Tunneling Configuration Guide for Enterprise

Similar documents
Ruckus SmartZone 100 and Virtual SmartZone (Essentials)

Ruckus SmartCell Gateway. Setup Guide. Published April Version 1.0

LAG/LLDP/PoE Configuration. Technical Note

Cisco WLC. (For Version ) CoA Setup Guide

Aruba Mobility. Setup Guide

Silver Peak EC-V and Microsoft Azure Deployment Guide

StoneGate IPsec VPN Client Release Notes for Version 4.3.1

StoneGate IPsec VPN Client Release Notes for Version 4.2.0

Polycom RealPresence Access Director System, Virtual Edition

HG658d Home Gateway. User Guide HUAWEI TECHNOLOGIES CO., LTD.

PRODUCT GUIDE ZoneFlex Indoor AP

OCTOSHAPE SDK AND CLIENT LICENSE AGREEMENT (SCLA)

Stonesoft Firewall/VPN Express. Release Notes for Version 5.5.2

Stonesoft Firewall/VPN Express. Release Notes for Version 5.5.1

VIEW Certified Configuration Guide. Colubris Networks Series MultiService Controllers with MAP-320/330 MultiService Access Points

Network Service Description

Technical Overview of DirectAccess in Windows 7 and Windows Server 2008 R2. Microsoft Windows Family of Operating Systems

Cisco Aironet 1815T (Teleworker) Access Point Deployment Guide

PRODUCT GUIDE Ruckus Indoor AP

Cisco Expressway with Jabber Guest

Secure VPNs for Enterprise Networks

Installation and Configuration Guide

Considerations for Deploying Cisco Expressway Solutions on a Business Edition Server

Wireless Clients and Users Monitoring Overview

Application Note. Providing Secure Remote Access to Industrial Control Systems Using McAfee Firewall Enterprise (Sidewinder )

HP A-F1000-A-EI_A-F1000-S-EI VPN Firewalls

SafeNet Authentication Client

Getting Started Guide for SmartZone 3.4

HP MSM Series. Setup Guide

Stonesoft Management Center. Release Notes for Version 5.6.1

Configuration Guide. How to connect to an IPSec VPN using an iphone in ios. Overview

IP Addressing: Fragmentation and Reassembly Configuration Guide

Cluster and SVM Peering Express Guide

Cloud Access Manager How to Deploy Cloud Access Manager in a Virtual Private Cloud

Intelligent WAN NetFlow Monitoring Deployment Guide

ESI Voice Router Public-Installation Guide

Ruckus ZoneDirector 1106 WLAN Controller (up to 6 ZoneFlex Access Points)

Field Verified. Configuration Guide. Extricom. Interference-Free Wireless LAN System. January 2008 Edition Version B

Version 2.0 HOW-TO GUIDELINES. Setting up a Clustered VPN between StoneGate and Check Point NG TECHN11SG2.1-3/4/03

WiNG 5.x How-To Guide

Provisioning an Ethernet Private Line (EPL) Virtual Connection

ZoneFlex TM Indoor Access Point. Release 9.8 User Guide

MSM320, MSM410, MSM422, MSM430,

Deployment Overview. Logging via SiteManager EasyTunnel Client

HG658 Home Gateway. User Guide HUAWEI TECHNOLOGIES CO., LTD.

Terms of Use. Changes. General Use.

HUAWEI H30-U10. Quick Start Guide

Active Directory in Networks Segmented by Firewalls

VPN Tracker for Mac OS X

Operating Instructions

In the event of re-installation, the client software will be installed as a test version (max 10 days) until the required license key is entered.

Hillstone IPSec VPN Solution

SafeNet Authentication Service

VPN Routers DSR-150/250/500/1000AC. Product Highlights. Features. Overview. Comprehensive Management Capabilities. Web Authentication Capabilities

PRODUCT GUIDE Indoor Access Points

StoneGate Management Center. Release Notes for Version 5.3.4

technical note Ruckus + Bradford Interop Introduction

Ruckus ZoneDirector 3450 WLAN Controller (up to 500 ZoneFlex Access Points)

Cisco Meraki. Setup Guide. Published April Version 1.0

Avaya Port Matrix: Avaya Communicator for Microsoft Lync 6.4. Avaya Proprietary Use pursuant to the terms of your signed agreement or Avaya policy.

