Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 01-WLAN roaming commands | 207.67 KB |
Contents
display wlan mobility roam-track mac-address
bss transition-management enable
bss transition-management disassociation
display wlan sacp move-history
display wlan client rm-capabilities
mac-authentication fast-connect enable
sacp roam-optimize abnormal-802.11kv
sacp roam-optimize traffic-hold enable advanced
sacp roam-optimize bss-candidate-list
snmp-agent trap enable wlan mobility
wlan mobility-group-isolation enable
WLAN roaming commands
client cache aging-time
Use client cache aging-time to set the aging time for client roaming entries.
Use undo client cache aging-time to restore the default.
Syntax
client cache aging-time aging-time
undo client cache aging-time
Default
The aging time for client roaming entries is 180 seconds.
Views
Service template view
Predefined user roles
network-admin
Parameters
aging-time: Specifies the aging time in the range of 0 to 86400 seconds.
Usage guidelines
Setting the roaming entry aging time to 0 allows the system to delete the roaming entry of a client once the client goes offline. Fast roaming cannot be performed.
Make sure the service template is disabled before you executing this command.
Examples
# Set the aging time for client roaming entries to 180 seconds.
<Sysname> system-view
[Sysname] wlan service-template service1
[Sysname-wlan-st-service1] client cache aging-time 100
display wlan mobility roam-track mac-address
Use display wlan mobility roam-track mac-address to display roaming information for a client.
Syntax
display wlan mobility roam-track mac-address mac-address
Views
Any view
Predefined user roles
Parameters
mac-address mac-address: Specifies a client by its MAC address, in the form of H-H-H.
Usage guidelines
Roaming information is displayed in sequence. The most recent roam-track information is displayed the first.
The system can save a maximum of 128 roaming entries. To record a new entry if the maximum number has been reached, the system deletes the third oldest entry and then records the new entry.
In a network enabled with roaming relay, the AC IP address displayed in the output from this command is the IP address of the relay device.
Examples
# Display roaming information for the specified client on the HA.
<Sysname> display wlan mobility roam-track mac-address 5250-0012-0411
Total entries : 2
Current entries: 2
BSSID Created at Online time AC IP address RID AP name
3ce5-a68d-2280 2016-06-14 11:12:28 00hr 48min 46sec 192.168.0.2 2 ap1
0026-3e08-1150 2016-06-14 11:12:05 00hr 40min 46sec 127.0.0.1 2 ap2
Table 1 Command output
|
Field |
Description |
|
Total entries |
Total number of entries, including entries that have been deleted. |
|
Current entries |
Number of currently saved entries. |
|
BSSID |
BSSID of the AP with which the client is associated. |
|
Created at |
Time when a roam-track entry was created for the client. |
|
Online time |
Online time of the client. |
|
AC IP address |
IP address of the device with which the client is associated. This field displays 127.0.0.1 if the client is associated with the HA. |
|
RID |
ID of the radio with which the client is associated. |
|
AP name |
Name of the AP with which the client is associated. |
Enhanced roaming commands
bss transition-management enable
Use bss transition-management enable to enable BTM.
Use undo bss transition-management enable to disable BTM.
Syntax
bss transition-management enable
undo bss transition-management enable
Default
BTM is disabled.
Views
Service template view
Predefined user roles
network-admin
Usage guidelines
With BTM enabled, an AP responds to a BTM query from a client with a BTM request. If client anti-sticky is disabled, the AP sends an unsolicited BTM request to the client when it detects that the RSSI of the client is lower than the specified threshold to trigger BTM. After receiving the BTM request, the client determines whether to roam to another BSS.
Make sure the service template is disabled before you perform this task.
For BTM to take effect on all clients, use the bss transition-management disassociation command to enable BTM disassociation.
Examples
# Enable BTM.
<Sysname> system-view
[Sysname] wlan service-template service1
[Sysname-wlan-st-service1] bss transition-management enable
Related commands
bss transition-management disassociation
sacp anti-sticky
bss transition-management disassociation
Use bss transition-management disassociation to enable BTM disassociation.
Use undo bss transition-management disassociation to disable BTM disassociation.
Syntax
bss transition-management disassociation { forced | recommended } [ timer time ]
undo bss transition-management disassociation
Default
Recommended BTM disassociation is enabled and the disassociation timeout is 90 seconds.
Views
Service template view
Predefined user roles
network-admin
Parameters
forced: Enables forced disassociation. An AP forcibly logs off a client if that client has not disassociated with that AP when the disassociation timer expires.
recommended: Enables recommended disassociation. An AP does not forcibly log off a client if that client has not disassociated with that AP when the disassociation timer expires.
timer time: Specifies the disassociation timer in the range of 0 to 180 seconds. By default, the timer is 90 seconds. With this timer set to 0, an AP forcibly logs off a client immediately after sending a BTM request to that client if forced disassociation is enabled. If recommended disassociation is enabled, the AP does not log off a client after sending a BTM request to that client.
Usage guidelines
With BTM disassociation configured, an AP sends a BTM request to a client upon receiving a BTM query from the client and guides the client for BSS transition. With forced BTM disassociation configured, the AP forcibly logs off the client if the client fails to leave the current BSS before the disassociation timer expires.
Forced BTM disassociation will forcibly log off a client. Use this feature with caution.
For BTM disassociation to take effect, enable BTM first.
Examples
# Enable BTM disassociation and set the forced disassociation timer to 60 seconds.
<Sysname> system-view
[Sysname] wlan service-template service1
[Sysname-wlan-st-service1] bss transition-management disassociation force timer 60
Related commands
bss transition-management enable
display wlan sacp move-history
Use display wlan sacp move-history to display the client roaming history.
Syntax
display wlan sacp move-history [ mac-address mac-address ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
mac-address mac-address: Specifies the MAC address of a client. If you do not specify this option, the command displays the roaming history of all clients.
Usage guidelines
This command displays client association and disassociation history during BSS transition.
If you do not specify a client, the command displays information about all clients with the latest information coming first in the output.
This command is available only in AC+fit AP networks.
