Ch 18: Wireless Infrastructure

Question 1

Suppose that a lightweight AP in default local mode is used to support wireless clients. Which one of the following paths would traffic usually take when passing from one wireless client to another?

1. Through the AP only
2. Through the AP and its controller
3. Through the controller only
4. None of these answers (Traffic must go directly over the air.)

Answer 1

2.

An AP transports client traffic through a tunnel back to a wireless LAN controller. Therefore, client-to-client traffic typically passes through both the AP, the controller, and back through the AP.

Question 2

A centralized wireless network is built with 1 WLC and 32 lightweight APs. Which one of the following best describes the resulting architecture?

1. A direct Layer 2 path from the WLC to each of the 32 APs, all using the same IP subnet
2. A direct Layer 3 path from the WLC to each of the 32 APs, all using the same IP subnet
3. 32 CAPWAP tunnels daisy-chained between the APs, one CAPWAP tunnel to the WLC
4. 32 CAPWAP tunnels—1 tunnel from the WLC to each AP, with no IP subnet restrictions

Answer 2

4.

Because the network is built with a WLC and APs, CAPWAP tunnels are required.

One CAPWAP tunnel connects each AP to the WLC, for a total of 32 tunnels. CAPWAP encapsulates wireless traffic inside an additional IP header, so the tunnel packets are routable across a Layer 3 network. That means the APs and WLC can reside on any IP subnet as long as the subnets are reachable. There are no restrictions for the APs and WLC to live on the same Layer 2 VLAN or Layer 3 IP subnet.

Question 3

Which of the following unique features is true in an embedded wireless network architecture?

1. An access layer switch can also function as an AP.
2. All WLCs are converged into one device.
3. Large groups of APs connect to a single access layer switch.
4. An access layer switch can also function as a WLC.

Answer 3

4.

In an embedded design, an access layer switch also functions as a WLC so that all user access (wired and wireless) converges in a single layer.

Question 4

Which one of the following comes first in a lightweight AP’s state machine after it boots?

1. Building a CAPWAP tunnel
2. Discovering WLCs
3. Downloading a configuration
4. Joining a WLC

Answer 4

B.

An AP discovers all possible WLCs before attempting to build a CAPWAP tunnel or join a controller.

Question 5

If a lightweight AP needs to download a new software image, how does it get the image?

1. From a TFTP server
2. From an FTP server
3. From a WLC
4. You must preconfigure it.

Answer 5

3.

After an AP boots, it compares its own software image to that of the controller it has joined. If the images differ, the AP downloads a new image from the controller.

Question 6

Which of the following is not a valid way that an AP can learn of WLCs that it might join?

1. Primed entries
2. List from a previously joined controller
3. DHCP
4. Subnet broadcast
5. DNS
6. Over-the-air neighbor message from another AP

Answer 6

6.

An AP can learn controller addresses by using any of the listed methods except for an over-the-air neighbor message.

APs do send neighbor messages over the air, but they are used to discover neighboring APs—not potential WLCs to join.

Question 7

If an AP tries every available method to discover a controller but fails to do so, what happens next?

1. It broadcasts on every possible subnet.
2. It tries to contact the default controller at 10.0.0.1.
3. It reboots or starts discovering again.
4. It uses IP redirect on the local router.

Answer 7

3.

If an AP cannot find a viable controller, it reboots and tries the discovery process over again.

Question 8

Which of the following is the most deterministic strategy you can use to push a specific AP to join a specific controller?

1. Let the AP select the least-loaded controller
2. Use DHCP option 43
3. Specify the master controller
4. Specify the primary controller

Answer 8

4.

If the primary controller responds to an AP’s discovery methods, the AP will always try to join it first, ahead of any other controller.

Configuring an AP with a primary controller is the most specific method because it points the AP to a predetermined controller. (Static)

Other methods are possible, but they can yield ambiguous results that could send an AP to one of several possible controllers.

Question 9

Which of the following antennas would probably have the greatest gain?

a. Patch
b. Dish
c. Yagi
d. Dipole
e. Integrated

Answer 9

2.

A parabolic dish antenna has the greatest gain because it focuses the RF energy into a tight beam.

Question 10

An omnidirectional antenna usually has which of the following characteristics? (Choose two.)

1. Low gain
2. Small beamwidth
3. High gain
4. Zero gain
5. Large beamwidth

Answer 10

1 and 5.

