L2 LWAPP tunnel uses Ethertype 0xBBBB to encapsulate traffic between the AP and WLC.
L2 LWAPP does not provide corresponding CoS marking for Ethertype frames and is not able to provide transparent end-to-end QoS.
LWAPP control packet originates from UDP source port 12223
Control type 12 is the configuration command to a LWAPP AP by a WLC
AP groups do not allow multicast roaming across group boundaries.
RF group leaders exchange RRM messages every 600 seconds by default.
Maximum number of WLCs per RF group = 20
Mobility Tunneling - If uRPF checks are enabled on the next-hop routed interface, traffic is dropped after the client roams to a different subnet.
The benefit of DHCP Proxy is realized during an L3 client roam, or when a client roams across an AP group boundary. In these cases, the WLC will receive a DHCP renewal erquest upon which it will verify the client is roaming within the mobilty group and allow the client to renew (keep) its IP address/subnet assignment even though the client roamed to a new subnet on a foreign WLC.
- DHCP Proxy is required with asymmetric mobility tunneling.
The default behavior of the WLC is to respond to ARP queries directly based on its local ARP cache. The WLC CLI command
network arpunicast enable
can be used to override this behavior. The purpose of this command is to avoid excessive retries by IP clients looking for a WLAN client that may have roamed from the WLAN network.
Broadcast & Multicast traffic
When enabled - is a global setting
-disable CDP on interfaces connecting to WLCs
-port filter incoming CDP and HSRP traffic on VLANs connecting to the WLCs
-multicast security including link layer multicast security must be considered
The distributed deployment model is not recommended because of current shortcomings with multicast support associated with L3 roaming.
Average LWAPP control traffic planes on the network is approximately .35kb/sec
The overhead introduced by tunneling (L3) adds 44 bytes to a typical IP packet to/from a WLAN client. Average packet size = 300 bytes. This is a 15% overhead increase.
Additionally, Cisco recommends that Catalyst Integrated Security Features (CISF) be enabled on the LWAPP AP switchports to provide additional protection to the WLAN infrastructure.
APs in the same physical location should be joined to the same WLC.
All APs without primary, secondary or tertiary WLC definitions will join a WLC configured for master controller mode.
-Migrate APs to secondary WLC, upgrade primary WLC and then migrate APs back in a controlled manner.
AP failback should be disabled to ensure APs return to their primary WLC in a controlled manner.