SWITCH10S08L03

Lesson 3

Preparing the Campus Infrastructure for WLANs

Overview Create implementation and verification plans to prepare infrastructure devices to integrate wireless LANs

Objectives Upon completing this lesson, you will be able to . This ability includes being able to meet these objectives:

Access point and controller placement

Configure switches for WLAN devices

Gathering Requirements

Planning the IntegrationCreating a Test Plan

Access Point and Controller Placement This topic describes access point and controller placement

2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.08-4

Access Point and Controller Placement Access point are connected to access switchesWLAN Controller are connected to network at Distribution switches Server farm or data center

Centralized deployment is recommendedMinimize inter-controller roaming.Implement deterministic redundancy.Centralized deployment with the integrated platforms: Cisco Catalyst 3750G Integrated Wireless LAN Controller for

small-to-medium deployments Cisco WiSM for medium-to-large deployments

Distributed deployment as an alternative for existing networks

As much as possible, controllers should be placed to minimize intercontroller roaming and

be

In the enterprise campus, centralized design supports the integrated controller platforms. st

al

Distributed controller deployment may work well with existing networks or focused wireless

The general recommendation is to use a centralized design for controller placement to minimize

latency of traffic flow over the wireless media. LWAPP tunneling separates the physical controller placement from the subnets, so the WLCs can be positioned where they are connected, secured, and powered and where traffic flows work well. Controllers shoulddeployed using deterministic redundancy to avoid unnecessary intercontroller roaming that results from salt-and-pepper designs.

Depending on the campus size and existing network devices, you can use the Cisco Cataly3750G Integrated Wireless LAN Controller for small-to-medium deployments or an individubuilding, or the Cisco Catalyst 6500 Series Wireless Services Module (WiSM) for a medium-to-large deployments.

coverage areas.

operational complexity and support. However, this decision should be based the ability of either design to support the current network and policies as well as plans for growth.

8-4 Implementing Cisco Switched Networks (SWITCH) v1.0 2009 Cisco Systems, Inc.

Distributed Controller Placement This subtopic describes Distributed Controller Placement


Distributed WLC Deployment

Distributed WLC Design The above figure illustrates a distributed WLC design with the placement of access points in

The distributed WLC design can easily support coverage areas isolated by building where

the access layer and WLCs in the distribution layer.

mobility between buildings is not implemented.

2009 Cisco Systems, Inc. Integrating Wireless LAN into a Campus Network 8-5

Centralized Controller Placement This subtopic describes centralized Controller Placement


Centralized WLC Deployment

Centralized WLC Placement The figure illustrates a centralized WLC design with the placement of access points in the access layer and WLCs in a service block in the core layer.

The centralized WLC design supports simplified management with fewer endpoints and fewer locations to manage issues such as high availability, routing, and power needs. Centralized WLC design also supports the most efficient mobility.


WLAN Devices Connected to the LAN Switches This subtopic describes WLAN Devices Connected to the LAN Switches


WLAN Devices Connected to SwitchesStandalone WLAN solution

Standalone access point

Controller-based solutionController-based access point Controller-based access point in HREAP modeWireless LAN ControllerWLC 4400 with LAGWiSM module in 6500 series switch

Standalone WLAN solution:

Standalone access point

Controller-based solution:

Controller-based access point Controller-based access point in HREAP mode Wireless LAN Controller WLC 4400 with LAG WiSM module in 6500 series switch


Configure switches for WLAN devices This topic describes configuration switches for WLAN devices


Wireless LAN Device Connections

VLANMgmt VLANNot requiredTrust COSTrunkWLAN

Controller

ViaController

or localVLAN

ViaController

AP IP Network

Trust DSCPTrunkHREAP AP

Via Controller

Via Controller

AP IP Network

Trust DSCPAccess

Controller-based AP

LocalVLANNative VLANManagement

Trust COSTrunk

Standalone AP / Bridge

Data ManagementNative VLANQoSSwitch Port

This table shows an overview of the switch configuration for the access point and wireless LAN controllers.


Switch Configuration for Standalone APs This subtopic describes Switch Configuration for Standalone APs


Standalone AP802.1Q Trunk port

Native management VLANData VLANs802.1p QOS

interface fastethernet 0/1 switchport encapsulation dot1q switchport trunk native vlan 10 switchport trunk allowed vlan 10,20 switchport mode trunk spanning-tree portfast mls qos trust cos

The standalone access point is connected to a trunk port with management on the native VLAN


Switch Configuration for Controller Based APs This subtopic describes Switch Configuration for Controller Based APs


Controller-based APAccess port

Native access point VLANNo data VLANs

interface fastethernet 0/2 switchport access vlan 10 switchport mode access spanning-tree portfast mls qos trust dscp

The controller-based access point is connected to an access port


Switch Configuration for Controller Based HREAP APs This subtopic describes Switch Configuration for Controller Based H-REAP APs


Controller-based AP in HREAP Mode802.1Q Trunk port

Native access point VLANSelected data VLANs

interface fastethernet 0/3 switchport encapsulation dot1q switchport trunk native vlan 10 switchport trunk allowed vlan 10,20 switchport mode trunk spanning-tree portfast mls qos trust dscp

The controller-based AP in HREAP mode is connected to a trunk port with the native VLAN as the AP VLAN.


