- Given a scenario, install and configure a wireless network.
- Compare and contrast different wireless standards.
This chapter will cover various aspects involved in wireless network implementations, including a presentation of the different wireless technologies, wireless LAN design concepts, and other topics of interest that a network technician should know in order to install and configure a wireless network. Learn more in our wireless certification video course.
Wireless Network Technologies
Network technicians and designers need to understand basic wireless LAN concepts in order to be prepared for possible network upgrades, even if the network is not initially designed to integrate wireless technologies.
Wireless networks can include a wide variety of technologies, such as the following:
- Mobile wireless that allows data to be sent via mobile phones:
- GSM – low data rates, 9600bps
- GPRS – up to 128Kbps
- 3G/UMTS – several Mbps
- Wireless Local Area Network (WLAN) technologies
- Bridge wireless (point-to-point)
Bridge wireless involves a simple design of setting up two antennas on two different buildings that are pointing at each other in order to bridge two LANs together. This technology can usually scale up to 50Mbps.
Wireless LAN Overview
WLAN technologies have replaced Layer 1 physical wiring and the Layer 2 transport technologies with wireless. One advantage of this replacement is that upper-layer protocols, like IP/TCP/UDP, are not usually affected. The wireless issues most often encountered include signal interference or obstruction, which are not commonly found in wired environments.
Wireless networks also have many similarities to legacy Ethernet solutions, like Layer 2 addressing that uses MAC addresses and the shared media of WLANs. In addition, WLANs’ access points (APs) act like hub devices that use the same radio frequencies (RFs) to transmit and receive packets, which results in half-duplex communication and collisions.
|Note: Wireless LAN technologies are based on a set of standards called IEEE 802.11 and they define computer communication in the 2.4, 3.6, and 5 GHz frequency bands.
The different antennas that you might want to use with access points include the following:
- Omnidirectional antennas
- Directional antennas
- Yagi antennas
- Parabolic antennas
One of the most common types of antennas is the omnidirectional antenna, as shown in Figure 9.1 below. Included with most APs, this antenna type takes the signal coming out of the AP and evenly distributes it across all sides of the access point. The AP is usually placed in the middle of an area and the signal goes out in every direction. Omnidirectional antennas are not focused on any particular area and therefore are very simple to set up. An important disadvantage of this antenna type is that it has no ability to focus the signal in one direction, which might be required in some implementation scenarios, like sending the signal to another building. In such cases you should consider using directional antennas.
Figure 9.1 – Omnidirectional Antenna
A directional antenna (see Figure 9.2) is the perfect choice for focusing the signal in a particular direction. It can send information out in a single direction, and it is also capable of listening in that focused direction. Pointing the antenna toward a clear and open transmission space will avoid interference.
Figure 9.2 – Directional Antenna
|Note: Antenna performance is measured in decibels (dB) and the power is doubled every 3 dB of gain so the scale of decibels is logarithmic.
Another antenna type is the Yagi (see Figure 9.3), which is a very directional and high gain antenna. Yagi antennas are typically installed on top of buildings for use over long distances.
Figure 9.3 – Yagi Antenna
Another type of focused antenna is the parabolic antenna, which is also a directional antenna. This type of antenna focuses on a single point and receives signals across a larger area because the signals are captured very easily by the large antenna dish, as can be seen in Figure 9.4 below:
Figure 9.4 – Parabolic Antenna
Access Point Placement
When planning to install a new AP, there are a number of things you should consider. You can’t just place an AP anywhere in the building and expect it to work optimally. The first thing you should think about is the location of the users the AP will serve within that building. Users need access to the wireless network when they are at their desks but they might also need access to the Wi-Fi network when they are in conference rooms or other meeting areas. If that is the case, you should place the access points closer to those parts of the room or floor.
You should also think about the positioning of the inside walls in each particular area of the building. You should try to avoid having metal and concrete walls between access points and the users, as these materials often block or attenuate the wireless signal. You should also analyze and decide on the type of antennas you need to use in your wireless environment. In addition, make sure that you use an antenna that is strong enough and has a high enough gain to be able to get through the walls that may impede the signal from the AP from reaching the users.
