TYPE of Access Points

Thick (Stand Alone AP, atau biasa disebut Autonomous AP / Distributed APs)
Thin (Centralized AP, or i!ht"ei!ht APs (AP))
#n cisco unified "ireless net"ork "e use i!ht"ei!h Access Point (AP), $ada AP tidak
di$erlukan confi!urasi, AP $ertama harus disco%er the controller and re!ister before the& can
start ser%icin! the "ireless client'
WIRELESS LAN CONTROLLER (WLAN) DISCOVERY PROCESS.
AP (e!istration "ith )C
*' The AP need to !et an #P address'
+' The AP need to fined candidate )Cs to re!ister'
,' The AP need to select )C from candidate controller'
-' The AP need to re!ister "ith the )C'
Process AP !et the confi!uration from controller
*' .irst the AP boots u$, the first thin! it does, is look u$ for i$ address' Assumin! "e
ha%e out of the bo/ AP' AP "ill issues D0CP disco%er to !et an #P address
( unless it has a $re%iousl& confi!ured #P)'
1 AP "ill send D0CP disco%er& to find D0CP ser%er in the net"ork'
1 D0CP ser%er see the D0CP disco%er&, and then res$onse and $ro%ide the i$
address to AP' 2$tionl& the D0CP ser%er can also confi!ure to send another
information'
+' After the AP !et an i$ address, AP need to find )C to re!ister' Pada $roses ini
AP akan men!!unkan )C 0untin! Al!orithm untuk menemukan controller'
1 Terda$at + metode )C huntin! al!orithm to find controller'
a' a&er + Disco%er&, 0an&a disu$$ort $ada bebera$a $eran!kat lama &an!
men!!unakan i!ht"ei!ht Access Point Protocol ()APP)' Control and
Pro%isionin! of )ireless Access Points $rotocol (CAP)AP) tidak mensu$$ort
a&er + disco%er&'
b' a&er , Disco%er&, Disu$$ort disemua $latform baik men!!unakan )APP
mau$un CAP)AP'
1 )C 0untin! Al!orit!m
a' 3ika la&er + disco%er& su$$orted, maka AP akan men!irimkan disco%er&
re4uest in an Ethernet 5roadcast'
b' 3ika a&er + disco%er& tidak su$$ort, atau a&er + disco%er& tidak
menemukan controller, maka akan melakukan a&er , disco%er&'
c' 3ika a&er , disco%er& !a!al menemukan candidate untuk men6adi )C,
maka AP akan reboot dan memulai lan!kah $ertama ()C 0untin!
Al!orithm $oint a)
a&er , Disco%er& Detail Process, Phase dalam mencari informasi candidate dari
controller'
*' CAP)AP akan melakukan disco%er& re4uest broadcast $ada local i$ subnet (#P
5roadcast), an& )C confi!ured to a&er , mode, &an! menemukan la&er ,
disco%er& re4uest broadcast akan men!irimkan res$on messa!e to AP
men!!unakan unicast messa!e'
+' 2%er1The1Air Pro%isionin! (2TAP), (adio (esource 7ana!ement (((7)'
8etika feature 2TAP diaktifkan $ada controller, AP akan 6oin to the controller,
ad%ertise the non controller i$ address, enable messa!es code air' 9e" AP
attem$tin! to disco%er controller, to see this messa!es and then unicast a
disco%er& re4uest to each controller' Controller &an! melihat disco%er& re4uest
tersbut akan men!irimkan $esan unicast res$on ke AP'
,' AP "ill maintain $re%iousl& A9 controller i$ addresses locall& in each %lan'
.un!si dari i$ address tersebut and send the unicast disco%er& re4uest each
controller in i$ address'
-' D0CP ser%er can be $ro!rammed to return controller i$ addresses, in %endor
s$ecific o$tion -,, in D0CP offer of AP' 8etika AP menda$atkan i$ address %ia
D0CP, dan melihat i$ address dari controller %ia o$tion -, &an! diterima dari
D0CP offer' 8emudian AP akan men!irimkan $aket unicast disco%er& re4uest ke
masin!1masin! i$ address &an! terda$at $ada D0CP offer o$tion -,' 8emudian
controller &an! meda$atkan $esan tersebut akan men!irimkan $aket unicast
disco%er& res$on ke AP'
:' AP akan mencoba resol%e the D9S name ;C#SC21)APP1
C29T(2E('localdomain<, ketika AP berhasil meresol%e this name men6adi i$
address' 7aka AP akan men!irimkan $esan unicast disco%er& messa!e to i$
