Sideseadmed (IRT0040) 2.5 AP Avo LOENG 2. Raadiressursi jaotus Operator A Operator B Operator N...
36
Sideseadmed (IRT0040) 2.5 AP Avo LOENG 2
-
Upload
camilla-butler -
Category
Documents
-
view
217 -
download
2
Transcript of Sideseadmed (IRT0040) 2.5 AP Avo LOENG 2. Raadiressursi jaotus Operator A Operator B Operator N...
Sideseadmed (IRT0040)25 AP
AvoLOENG 2
Raadiressursi jaotus
Operator A
Operator B
Operator N
Jointradio
accesssystem
Jointfrequency
range
Infrastructure based networks
Uses fixed base stations (infrastructure) which are responsible for coordinating communication between the mobile hosts (nodes)
Hidden Nodes - a QoS Issue
bull If you canrsquot see a frame you canrsquot avoid colliding
bull RF characteristics make it hard to see all frames
bull Hidden nodes usurp priority and break service commitments
bull Only the AP can see and be seen by all nodesHidden
bull The Light Weight Access Point Protocol is used between APsand a WLAN Controller
bull LWAPP carries control and data traffic between the two
bull It facilitates centralized management and automated configuration
bull Open standards-based protocolndashndashSubmitted to IETF CAPWAP WG
Lightweight AP WLAN Concept
Autonomous DeploymentsbullEach AP had its own view of the network ndash like standalone cell towersbullNo hierarchical view of the RF ndash or the network
Centralization ndash not a new ideabull Original cellular
networks were nodalbull Lots of call dropsbull Lots of administrationbull Roaming wasnrsquot very
goodbull Not capable of
providing advanced services
Enter the Base Station Controller
ManagementControl Base stations are used to handle call setup handovers and other functions across an entire cellular network
bull Complete view of the network
bull Improved roaming
bull One point of administration
bull Enabled provisioning of advanced services
Enter The Wireless Controller
Control and Management
DHCPDHCP RADIUSRADIUSDNSDNS ACSACS HPOVHPOV
LWAPP
System Layers
Basic LWAPP Architecture
AC
WTP
STA
80211AssocReq
80211Data Frame
80211AssocReq
LWAPP(C=0)
80211Data Frame
LWAPP(C=0)
80211AssocResp
80211AssocResp
LWAPP(C=0)
Unified Wireless Network
ndashUnified cellular and Wi-Fi VoIP Advanced threat detection identity networking location-based security asset tracking and guest access
Unified Advanced Services
ndashSame level of security scalability reliability ease of deployment and management for wireless LANs as wired LANs
World-Class Network Management
bullIntegration into all major switching and routing platforms Secure innovative WLAN controllers
Network Unification
Mobility Platform
bullUbiquitous network access in all environments Enhanced productivity Proven platform with large install base and 61 market share Plug and play
bull90 of Wi-Fi silicon is Certified ldquoOut-of-the-Boxrdquo wireless security
Client Devices
SiSi
SiSi
Centralized Wireless LAN Architecture
Lightweight Access Points
WLAN Controller
bull Controllerndash 80211 MAC Mgmt ndash (re)association
requests amp action framesndash 80211 data ndash encapsulate and sent to APndash 80211e Resource Reservation ndash control
protocol carried to AP in 80211 mgmt frames ndash signaling done in the controller
ndash 80211i Authentication amp Key exchange
bull APndash 80211 ndash beacons probe response auth
(if open)ndash 80211 control ndash packet ack amp retransmission
(latency)ndash 80211e ndash frame queuing amp packet
prioritization (real-time access)ndash 80211i ndash Layer 2 encryption
LWAPP
LWAPP
LWAPP
bullLWAPP - Light Weight Access Point Protocol is used between APs and WLAN ControllerbullLWAPP carries control and data traffic between the twondash Control plane is AES-CCM encryptedndash Data plane is not encrypted
bullIt facilitates centralized management and automated configurationbullOpen standards-based protocol (Submitted to IETF CAPWAP WG)
Access Point Controller
WiFi Client
Business Application
Control Plane
Data Plane
Protocol for Centralization
bull LWAPP = LightWeight Access Point Protocol
bull Standardized Interface between an access point and a centralized controller
bull Definesndash Association of APs
Authentication of APsControl of APs
bull Works across L2 L3 boundaries
bull Design goalsndash Zero-config deploymentndash Secure deploymentndash Centralization
Controllersbull Security Policiesbull Wireless IDSbull QoS Policiesbull RF Managementbull Mobility Managementbull IPSec Encryption
Access Points bull Remote RF interfacebull Timing critical
functionsbull L2 Encryption
LWAPP-L2
LWAPP Modes Layer 2bull Layer 2 LWAPP is in an
Ethernet frame (Ethertype 0xBBBB)
bull Cisco WLAN Controller and AP must be connected to the same VLANsubnet
Lightweight Access Points
Cisco WLAN Controller
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L2 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L2 Control Message
Control Elts hellip
LWAPP Modes Layer 3bullLayer 3 LWAPP is in a UDP IP frame
ndash Data traffic uses source port 1024 and destination 12222
ndash Control traffic uses source port 1024 and destination port 12223
bullCisco Controller and AP can be connected to the same VLANsubnet or connected to a different VLANsubnet
bullRequires IP addressing of Cisco Lightweight AP
LWAPP-L3
Lightweight Access Points
Cisco WLAN Controller
LWAPP-L3
LW
AP
P-L
3
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L3 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L3 Control Message
Control Elts hellip
IP UDP=12222
IP UDP=12223
The need for Client Mobilitybull Wireless LAN is not only about
wire-lessbull Need for mobility and not only
ldquohotspotrdquo connectivitybull Mobility is when a client move
from one Access Point to an other
bull Access points can be on a single Controller or on different Controller
bull Client need to keep IP connectivity (same IP address)
bull Client Mobility is mandatory for some applications (Voice Video Business Applications hellip)
Controller 1 Controller 2
AP A AP B AP C AP D
Subnet A Subnet B
Client Mobility
bull Different Client Mobility levels L2 Mobility L3 Mobility Conceptually similar to Proxy
Mobile IPndash Foreign and Anchor Controllers
ndash Asymmetric traffic flow
bull What about Security PKC ndash Proactive Key Caching
WPA2 80211i Fast Roaming
Mobility Groups
Controller-CMAC AAAAAAAAAA03
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-B AAAAAAAAAA02
Controller-BMAC AAAAAAAAAA02
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-C AAAAAAAAAA03
Controller-AMAC AAAAAAAAAA01
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-B AAAAAAAAAA02Controller-C AAAAAAAAAA03
Ethernet Over IP
Tunnel
Ethernet Over IP Tunnel
Eth
ern
et Ove
r IP T
un
nel
bull Mobility Group is a ldquoCluster of Controllersrdquo that share information between them (eg client context and state controller ldquoloadrdquo etc)
bull Up to 24 Controllers per Mobility Group
bull Mobility Group facilitates seamless roaming at both L2 amp L3
bull Configuring a Mobility Group
IP connectivity between all devices
Same Mobility Group Name (IS case sensitive)
Same Virtual Interface IP address
Each device is configured with the MAC and IP of every other device in the group
Layer 2 Mobility
bullAll controllers in same Mobility GroupbullClient connects to AP A on Controller 1
ndash Client database entry created
bullClient roams to AP B on Controller 1ndash Proactive Key Caching (PKC) provides fast
roam times for WPA280211i clients No need to re-authenticate to Radius server
bullClient roams from AP B (Controller 1) to AP C (Controller 2)
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry moved to Controller 2
bull PMK data included (master key data from Radius server)
ndash Proactive Key Caching provides fast roam times for WPA280211i clients No need to re-authenticate to Radius server
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN AP QoS IP Sechellip
MobilityAnnouncement
bull Roam is transparent to clientbull Same DHCP address maintainedbull Proactive Key Caching with WPA280211i
(Funk or MS client)
move
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Raadiressursi jaotus
Operator A
Operator B
Operator N
Jointradio
accesssystem
Jointfrequency
range
Infrastructure based networks
Uses fixed base stations (infrastructure) which are responsible for coordinating communication between the mobile hosts (nodes)
Hidden Nodes - a QoS Issue
bull If you canrsquot see a frame you canrsquot avoid colliding
bull RF characteristics make it hard to see all frames
bull Hidden nodes usurp priority and break service commitments
bull Only the AP can see and be seen by all nodesHidden
bull The Light Weight Access Point Protocol is used between APsand a WLAN Controller
bull LWAPP carries control and data traffic between the two
bull It facilitates centralized management and automated configuration
bull Open standards-based protocolndashndashSubmitted to IETF CAPWAP WG
Lightweight AP WLAN Concept
Autonomous DeploymentsbullEach AP had its own view of the network ndash like standalone cell towersbullNo hierarchical view of the RF ndash or the network
Centralization ndash not a new ideabull Original cellular
networks were nodalbull Lots of call dropsbull Lots of administrationbull Roaming wasnrsquot very
goodbull Not capable of
providing advanced services
Enter the Base Station Controller
ManagementControl Base stations are used to handle call setup handovers and other functions across an entire cellular network
bull Complete view of the network
bull Improved roaming
bull One point of administration
bull Enabled provisioning of advanced services
Enter The Wireless Controller
Control and Management
DHCPDHCP RADIUSRADIUSDNSDNS ACSACS HPOVHPOV
LWAPP
System Layers
Basic LWAPP Architecture
AC
WTP
STA
80211AssocReq
80211Data Frame
80211AssocReq
LWAPP(C=0)
80211Data Frame
LWAPP(C=0)
80211AssocResp
80211AssocResp
LWAPP(C=0)
Unified Wireless Network
ndashUnified cellular and Wi-Fi VoIP Advanced threat detection identity networking location-based security asset tracking and guest access
Unified Advanced Services
ndashSame level of security scalability reliability ease of deployment and management for wireless LANs as wired LANs
World-Class Network Management
bullIntegration into all major switching and routing platforms Secure innovative WLAN controllers
Network Unification
Mobility Platform
bullUbiquitous network access in all environments Enhanced productivity Proven platform with large install base and 61 market share Plug and play
bull90 of Wi-Fi silicon is Certified ldquoOut-of-the-Boxrdquo wireless security
Client Devices
SiSi
SiSi
Centralized Wireless LAN Architecture
Lightweight Access Points
WLAN Controller
bull Controllerndash 80211 MAC Mgmt ndash (re)association
requests amp action framesndash 80211 data ndash encapsulate and sent to APndash 80211e Resource Reservation ndash control
protocol carried to AP in 80211 mgmt frames ndash signaling done in the controller
ndash 80211i Authentication amp Key exchange
bull APndash 80211 ndash beacons probe response auth
(if open)ndash 80211 control ndash packet ack amp retransmission
(latency)ndash 80211e ndash frame queuing amp packet
prioritization (real-time access)ndash 80211i ndash Layer 2 encryption
LWAPP
LWAPP
LWAPP
bullLWAPP - Light Weight Access Point Protocol is used between APs and WLAN ControllerbullLWAPP carries control and data traffic between the twondash Control plane is AES-CCM encryptedndash Data plane is not encrypted
bullIt facilitates centralized management and automated configurationbullOpen standards-based protocol (Submitted to IETF CAPWAP WG)
Access Point Controller
WiFi Client
Business Application
Control Plane
Data Plane
Protocol for Centralization
bull LWAPP = LightWeight Access Point Protocol
bull Standardized Interface between an access point and a centralized controller
bull Definesndash Association of APs
Authentication of APsControl of APs
bull Works across L2 L3 boundaries
bull Design goalsndash Zero-config deploymentndash Secure deploymentndash Centralization
Controllersbull Security Policiesbull Wireless IDSbull QoS Policiesbull RF Managementbull Mobility Managementbull IPSec Encryption
Access Points bull Remote RF interfacebull Timing critical
functionsbull L2 Encryption
LWAPP-L2
LWAPP Modes Layer 2bull Layer 2 LWAPP is in an
Ethernet frame (Ethertype 0xBBBB)
bull Cisco WLAN Controller and AP must be connected to the same VLANsubnet
Lightweight Access Points
Cisco WLAN Controller
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L2 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L2 Control Message
Control Elts hellip
LWAPP Modes Layer 3bullLayer 3 LWAPP is in a UDP IP frame
ndash Data traffic uses source port 1024 and destination 12222
ndash Control traffic uses source port 1024 and destination port 12223
bullCisco Controller and AP can be connected to the same VLANsubnet or connected to a different VLANsubnet
bullRequires IP addressing of Cisco Lightweight AP
LWAPP-L3
Lightweight Access Points
Cisco WLAN Controller
LWAPP-L3
LW
AP
P-L
3
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L3 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L3 Control Message
Control Elts hellip
IP UDP=12222
IP UDP=12223
The need for Client Mobilitybull Wireless LAN is not only about
wire-lessbull Need for mobility and not only
ldquohotspotrdquo connectivitybull Mobility is when a client move
from one Access Point to an other
bull Access points can be on a single Controller or on different Controller
bull Client need to keep IP connectivity (same IP address)
bull Client Mobility is mandatory for some applications (Voice Video Business Applications hellip)
Controller 1 Controller 2
AP A AP B AP C AP D
Subnet A Subnet B
Client Mobility
bull Different Client Mobility levels L2 Mobility L3 Mobility Conceptually similar to Proxy
Mobile IPndash Foreign and Anchor Controllers
ndash Asymmetric traffic flow
bull What about Security PKC ndash Proactive Key Caching
WPA2 80211i Fast Roaming
Mobility Groups
Controller-CMAC AAAAAAAAAA03
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-B AAAAAAAAAA02
Controller-BMAC AAAAAAAAAA02
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-C AAAAAAAAAA03
Controller-AMAC AAAAAAAAAA01
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-B AAAAAAAAAA02Controller-C AAAAAAAAAA03
Ethernet Over IP
Tunnel
Ethernet Over IP Tunnel
Eth
ern
et Ove
r IP T
un
nel
bull Mobility Group is a ldquoCluster of Controllersrdquo that share information between them (eg client context and state controller ldquoloadrdquo etc)
bull Up to 24 Controllers per Mobility Group
bull Mobility Group facilitates seamless roaming at both L2 amp L3
bull Configuring a Mobility Group
IP connectivity between all devices
Same Mobility Group Name (IS case sensitive)
Same Virtual Interface IP address
Each device is configured with the MAC and IP of every other device in the group
Layer 2 Mobility
bullAll controllers in same Mobility GroupbullClient connects to AP A on Controller 1
ndash Client database entry created
bullClient roams to AP B on Controller 1ndash Proactive Key Caching (PKC) provides fast
roam times for WPA280211i clients No need to re-authenticate to Radius server
bullClient roams from AP B (Controller 1) to AP C (Controller 2)
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry moved to Controller 2
bull PMK data included (master key data from Radius server)
ndash Proactive Key Caching provides fast roam times for WPA280211i clients No need to re-authenticate to Radius server
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN AP QoS IP Sechellip