An omnidirectional antenna is usually used to cover a large area. Therefore, it has a large beamwidth. Because it covers a large area, its gain is usually small.

Question 11

Cisco APs can operate in one of two modes—__________ or __________ —depending on the code image that is installed.

Answer 11

Cisco APs can operate in one of two modes—autonomous or lightweight—depending on the code image that is installed.

As the names imply, autonomous APs are self-sufficient and standalone, while lightweight APs require something bigger to complete their purpose.

The lightweight mode is interesting because it can support several different network topologies, depending on where the companion wireless LAN controllers (WLCs) are located.

Question 12

What is a BSS?

Answer 12

The basic service set (BSS) is a set of all stations that can communicate with each other at PHY layer.

Basic service sets (BSS) are a subgroup of devices within a service set (SSID) which are additionally also operating with the same physical layer medium access characteristics (i.e. radio frequency, modulation scheme, security settings etc.) such that they are wirelessly networked.

Every BSS has an identification (ID) called the BSSID, which is the MAC address of the access point servicing the BSS. There are two types of BSS: Independent BSS (also referred to as IBSS), and infrastructure BSS.

While devices may have multiple BSSIDs, usually each BSSID is associated with at most one basic service set at a time.

Question 13

What is an SSID?

Answer 13

In IEEE 802.11 wireless local area networking standards, a service set (also known as extended service set or ESS) is a group of wireless network devices which are identified by the same SSID (service set identifier).

SSIDs serve as “network names” and are typically natural language labels.

A service set forms a logical network – that is operating with the same level 2 networking parameters – they are on the same logical network segment (e.g., IP subnet or VLAN).

Question 14

T/F: Each autonomous AP must be configured and maintained individually unless you leverage a management platform such as Cisco Prime Infrastructure.

Answer 14

True.

An autonomous AP must also be configured with a management IP address to enable remote management. This is necessary when you want to configure SSIDs, VLANs, and many RF parameters like the channel and transmit power.

The management address is not normally part of any of the data VLANs, so a dedicated management VLAN must be added to the trunk links to reach the AP.

Because the data and management VLANs may need to reach every autonomous AP, the network configuration and efficiency can become cumbersome as the network scales.

Question 15

What is split-MAC architecture?

Answer 15

Recall that Cisco APs can be configured to operate in either autonomous or lightweight AP mode. In lightweight mode, an AP loses its self-sufficiency to provide a working BSS for wireless users. Instead, it has to join a WLC to become fully functional. This cooperation is known as a split-MAC architecture, where the AP handles most of the real time 802.11 processes and the WLC performs the management functions.

Question 16

How is a lightweight AP connected to a WLC?

Answer 16

An AP and a WLC are joined by a logical pair of CAPWAP tunnels that extend through the wired network infrastructure.

Control and data traffic are transported across the tunnels. Many APs can join the same WLC, each with its own pair of CAPWAP tunnels.

A wireless network can scale in this fashion, provided the WLC can support the maximum number of APs in use. Beyond that, additional WLCs would be needed.

Question 17

What is the Cisco definition of a “centralized or unified wireless LAN topology”?

Answer 17

This is when a WLC is placed in a central location, usually in a data center or near the network core, so that you can maximize the number of APs joined to it. This is known as a centralized or unified wireless LAN topology, as shown in Figure 18-3.

This tends to follow the concept that most of the resources users need to reach are located in a central location, such as a data center or the Internet. Traffic to and from wireless users travels from the APs over CAPWAP tunnels that reach into the center of the network. A centralized WLC also provides a convenient place to enforce security policies that affect all wireless users.

Question 18

T/F: A Cisco unified WLC meant for a large enterprise can support up to 6000 APs.

Answer 18

True.

Question 19

Which provides the more efficient path for connecting users - Autonomous or Lightweight APs?

Answer 19

Autonomous AP is more efficient for the path data takes to connect two wireless users associated with the same autonomous AP. They can reach each other directly through the autonomous AP.

In contrast, the path between two wireless users in a centralized network is shown in Figure 18-4. The traffic from one client must pass through the AP, where it is encapsulated in the CAPWAP tunnel, and then travel high up into the network to reach the WLC, where it is unencapsulated and examined. The process then reverses, and the traffic goes back down through the tunnel to reach the AP and back out into the air to the other client.

Question 20

T/F: The RTT between the AP and WLC is a design consideration.

Answer 20

True.

