Gateway Cluster Architecture

In a gateway cluster architecture, the devices form a cluster among themselves as long as they are all in the same UI group. Also, when the gateways in a group are assigned to the same site, the gateways automatically form a cluster among themselves. When all the cluster members are in a fully connected mesh, a cluster leader is elected based on the platform type or platform value, and the MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address . The cluster leader publishes the bucket map for each cluster and balances the client load seamlessly when there is an imbalance of load among the cluster members. The bucket map is used to map bucket of clients to the active and standby User Designated Gateways (UDG).

These are used by APs to decipher the active and standby UDG for each client. A bucket map is published for every cluster. The AP calculates the Bucketindex for the client on Station Up (STA_UP) message and directs it to the UDG as per the bucketmap.

The last 3 bytes of the client’s MAC address is XORed to get decimal value between 0 and 255. This value is used by the AP to look up in the bucketmap and use the corresponding index to forward the STA_UP message to the correct UDG.

The cluster leader identifies standby Gateways for clients and APs to ensure hitless failover. The client traffic is forwarded to the User Designated Gateway or to the Standby User Designated Gateway (S-UDG) based on the listing of Gateways in the AP bucket map.

The gateway cluster architecture in tunnel mode consists of the following members:

Device Designated Gateway (DDG) and Standby Device Designated Gateway (S-DDG)

To publish bucketmap and nodelist (A nodelist is the list of gateways in a cluster) to every device (AP), you need a designated gateway. In the event of failure of the Active Device Designated Gateway, a standby Designated Gateway shall continue to publish the bucketmap and nodelist. Hence, every AP is assigned with a DDG and a S-DDG. The cluster leader selects the Device Designated Gateway (DDG) and the Standby Designated Gateway (S-DDG) for an AP as and when the AP details are identified as part of the initial orchestration and messaging. The gateway station management publishes this information to the GSM channel of APs, and the cluster leader assigns the DDG and S-DDG for the AP at that point of time in a round-robin fashion based on current AP load on all Gateways in the cluster. The DDG selection sends the AP nodelist and bucket map from the gateway to the AP. This selection also configures the VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. Multicast table during AP bootstrapping and cluster failover.

User Designated Gateway (UDG) and Standby User Designated Gateway (S-UDG)

For every client, you need a gateway to anchor its north bound traffic. Therefore, you need a User Designated Gateway (UDG). In the event of failure of the Active User Designated Gateway, a standby User Designated Gateway shall take over. In the Gateway Cluster architecture in Decrypt-tunnel (D-Tunnel) mode, the Gateways work as User Designated Gateway (UDG). In a D-tunnel forwarding mode, the AP decrypts and decapsulates all 802.11 802.11 is an evolving family of specifications for wireless LANs developed by a working group of the Institute of Electrical and Electronics Engineers (IEEE). 802.11 standards use the Ethernet protocol and Carrier Sense Multiple Access with collision avoidance (CSMA/CA) for path sharing. frames from a client and sends the 802.3 frames through the GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. tunnel to the gateway cluster. The forwarding mode allows a network to utilize the encryption and decryption capacity of the AP while reducing the demand for processing resources on the gateway cluster. The UDG (User Designated Gateway) and S-UDG (Standby User Designated Gateway) bucket maps are used to forward the client traffic to the appropriate UDG. The UDG selection sends the AP nodelist and bucket map from the gateway to the AP. This selection also configures the VLAN Multicast table during AP bootstrapping and cluster failover.

The following diagram depicts the selection of DDG and S-DDG as well as the UDG and S-UDG between two APs in a cluster setup.

Figure 1  Tunnel Mode Traffic Flow with DDG/S-DDG and UDG/S-UDG Selection

As illustrated in the above diagram, in case of a failover, the clients connect to the Gateways based on the allotment of active and standby Gateways in the bucket maps. For example, If a particular active gateway is down, the clients are automatically moved to S-UDG since the clients have already been assigned a S-UDG.

VLAN Designated Gateway (VDG) and Standby VLAN Designated Gateway (S-VDG)

Gateways that route the traffic for every client VLAN are VLAN Designated Gateways. In the event of a failure of the Active VLAN Designated Gateway, a standby VLAN Designated Gateway shall take over. For each user VLAN, a gateway is automatically elected by the cluster leader in a round-robin manner to function as the VLAN Designated Gateway (VDG) and is assigned the highest priority at any given time. Each VDG works with the Gateway that is anchored for communication with the APs and thus allows the cluster to manage incoming and outgoing network connection requests from the AP clients.

The following diagram depicts the VDG and S-VDG selection done by the cluster leader in a round-robin manner.

Figure 2  VDG and S-VDG Selection