4.2.8 Example for Configuring WLAN Services in Layer 3 Bypass Networking (Tunnel Forwarding)
Networking Requirements
As shown in Figure 4-9, an aggregation switch connects to the upper-layer network, and the AC is connected to the aggregation switch in bypass mode. The AC connects to AP1 and AP2 through the aggregation switch and access switch. The AC and APs communicate through a Layer 3 network. The networking allows replacement of the AC on large networks and applies to enterprise users. The highly-efficient tunnel forwarding mode is used in this networking for data packet management.
Deploying a wired network requires a large number of cables and consumes much labor and costs. A wired network is also inflexible for users. To reduce cable layout and save human resources, users can deploy a WLAN that improves network flexibility and maintainability.
Data planning
| Configuration Item | Data |
|---|---|
| WLAN security | WEP open system authentication and no encryption |
| WLAN service set |
Name: huawei-1 SSID: huawei-1 WLAN virtual interface: WLAN-ESS 0 Data forwarding mode: tunnel forwarding |
|
Name: huawei-2 SSID: huawei-2 WLAN virtual interface: WLAN-ESS 1 Data forwarding mode: tunnel forwarding | |
| Management VLAN for APs | VLAN: 200 |
| Service VLANs for APs |
AP1: VLAN 101 AP2: VLAN 102 |
| AC carrier ID/AC ID | other/1 |
| Source address for the WLAN AC | 172.16.10.1/24 |
| Management IP address pool for APs | 192.168.10.2 to 192.168.10.254/24 |
| Gateway address for APs | 192.168.10.1/24 (The gateway is on the aggregation switch.) |
| Public IP address pool for users on AP1 | 192.168.11.2 to 192.168.11.254/24 |
| Public gateway address for users on AP1 | 192.168.11.1/24 (The gateway is on the AC.) |
| Public IP address pool for users on AP2 | 192.168.12.2 to 192.168.12.254/24 |
| Public gateway address for users on AP2 | 192.168.12.1/24 (The gateway is on the AC.) |
| DHCP server | The AC functions as the DHCP server for APs and STAs. |
Configuration Procedure
- Connect network devices according to Figure 4-9 and ensure connectivity between the AC and the IP backbone network.
- Configure the access switch and aggregation switch so that the route between the AC and AP is reachable.
- Configure the WLAN service on the AC.
- Deliver the WLAN service to APs and verify the configuration.
Configuration Notes
-
The access switch or AC is directly connected to interfaces of APs. AP management packets need to be tagged with the management VLAN ID. APs do not need to be configured.
-
A service IP address pool is configured to allocate IP addresses to STAs, and a management IP address pool is configured to allocate IP addresses to APs. Two pools are configured separately.
-
No ACK mechanism is provided for multicast packet transmission on air interfaces. In addition, wireless links are unstable. To ensure stable transmission of multicast packets, they are usually sent at low rates. If a large number of such multicast packets are sent from the network side, the air interfaces may be congested. You are advised to configure multicast packet suppression to reduce impact of a large number of low-rate multicast packets on the wireless network. Exercise caution when configuring the rate limit; otherwise, the multicast services may be affected.
- In direct forwarding mode, you are advised to configure multicast packet suppression on switch interfaces connected to APs.
- In tunnel forwarding mode, you are advised to configure multicast packet suppression on WLAN-ESS interfaces of the AC.
-
Configure port isolation on the interfaces of the device directly connected to APs. If port isolation is not configured and direct forwarding is used, a large number of unnecessary broadcast packets may be generated in the VLAN, blocking the network and degrading user experience.
-
In tunnel forwarding mode, the management VLAN and service VLAN cannot be the same. Only packets from the management VLAN are transmitted betweeen the AC and APs. Packets from the service VLAN are not allowed between the AC and APs.
-
During AP deployment, you can manually specify the working channels of the APs according to network planning situations or configure the radio calibration function to enable the APs to automatically select the optimal channels.
If you use the radio calibration function, perform the following steps after delivering configurations to all APs:- Run the channel-mode auto command in the radio profile view to set the channel mode to auto and run the power-mode auto command to set the power mode to auto.
- Run the calibrate enable manual command to set the radio calibration mode to manual.
- Run the calibrate manual startup command to manually trigger radio calibration.
- APs finish radio calibration one hour after the radio calibration is manually triggered. After that, you can perform either of the configurations:
- (Recommended) run the calibrate enable schedule time time-value command to change the radio calibration mode to scheduled calibration and configure the APs to perform radio calibration in off-peak hours, for example, between 00:00 am and 06:00 am.
- Run the channel-mode fixed command in the radio profile view to manually fix the working channels of APs and run the power-mode fixed command to fix the AP power. If a new AP gets online, repeat steps 2 to 4.
Procedure
- Configure the access switch.
