Ch 18: Wireless Infrastructure Flashcards

1
Q

Suppose that a lightweight AP in default local mode is used to support wireless clients. Which one of the following paths would traffic usually take when passing from one wireless client to another?

  1. Through the AP only
  2. Through the AP and its controller
  3. Through the controller only
  4. None of these answers (Traffic must go directly over the air.)
A

2.

An AP transports client traffic through a tunnel back to a wireless LAN controller. Therefore, client-to-client traffic typically passes through both the AP, the controller, and back through the AP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A centralized wireless network is built with 1 WLC and 32 lightweight APs. Which one of the following best describes the resulting architecture?

  1. A direct Layer 2 path from the WLC to each of the 32 APs, all using the same IP subnet
  2. A direct Layer 3 path from the WLC to each of the 32 APs, all using the same IP subnet
  3. 32 CAPWAP tunnels daisy-chained between the APs, one CAPWAP tunnel to the WLC
  4. 32 CAPWAP tunnels—1 tunnel from the WLC to each AP, with no IP subnet restrictions
A

4.

Because the network is built with a WLC and APs, CAPWAP tunnels are required.

One CAPWAP tunnel connects each AP to the WLC, for a total of 32 tunnels. CAPWAP encapsulates wireless traffic inside an additional IP header, so the tunnel packets are routable across a Layer 3 network. That means the APs and WLC can reside on any IP subnet as long as the subnets are reachable. There are no restrictions for the APs and WLC to live on the same Layer 2 VLAN or Layer 3 IP subnet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following unique features is true in an embedded wireless network architecture?

  1. An access layer switch can also function as an AP.
  2. All WLCs are converged into one device.
  3. Large groups of APs connect to a single access layer switch.
  4. An access layer switch can also function as a WLC.
A

4.

In an embedded design, an access layer switch also functions as a WLC so that all user access (wired and wireless) converges in a single layer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which one of the following comes first in a lightweight AP’s state machine after it boots?

  1. Building a CAPWAP tunnel
  2. Discovering WLCs
  3. Downloading a configuration
  4. Joining a WLC
A

B.

An AP discovers all possible WLCs before attempting to build a CAPWAP tunnel or join a controller.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

If a lightweight AP needs to download a new software image, how does it get the image?

  1. From a TFTP server
  2. From an FTP server
  3. From a WLC
  4. You must preconfigure it.
A

3.

After an AP boots, it compares its own software image to that of the controller it has joined. If the images differ, the AP downloads a new image from the controller.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following is not a valid way that an AP can learn of WLCs that it might join?

  1. Primed entries
  2. List from a previously joined controller
  3. DHCP
  4. Subnet broadcast
  5. DNS
  6. Over-the-air neighbor message from another AP
A

6.

An AP can learn controller addresses by using any of the listed methods except for an over-the-air neighbor message.

APs do send neighbor messages over the air, but they are used to discover neighboring APs—not potential WLCs to join.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

If an AP tries every available method to discover a controller but fails to do so, what happens next?

  1. It broadcasts on every possible subnet.
  2. It tries to contact the default controller at 10.0.0.1.
  3. It reboots or starts discovering again.
  4. It uses IP redirect on the local router.
A

3.

If an AP cannot find a viable controller, it reboots and tries the discovery process over again.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following is the most deterministic strategy you can use to push a specific AP to join a specific controller?

  1. Let the AP select the least-loaded controller
  2. Use DHCP option 43
  3. Specify the master controller
  4. Specify the primary controller
A

4.

If the primary controller responds to an AP’s discovery methods, the AP will always try to join it first, ahead of any other controller.

Configuring an AP with a primary controller is the most specific method because it points the AP to a predetermined controller. (Static)

Other methods are possible, but they can yield ambiguous results that could send an AP to one of several possible controllers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following antennas would probably have the greatest gain?

a. Patch
b. Dish
c. Yagi
d. Dipole
e. Integrated

A

2.

A parabolic dish antenna has the greatest gain because it focuses the RF energy into a tight beam.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

An omnidirectional antenna usually has which of the following characteristics? (Choose two.)

  1. Low gain
  2. Small beamwidth
  3. High gain
  4. Zero gain
  5. Large beamwidth
A

1 and 5.

