Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

AP Group VLAN Logic with Wireless LAN Controllers (WLC) - Configuration Example

     

     

    Introduction

    AP Group VLAN Logic with Wireless LAN Controllers (WLC)

    You want the traffic of an ssid to flow to a specific AP. So, you need a kind of mapping between the SSID and an AP For this mapping, you map the:

    1. SSID to the interface, and get an AP Group VLAN(Site/APontheSITE-Specific VLAN).
    2. AP Group VLAN to the AP.

    Network Diagram

    ap-group-vlans-wlc-network.gif

     

    Solution

    Normally, when a client connects, the subnet of which, the client becomes part of, depends on the interface mapped to the SSID(to which the client associates). We do this mapping in the WLC. To this WLC can join even 100 APs. These APs can be across continents also! To each AP, can associate, say 25 users. So, about 2500 users across continents will become part of same network and, obviously, will get ip addresses of the same network. In this case, if a client wants to broadcast information to another client on a WLAN, the broadcast is received by all the clients on that WLAN irrespective of whether it was intended for them or not.  All of these 2500 users may be spread across different physical sites, and each site might be on a different subnet.

    Scenarios

    • we may want wireless users to associate to the LAPs deployed at their respective sites, and then finally connect to the network(via the WLC) but with the same SSID ! We use the AP Group VLAN feature.
    • we may want wireless users to associate to the LAPs deployed at their respective sites, and then finally connect to the network(via the WLC) but not with the same SSID ! We do not use the AP Group VLAN feature. We can have an SSID for each site, and the clients of that site will only use that SSID.

    Technical Explanation

    • AP Group VLANs are used in a setup where a Universal WLAN (service set identifier [SSID]) is required but clients need to be differentiated (placed on different interfaces configured on the WLC) by virtue of physical LAPs they associate with.
    • When a client joins a WLAN, the interface used is determined by the LAP it is associated with, and by looking up the AP Group VLAN and WLAN for that LAP.

    AP Group VLANs, also called Site-Specific VLANs, is a way to allow load balancing on a WLAN by creating groups of Cisco LAPs that override the interface normally provided by the WLAN. The traditional method of assigning an interface to a device is based on the SSID or AAA policy override.

    Steps to configure via GUI

    1. Go to the controller GUI and choose WLANs > AP Groups VLANs.
    2. Check AP Group VLANs Feature Enable and then click Apply in order to enable the AP Group VLANs feature.
    3. Enter the AP Group Name and Description and then click Create New AP-Group in order to create a new AP group.
    4. For the new AP group , click on Detail. Select the appropriate SSID from the WLAN SSID pull-down menu and the interface with which you wish to map this AP group.  [  The final task is to assign the LAPs to the appropriate AP groups  ]
    5. Go to the controller GUI and choose Wireless > Access Points > All APs.
    6. Click on the Detail link for an LAP in order to assign an LAP to an AP group.
    7. Set AP Group Name to the name of the appropriate AP group from the AP Group name

    More Information - Design

    In typical deployment scenarios, each WLAN is mapped to a single dynamic interface per WLC, but consider a deployment scenario where there is a 4404-100 WLC that supports the maximum number of APs (100). Now consider a scenario where 25 users are associated to each AP. That would result in 2500 users who share a single VLAN. Some customer designs can require substantially smaller subnet sizes. One way to deal with this is to break up the WLAN into multiple segments. The AP grouping feature of the WLC allows a single WLAN to be supported across multiple dynamic interfaces (VLANs) on the controller. This is done when a group of APs is mapped to a specific dynamic interface. APs can be grouped logically by employee workgroup or physically by location.

    AP Group VLANs are used in a setup where a Universal WLAN (service set identifier [SSID]) is required but clients need to be differentiated (placed on different interfaces configured on the WLC) by virtue of physical LAPs they associate with.

    AP Group VLANs, also called Site-Specific VLANs, is a way to allow load balancing on a WLAN by creating groups of Cisco LAPs that override the interface normally provided by the WLAN. When a client joins a WLAN, the interface used is determined by the LAP it is associated with, and by looking up the AP Group VLAN and WLAN for that LAP.

    The traditional method of assigning an interface to a device is based on the SSID or AAA policy override. In this case, if a client wants to broadcast information to another client on a WLAN, the broadcast is received by all the clients on that WLAN irrespective of whether it was intended for them or not.

    The AP Group VLANs feature is an additional method used to limit the broadcast domains to a minimum. This is done by logically segmenting a WLAN into different broadcast domains. It limits the broadcast of a WLAN to a smaller group of LAPs. This helps to manage load balancing and bandwidth allocation more effectively. The AP Group VLANs feature creates a new table in the controller which lists the interfaces for every WLAN ID. Each entry in the table is indexed using a location name (which defines the group of LAPs).

    Note: AP groups do not allow multicast roaming across group boundaries. AP groups allow APs on the same controller to map the same WLAN (SSID) to different VLANs. If a client roams between APs in different groups, the multicast session does not function properly because this is currently not supported. Currently, the WLC forwards multicast only for the VLAN configured on the WLAN and does not take into consideration VLANs configured in AP groups.

    This list shows the maximum number of AP groups that you can configure on a WLC:

    • A maximum of 50 access point groups for the Cisco 2100 Series Controller and controller network modules
    • A maximum of 300 access point groups for the Cisco 4400 Series Controllers, Cisco WiSM, and Cisco 3750G Wireless LAN Controller Switch
    • A maximum of 500 access point groups for Cisco 5500 Series Controllers

    This document gives a configuration example that illustrates the use of this feature and also explains how to configure Site-Specific VLANs.

    Reference

    AP Group VLANs with Wireless LAN Controllers Configuration Example

    29837
    Views
    5
    Helpful
    0
    Comments