Login
- Table of Contents
| Title | Size | Download |
|---|---|---|
| 01-WLAN roaming commands | 127.67 KB |
Contents
display wlan mobility roam-track mac-address
bss transition-management enable
bss transition-management disassociation
display wlan client rm-capabilities
sacp roam-optimize bss-candidate-list
snmp-agent trap enable wlan mobility
wlan mobility-group-isolation enable
1 WLAN roaming commands
client cache aging-time
Use client cache aging-time to set the aging time for client roaming entries.
Use undo client cache aging-time to restore the default.
Syntax
client cache aging-time aging-time
undo client cache aging-time
Default
The aging time for client roaming entries is 180 seconds.
Views
Service template view
Predefined user roles
network-admin
Parameters
aging-time: Specifies the aging time in the range of 0 to 86400 seconds.
Usage guidelines
Setting the roaming entry aging time to 0 allows the system to delete the roaming entry of a client once the client goes offline. Fast roaming cannot be performed.
Make sure the service template is disabled before you executing this command.
The aging time is applicable only to intra-AC roaming entries. It does not take effect on inter-AC roaming entries.
Examples
# Set the aging time for client roaming entries to 180 seconds.
<Sysname> system-view
[Sysname] wlan service-template service1
[Sysname-wlan-st-service1] client cache aging-time 100
display wlan mobility roam-track mac-address
Use display wlan mobility roam-track mac-address to display roaming information for a client.
Syntax
display wlan mobility roam-track mac-address mac-address
Views
Any view
Predefined user roles
Parameters
mac-address mac-address: Specifies a client by its MAC address, in the form of H-H-H.
Usage guidelines
Roaming information is displayed in sequence. The most recent roam-track information is displayed the first.
The system can save a maximum of 128 roaming entries. To record a new entry if the maximum number has been reached, the system deletes the third oldest entry and then records the new entry.
Examples
# Display roaming information for the specified client on the HA.
<Sysname> display wlan mobility roam-track mac-address 5250-0012-0411
Total entries: 5
Current entries: 5
BSSID Created at Online time AP IP address RID AP name
d461-fe62-21e0 2018-12-04 17:10:18 00h 00m 42s 127.0.0.1 3 fatap
d461-fe62-21c1 2018-12-04 17:08:52 00h 01m 26s 127.0.0.1 1 fatap
d461-fe62-21e0 2018-12-04 17:08:32 00h 00m 19s 127.0.0.1 3 fatap
d461-fe62-21d2 2018-12-04 17:01:52 00h 06m 41s 127.0.0.1 2 fatap
d461-fe62-21c1 2018-12-04 17:00:16 00h 01m 19s 127.0.0.1 1 fatap
Table1-1 Command output
|
Field |
Description |
|
BSSID |
BSSID of the AP with which the client is associated. |
|
Created at |
Time when a roam-track entry was created for the client. |
|
Online time |
Online time of the client. |
|
AP IP address |
IP address of the AP with which the client is associated. This field displays 127.0.0.1 if the client is associated with the HA. |
|
RID |
ID of the radio with which the client is associated. |
|
AP name |
Name of the AP with which the client is associated. |
2 Enhanced roaming commands
bss transition-management enable
Use bss transition-management enable to enable BTM.
Use undo bss transition-management enable to disable BTM.
Syntax
bss transition-management enable
undo bss transition-management enable
Default
BTM is disabled.
Views
Service template view
Predefined user roles
network-admin
Usage guidelines
With BTM enabled, an AP responds to a BTM query from a client with a BTM request. If client anti-sticky is disabled, the AP sends an unsolicited BTM request to the client when it detects that the RSSI of the client is lower than the specified threshold to trigger BTM. After receiving the BTM request, the client determines whether to roam to another BSS.
Make sure the service template is disabled before you perform this task.
For BTM to take effect on all clients, use the bss transition-management disassociation command to enable BTM disassociation.