An omnidirectional antenna is usually used to cover a large area. Therefore, it has a large beamwidth. Because it covers a large area, its gain is usually small.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Cisco APs can operate in one of two modes—__________ or __________ —depending on the code image that is installed.

A

Cisco APs can operate in one of two modes—autonomous or lightweight—depending on the code image that is installed.

As the names imply, autonomous APs are self-sufficient and standalone, while lightweight APs require something bigger to complete their purpose.

The lightweight mode is interesting because it can support several different network topologies, depending on where the companion wireless LAN controllers (WLCs) are located.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is a BSS?

A

The basic service set (BSS) is a set of all stations that can communicate with each other at PHY layer.

Basic service sets (BSS) are a subgroup of devices within a service set (SSID) which are additionally also operating with the same physical layer medium access characteristics (i.e. radio frequency, modulation scheme, security settings etc.) such that they are wirelessly networked.

Every BSS has an identification (ID) called the BSSID, which is the MAC address of the access point servicing the BSS. There are two types of BSS: Independent BSS (also referred to as IBSS), and infrastructure BSS.

While devices may have multiple BSSIDs, usually each BSSID is associated with at most one basic service set at a time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is an SSID?

A

In IEEE 802.11 wireless local area networking standards, a service set (also known as extended service set or ESS) is a group of wireless network devices which are identified by the same SSID (service set identifier).

SSIDs serve as “network names” and are typically natural language labels.

A service set forms a logical network – that is operating with the same level 2 networking parameters – they are on the same logical network segment (e.g., IP subnet or VLAN).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

T/F: Each autonomous AP must be configured and maintained individually unless you leverage a management platform such as Cisco Prime Infrastructure.

A

True.

An autonomous AP must also be configured with a management IP address to enable remote management. This is necessary when you want to configure SSIDs, VLANs, and many RF parameters like the channel and transmit power.

The management address is not normally part of any of the data VLANs, so a dedicated management VLAN must be added to the trunk links to reach the AP.

Because the data and management VLANs may need to reach every autonomous AP, the network configuration and efficiency can become cumbersome as the network scales.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is split-MAC architecture?

A

Recall that Cisco APs can be configured to operate in either autonomous or lightweight AP mode. In lightweight mode, an AP loses its self-sufficiency to provide a working BSS for wireless users. Instead, it has to join a WLC to become fully functional. This cooperation is known as a split-MAC architecture, where the AP handles most of the real time 802.11 processes and the WLC performs the management functions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How is a lightweight AP connected to a WLC?

A

An AP and a WLC are joined by a logical pair of CAPWAP tunnels that extend through the wired network infrastructure.

Control and data traffic are transported across the tunnels. Many APs can join the same WLC, each with its own pair of CAPWAP tunnels.

A wireless network can scale in this fashion, provided the WLC can support the maximum number of APs in use. Beyond that, additional WLCs would be needed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is the Cisco definition of a “centralized or unified wireless LAN topology”?

A

This is when a WLC is placed in a central location, usually in a data center or near the network core, so that you can maximize the number of APs joined to it. This is known as a centralized or unified wireless LAN topology, as shown in Figure 18-3.

This tends to follow the concept that most of the resources users need to reach are located in a central location, such as a data center or the Internet. Traffic to and from wireless users travels from the APs over CAPWAP tunnels that reach into the center of the network. A centralized WLC also provides a convenient place to enforce security policies that affect all wireless users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

T/F: A Cisco unified WLC meant for a large enterprise can support up to 6000 APs.

A

True.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which provides the more efficient path for connecting users - Autonomous or Lightweight APs?

A

Autonomous AP is more efficient for the path data takes to connect two wireless users associated with the same autonomous AP. They can reach each other directly through the autonomous AP.

In contrast, the path between two wireless users in a centralized network is shown in Figure 18-4. The traffic from one client must pass through the AP, where it is encapsulated in the CAPWAP tunnel, and then travel high up into the network to reach the WLC, where it is unencapsulated and examined. The process then reverses, and the traffic goes back down through the tunnel to reach the AP and back out into the air to the other client.

20
Q

T/F: The RTT between the AP and WLC is a design consideration.

A

True.

The length of the tunnel path can be a great concern for lightweight APs.

