HP has released firmware R3507P22 for the Unified wireless controller portfolio (830/850/870 appliance controllers and 20G module).

Sample of the 870 controller:

Several new features have been included, 2 interesting new features are:

• Support for vlan-pool at the AP-group configuration level
• Includes an Apple Bonjour gateway proxy and filtering solution

Firmware and release notes

This is the firmware download page for an 830 8P controller:

https://h10145.www1.hp.com/downloads/SoftwareReleases.aspx?ProductNumber=JG641A&lang=&cc=&prodSeriesId=

And a direct link to the release notes (which includes the configuration details):

http://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=c04310536

VLAN-Pool feature

This is a sample configuration for an education topology with 2 campus locations, which takes advantage of the new vlan-pool feature on an AP group. (vlan-pool was already supported, but had to be set per AP).

The example assumes:

• APs in CampusA have an IP Address in the  10.1.20.0/23 range
• APs in CampusB have an IP Address in the 10.1.30.0/23 range
• An open SSID is configured in this example (just to keep the example simple)
• All traffic will be centrally forwarded by the controller
• APs from CampusA will be auto-assigned to the AP-group CampusA when they come online for the first time.
• APs from CampusB will be auto-assigned to the AP-group CampusB when they come online for the first time.
• Students in CampusA will be distributed to a vlan pool StudentsA (VLAN21-29)
• Students in CampusB will be distributed to a vlan pool StudentsB (VLAN31-39)
• The Service template is bound to a virtual Layer2 interface with PVID VLAN 20. This PVID will be used to assign to wireless users in case an AP from another site gets the service template (without a vlan or vlan pool binding)
• Assuming each VLAN is configured with a /24, it can handle about 240-250 users. About 2000 wireless users (240*9) per campus can be handled based on this config, all distributed in /24 ip subnets.

vlan 20 to 39
 
 # enable auto-ap and auto-persistent
 # avoids having to manually create an AP template/serial auto 
wlan auto-ap enable
wlan auto-persistent enable

 # enable AP and AC arp/dhcp based client IP learning
wlan client learn-ipaddr enable

 # create virtual Layer2 interface
interface WLAN-ESS21
 port link-type hybrid
 undo port hybrid vlan 1
 port hybrid vlan 20 untagged
 port hybrid pvid vlan 20

 # make a wireless template
wlan service-template 21 clear
 ssid Students
 bind WLAN-ESS 21
 service-template enable

 # define vlan pools
wlan vlan-pool StudentsA
 vlan-id 21 to 29

wlan vlan-pool StudentsB
 vlan-id 31 to 39

 # define ap-groups, use if-match to auto-add APs
 # activate the service template and bind it to a vlan pool
wlan ap-group CampusA
 if-match ip 10.1.20.0 255.255.254.0
 dot11a service-template 21 vlan-pool StudentsA
 dot11bg service-template 21 vlan-pool StudentsA

wlan ap-group CampusB
 if-match ip 10.1.30.0 255.255.254.0
 dot11a service-template 21 vlan-pool StudentsB
 dot11bg service-template 21 vlan-pool StudentsB

Apple Bonjour Gateway

The new release also includes support for an Apple Bonjour Gateway.

The Apple Bonjour protocol supports only local VLAN/IP Subnet discovery of services, which is annoying in case an Apple TV and Apple iPads are connected through different VLANs on the wireless network (like previous VLAN pool example)

The Bonjour gateway allows the AC to forward Bonjour requests to remote VLANs, and cache the resulting responses.

It can also apply service filtering through Bonjour policies, so the network administrator can control which users can use which services on which location.

For example, the Teachers on a wireless network may be allowed to access the Apple TV services, while the students can only access the printer services.

More details in the release notes link posted above.