↪️
ccie.nyquist.eu
  • Table of Contents
  • Layer 2 Technologies
    • Ethernet Switching
      • L2 Switch Operations
      • Spanning Tree
        • 802.1d – STP
        • 802.1w – RSTP
        • 802.1s – MSTP
      • VTP 101
      • Private VLANs
      • VLANs
      • EtherChannel 101
    • Layer 2 WAN Protocols
      • HDLC
        • HDLC 101
      • PPP
        • PPP 101
        • PPP Authentication - PAP
        • PPP Authentication – CHAP
        • PPP Authentication – EAP
        • PPP Multilink
        • PPPoFR – PPP over Frame Relay
        • PPPoE – PPP over Ethernet
      • Frame Relay
        • Frame Relay 101
        • Frame Relay 102
        • Frame Relay Encapsulations – IETF vs Cisco
        • Multilink Frame Relay
        • Frame Relay Switching
        • Routing over Frame Relay
      • Bridging
        • Bridging on a router
        • MTU 101
    • Wireless
      • Wireless Principles
      • Wireless Implementations
      • Wireless Roaming
      • Wireless Authentication
        • WPA2 PSK
        • WPA2 802.1X
  • IPv4
    • IPv4 Addressing
      • Backup Interfaces
      • FHRP 101
      • DHCP 101
      • DNS 101
      • ARP 101
      • IPv4 101
      • Tunnel Interfaces
        • GRE Tunnels
      • BFD – Bidirectional Forwarding Detection
    • IPv4 Routing
      • How the routing table is built
        • How CEF works
        • Routing Order of Operations
        • NSF – Non Stop Forwarding
      • RIP
        • RIP 101
      • EIGRP
        • EIGRP 101
        • EIGRP Metric
        • More EIGRP Features
      • OSPF
        • OSPF 101
        • OSPF Areas
        • OSPF LSAs
        • OSPF Mechanics
      • IS-IS
        • IS-IS 101
        • IS-IS Mechanics – CLNP
      • BGP
        • BGP 101
        • BGP Attributes
        • More BGP
      • Route Redistribution
      • Policy based Routing
      • PfR 101 – Perfromance Routing
      • ODR
  • IPv6
    • IPv6-101
    • IPv6 Routing
    • Interconnecting IPv6 and IPv4
  • MPLS
    • MPLS 101
    • MPLS L3 VPN
  • Multicast
    • Multicast 101
    • PIM 101
    • IGMP 101
    • Inter Domain Multicast
    • IPv6 Multicast
    • Multicast features on switches
  • Security
    • NAT 101
    • NAT for Overlapping Networks
    • ACLs 101
    • ACLs 102
    • Cisco IOS Firewall
    • Zone Based Firewall
    • AAA 101
    • Controlling CLI Access
    • Control Plane
    • Switch Security
      • Switchport Traffic Control
      • Switchport Port Security
      • DHCP Snooping and DAI
      • 802.1x
      • Switch ACLs
    • IPSec VPN 101
      • IKE / ISAKMP 101
      • IPSEC Crypto Maps 101
      • IPSEC VTI 101
      • DMVPN 101
    • EAP 101
  • Network Services
    • NTP 101
    • HTTP 101
    • File Transfer 101 – TFTP & FTP
    • WCCP 101
  • QoS
    • QoS 101
    • Classification and Marking
    • Congestion Management
      • Legacy Congestion Management
      • SPD – Selective Packet Discard
      • CBWFQ
      • IP RTP Priority
    • Congestion Avoidance – WRED
    • Policing and Shaping
      • CAR 101
    • Compression and LFI
      • Header and Payload Compression
      • LFI for MultiLink PPP
    • Frame Relay QoS
      • Per VC Frame Relay QoS
    • RSVP 101
    • Switching QoS
  • Network Optimization
    • NetFlow 101 – TNF – Traditional NetFlow
    • NetFlow 102 – FNF – Flexible NetFlow
    • IP SLA 101
    • IP Accounting 101
    • Logging 101
    • SNMP and RMON 101
    • Cisco CLI Tips and Tricks
    • AutoInstall
    • Enhanced Object Tracking
    • Troubleshooting 101
    • SPAN, RSPAN, ERSPAN
  • Network Architecture
    • Hierarchical Network Architecture
    • SD Access
    • SD WAN
Powered by GitBook
On this page
  • Client perspective
  • AP/Controller perspective
  • Types of Roaming
  • L2 Roaming
  • L3 roaming
  • Guest Tunneling (Auto-anchor mobility)

Was this helpful?

  1. Layer 2 Technologies
  2. Wireless

Wireless Roaming

Client perspective

A wireless client decides to roam to a different AP when the connection to the current AP si degraded. The roaming decision is entirely on the client side and can be caused by:

  • maximum retries exceeded: Each vendor has a different threshold. One threshold could trigger a shift to a lower data rate and another threshold coudl trigger roaming

  • Low RSSI

  • Low SRN

  • Proprietary roaming parameters - In some scenarios the APs or the controllers can communicate with the clients to trigger a roaming

In order to roam, a client needs to know about other APs providing access to the same SSID. To do this, the client needs to "scan":

  • Active scan: The client changes its radio to a new channel and broadcasts a probe request. It usually waits 10ms for any responses.

    • Directed probe: The probe is sent for a specific SSID

    • Broadcast probe: The probe is sent to null SSID and all APs should respond with the SSIDs they support

  • Passive scan: the client changes its radio to a new channle and waits for a periodic beacon. It usually waits for 100ms. Due to the longer wait time most clients prefer Active scanning

During a channel scan the client is unable to transmit or receive data. To reduce the impacts clients can do:

  • Background scanning: Scannig happens only when the client is not transmitting or periodically on a single alternate channel to minimze data loss. This way, the client builds knowledge of available APs and can roam faster when needed.

  • On-roam scanning: This occurs when roaming is necessary

AP/Controller perspective

A Mobility Group (MG)is a collection of Mobiliy Controllers (MCs) accross which romaing needs to be supported. An MC can contain up to 24 WLCs. WLCs in a mobility group forward data traffic among the group which enables romaing between controllers and WLC redundancy.

Romaing inside a Mobility Group is done without the need to reauthenticate. If the client roams to an AP in a different WLC but in the same MG, the client datta will be transfered between WLCs.

Up to 3 MGs can be grouped in a Mobility Domain (MD) that supports up to 72 controllers. Clients can roam between controllers in differetn MGs as long as they are in the same MD.

If a client moves from one WLC to another one in the same MD the client needs to reauthenticate, reassociate and to get a new IP.

Controllers in an MG musth share a few parameters:

  • Mobility Domain name

  • Version

  • CAPWAP mode

  • ACLs

  • WLANs (SSIDs)

WLCs sned mobility control messages between them using UDP 16666 (unencrypted). User data traffic is transmited using EoIP (IP protocol 97) or CAPWAP (UDP 5246) tunnels.

When a client associates and authenticate to an AP, the controller places an entry for the client in its database. This includes:

  • MAC and IP address

  • Security context and associations

  • QoS contecxts

  • SSID (WLAN)

  • associated AP

Types of Roaming

L2 Roaming

L2 roaming occurs when the client moves from one AP to another but remains in the same subnet.

  • If the client roams from AP1 to AP2 but ends up on the same WLC, then we have Intracontroller Roaming. In this case the controller updates the database with the client's new AP.

  • If the client roams from AP1 to AP2 but ends up on a different WLC, then we have Intercontroller Roaming. In this case the controlles exchanges mobility messages and client data is copied to the new controller. Intercontroller Roaming should remain transparent to the user unless the session timeout is exceeded or the client sends a DHCP Discover. In this case, POP and PoA move from old WLC to the new WLC.

L3 roaming

L3 roaming occurs when the client moves from one AP to another and doesn't remain in the same subnet. This means the controller changed so it is an Intercontroller Roaming. But in this case, instead of moving the client DB to the new controller, the original controller marks the client with an anchor entry in it's own database. The DB entry is copeid to the new controller and marked as a foreign entry. The roam remains transparent to the client which gets to keep it's IP Address. This implies both anchro and foreign controller should have similar network access privileges so the client doesn't have connectivity issues after handoff. In this case the POP remains with the original WLC and the PoA moves to the foreign WLC.

Guest Tunneling (Auto-anchor mobility)

In this scenario you have one WLAN (ususally the Guest WLAN) that is tunneled to a predefined set of controllers to restrict clients to a specific subnet.

PreviousWireless ImplementationsNextWireless Authentication

Last updated 2 years ago

Was this helpful?