Examples
# Display the roaming history of all clients.
<Sysname> display wlan sacp move-history mac-address 78AC-C0AF-944F
Total entries: 2
Time MAC address AP name Chl RSSI Result
1/11 15:57:09 78AC-C0AF-944F S:AP2 6 20
T:AP3 11
1/11 15:57:10 A:AP3 11 40 BTM-1
--------------------------------------------------------------------------------
1/11 15:56:39 78AC-C0AF-944F S:AP1 1 19
T:AP3 1
1/11 15:56:45 A:AP2 1 42 BTM-2
# Display the roaming history of a specific client that does not support BTM.
<Sysname> display wlan sacp move-history mac-address 58AC-C0AF-EEFF
Current entries: 2
Time MAC address AP name Chl RSSI Result
1/11 10:51:09 58AC-C0AF-EEFF S:AP2 6 20
- -
1/11 10:51:16 A:AP3 11 40 DE-SA
--------------------------------------------------------------------------------
1/11 10:50:44 58AC-C0AF-EEFF S:AP1 1 19
- -
1/11 10:50:45 A:AP2 6 42 DE
Table 2 Command output
|
Field |
Description |
|
Total entries |
Total number of entries. |
|
Current entries |
Number of entries for the specified client. |
|
Time |
Time at which the entry was generated. · For BTM-capable clients: ¡ For the currently associated AP (named S:ap_name), this field displays the time at which the AP sent the first BTM request to the client. ¡ For the first associated AP (named A:ap_name), this field displays the time at which the client came online. · For BTM-incapable clients: ¡ For the currently associated AP (named S:ap_name), this field displays the time at which the AP sent the last Deauth packet to the client. ¡ For the first associated AP (named A:ap_name), this field displays the time at which the client came online. |
|
MAC address |
MAC address of the client. |
|
AP name |
AP role and AP name. · S—Source, the currently associated AP. · T—Target. ¡ For a BTM-capable client, T represents that the AP is the first one in the BSS candidate list the last time a BTM request takes effect. If no APs exist in the candidate list, this field displays -. ¡ For a BTM-incapable client, this field displays - because no target AP exists. · A—Actual, the AP from which the client came online. If the name of an AP exceeds 30 characters, the system displays only the last 27 characters with an ellipsis prefixed to the string. For example, if the AP name is cabcxyzxyzxyzabcabcabcxyzabcxyz, the system displays the name as …xyzxyzxyzabcabcabcxyzabcxyz. |
|
Chl |
Channel. · S—Current working channel. · T—Target channel. ¡ For a BTM-capable client, T represents that the channel is the first one in the recommended channel list the last time a BTM request takes effect. If no channels exist in the list, this field displays -. ¡ For a BTM-incapable client, this field displays - because no target channel exists. · A—Channel from which the client came online. |
|
RSSI |
Client RSSI. · S—Client RSSI detected by the associated AP the last time a BTM request or Deauth packet takes effect. · A—Client RSSI when the client came online. This field might display 0 if the collected client RSSI is too low. |
|
Result |
Reason why the client changed the associated BSS and the result. · For a BTM-capable client, options include: ¡ BTM-n—BTM transition succeeded. n represents that the target AP is the nth in the BSS candidate list. n is in the range of 1 to 5. ¡ BTM-NT—BTM transition succeeded. Not Target (NT) represents that the target is not in the BSS candidate list. ¡ BTM-NU—BTM transition succeeded. NULL (NU) represents that the candidate list is not provided. ¡ BTM-QU—BTM transition succeeded. QU represents that the transition was triggered by a BTM Query sent by the client. If the system has not received the RSSI reported by anti-sticky detection, the RSSI field displays -. · For a BTM-incapable client, options include: ¡ DE—DEAUTH transition succeeded. The client came online within 5 seconds after receiving the Deauth packet. ¡ DE-SA—DEAUTH transition succeeded. SlowAccess (SA) represents that it took 5 to 10 seconds for the client to come online again after receiving the Deauth packet. ¡ DE-FO—DEAUTH transition failed. ForcedOffline (FO) represents that the client came online 10 to 30 seconds after being logged off for other reasons. ¡ DE-OB—DEAUTH transition succeeded. OldBSSID (OB) represents that the client came online from the old AP within 5 seconds after receiving the Deauth packet. ¡ DE-NS—DEAUTH transition succeeded. NewSSID (NS) represents that the client came online from a new SSID within 30 seconds after receiving the Deauth packet. |
Related commands
bss transition-management enable
sacp roam-optimize bss-candidate-list enable
display wlan client rm-capabilities
Use display wlan client rm-capabilities to display radio resource measurement capabilities reported by clients.
Syntax
display wlan client rm-capabilities [ mac-address mac-address ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
mac-address mac-address: Specifies a client by its MAC address. If you do not specify this option, the command displays information about all clients.
Examples
# Display radio resource measurement capabilities of the client with a MAC address of a89c-55bc-7819.
<Sysname> display wlan client rm-capabilities mac-address a89c-55bc-7819
Neighbor report capability : Enabled
Beacon passive measurement : Enabled
Beacon active measurement : Enabled
Beacon table measurement : Enabled
Table 3 Command output
|
Field |
Description |
|
Neighbor report capability |
Neighbor report capability: · Disabled. · Enabled. |
|
Beacon passive measurement |
Beacon passive measurement capability: · Disabled. · Enabled. |
|
Beacon active measurement |
Beacon active measurement capability: · Disabled. · Enabled. |
|
Beacon table measurement |
Beacon table measurement capability: · Disabled. · Enabled. |
ft enable
Use ft enable to enable fast BSS transition (FT).
Use undo ft enable to disable FT.
Syntax
ft enable
undo ft enable
Default
FT is disabled.
Views
Service template view
Predefined user roles
network-admin
Usage guidelines
FT minimizes the delay when a client roams from a BSS to another BSS within the same ESS. During 802.11r FT, a client needs to exchange messages with the target AP. FT provides two message exchanging methods.
Enable FT only when the service template is disabled.
If FT is enabled, you must disable WPA IE and local authentication, and make sure the CCMP cipher suite is used. To disable WPA IE, use the undo security-ie wpa command. For more information about the command, see WLAN Security Command Reference.
Examples
# Enable FT.
<Sysname> system-view
[Sysname] wlan service-template st
[Sysname-wlan-st-st] ft enable
Related commands
security-ie
ft method
Use ft method to set the FT method.
Use undo ft method to restore the default.
Syntax
ft method { over-the-air | over-the-ds }
undo ft method
Default
The FT method is over-the-air.
Views
Service template view
Predefined user roles
network-admin
Parameters
over-the-air: Specifies over-the-air FT. This method enables clients to communicate directly with the target AP for pre-roaming authentication.
over-the-ds: Specifies over-the-DS FT. This method enables clients to communicate with the target AP through the current AP for pre-roaming authentication.