The length of the tunnel path can be a great concern for lightweight APs.

The round-trip time (RTT) between an AP and a controller should be less than 100 ms so that wireless communication can be maintained in near real time. If the path has more latency than that, the APs may decide that the controller is not responding fast enough, so they may disconnect and find another, more responsive controller.

Question 21

What is embedded wireless network topology?

Answer 21

This is a design where the WLC is located further down in the network hierarchy. In Figure 18-5, the WLC is co-located with an access layer switch. This can be desirable when the switch platform can also support the WLC function. This is known as an embedded wireless network topology because the WLC is embedded in the switch hardware.

A Cisco embedded WLC typically supports up to 200 APs.

Question 22

Is it possible to move the WLC even below the access layer and into an AP?

Answer 22

Yes, it is possible.

Figure 18-7 illustrates the Mobility Express topology, where a fully functional Cisco AP also runs software that acts as a WLC. This can be useful in small scale environments, such as small, midsize, or multi-site branch locations, where you might not want to invest in dedicated WLCs at all. The AP that hosts the WLC forms a CAPWAP tunnel with the WLC, as do any other APs at the same location. A Mobility Express WLC can support up to 100 APs.

Question 23

Put the following steps of a lightweight AP state machine in order.

1. Reset
2. WLC join
3. AP boots
4. CAPWAP tunnel:
5. WLC discovery
6. Download config
7. Download image
8. Run state

Answer 23

The correct order from the question is: 3, 5, 4, 2, 7, 6, 8, 1.

The sequence of the most common states, as 7 in Figure 18-8, is as follows:

1. AP boots: Once an AP receives power, it boots on a small IOS image so that it can work through the remaining states and communicate over its network connection. The AP must also receive an IP address from either a Dynamic Host Configuration Protocol (DHCP) server or a static configuration so that it can communicate over the network.
2. WLC discovery: The AP goes through a series of steps to find one or more controllers that it might join. The steps are explained further in the next section.
3. CAPWAP tunnel: The AP attempts to build a CAPWAP tunnel with one or more controllers. The tunnel will provide a secure Datagram Transport Layer Security (DTLS) channel for subsequent AP-WLC control messages. The AP and WLC authenticate each other through an exchange of digital certificates.
4. WLC join: The AP selects a WLC from a list of candidates and then sends a CAPWAP Join Request message to it. The WLC replies with a CAPWAP Join Response message. The next section explains how an AP selects a WLC to join.
5. Download image: The WLC informs the AP of its software release. If the AP’s own software is a different release, the AP downloads a matching image from the control- ler, reboots to apply the new image, and then returns to step 1. If the two are running identical releases, no download is needed.
6. Download config: The AP pulls configuration parameters down from the WLC and can update existing values with those sent from the controller. Settings include RF, service set identifier (SSID), security, and quality of service (QoS) parameters.
7. Run state: Once the AP is fully initialized, the WLC places it in the “run” state. The AP and WLC then begin providing a BSS and begin accepting wireless clients.
8. Reset: If an AP is reset by the WLC, it tears down existing client associations and any CAPWAP tunnels to WLCs. The AP then reboots and starts through the entire state machine again.

Question 24

T/F: To discover a WLC, an AP sends a unicast CAPWAP Discovery Request to a controller’s IP address over UDP port 5264 or a broadcast to the local subnet. If the controller exists and is working, it returns a CAPWAP Discovery Response to the AP

Answer 24

False.

To discover a WLC, an AP sends a unicast CAPWAP Discovery Request to a controller’s IP address over UDP port 5246 or a broadcast to the local subnet. If the controller exists and is working, it returns a CAPWAP Discovery Response to the AP.

Question 25

What are the commands to configure a router to relay any broadcast requests on UDP 5246 to specific WLC1 and WLC2 management addresses, on VL100?

Answer 25

If the AP and controllers lie on different subnets, you can configure the local router to relay any broadcast requests on UDP port 5246 to specific controller addresses. Use the following configuration commands: **router(config)#** ip forward-protocol udp 5246 **router(config)#** interface vlan 100 **router (config-int)#** ip helper-address WLC1-MGMT-ADDR **router(config-int)#** ip helper-address WLC2-MGMT-ADDR

Question 26

An AP can be “primed” with up to three controllers—a primary, a second- ary, and a tertiary. Where are these stored so upon booting the AP can contact the WLC?

