Network Components – APs, Controllers, and endpoints

In this lesson we’ll be going over the second half of the endpoints that you would see in your network in your day-to-day work.

The controllers here references both network controllers, such as cisco DNA, and also wireless controllers. Your wireless lan controllers and access points.

Access Points

So jumping right on in our wireless access points, what do they do fundamentally? They provide wireless network access for our endpoints. they are access layer devices, and really are an extension of your access layer in the multi-tier enterprise LAN architecture. Meaning that your computers and endpoints can go ahead and connect to the LAN wirelessly.

Now these APs operate in either standalone or lightweight mode. Sometimes when you purchase a lightweight access point, it actually doesn’t have the ability to operate in standalone mode.

Standalone (Autonomous) Access Points

You might be asking, what does standalone mode mean? With a standalone AP, your traffic enters the network where that access point connects, and the access point performs all actions that are needed in managing the wireless network. It performs user authentication and it’ll reach out to your RADIUS server if you have WPA2 enterprise configured.

As mentioned, your network traffic enters the network where that AP plugs in, and on whichever vlan that may be tagged for that SSID. Standalone, or Autonomous APs operate independently, such that they don’t know really that each other exists and they don’t care. They just see each other as interference, whereas if you do use a wireless controller then they can sense each other be aware of each other. The controller can adjust their transmitting power and their frequency to make sure that they don’t interfere with each other, or at least try to interfere as minimally as possible.

Lightweight Access Points

Now with a lightweight access point you’re going to end up using a wireless controller, a WLC, which typically operate in split mac configuration. This is where your network traffic actually gets tunneled through your network back over to the wireless controller before it enters into the network on the VLAN for that SSID.

The access points, they broadcast RF networks called Service Set IDentifiers those are SSID. Nearly everybody’s familiar with this term, I’m sure when you go to your Wi-Fi on your laptop or phone and you pick out which SSID you want, it might be named “bacon”, then you go ahead and connect to “bacon”. We’re going to go through this a little more in detail further on in the course when we cover RF fundamentals.

Something interesting, at layer 2 your wireless access points use CSMA-CA. Now what is that? That is Carrier Sensing Multiple Access Collision Avoidance. What does that mean? That means that if your access point wants to go ahead and broadcast something out to you, it’ll listen first to see if anyone else is broadcasting, if they are it waits a certain amount of time before it tries listening to see if anyone’s broadcasting again. If not, it’ll send out a request to you called a Request to Send. Then if your device sees that nobody else is transmitting it will send back a ping, basically saying Clear to Send. It does this quick little one two to make sure that you can reliably transmit and receive traffic and it uses that as a pseudo-reliable connection to say “Yup it’s safe, I’ll go ahead and send this over now”

So your lightweight access point tunnels that traffic using CAPWAP, it encrypts that traffic it tunnels it over to your wireless controller so your traffic actually goes to your wireless controller and it goes into your network at your wireless controller. Not over where your AP connects, with lightweight access point and split MAC.

Controllers

Moving on here into our controllers, the first type of controller we’re going to cover is the Wireless Lan Controller, that we’ve talked a bit about already, so we’ll just cover some brief points here. The WLC manages the configuration, and also many of the tasks for your lightweight access points. Things like authentication and radio resource management, where it listens to the other access points around in the area and sees whether they are part of this controller or not.

As we mentioned, for lightweight APs, the WLC acts as the entry point for your network traffic. This can help a lot in your deployment so that you don’t have to have end-to-end VLANs. You can have your access point anywhere in the network and you don’t need the VLAN for which those wireless clients are connecting to exist in that part of the network. It can be way far away and the VLAN doesn’t need to exist there, it’ll all come back to the controller and end up entering into the network there.

The next type of controller we’ll go over briefly is the DNA, Digital Network Architecture Controller. You may not have heard of this, this is a solution that’s very similar to software defined networking, SDN, and it controls devices in real time and does policy based network management. You set a policy for a device, or for your network, say you want a certain VLAN to maintain a minimal amount of latency or that you want to set a bandwidth limit on a specific client, you can do that in Cisco DNA.

Endpoints

Now our endpoints are your computers, your workstations, your laptops, your cell phones, your security cameras, servers, locks, phones… All of these devices, they are the generators and receivers of almost all of the traffic in our network. Your actual router or your switch or your controller is not really itself generating that much traffic, it’s all your endpoints, those are what’s using all of your network services and they consume network service. Services like Power over Ethernet, this is a service that your network provides and that they are consuming.