Usage guidelines
Set the FT method only when the service template is disabled.
This command takes effect only when FT is enabled.
Over-the-air FT and over-the-DS FT are applicable to scenarios that have high requirements for roaming compatibility and roaming performance, respectively. As a best practice, use the over-the-air FT method.
Roaming through over-the-DS FT alllows only roaming between APs managed by the same AC.
Examples
# Set the FT method to over-the-DS.
<Sysname> system-view
[Sysname] wlan service-template st
[Sysname-wlan-st-st] ft method over-the-ds
Related commands
ft enable
ft reassociation-timeout
Use ft reassociation-timeout to set the reassociation timeout timer.
Use undo ft reassociation-timeout to restore the default.
Syntax
ft reassociation-timeout timeout
undo ft reassociation-timeout
Default
The reassociation timeout timer is 20 seconds.
Views
Service template view
Predefined user roles
network-admin
Parameters
timeout: Specifies the reassociation timeout timer in the range of 1 to 100 seconds.
Usage guidelines
The roaming process is terminated if a client does not send any reassociation requests before the timeout timer expires.
Set the reassociation timeout timer only when the service template is disabled.
This command takes effect only when FT is enabled.
Examples
# Set the reassociation timeout timer to 30 seconds.
<Sysname> system-view
[Sysname] wlan service-template st
[Sysname-wlan-st-st] ft reassociation-timeout 30
Related commands
ft enable
mac-authentication fast-connect enable
Use mac-authentication fast-connect enable to enable fast-connect for MAC authenticated intra-AC roaming clients.
Use undo mac-authentication fast-connect enable to disable fast-connect for MAC authenticated intra-AC roaming clients.
Syntax
mac-authentication fast-connect enable
undo mac-authentication fast-connect enable
Default
Fast-connect is enabled for MAC authenticated intra-AC roaming clients.
Views
Service template view
Predefined user roles
network-admin
Usage guidelines
This command allows a MAC authentication roaming client that has been authenticated once on the AC to come online from any APs attached to the AC without re-authentication.
This feature applies only to MAC authentication wireless clients whose authentication location and association location are both on the AC.
This feature affects the displayed roaming state of inter-AC roaming clients that use MAC authentication and requires special configuration for them.
· If a client has roamed between ACs, its roaming state is N/A in the output from the display wlan client verbose command.
· If the inter-AC roaming clients belong to different VLANs, you must make sure the upstream ports of all the ACs in the same roaming group permit traffic from these VLANs to pass through.
Examples
# Enable fast-connect for MAC authenticated intra-AC roaming clients in service template service1.
<Sysname> system-view
[Sysname] wlan service-template service1
[Sysname-wlan-st-service1] mac-authentication fast-connect enable
Related commands
client-security authentication-mode
sacp anti-sticky
Use sacp anti-sticky enable to enable client anti-sticky.
Use sacp anti-sticky disable to disable client anti-sticky.
Use undo sacp anti-sticky to restore the default.
Syntax
sacp anti-sticky { disable | enable [ rssi rssi-value ] [ interval interval ] [ forced-logoff ] }
undo sacp anti-sticky
Default
In radio view, a radio uses the configuration in an AP group's radio view.
In an AP group's radio view, client anti-sticky is enabled.
Views
Radio view
AP group's radio view
Predefined user roles
network-admin
Parameters
rssi rssi-value: Specifies the RSSI threshold in the range of 5 to 100 dBm. By default, the threshold is 20 dBm.
interval interval: Specifies the detection interval in the range of 1 to 10 seconds. By default, the interval is 3 seconds.
forced-logoff: Logs off non-802.11v clients whose signal strength is lower than the RSSI threshold.
Usage guidelines
This feature enables APs to examine the signal strength of clients at the specified intervals. For an 802.11v client, its associated AP triggers a BSS transition to guide the client to a better BSS if the signal strength of the client is lower than the threshold. For a non-802.11v client, no action is performed.
Examples
# Enable client anti-sticky, set the RSSI threshold to 30, set the detection interval to 5 seconds, and enable forced logoff for radio 1 of AP ap1.
<Sysname> system-view
[Sysname] wlan ap ap1 model WA6320
[Sysname-wlan-ap-ap1] radio 1
[Sysname-wlan-ap-ap1-radio-1] sacp anti-sticky enable rssi 30 interval 5 forced-logoff
# Enable client anti-sticky, set the RSSI threshold to 30, and set the detection interval to 5 seconds for radio 1 of APs in AP group 1.
<Sysname> system-view
[Sysname] wlan ap-group 1
[Sysname-wlan-ap-group-1] ap-model WA6320
[Sysname-wlan-ap-group-1-ap-model-WA6320] radio 1
[Sysname-wlan-ap-group-1-ap-model-WA6320-radio-1] sacp anti-sticky enable rssi 30 interval 5
Related commands
bss transition-management
sacp anti-sticky acl
Use sacp anti-sticky acl to configure ACL-based client anti-sticky.
Use sacp anti-sticky acl remove to remove the ACL-based client anti-sticky configuration.
Use undo sacp anti-sticky acl to restore the default.
Syntax
In radio view:
sacp anti-sticky acl { acl-number rssi rssi-value | remove }
undo sacp anti-sticky acl
In an AP group's radio view:
sacp anti-sticky acl acl-number [ rssi rssi-value ]
undo sacp anti-sticky acl
Default
In radio view, a radio uses the configuration in AP group view.
In an AP group's radio view, ACL-based client anti-sticky is not configured.
Views
Radio view
AP group's radio view
Predefined user roles
network-admin
Parameters
acl-number: Specifies the number of a Layer 2 ACL, in the range of 4000 to 4999.
rssi rssi-value: Specifies the RSSI threshold in the range of 5 to 100 dBm.
Usage guidelines
With client anti-sticky enabled, the system logs off a client if the signal strength of the client cannot reach the RSSI threshold. This practice might cause frequent BSS transitions and affect user experience.
To solve this issue, configure ACL-based client anti-sticky to set different RSSI thresholds for clients matching different ACL rules.
For clients that do not match any configured ACL rules, the RSSI threshold for client anti-sticky is used.
Examples
# Specify ACL 4000 for ACL-based client anti-sticky and set the RSSI threshold to 35 for radio 1 of AP ap1.
<Sysname> system-view
[Sysname] wlan ap ap1 model WA6320
[Sysname-wlan-ap-ap1] radio 1
[Sysname-wlan-ap-ap1-radio-1] sacp anti-sticky acl 4000 rssi 35
# Specify ACL 4000 for ACL-based client anti-sticky and set the RSSI threshold to 35 for radio 1 of APs in AP group apgroup2.
