Cisco CCNP SWITCH Controller-Based WLAN Solution



The controller-based architecture splits the processing of the 802.11 protocol between the AP and a centralized Cisco WLC.

The AP handles the portions of the protocol that have real-time requirements:

Frame exchange of a handshake between a client and AP when transferring a frame over the air

Transmission of beacon frames

Forwarding notification of received probe requests to the controller

Buffering and transmission of frames for clients in a power save operation

Providing real-time signal quality information to the controller with every received frame

Response to probe request frames from clients

Monitoring each radio channel for noise, interference, and the presence of other WLANs

Monitoring for the presence of other APs

The Cisco WLC handles portions of the protocol where time sensitivity is not a concern and controller-wide visibility is required.

802.11 authentication

802.11 association and re-association (mobility)

802.11 frame translation and bridging

Cisco CCNP SWITCH Traffic Flow Between Wireless Clients -Controller-Based WLAN Solution


The traffic between wireless clients flows via the wireless LAN controller.

Traffic between two wireless mobile stations is forwarded from the APs to the controller and then is sent to the mobile destination.



Hybrid Remote Edge Access Points (H-REAPs) are controller-based APs that operate in a specific mode.  A standard controller-based AP always needs connectivity to its controller. When this connectivity is lost, the AP stops offering wireless services and starts looking for a controller. It will restore wireless services only when it regains connectivity to its controller. The purpose of H-REAPs is to continue to offer client connectivity when the connection to the controller is lost.

It needs to reach a controller and register to it to offer wireless service. The main difference between a standard controller-based AP and the H-REAP is that the H-REAP can survive the loss of connectivity to its controller. The H-REAP then reverts to a mode that is close to autonomous APs and that still offers wireless access to its clients.

Even though the H-REAP is a controller-based solution, the switch port needs to be configured the same way as for an autonomous AP.

Cisco CCNP SWITCH Comparison of WLAN Solutions


As can be seen in the comparison table of Standalone and Controller-Based solutions, there are advantages and disadvantages to each solution.  For example, Standalone APs are configured per AP whereas Controller-Based APs are configured via the WLAN controller.

Cisco CCNP SWITCH Types of WLAN Controllers


Cisco provides for numerous options when it comes to WLAN controllers.  They are broken into two main categories, Integrated controllers and Appliance controllers.

Cisco CCNP SWITCH Standalone WLAN Solution


Standalone APs are connected to switches via trunk ports supporting PoE.  VLANs are connected via a trunk port to the standalone APs.  The native VLAN is used for management of the standalone AP.  The DHCP server listed on the slide provides IP addresses along with other information such as default-gateway for the APs and the wireless clients.

Cisco CCNP SWITCH SSIDs, VLANs, and Trunks in the Standalone Solution


The Autonomous AP is the transition point between wireless and wired sides of the network.  SSIDs are mapped to VLANs. The wireless client becomes a station within a VLAN or subnet that is connected to the AP.  It gets an IP address from a VLAN or subnet that is associated with the SSID within the AP configuration.

The AP connects to the switch through a trunk if different SSIDs and VLANs are configured.

Cisco CCNP SWITCH Controller-Based WLAN Solution


The WLAN controller is connected to trunk ports on switches.  This provides communication for both management and data VLANs. The native VLAN is not required.

The controller-based APs are connected to access ports on switches with PoE.

The AP can be in any IP subnet.

Just like an Autonomous AP, the H-REAP is connected to an 802.1Q trunk. The port native VLAN is used by the H-REAP to join its controller.

The DHCP server provides IP addresses and other necessary information for the APs and the wireless clients.

Cisco CCNP SWITCH SSIDs, VLANs, and Trunks in the Controller-Based Solution


In a controller-based solution, the WLC maps the SSID, VLAN, QoS, and IP subnet. When a client associates with an SSID on an AP, the client becomes a station within a VLAN or subnet that is connected to the WLC, and gets an IP address from the VLAN or subnet that is connected to the WLC. The IP address is mapped to the SSID that is used by the client.

All traffic arriving at the AP is encapsulated and is sent to the controller.  APs and the WLC can either be on the same or different IP subnets.  There can be Layer 3 IP connections between APs and the WLC.

Cisco CCNP SWITCH SSIDs, VLANs, and Trunks with the H-REAP


In the case of an H-REAP, some WLANs are locally switched – traffic is sent to the switch that is local to the H-REAP, and is not sent to the controller.

Some WLANs are centrally switched – data for these WLANs is encapsulated into LWAPP or CAPWAP and are sent to the controller, just like a standard controller-based AP.

The port between a switch and an H-REAP has to be configured as an 802.1Q trunk. The native VLAN is the H-REAP VLAN, which is used to communicate with the controller.

Cisco CCNP SWITCH Controller-Based AP Protocol


The diagram shows the traffic flow between a wireless client and server.

A CAPWAP or LWAPP tunnel connects the AP and the WLC.

The split-MAC architecture describes the task distribution between the AP and the controller.

The AP handles receiving and transmission of wireless frames as well as the radio interfaces and the MAC layer encryption and decryption of client data traffic.

The WLC is responsible for all QoS policies, RF management, security policies, mobility management and client association.

Cisco CCNP SWITCH WLC Ports and Protocols


The table on the slide lists numerous applications with their associated protocol and port number.  Router ACLs and firewall filters need to allow the listed traffic between controllers, APs, and management stations for the successful operation of a wireless network.

Cisco CCNP SWITCH WLAN Components


Cisco CCNP SWITCH Lightweight WLAN Controller Interfaces