WLAN Roaming

Mobility Group (Domain)

  • WLC’s must agree on encapsulation to enabled roaming i.e. LWAPP or CAPWAP
  • WLC’s must agree on Mobility Group Name
  • Must have IP reachability
  • Must agree on virtual IP address ( – must be configured the same on all WLC’s in the group
  • Software on WLC’s needs to be compatible with each other
  • Hardware does not need to be identical
  • All WLC’s in the group must be configured with details of the other WLC’s
  • Also need same SSID.
  • All of the above enable free roaming within the mobility group.
  • When configuring a mobility group, mping can be used to validate the control path from the CLI. eping does the same function for the data path.

Layer 2, Layer 3 Roaming

  • Layer 2 roaming happens when a client roams between two access points in the same VLAN (and subnet) in the same mobility group.  If the client roams between two WLC’s in the same mobility group, the hand-off controller will pass details such as MAC/IP addressing, security context, QoS over to the receiving controller to allow seamless roaming – takes 10-50 milliseconds.
  • Layer 3 roaming happens when a client roams between IP subnets.

Symmetric vs. Asymmetric

A WLC that first allows a client on to the Wireless network is known as the anchor controller.  When a client roams to another WLC (foreign controller) in the same mobility group but resides in a different subnet, the client retains its original IP address but a logical tunnel is created between the Anchor Controller and the Foreign Controller so that hosts talking to the client are not disrupted.  They continue to talk to the Anchor controller which then forwards the frame via the logical tunnel to the foreign controller which then delivers them to the client.  This is known as asymmetrical because the return path is different to the forward path.  This can cause problems with firewalls. With symmetric, the logical tunnel between the WLC’s is used in both directions, not just the return path so all traffic to and from the client comes from the Anchor WLC.

Anchors and “Mobility Anchors”

A mobility anchor is where requests for a wireless network are designed to be handled by a specific WLC on the network.  An example would be a guest wireless network where you don’t want any old WLC to handle the requests.  The WLC’s tunnel back to a specific WLC which has been designated the mobility anchor for that SSID.

Static Address Tunneling

Similar to Layer 3 roaming but where the client has a static IP address.  If the client roams to a WLC that doesn’t have a foot in the IP subnet where the client’s static address exists, the WLC will contact other WLC’s in the mobility group and look for one that does.  When it finds another WLC with a foot in the correct subnet which essentially becomes an anchor and a logical tunnel will be setup between the pair so communications to and from the client can continue.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.