<Sysname> system-view
[Sysname] wlan ap-group apgroup1
[Sysname-wlan-ap-group-apgroup1] ap-model WA6320
[Sysname-wlan-ap-group-apgroup1-ap-model-WA6320] radio 1
[Sysname-wlan-ap-group-apgroup1-ap-model-WA6320-radio-1] sacp anti-sticky acl 4000 rssi 35
Related commands
sacp anti-sticky
sacp roam-optimize abnormal-802.11kv
Use sacp roam-optimize abnormal-802.11kv to configure the device to not perform 802.11kv-related operations for clients that have poor support for 802.11kv.
Use undo sacp roam-optimize abnormal-802.11kv to restore the default.
Syntax
sacp roam-optimize abnormal-802.11kv acl acl-number
undo sacp roam-optimize abnormal-802.11kv acl
Default
The device performs 802.11kv-related operations for all 802.11kv-capable clients.
Views
Service template view
Predefined user roles
network-admin
Parameters
acl-number: Specifies an ACL number, in the range of 4000 to 4999.
Usage guidelines
802.11kv enables the device to perform Beacon resource measurement and BSS switch guide for 802.11kv-capable clients for the clients to associate with an optimal BSS.
This command applies to the scenario where both clients that have good and poor support for 802.11kv exist. Clients that have good support for 802.11kv are clients that can join a better BSS through 802.11kv. Clients that have poor support for 802.11kv are clients that cannot join a better BSS through 802.11kv because of large latency or communication failure between the clients and AP.
· If you do not configure this task, the device performs 802.11kv operations for all clients, which might cause communication failure of clients that have poor support for 802.11kv.
· With this task configured, the device does not perform 802.11kv-related operations for clients that match the specified ACL. This practice not only ensures BTM disassociation of clients that have good support for 802.11kv, but also ensures network performance of clients that have poor support for 802.11kv.
This task takes effect only on clients that come online after this task is configured and online clients for which an ACL matching has never been performed. To perform this task again for an online client, you must first log off that client.
This feature takes effect only on clients associated at the AC.
Examples
# Configure the device to not perform 802.11kv-related operations for clients that match ACL 4000.
<Sysname> system-view
[Sysname] acl number 4000
[Sysname-acl-num-4000] rule permit source-mac f067-28d6-48a7 ffff-ffff-ffff
[Sysname-acl-num-4000] quit
[Sysname] wlan service-template 1
[Sysname-wlan-st-1] sacp roam-optimize abnormal-802.11kv acl 4000
sacp roam-optimize traffic-hold enable advanced
Use sacp roam-optimize traffic-hold enable advanced to enable advanced data transmission holding during roaming.
Use undo sacp roam-optimize traffic-hold enable to disable advanced data transmission holding during roaming.
Syntax
sacp roam-optimize traffic-hold enable advanced
undo sacp roam-optimize traffic-hold enable
Default
Advanced data transmission holding during roaming is disabled.
Views
Service template view
Predefined user roles
network-admin
Usage guidelines
With advanced data transmission holding during roaming enabled, the device caches the data packets and sends the cached packets to the client to reduce the packet loss when the client signal strength is lower than the RSSI threshold specified by client anti-sticky. With advanced data transmission holding during roaming disabled, the device ages out the cached packets after a period of time and will not send the packets to the client. As a best practice, enable advanced data transmission holding during roaming in the BSS roaming scenario enabled with client anti-sticky.
To make this feature take effect, enable client association at the AC and enable the AC to forward client data traffic.
This feature is not supported in an AC hierarchy network.
Examples
# Enable advanced data transmission holding during roaming.
<Sysname> system-view
[Sysname] wlan service-template 1
[Sysname-wlan-st-1] sacp roam-optimize traffic-hold enable advanced
sacp roam-optimize bss-candidate-list
Use sacp roam-optimize bss-candidate-list enable to enable an AP to obtain BSS candidate information.
Use sacp roam-optimize bss-candidate-list disable to disable an AP from obtaining BSS candidate information.
Use undo sacp roam-optimize bss-candidate-list to restore the default.
Syntax
sacp roam-optimize bss-candidate-list { disable | enable [ interval interval ] }
undo sacp roam-optimize bss-candidate-list
Default
In radio view, an AP uses the configuration in an AP group's radio view.
In an AP group's radio view, the BSS candidate obtaining feature is disabled.
Views
Radio view
AP group's radio view
Predefined user roles
network-admin
Parameters
interval interval: Specifies the interval for obtaining BSS candidate information in the range of 1 to 500 seconds. By default, the interval is 10 seconds.
Usage guidelines
This feature takes effect only on clients that come online after the feature is configured.
This feature enables an AP to send Beacon requests at specific intervals to clients that support Beacon measurement and obtain information about BSSs detected by the clients. Upon receiving such a request, a client responds with a Beacon Report frame to report BSS information.
With this feature disabled, the AP stops updating BSS candidate information and deletes all the candidates after the aging time expires.
If both this feature and BSS transition management are enabled, the system can guide clients to roam to better services based on the BSS candidate information.
To examine if a client supports beacon measurement, use the display wlan client rm-capabilities command.
Examples
# Enable the BSS candidate obtaining feature for radio 1 of AP ap1.
<Sysname> system-view
[Sysname] wlan ap ap1 model WA6320
[Sysname-wlan-ap-ap1] radio 1
[Sysname-wlan-ap-ap1-radio-1] sacp roam-optimize bss-candidate-list enable
# Enable the BSS candidate obtaining feature for radio 1 of APs in AP group apgroup1.
<Sysname> system-view
[Sysname] wlan ap-group apgroup1
[Sysname-wlan-ap-group-apgroup1] ap-model WA6320
[Sysname-wlan-ap-group-apgroup1-ap-model-WA6320] radio 1
[Sysname-wlan-ap-group-apgroup1-ap-model-WA6320-radio-1] sacp roam-optimize bss-candidate-list enable
Related commands
bss transition-management
seamless-roaming enable
Use seamless-roaming enable to enable Wi-Fi 5 seamless roaming.
Use undo seamless-roaming enable to disable Wi-Fi 5 seamless roaming.
