This MIB is intended to be implemented on all those
devices operating as Central Controllers (CC) that
terminate the Light Weight Access Point Protocol
tunnel from Light-weight LWAPP Access Points.
This MIB provides configuration and status information
about the 802.11 WLAN mobility.
The relationship between CC and the LWAPP APs
can be depicted as follows:
+......+ +......+ +......+ +......+
+ + + + + + + +
+ CC + + CC + + CC + + CC +
+ + + + + + + +
+......+ +......+ +......+ +......+
.. . . .
.. . . .
. . . . .
. . . . .
. . . . .
. . . . .
+......+ +......+ +......+ +......+
+......+
+ + + + + + + + +
+
+ AP + + AP + + AP + + AP + + AP
+
+ + + + + + + + +
+
+......+ +......+ +......+ +......+
+......+
. . . .
. . . . .
. . . . .
. . . . .
. . . . .
+......+ +......+ +......+ +......+
+......+
+ + + + + + + + +
+
+ MN + + MN + + MN + + MN + + MN
+
+ + + + + + + + +
+
+......+ +......+ +......+ +......+
+......+
The LWAPP tunnel exists between the controller and
the APs. The MNs communicate with the APs through
the protocol defined by the 802.11 standard.
LWAPP APs, upon bootup, discover and join one of the
controllers and the controller pushes the configuration,
that includes the WLAN parameters, to the LWAPP APs.
The APs then encapsulate all the 802.11 frames from
wireless clients inside LWAPP frames and forward
the LWAPP frames to the controller.
GLOSSARY
Access Point ( AP )
An entity that contains an 802.11 medium access
control ( MAC ) and physical layer ( PHY ) interface
and provides access to the distribution services via
the wireless medium for associated clients.
LWAPP APs encapsulate all the 802.11 frames in
LWAPP frames and sends it to the controller to which
it is logically connected.
Basic Service Set Identifier (BSSID)
The identifier for the service set comprising of
all the 802.11 stations under the control of
one coordinating Access Point. This identifier
happens to be the MAC address of the dot11 radio
interface of the Access Point. The wireless
clients that associate with the Access Point
get the wired uplink through this particular
dot11 interface.
Central Controller ( CC )
The central entity that terminates the LWAPP protocol
tunnel from the LWAPP APs. Throughout this MIB,
this entity also referred to as 'controller'.
Light Weight Access Point Protocol ( LWAPP )
This is a generic protocol that defines the
communication between the Access Points and the
Central Controller.
Mobility Oracle (MO)
When a Central Controller in the Mobility Group is
designated as Mobility Oracle, then all the Mobility
Controller's (MC) traffic is tunnelled to it by other
Mobility Controllers. Currently, MO resides along with MC
but MC can reside in a box without MO.
Mobility Controller (MC)
When a Central Controller in the Mobility Group is
designated as Mobility Controller, then all the Mobile
Anchor's traffic is tunnelled to it by other Anchors.
Each MC has its own/self mobility agent (MA), but MA can
reside in a box without MC.
Mobility Agent (MA)
The Mobility Agent is an entity residing on the access
switch that manages mobility events on the switch, and
communicates with the Mobility Controller. Access Points
can associate directly with MA.
Wireless LAN Controller (WLC)
Wireless LAN Controller are legacy mobility device which
can participate in the new mobility architecture.
Mobility Manager
The Mobility Manager is the management entity in a mobility
controller or mobility agent.
Mobile Node ( MN )
A roaming 802.11 wireless device in a wireless
network associated with an access point.
Anchor MC, Anchor MA
Anchor MC or Anchor MA is the mobility entity where a mobile
client was first anchored or associated. This is equivalent
to home agent (HA).
Associated MC, Associated MA
Associated MC or Associated MA is the mobility entity where
a mobile client roamed and get associated. This is equivalent
to foreign agent (FA). It can be local or remote.
Mobility
Concept by which a Mobile Node can roam from one
Access Point to another Access Point, across multiple
Central Controllers, without need for repeated
authentication.
Mobility Group
A set of Central Controllers which exchange Mobile
Node's authentication information, so that the Mobile
Node upon roaming need not re-authenticate.
Switch Peer Group (SPG)
A set of mobility agents (MAs) form a Switch Peer Group.
One or more SPGs are associated with one mobility
controller (MC). Traffic between mobility agents within
a SPG group goes directly between them - not through their
associated MC
Mobility Anchor
When a Central Controller in the Mobility Group is
designated as Mobility Anchor, then all the Mobile
Node's traffic is tunnelled to it by other
Controllers in the Mobility Group.
Guest Tunneling (GT)
The concept of designating a Central Controller in
the Mobility Group as Mobility Anchor, so that all
the Mobile Node's traffic is tunnelled to it by other
Controllers in the Mobility Group.
Station Management (SMT)
This term refers to the internal management of the
802.11 protocol operations by the AP to work
cooperatively with the other APs and 802.11
devices in the network.
Ethernet over Internet Protocol (EoIP)
Ethernet over IP (EoIP) is a protocol that creates
an Ethernet tunnel between two routers on top of an
IP connection. The EoIP interface appears as an
Ethernet interface.
Reverse path filtering (RPF)
Reverse path filtering (RPF) is a feature provided
by most modern Internet Protocol routers, which may
be used to reduce the risk of customers attacking
other internet hosts. One of the problems network
service providers face today is hackers generating
packets with fake source IP addresses, a technique
known as spoofing. This is often done in order to
initiate a denial-of-service attack against another
internet host or network.
Since the source IP addresses of the incoming packets
change, often randomly, and for every packet, the
target of such an attack can't easily filter out the
attacking packets. However, the source of the attack,
i.e. the network service provider of the attacking
host, has a simple way to stop such packets from ever
leaving its network. A router always knows which
networks are reachable via any of its interfaces.
By checking the source IP address of all packets
coming in via an interface against the networks known
to be behind that interface, the router can simply
drop packets that aren't supposed to come from there.
Hence, reverse path filtering filters packets
according to the 'reverse path' to their source
IP address. If the path back to the source IP address
does not match the path the packet is coming from,
it is dropped.
REFERENCE
[1] Part 11 Wireless LAN Medium Access Control ( MAC )
and Physical Layer ( PHY ) Specifications.
[2] Draft-obara-capwap-lwapp-00.txt, IETF Light
Weight Access Point Protocol.