vWLAN Disaster Recovery Guide

Version 3

    ADTRAN_logo.png

     

    1. Introduction
    2. High Availability
    3. AP Control Channel Timeout
    4. Standby SSID
    5. System limitations when no control plane connection is possible
    6. Disaster recovery scenarios and expected behaviors
    7. Disaster recovery combinations


    Introduction

    Bluesocket Access Points securely connect to the vWLAN through a TLS-based control channel. Within the control channel is a keep-alive mechanism which is used by vWLAN and the AP to determine when network connectivity is lost. This control channel provides the mechanism to exchange communication between the vWLAN and AP for RF management, AP configuration changes, user management, and user authentication.

     

    There are multiple options to consider when network connectivity is disrupted to the primary vWLAN controller. The most robust option for disaster recovery is High Availability. As of vWLAN version 2.4, it is no longer necessary to acquire a supplemental license for High Availability. Rather, High Availability is licensed by default and is no longer an optional column within the vWLAN’s “AP Licenses” table in the secure web-based administrative interface.

    Where it is not feasible to deploy a High Availability failover pair, there are other AP-side disaster recovery options available:

    • AP Control Channel Timeout
    • Standby SSID

     

    High Availability

    vWLAN can be deployed in a high availability mode where there is a “master” (primary) and “node” (backup) in a 1+1 setup.  If network connectivity between the Bluesocket AP and master vWLAN is disrupted resulting in the AP losing the configured keep-alive messages, the control channel to the vWLAN is considered lost.

     

    Upon losing the control channel, the Bluesocket AP will attempt to connect to the node. If neither the master nor node is reachable, the AP will continually retry connecting to either until a connection can be established.

     

    When Bluesocket APs initially discover the vWLAN node, they synchronize in real-time all user information which is populated to the vWLAN’s real-time user database.  In this way, when a failover event occurs within the High Availability pair, existing users maintain their active sessions with zero packet loss.

     

    For detailed instructions on configuring High Availability, please refer to the Administrator’s Guide for vWLAN. To specifically configure the interval (in seconds) for checking connectivity between the Bluesocket AP and the vWLAN, navigate in the secure web-based administrative interface to Configuration > System > High Availability:

     

     

    Edit_Replication_Node.png

     


    AP Control Channel Timeout

    The AP Control Channel Timeout is a feature that allows the Bluesocket AP to stay online and passing client traffic for a period of time even if the control channel is lost. This feature is particularly useful – in the absence of a High Availability connection – to allow the AP to continue servicing clients if the control channel is temporarily disrupted.

     

    Note: At this time, it is not possible to combine AP Control Channel Timeout and Standby SSID options. Therefore, if you want to use this feature, you must delete all Standby SSIDs.

     

    To configure the AP Control Channel Timeout duration value, navigate in the secure web-based administrative interface to Configuration > System > Settings > Domain tab:


    Edit_Domain_Setting.png


    Standby SSID

    The Standby SSID is a feature that allows the Bluesocket AP to operate similarly to an autonomous AP when High Availability is not configured or when connectivity to either the master or node vWLAN is not available.

     

    Supported authentication types are Open, Shared Key (WEP), WPA-PSK, and WPA2-PSK. The Standby SSID provides a configuration option for a static VLAN assignment, if desired.

     

    Note: At this time, it is not possible to combine AP Control Channel Timeout and Standby SSID options. Therefore, Standby SSIDs are not compatible with a non-zero AP control channel timeout.

     

    To configure a Standby SSID, navigate in the secure web-based administrative interface to Configuration > Wireless > SSIDs:

     

     

    Edit_SSID.png


    When the control channel is lost all active SSIDs are disabled and the Standby SSID(s) is/are activated. When the control channel is restored, the Standby SSID(s) is/are deactivated.


    System limitations when no control plane connection is possible

    If Bluesocket APs are in operation without a control plane connection to the vWLAN, the system behaves as follows:

    • Existing users will continue passing traffic.
    • With the exception of the Standby SSID, new clients cannot be added to the WLAN and existing clients cannot change SSIDs.
    • An 802.1x session timeout will result in a user disassociation and the user is not permitted to re-associate until the control channel is re-established.
    • Layer 2 and Layer 3 roaming between Bluesocket APs that exchange RF adjacency information continues to be possible.  However, roaming to Bluesocket APs outside the adjacency group is not possible and client connectivity is lost. Where connectivity is lost, the client must return to associate with a Bluesocket AP where they were previously associated. The exception is the Standby SSID case, where Layer 2 roaming is possible between all APs configured with the same Standby SSID.
    • Local user expiration will not be enforced.  If a user’s account expires while the control channel is down, the user is not forced out of the system.
    • Client bandwidth reporting data is not updated during this time. Thus, historical data could be inaccurate if the user is timed out before the control channel is restored.
    • If the network is disrupted during a web authentication or an 802.1X machine authentication attempt, that authentication will not be successful. The result is that the user is left in their present role.


    Disaster recovery scenarios and expected behaviors


    Scenario: Control plane connectivity does not exist between the AP and either the Standalone vWLAN, or between the AP and the master or node vWLAN in a High Availability configuration.