Syntax
seamless-roaming enable
undo seamless-roaming enable
The following compatibility matrixes show the support of hardware platforms for this command:
|
Hardware series |
Model |
Product code |
Command compatibility |
|
WX1800H series |
WX1804H-PWR |
EWP-WX1804H-PWR-CN |
No |
|
WX2500H series |
WX2508H-PWR-LTE WX2510H-PWR WX2510H-F-PWR WX2540H WX2540H-F WX2560H |
EWP-WX2508H-PWR-LTE EWP-WX2510H-PWR EWP-WX2510H-F-PWR EWP-WX2540H EWP-WX2540H-F EWP-WX2560H |
Yes |
|
MAK series |
MAK204 MAK206 |
EWP-MAK204 EWP-MAK206 |
Yes |
|
WX3000H series |
WX3010H WX3010H-X-PWR WX3010H-L-PWR WX3024H WX3024H-L-PWR WX3024H-F |
EWP-WX3010H EWP-WX3010H-X-PWR EWP-WX3010H-L-PWR EWP-WX3024H EWP-WX3024H-L-PWR EWP-WX3024H-F |
Yes |
|
WX3500H series |
WX3508H WX3508H WX3510H WX3510H WX3520H WX3520H-F WX3540H WX3540H |
EWP-WX3508H EWP-WX3508H-F EWP-WX3510H EWP-WX3510H-F EWP-WX3520H EWP-WX3520H-F EWP-WX3540H EWP-WX3540H-F |
Yes |
|
WX5500E series |
WX5510E WX5540E |
EWP-WX5510E EWP-WX5540E |
Yes |
|
WX5500H series |
WX5540H WX5560H WX5580H |
EWP-WX5540H EWP-WX5560H EWP-WX5580H |
Yes |
|
Access controller modules |
LSUM1WCME0 EWPXM1WCME0 LSQM1WCMX20 LSUM1WCMX20RT LSQM1WCMX40 LSUM1WCMX40RT EWPXM2WCMD0F EWPXM1MAC0F |
LSUM1WCME0 EWPXM1WCME0 LSQM1WCMX20 LSUM1WCMX20RT LSQM1WCMX40 LSUM1WCMX40RT EWPXM2WCMD0F EWPXM1MAC0F |
Yes |
|
Hardware series |
Model |
Product code |
Command compatibility |
|
WX1800H series |
WX1804H-PWR WX1810H-PWR WX1820H WX1840H |
EWP-WX1804H-PWR EWP-WX1810H-PWR EWP-WX1820H EWP-WX1840H-GL |
No |
|
WX3800H series |
WX3820H WX3840H |
EWP-WX3820H-GL EWP-WX3840H-GL |
No |
|
WX5800H series |
WX5860H |
EWP-WX5860H-GL |
No |
Default
Wi-Fi 5 seamless roaming is disabled.
Views
Service template view
Predefined user roles
network-admin
Usage guidelines
Verify the following items before you configure Wi-Fi 5 seamless roaming:
· The service template is disabled.
· Centralized forwarding is used and the client data frame encapsulation format is 802.11.
· The AP, radio, and service template configurations for APs that provide the Wi-Fi 5 seamless roaming service are the same.
· RTS/CTS collision avoidance is not configured.
Follow these guidelines when you configure Wi-Fi 5 seamless roaming:
· Wi-Fi 5 seamless roaming is available only for APs that use software image wa4300h.ipe.
· When Wi-Fi 5 seamless roaming is enabled, traffic accounting, AC hierarchy, SSID hide, and service template-based client rate limit are not supported.
· Wi-Fi 5 seamless roaming does not take effect if the maximum number of online clients is reached on APs.
· For a client that goes offline abnormally to come online again quickly, set a short client keepalive interval (30 seconds recommended) when Wi-Fi 5 seamless roaming is enabled.
· As a best practice, set the radio mode to 802.11g if the radio uses a 2.4 G mode.
· A 2.4 G radio can be bound with only one service template if Wi-Fi 5 seamless roaming is enabled.
· To use Wi-Fi 5 seamless roaming on a 2.4 G radio, make sure the service template contains wireless encryption. If wireless encryption is not configured, severe packet loss might occur.
· Wi-Fi 5 seamless roaming might fail if a large number of concurrent roaming requests are received from online clients.
· Wi-Fi 5 seamless roaming does not support ping operations from both uplink and downlink at the same time.
· Do not bind a service template to APs and their AP groups at the same time if the template contains Wi-Fi 5 seamless roaming.
Examples
# Enable Wi-Fi 5 seamless roaming.
<Sysname> system-view
[Sysname] wlan service-template 1
[Sysname-wlan-st-1] seamless-roaming enable
Related commands
seamless-roaming switch
seamless-roaming switch
Use seamless-roaming switch to set the Wi-Fi 5 seamless roaming RSSI threshold and RSSI gap.
Use undo seamless-roaming switch to restore the default.
Syntax
seamless-roaming switch rssi-threshold value [ rssi-gap gap-value ]
undo seamless-roaming switch
The following compatibility matrixes show the support of hardware platforms for this command:
|
Hardware series |
Model |
Product code |
Command compatibility |
|
WX1800H series |
WX1804H-PWR |
EWP-WX1804H-PWR-CN |
No |
|
WX2500H series |
WX2508H-PWR-LTE WX2510H-PWR WX2510H-F-PWR WX2540H WX2540H-F WX2560H |
EWP-WX2508H-PWR-LTE EWP-WX2510H-PWR EWP-WX2510H-F-PWR EWP-WX2540H EWP-WX2540H-F EWP-WX2560H |
Yes |
|
MAK series |
MAK204 MAK206 |
EWP-MAK204 EWP-MAK206 |
Yes |
|
WX3000H series |
WX3010H WX3010H-X-PWR WX3010H-L-PWR WX3024H WX3024H-L-PWR WX3024H-F |
EWP-WX3010H EWP-WX3010H-X-PWR EWP-WX3010H-L-PWR EWP-WX3024H EWP-WX3024H-L-PWR EWP-WX3024H-F |
Yes |
|
WX3500H series |
WX3508H WX3508H WX3510H WX3510H WX3520H WX3520H-F WX3540H WX3540H |
EWP-WX3508H EWP-WX3508H-F EWP-WX3510H EWP-WX3510H-F EWP-WX3520H EWP-WX3520H-F EWP-WX3540H EWP-WX3540H-F |
Yes |
|
WX5500E series |
WX5510E WX5540E |
EWP-WX5510E EWP-WX5540E |
Yes |
|
WX5500H series |
WX5540H WX5560H WX5580H |
EWP-WX5540H EWP-WX5560H EWP-WX5580H |
Yes |
|
Access controller modules |
LSUM1WCME0 EWPXM1WCME0 LSQM1WCMX20 LSUM1WCMX20RT LSQM1WCMX40 LSUM1WCMX40RT EWPXM2WCMD0F EWPXM1MAC0F |
LSUM1WCME0 EWPXM1WCME0 LSQM1WCMX20 LSUM1WCMX20RT LSQM1WCMX40 LSUM1WCMX40RT EWPXM2WCMD0F EWPXM1MAC0F |
Yes |
|
Hardware series |
Model |
Product code |
Command compatibility |
|
WX1800H series |
WX1804H-PWR WX1810H-PWR WX1820H WX1840H |
EWP-WX1804H-PWR EWP-WX1810H-PWR EWP-WX1820H EWP-WX1840H-GL |
No |
|
WX3800H series |
WX3820H WX3840H |
EWP-WX3820H-GL EWP-WX3840H-GL |
No |
|
WX5800H series |
WX5860H |
EWP-WX5860H-GL |
No |
Default
The Wi-Fi 5 seamless roaming RSSI threshold is 50 and the RSSI gap is 20.
