The opposite of Flexconnect is called local mode. And just to be confusing in Flexconnect mode the traffic is "locally switched", local to the AP. Where as in Local mode the traffic is centrally switched, centrally on the WLC.
In local mode there are 2 CAPWAP tunnels between the AP and WLC, one for data and one for management. In Flexconnect mode there is just one, for management, the data CAPWAP tunnel is terminated on the AP.
Flexconnect is supported on a number of different controllers, currently just the CUWN controllers (2500, 4400 [EOS] 5508, 7500, 8500). The unified access controllers (5760 Catalyst 3850) will get an upgrade at some point but do not currently support it and there is no date set. This is true as per 18/07/2013.
Flexconnect is the same regardless of the WLC, the 5508 implementation is the same as the 7500 implementation. A note on this is that the 7500 controller only supports Flexconnect mode, not local mode.
Guest networks function with the Flexconnect feature, the CAPWAP tunnel is terminated at the AP for corporate traffic that can be switched at the AP but guest traffic is tunnelled back to the controller and then onwards to the guest anchor controller as normal. See the reference link below regarding Flexconnect and auto anchor. This image, taken from that link, illustrates this well:
There are a number of limitations to Flexconnect, which I've listed below, which stops it replacing Local mode completely:
- L3 roaming is not possible with HREAP APs using locally switched WLAN.
- L2 roaming between two WLC(inter-controller) using locally switched WLAN with same mobility works only from 7.2.103.0.
- Data DTLS is unsupported for locally switched WLAN.
- Interface group is not supported however we can use AAA override.
- Mediastream feature won't work.
- Bandwidth contracts won't work for local switching.
- WGB can't connect to HREAP AP. (it may connect & work with central
but doesn't work with local switching)
- All edge switches connecting to AP needs to be trunked to the core.
- HREAP AP doesn't join Multicast group. however it bridges the multicast
packet to unicast for centrally switched WLAN.
- DHCP proxy by WLC is not possible. so we're exposing the DHCP server IP.
- ACLs needs to be configured & managed per AP for locally switched
traffic or configure at your switch.
- CPU & interface ACL are NA for locally switched WLAN.
- RLDP may not work.
- AP group won't work for locally switched WLAN.
- Locally switched WLANs may optionally carry 802.1Q tagging to allow
such WLANs to be segmented over the wired network at the Ethernet port of the
access point.
- NAC out-of-band integration is supported only on WLANs configured for H
REAP central switching. It is not supported for use on WLANs configured for H
REAP local switching.
- External Web Authentication is not supported on local switching
References and Resources:
Flexconnect Feature Matrix
http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080b3690b.shtml
Flexconnect and AutoAnchor (Cisco Support Community)
https://supportforums.cisco.com/docs/DOC-24096
Local Mode vs Flexconnect (Cisco Learning Network)
https://learningnetwork.cisco.com/thread/51502
No comments:
Post a Comment