WLC 7.0 and Later: VLAN Select and Multicast Optimization Features Deployment Guide

Similar documents
Multicast VLAN, page 1 Passive Clients, page 2 Dynamic Anchoring for Clients with Static IP Addresses, page 5

Wireless LAN Controller (WLC) Mobility Groups FAQ

Web Authentication Proxy on a Wireless LAN Controller Configuration Example

Configure Multicast on Cisco Mobility Express AP's

Securing Wireless LAN Controllers (WLCs)

Workgroup Bridges. Cisco WGBs. Information About Cisco Workgroup Bridges. Cisco WGBs, page 1 Third-Party WGBs and Client VMs, page 9

Configuring Auto-Anchor Mobility

Syslog Server Configuration on Wireless LAN Controllers (WLCs)

DHCP. DHCP Proxy. Information About Configuring DHCP Proxy. Restrictions on Using DHCP Proxy

Configuring AP Groups

Lightweight AP (LAP) Registration to a Wireless LAN Controller (WLC)

Configuring Auto-Anchor Mobility

Mobility Groups. Information About Mobility

Multicast/Broadcast Setup

Configuring FlexConnect Groups

Configuring AP Groups

Using Cisco Workgroup Bridges

Configuring DHCP for WLANs

Cisco Wireless Devices Association Matrix

Configuring DHCP. Restrictions for Configuring DHCP for WLANs. Information About the Dynamic Host Configuration Protocol. Internal DHCP Servers

Configuring Proxy Mobile IPv6

Configuring Application Visibility and Control

Configuring DHCP. Restrictions for Configuring DHCP for WLANs. Information About the Dynamic Host Configuration Protocol. Internal DHCP Servers

Configuring Hybrid REAP

Deployment Guide for Cisco Guest Access Using the Cisco Wireless LAN Controller, Release 4.1

Configuring Wireless Multicast

FlexConnect. Information About FlexConnect

Software-Defined Access Wireless

Client Data Tunneling

Cisco Deploying Basic Wireless LANs

Wireless LAN Controller Module Configuration Examples

Configuring Access Point Groups

Wireless LAN Controller Web Authentication Configuration Example

Overview of Ports and Interfaces

High Availability (AP SSO) Deployment Guide

Troubleshooting Web Authentication on a Wireless LAN Controller (WLC)

Cisco 440X Series Wireless LAN Controllers Deployment Guide

Software-Defined Access Wireless

Ethernet Bridging in Point Point Wireless Mesh Network Configuration Example

Configure 802.1x Authentication with PEAP, ISE 2.1 and WLC 8.3

The Wireless LAN Controller (WLC) supports two modes of DHCP operations in case an external DHCP server is used:

Configure Devices Using Converged Access Deployment Templates for Campus and Branch Networks

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

FortiNAC. Cisco Airespace Wireless Controller Integration. Version: 8.x. Date: 8/28/2018. Rev: B

Configuring Client Roaming

Configuring FlexConnect Groups

Ports and Interfaces. Ports. Information About Ports. Ports, page 1 Link Aggregation, page 5 Interfaces, page 10

Configuring Client Profiling

Configuring Client Roaming

Software-Defined Access Wireless

Cisco Exam Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ]

Trusted AP Policies on a Wireless LAN Controller

Configuring Access Point Groups

Cisco Air Time Fairness

NTP on Wireless LAN Controllers Configuration Example

Configuring WLANsWireless Device Access

Cisco Exam. Volume: 147 Questions

NAT Support for Multiple Pools Using Route Maps

exam. Number: Passing Score: 800 Time Limit: 120 min CISCO Deploying Cisco Wireless Enterprise Networks. Version 1.

Cisco Catalyst 6500 Series Wireless LAN Services Module: Detailed Design and Implementation Guide

Configuring NAC Out-of-Band Integration

HPE IMC UAM BYOD Quick Deployment on Mobile Device Configuration Examples

Configure n on the WLC

VIEW Certified Configuration Guide. Cisco

Chromecast as mdns Service in order to Cast Screen Configuration on WLC

CUWN Release 8.2 mdns Gateway with Chromecast Support Feature Deployment Guide

Single VLAN Architecture for Wireless LAN

ITCertMaster. Safe, simple and fast. 100% Pass guarantee! IT Certification Guaranteed, The Easy Way!

