Key features introduced with AOS 8

The Aruba operating system was meticulously developed from ground level. The graphical user interface (GUI) and the command line share certain similarities, yet, substantial modifications have been made to improve the scalability and redundancy of this new design. The following are the main innovations included in ArubaOS 8:

• Mobility Master Virtual Machine or Hardware Appliance
• Controller Clustering
• Hierarchical Configuration
• Live Upgrade and Seamless Failover Service are a Big win in AOS8
• The AirMatch
• MultiZone Access Point
• Virtual Mobility Controller

One notable modification is the relocation of the master role from the physical controller to a virtual machine or hardware appliance known as the Mobility Master. Mobility Master is the central platform for all configuration operations. Furthermore, it assumes responsibility for the licensing server, radio resource management, and cluster administration, among various other tasks.

Subsequently, engineers can establish a configuration hierarchy moving from regions to campuses, to sites, and ultimately to individual nodes. The design of this hierarchy can be tailored to the specific requirements of the environment. Importantly, all common configurations are established in the higher layers of the hierarchy and subsequently passed on to the lower nodes. The configuration tailored to the site can then supersede any of the inherited configurations.

An exemplary instance of this is a designated VLAN that is present on every network contained within the organization, such as the Guest VLAN. The VLAN identification may vary among the several sites. Hence, the designated VLAN can be established at a higher level of the configuration tree and then passed on to all the connected sites. Each site has the ability to supersede the designated VLAN by using the particular VLAN ID relevant to that location. This feature enhances the scalability and simplifies the management of the solution in larger networks.

Arguably, Controller Clustering is the most captivating aspect of the AOS 8 architecture. Instead of utilizing master-master or master-local configurations, all controllers have been renamed as “managed devices.” Clustering controllers allows for complete redundancy and flawless fault tolerance. Within a cluster, all access points (APs) and all wireless Clients are distributed through load balancing across the controllers.

A primary controller and a secondary controller are allocated to each access point (AP) and wireless client. The primary and secondary controllers share all of their traffic. Assuming the primary controller fails, the secondary controller assumes control without any communication being dropped by the access point or client. This also incorporates the live upgrading functionality of the AOS 8 architecture.

Providing that the wireless network is equipped with an adequate number of access points (APs) to ensure RF redundancy, it can be done to upgrade the controller clusters during production hours. This is achievable by the cluster leader transferring access points (APs) and wireless clients from one controller to another member of the cluster. Consequently, the number of reboots needed for the access points to upgrade is reduced. The cluster leader will choose access points (APs) that are not neighbouring to minimize the consequences of those APs rebooting. Provided that there is sufficient RF redundancy included into the system, the clients will remain unaware of the ongoing upgrade. The cluster will persist in this procedure until all controllers within the cluster have successfully undergone upgrades. Subsequently, the AP and wireless client load will be redistributed among the members of the cluster.

An additional enhanced functionality is the radio resource management (RRM) procedure. Anyone with knowledge of Aruba Networks is aware with the functioning of ARM (Adaptive Radio Management). AirMatch is a RRM technique recently launched by Aruba Networks. The new procedure involves that the Access Points (APs) and controllers notify the Mobility Master of Radio Frequency (RF) events occurring in the environment within a 24-hour timeframe. The Mobility Master utilizes all the gathered data to compute updated radio transmit powers and allocate channels. The assignments are implemented on a daily basis to mitigate the “ripple” impact encountered by ARM.

An Access Point (AP) can terminate its Gateway Routing Encryption (GRE) tunnels to two separate controllers located in distinct configuration domains using the MultiZone functionality. This enables a multi-tenant setting, such as an airport, to let other enterprise to use the airport’s access points (APs) for wireless connectivity on their Service Set Identifiers (SSIDs). While this concept may seem promising, its implementation is challenging due to the requirement for tenants to possess their own controllers, licenses, and establish collaboration with the main facility.

MultiZone can be practically demonstrated by its capability to establish an airgap between a corporate network and a guest network. An organization can configure its Mobility Master and main controllers to be located within its trusted zone, while another independent controller is placed in the DMZ. The controller located in the DMZ terminates the guest SSID tunnels which includes                all guest network functionality. Finally, this establishes an additional level of security for that organization.

One further, very persuasive characteristic is the Virtual Mobility Controller (VMC). Aruba has launched a completely virtualized controller compatible with VMware, Microsoft Hyper-V, and KVM hypervisors. The Virtual Machine Controller (VMC) offers environments maximum flexibility by obviating the necessity for supplementary hardware. Nevertheless, the VMC does have supplementary mandatory licensing of each AP in order to allow the termination of APs. Aruba provides comprehensive documentation regarding installation requirements, sizing guides, and licensing terms.

The AOS 8 design introduces several novel functionalities that enhance the scalability, manageability, redundancy, and security of a wireless network.