The round-trip time (RTT) between an AP and a controller should be less than 100 ms so that wireless communication can be maintained in near real time. If the path has more latency than that, the APs may decide that the controller is not responding fast enough, so they may disconnect and find another, more responsive controller.

21
Q

What is embedded wireless network topology?

A

This is a design where the WLC is located further down in the network hierarchy. In Figure 18-5, the WLC is co-located with an access layer switch. This can be desirable when the switch platform can also support the WLC function. This is known as an embedded wireless network topology because the WLC is embedded in the switch hardware.

A Cisco embedded WLC typically supports up to 200 APs.

22
Q

Is it possible to move the WLC even below the access layer and into an AP?

A

Yes, it is possible.

Figure 18-7 illustrates the Mobility Express topology, where a fully functional Cisco AP also runs software that acts as a WLC. This can be useful in small scale environments, such as small, midsize, or multi-site branch locations, where you might not want to invest in dedicated WLCs at all. The AP that hosts the WLC forms a CAPWAP tunnel with the WLC, as do any other APs at the same location. A Mobility Express WLC can support up to 100 APs.

23
Q

Put the following steps of a lightweight AP state machine in order.

  1. Reset
  2. WLC join
  3. AP boots
  4. CAPWAP tunnel:
  5. WLC discovery
  6. Download config
  7. Download image
  8. Run state
A

The correct order from the question is: 3, 5, 4, 2, 7, 6, 8, 1.

The sequence of the most common states, as 7 in Figure 18-8, is as follows:

  1. AP boots: Once an AP receives power, it boots on a small IOS image so that it can work through the remaining states and communicate over its network connection. The AP must also receive an IP address from either a Dynamic Host Configuration Protocol (DHCP) server or a static configuration so that it can communicate over the network.
  2. WLC discovery: The AP goes through a series of steps to find one or more controllers that it might join. The steps are explained further in the next section.
  3. CAPWAP tunnel: The AP attempts to build a CAPWAP tunnel with one or more controllers. The tunnel will provide a secure Datagram Transport Layer Security (DTLS) channel for subsequent AP-WLC control messages. The AP and WLC authenticate each other through an exchange of digital certificates.
  4. WLC join: The AP selects a WLC from a list of candidates and then sends a CAPWAP Join Request message to it. The WLC replies with a CAPWAP Join Response message. The next section explains how an AP selects a WLC to join.
  5. Download image: The WLC informs the AP of its software release. If the AP’s own software is a different release, the AP downloads a matching image from the control- ler, reboots to apply the new image, and then returns to step 1. If the two are running identical releases, no download is needed.
  6. Download config: The AP pulls configuration parameters down from the WLC and can update existing values with those sent from the controller. Settings include RF, service set identifier (SSID), security, and quality of service (QoS) parameters.
  7. Run state: Once the AP is fully initialized, the WLC places it in the “run” state. The AP and WLC then begin providing a BSS and begin accepting wireless clients.
  8. Reset: If an AP is reset by the WLC, it tears down existing client associations and any CAPWAP tunnels to WLCs. The AP then reboots and starts through the entire state machine again.
24
Q

T/F: To discover a WLC, an AP sends a unicast CAPWAP Discovery Request to a controller’s IP address over UDP port 5264 or a broadcast to the local subnet. If the controller exists and is working, it returns a CAPWAP Discovery Response to the AP

A

False.

To discover a WLC, an AP sends a unicast CAPWAP Discovery Request to a controller’s IP address over UDP port 5246 or a broadcast to the local subnet. If the controller exists and is working, it returns a CAPWAP Discovery Response to the AP.

25
Q

What are the commands to configure a router to relay any broadcast requests on UDP 5246 to specific WLC1 and WLC2 management addresses, on VL100?

A

If the AP and controllers lie on different subnets, you can configure the local router to relay any broadcast requests on UDP port 5246 to specific controller addresses. Use the following configuration commands:

router(config)# ip forward-protocol udp 5246

router(config)# interface vlan 100

router (config-int)# ip helper-address WLC1-MGMT-ADDR

router(config-int)# ip helper-address WLC2-MGMT-ADDR

26
Q

An AP can be “primed” with up to three controllers—a primary, a second-
ary, and a tertiary. Where are these stored so upon booting the AP can contact the WLC?

A

An AP can be “primed” with up to three controllers—a primary, a second-
ary, and a tertiary.

These are stored in nonvolatile memory so that the AP can remember them after a reboot or power failure.

27
Q

T/F: the CAPWAP Discovery Request broadcasts globally, automatically being forwarded by Cisco routers.

A

False.

The AP broadcasts a CAPWAP Discovery Request on its local wired subnet.

Any WLCs that also exist on the subnet answer with a CAPWAP Discovery Response.

28
Q

What is the DHCP option to supply a list of WLC addresses to an lightweight AP?

A

The DHCP server that supplies the AP with an IP address can also send DHCP option 43 to suggest a list of WLC addresses.

29
Q

What is the significance of CISCO-CAPWAP-CONTROLLER.local-domain to a booting lightweight AP?

Where is the local.domain learned from?

A

The AP attempts to resolve the name CISCO-CAPWAP-CONTROLLER.local-domain with a DNS request (where localdomain is the domain name learned from DHCP). If the name resolves to an IP address, the controller attempts to contact a WLC at that address

30
Q

When an AP has finished the discovery process, it should have built a __________________________________.

A

When an AP has finished the discovery process, it should have built a list of live candidate controllers.

Now it must begin a separate process to select one WLC and attempt to join it.

Joining a WLC involves sending it a CAPWAP Join Request and waiting for it to return a CAPWAP Join Response. From that point on, the AP and WLC build a DTLS tunnel to secure their CAPWAP control messages.

31
Q

What is a DTLS tunnel?

A

Datagram Transport Layer Security (DTLS) is a communications protocol that provides security for datagram-based applications by allowing them to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery.

The DTLS protocol is based on the stream-oriented Transport Layer Security (TLS) protocol and is intended to provide similar security guarantees.

The DTLS protocol datagram preserves the semantics of the underlying transport—the application does not suffer from the delays associated with stream protocols, but because it uses UDP, the application has to deal with packet reordering, loss of datagram and data larger than the size of a datagram network packet.

32
Q

The WLC selection process consists of the following three steps. Put them in order.

  1. If the AP does not know of any candidate controller, it tries to discover one.
  2. The AP attempts to join the least-loaded WLC, in an effort to load balance APs across a set of controllers
  3. If the AP has previously joined a controller and has been configured or “primed” with a primary, secondary, and tertiary controller, it tries to join those controllers in succession.
A

The correct order from the question is: 3, 1, 2.

The WLC selection process consists of the following three steps:

  1. If the AP has previously joined a controller and has been configured or “primed” with a primary, secondary, and tertiary controller, it tries to join those controllers in succession.
  2. If the AP does not know of any candidate controller, it tries to discover one. If a controller has been configured as a master controller, it responds to the AP’s request.
  3. The AP attempts to join the least-loaded WLC, in an effort to load balance APs across a set of controllers. During the discovery phase, each contrpoller reports its load—the ratio of the number of currently joined APs to the total AP capac- ity. The least-loaded WLC is the one with the lowest ratio.
33
Q

T/F: Once an AP joins a controller, it sends keepalive (also called heartbeat) messages to the controller over the wired network at regular intervals.

A

True.

Once an AP joins a controller, it sends keepalive (also called heartbeat) messages to the controller over the wired network at regular intervals.

By default, keepalives are sent every 30 seconds.

The controller is expected to answer each keepalive as evidence that it is still alive and working. If a keepalive is not answered, an AP escalates the test by sending four more keepalives at 3-second intervals. If the controller answers, all is well; if it does not answer, the AP presumes that the controller has failed.

The AP then moves quickly to find a successor to join.

34
Q

From the WLC, you can configure a lightweight AP to operate in one of the several special-purpose modes. What is the “Local mode”?

A

Local: The default lightweight mode that offers one or more functioning BSSs on a specific channel. During times when it is not transmitting, the AP scans the other channels to measure the level of noise, measure interference, discover rogue devices, and match against intrusion detection system (IDS) events.

NOTE: Remember that a lightweight AP is normally in local mode when it is providing BSSs and allowing client devices to associate to wireless LANs. When an AP is configured to operate in one of the other modes, local mode (and the BSSs) is disabled.

35
Q

From the WLC, you can configure a lightweight AP to operate in one of the several special-purpose modes. What is the “Monitor mode”?