Cisco ASR 5000 Series Small Cell Gateway

SafeNet Authentication Client

SonicWall Global VPN Client Getting Started Guide

SafeNet Authentication Client

Avaya Proprietary Use pursuant to the terms of your signed agreement or Avaya policy.

WiMAX Forum Requirements for WiMAX BS/WFAP Local Routing of the Bearer Traffic

Enterprise Vault Setting up Exchange Server and Office 365 for SMTP Archiving and later

Deploy VPN IPSec Tunnels on Oracle Cloud Infrastructure. White Paper September 2017 Version 1.0

VPN Tracker for Mac OS X

Cisco Meeting Management

Enhanced Serial Peripheral Interface (espi) ECN

Enable Computer Module

PePWave Mesh Connector User Manual

Configuration of an IPSec VPN Server on RV130 and RV130W

Avaya Port Matrix: Avaya Aura Appliance Virtualization Platform 7.0

C (1) Remote Controller. Setup software RM-IP Setup Tool guide Software Version Sony Corporation

Stonesoft Firewall/VPN Express. Release Notes for Version 5.5.7

Datasheet ac Wave 2 Enterprise Wi-Fi Access Point. Model: UAP-AC-HD. Simultaneous Dual-Band 4x4 Multi-User MIMO

ABOUT THE WIRELESS BROADBAND ALLIANCE ABOUT NGMN ALLIANCE

WorldExtend Environment Preparation Guide

UC Assessor A cloud-based UC network assessment solution. Getting Started Guide

Integration Guide. Oracle Bare Metal BOVPN

DPX8000 Series Deep Service Switching Gateway User Configuration Guide Firewall Service Board Module v1.0

Ruckus Wireless TM Indoor Access Point. Release User Guide

Network Deployment Guide

VPN Tracker for Mac OS X

SafeNet Authentication Client

Release Notes. NCP Secure Enterprise Mac Client. 1. New Features and Enhancements. 2. Improvements / Problems Resolved. 3.

NetApp SolidFire Element OS. Setup Guide. Version March _A0

HOSPITALITY. The Home Away From Home

IPv6 Community Wifi. Unique IPv6 Prefix per Host. IPv6 Enhanced Subscriber Access for WLAN Access Gunter Van de Velde Public.

Ruckus Wireless Security Advisory ID FAQ

WELCOME TO THE NEW HYPER-INTEGRATED NETWORK MANAGEMENT

HG253s V2 Home Gateway User Guide

SUB-TITLE WLAN Management-as-a-Service

RUCKUS CLOUD WI-FI Cloud Managed Wi-Fi

1.0. Quest Enterprise Reporter Discovery Manager USER GUIDE

Data Sheet. NCP Secure Enterprise macos Client. Next Generation Network Access Technology

NetApp Cloud Volumes Service for AWS

SafeNet Authentication Service

Transcription:

Tunneling Configuration Guide for Enterprise Tech Note Version 1.0

Table of Contents Introduction... 3 Tunneling Options... 4 Why use tunneling... 4 Tunnel types... 4 Ruckus GRE... 4 Soft-GRE... 5 Tunneling support by Ruckus controllers... 5 Tunneling Configuration... 6 WLAN Data Tunneling with vsz-h... 6 vsz-h with vsz-d data plane... 6 Ruckus GRE configuration... 7 Soft-GRE configuration... 9 Tunneling with SZ 100... 10 Enabling Ruckus GRE tunnel... 10 Enabling Soft GRE tunnel... 11 Tunneling with vsz-e... 13 vsz-e and vsz-d data plane... 13 Ruckus GRE configuration... 13 Soft-GRE configuration... 14 Enabling Soft-GRE + IPsec Tunnel... 16 Troubleshooting... 17 Validate supported configuration... 17 vsz-d configuration and licensing... 17 Impact from applying incorrect configuration... 17 Firewalls and network connectivity... 17 Summary... 18 Appendix A: Examples of traffic captures... 19 Ruckus GRE with UDP... 19 Ruckus GRE... 20 About Ruckus... 21 Ruckus Wireless 2