Q&As. Implementing Cisco Unified Wireless Voice Networks (IUWVN) v2.0. Pass Cisco Exam with 100% Guarantee

Configuring Voice and Video Parameters

Examples and Technotes, Cisco IOS XE Release Denali

Configuring a Basic Wireless LAN Connection

HPE IMC BYOD WLAN MAC Authentication Configuration Examples

Configuring RF Profiles

Architecting Network for Branch Offices with Cisco Unified Wireless

Lesson Overview & Objectives

Configuring PIM Snooping

PassCollection. IT certification exam collections provider, High pass rate

Managing Rogue Devices

Cisco 8500 Series Wireless Controller Deployment Guide

PEAP under Unified Wireless Networks with ACS 5.1 and Windows 2003 Server

Per-WLAN Wireless Settings

AP Power and LAN Connections

Configuring the AP-Manager Interface

Internetwork Expert s CCNP Bootcamp. Wireless LANs. WLANs replace Physical (layer 1) and Data Link (layer 2) transports with wireless

P ART 3. Configuring the Infrastructure

Editing WLAN SSID or Profile Name for WLANs (CLI), page 6

Cisco Exam Securing Wireless Enterprise Networks Version: 7.0 [ Total Questions: 53 ]

Real4Test. Real IT Certification Exam Study materials/braindumps

WLAN Timeouts. Timeouts. Timeout for Disabled Clients. Session Timeout. Information About Configuring a Timeout for Disabled Clients

UCS Uplink Ethernet Connection Configuration Example

Cisco Exam Implementing Cisco unified Wireless Voice Networks (IUWVN) v2.0 Version: 10.0 [ Total Questions: 188 ]

Wireless LAN Controller (WLC) Design and Features FAQ

HPE IMC BYOD WLAN 802.1X Authentication and Security Check Using inode Configuration Examples

Wireless LAN Controller Mesh Network Configuration Example for Releases 5.2 and later

Converting Autonomous Access Points to Lightweight Mode

Converting Autonomous Access Points to Lightweight Mode

Cisco Unified Wireless Technology and Architecture

Deploying Cisco Wireless Enterprise Networks

Authentication of Wireless LAN Controller's Lobby Administrator via RADIUS Server

Transcription:

WLC 7.0 and Later: VLAN Select and Multicast Optimization Features Deployment Guide Document ID: 112932 Contents Introduction Prerequisites Requirements Platforms Supported Conventions VLAN Select Feature Overview Multicast Optimization Configuration Steps via CLI and GUI Applying Interface Group to a WLAN AP Group and AAA Override Mapping Interface group to a Foreign WLC L3 Multicast Configuration in Interface Group L2 Multicast Configuration in Interface Group Related Information Introduction This document explains the VLAN Select feature that is introduced in the Wireless LAN Controller (WLC) release 7.0.116.0. The document also discusses how to deploy this feature in a Cisco Unified Wireless Solution. In order to configure the VLAN Select feature in WLC release 7.2 and later, refer to WLC 7.2 VLAN Select and Multicast Optimization Features Deployment Guide. Prerequisites Requirements Cisco recommends that you have knowledge of these topics: Cisco Unified Wireless Solution Platforms Supported This feature is supported on all Lightweight APs (LAPs) with 16MB or more flash space. LAPs Supported: 1120, 1230, 1130, 1140, 1240, 1250, 1260, 3500 and 1522/1524 Controllers Supported: 7500, 5508, 4402, 4404, WISM, WiSM 2, 2500, 2106, 2112, 2125 Note: Controllers will support these number of Interface groups/interfaces: WiSM 2, 5508, 7500, 2500 64/64 WiSM, 4400, 4200 32/32 2100 and NM6 series 4/4

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command. Conventions Refer to Cisco Technical Tips Conventions for more information on document conventions. VLAN Select Feature Overview In current WLC architecture, it is mandatory to map the WLAN to an interface/vlan. Default mapping is to management interface. The limitation is that one WLAN can be mapped to a single interface/vlan. This limitation requires availability of a single large subnet, in dense deployments, which might not be feasible for many customers because of existing network design and IP subnet allocation in their network. Existing features, such as AP Groups and AAA override, can help to some extent but cannot meet complete requirements and might not be feasible in all kinds of customer deployments. This same limitation also exists to the guest anchor setup where guest clients on remote locations always get an IP address from a single subnet mapped to the WLAN on anchor location. Also, the IP address assignment to wireless guest clients is not dependent on foreign locations and all guest clients on different foreign locations will receive an IP address from the same subnet. Once again, this is not feasible for many customers. Integration of VLAN Pooling, or the VLAN Select feature, in the 7.0.116.0 release provides a solution to this restriction where the WLAN can be mapped to a single interface or multiple interfaces using interface group. Wireless clients associating to this WLAN will receive an IP address from a pool of subnets identified by a MAC hashing algorithm which is calculated based on the MAC address of the client and the number of interfaces in the interface group. In the instance that the interface selected from the interface group by the MAC hashing algorithm does not serve the IP address to the client for some reason (dhcp server unreachable, dhcp scope exhausted, etc.), that interface will be marked as dirty and a random interface is selected from the interface group. This flowchart illustrates the DHCP address selection when the round robin mechanism is used in interface or interface group configuration:

