202 CCNA Wireless Official Exam Certification Guide Controller A Primary WLAN A Secondary WLAN B Tertiary WLAN C Controller B Controller C Primary WLAN B Secondary WLAN C Tertiary WLAN A Primary WLAN C Secondary WLAN A Tertiary WLAN B Figure 11-8 Controller Redundancy controller for WLAN A. Each WLAN has a different primary, secondary, and tertiary con- troller. Another form of controller redundancy is using link aggregation (LAG) or multiple AP managers. You can also have a primary and backup port on a controller. If the primary goes down, you can use the backup. Common designs for controller redundancy include the following: ■ N+1:This design has a single backup for multiple controllers. If you have five con- trollers with one backup for all of them to share, the backup can easily become over- whelmed if more than one controller is down at a time. ■ N + N: This design allows each controller to back up the other. For example, AP-1 points to WLC1 as its primary and WLC2 as its secondary. AP-2 points to WLC2 as its primary and WLC1 as its secondary. Load balancing is desired between APs and controllers. Also, if one controller is maxed out with APs, the design is no good. ■ N + N + 1: This is the most redundant design. Each controller backs up the other, and an extra is designed as a backup. Take the same example as N + N but add a third controller, WLC-BACKUP, that every AP points to as the tertiary. The AP Is Joined, Now What? You can change the mode by navigating to Wireless > APs > All APs > Detail. Now that you have an AP joined with a controller, what can it do? Most people expect it to get them to the Internet. Your AP can actually serve numerous roles based on the mode 13_1587202115_ch11.qxp 9/29/08 2:41 PM Page 202 Chapter 11: Controller Discovery and Association 203 it is in. Different APs support different modes. An AP can operate in each of the following modes: ■ Local ■ Monitor ■ Sniffer ■ Rogue Detector ■ Hybrid REAP ■ Bridge The sections that follow describe each of these modes in greater detail. Local Mode This is business as usual for an AP. In this mode, the AP scans all channels over a 180-sec- ond period for monitoring services, and it inspects management packets for intrusion de- tection system (IDS) signature matches. You can also use this mode for site surveys. When the AP scans channels, it jumps to each unassigned channel for 60 ms and then goes back to its assigned channel for 13 seconds. The purpose of scanning channels is to moni- tor traffic. Monitor Mode Monitor mode is passive. When in this mode, the AP does not send traffic out of its ra- dios, and it does not allow client connections. This mode is used for finding rogue APs or IDS matches, troubleshooting, or site surveys. Monitor mode APs can be used with the lo- cation appliance to increase accuracy. Scanning is based on the country, and the command config advanced 802.11b monitor channel-list can change the value of the channels mon- itored. Sniffer Mode This mode operates with an OmniPeak, Airmagnet, or Wireshark server to capture data. The encapsulation of the captured data is specific to the product with which it is used. The AP sends the data to the specified device for review. This mode is used to gather time stamps, signal strength, packet size, and other relevant information. You can use this mode as a troubleshooting tool for forensics. Rogue Detection Mode This special role communicates rogue AP information between WLCs. In this mode, the radios on the AP are turned off, and it listens for ARP messages on the wired network. It compares the MAC information to a rogue AP and client MAC list that it receives from the controller. The AP forwards this to other controllers. If an ARP is heard on the wired LAN, the controller generates an alarm. 13_1587202115_ch11.qxp 9/29/08 2:41 PM Page 203 204 CCNA Wireless Official Exam Certification Guide H-REAP Mode H-REAP mode is designed to be used when you have APs across a WAN and you want to use the controller at a central site. The big issue is that the controller is connected via a WAN link, so you must follow certain guidelines: ■ The link cannot be any slower than 128 kbps. ■ Roundtrip latency cannot be more than 100 ms roundtrip. ■ The AP needs to get a 4-MB code update across the WAN link. The AP needs to communicate with the controller for only a short time during the initial phase, and then it can function without it but with reduced functionality. The two modes of operation are as follows: ■ Connected mode: In Connected mode, the AP can communicate with the con- troller. ■ Standalone mode: In Standalone mode, the AP is disconnected and is unable to reach the controller. All client requests are based on a configuration that is local to the AP. This mode is supported on the AP 1130, AP 