Professional Documents
Culture Documents
WLAN Service
Terminology
Client
A handheld computer or laptop with a wireless Network Interface Card (NIC) can be a WLAN client.
Fat AP
A fat AP controls and manages all associated wireless stations and bridges frames between wired and
wireless networks.
SSID
Service set identifier. A client scans all networks at first, and then selects a specific SSID to connect to a
specific wireless network.
Wireless medium
A medium that is used for transmitting frames between wireless clients. Radio frequency is used as the
wireless medium in the WLAN system.
Distribution system
A distribution system is used to forward frames to their destinations. It is the backbone to transmit
frames between access points.
1-1
Split MAC
In split MAC mode, APs and ACs manage different services. An AP manages real-time services, such
as beacon generation, power management, fragmentation and defragmentation. An AC manages
services related to packet distribution, association, dissociation and reassociation.
Scanning
1)
Active scanning
Active scanning is used by clients to scan surrounding wireless networks and locate a compatible one.
Active scanning falls into two modes according to whether a specified SSID is carried in a probe
request.
z
A client sends a probe request (with the SSID null): The client prepares a list of channels and
broadcasts a probe request frame on each of them. APs that receive the probe request send a
probe response. The client associates with the AP with the strongest signal. This active scanning
mode enables a client to know whether an AP can provide wireless services.
Figure 1-2 Active scanning (the SSID of the probe request is null)
A client sends a probe request (with a specified SSID): In this case, the client only unicasts a probe
request because the probe request it sends carries the specified SSID. When an AP receives the
1-2
probe request, it sends a probe response. This active scanning mode enables a client to access a
specified wireless network.
Figure 1-3 Active scanning (the probe request carries the specified SSID)
2)
Passive scanning
Passive scanning is used by clients to discover surrounding wireless networks through listening to the
beacon frames periodically sent by an AP. The client prepares a list of channels and listens to beacons
on each of these channels. In this case, the AP needs to periodically broadcast beacon frames. Passive
scanning is used by a client when it wants to save battery power. Typically, VoIP clients adopt the
passive scanning mode.
Figure 1-4 Passive scanning
Authentication
To prevent illegal clients from accessing a network, authentication is needed between clients and ACs
or between clients and fat APs. There are two types of authentication:
z
For details about the two types of authentication, refer to Introduction to WLAN Security.
Association
A client that wants to access a wireless network via an AP must be associated with that AP. Once the
client chooses a compatible network with a specified SSID and authenticates to an AP, it sends an
association request frame to the AP. The AP sends an association response to the client and adds the
clients information in its database. At a time, a client can associate with only one AP. An association
process is always initiated by the client rather than the AP.
1-3
CAPWAP Overview
Introduction to CAPWAP
Control And Provisioning of Wireless Access Points (CAPWAP) defines how an AP communicates with
an AC. It provides a generic encapsulation and transport mechanism between AP and AC, as shown in
Figure 1-5.
Figure 1-5 CAPWAP
In order to achieve AC backup, an AP needs to establish two tunnel links with two different ACs. Only
the AC which works in master mode provides services to all the APs in the network and the slave AC
acts as the backup AC. If the master AC fails, APs should quickly use the services provided by the slave
AC. A heartbeat mechanism is used between these two ACs, which ensures that failure of the master
will be detected quickly by the backup AC.
1-4
In the above figure, AC1 is working in master mode and providing services to AP1, AP2, AP3 and AP4.
AC2 is working in slave mode. APs are connected to AC2 through LWAPP slave tunnels. AC1 and AC2
can be configured as backup for each other and should start master/slave detection. When AC2 detects
AC1 is down, AC2 will convert the work mode from slave to master. All APs which are connected to AC2
through slave tunnels will transform the tunnels to master tunnels and use AC2 as the master AC. Once
AC 1 is reachable again, it will remain the backup.
2)
Primary AC recovery
In the above figure, AC 1 is the primary AC and it establishes a CAPWAP connection with the AP. AC 2
acts as the secondary AC. If AC 1 goes down, AC 2 will act as the primary AC until AC1 recovers. This
means once AC 1 is reachable again, the AP will establish a connection with AC 1 and disconnect from
AC 2.