Examples
# Enable BTM.
<Sysname> system-view
[Sysname] wlan service-template service1
[Sysname-wlan-st-service1] bss transition-management enable
Related commands
bss transition-management disassociation
sacp anti-sticky
bss transition-management disassociation
Use bss transition-management disassociation to enable BTM disassociation.
Use undo bss transition-management disassociation to disable BTM disassociation.
Syntax
bss transition-management disassociation { forced | recommended } [ timer time ]
undo bss transition-management disassociation
Default
Recommended BTM disassociation is enabled and the disassociation timeout is 90 seconds.
Views
Service template view
Predefined user roles
network-admin
Parameters
forced: Enables forced disassociation. An AP forcibly logs off a client if that client has not disassociated with that AP when the disassociation timer expires.
recommended: Enables recommended disassociation. An AP does not forcibly log off a client if that client has not disassociated with that AP when the disassociation timer expires.
timer time: Specifies the disassociation timer in the range of 0 to 180 seconds. By default, the timer is 90 seconds. With this timer set to 0, an AP forcibly logs off a client immediately after sending a BTM request to that client if forced disassociation is enabled. If recommended disassociation is enabled, the AP does not log off a client after sending a BTM request to that client.
Usage guidelines
With BTM disassociation configured, an AP sends a BTM request to a client upon receiving a BTM query from the client and guides the client for BSS transition. With forced BTM disassociation configured, the AP forcibly logs off the client if the client fails to leave the current BSS before the disassociation timer expires.
Forced BTM disassociation will forcibly log off a client. Use this feature with caution.
For BTM disassociation to take effect, enable BTM first.
Examples
# Enable BTM disassociation and set the forced disassociation timer to 60 seconds.
<Sysname> system-view
[Sysname] wlan service-template service1
[Sysname-wlan-st-service1] bss transition-management disassociation force timer 60
Related commands
bss transition-management enable
display wlan client rm-capabilities
Use display wlan client rm-capabilities to display radio resource measurement capabilities reported by clients.
Syntax
display wlan client rm-capabilities [ mac-address mac-address ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
mac-address mac-address: Specifies a client by its MAC address. If you do not specify this option, the command displays information about all clients.
Examples
# Display radio resource measurement capabilities of the client with a MAC address of a89c-55bc-7819.
<Sysname> display wlan client rm-capabilities mac-address a89c-55bc-7819
Neighbor report capability : Enabled
Beacon passive measurement : Enabled
Beacon active measurement : Enabled
Beacon table measurement : Enabled
Table2-1 Command output
|
Field |
Description |
|
Neighbor report capability |
Neighbor report capability: · Disabled. · Enabled. |
|
Beacon passive measurement |
Beacon passive measurement capability: · Disabled. · Enabled. |
|
Beacon active measurement |
Beacon active measurement capability: · Disabled. · Enabled. |
|
Beacon table measurement |
Beacon table measurement capability: · Disabled. · Enabled. |
ft enable
Use ft enable to enable fast BSS transition (FT).
Use undo ft enable to disable FT.
Syntax
ft enable
undo ft enable
Default
FT is disabled.
Views
Service template view
Predefined user roles
network-admin
Usage guidelines
FT minimizes the delay when a client roams from a BSS to another BSS within the same ESS. During 802.11r FT, a client needs to exchange messages with the target AP. FT provides two message exchanging methods.
When you configure FT, follow these restrictions and guidelines:
· 802.11r takes effect only on clients associated with the AC.
· Before configuring 802.11r, make sure the service template is disabled.
· To disable WPA IE, use the undo security-ie wpa command. For more information about the command, see WLAN Security Command Reference.
· Do not enable 802.11r FT and set the WPA3 security mode or enable enhanced open system authentication at the same time. If you do so, the service template cannot be enabled. For more information about 802.11r, see "Configuring WLAN security."
Examples
# Enable FT.
<Sysname> system-view
[Sysname] wlan service-template st
[Sysname-wlan-st-st] ft enable
Related commands
security-ie
ft method
Use ft method to set the FT method.
Use undo ft method to restore the default.
Syntax
ft method { over-the-air | over-the-ds }
undo ft method
Default
The FT method is over-the-air.
Views
Service template view
Predefined user roles
network-admin
Parameters
over-the-air: Specifies over-the-air FT. This method enables clients to communicate directly with the target AP for pre-roaming authentication.
over-the-ds: Specifies over-the-DS FT. This method enables clients to communicate with the target AP through the current AP for pre-roaming authentication.
Usage guidelines
Set the FT method only when the service template is disabled.
This command takes effect only when FT is enabled.
Over-the-air FT and over-the-DS FT are applicable to scenarios that have high requirements for roaming compatibility and roaming performance, respectively. As a best practice, use the over-the-air FT method.
Roaming through over-the-DS FT alllows only roaming between radios on the same AP.
Examples
# Set the FT method to over-the-DS.
<Sysname> system-view
[Sysname] wlan service-template st
[Sysname-wlan-st-st] ft method over-the-ds
Related commands
ft enable
ft reassociation-timeout
Use ft reassociation-timeout to set the reassociation timeout timer.
Use undo ft reassociation-timeout to restore the default.
Syntax
ft reassociation-timeout timeout
undo ft reassociation-timeout
Default
The reassociation timeout timer is 20 seconds.
Views
Service template view
Predefined user roles
network-admin
Parameters
timeout: Specifies the reassociation timeout timer in the range of 1 to 100 seconds.
Usage guidelines
The roaming process is terminated if a client does not send any reassociation requests before the timeout timer expires.
Set the reassociation timeout timer only when the service template is disabled.
This command takes effect only when FT is enabled.
Examples
# Set the reassociation timeout timer to 30 seconds.
<Sysname> system-view
[Sysname] wlan service-template st
[Sysname-wlan-st-st] ft reassociation-timeout 30
Related commands
ft enable
sacp anti-sticky
Use sacp anti-sticky enable to enable client anti-sticky.
Use sacp anti-sticky disable to disable client anti-sticky.
Use undo sacp anti-sticky to restore the default.
Syntax
sacp anti-sticky { disable | enable [ rssi rssi-value ] [ interval interval ] }
undo sacp anti-sticky
Default
Client anti-sticky is enabled.
Views
Radio interface view
Predefined user roles
network-admin
Parameters
rssi rssi-value: Specifies the RSSI threshold in the range of 5 to 100 dBm. By default, the threshold is 20 dBm.
interval interval: Specifies the detection interval in the range of 1 to 10 seconds. By default, the interval is 3 seconds.
Usage guidelines
This feature enables APs to examine the signal strength of clients at the specified intervals. For an 802.11v client, its associated AP triggers a BSS transition to guide the client to a better BSS if the signal strength of the client is lower than the threshold. For a non-802.11v client, no action is performed.
Examples
# Enable client anti-sticky, set the RSSI threshold to 30, and set the detection interval to 5 seconds.
<Sysname> system-view
[Sysname] interface wlan-radio 1/0/1
[Sysname-WLAN-Radio1/0/1] sacp anti-sticky enable rssi 30 interval 5
Related commands
bss transition-management
sacp roam-optimize bss-candidate-list
Use sacp roam-optimize bss-candidate-list enable to enable an AP to obtain BSS candidate information.
Use sacp roam-optimize bss-candidate-list disable to disable an AP from obtaining BSS candidate information.
Use undo sacp roam-optimize bss-candidate-list to restore the default.
Syntax
sacp roam-optimize bss-candidate-list { disable | enable [ interval interval ] }
undo sacp roam-optimize bss-candidate-list
Default
The BSS candidate obtaining feature is disabled.
Views
Radio interface view
Predefined user roles
network-admin
Parameters
interval interval: Specifies the interval for obtaining BSS candidate information in the range of 1 to 500 seconds. By default, the interval is 10 seconds.
Usage guidelines
This feature takes effect only on clients that come online after the feature is configured.
This feature enables an AP to send Beacon requests at specific intervals to clients that support Beacon measurement and obtain information about BSSs detected by the clients. Upon receiving such a request, a client responds with a Beacon Report frame to report BSS information.
With this feature disabled, the AP stops updating BSS candidate information and deletes all the candidates after the aging time expires.
If both this feature and BSS transition management are enabled, the system can guide clients to roam to better services based on the BSS candidate information.
To examine if a client supports beacon measurement, use the display wlan client rm-capabilities command.
Examples
# Enable the BSS candidate obtaining feature.
<Sysname> system-view
[Sysname] interface wlan-radio 1/0/1
[Sysname-WLAN-Radio1/0/1] sacp roam-optimize bss-candidate-list enable
Related commands
bss transition-management
3 WLAN roaming commands
authentication-mode
Use authentication-mode to set an authentication mode for IADTP control messages.
Use undo authentication-mode to restore the default.
Syntax
authentication-mode authentication-mode { cipher | simple } string
Default
The device does not verify the integrity of IADTP control messages.
Views
Mobility group view
Predefined user roles
Parameters
authentication-mode: Specifies an authentication mode. Only the 128-bit MD5 authentication mode is supported.
cipher: Specifies a key in encrypted form.
simple: Specifies a key in plaintext form. For security purposes, the key specified in plaintext form will be stored in encrypted form.
string: Specifies the key. Its plaintext form is a case-sensitive string of 1 to 16 characters. Its encrypted form is a case-sensitive string of 33 to 53 characters.
Usage guidelines
Use this command to enable the device to verify the integrity of control messages transmitted over IADTP tunnels.
Examples
# Set the authentication mode to MD5 and set the plaintext key to 12345.
[Sysname] wlan mobility group aaa
[Sysname-wlan-mg-aaa] authentication-mode md5 plain 12345
data-tunnel disable
Use data-tunnel disable to disable IADTP data tunnels.
Use undo data-tunnel disable to enable IADTP data tunnels.
Syntax
data-tunnel disable
undo data-tunnel disable
Default
IADTP data tunnels are enabled.
Views
Mobility group view
Predefined user roles
network-admin
Usage guidelines
|
|
CAUTION: To avoid data loss, do not disable IADTP data tunnels if no service ports are specified on the device for client VLANs. |
This feature enables a device to forward client traffic directly out of client VLANs' service ports, instead of through the IADTP data tunnel. This reduces the device's workload caused by processing broadcast packets received from IADTP data tunnels and saves resources used for maintaining the tunnels.
You must enable or disable IADTP tunnels on all devices in a mobility group.
You can configure this feature only when the mobility group is disabled.
Examples
# Disable IADTP data tunnels.
<Sysname> system-view
[Sysname] wlan mobility group group1
[Sysname-wlan-mg-group1] data-tunnel disable
Related commands
wlan mobility group
display wlan mobility
Use display wlan mobility to display information about clients that have roamed to or from the device.
Syntax
display wlan mobility { roam-in | roam-out } [ member { ip ipv4-address | ipv6 ipv6-address } ]
Views
Any view
Predefined user roles
Parameters
roam-in: Specifies clients that have roamed from another device to the current device.
roam-out: Specifies clients that have roamed to another device.
member ip ipv4-address: Specifies the IPv4 address of a member device.
member ipv6 ipv6-address: Specifies the IPv6 address of a member device.
Usage guidelines
If no member device is specified, this command displays information about all clients that have roamed to and from another device.
Examples
# Display information about all clients that have roamed to the device.
<Sysname> display wlan mobility roam-in
Total entries: 1
MAC address BSSID VLAN ID HA IP address
5250-0012-0411 cbab-abab-abab 1 192.168.0.101
# Display information about clients that have roamed to the specified member device.
<Sysname> display wlan mobility roam-in member ip 192.168.0.101
Total entries: 1
MAC address BSSID VLAN ID
5250-0012-0411 cbab-abab-abab 1
# Display information about all clients that have roamed to another device.
<Sysname> display wlan mobility roam-out
Total entries: 1
MAC address BSSID VLAN ID Online time FA IP address
5250-0012-0411 cbab-abab-abab 1 00hr 01min 39sec 192.168.0.102
# Display information about clients that have roamed from the specified member device to another device.
[Sysname] display wlan mobility roam-out member ip 192.168.0.102
Total entries: 1
MAC address BSSID VLAN ID Online time
5250-0012-0411 cbab-abab-abab 1 00hr 03min 02sec
Table3-1 Command output
|
Field |
Description |
|
Total entries |
Total number of clients. |
|
MAC address |
MAC address of the client. |
|
BSSID |
BSSID of the AP with which the client is associated. |
|
VLAN ID |
VLAN ID of the client. |
|
HA IP address |
IP address of the HA. |
|
FA IP address |
IP address of the FA. |
|
Online time |
Online time of the client. |
display wlan mobility group
Use display wlan mobility group to display mobility group information.
Syntax
Views
Any view
Predefined user roles
Examples
# Display mobility group information.
<Sysname> display wlan mobility group
Mobility group name: office
Tunnel type: IPv4
Source IPv4: 172.16.220.101
Source IPv6: Not configured
Authentication method: Not configured
Auto discovery: Enabled
Mobility group status: Enabled
Member entries: 3
IP address State Online time
172.16.220.102 DOWN 00hr 00min 00sec
172.16.220.105 UP 00hr 36min 27sec
172.16.220.106 UP (A) 00hr 50min 30sec
Table3-2 Command output
|
Field |
Description |
|
Tunnel type |
IADTP tunnel type for the mobility group: IPv4 or IPv6. |
|
Authentication method |
Authentication method used for the mobility group. |
|
Auto discovery |
Status of automatic group member discovery: · Enabled. · Disabled. |
|
Mobility group status: · Enabled. · Disabled. |
|
|
Member entries |
Number of member devices. |
|
IP address |
IP address of the member device. |
|
State |
IADTP tunnel state: · UP. · DOWN. The (A) suffix indicates that the device has joined the group through automatic group member discovery. |
|
Online time |
Online duration of the member device. |
Related commands
wlan mobility group
group enable
Use group enable to enable a mobility group.
Use undo group enable to disable a mobility group.
Syntax
Default
A mobility group is disabled.
Views
Mobility group view
Predefined user roles
Usage guidelines
Before enabling a mobility group, make sure you have completed the following tasks:
· Configure the source IP address of the same type as the IADTP tunnel address type.
· Specify member IP addresses of the same type as the IADTP tunnel address type, or enable automatic group member discovery.
This feature enables the device to establish IADTP tunnels and synchronize roaming entries with member devices.
If you disable a mobility group on the device, the device shuts down the IADTP tunnels established with the other member devices and deletes the roaming entries.
Examples
# Enable mobility group floor1.
[Sysname] wlan mobility group floor1
[Sysname-wlan-mg-floor1] tunnel-type ipv4
[Sysname-wlan-mg-floor1] source ip 192.168.0.1
[Sysname-wlan-mg-floor1] member ip 192.168.0.2
[Sysname-wlan-mg-floor1] group enable
Related commands
wlan mobility group
member
Use member to add a mobility group member.
Use undo member to delete a mobility group member.
Syntax
member { ip ipv4-address | ipv6 ipv6-address } [ vlan vlan-id-list ]
undo member [ ip ipv4-address | ipv6 ipv6-address ] [ vlan [ vlan-id-list ] ]
Default
No member devices exist.
Views
Mobility group view
Predefined user roles
Parameters
ip ipv4-address: Specifies a device by its IPv4 address.
ipv6 ipv6-address: Specifies a device by its IPv6 address.
vlan vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN ID or a range of VLAN IDs in the form of vlan-id1 to vlan-id2. The value range for VLAN IDs is 2 to 4094. The value for the vlan-id2 argument cannot be lower than the value for the vlan-id1 argument.
Usage guidelines
Make sure the mobility group is disabled before you use this command.
Members in a mobility group are identified by their IP addresses used to establish IADTP tunnels.
You can add both IPv4 and IPv6 members to a mobility group. Only members whose IP address type is the same as the IP address type of IADTP tunnels take effect.
A device can belong to only one mobility group.
You can add a maximum of 31 IPv4 members and 31 IPv6 members to a mobility group.
You can specify VLANs for a member device, so that other member devices in the mobility group can directly forward client data of the member device from the specified VLANs. If you do not specify VLANs for the member device, its client data cannot be directly forwarded by another member in the mobility group unless the clients roam to that member.
If a mobility group has multiple devices, make sure no loops exist among IADTP tunnels between members within the mobility group.
The undo form of this command deletes all member devices in a mobility group if you do not specify any parameters.
Examples
# Add a mobility group member.
[Sysname] wlan mobility group abc
[Sysname-wlan-mg-abc] member ip 192.168.1.55 vlan 3 10 19 22 to 30
member auto-discovery
Use member auto-discovery to enable automatic group member discovery.
Use undo member auto-discovery to disable automatic group member discovery and delete all automatically discovered member devices.
Syntax
member auto-discovery [ interval interval ]
undo member auto-discovery
Default
Automatic group member discovery is disabled.
Views
Mobility group view
Predefined user roles
network-admin
Parameters
interval: Specifies the interval at which the device broadcasts its source IP address, in the range of 10 to 3600 seconds. The default value is 60.
Usage guidelines
Before enabling this feature, execute the source command to specify the source IP address used for establishing IADTP tunnels.
This feature enables a device to automatically discover member devices in a mobility group by broadcasting its source IP address in the group. Member devices in the group that receive the IP address automatically establish IADTP tunnels with the device. The device joins the mobility group after it establishes IADTP tunnels with all the other members.
A device can belong to only one mobility group.
You can add a maximum of 31 IPv4 members and 31 IPv6 members to a mobility group.
The automatic discovery feature can add only devices in the same subnet as the source IP address.
Examples
# Enable automatic group member discovery and set the broadcast interval to 10 seconds.
<Sysname> system-view
[Sysname] wlan mobility group 1
[Sysname-wlan-mg-1] member auto-discovery interval 10
Related commands
member
source
wlan mobility group
role
Use role to specify the role of the device in a mobility group.
Use undo role to restore the default.
Syntax
role { client | server }
undo role
Default
A member device with a higher IP address acts as the server, and a member device with a lower IP address acts as the client.
Views
Mobility group view
Predefined user roles
network-admin
Parameters
client: Specifies the client role for the device.
server: Specifies the server role for the device.
Usage guidelines
This feature applies to a scenario where a device establishes an IADTP tunnel with another device in the same mobility group across a NAT device. In this scenario, the device with a lower IP address acts as the client to initiate a connection request to the device with a higher IP address. If the device with a lower IP address resides in the public network, the IADTP tunnel cannot be established. To ensure successful establishment of the IADTP tunnel in this case, specify the device in the private network as the client to initiate the connection request.
Examples
# Configure the device to act as a client in mobility group abc.
<Sysname> system-view
[Sysname] wlan mobility group abc
[Sysname-wlan-mg-abc] role client
snmp-agent trap enable wlan mobility
Use snmp-agent trap enable wlan mobility to enable SNMP notifications for WLAN roaming.
Use undo snmp-agent trap enable wlan mobility to disable SNMP notifications for WLAN roaming.
Syntax
snmp-agent trap enable wlan mobility
undo snmp-agent trap enable wlan mobility
Default
SNMP notifications are disabled for WLAN roaming.
Views
System view
Predefined user roles
network-admin
Usage guidelines
To report critical WLAN roaming events to an NMS, enable SNMP notifications for WLAN roaming. For WLAN roaming event notifications to be sent correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see Network Management and Monitoring Configuration Guide.
Examples
# Enable SNMP notifications for WLAN roaming.
<Sysname> system-view
[Sysname] snmp-agent trap enable wlan mobility
source
Use source to specify the source IP address for establishing IADTP tunnels.
Use undo source to delete the source IP address for establishing IADTP tunnels.
Syntax
source { ip ipv4-address | ipv6 ipv6-address }
undo source [ ip | ipv6 ]
Default
No source IP address is specified for establishing IADTP tunnels.
Views
Mobility group view
Predefined user roles
Parameters
ip ipv4-address: Specifies a source IPv4 address.
ipv6 ipv6-address: Specifies a source IPv6 address.
Usage guidelines
A device uses its source IP address to establish IADTP tunnels with member devices.
When you specify the source IP address for establishing IADTP tunnels, follow these restrictions and guidelines:
· Make sure the mobility group has been disabled.
· You can specify one IPv4 address, one IPv6 address, or both, but only the IP address type that is the same as the IP address type for IADTP tunnels takes effect.
If you do not specify an IP address when you use the undo command, this command deletes all source IP addresses.
Examples
# Specify a source IPv4 address for establishing IADTP tunnels.
[Sysname] wlan mobility group abc
[Sysname-wlan-mg-abc] source ip 192.168.1.55
Related commands
tunnel-dscp
Use tunnel-dscp to set a DSCP value for IADTP keepalive packets.
Use undo tunnel-dscp to restore the default.
Syntax
tunnel-dscp dscp-value
undo tunnel-dscp
Default
The DSCP value is 0 for IADTP keepalive packets.
Views
Mobility group view
Predefined user roles
network-admin
Parameters
dscp-value: Specifies a DSCP value for IADTP keepalive packets, in the range of 0 to 63. As a best practice, set the DSCP value to 63.
Usage guidelines
The DSCP value of an IP packet specifies the priority level of the packet and affects the transmission priority of the packet. A greater DSCP value means a higher packet priority.
In a scenario where a device establishes IADTP tunnels with other devices across NAT devices, two devices use IPsec for tunnel encryption and establishment. To prevent IADTP tunnel disconnection because the device cannot receive any IADTP keepalive packets from the peer when the IADTP tunnel is busy, set the DSCP value by using this feature.
Examples
# Set the DSCP value to 63 for IADTP keepalive packets.
<Sysname> system-view
[Sysname] wlan mobility group abc
[Sysname-wlan-mg-abc] tunnel-dscp 63
tunnel-type
Use tunnel-type to specify the IP address type for IADTP tunnels.
Use undo tunnel-type to restore the default.
Syntax
tunnel-type { ipv4 | ipv6 }
Default
The IP address type for IADTP tunnels is IPv4.
Views
Mobility group view
Predefined user roles
Parameters
ipv4: Specifies the IPv4 address type.
ipv6: Specifies the IPv6 address type.
Usage guidelines
Make sure the mobility group is disabled before you execute this command.
Examples
# Specify the IP address type as IPv4 for IADTP tunnels in mobility group aaa.
[Sysname] wlan mobility group aaa
[Sysname-wlan-mg-aaa] tunnel-type ipv4
wlan mobility group
Use wlan mobility group to create a mobility group and enter its view, or enter the view of the existing mobility group.
Use undo wlan mobility group to restore the default.
Syntax
wlan mobility group group-name
undo wlan mobility group group-name
Default
No mobility group exists.
Views
System view
Predefined user roles
Parameters
group-name: Specifies a mobility group by its name, a case-insensitive string of 1 to 15 characters that do not contain spaces.
Usage guidelines
Mobility groups configured on member devices must have the same name.
You can create only one mobility group on a device.
Examples
# Create a mobility group named office and enter its view.
[Sysname] wlan mobility group office
[Sysname-wlan-mg-office]
wlan mobility-group-isolation enable
Use wlan mobility-group-isolation enable to enable tunnel isolation for mobility groups.
Use undo wlan mobility-group-isolation enable to disable tunnel isolation for mobility groups.
Syntax
wlan mobility-group-isolation enable
undo wlan mobility-group-isolation enable
Default
Tunnel isolation is enabled for mobility groups.
Views
System view
Predefined user roles
network-admin
Usage guidelines
This command is required when loops exist among devices in a mobility group. It prevents devices from forwarding packets between tunnels in the mobility group and avoids broadcast storms.
Examples
# Enable tunnel isolation for mobility groups.
<Sysname> system-view
[Sysname] wlan mobility-group-isolation enable
