Wireless MESH network
January 24, 2016
This post contains short notes about Cisco wireless MESH network.
- MESH is useful if you have to build wireless network, but for some reason you cannot deploy Ethernet cable to your APs. In this case APs connect with each other and create MESH topology.
- Access points create internal backhaul network (using the 802.11a) and allows the clients to connect with 802.1g network.
- backhaul network uses Cisco Adaptive Wireless Path Protocol (AWPP) to route data between APs
- RAP AP – root AP (edge AP connected to wired network)
- MAP AP – mesh AP (it makes connections to other MAP or RAP APs)
- MAP AP can be also configured for Ethernet bridging – it allows wireless clients but also bridge traffic from connected wired network
- All APs establish an LWAPP/CAPWAP connection to the controller through AES-encrypted backhaul tunnels between the APs.
- Client traffic is tunneled to the controller and hidden from the AWPP process
- Radio management features in the LWAPP/CAPWAP WLAN solution are available to the wireless mesh network and do not have to be built into AWPP.
- Mesh Machine state – when MAP boots up it goes through several states. It scans all the channels and make connection with best parent AP. Parent AP is one of the AP which already joined to the Mesh (at the begin only the RAP belongs to MESH)
- the end state of Mesh Machine state is Maintain state (the RAP goes to this state immediately after boot; MAP goes through several states first)
- All APs in MESH must belong to the same Bridge Group Name (BGN) – the AP’s BGN is configured on WLC
Let’s assume that we have two APs in the default Local mode which already joined to WLC. Configure them with static IP address and setup statically Primary Controller. You should use static configuration to make WLC discovery as simple as possible – remember that your AP has not ethernet cable connected and it must to find WLC using wireless backhaul network. Name one of the APs as rap-001 and the second one as map-001.
Write down APs MAC addresses. You may be wonder which MAC address to use. The answer is dependent on the AP series, for example 1130 and 1240 series indoor mesh APs use Ethernet MAC address.
Then go to WLC security settings and add the AP MAC address to the local MAC database.
If you forget to setup this security settings you will get the following errors on WLC:
Setup AP mode
Go to AP details and setup Bridge mode.
Setup AP role
Go to AP details and setup AP role. For one AP setup RootAP role and for the second one setup MeshAP role. For both APS setup the same Bridge Group Name.
Go to the AP list to see if all your APs connected to WLC.
Select the arrow next to AP and select Neighbor information to see the neighbor relationship between APs.
You can also use the following debug commands on WLC
debug mesh security events enable debug mesh security message enable debug dot1x events enable debug dot1x packet enable
If you have console access to the AP you can also enable debug commands directly on the AP
debug mesh adjacency debug mesh event debug mesh link
You can configure the mesh APs (MAP or RAP) to bridge network traffic from its Ethernet card.
You can go inside FastEthernet0 settings and configure it to work as a trunk or access port.
If you select trunk option the you activate more options (native port setting, etc.).
Note: The bridged wired client traffic is bridged directly into the backhaul toward the RAP. The RAP then bridges the traffic directly onto the wired network. The wired bridged traffic is not sent back to the controller.