You can also use multiple access points, depending on the number of users and how large the building is. The recommendation is to overlap the signal from the access points by a ratio of 20 to 25% so the users can move from one access point to another. You should also make sure that the frequencies used by the APs do not overlap because you don’t want one of the APs interfering with frequencies on another AP. Figure 9.5 below shows an example of channel overlapping when channels 1, 6, and 11 are used without any overlapping point between APs that use a particular channel number (minimizing interference):
Figure 9.5 – Overlapping AP Channels
Proper site surveys should be done before installing the access points to ensure proper placement based on the signal distribution you will need. Vendors will often assist with this process or give expert advice.
Wireless Channels and Frequencies
On 802.11 wireless networks, there is a set of standards that defines what frequencies and what channels these particular networks might use. These standards are defined by IEEE and are used worldwide:
The standards above are the primary standards used today, but there are also other standards in between those. There are many differences between all the standards in terms of:
- Country regulations
The 5 GHz frequency range is primarily used in 802.11a and 802.11n wireless networks and is not part of the standards for 802.11b or 802.11g. 802.11a uses a dynamic frequency selection (DFS) functionality that blocks interference from radar or military-type systems. In this way APs are able to coexist with other devices that might be operating on 5 GHz technology.
The 5 GHz standards use a type of multiplexing called Orthogonal Frequency Division Multiplexing (OFDM), which allows the frequency to be sent to many different channels at the same time without conflict. There are 23 non-overlapping channels that can be used, and different channels are used in different countries.
The 802.11n standard uses Multiple-Input Multiple-Output (MIMO) technology. An 802.11n-compatible access point usually contains multiple antennas because it must be capable of transmitting and receiving more than one signal at a time. You can have up to four transmits and four receives on an 802.11n network, which allows you to send and receive four data streams.
The 2.4 GHz frequency range includes a number of different wireless standards. 802.11b was one of the first standards that used this technology and it used the Direct Sequence Spread Spectrum (DSSS) method for communication. With this method, each part of the signal is put into a “chip” that is sent out across different frequencies, hopping between them to avoid interference. When using DSSS, the access points on both ends of a communication link must know what the predefined sequence is so it can listen appropriately for the traffic that comes in.
802.11b has 14 channels available and each channel is 22 MHz wide. These channels are spaced at 5 MHz intervals, thus having a certain level of overlap between them. Channels 1, 6, and 11 are used the most often because they will never conflict with each other.
The 802.11g and 802.11n standards in the 2.4 GHz frequency range also use OFDM. Those standards use the same frequencies as 802.11b, but because they use a different modulation scheme they are able to send traffic in a different way. 802.11g generally uses channels 1, 5, 9, and 13. These channels are 20 MHz wide so you should separate them to prevent any type of conflict from occurring. 802.11n uses a wide channel of 40 MHz, and you will generally use channels 3 and 11.
802.11 wireless standards are all managed by the international IEEE LAN/MAN standards committee. There have been many updates to 802.11 over time, with one of the most recent larger updates made in 2007.
Most wireless products are branded with the Wi-Fi trademark logo (illustrated in Figure 9.6 below), which means that the device has gone through testing that verifies that it will work and interoperate properly with other wireless devices.
