Thanks very much, all of this was immensely helpful.
Just to make sure I understand. The AP sends a heartbeat signal every 40 seconds which I'm guessing is a unicast to the controller IP address? Then, if it doesn't get a reply, it tries the other controller? Or would it broadcast to try and find a different controller? And if ALL our disconnect emails list the B controller as the node IP, does that imply an issue with the B controller?
And does this look like a normal Resource Utilization graph for 1 of 2 controllers with 900+ APs?
We don't have the tunnel enabled for any of the SSIDs we're broadcasting but, as I understand it, the one SSID that we have radius authentication on gets proxied back through the controller so if the AP disconnected, that would de-authenticate any clients and interrupt their service, correct?
I'm working on creating the support case right now.