address controller'
The la&er , disco%er& akan men!ulan!1ulan! $roses tersebut, sam$ai at least *
controller ditemukan' Durin! )C disco%er& $rocess, AP al"a&s com$lete all the ste$ to
disco%er controller, in order to build the list a candidate of controller' Setelah list dari
candidate sudah dida$atkan maka AP akan melakukan al!oritma dalam memilih
controller'
OTAP Process
During the LAP boot process, the LAP uses different mechanisms in order to discover controllers that it can join. The
LAP keeps each of the controller that IP addresses it learned through the different methods in different lists in order to
reflect how the LAP learned about them. or e!ample, the LAP can learn management IP addresses of multiple
controllers through the D"# entr$ for %I#%&'L(APP'%&"T)&LL*).localdomain, D+%P option ,-, through
broadcasts on the local subnet, locall$ stored controller IP address discover$, and through &TAP. &nce the access
point has completed the L(APP (L% Discover$ steps, it chooses a (L% from the candidate (L% list and sends
that (L% an L(APP .oin )e/uest.
Lightweight AP 0LAP1 )egistration to a (ireless LA" %ontroller 0(L%1 discusses the different methods the LAP use to
discover controllers.
This document provides information about the &TAP process.
The &TAP feature is enabled on the controller 23I from the controller General page or through the %LI with
the config network otap-mode {enable | disable} command.
Note: This feature is disabled b$ default and should remain disabled when all access points are installed.
The &TAP process begins when the LAP momentaril$ brings the radio interfaces up before the Discover$ phase and
scans the different ) channels that listen for ))4 neighbor packets. It is possible that the LAP receives or does not
receive an ))4 neighbor packet on the first boot. This depends on5
6. +ow man$ LAPs are in the area 0the greater the number of LAPs in the area, the greater the chance of the
LAP receiving an ))4 neighbor packet1
7. +ow man$ channels are being used b$ Auto') 0the more channels, the less likel$ the LAP is to receive an
))4 neighbor packet1
-. +ow long the LAP scans the ) channels during the &TAP process 0t$pical scan times before the AP
moves into the discover$ phase are 68 to -9 seconds for all channels1
(hen the LAP moves into the Discover$ phase, it sends discover$ re/uests through its primar$ interface to each of
the controllers in the lists based on how it learned about them. or the controllers that are learned through &TAP, the
LAP sends the controller a Discover$ )e/uest packet with the &TAP bit set. This indicates to the controller that the
AP learned its management IP address through &TAP. &ther discover$ methods, such as D"# or D+%P option ,-,
are not differentiated in the Discover$ )e/uest packet because the$ are learned through wired connections.
This controller can reject discover$ re/uests for these reasons5
6. The &TAP bit is set in the Discover$ )e/uest packet and &TAP is disabled on the controller.
7. The Discover$ )e/uest packet is too large.
-. The Discover$ )e/uest packet is not received on the management interface.
LAPs support &TAP onl$ when the$ have a full L(APP %isco I&# image. &TAP is not supported b$ the L(APP
)ecover$ %isco I&# image. The L(APP )ecover$ Image is shipped from the factor$ and loaded b$ the upgrade tool.
The recover$ images 0c::::'rcvk;w8'm!1, shipped with new out<of'the'bo! LAPs, do not contain an$ radio
firmware and do not bring up an$ radio interfaces during the boot process. +ence &TAP does not work with out'of'
the'bo! LAPs. The e!ceptions are out'of'the'bo! 696=s and 697= APs, which have a full image installed in flash.