MobilityAnnouncement
bull Roam is transparent to clientbull Same DHCP address maintainedbull Proactive Key Caching with WPA280211i
(Funk or MS client)
move
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Infrastructure based networks
Uses fixed base stations (infrastructure) which are responsible for coordinating communication between the mobile hosts (nodes)
Hidden Nodes - a QoS Issue
bull If you canrsquot see a frame you canrsquot avoid colliding
bull RF characteristics make it hard to see all frames
bull Hidden nodes usurp priority and break service commitments
bull Only the AP can see and be seen by all nodesHidden
bull The Light Weight Access Point Protocol is used between APsand a WLAN Controller
bull LWAPP carries control and data traffic between the two
bull It facilitates centralized management and automated configuration
bull Open standards-based protocolndashndashSubmitted to IETF CAPWAP WG
Lightweight AP WLAN Concept
Autonomous DeploymentsbullEach AP had its own view of the network ndash like standalone cell towersbullNo hierarchical view of the RF ndash or the network
Centralization ndash not a new ideabull Original cellular
networks were nodalbull Lots of call dropsbull Lots of administrationbull Roaming wasnrsquot very
goodbull Not capable of
providing advanced services
Enter the Base Station Controller
ManagementControl Base stations are used to handle call setup handovers and other functions across an entire cellular network
bull Complete view of the network
bull Improved roaming
bull One point of administration
bull Enabled provisioning of advanced services
Enter The Wireless Controller
Control and Management
DHCPDHCP RADIUSRADIUSDNSDNS ACSACS HPOVHPOV
LWAPP
System Layers
Basic LWAPP Architecture
AC
WTP
STA
80211AssocReq
80211Data Frame
80211AssocReq
LWAPP(C=0)
80211Data Frame
LWAPP(C=0)
80211AssocResp
80211AssocResp
LWAPP(C=0)
Unified Wireless Network
ndashUnified cellular and Wi-Fi VoIP Advanced threat detection identity networking location-based security asset tracking and guest access
Unified Advanced Services
ndashSame level of security scalability reliability ease of deployment and management for wireless LANs as wired LANs
World-Class Network Management
bullIntegration into all major switching and routing platforms Secure innovative WLAN controllers
Network Unification
Mobility Platform
bullUbiquitous network access in all environments Enhanced productivity Proven platform with large install base and 61 market share Plug and play
bull90 of Wi-Fi silicon is Certified ldquoOut-of-the-Boxrdquo wireless security
Client Devices
SiSi
SiSi
Centralized Wireless LAN Architecture
Lightweight Access Points
WLAN Controller
bull Controllerndash 80211 MAC Mgmt ndash (re)association
requests amp action framesndash 80211 data ndash encapsulate and sent to APndash 80211e Resource Reservation ndash control
protocol carried to AP in 80211 mgmt frames ndash signaling done in the controller
ndash 80211i Authentication amp Key exchange
bull APndash 80211 ndash beacons probe response auth
(if open)ndash 80211 control ndash packet ack amp retransmission
(latency)ndash 80211e ndash frame queuing amp packet
prioritization (real-time access)ndash 80211i ndash Layer 2 encryption
LWAPP
LWAPP
LWAPP
bullLWAPP - Light Weight Access Point Protocol is used between APs and WLAN ControllerbullLWAPP carries control and data traffic between the twondash Control plane is AES-CCM encryptedndash Data plane is not encrypted
bullIt facilitates centralized management and automated configurationbullOpen standards-based protocol (Submitted to IETF CAPWAP WG)
Access Point Controller
WiFi Client
Business Application
Control Plane
Data Plane
Protocol for Centralization
bull LWAPP = LightWeight Access Point Protocol
bull Standardized Interface between an access point and a centralized controller
bull Definesndash Association of APs
Authentication of APsControl of APs
bull Works across L2 L3 boundaries
bull Design goalsndash Zero-config deploymentndash Secure deploymentndash Centralization
Controllersbull Security Policiesbull Wireless IDSbull QoS Policiesbull RF Managementbull Mobility Managementbull IPSec Encryption
Access Points bull Remote RF interfacebull Timing critical
functionsbull L2 Encryption
LWAPP-L2
LWAPP Modes Layer 2bull Layer 2 LWAPP is in an
Ethernet frame (Ethertype 0xBBBB)
bull Cisco WLAN Controller and AP must be connected to the same VLANsubnet
Lightweight Access Points
Cisco WLAN Controller
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L2 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L2 Control Message
Control Elts hellip
LWAPP Modes Layer 3bullLayer 3 LWAPP is in a UDP IP frame
ndash Data traffic uses source port 1024 and destination 12222
ndash Control traffic uses source port 1024 and destination port 12223
bullCisco Controller and AP can be connected to the same VLANsubnet or connected to a different VLANsubnet
bullRequires IP addressing of Cisco Lightweight AP
LWAPP-L3
Lightweight Access Points
Cisco WLAN Controller
LWAPP-L3
LW
AP
P-L
3
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L3 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L3 Control Message
Control Elts hellip
IP UDP=12222
IP UDP=12223
The need for Client Mobilitybull Wireless LAN is not only about
wire-lessbull Need for mobility and not only
ldquohotspotrdquo connectivitybull Mobility is when a client move
from one Access Point to an other
bull Access points can be on a single Controller or on different Controller
bull Client need to keep IP connectivity (same IP address)
bull Client Mobility is mandatory for some applications (Voice Video Business Applications hellip)
Controller 1 Controller 2
AP A AP B AP C AP D
Subnet A Subnet B
Client Mobility
bull Different Client Mobility levels L2 Mobility L3 Mobility Conceptually similar to Proxy
Mobile IPndash Foreign and Anchor Controllers
ndash Asymmetric traffic flow
bull What about Security PKC ndash Proactive Key Caching
WPA2 80211i Fast Roaming
Mobility Groups
Controller-CMAC AAAAAAAAAA03
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-B AAAAAAAAAA02
Controller-BMAC AAAAAAAAAA02
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-C AAAAAAAAAA03
Controller-AMAC AAAAAAAAAA01
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-B AAAAAAAAAA02Controller-C AAAAAAAAAA03
Ethernet Over IP
Tunnel
Ethernet Over IP Tunnel
Eth
ern
et Ove
r IP T
un
nel
bull Mobility Group is a ldquoCluster of Controllersrdquo that share information between them (eg client context and state controller ldquoloadrdquo etc)
bull Up to 24 Controllers per Mobility Group
bull Mobility Group facilitates seamless roaming at both L2 amp L3
bull Configuring a Mobility Group
IP connectivity between all devices
Same Mobility Group Name (IS case sensitive)
Same Virtual Interface IP address
Each device is configured with the MAC and IP of every other device in the group
Layer 2 Mobility
bullAll controllers in same Mobility GroupbullClient connects to AP A on Controller 1
ndash Client database entry created
bullClient roams to AP B on Controller 1ndash Proactive Key Caching (PKC) provides fast
roam times for WPA280211i clients No need to re-authenticate to Radius server
bullClient roams from AP B (Controller 1) to AP C (Controller 2)
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry moved to Controller 2
bull PMK data included (master key data from Radius server)
ndash Proactive Key Caching provides fast roam times for WPA280211i clients No need to re-authenticate to Radius server
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN AP QoS IP Sechellip
MobilityAnnouncement
bull Roam is transparent to clientbull Same DHCP address maintainedbull Proactive Key Caching with WPA280211i
(Funk or MS client)
move
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Hidden Nodes - a QoS Issue
bull If you canrsquot see a frame you canrsquot avoid colliding
bull RF characteristics make it hard to see all frames
bull Hidden nodes usurp priority and break service commitments
bull Only the AP can see and be seen by all nodesHidden
bull The Light Weight Access Point Protocol is used between APsand a WLAN Controller
bull LWAPP carries control and data traffic between the two
bull It facilitates centralized management and automated configuration
bull Open standards-based protocolndashndashSubmitted to IETF CAPWAP WG
Lightweight AP WLAN Concept
Autonomous DeploymentsbullEach AP had its own view of the network ndash like standalone cell towersbullNo hierarchical view of the RF ndash or the network
Centralization ndash not a new ideabull Original cellular
networks were nodalbull Lots of call dropsbull Lots of administrationbull Roaming wasnrsquot very
goodbull Not capable of
providing advanced services
Enter the Base Station Controller
ManagementControl Base stations are used to handle call setup handovers and other functions across an entire cellular network
bull Complete view of the network
bull Improved roaming
bull One point of administration
bull Enabled provisioning of advanced services
Enter The Wireless Controller
Control and Management
DHCPDHCP RADIUSRADIUSDNSDNS ACSACS HPOVHPOV
LWAPP
System Layers
Basic LWAPP Architecture
AC
WTP
STA
80211AssocReq
80211Data Frame
80211AssocReq
LWAPP(C=0)
80211Data Frame
LWAPP(C=0)
80211AssocResp
80211AssocResp
LWAPP(C=0)
Unified Wireless Network
ndashUnified cellular and Wi-Fi VoIP Advanced threat detection identity networking location-based security asset tracking and guest access
Unified Advanced Services
ndashSame level of security scalability reliability ease of deployment and management for wireless LANs as wired LANs
World-Class Network Management
bullIntegration into all major switching and routing platforms Secure innovative WLAN controllers
Network Unification
Mobility Platform
bullUbiquitous network access in all environments Enhanced productivity Proven platform with large install base and 61 market share Plug and play
bull90 of Wi-Fi silicon is Certified ldquoOut-of-the-Boxrdquo wireless security
Client Devices
SiSi
SiSi
Centralized Wireless LAN Architecture
Lightweight Access Points
WLAN Controller
bull Controllerndash 80211 MAC Mgmt ndash (re)association
requests amp action framesndash 80211 data ndash encapsulate and sent to APndash 80211e Resource Reservation ndash control
protocol carried to AP in 80211 mgmt frames ndash signaling done in the controller
ndash 80211i Authentication amp Key exchange
bull APndash 80211 ndash beacons probe response auth
(if open)ndash 80211 control ndash packet ack amp retransmission
(latency)ndash 80211e ndash frame queuing amp packet
prioritization (real-time access)ndash 80211i ndash Layer 2 encryption
LWAPP
LWAPP
LWAPP
bullLWAPP - Light Weight Access Point Protocol is used between APs and WLAN ControllerbullLWAPP carries control and data traffic between the twondash Control plane is AES-CCM encryptedndash Data plane is not encrypted
bullIt facilitates centralized management and automated configurationbullOpen standards-based protocol (Submitted to IETF CAPWAP WG)
Access Point Controller
WiFi Client
Business Application
Control Plane
Data Plane
Protocol for Centralization
bull LWAPP = LightWeight Access Point Protocol
bull Standardized Interface between an access point and a centralized controller
bull Definesndash Association of APs
Authentication of APsControl of APs
bull Works across L2 L3 boundaries
bull Design goalsndash Zero-config deploymentndash Secure deploymentndash Centralization
Controllersbull Security Policiesbull Wireless IDSbull QoS Policiesbull RF Managementbull Mobility Managementbull IPSec Encryption
Access Points bull Remote RF interfacebull Timing critical
functionsbull L2 Encryption
LWAPP-L2
LWAPP Modes Layer 2bull Layer 2 LWAPP is in an
Ethernet frame (Ethertype 0xBBBB)
bull Cisco WLAN Controller and AP must be connected to the same VLANsubnet
Lightweight Access Points
Cisco WLAN Controller
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L2 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L2 Control Message
Control Elts hellip
LWAPP Modes Layer 3bullLayer 3 LWAPP is in a UDP IP frame
ndash Data traffic uses source port 1024 and destination 12222
ndash Control traffic uses source port 1024 and destination port 12223
bullCisco Controller and AP can be connected to the same VLANsubnet or connected to a different VLANsubnet
bullRequires IP addressing of Cisco Lightweight AP
LWAPP-L3
Lightweight Access Points
Cisco WLAN Controller
LWAPP-L3
LW
AP
P-L
3
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L3 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L3 Control Message
Control Elts hellip
IP UDP=12222
IP UDP=12223
The need for Client Mobilitybull Wireless LAN is not only about
wire-lessbull Need for mobility and not only
ldquohotspotrdquo connectivitybull Mobility is when a client move
from one Access Point to an other
bull Access points can be on a single Controller or on different Controller
bull Client need to keep IP connectivity (same IP address)
bull Client Mobility is mandatory for some applications (Voice Video Business Applications hellip)
Controller 1 Controller 2
AP A AP B AP C AP D
Subnet A Subnet B
Client Mobility
bull Different Client Mobility levels L2 Mobility L3 Mobility Conceptually similar to Proxy
Mobile IPndash Foreign and Anchor Controllers
ndash Asymmetric traffic flow
bull What about Security PKC ndash Proactive Key Caching
WPA2 80211i Fast Roaming
Mobility Groups
Controller-CMAC AAAAAAAAAA03
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-B AAAAAAAAAA02
Controller-BMAC AAAAAAAAAA02
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-C AAAAAAAAAA03
Controller-AMAC AAAAAAAAAA01
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-B AAAAAAAAAA02Controller-C AAAAAAAAAA03
Ethernet Over IP
Tunnel
Ethernet Over IP Tunnel
Eth
ern
et Ove
r IP T
un
nel
bull Mobility Group is a ldquoCluster of Controllersrdquo that share information between them (eg client context and state controller ldquoloadrdquo etc)
bull Up to 24 Controllers per Mobility Group
bull Mobility Group facilitates seamless roaming at both L2 amp L3
bull Configuring a Mobility Group
IP connectivity between all devices
Same Mobility Group Name (IS case sensitive)
Same Virtual Interface IP address
Each device is configured with the MAC and IP of every other device in the group
Layer 2 Mobility
bullAll controllers in same Mobility GroupbullClient connects to AP A on Controller 1
ndash Client database entry created
bullClient roams to AP B on Controller 1ndash Proactive Key Caching (PKC) provides fast
roam times for WPA280211i clients No need to re-authenticate to Radius server
bullClient roams from AP B (Controller 1) to AP C (Controller 2)
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry moved to Controller 2
bull PMK data included (master key data from Radius server)
ndash Proactive Key Caching provides fast roam times for WPA280211i clients No need to re-authenticate to Radius server
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN AP QoS IP Sechellip
MobilityAnnouncement
bull Roam is transparent to clientbull Same DHCP address maintainedbull Proactive Key Caching with WPA280211i
(Funk or MS client)
move
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
bull The Light Weight Access Point Protocol is used between APsand a WLAN Controller
bull LWAPP carries control and data traffic between the two
bull It facilitates centralized management and automated configuration
