02-WLAN

HomeSupportResource CenterH3C Access Controllers Command References(E5208P03 E5215P01 R5215P01)-6W10202-WLAN
08-WLAN roaming commands
Title Size Download
08-WLAN roaming commands 61.33 KB

WLAN roaming commands

authentication-mode

Use authentication-mode to set an authentication mode for IACTP control messages.

Use undo authentication-mode to restore the default.

Syntax

authentication-mode authentication-mode [ cipher | simple ] authentication-key

undo authentication-mode

Default

No authentication mode is configured for IACTP control messages. The AC does not verify the integrity of IACTP control messages.

Views

Mobility group view

Predefined user roles

network-admin

Parameters

authentication-mode: Specifies an authentication mode. Only the 128-bit MD5 authentication mode is supported.

cipher: Sets a ciphertext key.

simple: Sets a plaintext key.

authentication-key: Specifies the key string. This argument is case sensitive. The length of a plaintext key is in the range of 1 to 16, and the length of a ciphertext key is in the range of 33 to 53.

Usage guidelines

Use this command to enable an AC to verify the integrity of control messages transmitted over IACTP tunnels.

For security purposes, all keys, including plain-text keys, are saved in cipher text.

Examples

# Set the authentication mode to MD5 and set the plaintext key to 12345.

<Sysname> system-view

[Sysname] wlan mobility group aaa

[Sysname-wlan-mg-aaa] authentication-mode md5 plain 12345

display wlan mobility

Use display wlan mobility to display information about clients that have roamed to or from the AC.

Syntax

display wlan mobility { roam-in | roam-out } [ member { ip ipv4-address | ipv6 ipv6-address } ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

roam-in: Displays information about clients that have roamed from another AC.

roam-out: Displays information about clients that have roamed to another AC.

member ip ipv4-address: Specifies the IPv4 address of a member AC.

member ipv6 ipv6-address: Specifies the IPv6 address of a member AC.

Usage guidelines

If no member AC is specified, this command displays information about all clients that have roamed to and from another AC.

Examples

# Display information about all clients that have roamed to the AC.

<Sysname> display wlan mobility roam-in

Total entries: 1

MAC address     BSSID           VLAN ID  HA IP address

5250-0012-0411  cbab-abab-abab  1        192.168.0.101

# Display information about clients that have roamed to the specified member AC.

<Sysname> display wlan mobility roam-in member ip 192.168.0.101

Total entries: 1

MAC address     BSSID           VLAN ID

5250-0012-0411  cbab-abab-abab  1

# Display information about all clients that have roamed to another AC.

<Sysname> display wlan mobility roam-out

Total entries: 1

MAC address     BSSID           VLAN ID  Online time       FA IP address

5250-0012-0411  cbab-abab-abab  1        00hr 01min 39sec  192.168.0.102

# Display information about clients that have roamed from the specified member AC to another AC.

[Sysname] display wlan mobility roam-out member ip 192.168.0.102

Total entries: 1

MAC address     BSSID           VLAN ID  Online time

5250-0012-0411  cbab-abab-abab  1        00hr 03min 02sec

Table 1 Command output

Field

Description

MAC address

MAC address of the client.

BSSID

BSSID of the AP with which the client is associated.

VLAN ID

VLAN ID of the client.

Online time

Online time of the client.

 

display wlan mobility group

Use display wlan mobility group to display mobility group information.

Syntax

display wlan mobility group

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# Display mobility group information.

<Sysname> display wlan mobility group

Mobility group name: office

 Tunnel type: IPv4

 Source IPv4: 172.16.220.101

 Source IPv6: Not configured

 Authentication method: Not configured

 Mobility group status: Enabled

 Member entries: 2

 IP address                              State          Online time

 172.16.220.102                          Down           00hr 00min 00sec

 172.16.220.105                          Up             00hr 36min 27sec

Table 2 Command output

Field

Description

Tunnel type

IACTP tunnel type for the mobility group:

·     IPv4.

