RFC CAPWAP Protocol Base MIB May CAPWAP Control Channel: A bi-directional flow defined by the AC IP Address, WTP IP Address, AC control. The Control And Provisioning of Wireless Access Points (CAPWAP) protocol is a standard, The protocol specification is described in RFC RFC (part 1 of 6): Control And Provisioning of Wireless Access Points ( CAPWAP) Protocol Specification.

Author: Tygorisar Zologul
Country: Trinidad & Tobago
Language: English (Spanish)
Genre: Education
Published (Last): 16 May 2016
Pages: 57
PDF File Size: 15.69 Mb
ePub File Size: 5.56 Mb
ISBN: 679-7-24019-812-9
Downloads: 13605
Price: Free* [*Free Regsitration Required]
Uploader: Zololkis

The only duties that the controller is responsible for under this scheme is wireless key management and authentication proxying. Vendors do not have a clearly ffc set of protocols that must be implemented, in order to be compatible with other vendors.

The wireless key exchange is handled in a fully encrypted fashion, by utilizing preshared keys PSKsor a security certificate model.

RFC – Control and Provisioning of Wireless Access Points (CAPWAP) Protocol Base MIB

Non-realtime capabilities are authentication procedures, fragmenting and defragmenting frames, and more. It claims that the physical security of the LAN prevents most attackers from accessing the stream between controller and AP, but does not guarantee against traffic sniffing beyond the scope of LWAPP, and suggests that in the requirement of full end to end encryption, IPsec be used.

Access points retrieve their configuration from the controller, and report their status back to the controller for management purposes. Not all access points are alike, as they fall into 3 categories. Overall convergence for the APs to come online will take longer in this scenario.

Overview of CAPWAP (Cisco Wireless LAN Controllers)

Thin APs have their MAC layers implemented entirely on the controller, and use tunneling to a controller to have all of their frames processed for forwarding onto the back haul network. The Receiver is then responsible for processing the packets, and either dropping the packets, or moving a good connection into a Session Manager Thread.

It can perform forwarding between its wireless and wired interfaces, and direct traffic directly rvc the network. Third, so called “Fit APs” have gained popularity in recent years, as they combine both the intelligence of a Local MAC implementation with the agility of a Remote MAC implementation, by splitting realtime and non-realtime functionality between the controller and AP.

AP Discovery allows a controller to take ownership of an AP, or potentially redirect control to another controller. The controller implements most of the management and configuration logic. Communication between a controller and AP must be encrypted, as all data sent to and received by the AP will be tunneled over the local LAN to or from the controller. The emergence of centralized IEEE Rtc they are standalone devices, they also cause difficulties when managing a growing network of many devices, as firmware and configuration must be handled on an individual basis for each device.


Many vendors use this to their advantage, and create product differentiation by including features into their wireless products, such as firewall capability in their controller hardware.

The testing was conducted with computers running Linux, with wireless cards as their radio, and wired interfaces as their link to the controller. It usually falls to cawpap vendor to create a specific implementation. The size of many wireless networks in large companies and universities also introduces many problems of maintaining a consistent configuration across many similar devices, with potentially different hardware capabilities and physical locations.

And finally, ensuring network security, both from rtc party hardware, such as rogue access points being connected to the network, as well as preventing the loss of network secrets from the physical theft of access points is also critical. The AP would only implement the Change State Event Vapwap These 3 MAC layer concepts will be discussed in greater detail in [Section 2.

The controller can then authenticate the AP, and negotiate its advertised capabilities, such as being SLAPP was designed as a simple, extensible protocol that could be extended to other wireless standards, and allow for newer authentication rcf and control protocols to be implemented on top of SLAPP. Decryption Error Report Period Major vendors have also expressed doubt over the demand from customers for interoperable WLAN infrastructure. Ffc thread is used to accept non-realtime requests from the associated client stations, such as any message in Split MAC that may need to be forwarded to the controller in the CAPWAP protocol.

More consideration has been placed on ensuring that CAPWAP is secure, by taking advantage of the security offered by requiring full encryption with authentication between the controller and AP. The Caowap then downloads the firmware, and once completed, enters the Reset rfv, and then attempts to rejoin a controller.

Run – Both the controller and AP operate in the Run state. There is no back haul required for Fat APs, because it can put packets and frames directly on the wire, in contrast to Thin AP implementations.

Split and Local MAC medium access control. A unified CAPWAP standard aims to be a protocol that could enable centralized wireless hardware utilize a simple, streamlined method of communicating between access points and controllers.


Ccapwap Receiver-From-STA thread can pass along messages capqap the Principal thread, which are sent back to the controller for processing. Third, rffc the status of both hardware and software configurations is necessary to ensure a properly operating network.

The division between the sending and receiving of CAPWAP messages is that the communication between the AP and controller is not necessarily synchronous, and the controller may send a request while the Principal thread is sending. The access point contains the wireless radio sand acts as the end point of the network, and communicates directly with user radios. Fat APs are much more complex, and cost much more per unit than their thinner cousins.

Research In Motion D.

Current Status and Overview of the CAPWAP Protocol

This creates some inconveniences, however, in that both APs and controllers need to be preconfigured in order to associate with each other. Vendors such as Trapeze criticized the specification, as it makes assumptions about the topology of the network that the WLAN will capwwap deployed on, as well as assumptions about the complexity and functionality implemented by the AP, by allowing only Local and Split MAC implementations.

A large corporate network with hundreds of APs could use a more centralized solution, which is realized by Thin APs. Table of Contents 1. Thus, OpenCAPWAP is only a proof of concept, as they are limited in the hardware that they may support, by a lack of common target hardware, as well as differencing rffc Contributing Authors This section lists and acknowledges the authors of significant text and concepts included in this specification. Otherwise it moves back to the Discovery state.

Overview of CAPWAP (Cisco Wireless LAN Controllers)

Please refer to the current edition of the “Internet Official Protocol Standards” STD 1 for capwa; standardization state and status of this protocol. It rfx initially designed by Airespace, which was later bought out by Cisco in LWAPP defines certain operation modes for compliant hardware. This state updates the encryption keys on both devices, which is used to encrypt all further messages, until a new key is requested. Converting Protected Data into Unprotected Data.