Views
Service template view
Predefined user roles
network-admin
Parameters
rssi-threshold value: Specifies the Wi-Fi 5 seamless roaming RSSI threshold in the range of 5 to 100.
rssi-gap gap-value: Specifies the Wi-Fi 5 seamless roaming RSSI gap in the range of 5 to 50.
Usage guidelines
When a client is associated with an AP, the other APs associated with the AC act as monitor APs to monitor the RSSI of the client. The AC notifies a monitor AP to provide wireless services for the client when the following conditions are met:
· The RSSI of the client frames that the monitor AP has received reaches or exceeds the RSSI threshold.
· The gap between the RSSIs of the client frames that the monitor AP has received and the currently associated AP has received reaches or exceeds the threshold.
Examples
# Set the Wi-Fi 5 seamless roaming RSSI threshold and the RSSI gap to 60 and 30, respectively.
<Sysname> system-view
[Sysname] wlan service-template 1
[Sysname-wlan-st-1] seamless-roaming switch rssi-threshold 60 rssi-gap 30
Related commands
seamless-roaming enable
WLAN roaming commands
The AP models and serial numbers in this document are used only as examples. Support for AP models and serial numbers depends on the AC model.
authentication-mode
Use authentication-mode to set an authentication mode for IADTP control messages.
Use undo authentication-mode to restore the default.
Syntax
authentication-mode authentication-mode { cipher | simple } string
Default
The device does not verify the integrity of IADTP control messages.
Views
Mobility group view
Predefined user roles
Parameters
authentication-mode: Specifies an authentication mode. Only the 128-bit MD5 authentication mode is supported.
cipher: Specifies a key in encrypted form.
simple: Specifies a key in plaintext form. For security purposes, the key specified in plaintext form will be stored in encrypted form.
string: Specifies the key. Its plaintext form is a case-sensitive string of 1 to 16 characters. Its encrypted form is a case-sensitive string of 33 to 53 characters.
Usage guidelines
Use this command to enable the device to verify the integrity of control messages transmitted over IADTP tunnels.
Examples
# Set the authentication mode to MD5 and set the plaintext key to 12345.
[Sysname] wlan mobility group aaa
[Sysname-wlan-mg-aaa] authentication-mode md5 plain 12345
data-tunnel disable
Use data-tunnel disable to disable IADTP data tunnels.
Use undo data-tunnel disable to enable IADTP data tunnels.
Syntax
data-tunnel disable
undo data-tunnel disable
Default
IADTP data tunnels are enabled.
Views
Mobility group view
Predefined user roles
network-admin
Usage guidelines
|
|
CAUTION: To avoid data loss, do not disable IADTP data tunnels if no service ports are specified on the device for client VLANs. |
This feature enables a device to forward client traffic directly out of client VLANs' service ports, instead of through the IADTP data tunnel. This reduces the device's workload caused by processing broadcast packets received from IADTP data tunnels and saves resources used for maintaining the tunnels.
You must enable or disable IADTP tunnels on all devices in a mobility group.
You can configure this feature only when the mobility group is disabled.
Examples
# Disable IADTP data tunnels.
<Sysname> system-view
[Sysname] wlan mobility group group1
[Sysname-wlan-mg-group1] data-tunnel disable
Related commands
wlan mobility group
display wlan mobility
Use display wlan mobility to display information about clients that have roamed to or from the device.
Syntax
display wlan mobility { roam-in | roam-out } [ member { ip ipv4-address | ipv6 ipv6-address } ]
Views
Any view
Predefined user roles
Parameters
roam-in: Specifies clients that have roamed from another device to the current device.
roam-out: Specifies clients that have roamed to another device.
member ip ipv4-address: Specifies the IPv4 address of a member device.
member ipv6 ipv6-address: Specifies the IPv6 address of a member device.
Usage guidelines
If no member device is specified, this command displays information about all clients that have roamed to and from another device.
Examples
# Display information about all clients that have roamed to the device.
<Sysname> display wlan mobility roam-in
Total entries: 1
MAC address BSSID VLAN ID HA IP address
5250-0012-0411 cbab-abab-abab 1 192.168.0.101
# Display information about clients that have roamed to the specified member device.
<Sysname> display wlan mobility roam-in member ip 192.168.0.101
Total entries: 1
MAC address BSSID VLAN ID
5250-0012-0411 cbab-abab-abab 1
# Display information about all clients that have roamed to another device.
<Sysname> display wlan mobility roam-out
Total entries: 1
MAC address BSSID VLAN ID Online time FA IP address
5250-0012-0411 cbab-abab-abab 1 00hr 01min 39sec 192.168.0.102
# Display information about clients that have roamed from the specified member device to another device.
[Sysname] display wlan mobility roam-out member ip 192.168.0.102
Total entries: 1
MAC address BSSID VLAN ID Online time
5250-0012-0411 cbab-abab-abab 1 00hr 03min 02sec
Table 4 Command output
|
Field |
Description |
|
Total entries |
Total number of clients. |
|
MAC address |
MAC address of the client. |
|
BSSID |
BSSID of the AP with which the client is associated. |
|
VLAN ID |
VLAN ID of the client. |
|
HA IP address |
IP address of the HA. |
|
FA IP address |
IP address of the FA. |
|
Online time |
Online time of the client. |
display wlan mobility group
Use display wlan mobility group to display mobility group information.