Note: If the DHCP lease time is high, there is a possibility of DHCP IP leakage if the clients frequently de authenticates and re authenticates. Note: With Inter Release Controller Mobility (IRCM), controllers in releases before 7.0.116.0 cannot understand the VLAN list payload. Therefore, sometimes a L3 mobility is performed where L2 mobility could have been done. Note: If you want to downgrade from the 7.0.116.0 release to a previous release, make sure that all WLANs are mapped to interfaces and not interface groups, and multicast interface is disabled. Note: Cisco does not support an interface group being returned from AAA, only interface. Note: Interfaces can be added to an interface group but cannot be deleted when it is mapped to the WLAN/AP Group. Note: One VLAN or interface can be a part of many different interface groups. The VLAN Select feature also extends current AP group and AAA override architecture where AP groups and AAA override can override the interface/interface group the WLAN is mapped to with an interface or interface group. This feature also provides the solution to guest anchor restrictions where now wireless guest user on foreign location can get an IP address from multiple subnets based on their foreign locations/foreign

controllers from same Anchor WLC. This flowchart indicates WLAN selection when AP group and AAA override are configured on the controller and WLAN has been mapped to an Interface or Interface Groups: Note: Some exclusions apply for static IP clients: If client has a static IP configured in subnet A and is allotted subnet B, the client is moved to subnet A (override) before moving to RUN state, if these conditions are met: DHCP Required is disabled on the WLAN. Subnet A is included in VLAN or AP group configured on WLAN. Client sends some packet sourced with static IP in subnet A within 4 min DHCP_REQD interval. Note: If the static IP client has an IP address from a subnet that is part of the interface group which is mapped to the WLAN, then the static IP client joining over that WLAN moves to RUN state and can pass traffic.

Otherwise, the static IP client cannot pass traffic. Same Subnet MobilityIn the current solution, when a client roams from one Controller to another, the foreign sends the VLAN information as part of the mobility Announce message. Based on the VLAN information received, the Anchor decides whether the tunnel should be created between the Anchor and Foreign. If the same VLAN is available on the Foreign, then the client context is completely deleted from the Anchor and the Foreign becomes the new Anchor Controller for the client. As part of the VLAN Pooling feature, the Mobility Announce message carries an additional vendor payload that contains the list of VLAN Interfaces mapped to a WLAN. This helps the Anchor to decide on Local > Local type of handoff. It is ensured that the inter release mobility does not get affected because of the introduction of this feature. In a guest tunneling scenario, clients joining on export foreign receive the IP from the interface group mapped to the WLAN on export anchor, or as per the foreign mappings configured on export anchor. If the clients who have joined over export foreign move to the export anchor controller, they might lose their IP address which means mobility is not supported between those two. However, if the clients move between two export foreign controllers, they retain their IP address which means roaming is supported in that scenario. Multicast Optimization Multicast at present is based on the grouping of the multicast address and the VLAN as one entity, mgid. The VLAN pooling feature has the potential of increasing the duplicate packets on the air. Because each client listening to the multicast stream is on a different VLAN, the WLC creates different mgids for each pair of multicast address and VLAN. Therefore, the upstream router sends one copy for each VLAN. This results, in the worst case, as many copies because there are VLANs in the pool. Because the WLAN is still the same for all clients, multiple copies of the multicast packet are sent on the air. Integration of the VLAN select feature also introduces some issues in current multicast architecture where wireless clients can receive duplicate packets. The issue of receiving duplicate multicast packets was already present in current multicast architecture, but it was only visible when AAA override is configured and 2 clients on different subnet (one on WLAN mapped subnet and another on overridden subnet) listen to same multicast group. With the introduction of VLAN select feature, this problem will be more obvious and easily visible on open WLAN also. In order to suppress the duplication of a multicast stream on the wireless medium between the WLC and APs, the multicast VLAN method is introduced. This VLAN is used for multicast traffic. One of the VLANs of the WLAN is configured as multicast VLAN on which multicast groups are registered. Configuring the multicast VLAN for the WLAN is controlled by the user. Clients will be allowed to listen to a multicast stream on the multicast VLAN. The mgid is generated using multicast VLAN and multicast IP address. Therefore, if multiple clients in the VLAN pool of the same WLAN are listening to a single multicast IP address will always generate single mgid. The WLC will make sure that all multicast stream from the clients on this VLAN pool will always go out on the multicast VLAN. This will ensure the upstream router will have just one entry for all the VLANs of the VLAN pool. Hence only one multicast stream will hit the VLAN pool even if the clients are on different VLANs. Therefore, the multicast packets sent out on the air will be just one stream. On the network interface the corresponding VLAN is still used for all their traffic.

