Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Best Practices for Deploying Mist Edge Devices in High-Scale Environment

Mist Edge is a critical component in high-scale environments, offering scalability, redundancy, and flexibility to meet the demands of large and distributed networks. You can follow these best practices while deploying Mist Edge in a high-scale environment.

Mist Edge Considerations

Mist Edge is recommended for environments that experience a high number of clients, ensuring efficient network performance and management. Specifically, it is ideal for environments with over 2000 clients within the same Layer 2 network. Here are the significant aspects that you’ll need to consider when deploying Mist Edge devices in such environments:

  • Consider key parameters such as roaming, redundancy, and failover patterns.

    • In retail environments, Mist Edge can be deployed in each store to ensure seamless connectivity and network reliability.

    • For campus environments, Mist Edge can be installed in individual buildings and across buildings to maintain consistent network performance and coverage.

  • Enable Shuffle by Site for terminating all the APs from same site to same Mist Edge. This will enhance roaming within the site.

  • Enable auto-preemption for effective re-balancing after failover. See Auto-Preemption.

Cluster Deployment Options

Mist Edge Cluster Sizing Guidelines

When planning the size of a network cluster, the primary consideration is the number of Access Points (APs) and the desired level of redundancy. It is essential to plan for a maximum of 80% loading under normal conditions to accommodate redundancy needs.

For an ME-X6, with a capacity of up to 5000 APs, the 80% loading capacity translates to about 4000 APs. Similarly, for an ME-X1-M, with a capacity of 500 APs, the 80% loading capacity equates to 400 APs. The number of Mist Edge devices required per data center can be calculated by dividing the total number of APs by 80% of the Mist Edge scale number and adding additional Mist Edge devices for redundancy.

Number of Mist Edge devices (per Data Center)= Total number of APs/80% capacity + Number of Mist Edge device for redundancy (optional)

For example, if there are 16,000 APs in total, and each ME-X6 scale has a capacity of 4000 APs, then 5 Mist Edge devices per data center would be needed (including one extra for redundancy).

(16000/4000) +1= 5

Mist Cloud prioritizes maintaining network stability and performance, adapting to changes in the cluster as needed. When a Mist Edge device is added to or removed from a cluster, Mist Cloud efficiently redistributes the workload across the available Mist Edge devices to maintain optimal performance. This dynamic allocation ensures that network resources are utilized effectively. The rebalancing process is performed on a best-effort basis.

When a Mist Edge device in the cluster becomes unavailable, the APs initially connected to the affected Mist Edge will automatically switch over to other Mist Edge devices within the cluster.

During an outage or when multiple Mist Edge devices becomes unavailable, remaining Mist Edge devices in the cluster can be temporarily oversubscribed to share the load without impacting the network services.

Primary/Secondary Cluster Design

The Primary/Secondary cluster design ensures continuous network service by allowing APs to fail over to the secondary cluster if the primary cluster becomes unavailable. This traditional cluster design requires that clients undergo an IP address reassignment process when transitioning across Layer 2 boundaries between clusters.

Figure 1 shows a network that supports 4,000 APs with a primary-secondary cluster configuration. The configuration spans two data centers, labeled Data Center A and Data Center B. In this example we have considered two geographically separate data centers. However, two clusters can be co-located in the same data center. Data Center A hosts a Mist Edge device, labeled ME1, as part of Cluster A that is configured with VLAN ID 100. Data Center B hosts a second Mist Edge device, labeled ME2, as part of Cluster B to provide redundancy and high availability. Each cluster is connected to a separate switching core to avoid a single point of failure.

If ME1 becomes unreachable because of Data Center A issues (power outages, hardware failures, or network disruptions), the APs automatically fail over to ME2 in Data Center B. The failover mechanism provides continuous network service and minimizes downtime.

When clients move between Cluster A and Cluster B, they undergo IP address reassignment. The clusters are associated with distinct switching cores that manage separate network segments and IP address pools.

Figure 1: Primary/Secondary Cluster Primary/Secondary Cluster

Primary/Primary Cluster Design

The Primary/Primary cluster design aims at minimizing the impact of failures and ensuring smooth mobility across data centers. This design requires a Layer 2 (L2) stretch across data centers to facilitate seamless mobility. If one of the Mist Edge nodes in the cluster goes down, the APs that were terminated on that node will automatically fail over to a different active member within the same cluster. This ensures uninterrupted service for clients. The architecture also supports multiple layers of redundancy, including failover to a different cluster in a separate data center if an entire primary cluster fails.

Figure 2 illustrates a deployment of 4,000 Access Points (APs) in a primary-primary cluster configuration. The configuration provides both load balancing and high availability by spanning two distinct data centers, labeled Data Center A and Data Center B. Cluster A comprises two Mist Edge devices, labeled ME1 and ME2. Each device initially handles 2,000 APs. VLAN ID 100 is stretched across both data centers. In this example, we have considered two separate data centers. However, both cluster members can be co-located in same data center.

If ME1 fails, ME2 is configured to automatically handle all 4,000 APs. Thus, this design prioritizes both load balancing and data center redundancy.