Figure 9.6 – Wi-Fi Trademark Logo
The original 802.11 standard was defined in 1997 by the IEEE and it used two different types of RF technologies operating in the 2.4 GHz range:
- FHSS (Frequency Hopping Spread Spectrum), which operates only at 1 or 2Mbps
- DSSS (Direct Sequence Spread Spectrum), which also operates at 1 or 2Mbps
802.11a was one of the first wireless standards and it was published in October 1999. When it was first introduced it operated in the 5 GHz range, but it has recently been updated to also allow special licensing for 3.7 GHz frequency range operation. 802.11a was very popular when it first came out because it allowed 54Mbps transmission rates (much faster than other wireless standards). Unfortunately, it had a much smaller range than 802.11b because of the type of frequency it used. Higher frequencies were easily absorbed by objects, so it generally had about a third of the range of 802.11b or 802.11g but it became very popular for certain environments. 802.11a has the following characteristics:
- Operates in the 5 GHz range; therefore, it is incompatible with 802.11, 802.11b, and 802.11g and is protected from interference with devices that use those protocols, as well as microwaves, Bluetooth devices, and cordless phones
- Supports 12 to 23 non-overlapping channels (opposed to the 3 non-overlapping channels supported by 802.11b and 802.11g) and uses OFDM, where subchannels can overlap
- Uses several modulation types: BPSK, QPSK, 16-QAM, and 64-QAM
- Supports a wide range of data rates: 6, 9, 12, 18, 24, 36, 48, and 54Mbps
802.11b came out at the same time as 802.11a, in October 1999, but it had a different set of frequencies and it operated in the 2.4 GHz range. It also was slower than 802.11a, offering throughput rates of only 11Mbps. On the other hand, it offered a better range compared with 802.11a and the frequencies it used were not subject to the same absorption problems as with 802.11a. Unfortunately, there are a lot of devices that operate in the 2.4 GHz range that can cause interference, including cordless phones, microwave ovens, and Bluetooth devices. The major features of 802.11b are as follows:
- Uses DSSS in the 2.4 GHz range
- Uses Barker 11 and CCK (Complementary Code Keying) encoding
- Uses the DBPSK (Differential Binary Phase-shift Keying) and DQPSK (Differential Quadrature Phase-shift Keying) modulation types
- Supports data rates of 1, 2, 5.5, and 11Mbps (the 5.5 and 11Mbps rates use CCK and DQPSK)
- Offers three non-overlapping channels: 1, 6, and 11
802.11g was introduced in June 2003 as an upgrade to 802.11b. The 802.11g standard requires interoperability with the older 802.11b devices so it also operates in the 2.4 GHz range. One of the big differences is the transmission rates offered by 802.11g, which is 54Mbps (just like 802.11a). Because it is backward compatible with 802.11b, you can simply replace an 802.11b access point with an 802.11g access point without additional effort. The main features offered by 802.11g include the following:
- Uses DSSS RF technology and operates in the 2.4 GHz spectrum for low data rates (1, 2, 5.5, and 11Mbps)
- Uses OFDM modulation technology for high data rates (6, 9, 12, 18, 24, 36, 48, and 54Mbps)
- Offers three non-overlapping channels: 1, 6, and 11
The latest standard, 802.11n, was made available in October 2009, although a few pre-releases were also available much earlier. 802.11n operates at both 5 GHz and 2.4 GHz, offering great flexibility in terms of frequency selection and speeds. It can offer up to 600Mbps transmission speeds because it uses MIMO technology, which allows multiple types of streams to run through different antennas and different radio frequencies inside a single 802.11 access point. MIMO comes in three types: pre-coding, spatial multiplexing, and diversity coding.
|Note: The data rate offered is influenced by the number of hosts served by the specific access point and by the distance between the host and the access point (high distances reduce the signal and the data rate).
Table 9.1 below summarizes the characteristics of the four 802.11 standards:
Table 9.1 – 802.11 Characteristics
|Max. Throughput per Stream
|Max. Allowable Streams
|Approximate Outdoor Range
|5 GHz, 3.7 GHz
|120 m, 5000 m
|5 GHz, 2.4 GHz
In the early days of wireless networks, you did not have to worry too much about compatibility because there were two standards and they were very different: 802.11a, which used 5 GHz frequencies but had a limited operating distance, and 802.11b, which used a completely different set of frequencies, was susceptible to more interference problems, and was slower but it operated over larger distances. Because these two standards were so different, there was no need to be compatible because they used different frequencies to communicate and this was done in a completely different way.
However, when 802.11g arrived on the market, compatibility became an issue. Because 802.11g used 2.4 GHz frequencies, it matched and was backward compatible with the 802.11b standard. When those standards were mixed, however, the total speed that could be obtained in those networks was reduced. Although compatibility was achieved, allowing you to go back and use the older and slower devices, it slowed down the entire wireless network.
