Cisco Cisco Catalyst 6500 Series Wireless LAN Services Module (WLSM) Guía De Información

Important notices, privacy statements, and trademarks of Cisco Systems, Inc. can be found on cisco.com.

Page 3 of 6

How many Cisco Aironet Series access points and client devices can one Catalyst 6500 Series WLSM support?

At initial installation, up to 600 Cisco Aironet Series access points running Cisco IOS Software and up to 6000 Cisco Aironet, Cisco

Compatible, or Wi-Fi certified client devices can be supported by one Catalyst 6500 Series WLSM.

What operating system does the Catalyst 6500 Series WLSM support?

The Catalyst 6500 Series WLSM supports Cisco IOS Software.

Does the Catalyst 6500 Series WLSM support per-user ACLs?

Yes. The Catalyst 6500 Series WLSM provides per-user ACLs on a per mobility group basis.

Is the Catalyst 6500 Series WLSM fabric-enabled?

Yes. The Catalyst 6500 Series WLSM is a Cisco Express Forwarding 256-class module, with a connection to both the classic 32-Gbps bus

and a single 8-Gbps fabric channel. This provides a cost-effective module and supervisor engine interoperability for maximum flexibility.

FAST SECURE LAYER 3 ROAMING

What is fast secure roaming?

Fast secure roaming enables a client to change its connection between access points in the same subnet (Layer 2 roaming) or between subnets

(Layer 3 roaming) to support time-sensitive applications such as VoIP, video streaming, VPN over wireless, and client/server-based applications.

Fast secure roaming includes two features—access-point-assisted channel scanning and fast IEEE 802.1X rekeying.

What is the difference between Layer 2 and Layer 3 roaming?

Layer 2 roaming occurs within a subnet at the MAC layer. Layer 3 roaming occurs between subnets at the IP layer. With Layer 3

roaming, users can roam across access points that are on different subnets or connected to different wiring closet switches located on

different routed/broadcast domains. The need for users to roam across subnets is common to most large network deployments.

How does the Catalyst 6500 Series WLSM provide fast secure roaming across subnets?

The Catalyst 6500 Series WLSM provides fast secure roaming across subnets by building Fast Secure Roaming Tunnels (FSRTs). FSRTs

provide a logical Layer 3 network over the existing network infrastructure. This logical Layer 3 network can pass through and over different subnets.

The Catalyst 6500 Series WLSM maintains a mobility database containing the client’s IP address, MAC address, Service Set Identifiers (SSIDs),

and the autonomous access point to which the SSIDs are associated. When a client roams, the Catalyst 6500 Series WLSM allows the client to

maintain its Layer 3 address, providing network connectivity for that client so that it can reach all of the other nodes in the same subnet. The

mobility database is updated when the client roams. The system keeps track of where the user is, allowing the user to maintain connectivity with

network resources. With the Catalyst 6500 Series WLSM, autonomous access points are authenticated prior to passing traffic to the wireline

infrastructure. No data traffic is allowed beyond the autonomous access point and into the FSRT until after IEEE 802.1X authentication has been

completed.

What is the fast secure Layer 3 roaming time for the Catalyst 6500 Series WLSM?

Autonomous access point to autonomous access point handoff time is less than 50 ms, including secure IEEE 802.1X rekeying.

How was Layer 3 roaming addressed for autonomous access points prior to the Catalyst 6500 Series WLSM?

Before Catalyst 6500 Series WLSM Layer 3 roaming, campus spanning VLANs were used for autonomous access point deployments. This

created large broadcast/failure domains that were difficult to manage. Since campus spanning VLANs are not recommended for robust, scalable

networks, customers were sacrificing roaming requirements over network design best practices. With the Catalyst 6500 Series WLSM, customers

no longer need campus spanning VLANs—the module supports fast secure Layer 3 roaming via the FSRT.