...
| A Shared Block | |||||
|---|---|---|---|---|---|
| |||||
|
General information
SoftWLC is a Wi-Fi software controller which includes a number of modules performing various functions to provide a comprehensive solution for organizing centralized Wi-Fi networks with Portal and Enterprise authorization. According to project requirements, certain modules can be included in the system or excluded from it.
...
- Management and monitoring of Eltex network equipment on which the Wi-Fi solution is based.
- Flexible distribution of administrative policies of access of SoftWLC users to various objects and functions within a carrier's distributed hierarchy.
- Organization of a Hotspot with portal authorization, within which it is possible to:
- Integrate advertising providers' resources into the portal
- Provide integration with payment systems
- Provide branding the portal design according to customer requirements
- Enterprise authorization
- Integration with external Active Directory
- Providing the end customer with a web tool for managing the service, portal branding and creating user accounts
- SSID scheduling
Main modules of SoftWLC
...
- EMS server – — the central component of the SoftWLC, which provides management and monitoring of other system modules, provides the operator with a GUI for working with SoftWLC, as well as NBI .
- SoftWLC NBI — interface for integration with the carrier's OSS.
- WEB portal – a module based on the tomcat6 WEB server (Captive Portal) — a web-based module that provides a set of WEB portals for user authorization in hotspot networks, as well as the Portal Constructor for their customization. The list of WEB portal features includes integration with SMS gatewaysnotification gateway, autogeneration of Wi-Fi user accounts in the database (implemented via eltex-mercury).
- B2B Admin Panel – — a web resource designed to provide the user with a convenient interface for creating accounts for new Wi-Fi subscribers and basic service management operations, for example, changing the SSID name. Can be used by provider or provider clients' employees.
- Database – — a single database of SoftWLC, based on MySQL. It contains all the data about the system: from hardware configuration to user activity statistics. The module consists of several databases.
- RADIUS server – — a module intended for AAA operations (Authentication, Authorization, Accounting) based on freeRADIUS.
- DHCP server – — a module intended for issuing dynamic IP addresses to user points and Wi-Fi clients. It is based on isc-dhcp-server. Optionally the operator carriers can use their own DHCP-servers.
- APB service – — a service designed for centralized synchronization of user status information between access points. It is required for seamless customer roaming between Hotspots.
- Auth Service – a common user authentication and authorization module. It is based on the RADIUS server. The service is used for authentication and authorization in the systems: B2B Admin Panel and WEB portal.
- Notification Gateway – Notification Gateway — provides centralized exchange of platform elements with external systems allowing sending SMS and email messages and performing call-based authorization. This module interacts with B2B Admin Panel and WEB portal.
- PCRF – — required for SoftWLC and ESR-1000 interaction in BRAS mode, when ESR-1000 implements Wi-Fi subscribers' Internet access policies and redirects users to the authorization portal, and for establishing sogtGRE data tunnels to access points.
Typical connection diagrams
The simplest minimal diagram
In the minimum configuration, the solution is deployed on two servers: each server hosts all modules with Active-Active redundancy. SoftWLC servers are included in the operator's data transmission network. L3 connectivity is organized between them and the access points. This is enough to start using the product. Management interfaces are configured on the access points to interact with SoftWLC in a separate management VLAN. Client data goes from APs in client VLANs (usually a separate VLAN for each SSID) to the operator's network and then to the Internet.
Global distributed diagram for large carriers
This diagram is typical for large distributed networks deployed within several cities or regions. SoftWLC is deployed on several servers depending on the planned load. In the maximum configuration, the solution is deployed on 10 servers: EMS, WEB portal and APB are installed on the first pair of servers, Database – on the second pair, RADIUS – on the third pair, DHCP – on the fourth pair. It is recommended to set Admin Panel on a separate redundant front-end server with maximum security settings. All servers are connected to the switch pair working in the stack which in its turn is connected to the redundant router pair in the operator's network. In case the customer wishes to terminate subscriber sessions on their premises, it is possible to relocate one or more ESR-1000s to the customer's network. If the operator has a globally distributed network structure united by trunk lines, it is possible to relocate ESR-1000 routers to branches of the network.
...
Inside the Management tunnel, the management traffic of the access point is transmitted in a separate management network. This subnet is invisible to the operator's L3 segment due to the GRE tunnel headers. Within the Data tunnel, subscriber traffic is transmitted. This traffic is terminated at ESR-1000 and further routed to the operator's network (towards its NAT).
System requirements for SoftWLC server
The SoftWLC software controller must be installed on a server powered by Ubuntu Server 16.04 LTS / Ubuntu Server 18.04 LTS / Astra Linux Common Edition 2.12.44 / Debian 9 / Astra Linux Special Edition 1.7.1
Support is provided only for Ubuntu Server 16.04 LTS / Ubuntu Server 18.04 LTS / Astra Linux Common Edition 2.12.44 / Debian 9 / Astra Linux Special Edition 1.7.1
When selecting a server, the following system requirements must be taken into account (requirements are provided for the VM without taking into account system redundancy):
...