2100 Series Controllers This subtopic describes the 2100 Series Controllers


Cisco 2100 Series WLAN Controllers

DynamicInterface n

Cisco WLAN Controller

VLAN a

VLAN b

VLAN n

Cisco 10/100 Ethernet Switchports in 802.1Q Trunk Mode

VLAN x

Port p

Port p

Port p

Port p

VirtualInterface

ManagementInterface

VLAN x AP ManagerInterface

VLAN x

VLAN n

VLAN b

VLAN a

WLAN 16SSID

WLAN 2SSID

DynamicInterface 2

DynamicInterface 1

WLAN 1SSID

This slides shows the interfaces and ports on a 2100 series WLAN controller


Switch Configuration for a WLAN Controller This subtopic describes the Switch Configuration for a WLAN Controller


WLAN Controller802.1Q Trunk port

Management VLANAccess point VLANData VLANs

interface fastethernet 0/4 switchport encapsulation dot1q switchport trunk native vlan 99 switchport trunk allowed vlan 10,20 switchport mode trunk spanning-tree portfast mls qos trust cos

The wireless LAN controller is connected to a trunk port The native VLAN is not used


Link Aggregation for a 4400 Series Controllers This subtopic describes Link Aggregation for a 4400 Series Controllers


4400 Controller with Link Aggregation

One LAG group per Cisco Wireless LAN Controller Packets are forwarded from controller on the same port they arrivedLoad balancing done on switchConnection to a single switch or stackEtherChannel configration on switch required

Link aggregation creates an Etherchannel between the controller and switch. This provides additional bandwidth and link redundancy.


Link Aggregation This subtopic describes Link Aggregation on different WLAN controllers


Link AggregationLink Aggregation is recommended (off by default) on the 4400 controllers

4404 subsystem

Link Aggregation

Bundles

4404 subsystem

WiSM

4404

Link AggregationBundle

4402

Link aggregation bundle

3750G-24WS

Link aggregation bundle

Link Aggregation is enabled on a WiSM blade and a 3750G integrated controller

Link aggregation is recommended on 440 series controller. WiSM and the integrated 3750G controller require link aggregation to used.

Link aggregation has to be configured on the switch


4400 Series Controller This subtopic describes


Cisco 440x Series WLAN Controllers

Virtual

Service Port

Cisco Copper 10/100 EthernetSwitchport in Access Mode

-

Cisco Gigabit Ethernet Switchportsin 802.1Q Trunk Mode

DynamicInterface n

VLAN n

VLAN b

VLAN a

WLAN 16SSID

WLAN 2SSID

DynamicInterface 2

DynamicInterface 1

WLAN 1SSID

Cisco WLAN Controller

VirtualInterface VLAN x

AP ManagerInterface

VLAN x

VLAN a

VLANb

VLANn

VLAN x

No VLANNo VLAN

Port p

Port p

Service-portInterface

ManagementInterface

This slides shows the interfaces and ports on a 4400 series WLAN controller


Switch Configuration for 4400 Series Controllers This subtopic describes the Switch Configuration for 4400 Series Controllers


Switch Configuration for LAG

interface gigabit 0/1channel-group 1 mode on

interface gigabit 0/2channel-group 1 mode on

interface port-channel 1switchport encapsulation dot1qswitchport trunk native vlan 99switchport trunk allowed vlan 10,20-30switchport mode trunkspanning-tree portfastmls qos trust cos

WLC4402G0/2

G0/1

Gigabit Etherchannel802.1Q Trunk port

Management VLAN Access point VLANData VLANs802.1p QOS

Link aggregation has to be configured on the switch

The wireless LAN controller is connected to an Etherchannel trunk port The native VLAN is required

The channel-group 1 mode on configures a fixed, nonnegotiated Etherchannel


Switch Configuration for WiSM Controllers This subtopic describes the WiSM Controllers


Cisco WiSM Controller

Cisco Gigabit Ethernet Switchports In 802.1Q Trunk Mode Connected Via Catalyst 6500 backplane

VLAN q

VLAN xVLAN a VLAN b VLAN n

WiSM Controller 1

-

WiSM Service VLAN

int gig /5int gig /6 int gig /8 int gig /7 int gig /9

Catalyst 6500 Line Card: Anteros-48 Base Board

WiSM Controller 2

WLAN 1

DynamicI/F 1

Dynamic I/F 2

Dynamic I/F n

Virtual I/F

Mgmt I/F

WLAN 2 WLAN 16

Service-portI/F

AP MGRI/F

P1 P2 P3 P4 VLAN 0

int gig /1I/F 6 int gig /4 int gig /3 int gig /9

I/F 5 I/F 8 I/F 7 I/F 10

P 1 P2 P3 P4

WLAN 1

DynamicI/F 1

Dynamic I/F 2

Dynamic I/F n

Virtual I/F

Mgmt I/F

WLAN 2 WLAN 16

Service-portI/F

AP MGRI/F

VLAN q

int gig /1I/F 2 int gig /4 int gig /3 int gig /9

I/F 1 I/F 4 I/F 3 I/F 9

VLAN 0

VLAN xVLAN a VLAN b VLAN n

This slides shows the interfaces and ports on a WiSM WLAN controller


Switch Configuration for WiSM Controllers This subtopic describes Switch Configuration for WiSM Controllers