bull Open standards-based protocolndashndashSubmitted to IETF CAPWAP WG
Lightweight AP WLAN Concept
Autonomous DeploymentsbullEach AP had its own view of the network ndash like standalone cell towersbullNo hierarchical view of the RF ndash or the network
Centralization ndash not a new ideabull Original cellular
networks were nodalbull Lots of call dropsbull Lots of administrationbull Roaming wasnrsquot very
goodbull Not capable of
providing advanced services
Enter the Base Station Controller
ManagementControl Base stations are used to handle call setup handovers and other functions across an entire cellular network
bull Complete view of the network
bull Improved roaming
bull One point of administration
bull Enabled provisioning of advanced services
Enter The Wireless Controller
Control and Management
DHCPDHCP RADIUSRADIUSDNSDNS ACSACS HPOVHPOV
LWAPP
System Layers
Basic LWAPP Architecture
AC
WTP
STA
80211AssocReq
80211Data Frame
80211AssocReq
LWAPP(C=0)
80211Data Frame
LWAPP(C=0)
80211AssocResp
80211AssocResp
LWAPP(C=0)
Unified Wireless Network
ndashUnified cellular and Wi-Fi VoIP Advanced threat detection identity networking location-based security asset tracking and guest access
Unified Advanced Services
ndashSame level of security scalability reliability ease of deployment and management for wireless LANs as wired LANs
World-Class Network Management
bullIntegration into all major switching and routing platforms Secure innovative WLAN controllers
Network Unification
Mobility Platform
bullUbiquitous network access in all environments Enhanced productivity Proven platform with large install base and 61 market share Plug and play
bull90 of Wi-Fi silicon is Certified ldquoOut-of-the-Boxrdquo wireless security
Client Devices
SiSi
SiSi
Centralized Wireless LAN Architecture
Lightweight Access Points
WLAN Controller
bull Controllerndash 80211 MAC Mgmt ndash (re)association
requests amp action framesndash 80211 data ndash encapsulate and sent to APndash 80211e Resource Reservation ndash control
protocol carried to AP in 80211 mgmt frames ndash signaling done in the controller
ndash 80211i Authentication amp Key exchange
bull APndash 80211 ndash beacons probe response auth
(if open)ndash 80211 control ndash packet ack amp retransmission
(latency)ndash 80211e ndash frame queuing amp packet
prioritization (real-time access)ndash 80211i ndash Layer 2 encryption
LWAPP
LWAPP
LWAPP
bullLWAPP - Light Weight Access Point Protocol is used between APs and WLAN ControllerbullLWAPP carries control and data traffic between the twondash Control plane is AES-CCM encryptedndash Data plane is not encrypted
bullIt facilitates centralized management and automated configurationbullOpen standards-based protocol (Submitted to IETF CAPWAP WG)
Access Point Controller
WiFi Client
Business Application
Control Plane
Data Plane
Protocol for Centralization
bull LWAPP = LightWeight Access Point Protocol
bull Standardized Interface between an access point and a centralized controller
bull Definesndash Association of APs
Authentication of APsControl of APs
bull Works across L2 L3 boundaries
bull Design goalsndash Zero-config deploymentndash Secure deploymentndash Centralization
Controllersbull Security Policiesbull Wireless IDSbull QoS Policiesbull RF Managementbull Mobility Managementbull IPSec Encryption
Access Points bull Remote RF interfacebull Timing critical
functionsbull L2 Encryption
LWAPP-L2
LWAPP Modes Layer 2bull Layer 2 LWAPP is in an
Ethernet frame (Ethertype 0xBBBB)
bull Cisco WLAN Controller and AP must be connected to the same VLANsubnet
Lightweight Access Points
Cisco WLAN Controller
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L2 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L2 Control Message
Control Elts hellip
LWAPP Modes Layer 3bullLayer 3 LWAPP is in a UDP IP frame
ndash Data traffic uses source port 1024 and destination 12222
ndash Control traffic uses source port 1024 and destination port 12223
bullCisco Controller and AP can be connected to the same VLANsubnet or connected to a different VLANsubnet
bullRequires IP addressing of Cisco Lightweight AP
LWAPP-L3
Lightweight Access Points
Cisco WLAN Controller
LWAPP-L3
LW
AP
P-L
3
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L3 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L3 Control Message
Control Elts hellip
IP UDP=12222
IP UDP=12223
The need for Client Mobilitybull Wireless LAN is not only about
wire-lessbull Need for mobility and not only
ldquohotspotrdquo connectivitybull Mobility is when a client move
from one Access Point to an other
bull Access points can be on a single Controller or on different Controller
bull Client need to keep IP connectivity (same IP address)
bull Client Mobility is mandatory for some applications (Voice Video Business Applications hellip)
Controller 1 Controller 2
AP A AP B AP C AP D
Subnet A Subnet B
Client Mobility
bull Different Client Mobility levels L2 Mobility L3 Mobility Conceptually similar to Proxy
Mobile IPndash Foreign and Anchor Controllers
ndash Asymmetric traffic flow
bull What about Security PKC ndash Proactive Key Caching
WPA2 80211i Fast Roaming
Mobility Groups
Controller-CMAC AAAAAAAAAA03
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-B AAAAAAAAAA02
Controller-BMAC AAAAAAAAAA02
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-C AAAAAAAAAA03
Controller-AMAC AAAAAAAAAA01
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-B AAAAAAAAAA02Controller-C AAAAAAAAAA03
Ethernet Over IP
Tunnel
Ethernet Over IP Tunnel
Eth
ern
et Ove
r IP T
un
nel
bull Mobility Group is a ldquoCluster of Controllersrdquo that share information between them (eg client context and state controller ldquoloadrdquo etc)
bull Up to 24 Controllers per Mobility Group
bull Mobility Group facilitates seamless roaming at both L2 amp L3
bull Configuring a Mobility Group
IP connectivity between all devices
Same Mobility Group Name (IS case sensitive)
Same Virtual Interface IP address
Each device is configured with the MAC and IP of every other device in the group
Layer 2 Mobility
bullAll controllers in same Mobility GroupbullClient connects to AP A on Controller 1
ndash Client database entry created
bullClient roams to AP B on Controller 1ndash Proactive Key Caching (PKC) provides fast
roam times for WPA280211i clients No need to re-authenticate to Radius server
bullClient roams from AP B (Controller 1) to AP C (Controller 2)
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry moved to Controller 2
bull PMK data included (master key data from Radius server)
ndash Proactive Key Caching provides fast roam times for WPA280211i clients No need to re-authenticate to Radius server
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN AP QoS IP Sechellip
MobilityAnnouncement
bull Roam is transparent to clientbull Same DHCP address maintainedbull Proactive Key Caching with WPA280211i
(Funk or MS client)
move
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Lightweight AP WLAN Concept
Autonomous DeploymentsbullEach AP had its own view of the network ndash like standalone cell towersbullNo hierarchical view of the RF ndash or the network
Centralization ndash not a new ideabull Original cellular
networks were nodalbull Lots of call dropsbull Lots of administrationbull Roaming wasnrsquot very
goodbull Not capable of
providing advanced services
Enter the Base Station Controller
ManagementControl Base stations are used to handle call setup handovers and other functions across an entire cellular network
bull Complete view of the network
bull Improved roaming
bull One point of administration
bull Enabled provisioning of advanced services
Enter The Wireless Controller
Control and Management
DHCPDHCP RADIUSRADIUSDNSDNS ACSACS HPOVHPOV
LWAPP
System Layers
Basic LWAPP Architecture
AC
WTP
STA
80211AssocReq
80211Data Frame
80211AssocReq
LWAPP(C=0)
80211Data Frame
LWAPP(C=0)
80211AssocResp
80211AssocResp
LWAPP(C=0)
Unified Wireless Network
ndashUnified cellular and Wi-Fi VoIP Advanced threat detection identity networking location-based security asset tracking and guest access
Unified Advanced Services
ndashSame level of security scalability reliability ease of deployment and management for wireless LANs as wired LANs
World-Class Network Management
bullIntegration into all major switching and routing platforms Secure innovative WLAN controllers
Network Unification
Mobility Platform
bullUbiquitous network access in all environments Enhanced productivity Proven platform with large install base and 61 market share Plug and play
bull90 of Wi-Fi silicon is Certified ldquoOut-of-the-Boxrdquo wireless security
Client Devices
SiSi
SiSi
Centralized Wireless LAN Architecture
Lightweight Access Points
WLAN Controller
bull Controllerndash 80211 MAC Mgmt ndash (re)association
requests amp action framesndash 80211 data ndash encapsulate and sent to APndash 80211e Resource Reservation ndash control
protocol carried to AP in 80211 mgmt frames ndash signaling done in the controller
ndash 80211i Authentication amp Key exchange
bull APndash 80211 ndash beacons probe response auth
(if open)ndash 80211 control ndash packet ack amp retransmission
(latency)ndash 80211e ndash frame queuing amp packet
prioritization (real-time access)ndash 80211i ndash Layer 2 encryption
LWAPP
LWAPP
LWAPP
bullLWAPP - Light Weight Access Point Protocol is used between APs and WLAN ControllerbullLWAPP carries control and data traffic between the twondash Control plane is AES-CCM encryptedndash Data plane is not encrypted
bullIt facilitates centralized management and automated configurationbullOpen standards-based protocol (Submitted to IETF CAPWAP WG)
Access Point Controller
WiFi Client
Business Application
Control Plane
Data Plane
Protocol for Centralization
bull LWAPP = LightWeight Access Point Protocol
bull Standardized Interface between an access point and a centralized controller
bull Definesndash Association of APs
Authentication of APsControl of APs
bull Works across L2 L3 boundaries
bull Design goalsndash Zero-config deploymentndash Secure deploymentndash Centralization
Controllersbull Security Policiesbull Wireless IDSbull QoS Policiesbull RF Managementbull Mobility Managementbull IPSec Encryption
Access Points bull Remote RF interfacebull Timing critical
functionsbull L2 Encryption
LWAPP-L2
LWAPP Modes Layer 2bull Layer 2 LWAPP is in an
Ethernet frame (Ethertype 0xBBBB)
bull Cisco WLAN Controller and AP must be connected to the same VLANsubnet
Lightweight Access Points
Cisco WLAN Controller
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L2 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L2 Control Message
Control Elts hellip
LWAPP Modes Layer 3bullLayer 3 LWAPP is in a UDP IP frame
ndash Data traffic uses source port 1024 and destination 12222
ndash Control traffic uses source port 1024 and destination port 12223
bullCisco Controller and AP can be connected to the same VLANsubnet or connected to a different VLANsubnet
bullRequires IP addressing of Cisco Lightweight AP
LWAPP-L3
Lightweight Access Points
Cisco WLAN Controller
LWAPP-L3
LW
AP
P-L
3
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L3 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L3 Control Message
Control Elts hellip
IP UDP=12222
IP UDP=12223
The need for Client Mobilitybull Wireless LAN is not only about
wire-lessbull Need for mobility and not only
ldquohotspotrdquo connectivitybull Mobility is when a client move
from one Access Point to an other
bull Access points can be on a single Controller or on different Controller
bull Client need to keep IP connectivity (same IP address)
bull Client Mobility is mandatory for some applications (Voice Video Business Applications hellip)
Controller 1 Controller 2
AP A AP B AP C AP D
Subnet A Subnet B
Client Mobility
bull Different Client Mobility levels L2 Mobility L3 Mobility Conceptually similar to Proxy
Mobile IPndash Foreign and Anchor Controllers
ndash Asymmetric traffic flow
bull What about Security PKC ndash Proactive Key Caching
WPA2 80211i Fast Roaming
Mobility Groups
Controller-CMAC AAAAAAAAAA03
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-B AAAAAAAAAA02
Controller-BMAC AAAAAAAAAA02
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-C AAAAAAAAAA03
Controller-AMAC AAAAAAAAAA01
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-B AAAAAAAAAA02Controller-C AAAAAAAAAA03
Ethernet Over IP
Tunnel
Ethernet Over IP Tunnel
Eth
ern
et Ove
r IP T
un
nel
bull Mobility Group is a ldquoCluster of Controllersrdquo that share information between them (eg client context and state controller ldquoloadrdquo etc)
bull Up to 24 Controllers per Mobility Group
bull Mobility Group facilitates seamless roaming at both L2 amp L3
bull Configuring a Mobility Group
IP connectivity between all devices
Same Mobility Group Name (IS case sensitive)
Same Virtual Interface IP address
Each device is configured with the MAC and IP of every other device in the group
Layer 2 Mobility
bullAll controllers in same Mobility GroupbullClient connects to AP A on Controller 1
ndash Client database entry created
bullClient roams to AP B on Controller 1ndash Proactive Key Caching (PKC) provides fast
roam times for WPA280211i clients No need to re-authenticate to Radius server
bullClient roams from AP B (Controller 1) to AP C (Controller 2)
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry moved to Controller 2
bull PMK data included (master key data from Radius server)
ndash Proactive Key Caching provides fast roam times for WPA280211i clients No need to re-authenticate to Radius server
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN AP QoS IP Sechellip
MobilityAnnouncement
bull Roam is transparent to clientbull Same DHCP address maintainedbull Proactive Key Caching with WPA280211i
(Funk or MS client)
move
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Autonomous DeploymentsbullEach AP had its own view of the network ndash like standalone cell towersbullNo hierarchical view of the RF ndash or the network
Centralization ndash not a new ideabull Original cellular
networks were nodalbull Lots of call dropsbull Lots of administrationbull Roaming wasnrsquot very
goodbull Not capable of
providing advanced services
Enter the Base Station Controller
ManagementControl Base stations are used to handle call setup handovers and other functions across an entire cellular network
bull Complete view of the network
bull Improved roaming
bull One point of administration
bull Enabled provisioning of advanced services
Enter The Wireless Controller
Control and Management
DHCPDHCP RADIUSRADIUSDNSDNS ACSACS HPOVHPOV
LWAPP
System Layers
Basic LWAPP Architecture
AC
WTP
STA
80211AssocReq
80211Data Frame
80211AssocReq
LWAPP(C=0)
80211Data Frame
LWAPP(C=0)
80211AssocResp
80211AssocResp
LWAPP(C=0)
Unified Wireless Network
ndashUnified cellular and Wi-Fi VoIP Advanced threat detection identity networking location-based security asset tracking and guest access
Unified Advanced Services
ndashSame level of security scalability reliability ease of deployment and management for wireless LANs as wired LANs
World-Class Network Management
bullIntegration into all major switching and routing platforms Secure innovative WLAN controllers
Network Unification
Mobility Platform
bullUbiquitous network access in all environments Enhanced productivity Proven platform with large install base and 61 market share Plug and play
bull90 of Wi-Fi silicon is Certified ldquoOut-of-the-Boxrdquo wireless security
Client Devices
SiSi
SiSi
Centralized Wireless LAN Architecture