A

Monitor: The AP does not transmit at all, but its receiver is enabled to act as a dedicated sensor. The AP checks for IDS events, detects rogue access points, and determines the position of stations through location-based services.

36
Q

From the WLC, you can configure a lightweight AP to operate in one of the several special-purpose modes. What is the “FlexConnect mode”?

A

FlexConnect: An AP at a remote site can locally switch traffic between an SSID and a VLAN if its CAPWAP tunnel to the WLC is down and if it is configured to do so.

37
Q

From the WLC, you can configure a lightweight AP to operate in one of the several special-purpose modes. What is the “Sniffer mode”?

A

Sniffer: An AP dedicates its radios to receiving 802.11 traffic from other sources, much like a sniffer or packet capture device. The captured traffic is then forwarded to a PC running network analyzer software such as LiveAction Omnipeek or Wireshark, where it can be analyzed further.

38
Q

From the WLC, you can configure a lightweight AP to operate in one of the several special-purpose modes. What is the “Rogue detector mode”?

A

Rogue detector: An AP dedicates itself to detecting rogue devices by correlating MAC addresses heard on the wired network with those heard over the air. Rogue devices are those that appear on both networks.

39
Q

From the WLC, you can configure a lightweight AP to operate in one of the several special-purpose modes. What is the “Bridge mode”?

A

Bridge: An AP becomes a dedicated bridge (point-to-point or point-to-multipoint) between two networks. Two APs in bridge mode can be used to link two locations separated by a distance. Multiple APs in bridge mode can form an indoor or outdoor mesh network.

40
Q

From the WLC, you can configure a lightweight AP to operate in one of the several special-purpose modes. What is the “Flex+Bridge mode”?

A

Flex+Bridge: FlexConnect operation is enabled on a mesh AP.

41
Q

From the WLC, you can configure a lightweight AP to operate in one of the several special-purpose modes. What is the “SE-Connect mode”?

A

SE-Connect: The AP dedicates its radios to spectrum analysis on all wireless channels. You can remotely connect a PC running software such as MetaGeek Chanalyzer or Cisco Spectrum Expert to the AP to collect and analyze the spectrum analysis data to discover sources of interference.

42
Q

Antenna gain is normally a comparison of one antenna against an isotropic antenna and is measured in _____________ units.

A

Recall from Chapter 17 that antenna gain is normally a comparison of one antenna against an isotropic antenna and is measured in dBi (decibel-isotropic).

An isotropic antenna does not actually exist because it is ideal, perfect, and impossible to construct. It is also the simplest, most basic antenna possible, which makes it a good starting place for antenna theory.

43
Q

What is a radiation pattern when referring to wireless antennas?

A

A plot that shows the relative signal strength around an antenna is known as the radiation pattern.

44
Q

What are the E and H planes? What do they show?

A

A radiation pattern is difficult to see in 3D. Instead, you could slice through the three-dimensional plot with two orthogonal planes and show the two outlines that are formed from the plot.

In Figure 18-9, the sphere is cut by two planes. The XY plane, which lies flat along the horizon, is known as the H plane, or the horizontal (azimuth) plane, and it usually shows a top-down view of the radiation pattern through the center of the antenna. The XZ plane, which lies vertically along the elevation of the sphere, is known as the E plane, or elevation plane, and shows a side view of the same radiation pattern.

45
Q

What is polarization with regard to antennas?

A

The electrical field wave’s orientation, with respect to the horizon, is called the antenna polarization.

Antennas that produce vertical oscillation are vertically polarized; those that produce horizontal oscillation are horizontally polarized.

46
Q

What is the shape of the radiation pattern of an omnidirectional antenna? What is it best suited for?

A

There are two basic types of antennas, omnidirectional and directional.

An omnidirectional antenna is usually made in the shape of a thin cylinder. It tends to propagate a signal equally in all directions away from the cylinder but not along the cylinder’s length. The result is a donut-shaped pattern that extends further in the H plane than in the E plane.

This type of antenna is well suited for broad coverage of a large room or floor area, with the antenna located in the center. Because an omnidirectional antenna distributes the RF energy throughout a broad area, it has a relatively low gain.

47
Q

What type of antenna focuses direction the best.

A

Parabolic dish antennas are very focused.