The Big Question: Instant or Controller-based Networks?

6th Jun 2018

Controller-less access points, such as the HPE Aruba Instant and the Ruckus Unleashed portfolios have been around for some time and often form the foundation of our wireless networks. 

However, we still find some confusion amongst our customers as to the merits of both controller-less and controller-based wireless solutions and the reasons why a business might select one over the other.

There is certainly a great deal to consider at the design phase of any business-grade network, so regard the following as an ‘all you need to know’ rundown of controller and controller-less network configurations.

The Evolution of the Wireless LAN Controller

In far simpler times, networks were built around autonomous access points; each access point (AP) was essentially in charge of its own Radio Frequency (RF) management and, in network terms, was only aware of itself. 

Although this functionality was more than adequate, in a multi-access-point deployment it did have one serious shortcoming. If each AP was ‘self-aware’ but had no awareness of others in the same network then, by definition, these APs are not working together.

This all changed with the advent of the Wireless LAN Controller (WLC)

With the addition of a Wireless LAN Controller, the previously ‘self-aware’ access points were rendered ‘dumb’, with all of the intelligence being fed back and managed from a centralised point. 

What a great idea!

Free Network Health Check

An Imperfect Solution?

Although WLCs promised to change the game for good, there were potential weaknesses in the solution. 

As explained above, controllers gave networks a centralised point - or ‘brain’ - and with it a single point of intelligence. The downside of this was that networks now also had a single point of failure; a significant problem for achieving resilience. 

With so much relying on this centralised controller, in the event of a device failure it would take all of the connected access points along with it – not good at all. 

The good news was that there was an obvious fix; the bad news was that (as is often the case) the fix was expensive. 

By simply adding a second Wireless LAN Controller, IT staff and business owners could rest-easy knowing that, should the main controller ‘fail’, the second would seamlessly take over. 
This is what is known as a ‘resilient pair’.

Further Imperfections

During these early stages of controller-based networking, licencing for the access points were purchased ‘per controller’. Thus, in our failover scenario, licenses would have to be purchased for both the primary controller and the backup. Again, adding unwanted expense to the goal of enterprise network resiliency.

Of course, such an impractical situation could not endure and manufacturers began facilitating the ‘pooling’ of licenses which could be validated on both controllers in our resilient pair.

In Case of Fire…

Although the teething problems with regards to WLCs were fairly simple (if costly) to overcome, there was one glaringly obvious pitfall of adding two extra pieces of hardware to a business network – keeping both ‘boxes’ in the same computer room negated any failover plans should a catastrophic event, such as a fire, occur. 

You’ve just lost BOTH controllers!

So now we need to place our second controller either in a different location on the business premises, or in a totally different location altogether. Again, this issue was not insurmountable but was inconvenient at best.

What About Speeds and Feeds?

Aside from a few ‘bumps in the road’ the controller-based network solution worked well and provided businesses with a simple, powerful and effective way to manage the health and performance of their access points estates. But as access point technology moved from 802.11g/a to 802.11n/ac network bottlenecks became the latest in a string of headaches for controller-based set-ups. 

In real terms, these advancements increased throughputs ‘up the wire’ to the WLC from 54Mb to a possible 2Gb – in a 25 access point estate, that’s 50Gb of data! 

It was at this point the need for an alternative solution seemed clear.

Controller-less Access Points

Featuring both autonomous and controller-based system technologies, businesses could now truly benefit from a network controller – a virtual controller. 

In a controller-less access - or Instant - point architecture, the duty of a virtual controller is shared among the devices. 

After first ‘electing’ one access point to take charge of the AP cluster (all of which host a copy of the network configuration) they intelligently host another election and appoint new ‘controller’ should the original AP suffer a failure.

This new approach to networking also overcame the throughput issue. In the current landscape of high-performance, high-throughput 802.11ac (and even the upcoming 802.11ax), the major advantage of controller-less access points was that they fed data traffic directly (i.e. not via a controller) to the network.

In addition to this far greater level of throughput, controller-less access points also delivered a great deal of network resilience in that, on a 25 AP network, businesses would now have 25 controllers as opposed to the previous two (or, resilient pair), thus dramatically increasing resiliency. 

Decisions, Decisions

So, with controller-less access points, we have overcome the throughput issue whilst retaining the overall view and ‘control’ of the network. Where’s the catch? 

Why would a business still opt for a controller-based solution?

Well, as good as controller-less networks are, when compared directly to controller-based alternatives they have one major shortcoming…CPU and memory (or a lack of it).

With these very clever access points doing the work of their ‘dumb’ predecessors and the Wireless LAN Controller, they don’t have the kind of CPU and memory most modern enterprise clients will require to keep performance at optimum levels. 

Not only does a WLC give network operators extra functionality, such as guest portal configuration and enhanced firewalling, it also acts as the ONLY point of egress to the commercial or business network.

A single point of egress is desirable for network administrators as, with a WLC, they will only need to apply polices (Firewall, Quality of service) on the wired network at that one point (a little contradictory as earlier we said that the ‘single point’ was a downside). 

Of course, what follows is that in a controller-less architecture one must apply policies at each point the AP ‘touches’.

That said, the arguments ‘for’ and ‘against’ controller-less networking still very much weigh on the side of eliminating the controller from the equation.

Just Go Controller-Less

For less-complicated and relatively small business networks (for scale, there is no hard limit on Aruba Instant access points but we would not recommend deploying no more than 64), which do not require any advanced policies, controller-less access points work extremely well. 

With no need for licensing or costly support contracts (on two controllers in a resilient pair) there is a clear advantage, both in the cost and the admin of ‘going controller-less’.

Of course there are still network scenarios in which controller-based solutions would be the better option, but if you are considering a new network or are upgrading an existing system it is worth exploring controller-less first. 

You’ve Still Got Options!

The great thing about controller-less platforms is that you can operate them within a controller-less network or as part of a controller-managed system. And, better still, a controller-less network can be transformed into a controller-based system as it scales and visa-versa if circumstances change conversely.  

What Next?

Whether you are looking at an Aruba Instant, Ruckus Unleashed, Cisco or Cisco Meraki network architecture, our engineers have skills and knowledge to guide you through. Why not contact Ensign Communications today for a chat with our technical team?