192 CCNA Wireless Official Exam Certification Guide Foundation Topics Understanding the Different LWAPP Modes LWAPP can operate in either Layer 2 LWAPP mode or Layer 3 LWAPP mode. The Layer 2 mode is considered out of date, and Cisco prefers and recommends Layer 3 mode. Layer 3 mode is the default LWAPP mode on most Cisco devices. At a high level, and after the AP has an IP address, the phases of LWAPP operation include these: Step 1. An AP sends an LWAPP discovery request message. This is a broadcast that is sent at Layer 2. Step 2. Assuming that a controller is operating in Layer 2 LWAPP mode, the wireless LAN controller (WLC) receives the LWAPP discovery request and responds with an LWAPP discovery response message. Note: Only Cisco 1000 Series LAPs support Layer 2 LWAPP mode. Also, Layer 2 LWAPP mode is not supported on Cisco 2000 Series WLCs. These WLCs support only Layer 3 LWAPP mode. Step 3. The AP chooses a controller based on the response received and sends a join request. Step 4. The WLC receiving the LWAPP join request responds to the AP join request with an LWAPP join response. This process is going to include a mutual au- thentication. An encryption key is created to secure the rest of the join process and any future LWAPP control messages. Step 5. After the AP has joined the WLC, LWAPP messages are exchanged, and the AP initiates a firmware download from the WLC (if the AP and WLC have a version mismatch). If the onboard firmware of the AP is not the same as that of the WLC, the AP downloads firmware to stay in sync with the WLC. The firmware download mechanism utilizes LWAPP. Step 6. After the WLC and AP match firmware revisions, the WLC provisions the AP with the appropriate settings. These settings might include service set identi- fiers (SSID), security parameters, 802.11 parameters such as data rates and sup- ported PHY types, radio channels, and power levels. Step 7. After the provisioning phase is completed, the AP and WLC enter the LWAPP runtime state and begin servicing data traffic. Step 8. During runtime operations, the WLC might issue various commands to the AP through LWAPP control messages. These commands might be provisioning commands or requests for statistical information that the AP collects and maintains. 13_1587202115_ch11.qxp 9/29/08 2:41 PM Page 192 Chapter 11: Controller Discovery and Association 193 AP Controller Switch Router Host A Trunk Host B Traffic Flow 802.11 802.11 + LWAPP 802.1Q Ethernet 802.3 Ethernet Figure 11-1 Host A Sending to Host B Step 9. During runtime operations, LWAPP keepalive messages are exchanged be- tween the AP and WLC to preserve the LWAPP communication channel. When an AP misses a sufficient number of keepalive message exchanges, it at- tempts to discover a new WLC. LWAPP Layer 2 Transport Mode When operating in Layer 2 mode, LWAPP has the following characteristics and require- ments: ■ LWAPP communication between the AP and the WLC is in native, Layer 2 Ethernet frames. This is known as Layer 2 LWAPP mode. ■ In Layer 2 LWAPP mode, although the APs might get an IP address via DHCP, all LWAPP communications between the AP and WLC are in Ethernet encapsulated frames, not IP packets. ■ The APs must be on the same Ethernet network as the WLC. This means that Layer 2 mode is not very scalable. The source and destination MAC addresses depend on the direction of the frame: ■ An LWAPP control frame sent from the AP to the WLC uses the AP Ethernet MAC address as the source address and the WLC MAC address as the destination address. ■ An LWAPP control frame sent from the WLC to the AP uses the WLC MAC address as the source address and the AP MAC address as the destination address. Data packets between wireless LAN clients and other hosts are typically IP packets. Figure 11-1 illustrates the process of clients sending frames in a logical topology. Do not be concerned with the underlying network here, but rather the process between devices that will occur. In this figure, a host, Host A, is seen sending a packet to Host B. The following sequence occurs: Step 1. Host A transmits an IP packet over the 802.11 RF interface after it is encapsu- lated in an 802.11 frame with the Host A MAC address as the source address and the access point radio interface MAC address as the destination address. Key Topi c 13_1587202115_ch11.qxp 9/29/08 2:41 PM Page 193 194 CCNA Wireless Official Exam Certification Guide Step 2. At the AP, the AP adds an LWAPP header to the frame with the C-bit set to 0 and then encapsulates the LWAPP header and 802.11 frame into an Ethernet frame. This Ethernet frame uses the AP Ethernet MAC address as the source MAC address and the WLC MAC address as the destination MAC