Important Design Consideration when taking Cisco Catalyst 9800

Today we are going to talk about some of the design considerations while taking Cisco Catalyst 9800 Wireless LAN controller in your environment. 

Cisco Catalyst 9800 WLC
Cisco Catalyst 9800 wireless LAN Controller is a next generation Wireless controller with improved hardware architecture and capabilities. 

Fig 1.1- C9800 Wireless LAN Controller

Some of the capabilities are defined as below:

  • Cisco catalyst is a Modular, highly available, scalable, multi-process operating IOS XE system.  
  • You can have Stateful Switchover, In Service Software Upgrades (ISSU), Rolling AP Upgrades, Patching
  • Fully Programmable via CI/CD tools
  • Deploy Anywhere with model, scale, and performance of your choice
  • C9800 appliance has QFP ( Quantum Flow Processor) which is multicore and fully programmable
  • C9800 has UADP ( Unified Access Data Plane) 

Models in Cisco Catalyst 9800 WLC

  • Catalyst 9800-40 Wireless Controller
  • Catalyst 9800-80 Wireless Controller
  • Catalyst 9800-L Wireless Controller
  • Catalyst 9800-L-C Wireless Controller
  • Catalyst 9800-L-F Wireless Controller

Architecture difference between the Old WLC and new Cisco Catalyst 9800 
Previous WLC's has Single process software architecture with Wireless Controller Manager (WCM). It has Data contention cross threads and has 30+ threads. It has single memory space and Single fault domain

C9800 WLC's has Multi-process software architecture. The processes are single threaded, non-blocking with new Wireless Network Controller process (WNCd).It is now No single fault domain and Independent boot.


  • When using Cisco Catalyst 9800 WLC's in network connectivity, it is very important to have a Layer 3 interface configured as wireless management interface
  • While using C9800 you have AP CAPWAP traffic and is terminated to the wireless management interface. There is only one wireless management interface.
  • It is important to configure a L2 VLAN mapped to the SSID while using centrally switched architecture.
  • The corresponding L3 interface (SVI) is optional, unless you need mDNS feature(different from AireOS where Dynamic interface is required)
  • Service port on the appliance belongs to the Management VRF. On the C9800-CL this can be created as a L3 interface but no VRF supported.
  • C9800-CL in Public Cloud must use a L3 port. Sniffer Mode and Hyperlocation not supported.
  • C9800 Appliances and C9800-CL in Private Cloud use an L3 SVI for Wireless Management Interface, otherwise above limits will apply.
  • Uplink ports follow AireOS best practices: port-channel configured as trunk to a pair of VSS/VSL pair of switches or to a multi-switch stack.
  • Policy Tag defines which SSID is broadcasted by the AP or group of APs and the associated policy (VLAN, QoS, AVC, etc). In this, it’s equivalent to the AP Group in AireOS.
  • Policy Tags can be used to assign different policies to the same SSID in different locations or group of APs
  • Policy profile defines the client policy associated to a SSID. Seamless roaming between the same SSID associated to different policy profiles is not allowed