When 802.11n was released, the need to maintain some compatibility between the different versions became a little bit more complicated. One of the challenges is that 802.11n can operate at both 2.4 GHz and 5 GHz frequencies at the same time. 802.11n also has built-in legacy modes of operations for 802.11a, 802.11b, and 802.11g, meaning the .11n access point can present itself as an .11a, .11b, or .11g access point and therefore offers some native compatibility. 802.11n can also use a Mixed Mode format, which means that you can use 802.11n while also communicating with older technologies at the same time but this, of course, would imply performance degradation. In order to achieve maximum performance, every device must run a pure 802.11n set of standards.
The signals used by the wireless network are radio waves, just like any other radio signal, which makes them susceptible to different types of interference. This interference can be the result of something that is external and natural or man-made. An important aspect in the design, implementation, and troubleshooting process is figuring out where the problems related to interference might be. Sometimes the problems are created by network engineers, for example, setting the wrong frequencies on access points that end up creating interference they were trying to avoid in the first place.
Interference can come from different places. Some common sources of 2.4 GHz and 5 GHz interference include:
- Microwave ovens
- Cordless telephones
- Florescent lights
- High-power sources
Sometimes wireless interference is generated by neighbor access points that are under another administration and are configured in a way that conflicts with existing access points. In such situations it is very difficult to predict and plan for such issues. Sometimes you can see these problems if you use dedicated wireless monitoring software tools. An advanced way of investigating these problems is using a spectrum analyzer, which looks at the entire frequency range and returns graphical output showing other devices that are generating signals in the same frequency range as your APs.
Wireless network designers and engineers must fully understand the concept of Service Set Identifiers (SSIDs). This concept defines an identifier for the logical wireless LAN and is similar in some ways to the concept of Ethernet VLANs, which define who can communicate in a LAN based on the broadcast domain. With WLANs, everyone is in the same collision and broadcast domains so stations can receive everyone’s traffic. This situation generated the need for SSIDs that logically split WLANs. Two devices that are in different SSIDs will ignore each other’s traffic, but this does not affect the collision domain.
One of the major misconceptions about wireless area networking is that the SSIDs’ logical structures are similar to collision domains. This is not true because every device is in the same collision and broadcast domains with other devices in the same signal range. SSIDs simply cause the stations to ignore the frames received from different SSIDs.
When considering the SSID concept, its infrastructure can be built in two modes over three different categories, based on who participates in the WLAN. The three different categories are:
- Independent Basic Service Set (IBSS)
- Basic Service Set (BSS)
- Extended Service Set (ESS)
The IBSS is rarely used in modern networks; it uses the ad-hoc mode whereas the wireless network uses Wi-Fi capability without the use of any access points. An example of an ad-hoc network would be two workstations establishing a direct wireless connection without the use of an intermediary access point (the equivalent of directly connecting two workstations through an Ethernet crossover cable instead of using a switch). The BSS approach, also called wireless infrastructure mode, is much more common. It involves the use of access points that act as traffic hubs, as described earlier.
The ESS (also operating in infrastructure mode) involves the use of multiple access points that are servicing the same SSID. This allows individuals to cover a larger distance with their wireless devices in a transparent and seamless manner. These users can move from AP to AP, keeping the same SSIDs.
Wireless LAN technologies do not allow collisions to be detected as they would be in Ethernet environments because WLAN stations cannot hear jam signals due to their half-duplex functionality (i.e., they cannot listen and send at the same time). In order to suppress the negative effects of the half-duplex transmission, WLANs rely on the CSMA/CA mechanism (Carrier Sense Multiple Access with Collision Avoidance). Stations in the wireless LAN attempt to avoid collisions before they happen using a distributed coordinated function (DCF) that utilizes random backoff timers.
DCF requires a station wishing to transmit to listen for the channel status for a predefined interval. If the channel is found to be busy during that interval, the station defers its transmission. In a network where a number of stations contend for the wireless medium, if multiple stations sense that the channel is busy and defer their access, they will also virtually simultaneously find that the channel is released and then try to seize the channel. As a result collisions may occur. To avoid such collisions DCF also specifies random backoff, which forces a station to defer its access to the channel for an extra period. The access point is responsible for acknowledging client data and responds to successful transmissions by sending ACK packets.