Configuration Steps via CLI and GUI Complete these steps: 1. Verify that the Initial code on the WLC is 7.0.144.112 (???). 2. (Cisco Controller) >show boot Primary Boot Image... 7.0.X.X (active) Backup Boot Image... 7.0.x.x Create a new Interface Group. CLI : Use the config interface group create <interface group name> command. GUI: Go to Controller > Interface Groups and create a new Group. 3. Add interfaces to the Group.

CLI: Use the config interface group interface add <interface> <interface name> command. GUI: Click Interface Groups. 4. Select the Interfaces from the drop down menu and add it to the group. Applying Interface Group to a WLAN Complete these steps: 1. In order to configure mapping of an interface or interface group to the WLAN, use the config wlan interface <wlan id> <Interface/Interface group name> command. Interface Groups are identified by a postfix (G). 2. Under WLANs > General > choose the Interface Group.

AP Group and AAA Override Complete these steps: Configure the AP group or AAA override of the WLAN. Note: When AAA override is not enabled on a WLAN, clients joining the WLAN receive the IP address based on the interface or interface group mapping on the WLAN. When AAA override is enabled on a WLAN, clients joining this WLAN receive the IP address based on the interface returned by AAA server. Mapping Interface group to a Foreign WLC Complete these steps: In order to configure the subnet/address assignment based on a foreign site or location in guest anchor setup:

CLI: Use the config wlan mobility foreign map add <wlan id> < mac address > <interface/interface group> command. GUI: Create a new option under WLAN > Foreign Maps. As part of the VLAN Select feature, the Mobility Announce message carries an additional vendor payload that contains the list of VLAN Interfaces mapped to a WLAN. This helps the Anchor decide on Local > Local type of handoff. When a client roams from one Controller to another, the Foreign sends the VLAN information as part of the Mobility Announce message. Based on the VLAN information received, the Anchor decides whether the tunnel should be created between the Anchor and Foreign. If the same VLAN is available on the Foreign, then the client context is completely deleted from the Anchor and the Foreign becomes the new Anchor Controller for the client. Note: In a Guest Tunneling scenario, roaming between export foreign and export foreign is supported. However, roaming between export foreign and export anchor is not supported with VLAN Select.

In case of Auto Anchor: Clients joining a foreign WLC, which is exported to an anchor WLC and mapped to a interface group, will receive an IP address in round robin method inside the interface group. Clients joining a foreign WLC, which is exported to an anchor WLC and mapped to a interface only, will receive an IP address from that interface only. Clients roaming between two or more foreign controllers mapped to a single anchor WLC with an interface group configured will be able to maintain its IP address. Note: Anchors have to be in the same Mobility Group. Note: WLANs should be configured identical in the Foreign and Anchor controllers. L3 Multicast Configuration in Interface Group With interface groups, multiple VLANs are mapped to a single SSID. When clients in a different VLAN subscribe to a Multicast stream, duplicate entries are created in the WLC for a single SSID. As a result, a single Multicast stream can be sent multiple times over the air depending on the number of VLANs present in an interface group. In order to prevent this, an enhancement is done where a single VLAN is selected as the representative VLAN for flow of all IGMP and multicast over the air. Complete these steps: Configuration: CLI: Use the config wlan multicast interface <wlan id> enable <interface name> command. GUI: Note: This configuration is allowed only when IGMP snooping is enabled. L2 Multicast Configuration in Interface Group Similar to L3 Multicast optimization, L2 multicast and broadcast optimization is very important with the VLAN select feature. Additional commands were added in the 7.0.116.0 release to optimize L2 multicasts and broadcasts. L2 Multicast/ Broadcast uses L2 MGID to forward the packet to the AP. L2 Multicast/Broadcast from all the VLANs in the group will be sent on WLAN. This causes duplication packets on AIR. In order to

limit these duplication L2 Multicast/Broadcasts, enabling or disabling per interface is introduced. CLI: Enable/Disable L2 Multicast and Broadcast for the interface. Use the (WLC) >config network multicast l2mcast <enable/disable> <interface name> command. Note: This command is applicable only for 5508, 2100, 2500, 7500 and WiSM 2 controllers. Note: GUI support for enabling or disabling L2 multicast/broadcast per interface is not introduced in this release. Related Information AP Group VLANs with Wireless LAN Controllers Configuration Example Cisco Wireless LAN Controller Configuration Guide, Release 7.0 Technical Support & Documentation Cisco Systems Contacts & Feedback Help Site Map 2014 2015 Cisco Systems, Inc. All rights reserved. Terms & Conditions Privacy Statement Cookie Policy Trademarks of Cisco Systems, Inc. Updated: Apr 21, 2011 Document ID: 112932

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback