cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4783
Views
15
Helpful
9
Replies

Why is IP address needed for WLC WLANs?

dmellem
Level 1
Level 1

I'm familiar with autonomous APs but am new to the WLC. Is there a way to just bridge the WLAN traffic to a VLAN? I don't understand why the WLC requires an IP address for the VLAN when the clients essentially are already on that VLAN. How is it used?

 

Thanks.

 

(Edit: fixed typo.)

9 Replies 9

Sandeep Choudhary
VIP Alumni
VIP Alumni

check this posts to create a Dynamic interface on WLC and map to specif Vlan.

http://rscciew.wordpress.com/2014/01/22/configure-dynamic-interface-on-wlc/

 

Regards

 

Thank you. I'm familiar with creating a dynamic interface and mapping it to a VLAN, but I don't understand why this interface would require an IP address. You could still break up APs into groups and place the same SSID into different VLANs. I would think that the 802.11 payload would just be placed into an Ethernet frame and dropped on the VLAN like the autonomous APs do. I could see adding an address if you wanted to manage the gateway from that network or it had a guest login, but not for just wireless.

Thanks.

here is my answer from another post with same question:

https://supportforums.cisco.com/discussion/12081961/why-does-dynamic-interface-need-ip-address

 

Regards

Thank you for your reply, but it still doesn't help completely.

"A dynamic interface is simply an interface that maps a WLAN to a wired vlan or subnet...designed to be analogous to VLANs for Wireless LAN clients"

If it just maps it to a VLAN, then it would seem that an IP address isn't needed, which is what I assumed and why I'm puzzled.

"acts as a DHCP relay for wireless clients associated to WLANs mapped to the interface."

Usually a DHCP relay is used when you're crossing networks (i.e., L3 subnets). The router on the WAN link should be able to handle the DHCP relay. It seems like it would do DHCP snooping if it needed to know about DHCP, but I don't know why it'd participate it the request if it's not routing the request.

I'm not not sure what I'm missing. Thank you.

the ip address of the interfaces are for management and for pinging the WLC from different vlans (absolutely for wireless clients :D) , 

 

it's like when you give L2 switch ip address for accessing and management.

 

the interfaces ips are dummy , they have no role with the client connectivity.

 

you can use the WLC interface for (management via wireless) typiclly this feature used with the WLC mangement interface , but you can enable management via dynamic interface to get acess via the management interface,

 

the WLC interfaces use the VLAN ID for mapping client to VLANs , 

mohanak
Cisco Employee
Cisco Employee

the parameters specific to this VLAN. Some of the parameters include the IP Address, Netmask, Gateway, and the DHCP server IP address.

The IP address assigned to this interface acts as the DHCP relay for a client to obtain an IP address from the DHCP server. For example, when a client attempts to associate to a WLAN/SSID (see step 5 in this configuration) mapped to this dynamic interface, it performs a local subnet broadcast to identify the DHCP server. The controller sends a request to the DHCP server (or to itself if it is the DHCP server for the segment) with the IP address of this dynamic interface as relay IP to the DHCP server configured for this interface. The DHCP server assigns an IP address to the client from the configured DHCP scope.

http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-vlan/68100-wlan-controllers-vlans.html

let's assume that we gave the WLAN ip address a wrong ip (from other VLAN) , what would happen ?

assume that on the trunk port on the switch is allowed all VLANs , will the client get an ip from the network as the interface ip or the vlan ID configured on that interface ?

Stephen Rodriguez
Cisco Employee
Cisco Employee

Dynamic interfaces on the WLC are there to determine if a client makes a L2 or L3 roam.

If we just used a VLAN tag, the WLC wouldn't be able to tell when the client roamed to a new subnet.

 

HTH,

Steve

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

hostasaurus
Level 1
Level 1

Feel exactly the same as the OP.  The WAC being forced to have an IP on the dynamic vlan interfaces (since you aren't allowed to map a WLAN to such an interface when it has an empty IP) is not only pointless when the device is not also doing DHCP relay or similar, but a security risk since now you're increasing the attack surface of your WAC needlessly by giving it a layer 3 presence on every VLAN you have wireless clients on.  You can of course disable wifi-based management, but exposing it for no reason is not desirable.

Review Cisco Networking for a $25 gift card