# Configure the access switch to tag AP management packets with the management VLAN ID. Layer 3 networking is deployed between the AC and AP. Configure the AP to communicate with the aggregation switch in VLAN 100.
<Quidway> system-view [Quidway] vlan batch 100 [Quidway] interface ethernet 0/0/1 [Quidway-Ethernet0/0/1] port link-type trunk [Quidway-Ethernet0/0/1] port trunk pvid vlan 100 [Quidway-Ethernet0/0/1] port trunk allow-pass vlan 100 [Quidway-Ethernet0/0/1] port-isolate enable [Quidway-Ethernet0/0/1] quit [Quidway] interface ethernet 0/0/2 [Quidway-Ethernet0/0/2] port link-type trunk [Quidway-Ethernet0/0/2] port trunk pvid vlan 100 [Quidway-Ethernet0/0/2] port trunk allow-pass vlan 100 [Quidway-Ethernet0/0/2] port-isolate enable [Quidway-Ethernet0/0/2] quit [Quidway] interface gigabitethernet 0/0/1 [Quidway-GigabitEthernet0/0/1] port link-type trunk [Quidway-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 [Quidway-GigabitEthernet0/0/1] quit
- Configure the aggregation switch.
# Enable DHCP relay on the aggregation switch to allow interconnection between VLAN 200 and VLAN 100 and configure the aggregation switch to communicate with the AC through VLAN 200.
NOTE:
The S5700 is used as an example. The command varies on different devices.Configure a route to the upper-layer network on the aggregation switch according to service requirements.
<Quidway> system-view [Quidway] vlan batch 100 to 102 200 [Quidway] dhcp enable [Quidway] interface Vlanif 100 [Quidway-Vlanif100] ip address 192.168.10.1 24 [Quidway-Vlanif100] dhcp select relay [Quidway-Vlanif100] dhcp relay server-ip 172.16.10.1 [Quidway-Vlanif100] quit [Quidway] interface vlanif 200 [Quidway-Vlanif200] ip address 172.16.10.254 24 [Quidway-Vlanif200] quit [Quidway] interface gigabitethernet 0/0/1 [Quidway-GigabitEthernet0/0/1] port link-type trunk [Quidway-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 [Quidway-GigabitEthernet0/0/1] quit [Quidway] interface gigabitethernet 0/0/2 [Quidway-GigabitEthernet0/0/2] port link-type trunk [Quidway-GigabitEthernet0/0/2] port trunk allow-pass vlan 101 102 200 [Quidway-GigabitEthernet0/0/2] quit
- Configure the AC.
- Enable radio calibration to allow APs to automatically select optimal channels.
# Configure radio calibration. By default, the radio mode and power mode are both auto in the radio profile, and the radio calibration mode is manual. The configuration procedure is therefore not provided here. If the radio calibration mode is manual, run the calibrate manual startup command to manually trigger radio calibration.
<AC6605> system-view [AC6605] wlan [AC6605-wlan-view] calibrate manual startup
# Run the display actual channel-power all command to check the channel and power of a radio. Assume that there are three online APs on the AC. The command output shows that AP channels have been automatically assigned through the radio calibration function.
[AC6605-wlan-view] display actual channel-power all -------------------------------------------------------- RADIO CHANNEL POWER-LEVEL POWER(dbm) CHANNEL-BANDWIDTH -------------------------------------------------------- 1/0 1 10 17 20MHz 2/0 11 9 18 20MHz 3/0 6 8 18 20MHz --------------------------------------------------------# APs finish radio calibration one hour after the radio calibration is manually triggered. After that, change the radio calibration mode to scheduled calibration and configure the APs to start radio calibration at 3:00 am.
[AC6605-wlan-view] calibrate enable schedule time 03:00:00# Commit the configuration.
[AC6605-wlan-view] commit ap 1 Warning: Committing configuration may cause service interruption,continue?[Y/N ]y [AC6605-wlan-view] commit ap 2 Warning: Committing configuration may cause service interruption,continue?[Y/N ]y [AC6605-wlan-view] commit ap 3 Warning: Committing configuration may cause service interruption,continue?[Y/N ]y
# Configure a calibration channel set to specify the channels on which the AP implements radio calibration. This example configures a calibration channel set for the 2.4 GHz radio, which consists of channels 1, 5, 9, and 13.[AC6605-wlan-view] calibrate 2.4g 20mhz channel-set 1,5,9,13To configure a calibration channel set for the 5 GHz radio, run the calibrate 5g 20mhz channel-set channel-value command. - Test the WLAN service configuration.
- The WLANs with the SSID huawei-1 or huawei-2 are available for wireless PCs after the configuration is complete.
- The wireless PCs obtain IP addresses when they successfully associate with the WLANs.
- The wireless users can log in to the corresponding web pages.
