Cisco 8540 Wireless LAN Controller Deployment Guide

Cisco 8540 Wireless LAN Controller Deployment Guide
Add to My manuals

The Cisco 8540 Wireless LAN Controller is a high-performance, scalable wireless controller designed for large enterprise deployments. It supports up to 6,000 APs, 64,000 clients, and 40 Gbps throughput. The 8540 supports all AP modes of operation, including Local, FlexConnect, Monitor, Rogue Detector, Sniffer, Bridge, and Flex+Bridge. It also supports a variety of features, including high availability, TrustSec SXP, and Right to Use licensing.

advertisement

Assistant Bot

Need help? Our chatbot has already read the manual and is ready to assist you. Feel free to ask any questions about the device, but providing details will make the conversation more productive.

Cisco 8540 Wireless LAN Controller Deployment Guide | Manualzz

Cisco 8540 Wireless LAN Controller Deployment Guide

Cisco 8540 Wireless LAN Controller Deployment Guide

2

Introduction

2

Prerequisites

2

Product Overview

3

Cisco 8540 Controller Key Attributes

4

AP Platform Support

5

Platform Components

6

SFP Support

13

Image Specifications

14

Fault Tolerance Capability

14

Customer Replaceable Units

16

Link Aggregation (LAG)

16

Inter-Platform Mobility and Guest Anchor Support

16

Infrastructure Multicast

16

New Mobility and MC Support

17

Look and Feel of the Cisco 8540 Wireless LAN Controller

17

Licensing

23

2

Revised: November 12, 2015,

Cisco 8540 Wireless LAN Controller Deployment Guide

Introduction

This document introduces the Cisco 8540 Wireless LAN Controller (WLC), and provides general guidelines for its deployment. The purpose of this document is to:

• Provide an overview of the Cisco 8540 WLC, and its deployment within the Cisco unified architecture.

• Highlight key service provider features.

• Provide design recommendations and considerations specific to the Cisco 8540 controller.

Prerequisites

Requirements

There are no specific requirements for this document.

Components Used

This document is not restricted to specific software and hardware versions.

The information in this document is created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Conventions

Refer to

Cisco Technical Tips Conventions

for more information on document conventions.

Product Overview

The existing Cisco 8510 series controller scales up to 6,000 APs, 64,000 clients, and 10 Gbps maximum throughput. The explosion of mobile clients in enterprise empowered by bring your own device (BYOD), the deployment of wireless in mission-critical applications, and the adoption of Wi-Fi in service provider networks enabling new business models require wireless networks to provide larger AP Scale, client scale and higher throughput.

The Cisco Unified Wireless Network Software Release 8.1 addresses these key challenges. Release 8.1 delivers the new Cisco 8540 wireless controller with support for 40 Gbps throughput, 6,000 APs, and 64,000 clients to ensure better performance and scale for business critical networks.

The following table captures some of the key hardware capabilities of this new platform.

Table 1: Hardware Capabilities of Cisco 8540 WLC

Hardware Capabilities

Chassis Height

Throughput

AP Support

Client Support

Data Ports

Storage

Storage Temperature

Operating Temperature

Operating Humidity

Power Options

8540

2 RU

40 Gbps

6,000

64,000

4x SFP+

Dual SSD with Hardware RAID

-40°C – 65°C

5 – 40°C

10 – 90% (non-condensing)

1200 W AC, 930 W DC

Redundant PSUs

3

4

Cisco 8540 Controller Key Attributes

Some of the key attributes of the Cisco 8540 controller are:

• High AP scalability (6,000 APs in 2 RU )

• High client density (64,000 clients in 2 RU)

• High throughput of 40 Gbps with 2 RU

• Support for 6,000 APs, 6,000 AP groups, 2,000 FlexConnect groups, and up to 100 APs per FlexConnect group

• Support for 4095 VLANs

• Support for 50,000 RFIDs tracking, and the detection and containment of up to 24,000 rogue APs, and up to 32,000 rogue clients

• 25,000 RFID tags

• 3,20,000 AVC Flows

• PMK cache size of 64,000

• High availability with sub-second AP and client SSO

• TrustSec SXP Support

• Support of all AP modes of operation (Local, FlexConnect, Monitor, Rogue Detector, Sniffer, Bridge, and Flex+Bridge)

• Right to Use (RTU) licensing for ease of license enablement and ongoing licensing operations

The following table shows the Cisco enterprise campus controllers comparison at a glance:

