Ch 19: Understanding Wireless Roaming and Location Services Flashcards
- When a client moves its association from one autonomous AP to another, it is actually leaving and joining which one of the following?
a. SSID
b. BSS
c. ESS
d. DS
2.
The client must associate with a BSS offered by an AP.
BSS: The basic service set (BSS) is a set of all stations that can communicate with each other at PHY layer. Every BSS has an identification (ID) called the BSSID, which is the MAC address of the access point servicing the BSS. There are two types of BSS:
- Independent BSS (also referred to as IBSS)
- infrastructure BSS
Which one of the following makes the decision for a device to roam from one AP to another?
- The client device
- The original AP
- The candidate AP
- The wireless LAN controller
1.
The client device is in complete control of the roaming decision, based on its own roaming algorithm. It uses active scanning and probing to discover other candidate APs that it might roam to.
Ten lightweight APs are joined to a wireless LAN controller. If a client roams from one of the APs to another, which one of the following correctly describes the roam?
- Autonomous roaming
- Intercontroller roaming
- Intracontroller roaming
- Indirect roaming
3.
Because a single controller is involved, the roam occurs in an intracontroller fashion. Even though the client thinks it is associating with APs, the associations actually occur at the controller, thanks to the split-MAC architecture.
Which of the following provides the most efficient means for roaming, as measured by the time to complete the roam?
- Layer 2 intercontroller roaming
- Layer 3 intercontroller roaming
- Intracontroller roaming
- All of the above; they all take equal amounts of time.
3.
Intracontroller roaming is the most efficient because the reassociation and client authentication occur within a single controller.
Which of the following is used to cache authentication key information to make roaming more efficient?
a. PGP
b. CCNA
c. CCKM
d. EoIP
3.
Cisco Centralized Key Management (CCKM) is used to cache key information between a client and an AP. The cached information is then used as a quick check when a client roams to a different AP.
for reference…
Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications.
EoIP (Ethernet Over IP): Transporting Ethernet frames within IP packets in order to link LANs or tunnel traffic in an IP network. Normally, IP packets ride over Ethernet frames; however, EOIP flips the process, placing layer 2 frames inside layer 3 packets. See transparent LAN service.
In a Layer 2 intercontroller roam, what mechanism is used to tunnel client data between the two controllers?
- GRE tunnel
- EoIP tunnel
- CAPWAP tunnel
- None of these answers
4.
In a Layer 2 roam, the client’s IP subnet does not change as it moves between controllers. Therefore, there is no need to tunnel the client data between the controllers; instead, the client simply gets handed off to the new controller.
A client roams from controller A to controller B. If it undergoes a Layer 3 roam, which one of the following best describes the role of controller A?
- Foreign controller
- Host controller
- Master controller
- Anchor controller
4.
The anchor controller, where the client starts, maintains the client’s state and builds a tunnel to the foreign controller, to which the client has now roamed.
A network consists of four controllers: A, B, C, and D. Mobility group 1 consists of controllers A and B, while mobility group 2 consists of controllers C and D. Which one of the following answers describes what happens when a client tries to roam between controllers B and C?
- Roaming is seamless and efficient.
- Roaming is not possible.
- Roaming is possible, but CCKM and key caching do not work.
- Only Layer 3 roaming is possible.
3.
Controllers A and B are listed in each other’s mobility list, so they are known to each other. However, they are configured with different mobility group names. Clients may roam between the two controllers, but CCKM and PKC information will not be exchanged.
for reference… both of these provide fast roaming.
Cisco Centralized Key Management (CCKM) is used to cache key information between a client and an AP. The cached information is then used as a quick check when a client roams to a different AP.
Proactive Key Caching (PKC): It was designed as an extension to the 802.11i IEEE standard. PKC is a feature enabled in Cisco WLCs which permits properly equipped wireless clients to roam without full re-authentication with an AAA server.
Which of the following parameters is useful for computing a client device’s location with respect to an AP?
a. BSS
b. GPS
c. RSS
d. Channel
C.
The client’s received signal strength (RSS) can be used to calculate an approximate distance from the AP based on the free space path loss attenuation.
A wireless client must associate and authenticate with an AP before it can use the AP’s __________ to access the network
A wireless client must associate and authenticate with an AP before it can use the AP’s BSS to access the network.
