One of the toughest things to wrap your head around when dealing with wireless is the sheer number of interfaces involved! It can get really confusing trying to understand what interfaces are used for what, which are logical and which are physical, which are dynamic and which are static…yikes!
It’s important to remember that a wireless Access Point works as a bridge between the wired and wireless networks. This inherently means that you will have at least 2 interfaces, one for each network, a radio interface for the wireless network and an ethernet interface for the wired network. Most AP’s, however, actually have 2 radios built in to them, so that adds another radio interface right off the bat. These are the physical interfaces and they are also static, meaning that you really can’t get rid of them. You can disable them, but they are still there.
Ok, here is where things can get tricky. Each SSID is actually considered an interface on the WLAN. On the AP itself these are each tied to a subinterface on a radio and on the wired LAN, they correspond to a VLAN interface. Here is an example. Say I want to create an SSID called GuestAccess. I would need to define that SSID on the AP along with security parameters for it, then I would have to create a subinterface for the radio I would want to use for that SSID. It’s not necessary to choose a particular number for that SSID, but it is considered good practice to use the same number that you plan on using for the VLAN on the wired network that will correspond to that WLAN. (Using a separate VLAN for each SSID on the wired network helps keep traffic from each SSID separate from other traffic, which is particularly nice when you configure an SSID for guest access.) So, if I plan on using vlan 84 for GuestAccess, I would probably configure a subinterface on interface dot11radio0 of dot11radio0.84. It just makes it easier to find.
I still have to configure a bridge interface that will allow me to be able to connect to the AP and allow bridging between the wired and wireless networks. This is called a BVI interface and I give it whatever IP address I would like to use to manage the AP. It is important to note that my ethernet interface and all the subinterfaces (there will be one for each SSID to match the subinterfaces on the radio interface) don’t get IP addresses. My bridge interface is my only interface that needs an IP.
As I mentioned, I will need a subinterface on my ethernet interface to match the subinterfaces I have created on the wireless side. Without this, all my wireless frames will not have a way to go out to the wired network. For me, it helps to think of this as similar to a “router on a stick” configuration where you create virtual subinterfaces on a router to route VLAN’s. In the case of my example, to keep things neat and tidy, I’d create a subineterface on my ethernet0 interface of ethernet0.84. The actual numbering of the interfaces does matter in that the subinterface for the radio interface and the ethernet interface do have to match. My AP is configured now! I’d still have to make sure that vlan 84 is on my wired network and has a route point configured with a vlan interface for it. I’d also have to set up a dhcp server for that network and configure security and authentication.
All that was for an autonomous AP. If I have a lightweight infrastructure, all this can be done either from the WLAN controller or from WCS. In this case, I define the SSID and WLAN on the controller or in WCS then I can choose which AP’s will be able to offer this SSID. This is nice because I only have to go through the configuration of the VLAN and the SSID and I only have to do it once. Once I choose which AP’s will be allowed to have this SSID, the controller or WCS configures all the associated interfaces on the AP’s for me! Sweet!
As you can see, a wireless network has a whole lot of interfaces in play. It becomes very important, particularly when troubleshooting, to know what each is and how to use them!
Recent Comments