Introduction The Ruckus SZ 100, vsz and SCG 200 wireless controllers provide a number of options for tunneling data traffic. This document will focus on several design scenarios that may apply to enterprise WLAN deployments. It will go through the types of tunnels, which are supported and can be implemented. It will also discuss some design goals i.e. what can be achieved with a tunneled. Step-by-step configuration guidance will be provided. Ruckus Wireless 3

Tunneling Options There are two distinct options for tunneling data in the Ruckus solution. The first option addresses data tunneling from Access Points to the data plane on a wireless controller or to a 3 rd -party network device, which can perform tunnel aggregation. Such a network design would apply to cases where data from user devices has to be centralized or distributed between multiple data aggregation points. The second option addresses an architecture where all clients data has to be tunneled northbound from a wireless controller to a 3 rd -party aggregation point. This scenario would mostly apply to solutions used by service providers and is out of the scope of this document. For more information see the Ruckus documentation for Ruckus Wireless SmartCell Gateway 200, Tunneling Interface Reference Guide for SmartZone 3.2.1 A local breakout mode is used in all other cases where data traffic does not need to be centralized and can be switched and routed locally. Why use tunneling Using tunneling for data traffic can provide several advantages over a network design that is implemented with a local breakout mode. There are pros and cons for each but the following are the main design scenarios, which may benefit from tunneling: Guest traffic aggregation for network security and compliance Voice traffic tunneling Roaming and mobility across different subnets Flat network design topology without multiple VLAN s at the edge Tunnel types Ruckus GRE GRE is a well-known tunneling protocol, described in the RFC 2784. An originating packet, which is called a payload packet, is encapsulated in GRE with an additional header added for delivery over a network. It is a delivery protocol and in many cases it can be IPv4. Packets are de-capsulated on the other end of the tunnel and the payload packet is forwarded to the destination. Ruckus supports a proprietary GRE version called Ruckus GRE, which is used for tunneling the user data from Ruckus Access Points to vsz, SCG-200 or Zone Director controllers, see Figure 1. Common configuration options are: Ruckus GRE with UDP - commonly used on networks that require NAT traversal Ruckus GRE - supports optional payload encryption FIGURE 1 RUCKUS GRE DATA FLOW Ruckus Wireless 4

Soft-GRE Soft-GRE tunnels are similar to GRE tunnels but only one end of tunnel network connection has to be defined. The Access Point will send an encapsulated packet to a dedicated gateway. When there are packets of data destined for the stations connected to that AP, the gateway will encapsulate these packets to send back to the AP. This option requires a 3 rd -party gateway that supports GRE termination. Soft-GRE tunnels can be used in the following cases: From Ruckus APs to 3 rd -party gateway i.e. ALU 7750, see Figure 2 Northbound from SCG to a 3 rd -party gateway Tunneling support by Ruckus controllers TABLE 1 TUNNELING SUPPORT FIGURE 2 SOFTGRE DATA FLOW SZ-100 vsz-e vsz-h SCG-200 Ruckus GRE Yes Yes* with vsz-d Yes* with vsz-d Soft-GRE Yes** Yes** Yes** Yes** Yes *vsz-d is required by the vsz-e and vsz-h to terminate a data plane tunnel. Tunneling is not supported if a vsz-d is not present. vsz-d capability Up 10K AP s and 100K clients per instance Throughput 1 or 10 or higher Gbps ** Configuration only i.e. Soft-GRE tunnels should be terminated on a 3 rd -party gateway which supports Soft-GRE protocol e.g. ALU 7750 Ruckus Wireless 5