Devices go through a wireless negotiation process, called association, with an access point in order to participate in the Wi-Fi network and infrastructure mode, as illustrated in Figure 9.7 below:
Figure 9.7 – Wireless Association Process
In order to accomplish this association, the client device sends a probe request on the network to find the access point. The access point that receives the probe request will send a probe response, and then the client will initiate the association, which will be accepted or rejected by the access point. If the association is successful, the access point will install the client’s MAC address. The wireless association process is very similar to a DHCP handshake.
Once the association is complete, the access point’s main job is to bridge traffic either wired-to-wireless or wireless-to-wireless. Wireless LANs, just like Non-Broadcast Multi-Access (NBMA) technologies, can be implemented and configured under many different topologies.
In wireless LAN environments access points can perform different roles, including the following:
- Mesh topologies
Figure 9.8 – WLAN Bridges Topology
Referring to Figure 9.8 above, wireless bridges function in several ways:
- They accept traffic from traditional LANs and forward it to wireless clients. This process of translation between wired and wireless networks is called Multipoint bridging.
- They can work in Point-to-Point mode to connect two buildings (LANs).
- They can work in Point-to-Multipoint mode to connect multiple buildings.
|Note: When using wireless bridge functionality in Point-to-Point mode, the two buildings/areas must have line-of-sight connectivity.
Figure 9.9 – WLAN Repeater Topology
Referring to Figure 9.9 above, access points can function as repeaters, accepting a weak RF signal, strengthening (amplifying) it, and then resending it. This operation is used to extend the range of wireless networks.
Figure 9.10 – WLAN Mesh Topology
The mesh access point topology shown in Figure 9.10 above is the most sophisticated and most commonly used wireless topology. With this type of topology, the access point can function as a repeater or as a bridge, as needed, based on RFs. This technology allows engineers to use wireless technologies to cover large geographical areas and to ensure the following features:
- Fault tolerance
- Load distribution
- Transparent roaming
|Note: In addition to their use in the enterprise sector, wireless mesh technologies are also used in the public sector to ensure Wi-Fi access in certain urban areas.
Wireless VLAN Support
Modern enterprise access points support multiple SSIDs per AP, which can be mapped to VLANs and then trunked back to the LAN via 802.1Q. The SSID-to-VLAN mapping can occur automatically based on security settings. This does not separate the broadcast or collision domains, it only creates different logical segments.
For example, you can have an SSID called “guest” that has no security and another SSID called “private” that uses WPA2 security. When users connect to the “guest” SSID, they are automatically mapped to a guest VLAN, and when they connect to the “private” SSID, they are automatically mapped to another (secured) VLAN. With this method of mapping, users authenticated as guests receive access only to specific resources, while corporate employees can receive access to other (more sensitive) resources. This process is illustrated in Figure 9.11 below:
Figure 9.11 – WLAN VLAN Topology
|Note: Cisco’s wireless solutions portfolio includes Aironet APs (designed for enterprise usage) and Linksys APs (designed for small office/home office usage).
Wireless LAN Design Considerations
Some key issues must be considered when designing a wireless LAN environment. First, the controller redundancy design should be carefully analyzed. Wireless LAN Controllers (WLCs) can be configured for dynamic redundancy or deterministic redundancy. With deterministic redundancy, the access point is configured with a primary controller, a secondary controller, and a tertiary controller. This requires a lot of planning but it offers good predictability and faster failover times. Dynamic controller redundancy uses Light Weight Access Point Protocol (LWAPP) to load balance access points across WLCs.
Another issue that must be analyzed in the design process involves the management of radio channels and radio groups. For example, the 802.11b and 802.11g standards offer three non-overlapping channels (1, 6, and 11) so you can use Cisco Radio Resource Management (RRM) to manage access point radio frequency channels and power configurations. Wireless LAN Controllers use the RRM algorithm for automatic configuration and optimization. Radio groups (RGs) are clusters of WLCs that coordinate their RRM calculations. When a WLC is placed in a radio group, the RRM calculation will scale up from a single WLC to multiple floors, buildings, or even a campus.
An RF site survey should be accomplished in the WLAN design phase and this should be accomplished by certified wireless professionals. The RF site survey includes the following five steps:
- Define the customer’s requirements
- Identify coverage areas and user density
- Determine the preliminary locations and requirements of the access points (including necessary antenna types and wired connections)
- Accomplish the actual survey and identify elements that might interfere with the WLAN signal and components
- Document the process (including access point locations, data, and signal rates)
From a design standpoint you might also be in a situation of having to configure and plan an outdoor wireless mesh configuration. This includes several components:
- The wireless control system
- Wireless LAN controllers
- External wireless access point bridges (rooftop access points)
- Outdoor wireless mesh access points
An important design for outdoor wireless mesh scenarios refers to the existence of a 2 to 3 ms latency value per hop, so the recommendation is to have fewer than four hops to ensure a good level of performance. Another recommendation is to have no more than 20 mesh access point nodes per external access point bridge for best performance.
The most important wireless campus design considerations include the following:
- The number of APs: Sufficient access points should be included to ensure RF coverage for all the wireless clients in all enterprise areas. Cisco recommends up to 20 data devices per access point.
- The placement of APs: Access points should be placed in central locations of different enterprise areas to ensure proper user connectivity.
- Power options for APs: Access points can be powered by traditional methods or by PoE (Power over Ethernet) capabilities.
- The number of WLCs: The number of wireless LAN controllers depends on the redundancy model chosen and (based on the client’s requirements) the number of access points. The recommended redundancy model is deterministic redundancy.
- The placement of WLCs: Wireless LAN controllers should be placed in secured wiring closets, server rooms, or data centers. WLCs can be placed in a central location or they can be distributed throughout the campus Distribution Layer. Inter-controller roaming should be minimized.
Cisco Unified Wireless Solution
To exemplify real-world wireless solution components and products, we will focus on one of the most common wireless product vendors in the networking world – Cisco. Other vendors offer similar products and each has its own particularities.
The Cisco Unified Wireless Network (CUWN) concept includes the following elements:
- Wireless clients: This component includes laptops, workstations, PDAs, IP phones, smartphones, tablets, and manufacturing devices that have embedded wireless technology.
- Access points: This component provides access to the wireless network; APs should be strategically placed in the right locations to get the best performance and minimal interference.
- Network management: This is accomplished through the network wireless control system, which is a central management tool that allows you to design, control, and monitor wireless networks.
- Network unification: The wireless LAN system should be able to support wireless applications by offering unified security policies, QoS, IPS, and radio frequency management. Cisco WLCs offer this unified functionality integration in all of its major switching and routing platforms.
- Network services: Wireless network services are also referred to as mobility services (Cisco’s is called the Mobility Services Engine – MSE) and they include things like guest access, voice services, location services, and threat detection and mitigation.
One of the advantages of using the CUWN solution is that it allows centralized control architecture that offers reduced total cost of ownership (TCO), improved visibility, dynamic RF management, enhanced WLAN security, enterprise mobility, and improved productivity and collaboration.
Standalone versus Light Weight Access Points
Standalone access points are also known as autonomous access points; they are easy to install but they can be difficult to manage in large deployments. Standalone access points are not as desirable as the Light Weight Access Points (LWAPs) from Cisco because they must be individually managed. In addition, different parameters must be manually configured on each device and this includes the SSID, VLAN information, and security features.
The CUWN solution introduced the concept of LWAPs and WLCs. These two types of wireless devices divide the responsibilities and the functionalities that an autonomous AP performs on its own. This technology adds scalability by separating the WLAN data plane from the control plane into a “split MAC” design, as shown in Figure 9.12 below:
Figure 9.12 – WLAN Split MAC Operation
LWAPs only focus on the actual radio frequency transmissions and the necessary real-time control operations, such as beaconing, probing, and buffering. At the same time, WLCs manage all of the non-real-time tasks, including:
- SSID management
- VLAN management
- Access points association management
- Wireless QoS
Modern LWAPs have plug-and-play capabilities and require WLCs for operation. They can be directly connected to the network without the need for additional configuration. The management logic and the way they function are dictated by the WLC configuration. This makes the implementation process much easier than would be the case if autonomous access points were used.
When using LWAPs, all RF traffic they receive must first go to the WLC device that manages the specific AP. This really changes the way in which traditional WLAN communications work, even for hosts associated with the same AP.
The RF communication between LWAPs and WLCs is handled (tunneled) using the Light Weight Access Point Protocol (LWAPP). The LWAPP tunnel can operate either in Layer 2 or Layer 3 mode. Layer 2 mode implies that the AP and the WLC share the same VLAN, subnet, and functions with the LWAP receiving 802.11 frames, encapsulating them inside Ethernet toward the WLC device. When the LWAPP tunnel operates in Layer 3 mode, the LWAP receives 802.11 frames and encapsulates them inside UDP toward the WLC device. This implies that the WLC can be anywhere as long as it is reachable by the AP.
The LWAPP Protocol
LWAPP allows the move of intelligence away from the access point and shares it with WLCs. WLCs handle wireless policies, control messaging setup, authentication, and wireless operations. WLCs can also be considered the bridge between wireless networks and wired networks. WLC devices can manage multiple access points, providing configuration information as well as firmware updates on an ad-hoc basis.
LWAPP is an IETF draft standard for wireless LAN control messaging between access points and the WLCs. It can operate at both Layer 2 and Layer 3, but the Layer 3 LWAPP is far more popular.
|Note: The access points and the wireless LAN controllers exchange control messages over a wired backbone network.
LWAPP Layer 2 functions include:
- 11 beacons and probe responses
- Packet control
- Packet acknowledgement and transmission
- Frame queuing and packet prioritization
- 11i MAC layer data encryption and decryption
WLC Layer 2 functions include:
- 11 MAC management
- 11e resource reservation
- 11e authentication and key management
Layer 3 LWAPP tunnels are used between access points and wireless LAN controllers to transmit control messages. It uses UDP port 12223 for control and UDP port 12222 for data messages. Cisco LWAPs can operate in six different modes:
- Local mode
- Remote Edge Access Point (REAP) mode
- Monitor mode
- Rogue Detector (RD) mode
- Sniffer mode
- Bridge mode
Local mode is the default mode of operation in LWAP. Every 180 seconds the access points spend 60 ms on channels it does not operate on. During the 60 ms time period, the access points perform noise and interference measurements and scan for intrusion detection activity.
REAP mode allows the LWAP to reside across a LAN link and still be able to communicate with the WLC and provide the functionality of a regular LWAP. REAP mode is not supported on all LWAP models.
Monitor mode is a special feature that allows LWAPP-enabled access points to exclude themselves from dealing with data traffic between clients and the infrastructure. Instead, these APs act as dedicated sensors for location-based services, rogue access point detection, and intrusion detection systems. Access points in monitor mode cannot serve clients and they continuously cycle through all available channels, listening on each channel for approximately 60 ms.
In RD mode the LWAP monitors for rogue access points. The RD access point’s goal is to see all the VLANs in the network because rogue access points can be connected to any of these VLANs. The switch sends all the rogue access point client MAC address lists to the RD access point, which forwards these to the WLC to compare them with the MAC addresses of legitimate clients. If MAC addresses are matched, the controller knows that the rogue access point that deals with those clients is on the wired network.
Sniffer mode allows the LWAP to capture and forward all the packets on a particular channel to a remote machine that is running packet capturing and analysis software. These packets include timestamps, packet size, and signal strength information.
Bridge mode typically operates on outdoor access points that function in a mesh topology. This is a cost-effective high-bandwidth wireless bridging connectivity mechanism and it includes Point-to-Point or Point-to-Multipoint bridging.
Wireless LAN Controllers
Wireless LAN Controllers have three major components:
- Wireless LANs
The wireless LAN is basically the SSID network name. Every wireless LAN is assigned to an interface in the WLC and each wireless LAN is configured with policies for RF, QoS, and other wireless LAN attributes.
The WLC interfaces are logical connections that map to a VLAN on a wired network. Every interface is configured with a unique IP address, a default gateway, physical ports, VLAN tagging, and a DHCP server. WLCs support five interface types:
- The management interface used for in-band management, connectivity to an AAA server, or Layer 2 discovery and association
- An optional service port interface for out-of-band management that is statically configured
- The AP manager interface used for Layer 3 discovery and association (the static WLC IP address will be configured on this interface)
- Dynamic interfaces (these are basically the VLANs designated for wireless LAN client data)
- Virtual interfaces used for Layer 3 security authentication, DHCP relay support, and management of mobility features
The port is a physical connection to a neighboring switch or router, and by default, each port is a .1Q trunk port. WLCs might have multiple ports that go into a single port-channel interface (link aggregation can be applied to these ports). Some WLCs also have a service port that is used for out-of-band management.
|Note: Different WLC platforms can support a different number of access points, up to several hundred.
