Thursday, February 18, 2010

Autonomous Bridge Link with multiple VLANs

So I did some digging just now to find a document from Cisco's site that covers a bridge link with multiple VLANs, and what do you know - I found a doc that I hadn't ever seen before.

Using VLANs with Cisco Aironet Wireless Equipment 


I knew I was in the right place when I saw this network diagram: LINK 


Important notes from this document:

When you install access points, only assign the infrastructure SSID when you use an SSID on:

  • workgroup bridge devices
  • repeater access points
  • non-root bridges
It is a misconfiguration to designate the infrastructure SSID for an SSID with only wireless laptop computers for clients, and causes unpredictable results.
In bridge installations, you can only have one infrastructure SSID. The infrastructure SSID must be the SSID that correlates to the Native VLAN.

In order to encrypt data that passes over the radio link, apply encryption to only the SSID of the Native VLAN. That encryption applies to all other VLANs. When you bridge, there is no need to associate a separate SSID with each VLAN. VLAN configurations is the same on both the root and non-root bridges.

Because interface BVI 1 is associated to the subinterface of the Native VLAN, the IP address assigned to interface BVI 1 must be in the same IP subnet as other infrastructure devices on the network (i.e. interface SC0 on a Catalyst switch that runs CatOS.) 

**Also found some discussion online about IP addresses and subinterfaces - the consensus was that the BVI interface should be the only one with an IP address applied, and all the subinterfaces operate at L2 only, so they shouldn't have any IP address information configured on them.

** from what I can tell - enabling voice optimization on an SSID in IOS is simple via the GUI, but it takes forever for the screens to refresh - I configured it this way & then went to the CLI to see what the output was..

Well, clicking that one Voice Optimized button sure adds a lot at the console:

 dot11 qos class background local
    cw-min 6
    fixed-slot 10
 !
 dot11 qos class video local
    cw-max 4
    fixed-slot 3
    transmit-op 0
 !
 dot11 qos class voice local
    cw-max 3
    transmit-op 0
    admission-control
    admit-traffic narrowband max-channel 75 roam-channel 6
 !
 dot11 qos class background cell
    cw-min 8
    fixed-slot 12
 !
 dot11 qos class best-effort cell
    cw-min 6
    fixed-slot 5
 !
 dot11 qos class video cell
    cw-min 4
    cw-max 6
    fixed-slot 5
    transmit-op 0
 !
 dot11 qos class voice cell
    cw-max 3
    transmit-op 0
    admission-control 

I think this line was added too:
dot11 phone dot11e 
Posted by Jennifer at 9:29 PM
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)