Cisco access points (AP) provide a way to extend wired networks or install network components where normal physical wiring cannot be installed. APs also provide an alternative solution to networking at a fraction of the cost. Cisco wireless solutions offer secure, manageable, and reliable wireless connectivity with exceptional range and performance. Cisco wireless solutions are offered in two mechanisms:
■ A standalone device that interacts directly with the wired network.
■ A two-part system that relies on a controller. APs talk directly to a controller or central-based piece of equipment, and this device interacts directly with the wired network.
Each mechanism is Wi-Fi certified for interoperability that offers support for various client devices. Both deployment mechanisms support 802.11a/b/g/n connectivity for indoor and outdoor environments. Many controllers and APs exist, a good portion of which were the creations of the autonomous or the controller technology. By the end of this topic, you will have learned what product was intended for what solution and what will suit your business needs. However, you need to dig in and learn a little about the history before you begin.
A range of models can work with any platform you have. The idea of the Wireless LAN Controller (WLC) is to simplify the deployment and operation of wireless networks. It is intended to offer a higher level of security, AP radio frequency (RF) management, single point of management, and mobility services.
The WLC also offers a variety of services, some of which are specific to the model of the controller. Later on in this topic, you will learn about the functionality differences between the platforms. The main solution is data and voice networks. Within these networks, the WLC can provide wireless and wired guest services, location tracking, quality of service (QoS), and other varieties of 802.11a/b/g/n services. Everything mentioned here and more will be discussed in the future pages of this topic.
Current Production WLCs
The controller models differ by their uplink interface size/speed and the number of APs they support. They also vary to a degree with the type of equipment that they interface with. The sections that follow briefly describe the current line of WLCs.
Cisco 5500 Series WLCs
The Cisco 5508, as pictured in Figure 2-1, is the most powerful WLC to date. It offers reliable performance, enhanced flexibility, and zero service loss for mission-critical wireless. This WLC platform was developed with the new 802.11n standard that offers up to nine times the performance of 802.11a/g networks.
Figure 2-1 Cisco 5508 WLC
The main improvements and new capabilities that the Cisco 5508 offers over the other controllers are as follows:
■ Maximum Performance and Scalability: Support for up to 250 APs and 7000 clients
Nine times the performance of 802.11a/g networks Ability to manage 250 APs simultaneously
■ Improved Mobility and Services:
Reliable connections even in the most demanding environments Larger mobility domain for more simultaneous client associations Uninterrupted network access when roaming Consistent streaming video and reliable, toll-quality voice
■ Licensing Flexibility and Investment Protection:
Option to add additional APs and feature licenses over time
Optional WPLUS software, which supports the Cisco OfficeExtend solution and Enterprise Wireless Mesh
Cisco Catalyst 6500 Series Wireless Services Module
The Wireless Integrated Service Module (WiSM), as shown in Figure 2-2, is a card that fits in the 6500 chassis and actually houses two 4400 controllers on one blade. Each WLC actually supports 150 APs, allowing for a total of 300 APs. Each WLC in the WiSM has its own console port for access. This was the added benefit of purchasing a WiSM over two separate standalone 4404s—the additional 100 APs. This was the largest controller made until production of the 5508 WLC. Of course, there are plans for devices supporting far greater numbers of APs, such as the 5508.
Figure 2-2 Wireless Integrated Service Module
The WiSM is typically referred to as the replacement for the Wireless LAN Services Module (WLSM). Cisco offered a trade-in program when the WiSM first came out as a way to increase migration to the WiSM.
Cisco Catalyst 3750G Integrated WLC
The WLC integrated 3750G takes the same approach as the WiSM but on a smaller scale. It is a single 4404 built into a 3750G switch. It is often referred to as the foxhound. The switch has 24 Ethernet 10/100/1000 ports with IEEE 802.3af and Cisco prestandard Power over Ethernet (PoE). It supports up to 50 APs. Figure 2-3 shows the 3750G integrated WLC.
Figure 2-3 3750G Integrated WLC
Cisco 4400 Series WLCs
The 4400 series WLCs come in two models—the 4402 and the 4404, as shown in Figure 2-4. The 4402 has two gigabit connections, whereas the 4404 has four. The 4402 is sold in variants that support up to 50 APs, whereas the 4404 supports up to 100 APs.
Figure 2-4 4402 and 4404 WLCs
Cisco 2100 Series WLCs
There are three models of the Cisco 2100 series WLCs shown in Figure 2-5. Each model correlates to the number of APs that it can support—2106, 2112, and 2125. The 2106 supports six APs, whereas the 2125 supports 25. There was a large architectural change between the old 2006 controller and the 2100 series controllers. The 2106 is now built on the ASA5505 platform. This offers much more functionality and capability than the 2006.
