Header Only - DO NOT REMOVE - Extreme Networks

VX9000 to replace old rfs


Userlevel 1
Hi,

What would be the proper way to replace an old RFS controller with a VX9000? Of-course if there are no access ports involved (e.g. ap622), just access points.

Thank you in advance.

8 replies

Userlevel 3
So, for clarification, the AP622 runs wing 5 natively, only ap300 AP200 and ap100 are considered ports and designed to run in a slip mac architecture, these all use wisp and wispe (in the case of the ap300)

The VX9000 has a limited data backplane so we typically don’t recommend to tunnel traffic. The code will allow you to do this, and we will support restricted tunneling (100 tunnels max).

We would recommend that you configure the access points to adopt using Layer 3. I would also recommend using mint level 2.

This will require you to have a minimum of two rf-domain (one for the VX and one for the Aps)

Finally, I would recommend disabling layer 2 adoption on the controller

This is achieved by the line no mlcp vlan under the VX device profile.

It is also worth removing any latency mint links by service mint clear mlcp

hope this helps
Userlevel 1
Andrew Blomley wrote:

So, for clarification, the AP622 runs wing 5 natively, only ap300 AP200 and ap100 are considered ports and designed to run in a slip mac architecture, these all use wisp and wispe (in the case of the ap300)

The VX9000 has a limited data backplane so we typically don’t recommend to tunnel traffic. The code will allow you to do this, and we will support restricted tunneling (100 tunnels max).

We would recommend that you configure the access points to adopt using Layer 3. I would also recommend using mint level 2.

This will require you to have a minimum of two rf-domain (one for the VX and one for the Aps)

Finally, I would recommend disabling layer 2 adoption on the controller

This is achieved by the line no mlcp vlan under the VX device profile.

It is also worth removing any latency mint links by service mint clear mlcp

hope this helps

Dear Andrew, thank you for your answer.

I have one more question. In the case of two VX9000 in cluster mode will the AP licenses add up to 128 total?
Userlevel 2
Andrew Blomley wrote:

So, for clarification, the AP622 runs wing 5 natively, only ap300 AP200 and ap100 are considered ports and designed to run in a slip mac architecture, these all use wisp and wispe (in the case of the ap300)

The VX9000 has a limited data backplane so we typically don’t recommend to tunnel traffic. The code will allow you to do this, and we will support restricted tunneling (100 tunnels max).

We would recommend that you configure the access points to adopt using Layer 3. I would also recommend using mint level 2.

This will require you to have a minimum of two rf-domain (one for the VX and one for the Aps)

Finally, I would recommend disabling layer 2 adoption on the controller

This is achieved by the line no mlcp vlan under the VX device profile.

It is also worth removing any latency mint links by service mint clear mlcp

hope this helps

Hi Gluo,

Once the VX9000 is in cluster mode (Active + standby) AAP license will added up.
Example,
VX9000-1 = 64 AAP license
VX9000-2 = 64 AAP license
The License after clustering will be = 128 AAP License.
Userlevel 1
Andrew Blomley wrote:

So, for clarification, the AP622 runs wing 5 natively, only ap300 AP200 and ap100 are considered ports and designed to run in a slip mac architecture, these all use wisp and wispe (in the case of the ap300)

The VX9000 has a limited data backplane so we typically don’t recommend to tunnel traffic. The code will allow you to do this, and we will support restricted tunneling (100 tunnels max).

We would recommend that you configure the access points to adopt using Layer 3. I would also recommend using mint level 2.

This will require you to have a minimum of two rf-domain (one for the VX and one for the Aps)

Finally, I would recommend disabling layer 2 adoption on the controller

This is achieved by the line no mlcp vlan under the VX device profile.

It is also worth removing any latency mint links by service mint clear mlcp

hope this helps

Thank you!
Userlevel 1
Andrew Blomley wrote:

So, for clarification, the AP622 runs wing 5 natively, only ap300 AP200 and ap100 are considered ports and designed to run in a slip mac architecture, these all use wisp and wispe (in the case of the ap300)

The VX9000 has a limited data backplane so we typically don’t recommend to tunnel traffic. The code will allow you to do this, and we will support restricted tunneling (100 tunnels max).

We would recommend that you configure the access points to adopt using Layer 3. I would also recommend using mint level 2.

This will require you to have a minimum of two rf-domain (one for the VX and one for the Aps)

Finally, I would recommend disabling layer 2 adoption on the controller

This is achieved by the line no mlcp vlan under the VX device profile.

It is also worth removing any latency mint links by service mint clear mlcp

hope this helps

Hi again,

In the case of Nsight does it run on both servers and about the nsight licenses, are they shared on the standby server if it comes up in case of active server failure?

Thank you.
Userlevel 4
Andrew Blomley wrote:

So, for clarification, the AP622 runs wing 5 natively, only ap300 AP200 and ap100 are considered ports and designed to run in a slip mac architecture, these all use wisp and wispe (in the case of the ap300)

The VX9000 has a limited data backplane so we typically don’t recommend to tunnel traffic. The code will allow you to do this, and we will support restricted tunneling (100 tunnels max).

We would recommend that you configure the access points to adopt using Layer 3. I would also recommend using mint level 2.

This will require you to have a minimum of two rf-domain (one for the VX and one for the Aps)

Finally, I would recommend disabling layer 2 adoption on the controller

This is achieved by the line no mlcp vlan under the VX device profile.

It is also worth removing any latency mint links by service mint clear mlcp

hope this helps

Hi Andrew,

is there any real technical reason for not supporting tunnels officially with VX?
I mean, what if there was just hardware requirements table that will show what is minimum CPU/RAM/HDD for typical VX and what is minimum for VX supporting IPsec/L2TPv3/MiNT/L2oGRE tunnels?
GTAC shouldn't have much more to do. Tunnels not working on VX? 'Confirm that hardware requirements and VM/hypervisor settings are met, otherwise we don't care'.

Kind regards,
Tomasz
Hi Champs,

I'm fairly new with Extreme Wireless.
We have a similar case where a customer wants to replace RFS6000 with VX9000.
They are running 2 SSIDs (Local Mode on VLAN 1) and 2 SSIDs (Tunnel Mode on VLAN 10).
The tunnel mode SSIDs are for guest and mobile users which have access to internet only.
To provide internet only to VLAN10, they have created 1 port on RFS6000 as access port on VLAN10 and connected that port to internet router directly.

My questions are:
1. What's the best way to migrate from RFS6000 to VX9000.
2. Since VX9000 wouldn't have physical interfaces, how could we separate the guest traffic to have only internet access?
Userlevel 3
Hi Tomasz

The VX has no broadcast traffic optimization.

To delivery multiple VLANs the Virtual interface is required to be in promiscuous mode, this eliminates any reception filtering that the virtual network adapter would perform so that the guest operating system receives all traffic observed on the wire and this is set across all sites. this is not desirable so it is not recommended or supported

if you require to tunnel traffic, it is recommended to use L2TPv3 from the RFDM and terminate this traffic on router firewall, or a NX platform.

The NX can be adapted to the VX and controlled and does not require an AP license

Andy

Reply