Syntax
Views
Any view
Predefined user roles
Examples
# Display mobility group information.
<Sysname> display wlan mobility group
Mobility group name: office
Tunnel type: IPv4
Source IPv4: 172.16.220.101
Source IPv6: Not configured
Authentication method: Not configured
Auto discovery: Enabled
Mobility group status: Enabled
Member entries: 3
IP address State Online time
172.16.220.102 DOWN 00hr 00min 00sec
172.16.220.105 UP 00hr 36min 27sec
172.16.220.106 UP (A) 00hr 50min 30sec
Table 5 Command output
|
Field |
Description |
|
Tunnel type |
IADTP tunnel type for the mobility group: IPv4 or IPv6. |
|
Authentication method |
Authentication method used for the mobility group. |
|
Auto discovery |
Status of automatic group member discovery: · Enabled. · Disabled. |
|
Mobility group status: · Enabled. · Disabled. |
|
|
Member entries |
Number of member devices. |
|
IP address |
IP address of the member device. |
|
State |
IADTP tunnel state: · UP. · DOWN. The (A) suffix indicates that the device has joined the group through automatic group member discovery. |
|
Online time |
Online duration of the member device. |
Related commands
wlan mobility group
group enable
Use group enable to enable a mobility group.
Use undo group enable to disable a mobility group.
Syntax
Default
A mobility group is disabled.
Views
Mobility group view
Predefined user roles
Usage guidelines
Before enabling a mobility group, make sure you have completed the following tasks:
· Configure the source IP address of the same type as the IADTP tunnel address type.
· Specify member IP addresses of the same type as the IADTP tunnel address type, or enable automatic group member discovery.
This feature enables the device to establish IADTP tunnels and synchronize roaming entries with member devices.
If you disable a mobility group on the device, the device shuts down the IADTP tunnels established with the other member devices and deletes the roaming entries.
Examples
# Enable mobility group floor1.
[Sysname] wlan mobility group floor1
[Sysname-wlan-mg-floor1] tunnel-type ipv4
[Sysname-wlan-mg-floor1] source ip 192.168.0.1
[Sysname-wlan-mg-floor1] member ip 192.168.0.2
[Sysname-wlan-mg-floor1] group enable
Related commands
wlan mobility group
member
Use member to add a mobility group member.
Use undo member to delete a mobility group member.
Syntax
member { ip ipv4-address | ipv6 ipv6-address } [ vlan vlan-id-list ]
undo member [ ip ipv4-address | ipv6 ipv6-address ] [ vlan [ vlan-id-list ] ]
Default
No member devices exist.
Views
Mobility group view
Predefined user roles
Parameters
ip ipv4-address: Specifies a device by its IPv4 address.
ipv6 ipv6-address: Specifies a device by its IPv6 address.
vlan vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN ID or a range of VLAN IDs in the form of vlan-id1 to vlan-id2. The value range for VLAN IDs is 2 to 4094. The value for the vlan-id2 argument cannot be lower than the value for the vlan-id1 argument.
Usage guidelines
Make sure the mobility group is disabled before you use this command.
Members in a mobility group are identified by their IP addresses used to establish IADTP tunnels.
You can add both IPv4 and IPv6 members to a mobility group. Only members whose IP address type is the same as the IP address type of IADTP tunnels take effect.
A device can belong to only one mobility group.
You can add a maximum of 31 IPv4 members and 31 IPv6 members to a mobility group.
You can specify VLANs for a member device, so that other member devices in the mobility group can directly forward client data of the member device from the specified VLANs. If you do not specify VLANs for the member device, its client data cannot be directly forwarded by another member in the mobility group unless the clients roam to that member.
If a mobility group has multiple devices, make sure no loops exist among IADTP tunnels between members within the mobility group.
The undo form of this command deletes all member devices in a mobility group if you do not specify any parameters.
Examples
# Add a mobility group member.
[Sysname] wlan mobility group abc
[Sysname-wlan-mg-abc] member ip 192.168.1.55 vlan 3 10 19 22 to 30
member auto-discovery
Use member auto-discovery to enable automatic group member discovery.
Use undo member auto-discovery to disable automatic group member discovery and delete all automatically discovered member devices.
Syntax
member auto-discovery [ interval interval ]
undo member auto-discovery
Default
Automatic group member discovery is disabled.
Views
Mobility group view
Predefined user roles
network-admin
Parameters
interval: Specifies the interval at which the device broadcasts its source IP address, in the range of 10 to 3600 seconds. The default value is 60.
Usage guidelines
Before enabling this feature, execute the source command to specify the source IP address used for establishing IADTP tunnels.
This feature enables a device to automatically discover member devices in a mobility group by broadcasting its source IP address in the group. Member devices in the group that receive the IP address automatically establish IADTP tunnels with the device. The device joins the mobility group after it establishes IADTP tunnels with all the other members.
A device can belong to only one mobility group.
You can add a maximum of 31 IPv4 members and 31 IPv6 members to a mobility group.
The automatic discovery feature can add only devices in the same subnet as the source IP address.
Examples
# Enable automatic group member discovery and set the broadcast interval to 10 seconds.
<Sysname> system-view
[Sysname] wlan mobility group 1
[Sysname-wlan-mg-1] member auto-discovery interval 10
Related commands
member
source
wlan mobility group
roam-relay enable
Use roam-relay enable to enable roaming relay.
Use undo roam-relay enable to disable roaming relay.
Syntax
roam-relay enable
undo roam-relay enable
Default
Roaming relay is disabled.
Views
Mobility group view
Predefined user roles
network-admin
Usage guidelines
In a WLAN, client roaming will gradually turn the WLAN into a fully meshed network because any two devices must establish a tunnel with each other for roaming entry exchanging. In a large network, establishing and maintaining such tunnels can consume a lot of bandwidth resources, increasing network complexity and reducing availability. Roaming relay is introduced to resolve this issue.
With this feature configured, the device enabled with roaming relay acts as the relay device to establish an IADTP tunnel with each non-relay device, forming a star topology. Non-relay devices do not need to establish tunnels with each other. These non-relay devices synchronize roaming entries to the relay device and, upon a client roaming, request the client entry from the relay device the other way round.
When you configure roaming relay, follow these restrictions and guidelines:
· Make sure the mobility group is disabled before you configure this feature.
· To use roaming relay, you must enable roaming relay on a device and configure the device as the only mobility group member for the other devices in the same mobility group.