Note: &TAP enabled on the controller indicates to the controller whether or not to respond to discover$ re/uests with
the &TAP bit set. It does not prevent the LAPs alread$ joined to the controller from the transmission of the
management IP address of the controller in the clear in ))4 neighbor packets. Thus, if $ou disable &TAP on the
controller, this does not disable it on the access point. &TAP cannot be disabled on the access point.
Radio Resorce !anagement "RR!# Neig$bor Packets
&TAP utili>es ))4 neighbor packets. This section provides a brief background on ))4 neighbor packets. LAPs
alread$ joined to a controller transmit ))4 neighbor packets to the ))4 multicast address =65=b5895==5==5==. *ach
LAP must transmit a "eighbor Discover$ packet once ever$ ?= seconds on each of the configured Auto') channels
for 8=7.66b@g and 8=7.66a. The ))4 neighbor packets are transmitted without an$ encr$ption similar to other )
management packets, such as probe re/uests and probe responses. The ))4 neighbor packets contain neighbor
control messages. #ee the ))4 "eighbor Packet for 8=7.66a section for more information. *ach neighbor control
message consists of5
)adio ID
2roup ID
4anagement IP Address 0of the %ontroller1
%hannel %ount
Antenna Pattern 0&mni, Left, Diversit$, )ight1
4easurement Interval
Ae$
%hannels
Power
The LAPs encapsulate and forward to the controller an$ ))4 neighbor packets the$ receive. This allows the
controller to form ) groups for the adjustment of the power and channels among LAPs that can see each other.
LAPs that are booting can use these ))4 neighbor packets in order to discover the controller to which neighbor
LAPs are alread$ joined.
)C dalam meres$ons disco%er& re4uest, akan men!irimkan $esan Disco%er& (es$ons
dan berisi $arameter informasi seba!ai berikut =
1 The controller S&s9ame, meru$akan 0ost 9ame dari Controller'
1 The controller t&$e, meru$akan $latform dari controller'
1 The controller AP ca$acit& and its current AP load
1 The 7aster Controller fla!
1 An AP17ana!er #P Address'
#nformasi $arameter $ada disco%er& res$ons dari controller di!unakan AP untuk memilih
controller dari bebera$a list candidate controller'
3ika AP sudah diconfi!ure sebelumn&a untuk terhubun! den!an $rimar&, secondar&,
and tertiar& controller' 7aka AP akan men!!unakan informasi tersebut $ertama kali'
(Static Controller)
3ika belum diconfi!ure akan terhubun! den!an controller mana, maka AP akan
mencari controller &an! diconfi!ure seba!ai master controller (dida$at dari informasi
disco%er& res$ons dari controller ;The 7aster Controller fla!<)
Terakhir AP akan memilih controller den!an nilai the !reatest e/cess ca$acit&'
T0E P(2CCESS AP (E>#ST(AT#29 T2 T0E C29T(2E( ()C 32#9
P(2CESS)
Setelah AP memilih controllern&a, maka AP akan men!irimkan 6oin re4uest ke )C'
Pada $esan 6oin re4uest, AP embed ?':@A certificate in the 6oin $hase'
Setelah controller mem%alidasi certificate tersebut, controller akan men!irimkan $esan
6oin res$onse in order to indicate to the AP, that it successfull& 6oin to the controller'
Controller akan men! embed ?':@A certificate $ada $aket 6oin res$onse, dimana AP
harus mem%alidasi certificate tersebut 6u!a'
Setelah AP mem%alidasi ?':@A certificate dari controller, maka AP akan men!irimkan
$esan 3oin Process Com$lete'
WLC POST JOIN PROCESS
The final ste$ for the AP re!istration $rocess to the Controller, Post 3oin Process'
#n the Post 3oin Process, AP akan mendo"nlad firm"are dari controller, if its runnin! a
code %ersion &an! mana tidak sama den!an controller' Setelah mens&ncronisasi
firm"are %ersion antar AP dan Controller, controller $roses akan memberikan informasi
SS#D, securit&, 4os, dan informasi lain &an! sudah diconfi!ure $ada controller'
Setelah selsai, AP sudah sia$ mela&ani )ireless A9 Client' Dan sudah com$lete
dalam $roses re!istration den!an )C' Dan AP sudah tere!ister den!an )C'