Home > Articles > Cisco Network Technology > Wireless/Optical/High Speed > Deploying a Fast and Stable Wireless Mesh Network

Deploying a Fast and Stable Wireless Mesh Network

  • Sample Chapter is provided courtesy of Cisco Press.
  • Date: Dec 9, 2009.

Chapter Description

This chapter provides practical tips and advice for deploying a fast and stable wireless mesh network.

Ethernet Bridging

Ethernet bridging allows you to connect remote wired networks to each other using the Ethernet port of the MAPs. A common use for Ethernet bridging is installing video cameras or street poles with the mesh APs. For bridging to work, every MAP and RAP in the path must have Ethernet bridging enabled.

Prior to code Release 5.2, Ethernet bridging only allowed the extension of the Layer 2 network in which the MAPs resided. So if the APs had IP addresses in VLAN 5, for example, you could only extend VLAN 5 to the remote wired network. The 5.2 release allows you to bridge multiple VLANs. Like the earlier feature, every AP in the mesh path back to the RAP and including the RAP must support bridging the same VLANs as the MAP with the wired connection. Figure 15-10 illustrates this concept.

Figure 15-10

Figure 15-10 VLAN Tagging Support Example Within a Mesh Network

If you do not allow the desired VLANs on all the MAPs, then in the event of a failure within the mesh network it is possible to break the bridging feature if a MAP in the new path to the RAP does not support a particular VLAN. In Figure 15-10, if MAP1 were to go down and MAP3 changed its parent to MAP2, the Ethernet bridging on MAP3 would fail for VLAN 2 because MAP2 does not support bridging VLAN 2.

After you have enabled Ethernet bridging support on your mesh APs you need to configure the VLAN tagging. Figure 15-11 shows the Ethernet configuration of an indoor RAP, and Figure 15-12 shows the same configuration on the indoor MAP.

Figure 15-11

Figure 15-11 RAP VLAN Tagging Configuration

Figure 15-12

Figure 15-12 MAP VLAN Tagging Configuration

The RAP Ethernet port is configured as a trunk port with VLAN 20 set to Native and allowing VLAN 12. You can add more VLANs by entering the VLAN into the Trunk VLAN ID box and clicking Add. With the Ethernet port set to Trunk, the AP accepts both tagged and untagged packets. Any tagged packets for a VLAN that is not in the allowed list are dropped.

Because the MAP is only bridging VLAN 12 in this case, the Ethernet port mode is Access. The AP tags the incoming untagged packet and forwards it to the RAP. Any tagged packets are dropped.

Mesh APs use VLAN transparency to perform Ethernet bridging when extending the Layer 2 network. To allow multiple VLAN bridging/tagging, you must disable VLAN transparency (see Figure 15-13) under the Wireless>Mesh>Ethernet Bridging section on the controller. When VLAN transparency is enabled, VLAN processing does not occur. This assumes that all traffic is destined to and from the same VLAN with no 802.1 tagging.

After you have disabled VLAN transparency, reboot the mesh APs for that setting to take effect.

Figure 15-13

Figure 15-13 VLAN Transparency

It is important to understand the traffic flow when using Ethernet bridging. Figure 15-14 shows the traffic flow for both wired and wireless clients within the mesh network with Ethernet bridging enabled.

Figure 15-14

Figure 15-14 Ethernet Bridging Traffic Flow

As you can see, with Ethernet bridging enabled, the traffic flow for wireless clients is unchanged. The wireless client packets are sent using LWAPP/CAPWAP data, which is sent through the encrypted backhaul to the controller. The controller then bridges that traffic to the wired network. The bridged wired client traffic, however, is bridged directly into the backhaul toward the RAP. The RAP then bridges the traffic directly onto the wired network. The wired bridged traffic is not sent back to the controller.

Several guidelines exist in addition to disabling VLAN transparency that allow the correct VLANs on the APs when you use the Ethernet bridging and VLAN tagging feature in 5.2 code:

  • For security reasons, the Ethernet port on a mesh AP (RAP and MAP) is disabled by default. It is enabled by configuring Ethernet bridging on the MAP port.
  • Ethernet bridging must be enabled on all the APs in the mesh network to allow Ethernet VLAN tagging to operate.
  • VLAN mode must be set as non-VLAN transparent (global mesh parameter).

