Cisco Cisco Aironet 1200 Access Point Technical References
3
Cisco Catalyst 6500 Series Wireless LAN Services Module: White Paper
OL-6450-01
WLSM Operational Overview
WLSM Operational Overview
The WLSM works with the Supervisor Engine 720 and with Cisco Aironet 1100 and 1200 series access
points to provide a logical network over an existing network infrastructure. Within this network, a mobile
user can roam and remain within the same Layer 3 broadcast domain. Layer 3 roaming is accomplished
using an FSRT for each active roaming subnet (mobility group), terminated at one end on the Supervisor
Engine 720 and at the other end on the Cisco Aironet access point (see
points to provide a logical network over an existing network infrastructure. Within this network, a mobile
user can roam and remain within the same Layer 3 broadcast domain. Layer 3 roaming is accomplished
using an FSRT for each active roaming subnet (mobility group), terminated at one end on the Supervisor
Engine 720 and at the other end on the Cisco Aironet access point (see
Figure 1
Logical Layer 3 Mobility Network Provided by the FSRT Tunnel
After a mobile user registers with the network, an FSRT endpoint is created on the access point, enabling
the user to send and receive data from within the mobility group. The mobile user traffic traverses the
FSRT that has been set up by the local access point and is forwarded to the central Cisco Catalyst 6500
switch. The FSRT always terminates on the Supervisor Engine 720; as long as the user is associated with
any access point under WLSM control, its traffic is always part of the same logical Layer 3 network
(subnet).
the user to send and receive data from within the mobility group. The mobile user traffic traverses the
FSRT that has been set up by the local access point and is forwarded to the central Cisco Catalyst 6500
switch. The FSRT always terminates on the Supervisor Engine 720; as long as the user is associated with
any access point under WLSM control, its traffic is always part of the same logical Layer 3 network
(subnet).
When a mobile user associates with an access point that WLSM controls, the user registers with the
network and is assigned to a particular mobility group. At the system level, a mobile network ID
internally defines this mobility group. The mobile network ID is the mechanism the system uses to
associate the user with a particular FSRT. As the user roams, the system tracks user movement, making
sure that the user maintains association with the same mobility group. When using Cisco Centralized
Key Management (CCKM)-enabled clients, the user can roam without having to reauthenticate with the
authentication, authorization, and accounting (AAA) server. The CCKM-enabled clients also provide
very fast roaming (approximately 50 ms) between the access points.
network and is assigned to a particular mobility group. At the system level, a mobile network ID
internally defines this mobility group. The mobile network ID is the mechanism the system uses to
associate the user with a particular FSRT. As the user roams, the system tracks user movement, making
sure that the user maintains association with the same mobility group. When using Cisco Centralized
Key Management (CCKM)-enabled clients, the user can roam without having to reauthenticate with the
authentication, authorization, and accounting (AAA) server. The CCKM-enabled clients also provide
very fast roaming (approximately 50 ms) between the access points.
Another important aspect of the system is the separation of control plane and data plane traffic (see
). The WLSM does not process network traffic originating from the mobile user. Traffic to and
from the user is forwarded over the FSRT to the Supervisor Engine 720 on the Cisco Catalyst 6500
switch. The Supervisor Engine 720 takes control of forwarding the traffic to its ultimate destination,
which enables the system to support mobile node traffic forwarding up to 10 million packets per second
(Mpps) per forwarding engine. Control plane traffic, such as roaming events or WLSM notification of
mobile user and access point registrations, does not traverse the FSRT; it is passed over the native
infrastructure and is processed by the WLSM. This traffic separation maximizes performance for each
type of traffic.
switch. The Supervisor Engine 720 takes control of forwarding the traffic to its ultimate destination,
which enables the system to support mobile node traffic forwarding up to 10 million packets per second
(Mpps) per forwarding engine. Control plane traffic, such as roaming events or WLSM notification of
mobile user and access point registrations, does not traverse the FSRT; it is passed over the native
infrastructure and is processed by the WLSM. This traffic separation maximizes performance for each
type of traffic.