Lightweight Access Points
WLAN Controller
bull Controllerndash 80211 MAC Mgmt ndash (re)association
requests amp action framesndash 80211 data ndash encapsulate and sent to APndash 80211e Resource Reservation ndash control
protocol carried to AP in 80211 mgmt frames ndash signaling done in the controller
ndash 80211i Authentication amp Key exchange
bull APndash 80211 ndash beacons probe response auth
(if open)ndash 80211 control ndash packet ack amp retransmission
(latency)ndash 80211e ndash frame queuing amp packet
prioritization (real-time access)ndash 80211i ndash Layer 2 encryption
LWAPP
LWAPP
LWAPP
bullLWAPP - Light Weight Access Point Protocol is used between APs and WLAN ControllerbullLWAPP carries control and data traffic between the twondash Control plane is AES-CCM encryptedndash Data plane is not encrypted
bullIt facilitates centralized management and automated configurationbullOpen standards-based protocol (Submitted to IETF CAPWAP WG)
Access Point Controller
WiFi Client
Business Application
Control Plane
Data Plane
Protocol for Centralization
bull LWAPP = LightWeight Access Point Protocol
bull Standardized Interface between an access point and a centralized controller
bull Definesndash Association of APs
Authentication of APsControl of APs
bull Works across L2 L3 boundaries
bull Design goalsndash Zero-config deploymentndash Secure deploymentndash Centralization
Controllersbull Security Policiesbull Wireless IDSbull QoS Policiesbull RF Managementbull Mobility Managementbull IPSec Encryption
Access Points bull Remote RF interfacebull Timing critical
functionsbull L2 Encryption
LWAPP-L2
LWAPP Modes Layer 2bull Layer 2 LWAPP is in an
Ethernet frame (Ethertype 0xBBBB)
bull Cisco WLAN Controller and AP must be connected to the same VLANsubnet
Lightweight Access Points
Cisco WLAN Controller
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L2 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L2 Control Message
Control Elts hellip
LWAPP Modes Layer 3bullLayer 3 LWAPP is in a UDP IP frame
ndash Data traffic uses source port 1024 and destination 12222
ndash Control traffic uses source port 1024 and destination port 12223
bullCisco Controller and AP can be connected to the same VLANsubnet or connected to a different VLANsubnet
bullRequires IP addressing of Cisco Lightweight AP
LWAPP-L3
Lightweight Access Points
Cisco WLAN Controller
LWAPP-L3
LW
AP
P-L
3
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L3 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L3 Control Message
Control Elts hellip
IP UDP=12222
IP UDP=12223
The need for Client Mobilitybull Wireless LAN is not only about
wire-lessbull Need for mobility and not only
ldquohotspotrdquo connectivitybull Mobility is when a client move
from one Access Point to an other
bull Access points can be on a single Controller or on different Controller
bull Client need to keep IP connectivity (same IP address)
bull Client Mobility is mandatory for some applications (Voice Video Business Applications hellip)
Controller 1 Controller 2
AP A AP B AP C AP D
Subnet A Subnet B
Client Mobility
bull Different Client Mobility levels L2 Mobility L3 Mobility Conceptually similar to Proxy
Mobile IPndash Foreign and Anchor Controllers
ndash Asymmetric traffic flow
bull What about Security PKC ndash Proactive Key Caching
WPA2 80211i Fast Roaming
Mobility Groups
Controller-CMAC AAAAAAAAAA03
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-B AAAAAAAAAA02
Controller-BMAC AAAAAAAAAA02
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-C AAAAAAAAAA03
Controller-AMAC AAAAAAAAAA01
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-B AAAAAAAAAA02Controller-C AAAAAAAAAA03
Ethernet Over IP
Tunnel
Ethernet Over IP Tunnel
Eth
ern
et Ove
r IP T
un
nel
bull Mobility Group is a ldquoCluster of Controllersrdquo that share information between them (eg client context and state controller ldquoloadrdquo etc)
bull Up to 24 Controllers per Mobility Group
bull Mobility Group facilitates seamless roaming at both L2 amp L3
bull Configuring a Mobility Group
IP connectivity between all devices
Same Mobility Group Name (IS case sensitive)
Same Virtual Interface IP address
Each device is configured with the MAC and IP of every other device in the group
Layer 2 Mobility
bullAll controllers in same Mobility GroupbullClient connects to AP A on Controller 1
ndash Client database entry created
bullClient roams to AP B on Controller 1ndash Proactive Key Caching (PKC) provides fast
roam times for WPA280211i clients No need to re-authenticate to Radius server
bullClient roams from AP B (Controller 1) to AP C (Controller 2)
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry moved to Controller 2
bull PMK data included (master key data from Radius server)
ndash Proactive Key Caching provides fast roam times for WPA280211i clients No need to re-authenticate to Radius server
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN AP QoS IP Sechellip
MobilityAnnouncement
bull Roam is transparent to clientbull Same DHCP address maintainedbull Proactive Key Caching with WPA280211i
(Funk or MS client)
move
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Centralization ndash not a new ideabull Original cellular
networks were nodalbull Lots of call dropsbull Lots of administrationbull Roaming wasnrsquot very
goodbull Not capable of
providing advanced services
Enter the Base Station Controller
ManagementControl Base stations are used to handle call setup handovers and other functions across an entire cellular network
bull Complete view of the network
bull Improved roaming
bull One point of administration
bull Enabled provisioning of advanced services
Enter The Wireless Controller
Control and Management
DHCPDHCP RADIUSRADIUSDNSDNS ACSACS HPOVHPOV
LWAPP
System Layers
Basic LWAPP Architecture
AC
WTP
STA
80211AssocReq
80211Data Frame
80211AssocReq
LWAPP(C=0)
80211Data Frame
LWAPP(C=0)
80211AssocResp
80211AssocResp
LWAPP(C=0)
Unified Wireless Network
ndashUnified cellular and Wi-Fi VoIP Advanced threat detection identity networking location-based security asset tracking and guest access
Unified Advanced Services
ndashSame level of security scalability reliability ease of deployment and management for wireless LANs as wired LANs
World-Class Network Management
bullIntegration into all major switching and routing platforms Secure innovative WLAN controllers
Network Unification
Mobility Platform
bullUbiquitous network access in all environments Enhanced productivity Proven platform with large install base and 61 market share Plug and play
bull90 of Wi-Fi silicon is Certified ldquoOut-of-the-Boxrdquo wireless security
Client Devices
SiSi
SiSi
Centralized Wireless LAN Architecture
Lightweight Access Points
WLAN Controller
bull Controllerndash 80211 MAC Mgmt ndash (re)association
requests amp action framesndash 80211 data ndash encapsulate and sent to APndash 80211e Resource Reservation ndash control
protocol carried to AP in 80211 mgmt frames ndash signaling done in the controller
ndash 80211i Authentication amp Key exchange
bull APndash 80211 ndash beacons probe response auth
(if open)ndash 80211 control ndash packet ack amp retransmission
(latency)ndash 80211e ndash frame queuing amp packet
prioritization (real-time access)ndash 80211i ndash Layer 2 encryption
LWAPP
LWAPP
LWAPP
bullLWAPP - Light Weight Access Point Protocol is used between APs and WLAN ControllerbullLWAPP carries control and data traffic between the twondash Control plane is AES-CCM encryptedndash Data plane is not encrypted
bullIt facilitates centralized management and automated configurationbullOpen standards-based protocol (Submitted to IETF CAPWAP WG)
Access Point Controller
WiFi Client
Business Application
Control Plane
Data Plane
Protocol for Centralization
bull LWAPP = LightWeight Access Point Protocol
bull Standardized Interface between an access point and a centralized controller
bull Definesndash Association of APs
Authentication of APsControl of APs
bull Works across L2 L3 boundaries
bull Design goalsndash Zero-config deploymentndash Secure deploymentndash Centralization
Controllersbull Security Policiesbull Wireless IDSbull QoS Policiesbull RF Managementbull Mobility Managementbull IPSec Encryption
Access Points bull Remote RF interfacebull Timing critical
functionsbull L2 Encryption
LWAPP-L2
LWAPP Modes Layer 2bull Layer 2 LWAPP is in an
Ethernet frame (Ethertype 0xBBBB)
bull Cisco WLAN Controller and AP must be connected to the same VLANsubnet
Lightweight Access Points
Cisco WLAN Controller
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L2 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L2 Control Message
Control Elts hellip
LWAPP Modes Layer 3bullLayer 3 LWAPP is in a UDP IP frame
ndash Data traffic uses source port 1024 and destination 12222
ndash Control traffic uses source port 1024 and destination port 12223
bullCisco Controller and AP can be connected to the same VLANsubnet or connected to a different VLANsubnet
bullRequires IP addressing of Cisco Lightweight AP
LWAPP-L3
Lightweight Access Points
Cisco WLAN Controller
LWAPP-L3
LW
AP
P-L
3
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L3 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L3 Control Message
Control Elts hellip
IP UDP=12222
IP UDP=12223
The need for Client Mobilitybull Wireless LAN is not only about
wire-lessbull Need for mobility and not only
ldquohotspotrdquo connectivitybull Mobility is when a client move
from one Access Point to an other
bull Access points can be on a single Controller or on different Controller
bull Client need to keep IP connectivity (same IP address)
bull Client Mobility is mandatory for some applications (Voice Video Business Applications hellip)
Controller 1 Controller 2
AP A AP B AP C AP D
Subnet A Subnet B
Client Mobility
bull Different Client Mobility levels L2 Mobility L3 Mobility Conceptually similar to Proxy
Mobile IPndash Foreign and Anchor Controllers
ndash Asymmetric traffic flow
bull What about Security PKC ndash Proactive Key Caching
WPA2 80211i Fast Roaming
Mobility Groups
Controller-CMAC AAAAAAAAAA03
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-B AAAAAAAAAA02
Controller-BMAC AAAAAAAAAA02
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-C AAAAAAAAAA03
Controller-AMAC AAAAAAAAAA01
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-B AAAAAAAAAA02Controller-C AAAAAAAAAA03
Ethernet Over IP
Tunnel
Ethernet Over IP Tunnel
Eth
ern
et Ove
r IP T
un
nel
bull Mobility Group is a ldquoCluster of Controllersrdquo that share information between them (eg client context and state controller ldquoloadrdquo etc)
bull Up to 24 Controllers per Mobility Group
bull Mobility Group facilitates seamless roaming at both L2 amp L3
bull Configuring a Mobility Group
IP connectivity between all devices
Same Mobility Group Name (IS case sensitive)
Same Virtual Interface IP address
Each device is configured with the MAC and IP of every other device in the group
Layer 2 Mobility
bullAll controllers in same Mobility GroupbullClient connects to AP A on Controller 1
ndash Client database entry created
bullClient roams to AP B on Controller 1ndash Proactive Key Caching (PKC) provides fast
roam times for WPA280211i clients No need to re-authenticate to Radius server
bullClient roams from AP B (Controller 1) to AP C (Controller 2)
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry moved to Controller 2
bull PMK data included (master key data from Radius server)
ndash Proactive Key Caching provides fast roam times for WPA280211i clients No need to re-authenticate to Radius server
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN AP QoS IP Sechellip
MobilityAnnouncement
bull Roam is transparent to clientbull Same DHCP address maintainedbull Proactive Key Caching with WPA280211i
(Funk or MS client)
move
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Enter the Base Station Controller
ManagementControl Base stations are used to handle call setup handovers and other functions across an entire cellular network
bull Complete view of the network
bull Improved roaming
bull One point of administration
bull Enabled provisioning of advanced services
Enter The Wireless Controller
Control and Management
DHCPDHCP RADIUSRADIUSDNSDNS ACSACS HPOVHPOV
LWAPP
System Layers
Basic LWAPP Architecture
AC
WTP
STA
80211AssocReq
80211Data Frame
80211AssocReq
LWAPP(C=0)
80211Data Frame
LWAPP(C=0)
80211AssocResp
80211AssocResp
LWAPP(C=0)
Unified Wireless Network
ndashUnified cellular and Wi-Fi VoIP Advanced threat detection identity networking location-based security asset tracking and guest access
Unified Advanced Services
ndashSame level of security scalability reliability ease of deployment and management for wireless LANs as wired LANs
World-Class Network Management
bullIntegration into all major switching and routing platforms Secure innovative WLAN controllers
Network Unification
Mobility Platform
bullUbiquitous network access in all environments Enhanced productivity Proven platform with large install base and 61 market share Plug and play
bull90 of Wi-Fi silicon is Certified ldquoOut-of-the-Boxrdquo wireless security
Client Devices
SiSi
SiSi
Centralized Wireless LAN Architecture
Lightweight Access Points
WLAN Controller
bull Controllerndash 80211 MAC Mgmt ndash (re)association
requests amp action framesndash 80211 data ndash encapsulate and sent to APndash 80211e Resource Reservation ndash control
protocol carried to AP in 80211 mgmt frames ndash signaling done in the controller
ndash 80211i Authentication amp Key exchange
bull APndash 80211 ndash beacons probe response auth
(if open)ndash 80211 control ndash packet ack amp retransmission
(latency)ndash 80211e ndash frame queuing amp packet
prioritization (real-time access)ndash 80211i ndash Layer 2 encryption
LWAPP
LWAPP
LWAPP
bullLWAPP - Light Weight Access Point Protocol is used between APs and WLAN ControllerbullLWAPP carries control and data traffic between the twondash Control plane is AES-CCM encryptedndash Data plane is not encrypted
bullIt facilitates centralized management and automated configurationbullOpen standards-based protocol (Submitted to IETF CAPWAP WG)
Access Point Controller
WiFi Client
Business Application
Control Plane
Data Plane
Protocol for Centralization
bull LWAPP = LightWeight Access Point Protocol
bull Standardized Interface between an access point and a centralized controller
bull Definesndash Association of APs
Authentication of APsControl of APs
bull Works across L2 L3 boundaries
bull Design goalsndash Zero-config deploymentndash Secure deploymentndash Centralization
Controllersbull Security Policiesbull Wireless IDSbull QoS Policiesbull RF Managementbull Mobility Managementbull IPSec Encryption
Access Points bull Remote RF interfacebull Timing critical
functionsbull L2 Encryption
LWAPP-L2
LWAPP Modes Layer 2bull Layer 2 LWAPP is in an
Ethernet frame (Ethertype 0xBBBB)
bull Cisco WLAN Controller and AP must be connected to the same VLANsubnet
Lightweight Access Points
Cisco WLAN Controller
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L2 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L2 Control Message
Control Elts hellip
LWAPP Modes Layer 3bullLayer 3 LWAPP is in a UDP IP frame
ndash Data traffic uses source port 1024 and destination 12222
ndash Control traffic uses source port 1024 and destination port 12223
bullCisco Controller and AP can be connected to the same VLANsubnet or connected to a different VLANsubnet
bullRequires IP addressing of Cisco Lightweight AP