Figure 2-5 2100 Series WLC
Cisco Wireless LAN Controller Module
The Cisco Wireless LAN Controller Module (WLCM), shown in Figure 2-6, supports up to 25 Cisco Aironet APs and is supported on the Cisco 2800 and 3800 ISRs and 3700 series router. The WLCM is basically a 2106 sitting on a card that slides into a router. The WLCM is offered in four models: one that supports 6, 8, 12, and 25 APs.
Figure 2-6 WLCM
Previous WLCMs
To understand how and why the current models were produced, you need to know the history of the products and the companies they came from. The acquisition of Airespace marked the Cisco entrance into the centrally controlled managed solution, which was selling and gaining ground much faster than the standalone AP approach. These models can be identified with the Airespace labeling even though they were sold as Cisco units. The units eventually were sold with the Cisco branding.
The newer brands are a bit different from their older counterparts. When Aire space introduced its line of controllers, one of its intentions was for the WLC to function like a switch. Customers were to use these controllers to plug their APs directly into the controller’s ports. This design had its benefits and flaws. The design of these models restricted the overall design and implementation of wireless because you had to plug the APs directly into the unit. This is why you no longer see models like the 2000 or 4000 series WLCs.
This limited scalability from the product line was one of the major selling points and advantages over the typical standalone IOS-based APs. When applying this concept, the APs had to be located close to the controller and were limited to the length of the Ethernet cable.
The scalability factor is the understanding that you can have a network of any size and plug the APs into the network at any location regardless of geography. One AP might be located in Ohio and another in North Carolina. As long as they have IP connectivity back to the WLC, they establish communication with the controller and register.
Cisco 3500 Series WLCs
The 3504 WLC was the first generation small controller. It is similar to the 2006 in design, but it does not have the same hardware resources as the 2006. It contains less memory than the 2006 and similar models. The 2006 was a direct replacement for the 3504 and had improved hardware, although both were cosmetically identical. You have probably never run across these models unless you have been buying this equipment since Airespace started.
Tip You can install a 3504 image on a 2006, but you cannot install a 2006 image on a
3504 because the 2006 contains more memory than the 3504.
Cisco 4000 Series WLCs
The 4000 series had a few different models, including the 4012 and the 4024. The 12 and 24 were actually the number of 10/100 Ethernet ports that were located on the front of the box. These units did have one or two gigabit ports on the back of the box: 2-port SX or 1-port TX. The ports were also PoE, which was a nice feature. In addition, the units had console, service, and utility ports. The utility ports were always reserved for future users but ended up never providing functionality.
Cisco 2000 Series WLCs
The 2006 was the only model of 2000 series WLCs. The 6 referred to the number of APs it supported. This was and still is the smallest controller built as far as the number of APs supported. The 2006 had a 10/100 uplink that you could plug into a switch, enabling it to function like a larger WLC. The 2006 also had four Ethernet ports, a console port, and a utility port. What was unusual about the 2006 was the idea behind it. The model was built with the idea that people did not have to have a switch for it to work; they could plug the APs directly into the unit. Of course, it is difficult to do this when only four 10/100 Ethernet ports exist. Furthermore, one of the Ethernet ports had to be used as an uplink back to provide network connectivity, leaving only three ports. The 2006 did not have network processing units (NPU); it was more software based and limited to what it actually could do.
Cisco 4100 Series WLCs
The 4100 series WLC was the first hybrid or migration over to the 4402 or 4404s that exist today. Having numerous Ethernet ports all over the box and plugging the APs directly into the box were finally abandoned. These changes were definitely huge benefits because they affected scalability to a high degree.
The 4100 series had one or two ports: one active and one standby. The 4400 utilized SFP modules instead of the 10/100 Ethernet ports.
Functionality Differences Between WLCs
There is actually a great deal of functionality difference in software depending on the model of the controller. If you do not understand the terminology or feature at this point, you will learn more as you progress through the topic.
These software features are not supported on the 2000, 2100, and Network Module Controller (NMC) series controllers. The majority of these features are supported on the other WLC models:
■ PoE for 2100 series controllers. PoE has only two designated ports.
■ Service port (separate out-of-band management 10/100-Mbps Ethernet interface). The 2000 and 2100 series WLC does not contain a physical service port.
■ Multicast is not supported on APs that are connected directly to the local port of a 2000 or 2100 series controller.
■ VPN termination (such as IPsec and Layer 2 Tunneling Protocol [L2TP]) is not supported. IPsec is supported only on 3.2 code on the 4100/4400 models with a VPN module.
■ Termination of guest controller tunnels is not supported. (Origination of guest controller tunnels is supported.) This is also known as a mobility anchor. The smaller WLC models cannot function as an anchor.
■ External web authentication web server list is not supported.
