Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1377
Views
15
Helpful
9
Replies

VLANs in split-mac architecture

Go to solution
iores
Level 3
Level 3

‎06-20-2022 10:58 AM

Hi,

 

APs and WLC are not in the same subnet. APs are connected to access switch and are in vlan 11. WLC is connected to multilayer switch with trunk link.

 

Does this mean that the trunk link from WLC to multilayer switch will have to support vlan 11 or any other vlan the APs ethernet interfaces are member of?

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Rasika Nayanajith
VIP Alumni
VIP Alumni

‎06-21-2022 02:14 AM

No. Here is a simple diagram to illustrate it. 

In your case, AP on mgt VLAN 11, will establish a CAPWAP tunnel back to WLC. In that way, between AP & WLC you only require L3 connectivity. Therefore your WLC does not need to be aware of VLAN 11 in layer 2. 

When wireless users connect to AP, all their traffic is tunneled back to WLC (in local mode APs) and get the IP addresses from the WLC connected switch. Therefore you are only required to allow those wireless users VLAN across the trunk link between WLC & L3 switch.

Split-MAC.png

 

HTH

Rasika

*** Pls rate all useful responses ***

View solution in original post

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to iores

‎06-21-2022 09:25 AM

You are 100% correct, 

The traffic pass from ap to wlc through capwap data tunnel  and then wlan-vlan map is done in wlc and from wlc to network sources.

View solution in original post

0 Helpful
9 Replies 9

Go to solution
MHM Cisco World
VIP
VIP

‎06-20-2022 11:08 AM

depend on AP mode, 
if Flex mode then the WLC-trunk-SW no need to allow VLAN in AP
if local mode then the WLC-trunk-SW need to allow VLAN in IP

0 Helpful

Go to solution
iores
Level 3
Level 3
In response to MHM Cisco World

‎06-20-2022 11:55 AM

In local mode, all traffic from APs goes to WLC management/AP-manager interface and from there it leaves WLC based on SSID/WLAN/VLAN, right? 

 

In addition, with DHCP option 43, which IP address gets advertised to APs - the one of Management or AP-manager interface? My guess is AP-manager, if configured, since it acts as CAPWAP tunnel source/destination.

Go to solution
MHM Cisco World
VIP
VIP
In response to iores

‎06-20-2022 12:07 PM

In local mode, all traffic from APs goes to WLC management/AP-manager interface and from there it leaves WLC based on SSID/WLAN/VLAN, right? YES you right this is local mode.

 

In addition, with DHCP option 43, which IP address gets advertised to APs - the one of Management or AP-manager interface? My guess is AP-manager, if configured, since it acts as CAPWAP tunnel source/destination.
Yes you right since the AP-Manager is use as CAPWAP source/destination then it must use for DHCP Op43.

0 Helpful

Go to solution
Rasika Nayanajith
VIP Alumni
VIP Alumni

‎06-21-2022 02:14 AM

No. Here is a simple diagram to illustrate it. 

In your case, AP on mgt VLAN 11, will establish a CAPWAP tunnel back to WLC. In that way, between AP & WLC you only require L3 connectivity. Therefore your WLC does not need to be aware of VLAN 11 in layer 2. 

When wireless users connect to AP, all their traffic is tunneled back to WLC (in local mode APs) and get the IP addresses from the WLC connected switch. Therefore you are only required to allow those wireless users VLAN across the trunk link between WLC & L3 switch.

Split-MAC.png

 

HTH

Rasika

*** Pls rate all useful responses ***

0 Helpful

Go to solution
iores
Level 3
Level 3
In response to Rasika Nayanajith

‎06-21-2022 09:13 AM

@Rasika Nayanajith 

 

If I understood you correctly, there is no need to allow VLANs APs are member of on the trunk link between L3 switch and WLC, just VLANs that are associated with a particular WLAN and created as logical interfaces on WLC distribution port? As a result, the traffic from APs will go to WLC AP-manager interface first, and then leave WLC through logical interface for Guest WLAN towards default gateway that is on L3 switch?

Go to solution
MHM Cisco World
VIP
VIP
In response to iores

‎06-21-2022 09:25 AM

You are 100% correct, 

The traffic pass from ap to wlc through capwap data tunnel  and then wlan-vlan map is done in wlc and from wlc to network sources.

0 Helpful

Go to solution
iores
Level 3
Level 3
In response to Rasika Nayanajith

‎08-26-2022 05:06 AM

@Rasika Nayanajith 

But if WLC and APs are in the same subnet, then the trunk link should support vlan 11 or not?

Go to solution
Rasika Nayanajith
VIP Alumni
VIP Alumni
In response to iores

‎08-26-2022 05:03 PM

Yes, if WLC in vlan 11, then you have to enable it in that trunk to get basic connectivity to WLC, irrespective of which vlan you put APs are.

HTH
Rasika

0 Helpful

Go to solution
iores
Level 3
Level 3
In response to Rasika Nayanajith

‎08-27-2022 05:58 AM

In previous scenario where APs and WLC are in different subnet, you said there is no need to enable management vlan on the trunk link between WLC and L3 switch. But if it is a trunk link, does this mean that the traffic from APs to WLC will be untagged when passing the trunk link towards WLC?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card