LWAPP-L3
Lightweight Access Points
Cisco WLAN Controller
LWAPP-L3
LW
AP
P-L
3
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L3 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L3 Control Message
Control Elts hellip
IP UDP=12222
IP UDP=12223
The need for Client Mobilitybull Wireless LAN is not only about
wire-lessbull Need for mobility and not only
ldquohotspotrdquo connectivitybull Mobility is when a client move
from one Access Point to an other
bull Access points can be on a single Controller or on different Controller
bull Client need to keep IP connectivity (same IP address)
bull Client Mobility is mandatory for some applications (Voice Video Business Applications hellip)
Controller 1 Controller 2
AP A AP B AP C AP D
Subnet A Subnet B
Client Mobility
bull Different Client Mobility levels L2 Mobility L3 Mobility Conceptually similar to Proxy
Mobile IPndash Foreign and Anchor Controllers
ndash Asymmetric traffic flow
bull What about Security PKC ndash Proactive Key Caching
WPA2 80211i Fast Roaming
Mobility Groups
Controller-CMAC AAAAAAAAAA03
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-B AAAAAAAAAA02
Controller-BMAC AAAAAAAAAA02
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-C AAAAAAAAAA03
Controller-AMAC AAAAAAAAAA01
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-B AAAAAAAAAA02Controller-C AAAAAAAAAA03
Ethernet Over IP
Tunnel
Ethernet Over IP Tunnel
Eth
ern
et Ove
r IP T
un
nel
bull Mobility Group is a ldquoCluster of Controllersrdquo that share information between them (eg client context and state controller ldquoloadrdquo etc)
bull Up to 24 Controllers per Mobility Group
bull Mobility Group facilitates seamless roaming at both L2 amp L3
bull Configuring a Mobility Group
IP connectivity between all devices
Same Mobility Group Name (IS case sensitive)
Same Virtual Interface IP address
Each device is configured with the MAC and IP of every other device in the group
Layer 2 Mobility
bullAll controllers in same Mobility GroupbullClient connects to AP A on Controller 1
ndash Client database entry created
bullClient roams to AP B on Controller 1ndash Proactive Key Caching (PKC) provides fast
roam times for WPA280211i clients No need to re-authenticate to Radius server
bullClient roams from AP B (Controller 1) to AP C (Controller 2)
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry moved to Controller 2
bull PMK data included (master key data from Radius server)
ndash Proactive Key Caching provides fast roam times for WPA280211i clients No need to re-authenticate to Radius server
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN AP QoS IP Sechellip
MobilityAnnouncement
bull Roam is transparent to clientbull Same DHCP address maintainedbull Proactive Key Caching with WPA280211i
(Funk or MS client)
move
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Enter The Wireless Controller
Control and Management
DHCPDHCP RADIUSRADIUSDNSDNS ACSACS HPOVHPOV
LWAPP
System Layers
Basic LWAPP Architecture
AC
WTP
STA
80211AssocReq
80211Data Frame
80211AssocReq
LWAPP(C=0)
80211Data Frame
LWAPP(C=0)
80211AssocResp
80211AssocResp
LWAPP(C=0)
Unified Wireless Network
ndashUnified cellular and Wi-Fi VoIP Advanced threat detection identity networking location-based security asset tracking and guest access
Unified Advanced Services
ndashSame level of security scalability reliability ease of deployment and management for wireless LANs as wired LANs
World-Class Network Management
bullIntegration into all major switching and routing platforms Secure innovative WLAN controllers
Network Unification
Mobility Platform
bullUbiquitous network access in all environments Enhanced productivity Proven platform with large install base and 61 market share Plug and play
bull90 of Wi-Fi silicon is Certified ldquoOut-of-the-Boxrdquo wireless security
Client Devices
SiSi
SiSi
Centralized Wireless LAN Architecture
Lightweight Access Points
WLAN Controller
bull Controllerndash 80211 MAC Mgmt ndash (re)association
requests amp action framesndash 80211 data ndash encapsulate and sent to APndash 80211e Resource Reservation ndash control
protocol carried to AP in 80211 mgmt frames ndash signaling done in the controller
ndash 80211i Authentication amp Key exchange
bull APndash 80211 ndash beacons probe response auth
(if open)ndash 80211 control ndash packet ack amp retransmission
(latency)ndash 80211e ndash frame queuing amp packet
prioritization (real-time access)ndash 80211i ndash Layer 2 encryption
LWAPP
LWAPP
LWAPP
bullLWAPP - Light Weight Access Point Protocol is used between APs and WLAN ControllerbullLWAPP carries control and data traffic between the twondash Control plane is AES-CCM encryptedndash Data plane is not encrypted
bullIt facilitates centralized management and automated configurationbullOpen standards-based protocol (Submitted to IETF CAPWAP WG)
Access Point Controller
WiFi Client
Business Application
Control Plane
Data Plane
Protocol for Centralization
bull LWAPP = LightWeight Access Point Protocol
bull Standardized Interface between an access point and a centralized controller
bull Definesndash Association of APs
Authentication of APsControl of APs
bull Works across L2 L3 boundaries
bull Design goalsndash Zero-config deploymentndash Secure deploymentndash Centralization
Controllersbull Security Policiesbull Wireless IDSbull QoS Policiesbull RF Managementbull Mobility Managementbull IPSec Encryption
Access Points bull Remote RF interfacebull Timing critical
functionsbull L2 Encryption
LWAPP-L2
LWAPP Modes Layer 2bull Layer 2 LWAPP is in an
Ethernet frame (Ethertype 0xBBBB)
bull Cisco WLAN Controller and AP must be connected to the same VLANsubnet
Lightweight Access Points
Cisco WLAN Controller
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L2 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L2 Control Message
Control Elts hellip
LWAPP Modes Layer 3bullLayer 3 LWAPP is in a UDP IP frame
ndash Data traffic uses source port 1024 and destination 12222
ndash Control traffic uses source port 1024 and destination port 12223
bullCisco Controller and AP can be connected to the same VLANsubnet or connected to a different VLANsubnet
bullRequires IP addressing of Cisco Lightweight AP
LWAPP-L3
Lightweight Access Points
Cisco WLAN Controller
LWAPP-L3
LW
AP
P-L
3
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L3 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L3 Control Message
Control Elts hellip
IP UDP=12222
IP UDP=12223
The need for Client Mobilitybull Wireless LAN is not only about
wire-lessbull Need for mobility and not only
ldquohotspotrdquo connectivitybull Mobility is when a client move
from one Access Point to an other
bull Access points can be on a single Controller or on different Controller
bull Client need to keep IP connectivity (same IP address)
bull Client Mobility is mandatory for some applications (Voice Video Business Applications hellip)
Controller 1 Controller 2
AP A AP B AP C AP D
Subnet A Subnet B
Client Mobility
bull Different Client Mobility levels L2 Mobility L3 Mobility Conceptually similar to Proxy
Mobile IPndash Foreign and Anchor Controllers
ndash Asymmetric traffic flow
bull What about Security PKC ndash Proactive Key Caching
WPA2 80211i Fast Roaming
Mobility Groups
Controller-CMAC AAAAAAAAAA03
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-B AAAAAAAAAA02
Controller-BMAC AAAAAAAAAA02
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-C AAAAAAAAAA03
Controller-AMAC AAAAAAAAAA01
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-B AAAAAAAAAA02Controller-C AAAAAAAAAA03
Ethernet Over IP
Tunnel
Ethernet Over IP Tunnel
Eth
ern
et Ove
r IP T
un
nel
bull Mobility Group is a ldquoCluster of Controllersrdquo that share information between them (eg client context and state controller ldquoloadrdquo etc)
bull Up to 24 Controllers per Mobility Group
bull Mobility Group facilitates seamless roaming at both L2 amp L3
bull Configuring a Mobility Group
IP connectivity between all devices
Same Mobility Group Name (IS case sensitive)
Same Virtual Interface IP address
Each device is configured with the MAC and IP of every other device in the group
Layer 2 Mobility
bullAll controllers in same Mobility GroupbullClient connects to AP A on Controller 1
ndash Client database entry created
bullClient roams to AP B on Controller 1ndash Proactive Key Caching (PKC) provides fast
roam times for WPA280211i clients No need to re-authenticate to Radius server
bullClient roams from AP B (Controller 1) to AP C (Controller 2)
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry moved to Controller 2
bull PMK data included (master key data from Radius server)
ndash Proactive Key Caching provides fast roam times for WPA280211i clients No need to re-authenticate to Radius server
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN AP QoS IP Sechellip
MobilityAnnouncement
bull Roam is transparent to clientbull Same DHCP address maintainedbull Proactive Key Caching with WPA280211i
(Funk or MS client)
move
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
System Layers
Basic LWAPP Architecture
AC
WTP
STA
80211AssocReq
80211Data Frame
80211AssocReq
LWAPP(C=0)
80211Data Frame
LWAPP(C=0)
80211AssocResp
80211AssocResp
LWAPP(C=0)
Unified Wireless Network
ndashUnified cellular and Wi-Fi VoIP Advanced threat detection identity networking location-based security asset tracking and guest access
Unified Advanced Services
ndashSame level of security scalability reliability ease of deployment and management for wireless LANs as wired LANs
World-Class Network Management
bullIntegration into all major switching and routing platforms Secure innovative WLAN controllers
Network Unification
Mobility Platform
bullUbiquitous network access in all environments Enhanced productivity Proven platform with large install base and 61 market share Plug and play
bull90 of Wi-Fi silicon is Certified ldquoOut-of-the-Boxrdquo wireless security
Client Devices
SiSi
SiSi
Centralized Wireless LAN Architecture
Lightweight Access Points
WLAN Controller
bull Controllerndash 80211 MAC Mgmt ndash (re)association
requests amp action framesndash 80211 data ndash encapsulate and sent to APndash 80211e Resource Reservation ndash control
protocol carried to AP in 80211 mgmt frames ndash signaling done in the controller
ndash 80211i Authentication amp Key exchange
bull APndash 80211 ndash beacons probe response auth
(if open)ndash 80211 control ndash packet ack amp retransmission
(latency)ndash 80211e ndash frame queuing amp packet
prioritization (real-time access)ndash 80211i ndash Layer 2 encryption
LWAPP
LWAPP
LWAPP
bullLWAPP - Light Weight Access Point Protocol is used between APs and WLAN ControllerbullLWAPP carries control and data traffic between the twondash Control plane is AES-CCM encryptedndash Data plane is not encrypted
bullIt facilitates centralized management and automated configurationbullOpen standards-based protocol (Submitted to IETF CAPWAP WG)
Access Point Controller
WiFi Client
Business Application
Control Plane
Data Plane
Protocol for Centralization
bull LWAPP = LightWeight Access Point Protocol
bull Standardized Interface between an access point and a centralized controller
bull Definesndash Association of APs
Authentication of APsControl of APs
bull Works across L2 L3 boundaries
bull Design goalsndash Zero-config deploymentndash Secure deploymentndash Centralization
Controllersbull Security Policiesbull Wireless IDSbull QoS Policiesbull RF Managementbull Mobility Managementbull IPSec Encryption
Access Points bull Remote RF interfacebull Timing critical
functionsbull L2 Encryption
LWAPP-L2
LWAPP Modes Layer 2bull Layer 2 LWAPP is in an
Ethernet frame (Ethertype 0xBBBB)
bull Cisco WLAN Controller and AP must be connected to the same VLANsubnet
Lightweight Access Points
Cisco WLAN Controller
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L2 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L2 Control Message
Control Elts hellip
LWAPP Modes Layer 3bullLayer 3 LWAPP is in a UDP IP frame
ndash Data traffic uses source port 1024 and destination 12222
ndash Control traffic uses source port 1024 and destination port 12223
bullCisco Controller and AP can be connected to the same VLANsubnet or connected to a different VLANsubnet
bullRequires IP addressing of Cisco Lightweight AP
LWAPP-L3
Lightweight Access Points
Cisco WLAN Controller
LWAPP-L3
LW
AP
P-L
3
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L3 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L3 Control Message
Control Elts hellip
IP UDP=12222
IP UDP=12223
The need for Client Mobilitybull Wireless LAN is not only about
wire-lessbull Need for mobility and not only
ldquohotspotrdquo connectivitybull Mobility is when a client move
from one Access Point to an other
bull Access points can be on a single Controller or on different Controller
bull Client need to keep IP connectivity (same IP address)
bull Client Mobility is mandatory for some applications (Voice Video Business Applications hellip)
Controller 1 Controller 2
AP A AP B AP C AP D
Subnet A Subnet B
Client Mobility
bull Different Client Mobility levels L2 Mobility L3 Mobility Conceptually similar to Proxy
Mobile IPndash Foreign and Anchor Controllers
ndash Asymmetric traffic flow
bull What about Security PKC ndash Proactive Key Caching
WPA2 80211i Fast Roaming
Mobility Groups
Controller-CMAC AAAAAAAAAA03
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-B AAAAAAAAAA02
Controller-BMAC AAAAAAAAAA02
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-C AAAAAAAAAA03
Controller-AMAC AAAAAAAAAA01
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-B AAAAAAAAAA02Controller-C AAAAAAAAAA03
Ethernet Over IP
Tunnel
Ethernet Over IP Tunnel
Eth
ern
et Ove
r IP T
un
nel
bull Mobility Group is a ldquoCluster of Controllersrdquo that share information between them (eg client context and state controller ldquoloadrdquo etc)
bull Up to 24 Controllers per Mobility Group
bull Mobility Group facilitates seamless roaming at both L2 amp L3
bull Configuring a Mobility Group
IP connectivity between all devices
Same Mobility Group Name (IS case sensitive)
Same Virtual Interface IP address
Each device is configured with the MAC and IP of every other device in the group
Layer 2 Mobility
bullAll controllers in same Mobility GroupbullClient connects to AP A on Controller 1
ndash Client database entry created
bullClient roams to AP B on Controller 1ndash Proactive Key Caching (PKC) provides fast
roam times for WPA280211i clients No need to re-authenticate to Radius server
bullClient roams from AP B (Controller 1) to AP C (Controller 2)
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry moved to Controller 2
bull PMK data included (master key data from Radius server)
ndash Proactive Key Caching provides fast roam times for WPA280211i clients No need to re-authenticate to Radius server
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN AP QoS IP Sechellip
MobilityAnnouncement
bull Roam is transparent to clientbull Same DHCP address maintainedbull Proactive Key Caching with WPA280211i
(Funk or MS client)
move
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Basic LWAPP Architecture
AC
WTP
STA
80211AssocReq
80211Data Frame
80211AssocReq
LWAPP(C=0)
80211Data Frame
LWAPP(C=0)
80211AssocResp
80211AssocResp
LWAPP(C=0)
Unified Wireless Network
ndashUnified cellular and Wi-Fi VoIP Advanced threat detection identity networking location-based security asset tracking and guest access
Unified Advanced Services