Answer 26

An AP can be “primed” with up to three controllers—a primary, a second- ary, and a tertiary. These are stored in **nonvolatile memory** so that the AP can remember them after a reboot or power failure.

Question 27

T/F: the CAPWAP Discovery Request broadcasts globally, automatically being forwarded by Cisco routers.

Answer 27

False. **The AP broadcasts a CAPWAP Discovery Request on its local wired subnet.** Any WLCs that also exist on the subnet answer with a CAPWAP Discovery Response.

Question 28

What is the DHCP option to supply a list of WLC addresses to an lightweight AP?

Answer 28

The DHCP server that supplies the AP with an IP address can also send DHCP option 43 to suggest a list of WLC addresses.

Question 29

What is the significance of CISCO-CAPWAP-CONTROLLER.local-domain to a booting lightweight AP? Where is the local.domain learned from?

Answer 29

The AP attempts to resolve the name CISCO-CAPWAP-CONTROLLER.local-domain with a DNS request (where localdomain is the domain name learned from DHCP). If the name resolves to an IP address, the controller attempts to contact a WLC at that address

Question 30

When an AP has finished the discovery process, it should have built a \_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_.

Answer 30

When an AP has finished the discovery process, it should have built a **list of live candidate controllers.** Now it must begin a separate process to select one WLC and attempt to join it. Joining a WLC involves sending it a CAPWAP Join Request and waiting for it to return a CAPWAP Join Response. From that point on, the AP and WLC build a DTLS tunnel to secure their CAPWAP control messages.

Question 31

What is a DTLS tunnel?

Answer 31

**Datagram Transport Layer Security (DTLS)** is a communications protocol that provides security for datagram-based applications by allowing them to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. The DTLS protocol is based on the stream-oriented Transport Layer Security (TLS) protocol and is intended to provide similar security guarantees. The DTLS protocol datagram preserves the semantics of the underlying transport—the application does not suffer from the delays associated with stream protocols, but because it uses UDP, the application has to deal with packet reordering, loss of datagram and data larger than the size of a datagram network packet.

Question 32

The WLC selection process consists of the following three steps. Put them in order. 1. If the AP does not know of any candidate controller, it tries to discover one. 2. The AP attempts to join the least-loaded WLC, in an effort to load balance APs across a set of controllers 3. If the AP has previously joined a controller and has been configured or “primed” with a primary, secondary, and tertiary controller, it tries to join those controllers in succession.

Answer 32

The correct order from the question is: 3, 1, 2. The WLC selection process consists of the following three steps: 1. If the AP has previously joined a controller and has been configured or “primed” with a primary, secondary, and tertiary controller, it tries to join those controllers in succession. 2. If the AP does not know of any candidate controller, it tries to discover one. If a controller has been configured as a master controller, it responds to the AP’s request. 3. The AP attempts to join the least-loaded WLC, in an effort to load balance APs across a set of controllers. During the discovery phase, each contrpoller reports its load—the ratio of the number of currently joined APs to the total AP capac- ity. The least-loaded WLC is the one with the lowest ratio.

Question 33

T/F: Once an AP joins a controller, it sends keepalive (also called heartbeat) messages to the controller over the wired network at regular intervals.

Answer 33

True. Once an AP joins a controller, it sends keepalive (also called heartbeat) messages to the controller over the wired network at regular intervals. By default, keepalives are sent every 30 seconds. The controller is expected to answer each keepalive as evidence that it is still alive and working. If a keepalive is not answered, an AP escalates the test by sending four more keepalives at 3-second intervals. If the controller answers, all is well; if it does not answer, the AP presumes that the controller has failed. The AP then moves quickly to find a successor to join.

Question 34

From the WLC, you can configure a lightweight AP to operate in one of the several special-purpose modes. What is the "**Local mode**"?

Answer 34

**Local:** The default lightweight mode that offers one or more functioning BSSs on a specific channel. During times when it is not transmitting, the AP scans the other channels to measure the level of noise, measure interference, discover rogue devices, and match against intrusion detection system (IDS) events. NOTE: Remember that a lightweight AP is normally in local mode when it is providing BSSs and allowing client devices to associate to wireless LANs. **When an AP is configured to operate in one of the other modes, local mode (and the BSSs) is disabled.**

Question 35

From the WLC, you can configure a lightweight AP to operate in one of the several special-purpose modes. What is the "Monitor mode"?