3)
1-5
AP 1
AC 2
AP 2
Dual work mode indicates that an AC can provide both master and slave connections. An AC will act as
the master for some APs and act as the slave for some other APs. In the above scenario, AC 1 acts as
the master for AP 1 and slave for AP 2. Similarly, AC 2 acts as the master for AP 2 and slave for AP 1.
The Virtual Local Area Network (VLAN) technology allows for logical division of broadcast domains.
Hosts in a VLAN can communicate with each other at Layer-2, while hosts in different VLANs implement
Layer-3 communication. In a WLAN, you can assign wireless clients to different VLANs, as shown in
Figure 1-9. After that, you can configure different WLAN security policies for these VLANs to implement
more flexible, more secure wireless access.
2)
Some wireless service providers need to control the access positions of clients. For example, as shown
in Figure 1-10, to meet security or billing needs, it is required to connect wireless clients 1, 2 and 3 to the
1-6
wired network through APs 1, 2 and 3 respectively. To achieve this, you can configure an AP group and
then apply the AP group in a user profile.
Figure 1-10 AP based client access control
RADIUS server
Internet
AP 1
Client 1
AP 2
Client 2
AC
AP 3
Client 3
3)
When a user wants to access a WLAN temporarily, the administrator can specify a permitted SSID in
the corresponding user profile so that the user can access the WLAN only through the SSID.
Figure 1-11 SSID based client access control
802.11n
Introduction
As the next generation wireless LAN technology, 802.11n supports both 2.4GHz and 5GHz bands. It
provides higher-speed services to customers by using the following two methods:
1)
Increasing bandwidth: 802.11n can bond two adjacent 20-MHz channels together to form a
40-MHz channel. During data forwarding, the two 20-MHz channels can work separately with one
acting as the primary channel and the other acting as the secondary channel or work together as a
40-MHz channel. This provides a simple way of doubling the data rate.
2)
802.11n introduces the A-MPDU frame format. By using only one PHY header, each A-MPDU can
accommodate multiple Message Protocol Data Units (MPDUs) which have their PHY headers
1-7
removed. This reduces the overhead in transmission and the number of ACK frames to be used,
and thus improves network throughput.
Similar with MPDU aggregation, multiple MAC Service Data Units (MSDU) can be aggregated into
a single A-MSDU. This reduces the MAC header overhead and thus improves MAC layer
forwarding efficiency.
To improve physical layer performance, 802.11n introduces the short GI function, which shortens
the GI interval of 800 us in 802.11a/g to 400 us. This can increase the data rate by 10 percent.
802.11n Rates
Configuration of mandatory and supported 802.11n rates is achieved by specifying the maximum
Modulation and Coding Scheme (MCS) index. The MCS data rate table shows relations between data
rates, MCS indexes, and parameters that affect data rates. A sample MCS data rate table is shown in
Table 1-1. For the whole table, refer to IEEE P802.11n D2.00.
Table 1-1 MCS data rate table
Data rate (Mbps)
MCS index
Modulation
R
800ns GI
400ns GI
BPSK
1/2
6.5
7.2
QPSK
1/2
13.0
14.4
QPSK
3/4
19.5
21.7
16-QAM
1/2
26.0
28.9
For example, if you specify the maximum MCS index as 5 for mandatory rates, rates corresponding to
MCS indexes 0 through 5 are configured as 802.11n mandatory rates.
Mandatory rates must be supported by the AP and the clients that want to associate with the AP.
Supported rates allow some clients that support both mandatory and supported rates to choose higher
rates when communicating with the AP.
802.11n Networks
As shown in Figure 1-12, both the AC and APs support 802.11n. The AC is deployed in the equipment
room and APs are deployed in rooms and outdoors. The AC and APs communicate with each other
through CAPWAP tunnels either over a Layer-2 or Layer-3 network. All APs are managed by the AC
and provide to clients 802.11n access, which allows for higher access rates than 802.11a/b/g.
1-8
802.11n is backward compatible and thus can be deployed in existing 2.4G and 5G WLAN networks.
Figure 1-13 802.11n and 802.11a/g hybrid network
In this hybrid network as shown in Figure 1-13, however, 802.11n clients may not enjoy normal rates
due to the existence of non-802.11n clients. Therefore, you need to make proper deployment and
transition policies to ensure optimal access rates.
1-9