LWAPP Fundamentals

LWAPP is an IETF draft protocol that defines the control messaging for setup and path authentication and runtime operations between APs and WLCs. LWAPP also defines the tunneling mechanism for data traffic. The LWAPP tunnel uses Layer 2 or Layer 3 transport.

KEY POINT

LWAPP defines how the lightweight APs communicate with the WLC.

LWAPP data messages encapsulate and forward data frames from and to wireless clients. LWAPP control messages are management messages exchanged between a WLC and the APs.

LWAPP control messages are encrypted. LWAPP-encapsulated data messages, containing client data, are not encrypted.

One WLC can manage and operate a large number of lightweight APs and can coordinate and collate information across a large wireless network and even across a WAN. The WLC supplies both configuration information and firmware updates to the lightweight APs, if needed.

Layer 2 LWAPP Architecture

LWAPP communication between the AP and the WLC can be in native Layer 2 Ethernet frames. This is known as Layer 2 LWAPP transport mode and is illustrated in Figure 9-13.

Figure 9-13 Layer 2 LWAPP Architecture

Figure 9-13 Layer 2 LWAPP Architecture

With this configuration, the APs do not require IP addresses. However, a WLC is needed on every subnet where there are APs, because all LWAPP communication between the AP and WLC is in Ethernet-encapsulated frames, not IP packets. As a result, Layer 2 LWAPP mode is not scalable and might not be suitable in most deployments across routed boundaries.

Although Layer 2 LWAPP transport mode was used earlier by some vendors, many current products do not support this mode because of its lack of scalability and flexibility. Layer 2 LWAPP transport mode is now considered deprecated in Cisco's implementation of LWAPP, and most Cisco APs do not support it.

Layer 3 LWAPP Architecture

LWAPP control and data packets can also be carried over the IP network, encapsulated in User Datagram Protocol (UDP) segments. This is called Layer 3 LWAPP transport mode and is illustrated in Figure 9-14.

Figure 9-14 Layer 3 LWAPP Architecture

Figure 9-14 Layer 3 LWAPP Architecture

With Layer 3 LWAPP, APs require IP addresses. The LWAPP tunnel uses the IP address of the AP and the IP address of the AP manager interface on the WLC as tunnel endpoints.

NOTE The various WLC interfaces, including AP-manager interfaces, are described in the "WLC Interfaces" section on the next page.

Cisco lightweight APs by default get an IP address via the Dynamic Host Configuration Protocol (DHCP). On the AP, both LWAPP control and data messages use an ephemeral (short-lived) UDP port number derived from a hash of the AP MAC address. On the WLC, LWAPP data messages always use UDP port 12222, and LWAPP control messages always use UDP port 12223. This allows APs to communicate with a WLC across subnets, as long as the UDP ports are not filtered by a firewall.

Because Layer 3 LWAPP transport mode is more flexible and scalable than Layer 2 LWAPP mode, most current products support Layer 3 LWAPP mode, and it is the recommended mode of LWAPP operation.

Was this article helpful?

0 0

Post a comment