Figure 2: Primary-Primary Cluster Primary-Primary Cluster

Forwarding Options Considerations

Juniper Mist Edge offers flexibility in forwarding traffic across a network.

Per-WLAN forwarding

In an enterprise environment where you have multiple WLAN for different user groups, WLAN forwarding with Mist Edge directs wireless client traffic through tunnels to Mist Edge for centralized data‑plane processing . It provides flexible options such as tunneling traffic from CORP SSID to a corporate cluster and Guest SSID to a Guest DMZ cluster for centralized policing and egress point.These capabilities enable features such as remote worker scenarios and guest network isolation. Administrators can apply different forwarding behaviors for various SSIDs on the same Access Point by defining per-WLAN forwarding rules. This provides flexible options such as tunneling CORP SSID to a corporate cluster and Guest traffic to a Guest DMZ cluster for centralized policing and egress point.

Figure 3 illustrates a network that includes three WLANs - WLAN A, WLAN B, and WLAN C. All the VLANs in WLAN A (Corporate WLAN) forwards traffic to Mist Edge Cluster A specifically. All the VLANs in WLAN B (Guest WLAN) forwards traffic to Mist Edge Cluster B specifically. WLAN C is a dedicated WLAN for local breakout.

Figure 3: WLAN Forwarding WLAN Forwarding

Per-WLAN Forwarding Architecture Across Dual Datacenters

You can implement seamless mobility across various WLANs, ensuring consistent connectivity across multiple data centers. Each access point (AP) can manage multiple tunnels for different VLANs, such as Employee IoT and Guest Wi-Fi, which supports efficient network management and uninterrupted connectivity. The design provides a smooth transition between networks and locations, maintaining reliable access and communication throughout different data centers.

Each cluster in the distributed data centers may have one or more Mist Edge devices. Mist Edge supports redundancy across data centers by partitioning devices into primary and secondary clusters. If a primary cluster in one data center fails, APs fail over to a secondary cluster in a different data center, which ensures network survivability. Achieve Layer 3 redundancy with one Mist Edge each in the primary and secondary clusters. Having more than one Mist Edge in each cluster provides maximum benefit by achieving both same-cluster and cross-cluster redundancy.

Figure 4 illustrates a design with two data centers. Both data centers have three clusters — Green, Blue, and Purple. In Data Center A, Green and Purple clusters are primary clusters, whereas Blue cluster is a secondary cluster . In Data Center B, Blue cluster is a primary cluster, whereas the Green and Purple clusters are secondary clusters.

Each AP has three tunnels. Each AP establishes three distinct forwarding tunnels one per WLAN category. These tunnels connect to different Mist Edge clusters depending on VLAN/WLAN type.

  • VLAN X—To forward Employee Corp Wi-Fi

  • VLAN Y—To forward Employee IoT Wi-Fi

  • VLAN A, VLAN B, and VLAN C—To forward Guest Wi-Fi

Figure 4 illustrates that each AP forwards three categories of WLANs through dedicated tunnels to specific Mist Edge clusters across two datacenters. VLAN X traffic tunnels to Green clusters, VLAN Y to Blue clusters, and Guest WLANs to Purple clusters. Each WLAN has both a primary datacenter and a secondary failover cluster, enabling full redundancy and segmentation.

Figure 4: WLAN Forwarding WLAN Forwarding

Per-VLAN forwarding

For large campuses with a high‑scale WLAN, per‑VLAN forwarding enhances scalability by allowing APs to forward traffic to multiple Mist Edge clusters, while also supporting local breakout on the same WLAN. You can achieve this by configuring the same WLAN to use multiple tunnels, each directing traffic to a different Mist Edge cluster based on the VLAN. When multiple VLANs are used within a single WLAN, you can direct each VLAN's traffic to a separate Mist Edge or destination. This approach splits a single WLAN by VLAN into different tunnels and even enables local breakouts. The approach also enhances scalability and supports complex scenarios such as SSID consolidation.

Figure 5: Per-VLAN Forwarding Per-VLAN Forwarding

Cluster Deployment using Per-VLAN Forwarding

Per-VLAN forwarding to different clusters is an advanced networking configuration that offers numerous benefits for large-scale deployments. The configuration is ideal for organizations that want to optimize their network infrastructure while accommodating more than 100,000 clients. One key advantage is the ability to scale horizontally. This feature enables the addition of more Mist Edge devices to handle increased client demand without compromising performance.

Figure 6 illustrates a network configuration with four data centers. Each data center comprises a cluster that contains a Mist Edge device. Cluster A and Cluster B are configured with Tunnel1 and VLAN ID 100 is assigned to that tunnel. Cluster C and Cluster D are configured with Tunnel2 and VLAN ID 200 is assigned to that tunnel. Cluster A is primary, and Cluster B is secondary for Tunnel 1. Cluster C is primary, and Cluster D is secondary cluster for Tunnel 2.

This design supports a scale capacity of 8000 APs. You can add additional Mist Edge devices to the clusters to increase the scale capacity.

Figure 6: Per-VLAN Forwarding Per-VLAN Forwarding