About FortiWLC Virtual Controllers

The Virtual Controllers are a software version of the FortiWLC Appliance Controllers that are installed on an existing hardware platform provided that the platform implements a supported virtual hosting software solution.

The Virtual Controllers are built on the same System Director operating system that powers the FortiWLC WLAN Controller for the enterprise delivering superior reliability, scalability and predictability for WLAN deployments. They run on the widely deployed VMware vSphere, RHEL Kernel-based Virtual Machine (KVM), and Windows based Hyper-V virtualization platforms installed on industry-standard hardware.

When a virtual controller is purchased, the controller image can be downloaded from the Customer Support Portal and, once properly installed, can be configured just as a standard physical machine.

This section includes the following topics:

• Advantages of FortiWLC Virtual Controllers
• Supported Hardware Configuration
• FortiWLC Virtual Controller Deployment Modes
• FWC-VM Series Virtual Controllers
• Virtual Controller Requirements
• Common Terminology

Advantages of FortiWLC Virtual Controllers

These are some of the advantages of the FortiWLC Virtual Controllers.

• Flexibility in hardware selection based on your requirements.
• Reduced cost, space requirements, and other overheads since multiple appliances can be replaced with single hardware running multiple instances of the controllers, FWLM Management; which is a web based application suite which manages controllers and access points mapped to the network to provide real-time data that enables centralized and remote monitoring of the network, and FortinetConnect; which is a complete provisioning, management, and reporting system that provides temporary network access for guests, visitors, contractors, consultants, or customers..
• Independent and mutually exclusive instances allow administrators to use multiple virtual controllers to manage different locations or scale the deployment using the same hardware.
• Enable features provided by the virtualization software, including High Availability, failover protection, and ease of migration.
  VMWare vMotion Storage and Snapshots are supported. Hyper-V specific features (Snapshot, Failover (HA), Replication, Hot swapping) are not supported.
• Centralized control and visibility at every level of the virtual infrastructure.

Supported Hardware Configuration

This section lists the controller models available for the new FWC-VM Series Virtual Controllers and their corresponding requirements.

Models		FWC-VM-50	FWC-VM200	FWC-VM500	FWC-VM-1000	FWC-VM-3000
Scale	AP	50	200	500	1000	3000
	Clients	1250	2500	6250	10000	30000
vCPU		4	4	8	24	48
Memory		4GB	8GB	12GB	32GB	64GB
vNIC		1-4	1-4	1-4	1-4	1-8
Disk Space		16GB (Fixed)	16GB (Fixed)	16GB (Fixed)	16GB (Fixed)	16GB (Fixed)

FortiWLC Virtual Controller Deployment Modes

The FWC-VM series Virtual Controllers can be deployed in different modes.

The following list summarizes the recommended 3rd party software requirements for installing and configuring FortiWLC Virtual Controllers.

Platforms	Supported
VMWare, vSphere client	vSphere ESXi 6.0, 6.5, and 6.7
Linux KVM	Ubuntu 16.04.2 LTS
Hyper-V	Windows 2016

Web based configuration interface has been tested with the following browsers:

• Internet Explorer versions 10 and 11 on Windows
• Firefox on Windows
• Safari on MAC OS

FWC-VM Series Virtual Controllers

The FWC-VM Series Virtual Controllers are tested on Dell PowerEdge R730 CPUs– Intel(R) Xeon(R) CPU E5-2697 v4 @ 2.30GHz. Any equivalent h/w that has support for Virtualization should work.

Virtual Controller Requirements

The following points are general advisories regarding Virtual Controllers.

• The number of Virtual Ports configured for the controller will vary depending on the controller’s model; be sure to configure the appropriate number of ports for the model being installed.

• If you are operating more than one Virtual Controller on a single host machine, ensure that the Virtual Interface for each Virtual Controller is configured in its own port group on the Virtual Switch. This will prevent network loops.
• Virtual Controller Ports can be configured for active-active mode or active/redundant mode.

Common Terminology

The following are some of the Networking VMware elements that will be used to configure the Virtual Controller to operate in VMware environment:

vSwitch

This is a virtual switch, similar to a physical switch, performs functions including the Layer 2 forwarding engine, VLAN tagging, stripping, and filtering, security, checksum, and segmentation. The vSwitch links VMs to each other locally as well as to physical networks. A controller VE should connect to a vSwitch through virtual machine port groups.

Port Groups

Port groups are not VLANs. They are configuration templates for the vNIC ports on the vSwitch. Administrators can set specific QoS, security policies, and VLANs by port group. This is where you should enable promiscuous mode (and not on the vSwitch).

Promiscuous Mode (VMWare ESXi only)

Virtual Controllers are typically deployed as an in-line device on the data path and all the packets pass through the controller. Because of this, it needs to operate in Promiscuous mode. vSphere’s vSwitch and port group properties have the option to enable promiscuous mode. Again, it is highly recommended to enable this on the port group.

VM-NIC Queues Usage

The field VM NIC Queues in thesh controller commandindicates the value assigned to a Controller for better performance, based on different platforms/hypervisors. This field mainly applies for the Virtual Controller Instance’s deployed using VMWare and Linux KVM and not for Hyper-V.

For Virtual Controller models deployed using Hyper-V Platform, this field is not applicable and shows N for all Controller models.

For the Virtual Controller models deployed using different platforms, these are the VM NIC Queues values.

Platforms	FWC-VM-50	FWC-VM-200	FWC-VM-500	FWC-VM-1000	FWC-VM-3000
VMWare	4	4	8	8	8
Linux KVM	2	2	4	8	16
Hyper-V	N	N	N	N	N