Table 2: Cisco Enterprise Campus Controllers comparison

Attributes

Deployment type

Operational Modes

Maximum Scale

AP Count Range

Licensing

Connectivity

Power

8540 8510 7510

Enterprise Large campus + SP

Wi-Fi

Full Scale Branch

Enterprise Large campus + SP

Wi-Fi

Full Scale Branch

Central site controller for large number of distributed, controller-less branches

All AP modes

6,000 APs

64,000 clients

All AP modes

6,000 APs

64,000 clients

FlexConnect, Flex+Bridge

6,000 APs

64,000 clients

1 – 6,000

Right to Use (with EULA)

4 x 10 G ports

1200 W AC, 930 W DC

Dual redundant

Hot-swappable PSU

300 – 6,000

Right to Use (with EULA)

2 x 10 G ports

AC/DC dual redundant

300 – 6,000

Right to Use (with EULA)

2 x 10 G ports

AC/DC dual redundant

Attributes

Maximum Number of

FlexConnect Groups

8540

2,000

Maximum Number of APs per

FlexConnect Group

100

Maximum Number of Rogue

APs Management

24,000

Maximum Number of Rogue

Clients Management

32,000

Maximum Number of RFID 50,000

Maximum APs per RRM

Group

Maximum AP Groups

6,000

6,000

Maximum Interface Groups 512

Maximum Interfaces per

Interface Group

64

Maximum VLANs Supported 4095

Maximum WLANs Supported 512

Fast Secure Roaming

Clients/Max PMK Cache

64,000

Note

Feature support unless otherwise specified will be the same as in 8510.

AP Platform Support

The Cisco 8540 supports the following access point models:

• 1260, 3500, 600

• 1600, 2600, 3600

• 1700, 2700, 3700

• OEAP 600

• 702I, 702W

8510

2,000

100

32,000

24,000

50,000

6,000

6,000

512

64

4095

512

64,000

7510

2,000

100

32,000

24,000

50,000

6,000

6,000

512

64

4095

512

64,000

5

• Cisco AP802 access point module

• 1530, 1552WU, 1550, 1570

• 1040, 1140, 1260 support extended to 8.1 with 8.0 parity

Platform Components

Cisco 8540 Front Panel View

Cisco 8540 wireless LAN controller supports several buttons, LED indicators, and a KVM connector on the front panel. It includes a power button and Locator LED button, along with the following LEDS: System status, PSU status, Fan status, Network LED, and

Temperature LED.

Power On Switch and LED Indicator

A Power Button push switch with integrated LED is located on the front panel.

Table 3: Power On Switch and LED Indicator

LED Indicator Color

Bi-color Yellow

(Amber)

Green

Function

Card Power Status

State

Off

Amber On

Green On

Decode

Power Off

Soft Off

Power On

Locator Switch and LED Indicator

A Unit Identify push switch with integrated LED is available on the front panel and rear panel . Each press on the button toggles between active and non-active states.

6

System Status LED Indicator

The system status LED located on the front panel indicates the overall system health.

Table 4: System Status LED Indicator

LED Indicator Color

Bi-color Yellow

(Amber)

Green

Function

System Status

State Decode

Off

Green On

Amber On

Amber Blinking

Undefined

Card is in normal operating condition

System is in a degraded operational state

Critical fault state

Fan Status LED Indicator

The Fan Status LED located on front panel indicates the fan health.

Table 5: Fan Status LED Indicator

LED Indicator Color

Bi-color Yellow

(Amber)

Green

Function

Fan Status

State

Off

Green On

Amber On

Amber Blinking

Decode

Undefined

Fans are operating and no error condition has been detected

Fans are in a degraded operational state

• One of N fans has a fault

Critical fault state

• Two or more fans has a fault

7

Note

Adaptive fan speed to control noise issues seen with 8540 FCS hardware is introduced in release version

8.1.131.0.

Temperature Status LED Indicator

The temperature status LED is located on the front panel and indicates whether or not the system is operating within acceptable temperature limits.

Table 6: Temperature Status LED Indicator

LED Indicator Color

Bi-color Yellow

(Amber)

Green

Function

Temperature Status

State

Off

Green On

Amber On

Amber Blinking

Decode

Undefined

System is operating at normal temperature

One or more temperature sensors reaches

UCR threshold

One or more temperature sensors reaches

UNR threshold

Power Supply Status LED Indicator

The power supply status LED is located on the front panel and indicates the proper functioning of the power supply.