Tunneling Configuration WLAN Data Tunneling with vsz-h vsz-h with vsz-d data plane A vsz-d data plane VM is required for a vsz-h to allow termination of Ruckus GRE tunnels from Access Points i.e. tunnels can t be terminated on a vsz-h directly. A vsz-d is not required to be physically co-located with vsz-h. This provides a high level of flexibility in creating network architecture(s) with data tunneling. There are two possible scenarios for WLAN data aggregation, which can be implemented with vsz-d data plane and virtual SmartZone: 1. Centralized tunneled WLANs 2. Distributed tunneled WLANs (future) Tunneling can be configured on a per-wlan basis, which means the following scenarios for user data traffic can be implemented for different WLANs on the same AP: Local breakout Data tunneling to vsz-d over Ruckus GRE Data tunneling to a 3 rd -party gateway over Soft-GRE For more detailed information on the vsz-d and how to install and configure it please refer to the Virtual SmartZone Data Plane (vsz-d) Configuration Guide. vdz-d Note FIGURE 3 RUCKUS GRE TUNNEL TERMINATION ON VSZ-D WITH VSZ-H Every vsz-d requires a license on the vsz-h to operate. Make sure the license is available before proceeding. When a vsz-d is installed on the network and it is connected to vsz-h please check the Data Plane status by going to Configuration>>System>>Cluster Planes The configured vsz-d(s) instance or instances should be listed under Data Planes showing Managed and Approved status in vsz-h, see Figure 4 Ruckus Wireless 6

FIGURE 4 EXAMPLE OF VSZ-H DATA PLANE CONFIGURATION Ruckus GRE configuration To configure a Ruckus GRE tunnel in vsz-h, an AP Tunneled Profile has to be created. This can be done with the following steps: 1. Log into the Web UI and go to Configuration>>AP zones>> AP tunnel profile>>ruckus GRE 2. Create new. See Figure 5 Creating Ruckus GRE profilebelow. FIGURE 5 CREATING RUCKUS GRE PROFILE Access Point(s) shall be put to an AP Zone. 3. To allocate AP to an AP zone, go to Configuration>>Access Points Actions >> Move AP to a different zone i.e. icon in the right column of the table, see Figure 6 Ruckus Wireless 7

To configure a WLAN for an AP zone, use the following steps: FIGURE 6 MOVING AP TO AN AP ZONE 4. Go to Configuration>>AP zones 5. Select correct zone, Zone configuration>>wlan 6. Create new or select an existing WLAN 7. Select WLAN usage drop down menu and follow to Access Network, Tunnel traffic through Ruckus GRE option, see Figure 7 FIGURE 7 ENABLE RUCKUS GRE FOR A WLAN 8. Next, allocate the Tunnel Profile created earlier to the AP zone If an AP Zone does not exist create new AP zone or select Edit to modify the configuration of an existing AP zone. 9. Under AP Tunnel Options select Ruckus GRE tunnel type. 10. From a drop down list for GRE Tunnel Profile select the correct profile name, see Figure 8 below. Ruckus Wireless 8

FIGURE 8 ALLOCATING RUCKUS GRE TUNNEL PROFILE Soft-GRE configuration Soft-GRE tunnel configuration in a vsz-h is very similar to Ruckus GRE configuration, but there are some differences. 1. First, create Soft-GRE AP Tunnel profile, 2. Configuration>>AP zones>> AP tunnel profiles>>softgre, see Figure 9 below 3. Configure primary and secondary Gateway addresses or FQDN Note: Soft-GRE tunnels have to be terminated on 3 rd -party gateway with Soft-GRE termination support e.g. ALU 7750 4. MTU size can set as Auto or adjusted within the range 850-1500 bytes to prevent packet fragmentation. Define a SoftGRE profile for an AP zone: FIGURE 9 SOFTGRE PROFILE 5. Create a new AP zone or select Edit to modify the configuration of an existing AP zone. 6. Under AP Tunnel Options select Soft-GRE tunnel type. 7. Apply the profile created earlier, see an example on Figure 10 below. Next, enable Soft-GRE tunneling for a WLAN. FIGURE 10 APPLYING SOFTGRE PROFILE 8. Create a new or select an existing WLAN for an AP zone 9. Select WLAN usage drop down menu and mark a tick box for Access Network >> Tunnel traffic through SoftGRE, see Figure 11. Ruckus Wireless 9

