2.6 Compare Cisco Wireless Architectures and AP modes - CCNA Exam

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
you are now tuned in to the network the youtube channel that takes complex networking topics and dumbs it down to a more simple language today's topic is compare cisco wireless architectures and ap modes this is a topic in the ccna exam let's get right into it if you look at this image of these images right here we got several houses right here right now they all have several things in common right they all have a door they all got windows they well not all of them got garages but most houses have garages like this right well this is kind of com this is kind of like what we can compare to networks right uh all networks have you know networking devices such as switches and routers and things like that right but the thing is not all networks are created equally just like houses the architectures of houses different types of designs of houses are not the same same thing with networks you can you can have one network engineer or a group of network engineers designing a network it's not going to look the same as a you know group b that created a you know a network they're just not going to be the same so we're going to discuss the different types of wireless architectures first let's talk about the different modes and aps or access points and we've talked about this in the last in a in a couple videos back i can't remember which one but we talked about how there's a lightweight mode and autonomous mode for access points autonomous mode is when all you know all of the functions are within that access point itself you look at this topology right here we got the the three-tier um cisco hierarchy that we're familiar with right we got this the core layer at the top and we got the distribution layer we got the access layer right then we got the autonomous aps that sits just below the axis the uh access layer right this can be kind of tricky here because we i know we said access layer and this access point right here is connected to the access layer through a trunk so is it the access layer or the trunk layer well it is an access point but it connects to the access layer with a trunk so all of the vlans are passed through this trunk right here so essentially the access point is physically connected to this switch right here and this switch connects to the ap with the trunk right here right all the uh the ssids are broadcasted with a different vlans through this access point right here this is a typical autonomous access point architecture right a couple fun facts about autonomous aps the autonomous ap is self-contained just like i said all of its functions are within that uh within that access point as opposed to a lightweight mode where not all of its features are within that we're going to talk about where those features are right with a lightweight access point but with autonomous aps all of its functions are within itself the radio the rf management uh the packet switching the broadcasting of the ssid the associating and disassociating of wireless clients all of the functions are within that ap right each ap must be configured and maintained individually now just by the sound of that you can tell that's a con and not a pro right why is that because if we have to touch every ap on the network right let's say you got a network that's got you know a small little business or i don't know a restaurant with like five aps that's fine if you need to configure each one of them manually right you need to change some vlans or you need to change what group that ap is in fine you could do that um you know you can touch each ap individually because there's only five of them right but if you got a enterprise network or a large organization like where i work at where's like about 6 000 aps or maybe 2 000 aps it's hard to do that individually to actually uh you know control every ap this is a con it's difficult to touch every ap if you've got so many of them right each ap must also be configured with a management ip address right i mean yeah you can do that with dhcp but you have to have a separate management ip address for the ap so you can actually control it and configure it and things like that with a wireless lan controller you can control those aps and man up and configure that ap from the wireless controller we'll talk about that in another slide each autonomous ap handles its own security policies with no central port of entry between wireless and wired networks right so again autonomous aps it does everything not by itself but you do all of the functions is within it's contained within that ap that's why it's called autonomous because it's like it's like autonomous cars right because everything is done by the car itself it doesn't need you to drive it that's why it's called autonomous the word autonomous means like pretty much self-controlled or self-contained a cloud-based ap architecture is where aps are essentially managed controlled and monitored centrally from the cloud a perfect example of that is the cisco meraki cloud solution you look at this topology right here we've got pretty much the same thing right we got the core layer the distribution layer and the access layer right then we got our our access points right here right so we've got several access points right and we have the trunk link just like in autonomous mode right except we're not touching each and each each of these aps at the access layer or just even from the access point itself we're controlling these devices to essentially manage device over here it's in the cloud it's not really a cloud but it's a device that we say is in the cloud it's just that we control all of these aps from a dashboard that you could just log into a gui and control the aps from there from you know right right in your cushy office or if you work from home you know on the floor or whatever each ap will contact the cloud when it powers up and self-configured you can configure and manage aps monitor wireless performance and activity and generate reports so it's almost like what i showed you guys in in the cisco dna video you can control all your aps you know by just logging into a gui you can control like the rf signals you control the rssi or not necessarily the rssi but how strong the signal is change you know whether it's a static or dhcp assignment there's all kind of things you can do you would just log into the dashboard and control the aps from a centrally located device or basically the cloud split matte architectures is another architecture basically you take so you've got this is one that you normally see in a in an enterprise environment or a large organization right so we have our access point over on this side right and then we have the wireless now we're introducing the wireless controller right but now with the eight with autonomous ap remember he controlled all of his functions basically everything you see up here beacons probe responses packet acknowledgement and transmission frame queuing and packet prioritization you know all you read all this right here all of that stuff was done on the autonomous ap by itself but now some of these functions are given to the wireless controller that's why they call it split map architecture because basically they're splitting the the labor of media access control layer so all of these functions are controlled by the ap right beacons basically like when he broadcasts the ssid right probe responses packet acknowledgement and transmission frame queuing and packet prioritization all of that stuff is done by the ap but this other stuff is done by the wireless controller mac management association requests and actions authentication and key management all that stuff is done by the controller now you kind of wonder how like because really there's a switch right here this ap is connected to a switch using a an access link not a trunk link right so he's connected to a switch physically to an access i mean to uh uh using an access uh an access port right but then how does he control you know talk to the wireless controller he that wireless controller actually he might not even be on the same network he might be you know geographically located somewhere else well he's talking to that wireless controller through what we call a cat rap tunnel and i've talked about this uh in a couple of videos back i can't remember which video it was but basically it's basically a tunnel that allows the access point to target a wireless controller through a logical tunnel right you know he doesn't necessarily have to be in the same building actually you know the ap could be in one building and the wireless controller could be like in another city really but uh he talks to that wireless controller using this logical tunnel called the catwap tunnel and catwap stands for control uh i believe it's control and provisioning wireless access points and it's a protocol that we use to basically use the ap to talk to a wireless controller now i know it says l encapsulation here too but basically lwap is lightweight access point uh protocol that was like the older version of cat wrap and it was it was a cisco proprietary solution but uh nowadays you see most of the most wireless controllers and access points talk to each other using a cap web tunnel and the cap lab toner within that they use uh control messages and data messages right as you can see right here at the bottom control plane is where traffic is used to control and configure and manage ap manage and monitor the aap itself those messages are the control messages right then you have the data plane or the data messages which is end user traffic basically the the traffic that the end user is sending right his emails his pictures or whatever the case may be it's porn that's passing through the ap that is the data that is done through the data plane the data plane is in this tunnel right here and then the control plane or control messages is sent through this tunnel right here but this is really one tunnel right here it's just it's just two separate yeah it's two tunnels within the cap lap tunnel but one is for control messages one is for data messages as you can see control control traffic is traffic that's used to control the ap and stuff like that and the data traffic uh data plane is where the data the data actually is going back and forth between the wireless controller and the lightweight ap remember this is a lightweight ap not autonomous so you see split mac architecture with uh when you introduce a wireless controller and again we call it split mac because they split the labor the wires controller handles some things and the ap handles con some things with autonomous ap architecture the a the autonomous ap controls all of its functions itself so now as our network grows and we uh add more aps right we can uh could have multiple cap laptops as you can see here shout out to wendell odom and the uh official cert guide that's where i got this image from a lot of this material you'll find in that guide itself y'all just know i like to break it down a simple language that's basically what i'm doing here we're not going to be doing any labs today just to give you a heads up i you know hate to disappoint you if you're waiting on some labs but you know in the uh ccna objective guide it says to describe wireless architectures we don't have to necessarily configure them and stuff like that obviously you wanna you know you'll know you'll understand it better if you actually configure it but how many of you have a wireless controller at home but then again that's where packet tracer comes in so again split map functions we split the uh the labor between the access point and the wireless wireless lan controller wireless controller controls the rf management association and roaming management client client authentication like usernames passwords security management and quality service the access point controls real-time functions such as rf transmit and receive so radio frequencies you know we talk about radio frequencies and stuff like that on mac management and encryption so let's talk about the different access point modes this if you're on a wireless controller you just do configure ap mode and then hit a question mark you'll see the different ap modes there's eight ap modes we need to know for the exam i know it says reap here or reap which is remote edge ap mode for the cisco ap that is not one we're gonna cover today we're gonna replace that with another mode and we're gonna talk about each one of these modes separately so first is local mode this is the default mode this is one you're probably most familiar with with a lightweight access point it acts as if the controller and the ap are in the same location right it acts as if the controller and the ap are in the same location remember they don't have to be in the same location but it acts like it and it sends all of the traffic controlling data to the controller if we lose connection to controller the access point would disassociate will it still function i don't believe so because it needs to talk to controller but that's where you can use another mode which we'll talk about in a little bit but again this is the default mode the local ap acts as if it's within the same location as the controller we got our client right here talking to the ap this ap broadcasts the ssid to him and then uh you know he goes to the controller remember there's a switch right here physically the ap is actually connected to a switch and then it sends it talks to the controller using a cap laptop remember that right you may or may not need to know those uh those port numbers that i mentioned these right here are the port numbers udp port number 5246 and for uh the data is udp port number 5247. there's also monitor mode where the ap does not transmit at all it basically acts like a monitor as you can see right here uh he just looks for rogue access points or you know like basically kind of like hackers you know because like a hacker could you know plug up an ap somewhere and act like it's a you know and it's just acts like it's a guest network where you know some unsuspecting victim can control you know get on to that access point and be like oh here's my you know credit card and my passwords but ap in an ap and monitor mode he can detect rogue access points and then from there you can kind of you know you know determine this point uh position of these stations using location-based services and basically you know keep your network secure and that's what ap monitor mode is for there's also sniffer mode this is also used for troubleshooting and ap dedicates its radios to receiving 802.11 traffic from other sources much like a sniffer or packet capture device so we got this client right here you know he talks to the lightweight access point remember this is a lightweight access point that lightweight access point broadcasts his ssid so he goes to the ap and then to get to the internet he must go to the switch which will be located right here it's just not in here and then he goes to the controller and then he goes on to the internet right so while the traffic is going back and forth right here we got mr ap right here in sniffer mode and he's sniffing all of the traffic that's going between the client and the controller right here right but then while he's in sniffer mode he takes all that data collected that and collects it from the controller because remember that information was going past back and forth between the client this stupid mouse between the client and the controller right here right back and forth between these two guys and then he sends it over to the analyzer which is sitting right here an ap and sniffer mode does that you can use uh you know a network analyzer such as y packets omnipeak or i believe metageek that we were using in another video or wireshark work can be analyzed further so you can kind of like look at the traffic see what's going on basically used for troubleshooting purposes rogue detector mode is kind of similar to uh monitor mode right you just kind of like looking for rogue