Information Technology Reference
In-Depth Information
CAPWAP
Control and Provisioning for Wireless Access Point (CAPWAP) is an IETF standard for
control messaging for setup, authentication, and operations between APs and WLCs. In
Controller Software 5.2, Cisco LWAPs use CAPWAP communication between the WLC
and LWAPs. CAPWAP is similar to LWAPP except for the following differences:
Key
To p i c
CAPWAP uses Datagram Transport Layer Security (DTLS) for authentication and en-
cryption to protect traffic between APs and controllers. LWAPP uses AES.
■
CAPWAP has a dynamic maximum transmission unit (MTU) discovery mechanism.
■
CAPWAP control messages run over UDP 5246.
■
CAPWAP data messages use UDP 5247.
■
CAPWAP uses a Layer 3 tunnel between the LWAP and the WLC. Figure 5-4 shows the
architecture. The APs obtain an IP address via DHCP. On the AP side, the control and data
messages use an ephemeral UDP port that is derived from a hash between the AP MAC
addresses. CAPWAP uses UDP port 5247 for data messages and UDP port 5246 for con-
trol messages.
Wired
Infrastructure
LWAP
WLC
Layer 3
CAPWAP Tunnel
Wireless Clients
Figure 5-4
CAPWAP Tunnel
Cisco Unified Wireless Network Split-MAC Architecture
With the Cisco UWN split-MAC operation, the control and data messages are split.
LWA P s c o m m u n i c a t e w i t h t h e W L C s u s i n g c o n t r o l m e s s a g e s o v e r t h e w i r e d n e t w o r k .
LWA P P o r C A P WA P d a t a m e s s a g e s a r e e n c a p s u l a t e d a n d fo r w a r d e d t o a n d f r o m w i r e l e s s
clients. The WLC manages multiple APs, providing configuration information and
firmware updates as needed.
LWA P M AC f u n c t i o n s a r e
802.11:
Beacons, probe response
■
802.11 Control:
Packet acknowledgment and transmission
■