    • Option: AP control channel timeout
      • Expected behavior:  Upon discovering that the control plane connection with the vWLAN is lost (this process may take 1-3 minutes); the AP control channel timeout timer begins counting down.  The AP will periodically and continually attempt to establish a control plane connection with the vWLAN on TCP port 33333.  While the timer is counting down, existing clients will continue to pass traffic. However, no new clients can be added to the WLAN and existing clients cannot change SSIDs.  Clients can roam between adjacent APs that have shared client information prior to the loss of the control channel. When the AP control channel timer reaches zero, the AP will reboot continuously until the control plane connection can be reestablished. (For each reboot, the AP will attempt to establish a control plane connection with the vWLAN on TCP port 33333.) Upon AP reboot, all clients will lose connectivity with the WLAN. When the control plane connection is reestablished, clients can reconnect to the WLAN.  For clients authenticating via pre-shared key, SSID Auth, MAC Auth, or 802.1X, any re-authentication into the Clients table is seamless to the end-user, provided that the client is configured to reconnect to the WLAN automatically.  For clients authenticating via Web Auth: If the client is still authenticated in the vWLAN’s Clients table (Status > Clients), no re-authentication is required. If the client is no longer listed in the Clients table, the client must re-authenticate.
      • Note: If the AP is rebooted while there is no control plane connection with the vWLAN, the control channel timeout does not resume counting down, and it does not reset the counter. Rather, the AP will reboot continuously until the control plane connection can be reestablished.
    • Option: Standby SSID
      • Expected behavior:  Upon discovering that the control plane connection with the vWLAN is lost (this process may take 1-3 minutes); the AP will stop broadcasting the active SSID(s) and will broadcast the Standby SSID. At this point, clients must associate on the Standby SSID. Once associated, clients may pass traffic and roam within the WLAN. The AP will periodically and continually attempt to establish a control plane connection with the vWLAN on TCP port 33333. When the control plane connection with the vWLAN is reestablished, the AP will stop broadcasting the Standby SSID and start broadcasting the original SSIDs. At this point, clients must associate with the active SSID(s). For clients authenticating via pre-shared key, SSID Auth, MAC Auth, or 802.1X, any re-authentication into the Clients table is seamless to the end-user, provided that the client is configured to reconnect to the WLAN automatically.  For clients authenticating via Web Auth: If the client is still authenticated in the vWLAN’s Clients table (Status > Clients), no re-authentication is required. If the client is no longer listed in the Clients table, the client must re-authenticate.
      • Note: If the AP is rebooted while there is no control plane connection with the vWLAN, the Standby SSID will not be re-broadcast. Rather, the AP will reboot continuously until the control plane connection can be reestablished.
    • Option: No disaster recovery method configured
      • Expected behavior:  The AP will reboot immediately upon discovering that the control plane connection with the vWLAN is lost.  (This process may take 1-3 minutes.) Upon AP reboot, all clients will lose connectivity with the WLAN. The AP will reboot continuously until the control plane connection can be reestablished. (For each reboot, the AP will attempt to establish a control plane connection with the vWLAN on TCP port 33333.) When the control plane connection is reestablished, clients can reconnect to the WLAN.  For clients authenticating via pre-shared key, SSID Auth, MAC Auth, or 802.1X, any re-authentication into the Clients table is seamless to the end-user. For clients authenticating via Web Auth: If the client is still authenticated in the vWLAN’s Clients table (Status > Clients), no re-authentication is required. If the client is no longer listed in the Clients table, the client must re-authenticate.


    Scenario: Control plane connectivity exists with High Availability node

    • Option: High availability     
      • Expected behavior: Upon discovering that the control plane connection with the vWLAN is lost (this process may take 1-3 minutes); the AP will wait a period of time before failing over to the High Availability node to avoid unnecessary failover events. That period of time is configured in the vWLAN’s administrative UI under Configuration > System > High Availability > “Interval for BSAP keep-alive checks” and “Failed BSAP keep-alive checks.” If that period expires, the AP will fail over to the node and clients will continue passing traffic with zero packet loss. The AP will periodically and continually attempt to establish a control plane connection with the primary vWLAN on TCP port 33333. When the control plane connection with the primary vWLAN becomes available again, the AP will fail back to the master (if configured to do so in the vWLAN’s administrative UI under Configuration > System > High Availability > “Auto Failback to Master”). Clients will fail back to the master and will continue passing traffic with zero packet loss.


    Disaster recovery combinations

    • High availability + AP Control Channel Timeout

    High availability failover will occur first. If a control plane connection cannot be established with either the master or node, the AP will begin the AP control channel timeout timer. The AP will periodically and continually attempt to establish a control plane connection with either the master or node vWLAN and reconnect when possible.

     

    • High availability + Standby SSID

    High availability failover will occur first. If a control plane connection cannot be established with either the master or node, the AP will activate the Standby SSID(s). The AP will periodically and continually attempt to establish a control plane connection with either the master or node vWLAN and reconnect when possible.


    Note: At this time, it is not possible to combine AP Control Channel Timeout and Standby SSID options.