《PDI_思科集中式无线架构基础_1》由会员分享,可在线阅读,更多相关《PDI_思科集中式无线架构基础_1(72页珍藏版)》请在金锄头文库上搜索。
1、Design and Deployment of 802.11 Wireless LANs with Centralized Controllers,Understanding the Cisco Unified Wireless Architecture,Section Agenda,Controller-based Architecture Overview Lightweight Access Point Protocol (LWAPP) Protocol Overview LWAPP AP Discovery and Join Process LWAPP Operations Mobi
2、lity in the Cisco Unified WLAN Architecture Architecture Building Blocks,Cisco Unified Wireless Network End-to-End, Unified Only Cisco,Cisco Centralized WLAN Model,Access Points are “lightweight”controlled by a centralized WLAN controller,Much of the traditional WLAN functionality moved from access
3、points to centralized WLAN controller,LWAPP defines control messaging and data encapsulation between access points and centralized WLAN controller,Section Agenda,Controller-based Architecture Overview Lightweight Access Point Protocol (LWAPP) Protocol Overview LWAPP AP Discovery and Join Process LWA
4、PP Operations Mobility in the Cisco Unified WLAN Architecture Architecture Building Blocks,Cisco Centralized WLAN Model,Remote RF interface Real-time 802.11 MAC RF spectral analysis WLAN IDS Signature analysis,Security management QoS policies enforcement Centralized configuration, firmware managemen
5、t Northbound management interfaces,LWAPP carries all communication between access point and controller L2 or L3 transport Mutual authenticationX.509 certificate based LWAPP control AES-CCM encrypted Data encapsulation,Radio resource management Mobility management,Division of LaborSplit MAC,Real-time
6、 802.11/MAC functionality:Beacon GenerationProbe ResponsePower management/Packet buffering802.11e/WMM scheduling, queueingMAC layer data encryption/decryption802.11 control messages Data encapsulation/de-encapsulation Fragmentation/De-fragmentation,Non real-time 802.11/MAC functionality:Assoc/Disass
7、oc/Reassoc802.11e/WMM resource reservation802.1X/EAPKey management 802.11 Distribution services Wired/Wireless Integration services,Real-time 802.11/MAC functionality:Beacon GenerationProbe ResponseAssoc/Disassoc/ReassocPower management/Packet buffering802.11e/WMM scheduling, queueingMAC layer data
8、encryption/decryption802.11 control messages Data encapsulation/de-encapsulation Fragmentation/De-fragmentation 802.11 Distribution services Wired/Wireless Integration services,Division of LaborLocal MAC,Non real-time 802.11/MAC functionality:Proxy Assoc/Disassoc/Reassoc802.11e/WMM resource reservat
9、ion802.1X/EAP/WPA Key management,Layer-2 LWAPP Architecture,LWAPP Tunnel Layer 2 only, Ethertype 0xBBBB,Ingress/Egress point from/to upstream switched/routed wired network (802.1Q trunk),Lightweight Access Point,Wireless LAN Controller,Access Points dont require IP addressing Controllers need to be
10、on EVERY subnet on which APs reside L2 LWAPP was the first step in the evolution of the architecture; many current product do not support this functionality,Layer-3 LWAPP Architecture,Access Points require IP addressing APs can communicate w/ WLC across routed boundaries L3 LWAPP is more flexible th
11、an L2 LWAPP and all products support this LWAPP operational flavor,LWAPP State Machine (Simplified),LWAPP defines a state machine that governs the AP and controller behavior Major states: DiscoveryAP looks for a controller JoinAP attempts to establish a secured relationship with a controller Image D
12、ataAP downloads code from controller ConfigAP receives configuration from controller RunAP and controller operate normally and service data ResetAP clears state and starts over Note: LWAPP/CAPWAP RFC defines other states,Section Agenda,Controller-based Architecture Overview Lightweight Access Point
13、Protocol (LWAPP) Protocol Overview LWAPP AP Discovery and Join Process LWAPP Operations Mobility in the Cisco Unified WLAN Architecture Architecture Building Blocks,LWAPP Discovery State,AP runs HUNTING algorithm to find candidate controllers to join,LWAPP Control Messages for Controller Hunting/Dis
14、covery,LWAPP Discovery Request AP issues 1 or more of these messages to find controllers (sent to Management Interface IP Address)LWAPP Discovery Response Any controller receiving an LWAPP Discovery Request responds with this message to the requesting AP,LWAPP Discovery Request,LWAPP Discovery Respo
15、nse,WLAN Controller Hunting Algorithm,AP issues a DHCP DISCOVER to get an IP address (unless it has a previously configured static IP address)If L2-LWAPP Mode is supported send an LWAPP Discovery Request in an Ethernet broadcast If a WLAN Controller in L2 LWAPP Mode responds with an LWAPP Discovery
16、Response, the AP moves to the LWAPP Join phaseIf L2-LWAPP Mode is not supported or step 2 fails to find a WLAN controller, attempt an L3-LWAPP WLAN Controller Discovery*If step 3 fails to find a valid candidate controller, reboot and return to step 1,Layer-3 LWAPP WLAN Controller Discovery,The AP go
17、es through the following discovery steps:LWAPP Discovery Request broadcast on local subnet (IP broadcast)WLAN Controller on same subnet as AP will respond with LWAPP Discovery Request LWAPP Discovery Request sent to controller IP addresses learned via Over-the-Air Provisioning (OTAP)OTAPAlready join
18、ed APs advertise WLAN Controller in Over-the-Air neighbor messages LWAPP Discovery Request sent to ALL locally stored controller IP address(es)AP stores controller IP address of previously joined controller plus the controllers “Mobility Group” members in NVRAM LWAPP Discovery Request sent to IP Add
19、ress(es) learned in vendor specific DHCP Option 43 LWAPP Discovery Request sent to IP Address(es) learned through DNS resolution of “CISCO-LWAPP-CONTROLLER.localdomain” If no controller found, start hunting algorithm overAP compiles a LIST of candidate controllers from the received LWAPP Discovery Responses,