FIGURE 11 SOFT-GRE TUNNELING FOR WLAN An AP must be assigned to the correct AP zone. If it has not, please refer to Figure 6 earlier in this document and follow the steps above it. Tunneling with SZ 100 Enabling Ruckus GRE tunnel Ruckus GRE tunnels from Ruckus APs can be directly terminated on a SZ-100 data plane. Tunneling can be configured using SZ 100 GUI. To configure a Ruckus GRE tunnel, use the following steps: 1. Go to Configuration>>AP Tunnel Settings and select Ruckus GRE tunnel type, see Figure 12. 2. Select GRE + UDP options if NAT traversal is required 3. Tunnel encryption can be optionally enabled. FIGURE 12 ENABLING RUCKUS GRE SETTING Ruckus Wireless 10

Next, enable tunneling for the WLAN, this will tunnel all of the clients data to the SZ 100. To configure this, use the following steps: 4. Go to Configure>>WLANs and select the WLAN for tunneling. 5. Under WLAN Usage >> Access Network, mark the tick box Tunnel WLAN traffic through Ruckus GRE, see Figure 13 below. FIGURE 13 ENABLING PER WLAN TRAFFIC TUNNELING Enabling Soft GRE tunnel A Soft GRE tunnel can be enabled if the AP has to terminate traffic on a 3 rd -party gateway with Soft GRE support. To enable the tunnel, use the following steps: 1. Go to Configuration>> AP Tunnel Settings 2. From the dropdown select SoftGRE option 3. Configure primary and secondary Gateway address or FQDN MTU size can left as Auto or adjusted within the range 850-1500 bytes to prevent packet fragmentation, see Figure 14. FIGURE 14 ENABLING SOFTGRE IN A SZ-100 Ruckus Wireless 11

Tunneling of data traffic is enabled on a per-wlan basis. To configure this, use the following steps: 4. Go to Configure>>WLANs and select the WLAN you want to tunnel traffic for. 5. Under WLAN Usage enable tick box Tunnel WLAN traffic through Soft GRE. FIGURE 15 ENABLING WLAN TUNNELING WITH SOFT-GRE Ruckus Wireless 12

Tunneling with vsz-e vsz-e and vsz-d data plane Similar to a vsz-h, a vsz-e also requires a separate data plane based on the vsz-d platform to terminate Ruckus GRE tunnels. The data flow of traffic is the same as shown on Figure 3 earlier in this document. Every vsz-d requires a license on the vsz-e to operate. Validate that this license is available by going to Administration>>License, see Figure 16 below. FIGURE 16 VSZ-E LICENSING TABLE A vsz-d is installed as a separate VM that is controlled by the vsz-e. Validate the vsz-d is managed by the vsz-e. To do this, log into the vsz-e GUI and check under System>>Cluster Planes for Managed and Approved status in the list of Data Planes. To do that, go to Configuration>>System>>Cluster Planes. If it is not showing as approved and managed, the vsz-d may still require an approval or it may not be communicating with the vsz-e. Check the vsz-d configuration and network settings to confirm operations. FIGURE 17 EXAMPLE. VSZ-D DATA PLANE WITH MANAGED AND APPROVED STATUS Ruckus GRE configuration When a vsz-d data plane is shown with a Managed and Approved status in the vsz-e, it may serve as a data plane for termination of Ruckus GRE tunnels from Ruckus APs. Configuration steps for tunneling are very similar to those for SZ-100 platform. Tunneling can be configured using vsz-e GUI using the following steps: 6. On the vsz-e go to Configuration>>AP Tunnel Settings and select the Ruckus GRE tunnel type. See Figure 18 below FIGURE 18 ENABLING RUCKUS GRE IN VSZ-E 7. Select GRE + UDP options if NAT traversal is required 8. Tunnel encryption can be optionally enabled, by marking the check box. Ruckus Wireless 13

