VAP: 虚拟接入点, 一个 VAP 就是一个无线业务, 一个 AP 可以提供多个 VAP, 多个 AP 也可以提供一个 VAP 功能
WLAN 的组网方式
二层组网: 瘦 AP 和 AC 之间采用直连或者二层网络进行连接组网方式比较简单, 适用于临时组网.
三层组网: 瘦 AP 和 AC 之间为三层网络, AP 和 AC 不在同一个子网或同一个广播域中, 需要路由器或三层交换机进行数据转发.
在实际组网中, 一台 AC 可以连接几十台甚至上百台 AP,AP 布置在办公室等场所, AC 布置在机房, 因此大型的组网中一般采用三层组网.
AC 的连接方式
直连式组网: AC 在网络中充当着交换机的角色, AC 下游直接连接 AP, 所有的数据必须经过 AC 到达上层网络.
优点: 组网结构清晰, 组网实施简单
缺点: 整个网络的传输能力决定于 AC 性能
旁挂式组网: AC 旁挂在 AP 上行网络的直连链路上, AP 的业务可以不通过 AC 转发到网关.
优点: 易于网络扩展
缺点: 部署实施起来相对复杂
capwap
无线接入点控制和配置协议, 是一个基于 UDP 的应用层协议, 即 AC 通过 capwap 隧道实现 AP 的集中管理和控制.
端口:
5246: 管理流量端口
5247: 业务数据流量端口
无线网络中的数据转发模式
直接转发: 业务流量到达 AP 后将数据转发给汇聚交换机, 不需要 AC 来进行处理.
隧道转发: AP 和 AC 之间建立一个 capwap 虚拟隧道, 所有的无线的业务流量需要通过隧道到达 AC, 由 AC 转发给交换机.
shell
[AC6005]wlan [AC6005-wlan-view]regulatory-domain-profile name regpro [AC6005-wlan-regulate-domain-regpro]country-code CN //国家代码
[AC6005]capwap source interface Vlanif 20
[AC6005]wlan [AC6005-wlan-view]ap-group name apgp1 //AP组 [AC6005-wlan-ap-group-apgp1]regulatory-domain-profile regpro //关联配置 Warning: Modifying the country code will clear channel, power and antenna gain configurations of the radio and reset the AP. Continue?[Y/N]:y
[AC6005-wlan-view]ap auth-mode mac-auth [AC6005-wlan-view]ap-id 1 ap-mac 00e0-fc3e-2980 [AC6005-wlan-ap-1]ap-name AP1 [AC6005-wlan-ap-1]ap-group apgp1 Warning: This operation may cause AP reset. If the country code changes, it will clear channel, power and antenna gain configurations of the radio, Whether to continue? [Y/N]:y Info: This operation may take a few seconds. Please wait for a moment.. done.
[AC6005-wlan-view]ap-id 2 ap-mac 00e0-fcc4-0ca0 [AC6005-wlan-ap-2]ap-name AP2 [AC6005-wlan-ap-2]ap-group apgp1 Warning: This operation may cause AP reset. If the country code changes, it will clear channel, power and antenna gain configurations of the radio, Whether to continue? [Y/N]:y Info: This operation may take a few seconds. Please wait for a moment.. done.
[AC6005-wlan-view]dis ap all Info: This operation may take a few seconds. Please wait for a moment.done. Total AP information: nor : normal [2] ------------------------------------------------------------------------------------- ID MAC Name Group IP Type State STA Uptime ------------------------------------------------------------------------------------- 1 00e0-fc3e-2980 AP1 apgp1 20.1.1.184 AP2050DN nor 0 2M:31S 2 00e0-fcc4-0ca0 AP2 apgp1 20.1.1.60 AP2050DN nor 0 7S ------------------------------------------------------------------------------------- Total: 2
[AC6005-wlan-view]ssid-profile name ssidpro [AC6005-wlan-ssid-prof-ssidpro]ssid huawei Info: This operation may take a few seconds, please wait.done.
[AC6005-wlan-view]security-profile name secpro [AC6005-wlan-sec-prof-secpro]security ? open Open system wapi WLAN authentication and privacy infrastructure wep Wired equivalent privacy wpa Wi-Fi protected access wpa-wpa2 Wi-Fi protected access version 1&2 wpa2 Wi-Fi protected access version 2 [AC6005-wlan-sec-prof-secpro]security wpa-wpa2 psk pass-phrase huawei123 aes
[AC6005-wlan-view]vap-profile name vappro [AC6005-wlan-vap-prof-vappro]ssid-profile ssidpro Info: This operation may take a few seconds, please wait.done. [AC6005-wlan-vap-prof-vappro]security-profile secpro Info: This operation may take a few seconds, please wait.done. [AC6005-wlan-vap-prof-vappro]forward-mode tunnel [AC6005-wlan-vap-prof-vappro]service-vlan vlan-id 10 Info: This operation may take a few seconds, please wait.done.
[AC6005-wlan-view]ap-group name apgp1 [AC6005-wlan-ap-group-apgp1]vap-profile vappro wlan 1 radio 0