address. Step 3. At the WLC, the Ethernet and LWAPP headers are removed, and the original 802.11 frame is processed. Step 4. After processing the 802.11 MAC header, the WLC extracts the payload (the IP packet), encapsulates it into an Ethernet frame, and then forwards the frame onto the appropriate wired network, typically adding an 802.1Q VLAN tag. Step 5. The packet then travels through the wired switching and routing infrastructure to Host B. After receiving the frame, Host B will likely reply. When Host B returns an IP packet to Host A, the following sequence occurs: Step 1. The packet is carried from Host B over the wired switching and routing net- work to the WLC, where an Ethernet frame arrives with the Host A MAC ad- dress as the destination MAC address. The IP packet from Host B is encapsulated inside this Ethernet frame. Step 2. The WLC takes the entire Ethernet frame, adds the LWAPP header with the C- bit set to 0, and then encapsulates the combined frame inside an LWAPP Ether- net frame. This LWAPP Ethernet frame uses the WLC MAC address as the source MAC address and the access point Ethernet MAC address as the desti- nation MAC address. This frame is sent out over the switched network to the AP. Step 3. At the AP, the Ethernet and LWAPP headers are removed and processed. Step 4. The payload (the IP packet) is then encapsulated in an 802.11 MAC frame and transmitted over the air by the AP to Host A. LWAPP Layer 3 Transport Mode As previously mentioned, Cisco prefers Layer 3 LWAPP mode. This is because it is more scalable than Layer 2 LWAPP. Layer 3 LWAPP control and data messages are transported over the IP network in User Datagram Protocol (UDP) packets. Layer 3 LWAPP is sup- ported on all Cisco WLC platforms and lightweight APs. The only requirement is established IP connectivity between the APs and the WLC. The LWAPP tunnel uses the IP address of the AP and the AP-Manager interface IP address of the WLC as endpoints. On the AP side, both LWAPP control and data messages use an ephemeral port that is derived from a hash of the AP MAC address as the UDP port. On the WLC side, LWAPP data messages always use UDP port 12222, and LWAPP control messages always use UDP port 12223. The process of clients sending frames in Layer 3 13_1587202115_ch11.qxp 9/29/08 2:41 PM Page 194 Chapter 11: Controller Discovery and Association 195 LWAPP mode is similar to that of Layer 2 mode; however, the frames are now encapsu- lated in UDP. The process is as follows: Step 1. Host A transmits the packet over the 802.11 RF interface. This packet is encap- sulated in an 802.11 frame with the MAC address of Host A as the source ad- dress and the radio interface MAC address of the AP as the destination address. Step 2. At the AP, the AP adds an LWAPP header to the frame with the C-bit set to 0 and then encapsulates the LWAPP header and 802.11 frame into a UDP packet that is transmitted over IP. The source IP address is the IP address of the AP, and the destination IP address is the AP Manager Address of the WLC. The source UDP port is the ephemeral port based on a hash of the access point MAC address. The destination UDP port is 12222. Step 3. The IP packet is encapsulated in Ethernet as it leaves the AP and is transported by the switching and routed network to the WLC. Step 4. At the WLC, the Ethernet, IP, UDP, and LWAPP headers are removed from the original 802.11 frame. Step 5. After processing the 802.11 MAC header, the WLC extracts the payload (the IP packet from Host A), encapsulates it into an Ethernet frame, and then for- wards the frame onto the appropriate wired network, typically adding an 802.1Q VLAN tag. Step 6. The packet is then transmitted by the wired switching and routing infrastruc- ture to Host B. When Host B receives the packet, it is likely to respond, so the reverse process is as follows: Step 1. The packet is delivered by the wired switching and routing network to the WLC, where an Ethernet frame arrives with the MAC address of Host A as the destination MAC address. Step 2. The WLC removes the Ethernet header and extracts the payload (the IP packet destined for Host A). Step 3. The original IP packet from Host A is encapsulated with an LWAPP header, with the C-bit set to 0, and then transported in a UDP packet to the AP over the IP network. The packet uses the WLC AP Manager IP address as the source IP address and the AP IP address as the destination address. The source UDP port is 12222, and the destination UDP port is the ephemeral port de- rived from the AP MAC address hash. Step 4. This packet is carried over the switching and routing network to the AP. Step 5. The AP removes the Ethernet, IP, UDP, and LWAPP headers, and it extracts the payload, which is then encapsulated in an 802.11 frame and delivered to Host A over the RF network. For Layer 3 LWAPP, a 1500-byte maximum transmission unit (MTU) is assumed. You can change this, but 1500 is the default. 