This particular question doesn't involve LWAPP controllers, it's about Aironet bridges, which run IOS.

Bump.

Hi, Bill,

Thabks for the reply, but I'm familiar with how to set it up, and have done so a number of times. My question boils down to, "How does it actually work?"

-George

George

The AP in autonomous mode is basicaly a layer two device and does not know about IP and VLAN's this is a good question.

to answer your original question "Multiple VLANs on one SSID: how does this actually work?" the answer is from Cisco is "Failure to recognize that multiple VLANs and SSIDs indicate multiple OSI Model Layer 3 subnets

Deprecated versions of Cisco Aironet software permit binding multiple SSIDs to one VLAN. Current versions do not"

The Packet headers have a VLAN tag field that the Switch or AP decodes/inserts depending on direction to determine the correct routing,

that is the short version

Bill

I'm afraid that I'm confused by your answer, Bill. Which "packet headers" have a "VLAN tag"? The wireless (802.11) packets? Which header field is it in? And why would a layer 2 device necessarily not understand VLANs? 802.1q is a layer 2 VLAN tagging protocol.

Keep in mind I'm specifically asking about *bridging* VLANs across a point-to-point wireless link using a single SSID, not about associating VLANs with SSIDs on a one-to-one basis (as for wireless client devices), and not about "binding multiple SSIDs to one VLAN" (from your post).

George

Multiple VLANS on a single SSID are not supported by the current software, you must assign each VLAN to it's own SSID.

the VLAN tags are in the packet headers between the Switch and the AP. Between the AP's or AP and client the SSID/VLAN pair determines the logical routing.

I hope this helps

Bill

"Multiple VLANS on a single SSID are not supported by the current software."

This is true for APs and SSIDs used to serve client devices. However, this is not true for bridge links. According to the same configuration guide you quoted earlier, "When you bridge, there is no need to associate a separate SSID with each VLAN." Cisco explicitly instructs you to use only a single SSID when *bridging* multiple VLANs.

http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_example09186a00801d0815.shtml#vlanbr

Again, I already know that this *does* work, I've got it in production on several customer networks. I want to know *how* it works. There's no concept of VLAN tagging in 802.11 as far as I know, so I want to know how one bridge device tells the other bridge device what VLAN a packet belongs to. If you don't know, that's okay, but that's the piece of information that I want to know.

My best guess is that as you have configured your AP's they are operating as a pure Layer 2 device for the bridge and as such do not examine the wired packets just encapsulate them into a wireless packet for the bridge and the AP on the other side remove the wireless encapsulation and forwards the packet to the wired network.

VLANS aare then handeled by the switches on either side of the bridge.

Hope this explanation holds water because it goes back to basic MAC layer bridging which appears to be what you are implementing.

this has been fun

Bill

Hey Scott,

Perfect! 5 points for making my day with this wonderful answer :)

Take care my friend!

Rob

Thanks :)

I tend wax technical

Bill

I want to know specifically how Cisco bridges multiple VLANs on a single SSID on the 1300 series outdoor wireless bridges (at least). In fact, this is precisely what I asked in the post that started this thread. If they fully encapsulate 802.1q-tagged 802.3 packets inside 802.11 packets, then that's what I want to know. If they add a proprietary field to the 802.11 header, then that's what I want to know. It's not "elves and bunnies."