A client can also move from one BSS to another by roaming between APs. A client continuously evaluates the quality of its wireless connection, whether it is moving around or not. If the signal quality degrades, perhaps as the client moves away from the AP, the client will begin looking for a different AP that can offer a better signal.
BSS: Basic service sets are a subgroup of devices within a service set (SSID) which are additionally also operating with the same physical layer medium access characteristics (i.e. radio frequency, modulation scheme, security settings etc.) such that they are wirelessly networked. Devices within basic service sets are identified by BSSIDs (basic service set identifiers), which are 48-bit labels that conform to MAC-48 conventions.
T/F: When a client wants to roam from one lightweight AP to another, the controller handles the roaming process, rather than the APs, because of the split-MAC architecture.
True.
The controller handles the roaming process, rather than the APs, because of the split-MAC architecture.
What is “intracontroller roaming”?
When a wireless client starts moving, it eventually roams to another AP. Not much changes except that the controller updates the client association from AP 1 to AP 2. Because both APs are bound to the same controller, the roam occurs entirely within the controller. This is known as intracontroller roaming.
Figure 19-4 shows a two-AP scenario where both APs connect to a single controller. Client 1 is associated to AP-1, which has a Control and Provisioning of Wireless Access Points (CAPWAP) tunnel to controller WLC 1. The controller maintains a client database that contains detailed information about how to reach and support each client.
For simplicity, Figure 19-4 shows the database as a list of the controller’s APs, associated clients, and the wireless LAN (WLAN) being used. The actual database also contains client MAC and IP addresses, quality of service (QoS) parameters, and other information.
How long does a controller take to update the client association table so it knows which CAPWAP tunnel to use to reach a roaming client when it changes AP associations?
If both APs involved in a client roam are bound to the same controller, the roaming process is simple and efficient. The controller has to update its client association table so that it knows which CAPWAP tunnel to use to reach the client. Thanks to the simplicity, an intracontroller roam takes less than 10 ms to complete—the amount of processing time needed for the controller to switch the client entry from AP 1 to AP 2.
From the client’s perspective, an intracontroller roam is no different from any other roam. The client has no knowledge that the two APs are communicating with a controller over CAPWAP tunnels; it simply decides to roam between two APs based on its own signal analysis.
What decides that a client should change AP associations?
- WLC
- AP
- Client
The client decides.
The client has no knowledge that the two APs are communicating with a controller over CAPWAP tunnels; it simply decides to roam between two APs based on its own signal analysis.
Along with the client reassociation, what other processes may occur?
Along with the client reassociation, a couple other processes can occur:
- DHCP: The client may be programmed to renew the DHCP lease on its IP address or to request a new address.
- Client authentication: The controller might be configured to use an 802.1x method to authenticate each client on a WLAN.
To achieve efficient roaming, both of these processes should be streamlined as much as possible. For instance, if a client roams and tries to renew its IP address, it is essentially cut off from the network until the Dynamic Host Configuration Protocol (DHCP) server responds.
The client authentication process presents the biggest challenge because the dialog between a controller and a RADIUS server, in addition to the cryptographic keys that need to be generated and exchanged between the client and an AP or controller, can take a considerable amount of time to accomplish. Cisco controllers offer three techniques to minimize the time and effort spent on key exchanges during roams:
- Cisco Centralized Key Management (CCKM):
- Key caching (PKC),(proactive key caching)
- 802.11r
What is a “local to foreign” roam?
When a client initiates an intercontroller roam, the two controllers involved can compare the VLAN numbers that are assigned to their respective WLAN interfaces. If the VLAN IDs are the same, nothing special needs to happen; the client undergoes a Layer 2 intercontroller roam and can continue to use its original IP address on the new controller.
If the two VLAN IDs differ, the controllers arrange a Layer 3 roam (also known as a local-to-foreign roam) that will allow the client to keep using its IP address.
A Layer 3 intercontroller roam consists of an extra tunnel that is built between the client’s original controller and the controller it has roamed to. The tunnel carries data to and from the client as if it is still associated with the original controller and IP subnet.
Figure 19-9 shows the results of a Layer 3 roam. The original controller (WLC 1) is called the anchor controller, and the controller with the roamed client is called the foreign controller. Think of the client being anchored to the original controller no matter where it roams later. When the client roams away from its anchor, it moves into foreign territory.
