A mobility even occur if a client roams between access points. As wireless clients move between APs on the same controller and APs join to different controller within the network four different types of roaming events can take place.
1. Intra Controller
2. Inter Controller
3. Inter Controller – Layer 3
4. Auto – Anchor Mobility
Intra Controller Roaming : If a client roam between APs on the same controller , it is called intra-controller mobility event. This is the most simplistic roaming event where WLC simply update the database with client state & security context as client roam from AP1 to AP2. See below
Inter Controller-L2 Roaming : Inter-Controller (normally layer 2) roaming occurs when a client roam between two APs registered to two different controllers, where each controller has an interface in the client subnet.
Inter Controller-L3 Roaming : If the clients roam between APs registered to different controllers and the client WLAN on the two controllers is on different subnet, then it is called inter-controller L3 roam.
In this situation as well controllers exchange mobility messages. Client database entry change is completely different that to L2 roam(instead of move, it will copy). In this situation the original controller marks the client entry as “Anchor” where as new controller marks the client entry as “Foreign“.The two controllers now referred to as “Anchor controller” & “Foreign Controller” respectively. Client will keep the original IP address & that is the real advantage.
If your client configured with static IP addresses, When these wireless clients move & associate to another WLC that does not support the same subnet as the static IP, the clients fail to connect to the network. You can now enable dynamic tunneling of clients with static IP addresses.
The following sequence of steps occur when a client with a static IP address tries to associate with a controller:
* When a client associates with a controller, for example, WLC-1, it performs a mobility announcement. If a controller in the mobility group responds (for example WLC-2), the client traffic is tunneled to the controller WLC-2 (Anchor).
* If none of the controllers respond, the client is treated as a local client and authentication is performed. If the client’s IP subnet is not supported in the controller (WLC-1), WLC-1 sends another static IP mobile announce and if a controller (for example WLC-3) which supports the clients subnet responds to that announce, the client traffic is tunneled to that controller WLC-3. As a result, the controller WLC 1 becomes the export foreign controller and WLC-2 becomes the export anchor controller.
* Once the acknowledgement is received, the client traffic is tunneled between the anchor and the controller (WLC-1).
Auto-Anchor Mobility : Auto Anchoring is when your anchor a WLAN to a particular controller in the mobility domain. Most common use of Auto Anchor is Wireless Guest service where all guest traffic tunnel back to DMZ controller irrespective of where they associate to network.(See below)
Mobility has two categories, Mobility Domains & Mobility Groups. If WLCs are in same mobility domain they communicate with each other. Mobility Group constraint the distribution of security context of a client. It also constrain AP fail-over between controllers.
A WLC support 3 mobility groups with up to 24 controllers in a single group for a total of 72 controllers in the mobility domain (or list). WLC 5.1 or later allows seamless roaming across multiple mobility groups in the mobility list of the controller.
Any device on a IP network has an IP point of presence (PoP). Usually it is record of client IP address & MAC address.If client move to an another AP associated to another controller point of association or attachment (PoA) change to foreign controller where as PoP remain in anchor controller. In roaming situations role of WLC can change to any of below.
Local: The controller proivde both PoP & PoA
Anchor: The controller provide PoP only & always paired with a foreign contorller (PoA)
Foreign: The controller provide PoA only & always paired with a Anchor controller (PoP)
Export Anchor: The controller provide PoP only and always paired with an export foreign controller.
Export Foreign: The controller provide PoA only and always paired with an export anchor controller.
Mobility packet uses UDP port 16666. Because UDP is an unreliable delivery mechanism, any packets that requires a response retries up to 4 times at one-second intervals. All packet should have mobility packet header, followed by one or more TLV (Type, Length, Value) payloads carrying specific client or session data.
1. Configuring WLC Mobility
2. L2- Inter Controller Roaming
3. L3- Inter Controller Roaming
5. WLC – Web Authentication
6. Configuring Auto Anchor
7. Auto-Anchor Foreign Mapping
8. Mobility Ping Tests
9. Configuring Wired Guest
10. Static IP Clients Mobility