Tags
A mobility even occur if a client roams between access points. As wireless clients move between APs on the same controller and APs join to different controller within the network four different types of roaming events can take place.
1. Intra Controller
2. Inter Controller
3. Inter Controller – Layer 3
4. Auto – Anchor Mobility
Intra Controller Roaming : If a client roam between APs on the same controller , it is called intra-controller mobility event. This is the most simplistic roaming event where WLC simply update the database with client state & security context as client roam from AP1 to AP2. See below
Inter Controller-L2 Roaming : Inter-Controller (normally layer 2) roaming occurs when a client roam between two APs registered to two different controllers, where each controller has an interface in the client subnet.
In this instance controllers exchange mobility control messages (over UDP port 16666) and the client database entry is moved from the original controller to the new controller.
Inter Controller-L3 Roaming : If the clients roam between APs registered to different controllers and the client WLAN on the two controllers is on different subnet, then it is called inter-controller L3 roam.
In this situation as well controllers exchange mobility messages. Client database entry change is completely different that to L2 roam(instead of move, it will copy). In this situation the original controller marks the client entry as “Anchor” where as new controller marks the client entry as “Foreign“.The two controllers now referred to as “Anchor controller” & “Foreign Controller” respectively. Client will keep the original IP address & that is the real advantage.
If your client configured with static IP addresses, When these wireless clients move & associate to another WLC that does not support the same subnet as the static IP, the clients fail to connect to the network. You can now enable dynamic tunneling of clients with static IP addresses.
The following sequence of steps occur when a client with a static IP address tries to associate with a controller:
* When a client associates with a controller, for example, WLC-1, it performs a mobility announcement. If a controller in the mobility group responds (for example WLC-2), the client traffic is tunneled to the controller WLC-2 (Anchor).
* If none of the controllers respond, the client is treated as a local client and authentication is performed. If the client’s IP subnet is not supported in the controller (WLC-1), WLC-1 sends another static IP mobile announce and if a controller (for example WLC-3) which supports the clients subnet responds to that announce, the client traffic is tunneled to that controller WLC-3. As a result, the controller WLC 1 becomes the export foreign controller and WLC-2 becomes the export anchor controller.
* Once the acknowledgement is received, the client traffic is tunneled between the anchor and the controller (WLC-1).
Auto-Anchor Mobility : Auto Anchoring is when your anchor a WLAN to a particular controller in the mobility domain. Most common use of Auto Anchor is Wireless Guest service where all guest traffic tunnel back to DMZ controller irrespective of where they associate to network.(See below)
Mobility has two categories, Mobility Domains & Mobility Groups. If WLCs are in same mobility domain they communicate with each other. Mobility Group constraint the distribution of security context of a client. It also constrain AP fail-over between controllers.
A WLC support 3 mobility groups with up to 24 controllers in a single group for a total of 72 controllers in the mobility domain (or list). WLC 5.1 or later allows seamless roaming across multiple mobility groups in the mobility list of the controller.
Any device on a IP network has an IP point of presence (PoP). Usually it is record of client IP address & MAC address.If client move to an another AP associated to another controller point of association or attachment (PoA) change to foreign controller where as PoP remain in anchor controller. In roaming situations role of WLC can change to any of below.
Local: The controller proivde both PoP & PoA
Anchor: The controller provide PoP only & always paired with a foreign contorller (PoA)
Foreign: The controller provide PoA only & always paired with a Anchor controller (PoP)
Export Anchor: The controller provide PoP only and always paired with an export foreign controller.
Export Foreign: The controller provide PoA only and always paired with an export anchor controller.
Mobility packet uses UDP port 16666. Because UDP is an unreliable delivery mechanism, any packets that requires a response retries up to 4 times at one-second intervals. All packet should have mobility packet header, followed by one or more TLV (Type, Length, Value) payloads carrying specific client or session data.