ndashSame level of security scalability reliability ease of deployment and management for wireless LANs as wired LANs
World-Class Network Management
bullIntegration into all major switching and routing platforms Secure innovative WLAN controllers
Network Unification
Mobility Platform
bullUbiquitous network access in all environments Enhanced productivity Proven platform with large install base and 61 market share Plug and play
bull90 of Wi-Fi silicon is Certified ldquoOut-of-the-Boxrdquo wireless security
Client Devices
SiSi
SiSi
Centralized Wireless LAN Architecture
Lightweight Access Points
WLAN Controller
bull Controllerndash 80211 MAC Mgmt ndash (re)association
requests amp action framesndash 80211 data ndash encapsulate and sent to APndash 80211e Resource Reservation ndash control
protocol carried to AP in 80211 mgmt frames ndash signaling done in the controller
ndash 80211i Authentication amp Key exchange
bull APndash 80211 ndash beacons probe response auth
(if open)ndash 80211 control ndash packet ack amp retransmission
(latency)ndash 80211e ndash frame queuing amp packet
prioritization (real-time access)ndash 80211i ndash Layer 2 encryption
LWAPP
LWAPP
LWAPP
bullLWAPP - Light Weight Access Point Protocol is used between APs and WLAN ControllerbullLWAPP carries control and data traffic between the twondash Control plane is AES-CCM encryptedndash Data plane is not encrypted
bullIt facilitates centralized management and automated configurationbullOpen standards-based protocol (Submitted to IETF CAPWAP WG)
Access Point Controller
WiFi Client
Business Application
Control Plane
Data Plane
Protocol for Centralization
bull LWAPP = LightWeight Access Point Protocol
bull Standardized Interface between an access point and a centralized controller
bull Definesndash Association of APs
Authentication of APsControl of APs
bull Works across L2 L3 boundaries
bull Design goalsndash Zero-config deploymentndash Secure deploymentndash Centralization
Controllersbull Security Policiesbull Wireless IDSbull QoS Policiesbull RF Managementbull Mobility Managementbull IPSec Encryption
Access Points bull Remote RF interfacebull Timing critical
functionsbull L2 Encryption
LWAPP-L2
LWAPP Modes Layer 2bull Layer 2 LWAPP is in an
Ethernet frame (Ethertype 0xBBBB)
bull Cisco WLAN Controller and AP must be connected to the same VLANsubnet
Lightweight Access Points
Cisco WLAN Controller
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L2 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L2 Control Message
Control Elts hellip
LWAPP Modes Layer 3bullLayer 3 LWAPP is in a UDP IP frame
ndash Data traffic uses source port 1024 and destination 12222
ndash Control traffic uses source port 1024 and destination port 12223
bullCisco Controller and AP can be connected to the same VLANsubnet or connected to a different VLANsubnet
bullRequires IP addressing of Cisco Lightweight AP
LWAPP-L3
Lightweight Access Points
Cisco WLAN Controller
LWAPP-L3
LW
AP
P-L
3
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L3 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L3 Control Message
Control Elts hellip
IP UDP=12222
IP UDP=12223
The need for Client Mobilitybull Wireless LAN is not only about
wire-lessbull Need for mobility and not only
ldquohotspotrdquo connectivitybull Mobility is when a client move
from one Access Point to an other
bull Access points can be on a single Controller or on different Controller
bull Client need to keep IP connectivity (same IP address)
bull Client Mobility is mandatory for some applications (Voice Video Business Applications hellip)
Controller 1 Controller 2
AP A AP B AP C AP D
Subnet A Subnet B
Client Mobility
bull Different Client Mobility levels L2 Mobility L3 Mobility Conceptually similar to Proxy
Mobile IPndash Foreign and Anchor Controllers
ndash Asymmetric traffic flow
bull What about Security PKC ndash Proactive Key Caching
WPA2 80211i Fast Roaming
Mobility Groups
Controller-CMAC AAAAAAAAAA03
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-B AAAAAAAAAA02
Controller-BMAC AAAAAAAAAA02
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-C AAAAAAAAAA03
Controller-AMAC AAAAAAAAAA01
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-B AAAAAAAAAA02Controller-C AAAAAAAAAA03
Ethernet Over IP
Tunnel
Ethernet Over IP Tunnel
Eth
ern
et Ove
r IP T
un
nel
bull Mobility Group is a ldquoCluster of Controllersrdquo that share information between them (eg client context and state controller ldquoloadrdquo etc)
bull Up to 24 Controllers per Mobility Group
bull Mobility Group facilitates seamless roaming at both L2 amp L3
bull Configuring a Mobility Group
IP connectivity between all devices
Same Mobility Group Name (IS case sensitive)
Same Virtual Interface IP address
Each device is configured with the MAC and IP of every other device in the group
Layer 2 Mobility
bullAll controllers in same Mobility GroupbullClient connects to AP A on Controller 1
ndash Client database entry created
bullClient roams to AP B on Controller 1ndash Proactive Key Caching (PKC) provides fast
roam times for WPA280211i clients No need to re-authenticate to Radius server
bullClient roams from AP B (Controller 1) to AP C (Controller 2)
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry moved to Controller 2
bull PMK data included (master key data from Radius server)
ndash Proactive Key Caching provides fast roam times for WPA280211i clients No need to re-authenticate to Radius server
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN AP QoS IP Sechellip
MobilityAnnouncement
bull Roam is transparent to clientbull Same DHCP address maintainedbull Proactive Key Caching with WPA280211i
(Funk or MS client)
move
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Unified Wireless Network
ndashUnified cellular and Wi-Fi VoIP Advanced threat detection identity networking location-based security asset tracking and guest access
Unified Advanced Services
ndashSame level of security scalability reliability ease of deployment and management for wireless LANs as wired LANs
World-Class Network Management
bullIntegration into all major switching and routing platforms Secure innovative WLAN controllers
Network Unification
Mobility Platform
bullUbiquitous network access in all environments Enhanced productivity Proven platform with large install base and 61 market share Plug and play
bull90 of Wi-Fi silicon is Certified ldquoOut-of-the-Boxrdquo wireless security
Client Devices
SiSi
SiSi
Centralized Wireless LAN Architecture
Lightweight Access Points
WLAN Controller
bull Controllerndash 80211 MAC Mgmt ndash (re)association
requests amp action framesndash 80211 data ndash encapsulate and sent to APndash 80211e Resource Reservation ndash control
protocol carried to AP in 80211 mgmt frames ndash signaling done in the controller
ndash 80211i Authentication amp Key exchange
bull APndash 80211 ndash beacons probe response auth
(if open)ndash 80211 control ndash packet ack amp retransmission
(latency)ndash 80211e ndash frame queuing amp packet
prioritization (real-time access)ndash 80211i ndash Layer 2 encryption
LWAPP
LWAPP
LWAPP
bullLWAPP - Light Weight Access Point Protocol is used between APs and WLAN ControllerbullLWAPP carries control and data traffic between the twondash Control plane is AES-CCM encryptedndash Data plane is not encrypted
bullIt facilitates centralized management and automated configurationbullOpen standards-based protocol (Submitted to IETF CAPWAP WG)
Access Point Controller
WiFi Client
Business Application
Control Plane
Data Plane
Protocol for Centralization
bull LWAPP = LightWeight Access Point Protocol
bull Standardized Interface between an access point and a centralized controller
bull Definesndash Association of APs
Authentication of APsControl of APs
bull Works across L2 L3 boundaries
bull Design goalsndash Zero-config deploymentndash Secure deploymentndash Centralization
Controllersbull Security Policiesbull Wireless IDSbull QoS Policiesbull RF Managementbull Mobility Managementbull IPSec Encryption
Access Points bull Remote RF interfacebull Timing critical
functionsbull L2 Encryption
LWAPP-L2
LWAPP Modes Layer 2bull Layer 2 LWAPP is in an
Ethernet frame (Ethertype 0xBBBB)
bull Cisco WLAN Controller and AP must be connected to the same VLANsubnet
Lightweight Access Points
Cisco WLAN Controller
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L2 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L2 Control Message
Control Elts hellip
LWAPP Modes Layer 3bullLayer 3 LWAPP is in a UDP IP frame
ndash Data traffic uses source port 1024 and destination 12222
ndash Control traffic uses source port 1024 and destination port 12223
bullCisco Controller and AP can be connected to the same VLANsubnet or connected to a different VLANsubnet
bullRequires IP addressing of Cisco Lightweight AP
LWAPP-L3
Lightweight Access Points
Cisco WLAN Controller
LWAPP-L3
LW
AP
P-L
3
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L3 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L3 Control Message
Control Elts hellip
IP UDP=12222
IP UDP=12223
The need for Client Mobilitybull Wireless LAN is not only about
wire-lessbull Need for mobility and not only
ldquohotspotrdquo connectivitybull Mobility is when a client move
from one Access Point to an other
bull Access points can be on a single Controller or on different Controller
bull Client need to keep IP connectivity (same IP address)
bull Client Mobility is mandatory for some applications (Voice Video Business Applications hellip)
Controller 1 Controller 2
AP A AP B AP C AP D
Subnet A Subnet B
Client Mobility
bull Different Client Mobility levels L2 Mobility L3 Mobility Conceptually similar to Proxy
Mobile IPndash Foreign and Anchor Controllers
ndash Asymmetric traffic flow
bull What about Security PKC ndash Proactive Key Caching
WPA2 80211i Fast Roaming
Mobility Groups
Controller-CMAC AAAAAAAAAA03
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-B AAAAAAAAAA02
Controller-BMAC AAAAAAAAAA02
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-C AAAAAAAAAA03
Controller-AMAC AAAAAAAAAA01
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-B AAAAAAAAAA02Controller-C AAAAAAAAAA03
Ethernet Over IP
Tunnel
Ethernet Over IP Tunnel
Eth
ern
et Ove
r IP T
un
nel
bull Mobility Group is a ldquoCluster of Controllersrdquo that share information between them (eg client context and state controller ldquoloadrdquo etc)
bull Up to 24 Controllers per Mobility Group
bull Mobility Group facilitates seamless roaming at both L2 amp L3
bull Configuring a Mobility Group
IP connectivity between all devices
Same Mobility Group Name (IS case sensitive)
Same Virtual Interface IP address
Each device is configured with the MAC and IP of every other device in the group
Layer 2 Mobility
bullAll controllers in same Mobility GroupbullClient connects to AP A on Controller 1
ndash Client database entry created
bullClient roams to AP B on Controller 1ndash Proactive Key Caching (PKC) provides fast
roam times for WPA280211i clients No need to re-authenticate to Radius server
bullClient roams from AP B (Controller 1) to AP C (Controller 2)
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry moved to Controller 2
bull PMK data included (master key data from Radius server)
ndash Proactive Key Caching provides fast roam times for WPA280211i clients No need to re-authenticate to Radius server
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN AP QoS IP Sechellip
MobilityAnnouncement
bull Roam is transparent to clientbull Same DHCP address maintainedbull Proactive Key Caching with WPA280211i
(Funk or MS client)
move
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Centralized Wireless LAN Architecture
Lightweight Access Points
WLAN Controller
bull Controllerndash 80211 MAC Mgmt ndash (re)association
requests amp action framesndash 80211 data ndash encapsulate and sent to APndash 80211e Resource Reservation ndash control
protocol carried to AP in 80211 mgmt frames ndash signaling done in the controller
ndash 80211i Authentication amp Key exchange
bull APndash 80211 ndash beacons probe response auth
(if open)ndash 80211 control ndash packet ack amp retransmission
(latency)ndash 80211e ndash frame queuing amp packet
prioritization (real-time access)ndash 80211i ndash Layer 2 encryption
LWAPP
LWAPP
LWAPP
bullLWAPP - Light Weight Access Point Protocol is used between APs and WLAN ControllerbullLWAPP carries control and data traffic between the twondash Control plane is AES-CCM encryptedndash Data plane is not encrypted
bullIt facilitates centralized management and automated configurationbullOpen standards-based protocol (Submitted to IETF CAPWAP WG)
Access Point Controller
WiFi Client
Business Application
Control Plane
Data Plane
Protocol for Centralization
bull LWAPP = LightWeight Access Point Protocol
bull Standardized Interface between an access point and a centralized controller
bull Definesndash Association of APs
Authentication of APsControl of APs
bull Works across L2 L3 boundaries
bull Design goalsndash Zero-config deploymentndash Secure deploymentndash Centralization
Controllersbull Security Policiesbull Wireless IDSbull QoS Policiesbull RF Managementbull Mobility Managementbull IPSec Encryption
Access Points bull Remote RF interfacebull Timing critical
functionsbull L2 Encryption
LWAPP-L2
LWAPP Modes Layer 2bull Layer 2 LWAPP is in an
Ethernet frame (Ethertype 0xBBBB)
bull Cisco WLAN Controller and AP must be connected to the same VLANsubnet
Lightweight Access Points
Cisco WLAN Controller
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L2 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L2 Control Message
Control Elts hellip
LWAPP Modes Layer 3bullLayer 3 LWAPP is in a UDP IP frame
ndash Data traffic uses source port 1024 and destination 12222
ndash Control traffic uses source port 1024 and destination port 12223
bullCisco Controller and AP can be connected to the same VLANsubnet or connected to a different VLANsubnet
bullRequires IP addressing of Cisco Lightweight AP
LWAPP-L3
Lightweight Access Points
Cisco WLAN Controller
LWAPP-L3
LW
AP
P-L
3
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L3 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L3 Control Message
Control Elts hellip
IP UDP=12222
IP UDP=12223
The need for Client Mobilitybull Wireless LAN is not only about
wire-lessbull Need for mobility and not only
ldquohotspotrdquo connectivitybull Mobility is when a client move
from one Access Point to an other
bull Access points can be on a single Controller or on different Controller
bull Client need to keep IP connectivity (same IP address)
bull Client Mobility is mandatory for some applications (Voice Video Business Applications hellip)
Controller 1 Controller 2
AP A AP B AP C AP D
Subnet A Subnet B
Client Mobility
bull Different Client Mobility levels L2 Mobility L3 Mobility Conceptually similar to Proxy
Mobile IPndash Foreign and Anchor Controllers
ndash Asymmetric traffic flow
bull What about Security PKC ndash Proactive Key Caching
WPA2 80211i Fast Roaming
Mobility Groups
Controller-CMAC AAAAAAAAAA03
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-B AAAAAAAAAA02
Controller-BMAC AAAAAAAAAA02
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-C AAAAAAAAAA03
Controller-AMAC AAAAAAAAAA01
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-B AAAAAAAAAA02Controller-C AAAAAAAAAA03
Ethernet Over IP
Tunnel
Ethernet Over IP Tunnel
Eth
ern
et Ove
r IP T
un
nel