8

Table 7: Power Supply Status LED Indicator

LED Indicator Color

Bi-color Yellow

(Amber)

Green

Function

AC Power Supply Status

State

Off

Green On

Amber On

Amber Blinking

Decode

Undefined

AC power supplies are operating and no error condition has been detected

One or more power supplies are in a degraded operational state

One or more power supplies are in a critical fault state

Network Link LED Indicator

The network LED is located on the front panel and indicates if any of the on-board networking ports are connected and operating.

Table 8: Network Link LED Indicator

LED Indicator Color

Single Color

Green

Function

Network Link Status

State

Off

Green On

Green Blinking

Decode

Undefined

Link on any of the ports, but no activity

Activity on any of the ports

Front Panel KVM Break-out Connector

A single female connector provides access to video, two USB ports for keyboard and mouse, and an RS-232C console serial port.

An external breakout connector to industry standard interfaces is required. The following figure shows an example cable.

9

The interfaces for the cable are:

1

Front panel KVM/Console connector

2

DB9 serial port connector

3

Dual Type-A USB 2.0 connectors

4

DB15 Video connector

Cisco 8540 WLC Rear Panel View

The rear panel has the following interfaces:

1

Two Type-A 3.0 USB ports

2

IMC port 10/100/1000 Base-T

To setup the CIMC interface:

• Connect the CIMC cable.

• To enable DHCP to set the IP, use the command imm dhcp enable.

• If DHCP is not available, use the command imm address <ip address> <net mask> <gateway ip>.

• To view the IP and details, use the command imm summary.

10

Note

CIMC web interface is for advanced debugging for TAC and escalation use ONLY.

Changing of settings in the CIMC by customer can cause adverse impact on controller software and functionality.

3

Serial COM connector — Standard RS-232 Serial COM port using RJ-45 connector

4

Ethernet service port (SP) — Management 10/100/1000 Base-T

5

Redundancy Port (RP)

LED Indicator Color

Bi-color Yellow

(Amber)

Green

Function

Management Interface Port Speed

State Decode

Off Link Speed = 10 MbpS

Amber On

Green On

Link Speed = 100 MbpS

Link Speed = 1 GbpS

11

LED Indicator Color

Bi-color Yellow

(Amber)

Green

Function

Management Interface Port Status

State

Off

Green On

Blinking

Decode

No Link

Link

Traffic Present

6

VGA Connector — Rear panel has a standard VGA port using a female D-Sub-15 Connector

7

ID Switch and LED

8

Four 1/10 G Management and Network ports

LED

Pwr OK

10 G

Port-n Link Status

Port-n Link Activity

Functional Definition

LED: (Amber) On indicates power is good

LED: (Amber) On indicates 10 G mode

LED: Off indicates 1 G mode

LED: (Green) On indicates link up status

LED: (Green) blinking indicates link activity

Switching Between 10 G and 1 G

• If there is nothing installed in port 1, the board will be configured for 10 G mode by default. Therefore, to switch to 1 G mode, an SFP module must be installed in port 1 and the system needs to be rebooted.

12

• Conversely, if an SFP module is installed and the user wants to switch to 4 x 10 G mode, then an SFP+ module must be installed in port 1 and the WLC rebooted.

• Thus, Online Insertion and Removal (OIR) of SFP and SFP+ between 10 G and 1 G is not possible.

• OIR of 10 G to 10 G and 1 G and 1 G is possible.

Note

It is recommended to have all ports as either 10 G or 1 G. In case they are different, port 1 SFP determines the mode of operation and functionality on the other SFPs may not work.

SFP Support

Network ports for 8540 WLC support the following Cisco SFP/SFP+ modules:

• GLC-T

• SFP-10G-SR

• SFP-10G-LR

• SFP-10G-LRM

• SFP-H10GB-CU1M

• SFP-H10GB-CU2M

• SFP-H10GB-CU2-5M

• SFP-H10GB-CU3M

• SFP-H10GB-CU5M

• SFP-H10GB-ACU7M

• SFP-H10GB-ACU10M

• SFP-10G-AOC7M

• SFP-H10GB-CU1-5M

• SFP-10G-AOC3M

• SFP-10G-AOC1M

• SFP-10G-AOC2M

• SFP-10G-AOC5M

• SFP-10G-AOC10M

• GLC-LH*

• GLC-EX-SMD*

• GLC-SX-MMD*

13

Note

The Cisco 8540 WLC requires GLC-T module on port 1

Image Specifications

Cisco 8540 WLC supports all the features of release 8.1.