Tunneling is enabled on per-wlan basis. To configure it for a specific WLAN, use the following steps: 9. Go to Configuration>>WLANs 10. Select a WLAN from the list or create a new WLAN if it does not exist 11. Under WLAN Usage mark the check box Tunnel WLAN traffic through Ruckus GRE as shown on Figure 19 below FIGURE 19 ENABLING RUCKUS GRE TUNNEL FOR A WLAN ON THE VSZ-E Soft-GRE configuration Soft-GRE tunnels should be enabled on the vsz-e when an AP has to terminate its tunnel on a 3 rd -party gateway with Soft-GRE tunnel support. To enable Soft-GRE on the vsz-e, use the following steps: 1. Go to Configuration>> AP Tunnel Settings 2. From the dropdown select SoftGRE option as a Tunnel Type. 3. Next, configure the primary and secondary Gateway address or FQDN. See Figure 20. Note that the Gateway IP address is shown as an example only. 4. MTU size can set as Auto or adjusted within the range 850-1500 bytes to prevent packet fragmentation from an increased overhead in the packets. FIGURE 20 SOFT-GRE CONFIGURATION EXAMPLE ON THE VSZ-E Ruckus Wireless 14

5. Next, enable tunneling for specific WLAN, to configure it go to 6. Configure>>WLANs and select the WLAN you want to tunnel traffic for 7. Under WLAN Usage, mark the tick box Tunnel WLAN traffic through Soft GRE, see Figure 21 FIGURE 21 SOFT-GRE WLAN CONFIGURATION IN VSZ-E Ruckus Wireless 15

Enabling Soft-GRE + IPsec Tunnel The use of Soft-GRE tunnels with IPsec is most applicable to mobile service providers where tunnels from APs must be terminated on a Wireless Access Gateway (WAG) in the Evolving Packet Core (EPC). The use of IPSec ensures these tunnels are encrypted. Please note that not all Access Points support IPsec tunnels. Verify your AP model supports this feature before deploying. When enabling multiple tunneling protocols please consider the amount of packet overhead and adjust the MTU size if necessary. The IPsec protocol is CPU intensive and may impact performance of the tunnel endpoints i.e. in our case these are the Access Points with IPsec support and the aggregation gateway. The gateway where IPsec tunnels get terminated should have enough processing power to handle traffic from all endpoints, to validate the capability please check in documentation for specific platform. Let s consider a configuration example on SZ 100 platform. To start with, create a profile for IPsec in SZ-100 configuration by following these steps: 1. Go to Configuration>>Access Points>>IPsec > Create New 2. Configure a profile name and security gateway where this tunnel will be terminated Authentication can be either set as a shared key or as a certificate based, see an example on Figure 22 for a shared key authentication. Configure the security gateway accordingly to match these authentication settings so these tunnel endpoints can be authenticated and an IPsec tunnel established. This may also require configuring additional features for IKE and ESP as well as for the Certification Management protocol. FIGURE 22 CREATING IPSEC PROFILE Ruckus Wireless 16

Troubleshooting Validate supported configuration When implementing WLAN designs with Ruckus GRE tunnels and SmartZone controllers please validate that the controller(s) has a data plane to terminate these tunnels. Table 1 provides the information for supported combinations. Note that SZ-100 platform has a data plane built-in, where vsz-e and vsz-h will require an external data plane. vsz-d configuration and licensing When vsz-d is installed as a VM and configured to operate with vsz-e or vsz-h, make sure they have an available license assigned to it. Additionally, vsz-d has to be Managed and Approved as shown on Figure 4 and Figure 17. Impact from applying incorrect configuration If Ruckus GRE tunnel is enabled for a specific WLAN in the controller and this controller has no data plane present, the access points will not be able to terminate this tunnel and the SSID allocated to this WLAN will not be operational in these APs. Firewalls and network connectivity In some cases wireless APs and the wireless controller data plane can be deployed within same L2 domain (VLAN) but it is very likely that many deployments will be done over a L3 network where IP packets from one tunnel endpoint (AP) will have to cross multiple routers to reach other end of the tunnel (Data Plane). In more complex L3 configurations, traffic may have to traverse a NAT router or a firewall. Tunneling protocol option shall be set to Ruckus GRE + UDP and these UDP ports shall be permitted through the firewall. To help with troubleshooting, some examples of Ruckus GRE data captures are included in Appendix A: Examples of traffic captures of this document. Ruckus Wireless 17