Roaming and Mobility
One of the main features of a WLAN solution is giving end-users the ability to access network resources from different areas, including zones where it is difficult to install cables. Another reason for using WLANs would be organizational policies that only allow guest access wirelessly. Sometimes a wireless LAN solution is built as a transition network until the complete wired network is implemented.
Considering the scenarios mentioned above, the end-users will most likely move from one location to another. The solution to this issue is the roaming and mobility features that give end-users the ability to access the network from different locations.
Roaming happens when wireless clients change their association from one LWAP to another without losing connectivity. Designers and engineers should carefully scale the wireless network to allow for the client roaming process. Wireless roaming can be divided into two categories, as shown in Figure 9.13 below:
- Intra-controller roaming
- Inter-controller roaming (Layer 2 or Layer 3)
Figure 9.13 – WLAN Roaming
Intra-controller roaming happens when a client moves his association from one access point to another access point controlled by the same WLC. At that moment, the WLC will update the client database with the new association and it will not change the client’s IP address.
Inter-controller roaming can operate in either Layer 2 or Layer 3. Layer 2 inter-controller roaming implies that users move from AP to AP and from WLC to WLC, but at the same time they remain in the same subnet. Layer 3 inter-controller roaming is more difficult to implement and it implies that users move from AP to AP, from WLC to WLC, and also from subnet to subnet. In this scenario the WLCs must be configured with mobility groups to closely communicate and exchange information about the roaming users’ status.
A very important advantage of Layer 3 inter-controller roaming is that users can maintain their original IP addresses. The two wireless LAN controllers are connected through an IP connection. In this situation, the traffic is bridged into a different IP subnet. When the client associates to the new access point, the new WLC will exchange mobility information with the old WLC. The original client database is not moved to the new WLC. Instead, the old WLC will mark the client in its database entry (anchor entry) and this entry is copied to the new WLC database that will mark this entry as a foreign entry. The wireless client keeps its original IP address and it is re-authenticated as soon as a new security session is established.
Wireless LAN controllers are assigned to mobility groups in order to dynamically exchange mobility messages and tunnel data over the IP connection. Mobility groups use the following ports to exchange data:
- LWAPP control: UDP 12223
- LWAPP data: UDP 12222
- WLC exchange un-encrypt messages: UDP 16666
- WLC exchange encrypt messages: UDP 16667
WLAN technologies have replaced Layer 1 physical wiring and Layer 2 transport technologies with wireless. One advantage of this replacement is that upper-layer protocols, like IP/TCP/UDP, are not usually affected. The wireless issues most often encountered include signal interference or obstruction, which are not commonly found in wired environments.
There are different antenna types that can be used with access points:
- Omnidirectional antennas
- Directional antennas
- Yagi antennas
- Parabolic antennas
When planning to install a new access point (AP), there are a number of things you should consider. You can’t just take an AP and put it anywhere in the building and expect it to work optimally. The first thing you should think about is the location of the users the APs will serve within that building. Users need access to the wireless network when they are at their desks but they might also need access to the Wi-Fi network when they are in conference rooms or other meeting areas. If that is the case, you should place the access points closer to those parts of the room or floor.
On 802.11 wireless networks there is a set of standards that defines what frequencies and what channels these particular networks might use. These standards are defined by IEEE and are used worldwide:
The standards above are the primary standards used today but there are also other standards in between those. There are many differences between all the standards, in terms of speed, distance, channels, and frequencies. Table 9.2 below summarizes the characteristics of the 802.11 standards:
Table 9.2 – 802.11 Characteristics
|Max. Throughput per Stream
|Max. Allowable Streams
|Approximate Outdoor Range
|5 GHz, 3.7 GHz
|120 m, 5000 m
|5 GHz, 2.4 GHz
Configure WiFi in our 101 Labs – CompTIA Network+ book.