Feature Not Supported on 8540 Controller Platform

The following features are not supported on the 8540 Controller platform:

• Local Authentication (where the controller acts as the authentication server)

• Internal DHCP server

• Wired Guest

Fault Tolerance Capability

The Cisco 8540 supports the stateless N+1 redundancy model . The N+1 HA architecture provides redundancy for controllers across geographically separate data centers with low cost of deployment. A single backup controller can be used to provide backup for multiple primary WLCs.

For more information on this model of redundancy, refer to

http://www.cisco.com/c/en/us/td/docs/wireless/technology/hi_avail/N1_High_Availability_Deployment_Guide/N1_HA_Overview.html

.

AP and Client SSO

High Availability Stateful Switchover (SSO) model provides a Box-to-Box redundancy with one controller in active state and another controller in hot standby state. The SSO model monitors the health of the active controller via a redundant (HA) port. Cisco 8540 wireless LAN controller has a failover RP Port.

The configuration on the active controller is synched to the standby controller using the redundant port. In HA, both controllers share the same set of configuration including the IP address of the management interface. The AP's CAPWAP state (for APs in RUN state) is also synched. As a result, APs do not go into Discovery state when the active controller fails. Also, a client's information is synced to the standby WLC when the client associates to the WLC or the client’s parameters change. Fully authenticated clients, that is, the ones in Run state, are synced to the standby. Thus, client re-association is avoided on switchover, making the failover seamless for the APs as well as for the clients, resulting in zero client service downtime and no SSID outage.

For more information on the SSO feature and the supported topologies, refer to the

High Availability deployment Guide

.

14

Connecting Cisco 8540 SSO Pair to the Wired Network

It is recommended to connect to a VSS pair and spread the links in each port-channel between the two physical switches to prevent a WLC switchover upon a failure of one of the VSS switches.

15

Customer Replaceable Units

Cisco 8540 wireless LAN controller has a minimal amount of separate orderable items, including all of the following:

• Power supply

• SSD Hard Disk Drive (HDD)

• HDD and power supply are hot-swappable on the Cisco 8540 WLC

Note

The power supply units are field replaceable.

Link Aggregation (LAG)

A single LAG across the 4 x 10 G interfaces is supported in software versions 8.1 and later. LACP and PAgP are not supported on the controller.

Inter-Platform Mobility and Guest Anchor Support

Guest anchor capability with:

• Cisco WLC 2504/5508 / 8510 / 7510 / WISM2 running as a foreign controller (EOIP Tunnel)

• Cisco 5520 / 8540 WLC running as a foreign controller (EOIP Tunnel)

• Cisco 5760 WLC running as a foreign controller with new mobility turned on (CAPWAP Tunnel)

Foreign controller to a guest anchor which is a:

• Cisco WLC 2504/5508 / 8510 / 7510 / WISM2 (EOIP Tunnel)

• Cisco 5520 / 8540 WLC (EOIP Tunnel)

• Cisco 5760 WLC with new mobility turned on (CAPWAP Tunnel)

CAPWAP has native management plane encryption and optional data payload encryption.

Infrastructure Multicast

Multicast support is enabled in the Cisco 8540 controller with the following restrictions:

• If all APs on the 8540 controller are configured in Local mode, Multicast-Multicast will be the default mode and all features are supported (for example, VideoStream).

If the APs are configured as a mix of Local mode and FlexConnect mode:

• If IPv6 is required on the FlexConnect APs:

• Disable Global Multicast Mode and change to Multicast-Unicast mode.

16

• IPv6 / GARP will work on FlexConnect and Local mode APs, but Multicast data and the VideoStream feature will be disabled.

• IPv6 / GARP is not required on FlexConnect APs:

• Change the mode to Multicast-Multicast and enable Global Multicast Mode and IGMP / MLD snooping.

• IPv6, GARP, Multicast Data, and VideoStream are supported on local mode APs.

New Mobility and MC Support

Cisco 8540 supports the new mobility functionality to be compatible with inter-platform IRCM and guest anchor support. This platform will not function as an MC.

Look and Feel of the Cisco 8540 Wireless LAN Controller

The Cisco 8540 controller enables console redirect by default with baud rate 9600, simulating a VT100 terminal with no flow control.

The 8540 controller has the same boot sequence as existing controller platforms.

Boot Up and Initial Configuration

• Initial Boot Sequence

• Boot Options

• Loading the OS and Boot Loader

• Loading Controller Services

Initial Controller Configuration

Configuration Wizard — As with all other controller platforms, initial boot up requires configuration using the Wizard menu.