bull Mobility Group is a ldquoCluster of Controllersrdquo that share information between them (eg client context and state controller ldquoloadrdquo etc)
bull Up to 24 Controllers per Mobility Group
bull Mobility Group facilitates seamless roaming at both L2 amp L3
bull Configuring a Mobility Group
IP connectivity between all devices
Same Mobility Group Name (IS case sensitive)
Same Virtual Interface IP address
Each device is configured with the MAC and IP of every other device in the group
Layer 2 Mobility
bullAll controllers in same Mobility GroupbullClient connects to AP A on Controller 1
ndash Client database entry created
bullClient roams to AP B on Controller 1ndash Proactive Key Caching (PKC) provides fast
roam times for WPA280211i clients No need to re-authenticate to Radius server
bullClient roams from AP B (Controller 1) to AP C (Controller 2)
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry moved to Controller 2
bull PMK data included (master key data from Radius server)
ndash Proactive Key Caching provides fast roam times for WPA280211i clients No need to re-authenticate to Radius server
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN AP QoS IP Sechellip
MobilityAnnouncement
bull Roam is transparent to clientbull Same DHCP address maintainedbull Proactive Key Caching with WPA280211i
(Funk or MS client)
move
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
LWAPP
LWAPP
bullLWAPP - Light Weight Access Point Protocol is used between APs and WLAN ControllerbullLWAPP carries control and data traffic between the twondash Control plane is AES-CCM encryptedndash Data plane is not encrypted
bullIt facilitates centralized management and automated configurationbullOpen standards-based protocol (Submitted to IETF CAPWAP WG)
Access Point Controller
WiFi Client
Business Application
Control Plane
Data Plane
Protocol for Centralization
bull LWAPP = LightWeight Access Point Protocol
bull Standardized Interface between an access point and a centralized controller
bull Definesndash Association of APs
Authentication of APsControl of APs
bull Works across L2 L3 boundaries
bull Design goalsndash Zero-config deploymentndash Secure deploymentndash Centralization
Controllersbull Security Policiesbull Wireless IDSbull QoS Policiesbull RF Managementbull Mobility Managementbull IPSec Encryption
Access Points bull Remote RF interfacebull Timing critical
functionsbull L2 Encryption
LWAPP-L2
LWAPP Modes Layer 2bull Layer 2 LWAPP is in an
Ethernet frame (Ethertype 0xBBBB)
bull Cisco WLAN Controller and AP must be connected to the same VLANsubnet
Lightweight Access Points
Cisco WLAN Controller
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L2 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L2 Control Message
Control Elts hellip
LWAPP Modes Layer 3bullLayer 3 LWAPP is in a UDP IP frame
ndash Data traffic uses source port 1024 and destination 12222
ndash Control traffic uses source port 1024 and destination port 12223
bullCisco Controller and AP can be connected to the same VLANsubnet or connected to a different VLANsubnet
bullRequires IP addressing of Cisco Lightweight AP
LWAPP-L3
Lightweight Access Points
Cisco WLAN Controller
LWAPP-L3
LW
AP
P-L
3
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L3 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L3 Control Message
Control Elts hellip
IP UDP=12222
IP UDP=12223
The need for Client Mobilitybull Wireless LAN is not only about
wire-lessbull Need for mobility and not only
ldquohotspotrdquo connectivitybull Mobility is when a client move
from one Access Point to an other
bull Access points can be on a single Controller or on different Controller
bull Client need to keep IP connectivity (same IP address)
bull Client Mobility is mandatory for some applications (Voice Video Business Applications hellip)
Controller 1 Controller 2
AP A AP B AP C AP D
Subnet A Subnet B
Client Mobility
bull Different Client Mobility levels L2 Mobility L3 Mobility Conceptually similar to Proxy
Mobile IPndash Foreign and Anchor Controllers
ndash Asymmetric traffic flow
bull What about Security PKC ndash Proactive Key Caching
WPA2 80211i Fast Roaming
Mobility Groups
Controller-CMAC AAAAAAAAAA03
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-B AAAAAAAAAA02
Controller-BMAC AAAAAAAAAA02
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-C AAAAAAAAAA03
Controller-AMAC AAAAAAAAAA01
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-B AAAAAAAAAA02Controller-C AAAAAAAAAA03
Ethernet Over IP
Tunnel
Ethernet Over IP Tunnel
Eth
ern
et Ove
r IP T
un
nel
bull Mobility Group is a ldquoCluster of Controllersrdquo that share information between them (eg client context and state controller ldquoloadrdquo etc)
bull Up to 24 Controllers per Mobility Group
bull Mobility Group facilitates seamless roaming at both L2 amp L3
bull Configuring a Mobility Group
IP connectivity between all devices
Same Mobility Group Name (IS case sensitive)
Same Virtual Interface IP address
Each device is configured with the MAC and IP of every other device in the group
Layer 2 Mobility
bullAll controllers in same Mobility GroupbullClient connects to AP A on Controller 1
ndash Client database entry created
bullClient roams to AP B on Controller 1ndash Proactive Key Caching (PKC) provides fast
roam times for WPA280211i clients No need to re-authenticate to Radius server
bullClient roams from AP B (Controller 1) to AP C (Controller 2)
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry moved to Controller 2
bull PMK data included (master key data from Radius server)
ndash Proactive Key Caching provides fast roam times for WPA280211i clients No need to re-authenticate to Radius server
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN AP QoS IP Sechellip
MobilityAnnouncement
bull Roam is transparent to clientbull Same DHCP address maintainedbull Proactive Key Caching with WPA280211i
(Funk or MS client)
move
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Protocol for Centralization
bull LWAPP = LightWeight Access Point Protocol
bull Standardized Interface between an access point and a centralized controller
bull Definesndash Association of APs
Authentication of APsControl of APs
bull Works across L2 L3 boundaries
bull Design goalsndash Zero-config deploymentndash Secure deploymentndash Centralization
Controllersbull Security Policiesbull Wireless IDSbull QoS Policiesbull RF Managementbull Mobility Managementbull IPSec Encryption
Access Points bull Remote RF interfacebull Timing critical
functionsbull L2 Encryption
LWAPP-L2
LWAPP Modes Layer 2bull Layer 2 LWAPP is in an
Ethernet frame (Ethertype 0xBBBB)
bull Cisco WLAN Controller and AP must be connected to the same VLANsubnet
Lightweight Access Points
Cisco WLAN Controller
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L2 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L2 Control Message
Control Elts hellip
LWAPP Modes Layer 3bullLayer 3 LWAPP is in a UDP IP frame
ndash Data traffic uses source port 1024 and destination 12222
ndash Control traffic uses source port 1024 and destination port 12223
bullCisco Controller and AP can be connected to the same VLANsubnet or connected to a different VLANsubnet
bullRequires IP addressing of Cisco Lightweight AP
LWAPP-L3
Lightweight Access Points
Cisco WLAN Controller
LWAPP-L3
LW
AP
P-L
3
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L3 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L3 Control Message
Control Elts hellip
IP UDP=12222
IP UDP=12223
The need for Client Mobilitybull Wireless LAN is not only about
wire-lessbull Need for mobility and not only
ldquohotspotrdquo connectivitybull Mobility is when a client move
from one Access Point to an other
bull Access points can be on a single Controller or on different Controller
bull Client need to keep IP connectivity (same IP address)
bull Client Mobility is mandatory for some applications (Voice Video Business Applications hellip)
Controller 1 Controller 2
AP A AP B AP C AP D
Subnet A Subnet B
Client Mobility
bull Different Client Mobility levels L2 Mobility L3 Mobility Conceptually similar to Proxy
Mobile IPndash Foreign and Anchor Controllers
ndash Asymmetric traffic flow
bull What about Security PKC ndash Proactive Key Caching
WPA2 80211i Fast Roaming
Mobility Groups
Controller-CMAC AAAAAAAAAA03
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-B AAAAAAAAAA02
Controller-BMAC AAAAAAAAAA02
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-C AAAAAAAAAA03
Controller-AMAC AAAAAAAAAA01
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-B AAAAAAAAAA02Controller-C AAAAAAAAAA03
Ethernet Over IP
Tunnel
Ethernet Over IP Tunnel
Eth
ern
et Ove
r IP T
un
nel
bull Mobility Group is a ldquoCluster of Controllersrdquo that share information between them (eg client context and state controller ldquoloadrdquo etc)
bull Up to 24 Controllers per Mobility Group
bull Mobility Group facilitates seamless roaming at both L2 amp L3
bull Configuring a Mobility Group
IP connectivity between all devices
Same Mobility Group Name (IS case sensitive)
Same Virtual Interface IP address
Each device is configured with the MAC and IP of every other device in the group
Layer 2 Mobility
bullAll controllers in same Mobility GroupbullClient connects to AP A on Controller 1
ndash Client database entry created
bullClient roams to AP B on Controller 1ndash Proactive Key Caching (PKC) provides fast
roam times for WPA280211i clients No need to re-authenticate to Radius server
bullClient roams from AP B (Controller 1) to AP C (Controller 2)
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry moved to Controller 2
bull PMK data included (master key data from Radius server)
ndash Proactive Key Caching provides fast roam times for WPA280211i clients No need to re-authenticate to Radius server
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN AP QoS IP Sechellip
MobilityAnnouncement
bull Roam is transparent to clientbull Same DHCP address maintainedbull Proactive Key Caching with WPA280211i
(Funk or MS client)
move
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
LWAPP-L2
LWAPP Modes Layer 2bull Layer 2 LWAPP is in an
Ethernet frame (Ethertype 0xBBBB)
bull Cisco WLAN Controller and AP must be connected to the same VLANsubnet
Lightweight Access Points
Cisco WLAN Controller
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L2 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L2 Control Message
Control Elts hellip
LWAPP Modes Layer 3bullLayer 3 LWAPP is in a UDP IP frame
ndash Data traffic uses source port 1024 and destination 12222
ndash Control traffic uses source port 1024 and destination port 12223
bullCisco Controller and AP can be connected to the same VLANsubnet or connected to a different VLANsubnet
bullRequires IP addressing of Cisco Lightweight AP
LWAPP-L3
Lightweight Access Points
Cisco WLAN Controller
LWAPP-L3
LW
AP
P-L
3
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L3 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L3 Control Message
Control Elts hellip
IP UDP=12222
IP UDP=12223
The need for Client Mobilitybull Wireless LAN is not only about
wire-lessbull Need for mobility and not only
ldquohotspotrdquo connectivitybull Mobility is when a client move
from one Access Point to an other
bull Access points can be on a single Controller or on different Controller
bull Client need to keep IP connectivity (same IP address)
bull Client Mobility is mandatory for some applications (Voice Video Business Applications hellip)
Controller 1 Controller 2
AP A AP B AP C AP D
Subnet A Subnet B
Client Mobility
bull Different Client Mobility levels L2 Mobility L3 Mobility Conceptually similar to Proxy
Mobile IPndash Foreign and Anchor Controllers
ndash Asymmetric traffic flow
bull What about Security PKC ndash Proactive Key Caching
WPA2 80211i Fast Roaming
Mobility Groups
Controller-CMAC AAAAAAAAAA03
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-B AAAAAAAAAA02
Controller-BMAC AAAAAAAAAA02
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-C AAAAAAAAAA03
Controller-AMAC AAAAAAAAAA01
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-B AAAAAAAAAA02Controller-C AAAAAAAAAA03
Ethernet Over IP
Tunnel
Ethernet Over IP Tunnel
Eth
ern
et Ove
r IP T
un
nel
bull Mobility Group is a ldquoCluster of Controllersrdquo that share information between them (eg client context and state controller ldquoloadrdquo etc)
bull Up to 24 Controllers per Mobility Group
bull Mobility Group facilitates seamless roaming at both L2 amp L3
bull Configuring a Mobility Group
IP connectivity between all devices
Same Mobility Group Name (IS case sensitive)
Same Virtual Interface IP address
Each device is configured with the MAC and IP of every other device in the group
Layer 2 Mobility
bullAll controllers in same Mobility GroupbullClient connects to AP A on Controller 1
ndash Client database entry created
bullClient roams to AP B on Controller 1ndash Proactive Key Caching (PKC) provides fast
roam times for WPA280211i clients No need to re-authenticate to Radius server
bullClient roams from AP B (Controller 1) to AP C (Controller 2)
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry moved to Controller 2
bull PMK data included (master key data from Radius server)
ndash Proactive Key Caching provides fast roam times for WPA280211i clients No need to re-authenticate to Radius server
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN AP QoS IP Sechellip
MobilityAnnouncement
bull Roam is transparent to clientbull Same DHCP address maintainedbull Proactive Key Caching with WPA280211i
(Funk or MS client)
move
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
LWAPP Modes Layer 3bullLayer 3 LWAPP is in a UDP IP frame
ndash Data traffic uses source port 1024 and destination 12222
ndash Control traffic uses source port 1024 and destination port 12223
bullCisco Controller and AP can be connected to the same VLANsubnet or connected to a different VLANsubnet
bullRequires IP addressing of Cisco Lightweight AP
LWAPP-L3
Lightweight Access Points
Cisco WLAN Controller
LWAPP-L3
LW
AP
P-L
3
MAC Header LWAPP Header (C=0) Data hellip
LWAPP-L3 Data Message
MAC Header LWAPP Header (C=1) Control Msg
LWAPP-L3 Control Message
Control Elts hellip
IP UDP=12222
IP UDP=12223
The need for Client Mobilitybull Wireless LAN is not only about
wire-lessbull Need for mobility and not only
ldquohotspotrdquo connectivitybull Mobility is when a client move
from one Access Point to an other
bull Access points can be on a single Controller or on different Controller
bull Client need to keep IP connectivity (same IP address)
bull Client Mobility is mandatory for some applications (Voice Video Business Applications hellip)
Controller 1 Controller 2
AP A AP B AP C AP D
Subnet A Subnet B
Client Mobility
bull Different Client Mobility levels L2 Mobility L3 Mobility Conceptually similar to Proxy
Mobile IPndash Foreign and Anchor Controllers
ndash Asymmetric traffic flow
bull What about Security PKC ndash Proactive Key Caching
WPA2 80211i Fast Roaming
Mobility Groups
Controller-CMAC AAAAAAAAAA03
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-B AAAAAAAAAA02
Controller-BMAC AAAAAAAAAA02
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-C AAAAAAAAAA03
Controller-AMAC AAAAAAAAAA01
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-B AAAAAAAAAA02Controller-C AAAAAAAAAA03
Ethernet Over IP
Tunnel
Ethernet Over IP Tunnel
Eth
ern
et Ove
r IP T
un
nel
bull Mobility Group is a ldquoCluster of Controllersrdquo that share information between them (eg client context and state controller ldquoloadrdquo etc)
bull Up to 24 Controllers per Mobility Group
bull Mobility Group facilitates seamless roaming at both L2 amp L3
bull Configuring a Mobility Group
IP connectivity between all devices
Same Mobility Group Name (IS case sensitive)
Same Virtual Interface IP address
Each device is configured with the MAC and IP of every other device in the group
Layer 2 Mobility
bullAll controllers in same Mobility GroupbullClient connects to AP A on Controller 1
ndash Client database entry created
bullClient roams to AP B on Controller 1ndash Proactive Key Caching (PKC) provides fast
roam times for WPA280211i clients No need to re-authenticate to Radius server
bullClient roams from AP B (Controller 1) to AP C (Controller 2)
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry moved to Controller 2
bull PMK data included (master key data from Radius server)
ndash Proactive Key Caching provides fast roam times for WPA280211i clients No need to re-authenticate to Radius server
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN AP QoS IP Sechellip
MobilityAnnouncement
bull Roam is transparent to clientbull Same DHCP address maintainedbull Proactive Key Caching with WPA280211i
(Funk or MS client)
move
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
The need for Client Mobilitybull Wireless LAN is not only about
wire-lessbull Need for mobility and not only
ldquohotspotrdquo connectivitybull Mobility is when a client move
from one Access Point to an other
bull Access points can be on a single Controller or on different Controller
bull Client need to keep IP connectivity (same IP address)
bull Client Mobility is mandatory for some applications (Voice Video Business Applications hellip)
Controller 1 Controller 2
AP A AP B AP C AP D
Subnet A Subnet B
Client Mobility
bull Different Client Mobility levels L2 Mobility L3 Mobility Conceptually similar to Proxy
Mobile IPndash Foreign and Anchor Controllers
ndash Asymmetric traffic flow
bull What about Security PKC ndash Proactive Key Caching
WPA2 80211i Fast Roaming
Mobility Groups
Controller-CMAC AAAAAAAAAA03
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-B AAAAAAAAAA02
Controller-BMAC AAAAAAAAAA02
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-C AAAAAAAAAA03
Controller-AMAC AAAAAAAAAA01
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-B AAAAAAAAAA02Controller-C AAAAAAAAAA03
Ethernet Over IP
Tunnel
Ethernet Over IP Tunnel
Eth
ern
et Ove
r IP T
un
nel
bull Mobility Group is a ldquoCluster of Controllersrdquo that share information between them (eg client context and state controller ldquoloadrdquo etc)
bull Up to 24 Controllers per Mobility Group
bull Mobility Group facilitates seamless roaming at both L2 amp L3
bull Configuring a Mobility Group
IP connectivity between all devices
Same Mobility Group Name (IS case sensitive)
Same Virtual Interface IP address
Each device is configured with the MAC and IP of every other device in the group
Layer 2 Mobility
bullAll controllers in same Mobility GroupbullClient connects to AP A on Controller 1
ndash Client database entry created
bullClient roams to AP B on Controller 1ndash Proactive Key Caching (PKC) provides fast
roam times for WPA280211i clients No need to re-authenticate to Radius server
bullClient roams from AP B (Controller 1) to AP C (Controller 2)
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry moved to Controller 2
bull PMK data included (master key data from Radius server)
ndash Proactive Key Caching provides fast roam times for WPA280211i clients No need to re-authenticate to Radius server
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN AP QoS IP Sechellip
MobilityAnnouncement
bull Roam is transparent to clientbull Same DHCP address maintainedbull Proactive Key Caching with WPA280211i
(Funk or MS client)
move
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Client Mobility
bull Different Client Mobility levels L2 Mobility L3 Mobility Conceptually similar to Proxy
Mobile IPndash Foreign and Anchor Controllers
ndash Asymmetric traffic flow
bull What about Security PKC ndash Proactive Key Caching
WPA2 80211i Fast Roaming
Mobility Groups
Controller-CMAC AAAAAAAAAA03
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-B AAAAAAAAAA02
Controller-BMAC AAAAAAAAAA02
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-C AAAAAAAAAA03
Controller-AMAC AAAAAAAAAA01
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-B AAAAAAAAAA02Controller-C AAAAAAAAAA03
Ethernet Over IP
Tunnel
Ethernet Over IP Tunnel
Eth
ern
et Ove
r IP T
un
nel
bull Mobility Group is a ldquoCluster of Controllersrdquo that share information between them (eg client context and state controller ldquoloadrdquo etc)
bull Up to 24 Controllers per Mobility Group
bull Mobility Group facilitates seamless roaming at both L2 amp L3
bull Configuring a Mobility Group
IP connectivity between all devices
Same Mobility Group Name (IS case sensitive)
Same Virtual Interface IP address
Each device is configured with the MAC and IP of every other device in the group
Layer 2 Mobility
bullAll controllers in same Mobility GroupbullClient connects to AP A on Controller 1
ndash Client database entry created
bullClient roams to AP B on Controller 1ndash Proactive Key Caching (PKC) provides fast
roam times for WPA280211i clients No need to re-authenticate to Radius server
bullClient roams from AP B (Controller 1) to AP C (Controller 2)
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry moved to Controller 2
bull PMK data included (master key data from Radius server)
ndash Proactive Key Caching provides fast roam times for WPA280211i clients No need to re-authenticate to Radius server
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN AP QoS IP Sechellip
MobilityAnnouncement
bull Roam is transparent to clientbull Same DHCP address maintainedbull Proactive Key Caching with WPA280211i
(Funk or MS client)
move
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Mobility Groups
Controller-CMAC AAAAAAAAAA03
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-B AAAAAAAAAA02
Controller-BMAC AAAAAAAAAA02
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-A AAAAAAAAAA01Controller-C AAAAAAAAAA03
Controller-AMAC AAAAAAAAAA01
Mobility Group Name MyMobilityGroup
Mobility Group NeighborsController-B AAAAAAAAAA02Controller-C AAAAAAAAAA03
Ethernet Over IP
Tunnel
Ethernet Over IP Tunnel
Eth
ern
et Ove
r IP T
un
nel
bull Mobility Group is a ldquoCluster of Controllersrdquo that share information between them (eg client context and state controller ldquoloadrdquo etc)
bull Up to 24 Controllers per Mobility Group
bull Mobility Group facilitates seamless roaming at both L2 amp L3
bull Configuring a Mobility Group
IP connectivity between all devices
Same Mobility Group Name (IS case sensitive)
Same Virtual Interface IP address
Each device is configured with the MAC and IP of every other device in the group
Layer 2 Mobility
bullAll controllers in same Mobility GroupbullClient connects to AP A on Controller 1
ndash Client database entry created
bullClient roams to AP B on Controller 1ndash Proactive Key Caching (PKC) provides fast
roam times for WPA280211i clients No need to re-authenticate to Radius server
bullClient roams from AP B (Controller 1) to AP C (Controller 2)
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry moved to Controller 2
bull PMK data included (master key data from Radius server)
ndash Proactive Key Caching provides fast roam times for WPA280211i clients No need to re-authenticate to Radius server
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN AP QoS IP Sechellip
MobilityAnnouncement
bull Roam is transparent to clientbull Same DHCP address maintainedbull Proactive Key Caching with WPA280211i
(Funk or MS client)
move
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Layer 2 Mobility
bullAll controllers in same Mobility GroupbullClient connects to AP A on Controller 1
ndash Client database entry created
bullClient roams to AP B on Controller 1ndash Proactive Key Caching (PKC) provides fast
roam times for WPA280211i clients No need to re-authenticate to Radius server
bullClient roams from AP B (Controller 1) to AP C (Controller 2)
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry moved to Controller 2
bull PMK data included (master key data from Radius server)
ndash Proactive Key Caching provides fast roam times for WPA280211i clients No need to re-authenticate to Radius server
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN AP QoS IP Sechellip
MobilityAnnouncement
bull Roam is transparent to clientbull Same DHCP address maintainedbull Proactive Key Caching with WPA280211i
(Funk or MS client)
move
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Layer 3 Mobility
bull All controllers in same Mobility Groupbull Ethernet in IP Tunnels automatically
created between controllersbull Client connects to AP B on Controller 1
ndash Client database entry created as ANCHORbull Client roams to AP C on Controller 2
ndash Controller 2 makes a Mobility Announcement to peers in Mobility Group looking for Controller with client MAC
ndash Controller 1 responds handshakes ACKsndash Client database entry copied to Controller 2
bull Marked as FOREIGNbull PMK data included (master key data from
Radius server)ndash Proactive Key Caching provides fast roam
times for WPA280211i clients No need to re-authenticate to Radius server
bull Client roams to AP on 3rd Controllerndash Same as above except FOREIGN client DB
entry moved from previous Foreign Controller
Controller 1 Controller 2
AP A AP B AP C AP D
Client Database
MAC WLAN IP Sec ANCHORhellip
Client Database
MAC WLAN IP Sec FOREIGNhellip
bull Roam is transparent to clientbull Traffic from client to network exits at Foreign Controllerbull Traffic to client tunneled from Anchor to Foreign Controllerbull Same DHCP address maintainedbull Proactive Key Caching with WPA80211i (Funk or MS client)
Subnet A Subnet B
MobilityAnnouncement
Ethernet in IP Tunnel
copy
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Specific Mobility Guest Accessbull The traditional approach to segmenting
guest traffic requires lsquopullingrsquo the guest VLAN through the corporate network
WLAN Controller(Policy)
Internet
LWAPPAP
CorpSSID
GuestSSID
CorpSSID
CorpIntranet
GuestSSID
8021Q
LWAPPAP
Isolated Guest Internet
CorpUserndash Many companies
canrsquot or wonrsquot do this
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Tunnel Guest Trafficbull By tunneling all guest traffic to a DMZ controller
traffic originates and terminates in the DMZ
bull Guest clients logically reside in the DMZ network
bull No changes required to existing infrastructure except adding FW rules
bull Add additional DMZ controllers for scalability
bull Each DMZ controller can handle up to 40 tunnels
Guest WLAN
Controller
CorpIntranet
WLAN Controller
GuestSSID
EoIP IP Proto 97ldquoGuest Tunnelrdquo
GuestSSID
CorpSSID
LWAPP AP
LWAPP AP
WLAN Controller
Internet
CorpSSID
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Ad-hoc networksbull Consists of mobile nodes which
communicate with each other through wireless medium without any fixed infrastructure
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Ad-hoc
On iseseadistuv votilderk kus seadmed kaumlituvad ruuteritena ning votildeivad oma asukohta ruumis muuta
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
MANET
Difficulties for routing limited connectivity due to transmission range of signal Low bandwidth Higher error rates Vulnerable to interference Power consumption No specific devices to do routing Dynamic nature - high mobility and frequent topological changes
A D
G
C
F
B
E
H
X X
X
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Mobile Ad Hoc Networksbull Meaning of the word ldquoAd hocrdquo is ldquofor thisrdquo
means ldquofor this purpose onlyrdquo implies it is a special network for a particular application
bull A mobile ad-hoc network (MANET) is a self configuring network of mobile routers (and associated hosts) connected by wireless linksmdashthe union of which form an arbitrary topology
bull The routers are free to move randomly and organize themselves arbitrarily thus the networks wireless topology may change rapidly and unpredictably
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Characteristics and tradeoffsbull Characteristics
ndash Decentralizedndash Self-organizedndash Self-deployedndash Dynamic network topology
bull Tradeoffsndash 1048708 Bandwidth limitedndash 1048708 Multi-hop router neededndash 1048708 Energy consumption problemndash 1048708 Security problem
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Adhoc Routing Protocols
Uniform routing
Proactive routing
Wireless Routing Protocol (WRP)
Destination Sequence Distance Vector (DSDV) routing protocol
Fisheye State Routing (FSR)
Distance Routing Effect Algo for Mobility (DREAM)
Location-based routing
Reactive routing
Dynamic Source Routing (DSR) protocol
Temporally-Ordered Routing Algorithm (TORA)
Adhoc On-demand Distance Vector Routing (AODV)
Location Aided Routing (LAR) Location-based routing
Associativity Based Routing (ABR) protocol
Link-stability based routing protocol
Signal Stability-base adaptive Routing (SSR)
Link-stability based routing protocol
Non-uniform routing
Zone-based routing
Zone Routing Protocol (ZRP) Hybrid routing protocol
Hybrid Adhoc Routing Protocol (HARP) Hybrid routing protocol
Zone-based Hierarchical Link State routing (ZHLS)
Hybrid routing protocol
Grid Location Service (GLS) Location service
Cluster-based routing
Clusterhead Gateway Switch Routing (CGSR)
Hierarchical State Routing (HSR)
Cluster Based Routing Protocol (CBRP)
Core-node based routing
Landmark Adhoc Routing (LANMAR) Proactive routing
Core-Extraction Distributed Adhoc Routing (CEDAR)
Proactive routing
Optimised Link State Routing protocol (OLSR)
Proactive routing
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Ad Hoc Routing Protocols
Reactive Reactive (on-demand)(on-demand)
Proactive Proactive (table-driven)(table-driven) Hybrid Hybrid
bullDSDVbullWARPbullDREAM
bullDSRbullAODVbullTORA
bullZRPbullHARP
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Residential Modem Base
StationBusiness
Modem
PortableModem
Management System Network PlanningNetwork Planning
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Rahakulu ja katteala
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Lingid
httpwwwcsumdedu~clancydocslwapp-reviewpdf
httpwwwieee802org21
httpwwwieee802org11
httpwwwietforgrfcrfc3990txt
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
Lingid
httpenwikipediaorgwikiAODV
httpenwikipediaorgwikiMobile_ad-hoc_network
httpmomentcsucsbeduAODV
httpcoreituusecoreindexphpMain_Page
- Sideseadmed (IRT0040) 25 AP
- Raadiressursi jaotus
- Infrastructure based networks
- Hidden Nodes - a QoS Issue
- PowerPoint Presentation
- Lightweight AP WLAN Concept
- Autonomous Deployments
- Centralization ndash not a new idea
- Enter the Base Station Controller
- Enter The Wireless Controller
- System Layers
- Basic LWAPP Architecture
- Unified Wireless Network
- Centralized Wireless LAN Architecture
- LWAPP
- Protocol for Centralization
- LWAPP Modes Layer 2
- LWAPP Modes Layer 3
- The need for Client Mobility
- Client Mobility
- Mobility Groups
- Layer 2 Mobility
- Layer 3 Mobility
- Specific Mobility Guest Access
- Tunnel Guest Traffic
- Ad-hoc networks
- Ad-hoc
- MANET
- Mobile Ad Hoc Networks
- Characteristics and tradeoffs
- Adhoc Routing Protocols
- Ad Hoc Routing Protocols
- Slide 33
- Rahakulu ja katteala
- Lingid
- Slide 36
-