1240, and AP 1250. Bridge Mode In Bridge mode, the AP can act as a bridge and allow client access. APs can use point-to- point or point-to-multipoint links. To determine the best path, the APs use a protocol called Adaptive Wireless Path Protocol (AWPP). Cisco calls this an iMesh for indoor APs and a mesh for outdoor APs. 13_1587202115_ch11.qxp 9/29/08 2:41 PM Page 204 Chapter 11: Controller Discovery and Association 205 Table 11-2 Key Topics for Chapter 11 Key Topic Item Description Page Number List in the section “Understanding the Different LWAPP Modes” Steps of LWAPP 193 Figure 11-2 AP states 196 List in the section “How an LWAPP AP Discovers a Controller” AP states process 200 Figure 11-4 How the AP gets its image 199 Exam Preparation Tasks Review All the Key Concepts Review the most important topics from this chapter, noted with the Key Topics icon in the outer margin of the page. Table 11-2 lists a reference of these key topics and the page number where you can find each one. Definition of Key Terms Define the following key terms from this chapter, and check your answers in the Glossary: Lightweight Access Point Protocol (LWAPP), Layer 3 LWAPP mode, LWAPP discovery re- quest, LWAPP discovery response, AP priming, join request message, master controller, N + 1, N + N, N + N + 1, Local mode, Monitor mode, Sniffer mode, Rogue Detection mode, Hybrid REAP mode, Bridge mode, over-the-air provisioning (OTAP) 13_1587202115_ch11.qxp 9/29/08 2:41 PM Page 205 This chapter covers the following subjects: Understanding Roaming: Looks at the concept of roaming and how it should work. Types of Roaming: Discusses Layer 2 and Layer 3 roaming as well as mobility anchor configurations. 14_1587202115_ch12.qxp 9/29/08 2:38 PM Page 206 CHAPTER 12 Adding Mobility with Roaming Table 12-1 “Do I Know This Already?” Section-to-Question Mapping Foundation Topics Section Questions Understanding Roaming 1–5 Types of Roaming 6–11 More and more frequently, end users are expecting the ability to begin a transfer and then change locations seamlessly. This is where roaming functionality comes into play. Roaming is a big part of wireless networks. To facilitate this process, you need to be aware of some terms and options. This chapter introduces you to those terms and how the roaming process is configured. You should take the “Do I Know This Already?” quiz first. If you score 80 percent or higher, you might want to skip to the section “Exam Preparation Tasks.” If you score be- low 80 percent, you should review the entire chapter. “Do I Know This Already?” Quiz The “Do I Know This Already?” quiz helps you determine your level of knowledge of this chapter’s topics before you begin. Table 12-1 details the major topics discussed in this chapter and their corresponding quiz questions. 1. Which of the following describes a mobility group? a. A set of users with rights to roam b. A group of controllers configured with the same hostname c. A group of controllers configured in the same mobility group d. A set of controllers that roam 14_1587202115_ch12.qxp 9/29/08 2:38 PM Page 207 2. Controllers that are aware of each other but that are in different mobility groups are said to be in what? a. Mobility chain b. Mobility mode c. Mobility-aware mode d. Mobility domain 3. How many mobility domains can a controller be a member of? a. One b. Two c. Three d. Four 4. True or false: A client can roam from one mobility group to another in the same mo- bility domain. a. True b. False 5. True or false: A client can roam between two controllers in different mobility do- mains. a. True b. False 6. Which of the following are valid roaming types? (Choose two.) a. Layer 2 roaming b. Seamless AP roaming c. Layer 3 roaming d. Layer 4 roaming 7. Which of the following statements is not true? a. For roaming to work, the controllers need to be in the same mobility domain. b. For roaming to work, the controllers need to run the same code version. c. For roaming to work, the controllers need to operate in the same LWAPP mode. d. For roaming to work, the SSID (WLAN) does not necessarily need to be the same. 208 CCNA Wireless Official Exam Certification Guide 14_1587202115_ch12.qxp 9/29/08 2:38 PM Page 208 Chapter 12: Adding Mobility with Roaming 209 8. What is the term for roaming from one AP to another AP managed by the same con- troller? a. Same-controller roaming b. Intercontroller roaming c. Intracontroller roaming d. This is not roaming. 9. What is the term for roaming from one AP to another AP managed by a different con- troller? a. Same-controller roaming b. Intercontroller roaming c. Intracontroller roaming d. This is not roaming. 