· You can enable roaming relay on only one device in a mobility group.
· If clients belong to different VLANs, make sure the tunnel interfaces on the relay device permit packets from all client VLANs.
Examples
# Enable roaming relay for mobility group group1.
<Sysname> system-view
[Sysname] wlan mobility group group1
[Sysname-wlan-mg-group1] roam-relay enable
Related commands
member
source
wlan mobility group
role
Use role to specify the role of the device in a mobility group.
Use undo role to restore the default.
Syntax
role { client | server }
undo role
Default
A member device with a higher IP address acts as the server, and a member device with a lower IP address acts as the client.
Views
Mobility group view
Predefined user roles
network-admin
Parameters
client: Specifies the client role for the device.
server: Specifies the server role for the device.
Usage guidelines
This feature applies to a scenario where a device establishes an IADTP tunnel with another device in the same mobility group across a NAT device. In this scenario, the device with a lower IP address acts as the client to initiate a connection request to the device with a higher IP address. If the device with a lower IP address resides in the public network, the IADTP tunnel cannot be established. To ensure successful establishment of the IADTP tunnel in this case, specify the device in the private network as the client to initiate the connection request.
Examples
# Configure the device to act as a client in mobility group abc.
<Sysname> system-view
[Sysname] wlan mobility group abc
[Sysname-wlan-mg-abc] role client
snmp-agent trap enable wlan mobility
Use snmp-agent trap enable wlan mobility to enable SNMP notifications for WLAN roaming.
Use undo snmp-agent trap enable wlan mobility to disable SNMP notifications for WLAN roaming.
Syntax
snmp-agent trap enable wlan mobility
undo snmp-agent trap enable wlan mobility
Default
SNMP notifications are disabled for WLAN roaming.
Views
System view
Predefined user roles
network-admin
Usage guidelines
To report critical WLAN roaming events to an NMS, enable SNMP notifications for WLAN roaming. For WLAN roaming event notifications to be sent correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see Network Management and Monitoring Configuration Guide.
Examples
# Enable SNMP notifications for WLAN roaming.
<Sysname> system-view
[Sysname] snmp-agent trap enable wlan mobility
source
Use source to specify the source IP address for establishing IADTP tunnels.
Use undo source to delete the source IP address for establishing IADTP tunnels.
Syntax
source { ip ipv4-address | ipv6 ipv6-address }
undo source [ ip | ipv6 ]
Default
No source IP address is specified for establishing IADTP tunnels.
Views
Mobility group view
Predefined user roles
Parameters
ip ipv4-address: Specifies a source IPv4 address.
ipv6 ipv6-address: Specifies a source IPv6 address.
Usage guidelines
A device uses its source IP address to establish IADTP tunnels with member devices.
When you specify the source IP address for establishing IADTP tunnels, follow these restrictions and guidelines:
· Make sure the mobility group has been disabled.
· You can specify one IPv4 address, one IPv6 address, or both, but only the IP address type that is the same as the IP address type for IADTP tunnels takes effect.
If you do not specify an IP address when you use the undo command, this command deletes all source IP addresses.
Examples
# Specify a source IPv4 address for establishing IADTP tunnels.
[Sysname] wlan mobility group abc
[Sysname-wlan-mg-abc] source ip 192.168.1.55
Related commands
tunnel-dscp
Use tunnel-dscp to set a DSCP value for IADTP keepalive packets.
Use undo tunnel-dscp to restore the default.
Syntax
tunnel-dscp dscp-value
undo tunnel-dscp
Default
The DSCP value is 0 for IADTP keepalive packets.
Views
Mobility group view
Predefined user roles
network-admin
Parameters
dscp-value: Specifies a DSCP value for IADTP keepalive packets, in the range of 0 to 63. As a best practice, set the DSCP value to 63.
Usage guidelines
The DSCP value of an IP packet specifies the priority level of the packet and affects the transmission priority of the packet. A greater DSCP value means a higher packet priority.
In a scenario where a device establishes IADTP tunnels with other devices across NAT devices, two devices use IPsec for tunnel encryption and establishment. To prevent IADTP tunnel disconnection because the device cannot receive any IADTP keepalive packets from the peer when the IADTP tunnel is busy, set the DSCP value by using this feature.
Examples
# Set the DSCP value to 63 for IADTP keepalive packets.
<Sysname> system-view
[Sysname] wlan mobility group abc
[Sysname-wlan-mg-abc] tunnel-dscp 63
tunnel-type
Use tunnel-type to specify the IP address type for IADTP tunnels.
Use undo tunnel-type to restore the default.
Syntax
tunnel-type { ipv4 | ipv6 }
Default
The IP address type for IADTP tunnels is IPv4.
Views
Mobility group view
Predefined user roles
Parameters
ipv4: Specifies the IPv4 address type.
ipv6: Specifies the IPv6 address type.
Usage guidelines
Make sure the mobility group is disabled before you execute this command.
Examples
# Specify the IP address type as IPv4 for IADTP tunnels in mobility group aaa.
[Sysname] wlan mobility group aaa
[Sysname-wlan-mg-aaa] tunnel-type ipv4
wlan mobility group
Use wlan mobility group to create a mobility group and enter its view, or enter the view of the existing mobility group.
Use undo wlan mobility group to restore the default.
Syntax
wlan mobility group group-name
undo wlan mobility group group-name
Default
No mobility group exists.
Views
System view
Predefined user roles
Parameters
group-name: Specifies a mobility group by its name, a case-insensitive string of 1 to 15 characters that do not contain spaces.
Usage guidelines
Mobility groups configured on member devices must have the same name.
You can create only one mobility group on a device.
Examples
# Create a mobility group named office and enter its view.
[Sysname] wlan mobility group office
[Sysname-wlan-mg-office]
wlan mobility-group-isolation enable
Use wlan mobility-group-isolation enable to enable tunnel isolation for mobility groups.
Use undo wlan mobility-group-isolation enable to disable tunnel isolation for mobility groups.
Syntax
wlan mobility-group-isolation enable
undo wlan mobility-group-isolation enable
Default
Tunnel isolation is enabled for mobility groups.
Views
System view
Predefined user roles
network-admin
Usage guidelines
This command is required when loops exist among devices in a mobility group. It prevents devices from forwarding packets between tunnels in the mobility group and avoids broadcast storms.
Examples
# Enable tunnel isolation for mobility groups.
<Sysname> system-view
[Sysname] wlan mobility-group-isolation enable
