1 / 10

Connecting the WLC to the LAN

Connecting the WLC to the LAN. Understanding WLAN Controllers (WLC) 1st/2nd Generation. 1st/2nd generation— APs act as 802.1Q translational bridge, putting client traffic on local VLANs 3rd generation—Controller bridges client traffic centrally. 1 st /2 nd Generation.

lilac
Download Presentation

Connecting the WLC to the LAN

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Connecting the WLC to the LAN

  2. Understanding WLAN Controllers(WLC) 1st/2nd Generation • 1st/2nd generation—APs act as 802.1Q translational bridge, putting client traffic on local VLANs • 3rd generation—Controller bridges client traffic centrally 1st/2nd Generation

  3. The WLC as a Network Device 3rd Generation • WLAN Controller • For wireless end-user devices, the controller is a 802.1Q bridge that takes traffic off the air and puts it on a VLAN • From the perspective of the AP, the controller is an LWAPP Tunnel end-point with an IP address • From the perspective of the network, it’s a Layer-2 device connected via one or more 802.1Q trunk interfaces • The AP connects to an access port—no concept of VLANs at the AP

  4. The WLC as a Network Device • Three important concepts to understand: • Port—Physical connection to a neighbor switch/router • Interface—Logical connection mapping to a VLAN on the neighbor switch/router • Management Interface – Web, SNMP, RADIUS • AP Manager Interface(s) – (one or more) LWAPP tunnel • Dynamic Interface(s) – user VLANS (512 Max) • Virtual Interface – Inner controller mobility (not routable) • This should be the same addressfor all controllers in a mobility group. • Service Interface – Out of band access (not routable) • WLAN—Entity that maps an SSID to an interface at the controller, along with security, QoS, radio policies, and other wireless networking parameters (16 Max)

  5. The WLC as a Network Device • Required network interfaces at the WLAN Controller • In-band Management Interface—“Management Interface” • Interface to act as the LWAPP Tunnel end-point—“AP Manager Interface” • One or more interfaces for bridging 802.11 client traffic—“Dynamic Interfaces”. • Additional interface used for mobility—“Virtual Interface” • Optional interface: • Service Interface (Statically mapped to Service Port)—Out-of-band management access • Note: This is NOT optional with the WiSM

  6. Controller Ports

  7. Connecting the WLC to the Network • Options—Link Aggregation (LAG) or no LAG • LAG supported on 440x, WiSM, Cisco 3750G Integrated WLAN Controller Switch • LAG is the only option for WiSM, Cisco 3750G Integrated WLAN Controller Switch • 440x-based controller allows 48 APs per port in the absence of LAG • Use multiple “AP Manager” interfaces to support more than 48 APs on the WLC without LAG—LWAPP Algorithm will load balance APs across the AP Managers • LAG allows use of 1 “AP Manager” interface by load-balancing traffic across an Etherchannel interface

  8. Multiple AP Manager Interfaces

  9. Link Aggregation —Single AP Manager Interface • No Etherchannel mode negotiation (LACP, PAgP): • Set “etherchannel mode on” for neighboring switchports • Requires ip-src-dst load balancing for the Etherchannel • Default on Catalyst 6500 • Default on 3750 is scr-mac • Packets are forwarded out the same port they arrived on • 1 LAG group per WLC is supported • Cisco recommends using LAG if possible

  10. Best Practices • Do not configure LAG connection that spans multiple switches. (All switch ports must belong to the same EtherChannel.) • (LAG) Make sure all switch ports have the same Layer-2 configuration. (I.e. you don’t want to filter some VLAN’s on one port and not on another.) • If you don’t use LAG, you need to configure an AP-manager interface for each port. • Filter out unwanted VLAN’s on your trunk ports. • Do not configure service port with overlapping IP subnet as the management interface. • Do not leave an interface with a 0.0.0.0 address. May mess up DHCP.

More Related