Hello everyone,
Today I’m going to introduce you direct forwarding and tunnel forwarding.
On a WLAN, wireless user traffic is forwarded in direct forwarding (local forwarding) or tunnel forwarding (centralized forwarding) mode depending on whether the traffic is centrally forwarded by an AC.
An AC controls and manages connected APs using the Control and Provisioning of Wireless Access Points (CAPWAP) protocol, and CAPWAP tunnels are set up between the AC and APs.
In tunnel forwarding mode, an AP encapsulates data packets from wireless users over a CAPWAP data tunnel and sends them to an AC. The AC then forwards these packets to an upper-layer network, as shown in Figure 1.
In direct forwarding mode, an AP directly forwards data packets from wireless users to an upper-layer network without encapsulating them over a CAPWAP data tunnel, as shown in Figure 2.
Figure 1 Tunnel forwarding

Figure 2 Direct forwarding

Comparison Between Tunnel Forwarding and Direct Forwarding
Table 1 compares tunnel forwarding and direct forwarding.
Table 1 Comparison between tunnel forwarding and direct forwarding
Data Forwarding Mode | Advantage | Disadvantage |
Tunnel forwarding | An AC centrally forwards data packets from wireless users, ensuring security and facilitating centralized management. | Data packets from wireless users must be forwarded by an AC, which is not efficient and increases burdens on the AC. |
Direct forwarding | Data packets from wireless users are directly forwarded without passing through an AC, which is efficient and reduces burdens on the AC. | Data packets from wireless users cannot be centrally managed. |
Usage Scenario
Tunnel forwarding and direct forwarding are applied in different WLAN scenarios.
Tunnel forwarding is used to enable an AC to forward all data packets from wireless users for central management, and transmit the packets through CAPWAP tunnels to improve packet security.
Direct forwarding is used to improve efficiency of forwarding data packets from wireless users and reduce the burden on an AC. When data packets from wireless users do not have high security requirements, direct forwarding can be used.
Select tunnel forwarding or direct forwarding based on your requirements and actual network conditions.
This is what I want to share with you, thank you!