13_1587202115_ch11.qxp 9/29/08 2:41 PM Page 195 196 CCNA Wireless Official Exam Certification Guide Reset Start AP Boots Up Discovery Mode Join Request Message Config Data Image Data (Sync OS) AP Is Running Figure 11-2 AP States How an LWAPP AP Discovers a Controller When an AP discovers and joins a controller, the AP proceeds through several states. In Figure 11-2, you can see these states and when they happen. The process begins with the discovery of a controller. Because the lightweight APs are by definition “zero-touch” when deployed, you should only need to plug them in and let them do the rest. On the back end, the part you do not see is a little more complex. The steps in this process, beginning with discovery, are as follows: Step 1. The APs send LWAPP discovery request messages to WLCs. This is broadcast at Layer 2. Because Layer 3 mode is what you want to use, this should fail. Step 2. Upon failing, the AP proceeds to Layer 3 by checking its configuration for an IP address. If no IP address exists, the client uses DHCP to obtain one. Step 3. The AP uses information obtained in the DHCP response to contact a con- troller. Step 4. Any WLC receiving the LWAPP discovery request message responds with an LWAPP discovery response message. If no controller responds, the AP reverts to Layer 2 broadcasts and starts the process again. The Cisco implementation uses the hunting process and discovery algorithm to find as many controllers as possible. The AP builds a list of WLCs using the search and discovery process, and then it selects a controller to join from the list. Key Topi c 13_1587202115_ch11.qxp 9/29/08 2:41 PM Page 196 Chapter 11: Controller Discovery and Association 197 The controller search process repeats continuously until at least one WLC is found and joined. IOS-based APs only do a Layer 3 discovery. The Layer 3 discovery process follows a certain order: Step 1. The AP does a subnet broadcast to see if a controller is operating in Layer 3 mode on the local subnet. Step 2. The AP does an over-the-air provisioning (OTAP). Note: Although OTAP is not fully covered here, you can find a detailed document at http://tinyurl.com/5hah9q. Step 3. When other APs exist and are in a joined state with a controller, they send messages that are used for resource management. These messages have the IP address of the controller in it. The AP can listen to these messages and get the controller IP address. The AP can then send a directed discovery message to the controller. Step 4. The next process is called AP priming. AP priming is something that happens after an AP is associated with at least one controller. The AP then gets a list of other controllers that it can associate with from the one it is already associated with. These other controllers are part of a mobility group. This information then gets stored in NVRAM and can be used if the AP reboots. To contact these controllers, the AP sends a broadcast to the primary controller and all the other controllers in the group. Another method of discovering a controller is via DHCP using Vendor Option mode. This simply uses DHCP option 43 to learn the IP address of the management interface of a controller. The final method of discovering a controller is using Domain Name System (DNS). You use DHCP to get IP information, including a DNS server entry. Then the AP looks for a DNS entry for CISCO-LWAPP-CONTROLLER. This should return the IP address of a controller management interface. The AP can use this address to send a unicast query. This process results in an AP finding a controller, all of which happens during the Discovery mode indicated in Figure 11-2. Note: With APs running 12.3.11-JX1 and later, you can manually prime the APs with a console cable to aid in the join process. How an LWAPP AP Chooses a Controller and Joins It Now that the AP potentially has numerous controllers to join, it must choose one and send it a join request message. Figure 11-3 illustrates this portion of communication. A join request message contains the following information: ■ Type of controller ■ MAC of controller 13_1587202115_ch11.qxp 9/29/08 2:41 PM Page 197 198 CCNA Wireless Official Exam Certification Guide Reset Start AP Boots Up Discovery Mode Join Request Message Config Data Image Data (Sync OS) AP Is Running Figure 11-3 AP Join State ■ AP hardware version ■ AP software version ■ AP name ■ Number and type of radios ■ Certificate payload (x.509) ■ Session payload to set up the session values ■ Test payload to see if jumbo frames can be used This join request message is sent using a predefined method consisting of the following steps: Step 1. An AP chooses the primary controller (if primed). This can be defined in each AP and stored in flash to survive a reboot. Using the controller GUI, go to WIRELESS > Access Points > All APs > SelectedAp > Details, as seen in Figure 11-4. Step 2. Choose the secondary controller, tertiary (if primed). Step 3. If no primed information is available, then look for a master controller. The definition of a controller as master is configured in the GUI under CONTROLLER > Advanced > Master Controller Mode, as shown in Figure 11-5. 