    VLAN transparent is enabled by default. To set as non-VLAN transparent, you must uncheck the VLAN transparent option in the global mesh parameters window.

  • VLAN configuration on a mesh AP is applied only if all the uplink MAPs are able to support that VLAN.
  • If uplink APs are not able to support the VLAN, the configuration is stored rather than applied.
  • VLAN tagging can be configured only on Ethernet interfaces.

    On 152x mesh APs, three of the four ports can be used as secondary Ethernet interfaces: port 0-PoE in, port 1-PoE out, and port 3- fiber. Port 2 - cable cannot be configured as a secondary Ethernet interface.

    In Ethernet VLAN tagging, port 0-PoE in on the RAP connects to the trunk port of the switch of the wired network. Port 1-PoE out on the MAP connects to external devices such as video cameras.

  • Backhaul interfaces (802.11a radios) act as primary Ethernet interfaces.

    Backhauls function as trunks in the network and carry all VLAN traffic between the wireless and wired network. No configuration of primary Ethernet interfaces is required.

  • The switch port in the wired network that is attached to the RAP (port 0-PoE in) must be configured to accept tagged packets on its trunk port. The RAP forwards all tagged packets received from the mesh network to the wired network.
  • No configuration is required to support VLAN tagging on an 802.11a backhaul Ethernet interface within the mesh network. This includes the RAP uplink Ethernet port. The required configuration happens automatically using a registration mechanism. Any configuration changes to an 802.11a Ethernet link acting as a backhaul are ignored and a warning results. When the Ethernet link no longer functions as a back-haul, the modified configuration is applied.
  • VLAN configuration is not allowed on a port-02-cable modem port of an 152x AP. VLANs can be configured on ports 0 (PoE-in), 1 (PoE-out), and 3 (fiber).
  • If you are bridging between two MAPs, enter the distance (mesh range) between the two APs that are bridging. (This is not applicable to applications in which you are forwarding traffic connected to the MAP or to the RAP access mode.)
  • Up to 16 VLANs are supported on each sector. Therefore, the cumulative number of VLANs supported by RAP's children (MAPs) cannot exceed 16.
  • Ethernet ports on APs function as either access or trunk ports within an Ethernet tagging deployment.
  • In Access mode, only untagged packets are accepted. All packets are tagged with a user-configured VLAN called access VLAN. For this mode to take effect, the global VLAN mode should be non-VLAN transparent. This option is used for applications in which information is collected from devices connected to the MAP, such as cameras or PCs, and then forwarded to the RAP. The RAP then applies tags and forwards traffic to a switch on the wired network.
  • Trunk mode requires the user to configure a native VLAN and an allowed VLAN list (no defaults). In this mode, both tagged and untagged packets are accepted. Untagged packets are always accepted and are tagged with the user-specified native VLAN. Tagged packets are accepted if they are tagged with a VLAN in the allowed VLAN list. For this mode to take effect, the global VLAN mode should be non-VLAN transparent. This option is used for bridging applications such as forwarding traffic between two MAPs residing in separate buildings within a campus.
  • The switch port connected to the RAP must be a trunk.

    The trunk port configuration on the switch and the RAP trunk port must match.

  • A configured VLAN on a MAP Ethernet port cannot function as a management VLAN.
  • The RAP must always connect to the native VLAN (ID 1) on a switch.

    The RAP's primary Ethernet interface is by default the native VLAN of 1.

5. Troubleshooting Mesh | Next Section Previous Section

Cisco Press Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Cisco Press and its family of brands. I can unsubscribe at any time.

Overview

Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Cisco Press products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@ciscopress.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security

Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children

This site is not directed to children under the age of 13.

Marketing

Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out

Users can always make an informed choice as to whether they should proceed with certain services offered by Cisco Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.ciscopress.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links

This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020