■ Layer 2 Lightweight Access Point Protocol (LWAPP) Transport mode is not supported. The 2000 series, 2100 series, and NMC are only L3 capable.
■ Spanning tree is not supported.
■ Port mirroring is not supported. This feature was originally designed for the multi-port WLC platforms in mind. It is similar to a span session on a switch.
■ Cranite is not supported.
■ Fortress is not supported.
■ AppleTalk is not supported.
■ QoS per-user bandwidth contracts is not supported.
■ IPv6 pass-through is not supported.
■ Link aggregation (LAG) or ether channel is not supported.
■ Multicast unicast Replication mode is not supported.
The Foxhounds (the 3750s with the built in 4402 s) and WiSMs are only capable of link aggregation (LAG). This is also known as EtherChannel. Another point to remember is that the EtherChannel is not capable of channel negotiation; I am referring to Link Aggregation Control Protocol (LACP) or Port Aggregation Protocol (PAgP).
Tip LAG on the WLC does not support LACP or PAgP. Its mode is simply on: "Channel group mode ON." Also, the load-balancing algorithm is src-dst-ip: switch(config)#port-channel load-balance src-dst-ip
The channel group mode is simply in the "ON" state. If your WLC is running LAG or ether channel, it must be in Layer 3 mode. All the 2000, 2100, and NMCs are only capable of Layer 3 mode. When Layer 2 or Layer 3 is referred to in the context, it is referring to the lwapp transport mode, and it is strictly a controller function. For now the only point of interest you need to know about Layer 2 and Layer 3 LWAPP transport mode is that in Layer 3 mode an AP-Manager interface is needed/created. The exception is the 5500 series, which does not require an AP-Manager. The management interface handles the AP communication. In addition, the transport mode is specific to LWAPP and has nothing to do with Control and Provisioning of Wireless Access Points (CAPWAP). In Layer 2 LWAPP mode, the APs do not require IP addresses but must be in the same subnet/network as the controller. There is also no AP-Manager interface configured on the WLC.
Note Layer 2 and Layer 3 WLC transport modes are specific only to LWAPP. CAPWAP operates only at Layer 3.
WLC Hardware and Software Requirements
The size of the wireless network you want to have determines the requirements. The first piece of hardware is a controller. You have to decide on the number of APs you want to have in your network. You also need to plan what applications you want to support over wireless. Some controller models support the same number of APs, but the hardware underneath is somewhat different. For instance, Cisco produces a WLC2125 and a WLC4402-25. Therefore, the question comes down to 4402 versus 2125, because both support 25 APs. The 4400 has two network processing units (NPU) and additional resources that the 2100 does not. The 2100 does not have an NPU but in its place has a smaller processor, and for the most part everything is handled in software. There is a phenomenal difference as far as the packet processing rate between the 4400 and the 2100. Neither video nor voice applications on a large scale would be possible for the 2125. The uplink is a 10/100 Ethernet cable, so you are restricted to this bottleneck.
After you choose a controller, you choose an AP model. Again, what you are trying to accomplish determines the type of AP to go with. If your idea is to build a small wireless network, you can do so with a 2000/2100 series WLC and a single AP. You then have to connect this into your existing network. If you have a large wired network, the same principle basically applies. You can purchase a 4404 and connect the gigports into your switch infrastructure. Then you can connect the APs throughout your network. Finally, there has to be IP connectivity between the APs and the WLC. After you configure the controller, your wireless network is up and running.
Controller Requirements
The controller GUI requires the following operating system and web browser:
■ Windows XP SP1 or higher or Windows 2000 SP4 or higher
■ Internet Explorer 6.0 SP1 or higher
■ Mozilla Firefox 2.0.0.11 or later
Note Internet Explorer 6.0 SP1 or higher is the only browser supported for accessing the controller GUI and for using web authentication.
Software Requirements
The Cisco WiSM requires software release SWISMK9-32 or later. The Supervisor 720 12.2(18)SXF2 supports the Cisco WiSM software Release 3.2.78.4 or later, and the Supervisor 720 12.2(18)SXF5 (Cisco IOS Software Modularity) supports the Cisco WiSM software Release 4.0.155.5 (with Cisco IOS Software Modularity). If you want to use the Cisco WiSM in the Cisco 7609 and 7613 Series Routers, the routers must be running Cisco IOS Release 12.2(18)SXF5 or later.
The Cisco WLC Network Module is supported on Cisco 28/37/38xx Series Integrated Services Routers running Cisco IOS Release 12.4(11)T2, 12.4(11)T3, and 12.5.
If you want to use the controller in the Catalyst 3750G WLC Switch, the switch must be running Cisco IOS Release 12.2.25.FZ or 12.2(25)SEE.
The 2112 and 2125 controllers are supported for use only with Software Release 5.1.151.0 or later.