WiSM in 6500 Switch (1)WISM service VLANc6500(config)# vlan 99c6500(config)# interface vlan 99c6500(config-if)# ip address 192.168.99.1 255.255.255.0c6500(config)# ip dhcp pool wism-service-portc6500(config)# network 192.168.99.0 255.255.255.0c6500(config)# default-router 192.168.99.1

c6500# show wism status

Service Vlan: 99, Service IP Subnet: 192.168.99.1/255.255.255.0

WLANSlot Controller Service IP Management IP SW Version Status

----+----------+------------+-------------+----------+-------3 1 192.168.99.3 169.254.1.1 4.2.176.0 Oper-Up

3 2 192.168.99.4 169.254.1.1 4.2.176.0 Oper-Up

Step 1

Configuration of service VLAN Configuration of DHCP pool fro service VLAN


Switch Configuration for WiSM Controllers This subtopic describes Switch Configuration for WiSM Controllers


WiSM in 6500 Switch (2)

WiSM command for VLANs and Etherchannelc6500(config)# wism module # controller 1 native-vlan 10c6500(config)# wism module # controller 2 native-vlan 10c6500(config)# wism module # controller 1 allowed-vlan 10,20-30c6500(config)# wism module # controller 2 allowed-vlan 10,20-30c6500(config)# wism module # controller 1 qos trust cosc6500(config)# wism module # controller 2 qos trust cos

WiSM console sessionc6500# session slot slot# processor processor#

Step 2

wism commands to create Etherchannel between WiSM and switch

seesion command to connect to CLI of controller 1 or 2


Gathering Requirements This topic describes Gathering Requirements


Gathering RequirementsController-based or Standalone solution?Number of APs?Where will the APs be installed?Switchports for APs on access switches available?PoE on access switches available?Are new access switches with PoE required?UPS required for APs?Where will the controllers be installed and connected?How do APs and wireless clients get IP addresses (DHCP server)?VLANs / subnets for APs, clients and SSIDs?Radius server required for security?New access lists required?Will a management system be installed?Voice over WLAN planned (QoS)?Bandwidth requirements for wireless users?

Question to ask to gather requirements:

Controller-based or Standalone solution?

s be installed? itches available?

required?

s be installed and connected? P server)?

e installed?

users?

Number of APs? Where will the APSwitchports for APs on access swPoE on access switches available? Are new access switches with PoE UPS required for APs? Where will the controllerHow do APs and wireless clients get IP addresses (DHCVLANs / subnets for APs, clients and SSIDs? Radius server required for security? New access lists required? Will a management system bVoice over WLAN planned (QoS)? Bandwidth requirements for wireless


Planning the Integration This topic describes Planning the Integration


Implementation PlanCollect requirementsCheck existing networkPlan additional equipmentPlan implementationImplement new network components

Steps to create an implementation during design of the network

Collect requirements

Check existing network

Plan additional equipment

Plan implementation

Implement new network components


Creating a Test Plan This topic describes


Test PlanCan you reach AP or WLC from management station?Can AP reach the DHCP server?Does AP get an IP address?Can WLC reach Radius server?Do clients get an IP address?Can client access the network, server, Internet?

Steps to test connectivity for wireless LAN

Can you reach AP or WLC from management station?

Can AP reach the DHCP server?

Does AP get an IP address?

Can WLC reach Radius server?

Do clients get an IP address?

Can client access the network, server, Internet?


Summary This topic summarizes the key points that were discussed in this lesson.


SummaryWLAN devices are connected to switchesAccess layer Standalone access points Controller-based access points Controller-based access points in HREAP mode

WLAN controller are installed at the distribution layer or centralized in the data centerWLAN controller are connected to trunk ports or etherchannel trunks


Preparing the Campus Infrastructure for WLANsOverviewObjectives

Access Point and Controller PlacementDistributed Controller PlacementDistributed WLC DesignCentralized Controller PlacementCentralized WLC PlacementWLAN Devices Connected to the LAN Switches

Configure switches for WLAN devicesSwitch Configuration for Standalone APsSwitch Configuration for Controller Based APsSwitch Configuration for Controller Based HREAP APs2100 Series ControllersSwitch Configuration for a WLAN ControllerLink Aggregation for a 4400 Series Controllers Link Aggregation4400 Series ControllerSwitch Configuration for 4400 Series ControllersSwitch Configuration for WiSM Controllers Switch Configuration for WiSM ControllersSwitch Configuration for WiSM Controllers

Gathering RequirementsPlanning the IntegrationCreating a Test PlanSummary

Documents

SWITCH10S08L03