Solved: Switchport Config - Trunk or Access?

david.kelsen · ‎06-18-2009

Hi,

Just wondering if Cisco has any recommendations around whether to configure the switchport as a trunk or as an access port for Lightweight Access Points?

We've been running some LAPs connected to trunk ports and some connected to access ports and we can't really see any difference.

We're guessing that the trunk port will allow 802.1p values to be carried in the frame, where an access port won't.

Can anyone provide any clarification or recommendations around this for us?

Cheers,

Dave.

George Stefanick · ‎06-20-2009

When an AP joins a controller it creates an LWAPP tunnel adjacency (if your are on 5.2 code, it's a CAPWAP tunnel). Like most tunnels, all your traffic is aggregated within the tunnel itself.

So your vlans, qos, ssids, and traffic transverse the LWAPP tunnel, so there is no need to config the access switch with a trunk.

Your aps dont attach to the manager interface, but rather to the AP manager. I forget what code version the ap manager goes away, but you get the point.

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

View solution in original post

Leo Laohoo · ‎06-18-2009

Hi Dave,

Does your switchport carry two or more VLANs (like voice and data)? If yes, then it's recommended that you configure the switchports as trunks. Otherwise, if you only have one VLAN, then access would do just fine.

Hope this helps.

david.kelsen · ‎06-18-2009

Thanks Leo,

Yes the switchports do carry two vlans, as mentioned, voice & data... in fact three vlans if you include the management vlan. So it would make sense to configure them as trunks... but...

The LAPs connected to access ports still pass all traffic, whether its voice, data or management.

That's whats led me to post the question.

Its got me a bit confused.

juweiwei86 · ‎11-14-2019

Which mode was your AP?

Tinei · ‎10-18-2018

As George mentioned earlier the access points form a CAPWAP tunnel with the controller and all vlan traffic traverses through that capwap tunnel so there is no need to configure the port on the switch as a trunk port.

juweiwei86 · ‎11-14-2019

When an AP operates in Local mode (split MAC), then yes. When the AP operates in FlexConnect mode, then no.

Leo Laohoo · ‎06-18-2009

Hi Dave,

You can always "allow" the specific VLANs you require:

switchport trunk allowed vlan Management,Voice,Data

Just substitute the "Management,Voice,Data".

Does this help?

George Stefanick · ‎06-19-2009

Leo,

Dave mentioned these were for lwapp access points. These should always be access ports ...

see attached

While the Cisco WLCs always connect to 802.1Q trunks, Cisco lightweight APs do not understand VLAN tagging and should only be connected to the access ports of the neighbor switch.

http://74.125.47.132/search?q=cache:1pLYVU-lw70J:www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080665cdf.shtml+lwapp+access+trunk&cd=4&hl=en&ct=clnk&gl=us

If these were autonomous, then yes you would need a truck. But not with LWAPP... but hey you boyz from down under have a whole different way of doing things lol!

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

david.kelsen · ‎06-19-2009

Hi gstefanick,

Thanks for your reply.

I've checked out the link and it seems to answer my question when it says that, 'Cisco lightweight APs do not understand VLAN tagging and should only be connected to the access ports'...

So I'll correct any LAP switchports that are currently configured as trunks.

How does it work though? Ie., having multiple vlans, but the LAP is attached to an access port in the management vlan.. how does the voice & data traffic get switched?

George Stefanick · ‎06-20-2009

When an AP joins a controller it creates an LWAPP tunnel adjacency (if your are on 5.2 code, it's a CAPWAP tunnel). Like most tunnels, all your traffic is aggregated within the tunnel itself.

So your vlans, qos, ssids, and traffic transverse the LWAPP tunnel, so there is no need to config the access switch with a trunk.

Your aps dont attach to the manager interface, but rather to the AP manager. I forget what code version the ap manager goes away, but you get the point.

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

david.kelsen · ‎06-20-2009

Cool, that explains things.

Yeah we're running 5.2 code, so it must be a CAPWAP tunnel.

Thanks for all your help.

anilbhosale94 · ‎11-13-2019

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin

nice explanation .can you suggest some books or online tutorials to learn cisco wireless.

juweiwei86 · ‎11-14-2019

What about AP runs in FlexConnect mode? Thanks.

sean maudsley · ‎01-11-2023

So do you create a VLAN within the network for CAPWAP tunnels? That way CAPWAP tunnels know how to get back to the WLC?

Once the AP is registered to a WLC, the wireless users send traffic over the CAPWAP via the generic VLAN across the network back to the WLC where it will segment into the necessary VLANs?

I understand that this is an old post, but I am new to wireless and the books only tell you that all traffic is sent via CAPWAP

Leo Laohoo · ‎06-21-2009

Hi George,

I had LAPs connected to access port and AP's connected to Trunks. Don't see any difference. He he he ...