Answer 35

**Monitor**: The AP does not transmit at all, but its receiver is enabled to act as a dedicated sensor. The AP checks for IDS events, detects rogue access points, and determines the position of stations through location-based services.

Question 36

From the WLC, you can configure a lightweight AP to operate in one of the several special-purpose modes. What is the "FlexConnect mode"?

Answer 36

**FlexConnect**: An AP at a remote site can locally switch traffic between an SSID and a VLAN if its CAPWAP tunnel to the WLC is down and if it is configured to do so.

Question 37

From the WLC, you can configure a lightweight AP to operate in one of the several special-purpose modes. What is the "Sniffer mode"?

Answer 37

**Sniffer**: An AP dedicates its radios to receiving 802.11 traffic from other sources, much like a sniffer or packet capture device. The captured traffic is then forwarded to a PC running network analyzer software such as LiveAction Omnipeek or Wireshark, where it can be analyzed further.

Question 38

From the WLC, you can configure a lightweight AP to operate in one of the several special-purpose modes. What is the "Rogue detector mode"?

Answer 38

**Rogue detector:** An AP dedicates itself to detecting rogue devices by correlating MAC addresses heard on the wired network with those heard over the air. Rogue devices are those that appear on both networks.

Question 39

From the WLC, you can configure a lightweight AP to operate in one of the several special-purpose modes. What is the "Bridge mode"?

Answer 39

**Bridge**: An AP becomes a dedicated bridge (point-to-point or point-to-multipoint) between two networks. Two APs in bridge mode can be used to link two locations separated by a distance. Multiple APs in bridge mode can form an indoor or outdoor mesh network.

Question 40

From the WLC, you can configure a lightweight AP to operate in one of the several special-purpose modes. What is the "Flex+Bridge mode"?

Answer 40

Flex+Bridge: FlexConnect operation is enabled on a mesh AP.

Question 41

From the WLC, you can configure a lightweight AP to operate in one of the several special-purpose modes. What is the "SE-Connect mode"?

Answer 41

**SE-Connect:** The AP dedicates its radios to spectrum analysis on all wireless channels. You can remotely connect a PC running software such as MetaGeek Chanalyzer or **Cisco Spectrum Expert** to the AP to collect and analyze the spectrum analysis data to discover sources of interference.

Question 42

Antenna gain is normally a comparison of one antenna against an isotropic antenna and is measured in _____________ units.

Answer 42

Recall from Chapter 17 that antenna gain is normally a comparison of one antenna against an isotropic antenna and is measured in **dBi (decibel-isotropic)**. An isotropic antenna does not actually exist because it is ideal, perfect, and impossible to construct. It is also the simplest, most basic antenna possible, which makes it a good starting place for antenna theory.

Question 43

What is a radiation pattern when referring to wireless antennas?

Answer 43

A plot that shows the relative signal strength around an antenna is known as the radiation pattern.

Question 44

What are the E and H planes? What do they show?

Answer 44

A radiation pattern is difficult to see in 3D. Instead, you could slice through the three-dimensional plot with two orthogonal planes and show the two outlines that are formed from the plot. In Figure 18-9, the sphere is cut by two planes. The XY plane, which lies flat along the horizon, is known as the **H plane, or the horizontal (azimuth)** plane, and it usually shows a top-down view of the radiation pattern through the center of the antenna. The XZ plane, which lies vertically along the elevation of the sphere, is known as the **E plane, or elevation plane,** and shows a side view of the same radiation pattern.

Question 45

What is polarization with regard to antennas?

Answer 45

The electrical field wave’s orientation, with respect to the horizon, is called the antenna polarization. Antennas that produce vertical oscillation are vertically polarized; those that produce horizontal oscillation are horizontally polarized.

Question 46

What is the shape of the radiation pattern of an omnidirectional antenna? What is it best suited for?

Answer 46

There are two basic types of antennas, omnidirectional and directional. An **omnidirectional** antenna is usually made in the shape of a thin cylinder. It tends to propagate a signal equally in all directions away from the cylinder but not along the cylinder’s length. The result is a donut-shaped pattern that extends further in the H plane than in the E plane. This type of antenna is well suited for broad coverage of a large room or floor area, with the antenna located in the center. Because an omnidirectional antenna distributes the RF energy throughout a broad area, it has a relatively low gain.

Question 47

What type of antenna focuses direction the best.

Answer 47

Parabolic dish antennas are very focused.