aps in the network and ap dedicates to detecting rogue devices by correlating mac addresses heard on the wired network with those heard over the air rogue devices are those that appear on both networks so remember a rogue ap is basically like a hacker just places his ap somewhere and tries to you know get some unsuspecting uh victim this information basically it's kind of like fishing but with an ap you know i know what fishing is right if you don't i'll leave a link in description below shout out to ipwithease.com for these images flex connect mode this is one that is very important we use this a lot of my job right here it's where an ap is at a remote site and can locally switch traffic between an ssid and a vlan if it's cap wrap tunnel to the wireless controller is down and it is configured to do so so we got the ap right here it's a lightweight ap right one we're familiar with again i now notice they put a switch there because they know it needs to be there it's because the ap is connected physically to the switch right but we know he talks to the controller using the cap web tunnel right but if the cap if the controller is down as you can see with this indicated by this red x here then we don't have that catwalk tell them that we can talk to the controller right but we can still talk to this printer right here if this ap is in flex connect mode that's the beauty of flex connect mode because we now don't need this controller to you know switch our traffic from wireless to y to the wired network when it's in flex connect mode we can don't get this confused with local mode now as a matter of fact i remember in a job interview uh this this guy was asking me a question he tried it was like he was trying to trick me by asking the difference between local mode and flex connect mode the flex connect mode kind of like works it works you know switches traffic locally but it really locally switches traffic remotely if that makes any sense just kind of like look at this image right here right you know normally this ap talks his controller but if the controller is down he can't he you know he can't talk to the controller obviously so he's going to locally switch the wireless traffic to the wired traffic because it's locally switched this is flex connect mode very important here bridge mode is when an ap becomes a dedicated bridge between two networks two aps and bridge mode can be used to link to locations separated by the by a distance multiple aps in bridge mode can form an indoor or outdoor mesh networks basically you're bridging two networks that's why they call it bridge mode we have one network here one network here and the aps can bridge the two different networks flex plus bridge mode you guessed it it's the combination of flex mode plus bridge mode the ap can operate in either flex connect or bridge or mesh mode sometimes they call bridge mode mesh mode the ap this ap combines the two it allows aps in mesh mode to use flex connect capabilities i don't have an image for this sorry about that but again it's the it's the combination of flex connect mode and bridge mode hence flex plus bridge mode sc connect mode is when an ap dedicates its radios to spectrum analysis on all wireless channels log into the gui you change it to se connect mode and then act like a spectrum analyzer so i'm going to you know ever ever heard using devices like ecohow or uh there's other spectrum analyzers that are out there basically you you kind of like analyzing the wi-fi traffic right but you're doing it with an ap so the ap is not going to be broadcasting any ssids or you know associating any wireless networks it just act like a spectrum analyzer again you log into the wireless controller you put that ap in sc connect mode as you can you know as indicated by this red arrow right here and then you know it basically you can remotely connect a pc running software such as meta geek channelizer or cisco spectrum expert to the ap to collect and analyze spectrum analysis to discover sources of interference so basically use this to kind of like troubleshoot your wi-fi network and stuff like that that's all i got for y'all today i know i kind of raced through this information you know sorry for taking so long with these videos uh just had a lot going on on my plate got projects and stuff like that on my job uh but anyways that's my youtube page that is my twitter handle i hope you like this video if you do hit that like button hit that subscribe button in other words comment like subscribe to the network
Info
Channel: NetworkBruh
Views: 6,436
Rating: undefined out of 5
Keywords:
Id: pZW6kXh0Rro
Channel Id: undefined
Length: 20min 53sec (1253 seconds)
Published: Wed Apr 29 2020
Related Videos
Wi-Fi, WLAN, WLC - Get (free) Hands On | Cisco CCNA 200-301
Keith Barker
77K
What is the CCIE Exam Like? Is the CCIE Certification Worth It?
Keith Barker
48K
Five Fundamentals of RF You Must Know for WLAN Success
CWNPTV
253K
2.8 Describe AP and WLC management connections Telnet, SSH, HTTP, HTTPS, console, TACACS+, Radius)
NetworkBruh
2.4K
PVST vs Rapid STP | Cisco CCNA 200-301
Keith Barker
28K
How To Speak by Patrick Winston
MIT OpenCourseWare
5.1M
1.1e Wireless Controllers - CCNA Exam (200-301)
NetworkBruh
3.8K
NetworkBruh LiveLabs E115 - Planning and Configuring Multi-Area OSPF I - Boson NetSim
NetworkBruh
102
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.