WLC solves the problem of wireless and wired networks in three different zones

The wireless LAN access technology is already competent, but how to solve these problems in the integration of wireless and wired networks is described in detail here.

The wireless LAN architecture is centered on wireless access points (AP. A wireless access point constitutes a cell. The client in the cell needs to send or receive data through this wireless access point to access other parts of the network. However, a traditional wireless access point, such as a wireless router, has a major defect. Each wireless access point is independent of each other. Even if most wireless access points are configured with the same security policy, the network administrator still has to configure each wireless access point. Obviously, this increases the workload of network administrators. Initialization Configuration and subsequent policy adjustments will be troublesome.

To solve the problem between the wireless network and the wired network, Cisco proposes a unified wireless network architecture, its main function is to divide wireless access points into two parts: lightweight AP and wireless LAN control.

I. division of labor and cooperation, unified deployment

In fact, Cisco's solution to this problem is simple. It can be summarized in eight words, that is, "unified deployment of division of labor and cooperation ". The traditional Wireless Access Point mainly includes two processes: Real-time process and management process. Real-time processes include sending and receiving 802.11 Gb/s, AP beacon and probe information, and data encryption. management processes mainly include client authentication, security management, Qos, and so on. In traditional wireless access points, these real-time processes and management processes are all completed in the same wireless access point. Therefore, network administrators have to configure wireless access points even if they adopt the same configuration and security policy. Due to the inability to centrally configure and manage various wireless access points, this is the main cause of a three-zone relationship between the wireless network and the wired network.

In this regard, Cisco decided to implement division of labor, cooperation, and unified deployment. In short, Cisco divides wireless access points into two types: lightweight wireless access points and wireless LAN Controllers. Their short names are LAP and WLC. The lightweight wireless access point is only responsible for receiving and sending 802.11 Gb/s. Other functions are implemented through the wireless LAN controller. Because this lightweight Wireless Access Point has fewer features than traditional wireless routers, we call it lightweight. This is also the name.

2. Mutual authentication between LAP and WLC

Because the configuration files, security policies, and identity authentication of wireless access points rely on the wireless LAN Controller WLC. If attackers forge an illegal Wireless LAN controller, everything will become terrible. Therefore, when designing and deploying a lightweight wireless access point, the first thing to note is how to ensure the security of the wireless LAN controller. This is the basis for achieving Cisco's unified wireless network architecture.

The lightweight Wireless Access Point and the Wireless LAN controller use the Lightweight Access Point Protocol as the tunnel protocol for each other. Specifically, there are two tunnels. A tunnel is used to transmit some data from the client. In this case, the lightweight tunneling protocol uses the LWAPP format to encapsulate the data. Although this is not encrypted, the encapsulated data is relatively safe. Another tunnel Transmits some control information, which determines the operation mode, client authentication, and security policies of lightweight wireless access points. The lightweight tunnel protocol authenticates and encrypts the control information to ensure that the wireless LAN controller can manage and control various lightweight wireless access points safely. In Cisco's solutions, lightweight wireless access points and wireless LAN Controllers use digital certificates to authenticate each other. For example, a digital certificate may be installed on the device at the factory Time, And the lightweight Tunneling Protocol will use these digital certificates for verification in the background. To this end, the wireless LAN controller can be effectively prevented from being forged.

Iii. Key Points of WLC Management and Maintenance

After the division of work between the wireless LAN controller and the lightweight wireless access point, the focus of wireless network management is on the wireless network controller. All maintenance and configuration related to the wireless network are completed on this controller. Therefore, when deploying a unified wireless network architecture, the main task of the network administrator is to maintain the wireless LAN controller. Specifically, it mainly maintains the following functions.

First, select the frequency of the RF channel

To avoid interference between the same channels of adjacent cells and weaken wireless signals, you need to set different RF channels for each adjacent wireless access point. To avoid mutual interference due to the same channel. In the sub-Wireless LAN controller, you can set the channels of each wireless access point. However, I suggest that you do not manually manage this channel unless necessary. The wireless LAN Controller provides an automatic management solution. This scheme not only optimizes the transmit power, but also automatically allocates different channels for wireless access points in the coverage range as needed. In addition, the transmit power is automatically adjusted according to the actual situation. The author believes that this automatic channel optimization solution is a good solution so far. For this reason, there is no need to manually adjust the channels used without any special reason.

Second, adjust the launch frequency to determine the failure of wireless access points.

In previous articles, the author mentioned that if a wireless access point fails, its cellular location will disappear, and its clients will not be able to connect to the network using the wireless access point. In this case, you can adjust the size of the adjacent cell (by adjusting the launch frequency of the adjacent Wireless Access Point) to re-cover the entire blind spot. The launch frequency can also be adjusted in the wireless LAN controller. The adjustment is much easier because it is adjusted on a platform and does not need to be connected to different wireless access points for configuration. What surprised us most is that automatic adjustment can also be made in the wireless LAN controller. That is, when the wireless LAN controller detects a fault in a lightweight wireless access point, it can immediately adjust the launch frequency near the wireless access point, so that the cellular network can re-overwrite the area and notify the network administrator.

Third, dynamic Client Load Balancing

During wireless network deployment, each cell often overlaps with each other. Which wireless access point should the client connect to when the client is in this overlap? Client Authentication is completed by the wireless LAN controller. To this end, it is also done by the LAN controller to connect to a wireless access point. If the network administrator starts the Server Load balancer option on the controller, when the signal strength is met, the wireless LAN controller can connect the wireless client to a wireless access point with a relatively small number of client connections. In this way, the client load is balanced. Because the Server Load balancer is automatically completed by the Controller, it is very useful for improving the performance of wireless networks. This is mainly because wireless access points use the shared bandwidth mechanism. The more clients access the same wireless access point, the less bandwidth the client can obtain. Therefore, when the signal strength meets the requirements, the client can be reasonably allocated between different wireless access points, which can improve the bandwidth utilization and the performance of the wireless network.