13_1587202115_ch11.qxp 9/29/08 2:41 PM Page 198 Chapter 11: Controller Discovery and Association 199 Figure 11-4 Define Primary Controller Figure 11-5 Enable Master Controller Mode Key Topi c 13_1587202115_ch11.qxp 9/29/08 2:41 PM Page 199 200 CCNA Wireless Official Exam Certification Guide Reset Start AP Boots Up Discovery Mode Join Request Message Config Data Image Data (Sync OS) AP Is Running Figure 11-6 The Image Data State A mobility group should have only one master controller. Turn this feature off after you have added all new APs. After you have added the new APs, they will be primed and will no longer need a master. Step 4. When all else fails, look for the least loaded AP-Manager interface based on how many APs each is currently managing. Upon receiving a join request message, a controller should respond with a join reply mes- sage. This includes the following information: ■ Result code, which is the green light that says they can talk ■ Controller certificate payload response ■ Test payload for jumbo frames This process joins an AP to a controller. How an LWAPP AP Receives Its Configuration After joining, the AP moves to an image data phase, as shown in Figure 11-6, but only if the image on the AP is not the same as the image on the controller. If they are the same, this step is skipped and the image is used. The controller upgrades or downgrades the AP at this point, and then it resets the AP. Af- ter a reset, the process begins again. The code is downloaded in LWAPP messages. After the process of discovery and join happen and the image is the same on the controller and the AP, the AP gets its configuration from the controller. This happens during the con- fig data stage, as illustrated in Figure 11-7. Key Topi c 13_1587202115_ch11.qxp 9/29/08 2:41 PM Page 200 Chapter 11: Controller Discovery and Association 201 Reset Start AP Boots Up Discovery Mode Join Request Message Config Data Image Data (Sync OS) AP Is Running Figure 11-7 AP Gets Config The AP then prompts the controller for a config by sending an LWAPP configure request message that contains parameters that can be configured as well as any values that are currently set; however, most of these values are empty. When the controller gets the request, it sends a configure response message, which has the configuration values. The AP then applies the configuration values in RAM. It is important to understand that these values are not stored in flash. If the AP reboots, the process begins again. After applying the configuration, the AP is up and running. Redundancy for APs and Controllers Networks today involve a mix of critical forms of data, be it voice traffic or business transactions. Redundancy is a part life. You need to be familiar with two forms of redun- dancy for the CCNA Wireless exam: ■ AP redundancy ■ Controller redundancy AP redundancy is seen when APs exist in the same RF domain. They are designed to self- heal when poor coverage exists. This involves increasing power levels by stepping up one or two levels or even changing the channel on which they operate. Controller redundancy is seen in multiple forms. One form of controller redundancy is having a primary, secondary, and tertiary controller, as shown in Figure 11-8. As you can see in the figure, Controller A is the primary controller for WLAN A. Controller C is act- ing as the secondary controller for WLAN A, and Controller B is acting as the tertiary 13_1587202115_ch11.qxp 9/29/08 2:41 PM Page 201 . 192 CCNA Wireless Official Exam Certification Guide Foundation Topics Understanding the Different LWAPP Modes LWAPP can operate. destination address. Key Topi c 13_1587202115_ch11.qxp 9/29/08 2:41 PM Page 193 194 CCNA Wireless Official Exam Certification Guide Step 2. At the AP, the AP adds an LWAPP header to the frame with the. 1500 is the default. 13_1587202115_ch11.qxp 9/29/08 2:41 PM Page 195 196 CCNA Wireless Official Exam Certification Guide Reset Start AP Boots Up Discovery Mode Join Request Message Config Data Image