10. What is it called when client traffic is tunneled back to the anchor controller before being sent to its destination? a. Symmetric tunneling b. Asymmetric tunneling c. Anchor roaming d. Layer 2 roaming 11. What is it called when client traffic is sent directly to a destination and return traffic goes to an anchor controller before being sent back to the client on a foreign con- troller? a. Symmetric tunneling b. Asymmetric tunneling c. Anchor roaming d. Layer 3 roaming 14_1587202115_ch12.qxp 9/29/08 2:38 PM Page 209 Foundation Topics Understanding Roaming It’s probably safe to say that most people understand the concept of roaming at a high level. You want to move from your desk to the conference room. The conference room is on the other side of the building, but you are in the middle of a large upload. You don’t sweat it because you are on a wireless network and wireless is “everywhere”! That sounds nice, and that’s what wireless networks have to offer, but how does wireless get “everywhere”? From what you have learned so far, you know that a wireless signal can’t travel “everywhere” because of absorption, refraction, scattering, and more. You’ve also learned a little about roaming and how an AP needs some overlap to facilitate the process. But there is still more to it. If you step back and look at the big picture, you start to see that the controller has to be involved in this lightweight AP deployment. How is the controller involved? To understand that, you need to understand mobility groups. Understanding Mobility Groups In simple terms, a mobility group is a setting on a controller that defines the controller as a member of a group. Other controllers would also be members of that group. These con- trollers share information about the clients that are roaming. In Figure 12-1, two con- trollers are in the same mobility group. They can exchange information about the client that is roaming. Figure 12-2 shows a network with three controllers. Controller1 and Con- troller2 are in the same mobility group, and Controller3 is in a different one. When this scenario occurs, the three controllers are considered to be in the same mobility domain. A controller can be aware of another controller in a different mobility group as long as they are in the same mobility domain. This allows them to exchange information regarding their clients. This allows clients in different mobility groups to roam between the different mobility domains. If the controllers were in different mobility groups and did not have knowledge of each other, roaming could not occur. To provide this knowledge, you as an administrator need to enter the MAC address and management IP address of the other controller in the first controller, and vice versa. In other words, Controller2 needs to be configured with Controller3’s MAC and management IP addresses, and Controller3 needs to be configured with Controller2’s MAC and IP addresses. To set this up in the controller, first you need to configure the controller’s mobility do- main. Remember that multiple controllers share the same mobility group, and controllers in different mobility groups can communicate with each other if they are part of the same mobility domain. To configure the mobility domain using the controller web interface, choose CONTROLLER > General. A controller can be in only one mobility group and one mobility domain. To configure the mobility group, choose CONTROLLER > Mobility Management. Controllers that are in the same mobility group have the same virtual gateway IP address. You can add these con- trollers by clicking New and then adding the IP address, MAC address, and mobility group of the other controller, as shown in Figure 12-3. In Figure 12-3, Controller2 is added to Controller1. If you have more than one controller to add, you can do it all at once. First you create a text file that includes the controller MAC address and IP address for each 210 CCNA Wireless Official Exam Certification Guide 14_1587202115_ch12.qxp 9/29/08 2:38 PM Page 210 Roaming Client Wired Network AP2AP1 Mobility_1 Mobility Messages Controller1 Controller2 Figure 12-1 Mobility Group AP3AP2 Mobility Domain_1 Controller2Controller1 Controller3 Mobility_2Mobility_1 Wired Network Roaming Client Mobility Messages AP1 Figure 12-2 Mobility Domain Chapter 12: Adding Mobility with Roaming 211 Key Topi c Key Topi c 14_1587202115_ch12.qxp 9/29/08 2:38 PM Page 211 . 202 CCNA Wireless Official Exam Certification Guide Controller A Primary WLAN A Secondary WLAN B Tertiary WLAN C Controller. controller generates an alarm. 13_1587202115_ch11.qxp 9/29/08 2:41 PM Page 203 204 CCNA Wireless Official Exam Certification Guide H-REAP Mode H-REAP mode is designed to be used when you have APs across. roaming to work, the SSID (WLAN) does not necessarily need to be the same. 208 CCNA Wireless Official Exam Certification Guide 14_1587202115_ch12.qxp 9/29/08 2:38 PM Page 208 Chapter 12: Adding Mobility