet 3600 is not supported with the Cisco Catalyst 3850 and Cisco 5760 WLC in this release. The Cisco 8510 Wireless Controller, Cisco Flex 7510 Wireless Controller, Cisco 2504 Wireless Controller, Cisco Integrated Services Routers Generation 2 (ISR G2)-based controllers, and virtual controllers are not supported as mobility controllers in converged access mode.

3. When the Cisco 5508 WLC is deployed in central mode (aka local mode) or flex mode, it supports the Cisco Aironet 1600 Series. However, when the Cisco 5508 WLC is deployed in converged access mode, it does not support the Cisco Aironet 1600 Series.

Q. Do I need to purchase new wireless licenses with converged access mode?
A. Customers that have deployed Cisco 5508 WLC or WiSM2 can simply reuse the access point scale licenses on those WLCs.
Q. In centralized mode with Cisco 5760 WLC or converged access mode, can I support guest anchor functionality?
A. Yes. You can point a Cisco 5760 WLC operating as a mobility controller to a Cisco 5760 WLC or Cisco 5508 WLC operating as a guest anchor controller.
Q. What type of high availability is available with the Cisco 5760 WLC?
A. The Cisco 5760 WLC in centralized deployment mode (also known as local mode) supports N+1 resiliency. It also supports multiple link aggregation (LAG) to protect against link failures while maintaining throughput.
Q. What high availability is available with the Cisco Catalyst 3850?
A. The Cisco Catalyst 3850 supports subsecond failover through stacking. For wireless, access point Stateful Switch Over (SSO) is supported.
Q. What Cisco IOS Software version is supported by the Cisco 5760 WLC and Cisco Catalyst 3850?
A. The Cisco IOS Software version is 3.2.0SE or 15.0(1)SX.
Q. How is QoS different with the Cisco Catalyst 3850 and Cisco 5760 WLC?
A. The Cisco 5760 WLC supports better QoS than other controllers, allowing prioritization of mission-critical applications:

The Cisco 5760 WLC supports four wireless hardware queues and priority-based queuing compared to software-based queuing in existing controllers.

The Cisco 5760 WLC follows MQC based commands, allowing usage of exact commands for configuring QoS on different types of network devices.

The Cisco 5760 WLC supports QoS policies to be applied in a hierarchical fashion with more granularity per SSID per radio, while on the current controllers granularity is per WLAN.

The Cisco 5760 WLC supports approximate fair bandwidth to make sure of fairness at client, SSID, and radio levels for Non-Real Time (NRT) traffic. Therefore, if one user consumes excessive bandwidth, we can limit the amount of bandwidth that user receives and thereby not deprive other users.

Q. Do we support Cisco IOS Software on existing controllers such as Cisco 5508 WLC, Cisco Flex 7500 Series Wireless Controllers, Cisco 8500 Series Wireless Controllers, and virtual controllers?
A. No, the existing wireless controllers will not run Cisco IOS Software.
Q. If I need to deploy a controller in a country where my customs department does not allow me to import encrypted appliances (with DTLS enabled), how should I purchase the Cisco 5760 WLC or Cisco Catalyst 3850?
A. Customers will have an option to buy the Cisco Catalyst 3850 and Cisco 5760 WLC with a software image that has DTLS disabled. (See Table 1.)

Table 1. DTLS Disabled Image Information

Product

Image Name

Product ID

Cisco Catalyst 3850

cat3k_caa-universalk9.SPA.03.02.00.SE.150-1.EX.bin

S3850UK9-32-0SE

cat3k_caa-universalk9ldpe.03.02.00.SE.150-1.EX.bin

S3850ULPEK9-32-0SE

Cisco 5760 WLC

ct5760-ipservicesk9.SPA.03.02.00.SE.150-1.EX.bin

SWC5760K9-32SE

ct5760-ipservicesk9-ldpe.SPA.03.02.00.SE.150-1.EX.bin

SWC5760LPE-K9-32SE

Q. Do the existing controllers have end-of-life (EOL) dates planned?
A. The Cisco 5760 WLC and Cisco Catalyst 3850 are an addition to the robust portfolio of Cisco wireless controllers. No EOL dates are planned for the shipping controllers.
The Cisco Catalyst 3850-based mobility controller functionality is positioned for customer deployments up to 250 access points in a new deployment or one planned for wired infrastructure refresh.
The Cisco 5760 WLC is ideal for customers that are either planning to refresh wireless infrastructure only or planning a large wired-wireless campus or branch deployment.
Q. What deployment modes can the Cisco 5760 WLC and Cisco Catalyst 3850 support?
A. The Cisco 5760 WLC can operate in centralized mode (also known as local mode) as well as converged access mode, whereas the Cisco Catalyst 3850 operates in converged access mode. At this time, there is no support for office-extend access points, indoor or outdoor mesh, or FlexConnect access points on the Cisco 5760 WLC and Cisco Catalyst 3850.
Q. Are data plane messages between access point and mobility agent encrypted?
A. Yes, data plane DTLS is a configurable option, and by default it is turned off. Remember that the access point needs to be directly plugged into the mobility agent.
Q. What version of software does the Cisco 5508 WLC or WiSM2 need to run in order to operate as a mobility controller?
A. The Cisco 5508 WLC or WiSM2 needs to run software version 7.3 MR1 in order to be able to operate as a mobility controller in converged access mode.
Q. Is the group mobility controller leader manually configurable or automatically elected?
A. You can either configure this manually or get this selected automatically.
Q. How is multicast-to-unicast video different in converged access?
A. In traditional deployments, wired multicast replication happens at the switch, whereas wireless multicast replication happens at the controller. With converged access mode, both wired and wireless multicast replication happens at the Cisco Catalyst 3850 switch, which reduces the number of streams for the same traffic type in the network.
Q. Can Cisco Prime ® infrastructure manage the Cisco 5760 WLC?
A. Cisco Prime release 2.0 (to be released shortly) will support the Cisco 5760 WLC in centralized mode as well as converged access mode.
Q. With what version of Cisco Mobility Services Engine (MSE) do the Cisco 5760 WLC and Cisco Catalyst 3850 interoperate?
A. The Cisco 5760 WLC and Cisco Catalyst 3850 have been tested to interoperate with MSE release 7.4. However, features such as Thinksmart integration are not supported with converged access mode or centralized mode with the Cisco 5760 WLC.
Q. With what version of Cisco Identity Services Engine (ISE) do the Cisco 5760 WLC and Cisco Catalyst 3850 interoperate?
A. The Cisco 5760 WLC and Cisco Catalyst 3850 have been tested to interoperate with release 1.1.1.
Q. Can a client roam transparently (IRCM) between access points that are managed by new IOS and AireOS controllers?
A. If AireOS controllers are running the 7.3 maintenance release and configured with new mobility, client roaming between converged access and AireOS access points is allowed.