Definition
WLAN roaming allows an STA to move from an AP to another AP in the same ESS on a WLAN network with nonstop service transmission. In Figure 1, the STA moves from AP1 to AP2.
Figure 1 WLAN roaming networking
WLAN roaming includes roaming between APs in the same service VLAN and roaming between APs in different service VLANs:
Roaming between APs in the same service VLAN: APs before and after STA roaming belong to the same service VLAN.
Roaming between APs in different service VLANs: APs before and after STA roaming belong to different service VLANs. To prevent services of a user from being interrupted during WLAN roaming, ensure that the service VLAN of the user remains unchanged after the user roams between two APs.
WLAN roaming is classified into fast roaming and non-fast roaming based on the security policy used by STAs. As shown in Table 1, fast roaming can be implemented only when the security policy is WPA2-802.1x and STAs support fast roaming. When the security policy is not WPA2-802.1x, non-fast roaming is implemented regardless of whether STAs support fast roaming. When the security policy is WPA2-802.1x but STAs do not support fast roaming, non-fast roaming is implemented.
| Security Policy | Whether Access Authentication Is Required Again | Whether STAs Support Fast Roaming | Roaming Mode |
|---|---|---|---|
| WEP open system authentication | No | N/A | Non-fast roaming |
| WEP shared key authentication | No | N/A | Non-fast roaming |
| WPA/WPA2-PSK | Yes | N/A | Non-fast roaming |
| WPA-802.1x | Yes | N/A | Non-fast roaming |
| WPA2-802.1x | Yes | No | Non-fast roaming |
| WPA2-802.1x | No | Yes | Fast roaming |
Purpose
The biggest advantage of WLAN networks is that an STA can move within a WLAN network regardless of physical media locations. WLAN roaming ensures that an STA moves within a WLAN network without interrupting services. An ESS includes multiple APs. When an STA moves from an AP to another AP, WLAN roaming ensures a seamless transition of STA services between APs.
Prevents packet loss or service interruption caused by long-term authentication.
If an STA needs to be authenticated before accessing the Internet, the authentication process (for example, 802.1x authentication) may take a long period of time. Fast roaming prevents STA re-authentication, ensuring nonstop user service transmission.
Ensures that users' IP addresses remain unchanged.
Application protocol packets are transmitted using IP addresses and TCP/UDP connections. STAs' IP addresses must remain unchanged after WLAN roaming so that the TCP/UDP connections established for the STAs are not interrupted.
Configuration Precautions
This section describes notes about configuring the roaming function.
STA needs to roam between two APs, the APS must have the same SSID and security policy profile (IDs of security profiles can be different but configurations in the security profiles must be the same).
Indirect forwarding mode, ARP entries on the access devices connected to the AP are not aged after users roam, which causes temporary service interruption. To prevent this problem, run the learn client ip-address enable command in the service set view on the AC to enable STA address learning. The AP can then send gratuitous ARP packets to access devices to update ARP entries in a timely manner, ensuring nonstop services during roaming.
This is what I want to talk about/share with you today, thank you!
