Can controllers keep up with the requirements of WLANs in the future (even though they could in the past)?

  • 1
  • Question
  • Updated 3 years ago
  • Answered
  • (Edited)
If you read our blog or if you're on Social Media, you have probably seen the conversation about the death of the WLAN controller. Conversations on this topic are welcome here in the community, and here is a conversation to get you started. Please feel free to chime in, or start your own. Be sure to tag the Death of WLAN Controllers category when you post, and follow this category in order to stay up to date on the latest.
Question: Can controllers keep up with the requirements of WLANs in the future (even though they could in the past)?

Photo of Amanda


  • 396 Posts
  • 25 Reply Likes

Posted 4 years ago

  • 1
Photo of Alex


  • 1 Post
  • 0 Reply Likes
WLAN controllers connect wired network and wireless network. If there are no controllers any more, what device should undertake the role as a intermediate connector and security control point? As we all know, in the past autonomous APs can be connected to wired network without a controller. Limited by its hardware capability, however, autonomous APs cannot handle growing wireless traffic and more complex tasks.
Photo of Matt Kopp

Matt Kopp

  • 47 Posts
  • 12 Reply Likes
Hi Alex, why not the APs?  The greatest part of removing controllers is moving the control plane onto the access points.  The fundamental issue with controller-based design is single point-of-failure - even in a world of redundancy.  They also will double network traffic - think to-and-from each AP.

Given modern computing abilities, why not remove the processing from a single device and move it onto devices to share?  Collaborative control allows for this and allows for direct communication between APs.

Regarding security, this can be handled, again, at the AP-level.  By filtering at the AP instead of the controller mitigates ANY wired traffic that doesn't belong.  Whereas in traditional deployments a device is allowed onto communication through a controller - they're still allowed on!

Ingress filtering at an AP level allows for blocking unnecessary traffic at the lowest possible layer.  If you can firewall or delegate VLANs at an Access Point, why not?  Why pass that along to another device only to have it decide, pass the information back, etc.  That's a large amount of overhead that doesn't need to exist.

There is a lot of talk about Cloud Controllers (read: Cisco bought Meraki for one reason!).  Although more authority is delegated to APs, there is still a controller involved.  If an Internet connection fails - so does RADIUS and services requiring the controller.  Good idea in theory, bad in principle.

Autonomous APs are limited by their inability to communicate with peers.  If you can remediate that limitation - collaborative control protocols - you can overcome the traditional limitations by allowing them to communicate directly with peers and therefore share the control decisions traditionally made by a controller.