WLAN Express Setup — As with all other controller platforms, 8540 WLC also supports the Express WLAN Setup over wired

Ethernet connection.

17

18

19

20

Monitoring and Best Practices

This platform supports the Monitoring Dashboard and the Upgrade audit workflow view with release 8.1.

Management Web UI

The management web interface has the same look and feel as existing Cisco wireless LAN controllers.

21

22

Licensing

8540 Wireless LAN Controller supports Right to Use (RTU) licensing model similar to the Cisco Flex 7500 and Cisco 8500 series controllers. This is an Honor-based licensing scheme that allows AP licenses to be enabled on supported controllers with End User

License Agreement (EULA) acceptance. The RTU license scheme simplifies addition, deletion, or the transfer of AP adder licenses in the field by eliminating the need for an additional step, additional tools, or access to Cisco.com for PAK license or return materials authorization (RMA) transfers.

Evaluation licenses are valid for 90 days. Notifications will be generated to inform you to buy a permanent license starting 15 days prior to the evaluation license expiration.

If you have more APs connected than those purchased, the licensing status for the controller tracked within the Cisco Prime Infrastructure will turn red.

For more information on the RTU License model, refer to the

Cisco Right to Use Licensing (RTU)

document.

License Types

These are the three license types:

Permanent licenses—The AP count is programmed into NVM while manufacturing; this is also referred to as Base AP count licenses. These licenses are transferable.

Adder access point count licenses—Can be activated through the acceptance of the EULA. These licenses are transferable.

23

Evaluation licenses—Used for demo and/or trial periods, are valid for 90 days, and default to the full capacity of the controller.

The evaluation license can be activated at any time using a CLI command.

Licensing Model Features

• Two Base Bundle SKUs: AIR-CT8540-K9 and AIR-CT8540-1K-K9

• Portability of licenses between 5520 and 8540 wireless LAN controllers

• No separate HA-SKU UDI

Table 9: 8540 Primary SKUs / PIDs

SKU / PID

AIR-CT8540-K9

AIR-CT8540-1K-K9

LIC-CT8540-UPG

LIC-CT8540-1A

Description

Cisco 8540 wireless controller w/rack mounting kit

Comments

Base and HA SKU

Cisco 8540 wireless controller supporting 1000 APs w/rack kit

1000 AP Bundle SKU

Top level SKU for 8540 AP adder licenses —

Cisco 8540 wireless controller 1 AP adder license —

24

©

2015 Cisco Systems, Inc. All rights reserved.

Americas Headquarters

Cisco Systems, Inc.

San Jose, CA 95134-1706

USA

Asia Pacific Headquarters

Cisco Systems (USA) Pte. Ltd.

Singapore

Europe Headquarters

Cisco Systems International BV

Amsterdam, The Netherlands

Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the

Cisco Website at www.cisco.com/go/offices.

advertisement

Key Features

  • High AP Scalability (6,000 APs in 2 RU)
  • High Client Density (64,000 clients in 2 RU)
  • High Throughput (40 Gbps with 2 RU)
  • Support for 6,000 APs, 6,000 AP Groups, 2,000 FlexConnect Groups
  • Support for 4095 VLANs
  • High Availability with Sub-Second AP and Client SSO
  • TrustSec SXP Support
  • Right to Use (RTU) Licensing

Frequently Answers and Questions

What is the maximum number of APs that the Cisco 8540 Wireless LAN Controller can support?
The Cisco 8540 Wireless LAN Controller can support up to 6,000 APs.
What is the maximum number of clients that the Cisco 8540 Wireless LAN Controller can support?
The Cisco 8540 Wireless LAN Controller can support up to 64,000 clients.
What is the maximum throughput of the Cisco 8540 Wireless LAN Controller?
The Cisco 8540 Wireless LAN Controller has a maximum throughput of 40 Gbps.
What type of licensing does the Cisco 8540 Wireless LAN Controller use?
The Cisco 8540 Wireless LAN Controller uses the Right to Use (RTU) licensing scheme.
What are the different modes of operation supported by the Cisco 8540 Wireless LAN Controller?
The Cisco 8540 Wireless LAN Controller supports all AP modes of operation, including Local, FlexConnect, Monitor, Rogue Detector, Sniffer, Bridge, and Flex+Bridge.
Does the Cisco 8540 Wireless LAN Controller support high availability?
Yes, the Cisco 8540 Wireless LAN Controller supports high availability with sub-second AP and client SSO.

Related manuals