Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
233
Views
5
Helpful
4
Replies

Layer 3 Roaming use cases?

Mitrixsen
Level 1
Level 1

‎04-16-2025 08:06 AM

Hello, everyone.

I have a question about a specific wireless design. Consider this image:

Mitrixsen_0-1744815913461.png

I always thought that roaming works like this - the same SSID/security parameters are configured on the WLC and the APs, the wireless station then associates to the second AP as the user walks from one BSS to another and that the subnet remains the same.

Then my book talks about L3 roaming (this isn’t a snippet from the book, it’s available for free on google)

Mitrixsen_1-1744815937561.png

What exactly is this design? Why would there ever be an SSID like Staff that would have different subnets, depending on which AP you associate with? Wouldn’t you just configure your DHCP server to provide one subnet for each WLAN?

This kind of configuration indicates three things

  1. The SSID is the same
  2. The security parameters such as the PSK are the same
  3. The VLAN mapped to that SSID and the subnet are different for both SSIDs

This seems a very unusual way for me to design a wireless network, why would you ever want to do this?

Thank you.
David

0 Helpful
4 Replies 4

M02@rt37
VIP
VIP

‎04-16-2025 08:15 AM

Hello @Mitrixsen 

You might have 2 campus or buildings in different cities, each with their own WLC and IP space...It's not practical to stretch a single VLAN/subnet across all locations just for wireless clients...so you map the same SSID "Staff" to diferent VLAN per site.

 

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Mitrixsen
Level 1
Level 1
In response to M02@rt37

‎04-16-2025 08:19 AM

Hello M02@rt37 

The lightweight architecture uses tunneling, though. So the only place where that VLAN would reside would be on the WLC itself and the trunk link that connects it to, for example, a routing device, so the VLAN wouldn't really be stretched that much, would it?

Mitrixsen_0-1744816756033.png

And if the buildings are in different cities then there wouldn't really be any option for roaming, or?

David

0 Helpful

M02@rt37
VIP
VIP
In response to Mitrixsen

‎04-16-2025 09:06 AM

David, thanks for that clarification and diagram.

Because of this tunneling setup, the VLANs assigned to different SSIDs (like VLAN20 or VLAN30 on your example) only need to exist at 2 places: on the WLC itself and on the trunk link between the WLC and the core switch/router. So yes, you don’t need to stretch those VLAN throughout the entire wired network.

Now, regarding roaming ; if your buildings are in different citys, roaming between them become very limited. Roaming usually works best within the same physical campus or location because it relies on fast handoffs between APs and low latency back to the WLC. If your AP in two citys are conected back to a central WLC over a long distance WAN link, roaming might technically work, but it will likely be slow, and in many cases, not practical at all.

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Saikat Nandy
Cisco Employee
Cisco Employee

‎04-16-2025 08:58 AM

The first snippet of yours is an Intercontroller L2 roaming, whereas the second one is Intercontroller L3 roaming. The main purpose of Intercontroller L3 roaming is that despite of change in VLAN, endpoint will keep on using the 'original' IP address it got at the beginning. Have a look into these - 

1. AireOS - https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-3/config-guide/b_cg83/overview.html
2. 9800 - https://www.cisco.com/c/en/us/products/collateral/wireless/catalyst-9800-series-wireless-controllers/cat9800-ser-primer-enterprise-wlan-guide.html

If you are using 9800, then you need vlan persistent to be enabled.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card