Login
- Released At: 12-05-2025
- Page Views:
- Downloads:
- Table of Contents
- Related Documents
-
H3C Campus Switches WLAN Feature Image
Technology White Paper
Copyright © 2023 New H3C Technologies Co., Ltd. All rights reserved.
No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of Hangzhou H3C Technologies Co., Ltd.
Except for the trademarks of New H3C Technologies Co., Ltd., any trademarks that may be mentioned in this document are the property of their respective owners.
The information in this document is subject to change without notice.
Contents
Install the WLAN feature image
Typical applications of WLAN feature image
Wireless expansion application
AC hierarchy and AD-Campus application
Overview
Background
Currently, a unified wired and wireless network is mainly constructed based on wired devices, with the wireless network acting as an extension to the wired network. For a modular switch or a fixed-port switch with expansion slots, you can install an access controller module or attach an AP to the switch in out-of-path deployment to provide wireless services. For a fixed-port switch without expansion slots, you can only attach an AC to the switch to provide wireless services.
Both the access controller module and out-of-path attachment methods use an independent AC device to provide dedicated wireless management and can form a large-scale professional wireless network. However, the use of an independent AC device has the following issues:
· High overhead costs for networking.
· High management costs—In equipment management, separate wireless and wired devices require separate management, which results in high management costs.
· Inconvenient user management—Wired users and wireless users access different devices and require separate management, which increases inconvenience and additional overhead in management.
The WLAN feature image solution for H3C campus switches can effectively solve the above problems. By installing a WLAN feature image on a modular switch or fixed-port switch with expansion slots, the switch can support wireless functions, thereby achieving the goal of supporting both wired and wireless functions on a single device.
Product features
Due to the complexity of wireless data, the industry has not developed wireless chips for processing wireless data. Traditional AC relies on powerful CPUs for complex data processing. However, CPUs on switches have limited processing power and cannot handle wired and wireless data simultaneously. The WLAN feature image resolves the performance issue from the following aspects:
· Uses local forwarding to separate wireless access and data forwarding, allowing the switch to perform only wireless access management and the APs and switching chips to forward wireless data. This reduces the computing pressure on switch CPUs.
· Supports the H3C-proprietary AC hierarchy technology. In a large-scale network, switches installed with the WLAN feature image act as the local ACs to provide wireless access, and an independent AC deployed at the uplink acts as the central AC to perform centralized control.
For more information about switches that support the WLAN feature image, see the product descriptions on the official H3C website.
Benefits
Saved capital expenditure
To provide wireless services in a traditional network, you must add access controller modules or independent ACs, which increases user's capital expenditure. WLAN feature image does not require access controllers or independent devices and does not change the existing network. It enables wired networks to provide wireless services simply by installing an image.
Increased forwarding capacity
Switches cannot identify CAPWAP tunnel packets and all wireless packets, including protocol packets and data packets, must be forwarded to the AC for processing if an independent AC or access controller module is used. The data forwarding method has unnecessary delays and is restricted by the AC forwarding capacity. If the WLAN feature image is used, the AC only manages APs, and APs forward wireless packets. The data forwarding is not limited by the AC capability.
Integrated wired and wireless
With a WLAN feature image installed, a switch can achieve wired and wireless integration and manage wired and wireless users in a unified way, facilitating network maintenance and expanding the current market space for switches.
Unified interface management
In traditional networks, switches and the installed access controller modules are displayed as different devices on the network management device even if they reside in the same chassis. Separate management is required. A switch installed with the WLAN feature image is displayed a device that supports wireless functionalities on the network management device. This achieves unified wired and wireless management.
Implementation
Working principles
The WLAN feature image is only responsible for wireless access management, including AP management and wireless user access. APs handle wireless data forwarding by converting wireless data into wired data and transmitting it to switches for processing. Wired and wireless user authentication is processed by switches in a unified way.
Wireless access management
The WLAN feature image manages wireless access in the same way as an independent AC. The core parts include AP management and wireless user access.
· AP management: Involves version update and configuration deployment.
· Wireless user access: After a wireless user connects to the AP, the AP synchronizes the user information to the AC, and the AC performs unified management of wireless user information.
Wireless data forwarding
The WLAN feature image uses the local forwarding mode. In this mode, APs convert wireless data into wired data and transmit the date the switches for processing.
Wireless user authentication
APs report data to the switches, and user authentication is triggered based on user MAC address. Wireless user authentication is performed on the switches in the same way wired user authentication is performed.
Data flow directions
As shown in Figure 1, in the typical WLAN feature image network, the switch installed with the WLAN feature image acts as the access gateway and authenticator for both wired and wireless users. The WLAN feature image is only responsible for connecting AP and wireless users, and other data forwarding processes are the same as the processes in a wired system.
Figure 1 Using a switch installed with WLAN feature image as the gateway
|
(1) Wired user control flow (includes authentication and services, sent by the switch chip to the CPU for centralized processing) |
|
(2) Wired user data flow (forwarded by the switch chip) |
|
(3) AP access management (sent by the switch chip to the WLAN feature image for processing) |
|
(4) Wireless user control flow (includes authentication and services, locally converted to wired flow and forwarded by the AP to the CPU for centralized processing) |
|
(5) Wireless user access (sent by the switch chip to the WLAN feature image for centralized processing) |
|
(6) Wireless user data flow (converted to wired flow and sent by the AP to the switch chip for further forwarding) |
Mechanism
WLAN feature image
As shown in Figure 2, the switch can provide wireless functionality with the WLAN feature image and a wireless adapter module. The WLAN feature image supports flexible configuration for version compatibility and feature use purposes.
Figure 2 Location of the WLAN feature image
Install the WLAN feature image
The WLAN feature image is carried in the switch version package. To load a WLAN feature image, make sure the image version is compatible with the switch version.
To use the WLAN feature image, first use the install activate feature command to activate the feature image. The activated image takes effect only during the current operation. For the feature image to remain activated after the device restarts, use the install commit command.
License policy
Installing the WLAN feature image on a switch does not require a license permission. However, the WLAN feature image does not support managing any APs by default. You can purchase and install licenses to increase the number of manageable APs. The WLAN feature image supports enterprise network licenses.
You can purchase licenses with different step sizes based on the products to use and AP specifications. For detailed information about license installation, see License User Guide.
AP registration
The WLAN feature image supports the following networking methods: direct connection, Layer 2 connection, and Layer 3 connection. Both direct connection and Layer 2 connection requires Layer 2 registration, and Layer 3 connection requires Layer 3 registration. This section uses zero-configuration startup of APs to describe how to register an AP on the AC through DHCP.
Layer 2 registration
1. The AP starts up without loading any configuration and obtains an IP address from the DHCP server.
2. The AP uses the CAPWAP protocol to broadcast Layer 2 Discovery requests to discover ACs.
3. Upon receiving a Discovery request, the AC decides whether to reply with a Discovery response to the AP based on the local policies and the request content.
4. After receiving a Discovery response, the AP sends a Join request to the AC to request access.
5. Upon receiving a Join request, the AC decides whether to provide services to the AP and sends a Join response.
6. The AP receives a Join response and obtains the request result based on the result code in the response. If the AP version is inconsistent from the AC version, the AC downloads the most recent software version and configuration from the AC.
7. The CAPWAP is established successfully. The AP starts to send user data packets to the AC.
Figure 3 Layer 2 registration
Layer 3 registration
1. The AP starts up without loading any configuration, and obtains IP address and the Option 43 attribute from the DHCP server. The Option 43 attribute carries the IP address of the AC.
2. The AP obtains the AC IP address from Option 43, and use the CAPWAP protocol to send a unicast Discovery request to the AC.
3. Upon receiving the Discovery request, the AC decides whether to reply with a Discovery response to the AP based on local policies and request content.
4. After receiving a Discovery response, the AP sends a Join request to the AC to request access.
5. Upon receiving a Join request, the AC decides whether to provide services to the AP and sends a Join response.
6. The AP receives a Join response and obtains the request result based on the result code in the response. If the AP version is inconsistent from the AC version, the AC downloads the most recent software version and configuration from the AC.
7. The CAPWAP is established successfully. The AP starts to send user data packets to the AC.
Figure 4 Layer 3 registration
Wireless forwarding
The basic wireless forwarding methods include centralized forwarding and local forwarding.
· In centralized forwarding, client data traffic is transmitted by APs to the AC through the CAPWAP tunnel, and the AC forwards the data traffic.
· In local forwarding, APs forward client data traffic directly.
The WLAN feature image uses the local forwarding method. The switch forwards received wireless data packets in the same way wired packets are forwarded.
Typical applications of WLAN feature image
Wireless expansion application
The wireless extension application means incorporating wireless user and data management into existing wired management without changing the wired network and applications. It is the main application scenarios of WLAN feature image.
The wireless expansion application includes the following types: independent AC networking and large-scale AC networking, which correspond to small and medium-large networks, respectively.
· As shown in Figure 5, in a small-sized network, wireless user data forwarding and authentication are processed on a switch installed with the WLAN feature image.
· As shown in Figure 6, in a large and medium-sized network, switches installed with the WLAN feature image pass wireless user data to the aggregation switch for centralized processing.
In this network model, wireless users and wired users are treated equally. Wireless data is passed through switch chips with no bottleneck in performance.
Figure 5 Independent AC networking (small network)
Figure 6 Large-scale AC networking (large and medium-sized network)
AC hierarchy application
The AC hierarchy application supports the headquarters and branch scenario. The central AC (large-scale dedicated AC) is deployed at the headquarters to perform centralized management. Switches installed with the WLAN feature image are deployed at branches as local ACs (small-sized ACs) to provide management of local APs and wireless users.
AC hierarchy application provides the following benefits:
· Centralized control: The central AC carries out centralized management, including the configuration of all APs, AP version upgrade, AP license usage, and load sharing of AP access to different local ACs. The central AC also acts as a backup for local ACs. In case of a local AC fault, the central AC can take over APs connected to the local AC.
· Distributed forwarding: Local ACs adopt distributed forwarding and handle real-time services. They are responsible for wireless user access and wireless data forwarding, which effectively sharing the performance pressure of the central AC.
In a hierarchical AC network, wireless user authentication can be performed on the central AC in a centralized way or performed on local ACs to achieve unified wired and wireless authentication.
Figure 7 Hierarchical AC networking
AC hierarchy and AD-Campus application
The AC hierarchy and AD-Campus application is a special case of the AC hierarchy model, and this document will not further elaborate on it. The AC hierarchy and AD-Campus model is similar to the AC hierarchy model, in which switches installed with the WLAN feature image participate in networking and forwarding as local ACs and leaf nodes in a VXLAN. The main feature is that wireless users can access any local ACs while maintaining the same IP address.
