Wireless Access

Hi,

We are currently running over a hundred AP-215s on an Aruba 7210 Mobility Controller on our network. The APs are on their dedicated VLAN along with the controller. We have multiple SSIDs with different VLANs assigned to each SSID. Our controller has all the VLANs tagged as trunk on its uplink port on our core switch.

Since I figured out that the 7210 can act as a layer-3 switch, we were wondering if there was any use to tag (as trunk) all the required VLANs on all the ports dedicated to our APs throughout our network. We currently have this configuration in place because we used to run on an Instant cluster before acquiring the 7210 Mobility Controller.

For example:

Controller has VLANs 1,2,3,4,5 tagged as trunk on its uplink, and VLAN 1 is the native VLAN dedicated to the controller and APs;

All the APs have VLANs 1,2,3,4,5 tagged as trunk on their uplinks.

Is it a better idea to just tag VLAN 1 on all the APs, and let the controller do the routing itself instead?

Thank you in advance for the answers, and happy holidays.

You should not tag any ports that the APs are on.  The APs by default send all client traffic back to the controller and the controller puts it on the right VLANs, either through an access port or a tagged trunk port.  This is what keeps you from having to tag ports that the APs is on and concentrate on only configuring VLANs on the controller.  In this way, it does not matter what VLAN an AP is on;  all traffic is sent back to the controller and the controller sorts it out.  That means you don't need a network engineer to configure switch ports, when all you want to do is just have someone plug in an AP somewhere.

 There is no benefit to tagging ports that APs are on, because all traffic is sent back to the controller by default.