·     IPv6.

Authentication method

Authentication method used for the mobility group.

Mobility group status

Mobility group status:

·     Enabled.

·     Disabled.

IP address

IP address of the member AC.

State

IACTP tunnel state:

·     Up.

·     Down.

Online time

Online time of the member AC.

 

display wlan mobility roam-track mac-address

Use display wlan mobility roam-track mac-address to display roaming information for a client on the home AC.

Syntax

display wlan mobility roam-track mac-address mac-address

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

mac-address mac-address: Specifies a client by its MAC address.

Examples

# Display roaming information for the specified client on the home AC. The most recent roam-track information is displayed the first.

<Sysname> display wlan mobility roam-track mac-address 5250-0012-0411

Total entries: 2

BSSID           Created at           Online time       AC IP address  RID  AP name

3ce5-a68d-2280  2017-03-14 11:12:28  00hr 48min 46sec  192.168.0.2    2    ap1

0026-3e08-1150  2017-03-14 11:12:05  00hr 40min 46sec  127.0.0.1      2    ap2

Table 3 Command output

Field

Description

BSSID

BSSID of the AP with which the client is associated.

Created at

Time when a roam-track entry was created for the client.

Online time

Online time of the client.

AC IP address

IP address of the AC with which the client is associated. This field displays 127.0.0.1 if the client is associated with the home AC.

RID

ID of the radio with which the client is associated.

AP name

Name of the AP with which the client is associated.

 

group enable

Use group enable to enable a mobility group.

Use undo group enable to restore the default.

Syntax

group enable

undo group enable

Default

A mobility group is disabled.

Views

Mobility group view

Predefined user roles

network-admin

Usage guidelines

This feature enables the AC to establish IACTP tunnels and synchronize roaming entries with member ACs.

If you disable a mobility group on the AC, the AC shuts down all IACTP tunnels established with all member ACs and deletes the roaming entries.

Examples

# Enable mobility group floor1.

<Sysname> system-view

[Sysname] wlan mobility group floor1

[Sysname-wlan-mg-floor1] tunnel-type ipv4

[Sysname-wlan-mg-floor1] source ip 192.168.0.1

[Sysname-wlan-mg-floor1] member ip 192.168.0.2

[Sysname-wlan-mg-floor1] group enable

Related commands

·     member

·     source

·     tunnel-type

·     wlan mobility group

member

Use member to add a mobility group member.

Use undo member to delete a mobility group member.

Syntax

member { ip ip-address | ipv6 ipv6-address }

undo member [ ip ip-address | ipv6 ipv6-address ]

Default

There is not any member ACs in a mobility group.

Views

Mobility group view

Predefined user roles

network-admin

Parameters

ip ip-address: Specifies an AC by its IPv4 address.

ipv6 ipv6-address: Specifies an AC by its IPv6 address.

Usage guidelines

Make sure the mobility group is disabled before you use either command.

Members in a mobility group are identified by their IP addresses used to establish IACTP tunnels.

You can add both IPv4 and IPv6 members to a mobility group. Only members whose IP address type is the same as the IP address type of IACTP tunnels take effect.

An AC can belong to only one mobility group.

You can add a maximum of 31 IPv4 members and 31 IPv6 members to a mobility group.

If you do not specify an IP address when you use the undo command, this command deletes all member ACs in the mobility group.

Examples

# Add a mobility group member.

<Sysname> system-view

[Sysname] wlan mobility group abc

[Sysname-wlan-mg-abc] member ip 192.168.1.55

snmp-agent trap enable wlan mobility

Use snmp-agent trap enable wlan mobility to enable SNMP notifications for WLAN roaming.

Use undo snmp-agent trap enable wlan mobility to disable SNMP notifications for WLAN roaming.

Syntax

snmp-agent trap enable wlan mobility

undo snmp-agent trap enable wlan mobility

Default

SNMP notifications are disabled for WLAN roaming.

Views

System view

Predefined user roles

network-admin

Usage guidelines

To report critical WLAN roaming events to an NMS, enable SNMP notifications for WLAN roaming. For WLAN roaming event notifications to be sent correctly, you must also configure SNMP as described in Network Management and Monitoring Configuration Guide.

Examples

# Enable SNMP notifications for WLAN roaming.

<Sysname> system-view

[Sysname] snmp-agent trap enable wlan mobility

source

Use source to specify the source IP address for establishing IACTP tunnels.

Use undo source to delete the source IP address for establishing IACTP tunnels.

Syntax

source { ip ip-address | ipv6 ipv6-address }

undo source [ ip | ipv6 ]

Default

No source IP address is configured for establishing IACTP tunnels.

Views

Mobility group view

Predefined user roles

network-admin

Parameters

ip ipv4-address: Specifies a source IPv4 address.

ipv6 ipv6-address: Specifies a source IPv6 address.

Usage guidelines

An AC uses its source IP address to establish IACTP tunnels with member ACs.

When you specify the source IP address for establishing IACTP tunnels, follow these restrictions and guidelines:

·     Make sure the mobility group is disabled before you specify the source IP address for establishing IACTP tunnels.

·     You can specify one IPv4 address, one IPv6 address, or both, but only the IP address type that is the same as the IP address type for IACTP tunnels takes effect.

·     If you do not specify an IP address when you use the undo command, this command deletes all source IP addresses.

Examples

# Specify a source IPv4 address for establishing IACTP tunnels.

<Sysname> system-view

[Sysname] wlan mobility group abc

[Sysname-wlan-mg-abc] source ip 192.168.1.55

Related commands

·     group enable

·     member

tunnel-type

Use tunnel-type to specify the IP address type for IACTP tunnels.

Use undo tunnel-type to restore the default.

Syntax

tunnel-type { ipv4 | ipv6 }

undo tunnel-type

Default

The IP address type for IACTP tunnels is IPv4.

Views

Mobility group view

Predefined user roles

network-admin

Parameters

ipv4: Specifies the IPv4 address type.

ipv6: Specifies the IPv6 address type.

Usage guidelines

You cannot specify both the IPv4 and IPv6 address types for IACTP tunnels in a mobility group.

Disable the mobility group before you execute either command.

Examples

# Specify the IP address type as IPv6 for IACTP tunnels in mobility group aaa.

<Sysname> system-view

[Sysname] wlan mobility group aaa

[Sysname-wlan-mg-aaa] tunnel-type ipv6

wlan mobility group

Use wlan mobility group to create a mobility group and enter mobility group view.

Use undo wlan mobility group to delete a mobility group.

Syntax

wlan mobility group group-name

undo wlan mobility group group-name

Default

No mobility group exists.

Views

System view

Predefined user roles

network-admin

Parameters

group-name: Specifies a mobility group by its name, a case-sensitive string of 1 to 15 characters that do not contain spaces.

Usage guidelines

Mobility groups configured on member ACs must have the same name.

You can create only one mobility group on an AC.

Examples

# Create a mobility group named office and enter mobility group view.

<Sysname> system-view

[Sysname] wlan mobility group office

[Sysname-wlan-mg-office]

wlan mobility-group-isolation enable

Use wlan mobility-group-isolation enable to enable tunnel isolation for mobility groups.

Use undo wlan mobility-group-isolation enable to disable tunnel isolation for mobility groups.

Syntax

wlan mobility-group-isolation enable

undo wlan mobility-group-isolation enable

Default

Tunnel isolation is enabled for mobility groups.

Views

System view

Predefined user roles

network-admin

Usage guidelines

This command is required when loops exist among ACs in a mobility group. It prevents ACs from forwarding packets between tunnels in the mobility group and avoids broadcast storm.

Examples

# Enable tunnel isolation for mobility groups.

<Sysname> system-view

[Sysname] wlan mobility-group-isolation enable