Summary This document discussed tunneling configuration for Ruckus GRE and Soft-GRE tunnel types on Ruckus Wi-Fi controllers and APs. Although most configuration steps look very similar across the SZ-100 and vsz-e / vsz-h platforms there are some differences between them. The most important feature is that the virtual platforms require a vsz-d to assist with tunneling. Please note a WLAN configured to tunnel traffic will not function if the data plane is not present. This includes the advertising of a tunneled WLAN SSID. Additional consideration should be given to the increased overhead, both in the packet size due to additional layer of encapsulation and in the processing requirements on both tunneling endpoints, especially, in cases where encrypted tunnels are configured. To demonstrate different encapsulations, some examples of packet captures have been provided in Appendix A: Examples of traffic captures. Ruckus Wireless 18

Appendix A: Examples of traffic captures Ruckus GRE with UDP Below is an example of a Wireshark traffic capture performed on the Ethernet port connected to a Ruckus AP. In this example, data is encapsulated using Ruckus GRE + UDP protocol option. Access Point IP: 10.3.6.21 vsz-d IP: 192.168.110.24 The Figure 23 shows UDP packets with tunneled data passed between an AP and vsz-d in both directions. FIGURE 23 RUCKUS GRE PLUS UDP TRAFFIC CAPTURE Ruckus Wireless 19

Ruckus GRE Below is an example of a Wireshark traffic capture performed on the Ethernet port connected to a Ruckus AP. In this example data is encapsulated using Ruckus GRE protocol option. Access Point IP: 10.3.6.64 SZ-100 IP: 10.3.7.167 The Figure 24 shows GRE (Protocol 47) packets with tunneled data passed between the AP and SZ 100 in both directions. FIGURE 24 GRE TUNNEL Ruckus Wireless 20

About Ruckus Headquartered in Sunnyvale, CA, Ruckus Wireless, Inc. is a global supplier of advanced wireless systems for the rapidly expanding mobile Internet infrastructure market. The company offers a wide range of indoor and outdoor Smart Wi-Fi products to mobile carriers, broadband service providers, and corporate enterprises, and has over 36,000 end-customers worldwide. Ruckus technology addresses Wi-Fi capacity and coverage challenges caused by the ever-increasing amount of traffic on wireless networks due to accelerated adoption of mobile devices such as smartphones and tablets. Ruckus invented and has patented state-of-the-art wireless voice, video, and data technology innovations, such as adaptive antenna arrays that extend signal range, increase client data rates, and avoid interference, providing consistent and reliable distribution of delay-sensitive multimedia content and services over standard 802.11 Wi-Fi. For more information, visit http://www.ruckuswireless.com. Ruckus and Ruckus Wireless are trademarks of Ruckus Wireless, Inc. in the United States and other countries. Copyright 2013 Ruckus Wireless, Inc. All Rights Reserved. Copyright Notice and Proprietary Information No part of this documentation may be reproduced, transmitted, or translated, in any form or by any means without prior written permission of Ruckus Wireless, Inc. ( Ruckus ), or as expressly provided by under license from Ruckus Destination Control Statement Technical data contained in this publication may be subject to the export control laws of States law is prohibited. It is the reader s responsibility to determine the applicable regulations and to comply with them. Disclaimer THIS DOCUMENTATION AND ALL INFORMATION CONTAINED HEREIN ( MATERIAL ) IS PROVIDED FOR GENERAL INFORMATION PURPOSES ONLY. RUCKUS AND ITS LICENSORS MAKE NO WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, WITH REGARD TO THE MATERIAL, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE, OR THAT THE MATERIAL IS ERROR-FREE, ACCURATE OR RELIABLE. RUCKUS RESERVES THE RIGHT TO MAKE CHANGES OR UPDATES TO THE MATERIAL AT ANY TIME. Limitation of Liability IN NO EVENT SHALL RUCKUS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES, OR DAMAGES FOR LOSS OF PROFITS, REVENUE, DATA OR USE, INCURRED BY YOU OR ANY THIRD PARTY, WHETHER IN AN ACTION IN CONTRACT OR TORT, ARISING FROM YOUR ACCESS TO, OR USE OF, THE MATERIAL Ruckus Wireless 21

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback