HP ProCurve Networking

» Kontakt

ProCurve Networking by HP - Anwendungshinweise



Contents
» 1. Introduction
» 2. Prerequisites
» 3. Network diagram
» 4. Comparing layer 2 and layer 3 roaming
» 5. Fast layer 2 roaming
» 5.1 Pre-authentication—an 802.11i standard
» 5.2 Configure pre-authentication
» 6. Layer 3 roaming
» 6.1 Roaming within the layer 3 mobility domain
» 6.2 Guidelines for configuring layer 3 roaming
» 6.3 Main configuration steps
» 6.4 Configure layer 3 roaming
» 7. Roaming for a WLAN that uses Web authentication

Downloads
» How to configure L2 and L3 wireless roaming (PDF)

1. Introduction

This document describes how to configure wireless services for Layer 2 and Layer 3 roaming.
Scenario: You have deployed wireless LANs all over your building, or perhaps over an entire site. You want people to be able to move with their wireless laptops from one office to another, or from one building to another, without having to re-authenticate themselves again and again as they move.

» Return to top

2. Prerequisites

You already have a managed wireless network set up, with ProCurve switches configured with Wireless Edge Services Modules (WESMs), and with management provided by ProCurve Manager Plus (PCM+).

» Return to top

3. Network diagram
Figure 1 shows the configuration referenced in this section.

To view the power consumption of the phone, issue the following command on the switchFigure 1. System configuration

Using this topology, you will configure the WLANs with the Wireless Edge Services Modules.

» Return to top

4. Comparing layer 2 and layer 3 roaming
  • Layer 2 roaming—Radio ports (RPs) support the same WLAN and place the WLAN’s traffic in the same VLAN.
  • Layer 3 roaming—RPs support the same WLAN, but each RP places the WLAN’s traffic in a different VLAN.

To view the power consumption of the phone, issue the following command on the switchFigure 2. Layer 2 versus layer 3 roaming

» Return to top

5. Fast layer 2 roaming
Fast layer 2 roaming works when using 802.1X with Wi-Fi Protected Access (WPA)/WPA2.
Without pre-authentication, there is only slow roaming between RPs adopted by different modules, because when the user connects to a new RP, the new module requires the station to re-authenticate.
To view the power consumption of the phone, issue the following command on the switch
Figure 3. Fast layer 2 roaming

» Return to top

5.1 Pre-authentication—an 802.11i standard
To speed layer 2 roaming, you can use pre-authentication. This 802.11i standard allows stations to pre-authenticate on other modules before roaming. This will speed roaming between RPs adopted by different modules that are on the same subnet.

» Return to top

5.2 Configure pre-authentication
When configuring WPA/WPA2 encryption for the WLAN, select Pre-Authentication:To view the power consumption of the phone, issue the following command on the switch » Return to top

6. Layer 3 roaming
The main concept in layer 3 roaming is the mobility domain. Key points to remember are:
  • The layer 3 mobility domain defines the roaming area.
  • Stations can roam freely in the domain.
  • Wireless Edge Services Modules in the same domain are called peers.
  • Each peer automatically sets up a tunnel to every other peer.
  • Peers store information about stations in the layer 3 mobility domain.
  • Each station has a home module (HM), which is responsible for handling its traffic.
  • Peers track each station’s HM and HM VLAN.
To view the power consumption of the phone, issue the following command on the switch
Figure 4. Layer 3 mobility table for WLAN 1

» Return to top

6.1 Roaming within the layer 3 mobility domain
When a station roams to a new peer, that peer becomes the station’s current module (CM). The CM compares the VLAN it uses for the WLAN to the station’s HM VLAN:

  • If the VLANs are different, the CM tunnels traffic back to the station’s HM.
  • But if the VLANs are the same, the peer becomes the station’s new HM, as well as CM.
To view the power consumption of the phone, issue the following command on the switch
Figure 5. Roaming to a new Wireless Edge Services Module peer within the layer 3 mobility domain

» Return to top

6.2 Guidelines for configuring layer 3 roaming
Remember these guidelines when configuring layer 3 roaming:

  • A layer 3 mobility domain can include 12 peers.
  • Each peer can support up to 500 stations.
  • Enable layer 3 mobility on the same WLAN (or WLANs) on every peer.
  • Stations first roam at layer 2; RPs must support the same WLAN.
  • Do not divide a WLAN into multiple layer 3 mobility domains.
  • If you use ProCurve Identity Driven Manager (IDM), place devices that share the same layer 3 mobility domain into the same IDM location domain.
  • You cannot use dynamic VLANs with layer 3 roaming.
  • Do not use the same VLAN ID for different subnets. For example:
    • Valid: VLAN 10 = 10.10.0.0/16 and VLAN 20 = 10.20.0.0/16
    • Not valid: VLAN 10 = 10.10.0.0/16 on Module 1 and VLAN 10 = 10.20.0.0/16 on Module 2
» Return to top

6.3 Main configuration steps
Here is an outline of how to configure layer 3 roaming.

  1. Configure Layer 3 mobility settings for the local Wireless Edge Services Module:
    • IP address
    • Define the layer 3 roaming peers.
  2. Enable layer 3 roaming.
  3. Save the configuration and complete these steps on all other Wireless Edge Services Modules in the layer 3 mobility domain.
  4. But if the VLANs are the same, the peer becomes the station’s new HM, as well as CM.

» Return to top

6.4 Configure layer 3 roaming
Follow these detailed steps to set up layer 3 roaming:

  1. Specify the IP address the Wireless Edge Services Module uses for the layer 3 mobility domain:
  2. Select WLANs that can use Layer 3 roaming:
To view the power consumption of the phone, issue the following command on the switch
  1. Define layer 3 mobility peers:
To view the power consumption of the phone, issue the following command on the switch
  1. Enable layer 3 mobility:
To view the power consumption of the phone, issue the following command on the switch
  1. Monitor peer communications:
To view the power consumption of the phone, issue the following command on the switch
  1. View a station’s roaming status:
To view the power consumption of the phone, issue the following command on the switch » Return to top

7. Roaming for a WLAN that uses Web authentication
  • For seamless layer 2 roaming, place all modules in the same redundancy group.
  • For layer 3 roaming, place the modules in the same redundancy group and layer 3 mobility domain.

To view the power consumption of the phone, issue the following command on the switch
Figure 6. For layer 3 roaming, ensure modules are in the same redundancy group and layer 3 mobility domain

This concludes the procedures for configuring L2 and L3 roaming. If you have questions, additional information can be found in these sources:

» Return to top