Related Posts
1. Configuring WLC Mobility
2. L2- Inter Controller Roaming
3. L3- Inter Controller Roaming
5. WLC – Web Authentication
6. Configuring Auto Anchor
7. Auto-Anchor Foreign Mapping
8. Mobility Ping Tests
9. Configuring Wired Guest
10. Static IP Clients Mobility
mrn-cciew 
Hello,
I was reading roaming… it say a wlc can be in one mobility group and one mobility domain. A wlc can be aware of wlc in other group if they both have same mobility domain defined. I am currently working on wlc 2504 with code 7.4.100.0. so in this wlc when I go to controller > general tab and define default mobility domain name like (ABC) and then go to controller > mobility management> mobility group there is an entry which says local mobility group ABC and mentions itself there. It means what ever I defined inthe default mobility domain name is automatically taken as mobility group. Then how is this possible that two wlcs in different mobility group and still be in same mobility domain.
Thanks……
Hi
Typically what you configure is mobility group name under controller -> General tab. That will appear as mobility group name as you saw.
You can put different WLC into different mobility group, as long as you configure the mobility peering they will be part of the same mobility domain
Refer below post as well as it cover some basics
https://mrncciew.com/2013/12/14/3850ma-with-5760mc/
HTH
Rasika
Hi Rasika,
can u please explain in detail what POP is?? when u say any device, can it be an AP or switch??
In 5508/2504/WiSM2/8500 (ie AireOS controllers), these functionality are within those devices & not discussed in detail.
But in Converged Access concept, these two terms (PoP & PoA) used. Point of Presence is where wireless client is present to the wired network. In 3850/3650 environment, this is where client first stack where client associate. Then if client roam to another area where AP managed by another stack, client attachment (PoA) moved to different stack, but PoP still previous stack where client first associated. This is how client IP won’t changed even two stacks are L3 separated.
HTH
Rasika
Great article Rasika with some trivial typos which you might wanna correct. The diagrams for Inter-Controller L2 and L3 SHOUDL say INTER instead INTRA 🙂
Hi,
How you could configure Intra Controller L3 Roaming on a WLC? I’m asking this because I have read that it isn’t recommended to have a lot of APs working in the same VLAN, so I want to configure the same SSID on different VLANs.
Thanks.
How many APs you use on the same VLAN ? It is not a problem,
If you talk about wireless user vlan, then its depend on your design principles. I am using /21 (2048 host) as max size of wireless subnet.
You have to use vlan select (or interface group) if you want to map multiple vlan to same SSID. Otherwise use AP Group and then map different subnet to same SSID.
HTH
Rasika
Hi, thanks for answering,
I’ve 100 APs, 4000 wireless clients and 1 WLC.
I have read about AP Group, but when you roaming to other AP in other vlan, you conserve the same IP from the first vlan. in this case, what will you do?
Thank you.
HI Rasika,
Nice blog.. Just a quick question we are running wireless controller version 7.4.140.0. and facing issues with half second blip or close to a half second lag along with some jitter during roaming from AP to AP.. we have a controller and roam between the same AP on this controller..
https://supportforums.cisco.com/discussion/12590266/wireless-mobility-issue-close-half-second-blips-while-handoff-and-jitter-vocera
Thanks for your help.
“and WLC-2 becomes the export anchor controller.”
its a typo and you mean WLC-3. Thanks, good post.
Thank you for the correction.
Can we auto anchor traffic from one foreign controller to an anchor controller which further tunnels this towards another anchor controller?
I do not think so
Can you please explain what is an Anchor controller and Foreign controller? I am not able to understand it properly.
One of my customer has two WLC’s deployed in these two modes.
Kindly help me in understanding this properly.
Hope this document helps you
https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-1/Enterprise-Mobility-8-1-Design-Guide/Enterprise_Mobility_8-1_Deployment_Guide/WirelessNetwork_GuestAccessService.html
HTH
Rasika