A wireless bridge is a combination of 2 or more Layer 2 devices that connects two or more LANs together which are often in different buildings via wireless. Wireless bridges in some cases can provide higher data rates and superior throughput for applications if line of sight is available. High speed links between the wireless bridges deliver throughput that is many times faster than the E1/T1 lines for a fraction of the cost. In this way, wireless bridges eliminate the need for expensive leased lines and fiber-optic cables. You can use the wireless bridges to connect these networks.
The Native VLAN
This is probably the most confusing aspect when it comes to configuring Cisco wireless bridges. When you deploy VLAN’s with Cisco wireless equipment, you can experience unexpected behavior. The failure to limit allowed VLAN’s on the switch trunk to those defined on the wireless bridge can cause problems. The other consideration is the management VLAN itself. For example if you want to maintain your existing management VLAN you need make sure not to encapsulate it or in other make it the native VLAN on the trunk between the switch and wireless bridge.
If VLAN’s 1, 2, and 3 are defined on the switch, you must take care to encapsulate or tag them on the switch trunk along with defining them on the wireless bridges. You also want to make sure any unnecessary VLAN’s from the trunk. Misuse of the Infrastructure SSID can cause the wireless bridges not to associate. The following outlines where the Infrastructure SSID should be used. I’m going to be using two Cisco Air AP-1200-G AP’s in the following example.
- Work Group Bridges
- Repeater Access Points
- None Root Bridges
Lets start off by configuring SW1 as the STP Root and VTP Server for the domain ABC.
SW1#configure terminal SW1(config)#spanning-tree vlan 1-1005 priority 4096 SW1(config)#vtp mode server SW1(config)#vtp domain ABC SW1(config)#
Now lets create a couple of VLAN’s one for User data and the other for Voice.
SW1(config)#vlan 2 SW1(config-vlan)#name Data SW1(config-vlan)#vlan 3 SW1(config-vlan)#name Voice SW1(config)#end SW1#
Next lets move onto the trunking configuration on switch SW1.
SW1#configure terminal SW1(config)#interface Gi0/1/24 SW1(config-if)#description Trunk to WGB1 SW1(config-if)#switchport trunk allowed vlan 1,2,3 SW1(config-if)#switchport nonegotiate SW1(config-if)#mls trust dscp SW1(config-if)#speed 100 SW1(config-if)duplex full SW1(config-if)#end SW1#
Now lets get started with SSID configuration on the Root bridge.
AP#configure terminal AP#(config)#hostname WGB1 WGB1(config)#dot11 ssid VLAN1 WGB1(config-ssid)#vlan 1 WGB1(config-ssid)#authentication open WGB1(config-ssid)#exit WGB1(config)#dot11 ssid VLAN2 WGB1(config-ssid)#vlan 2 WGB1(config-ssid)#authentication open WGB1(config-ssid)#exit WGB1(config)#dot11 ssid VLAN3 WGB1(config-ssid)#vlan 3 WGB1(config-ssid)#authentication open WGB1(config-ssid)#exit WGB1(config)#
At this point we can associate the SSID’s we created above with the 802.11 Radio.
WGB1(config)#interface Dot11Radio0 WGB1(config-if)#ssid VLAN1 WGB1(config-if)#ssid VLAN2 WGB1(config-if)#ssid VLAN3 WGB1(config-if)#station-role root WGB1(config-if)#no shutdown WGB1(config-if)#exit WGB1(config)#
Now lets create the DOT11 subinterface Radio’s for VLAN’s 1, 2 and 3. I never get tired of this it’s so cool…!
WGB1(config)#interface Dot11Radio0.1 WGB1(config-subif)#encapsulation dot1q 1 native WGB1(config-subif)#bridge-group 1 WGB1(config-subif)#interface Dot11Radio.2 WGB1(config-subif)#encapsualation dot1q 2 WGB1(config-subif)#bridge-group 2 WGB1(config-subif)#interface Dot11Radio.3 WGB1(config-subif)#encapsulation dot1q 3 WGB1(config-subif)#bridge-group 3 WGB1(config-subif)#exit WGB1(config)#
Now lets create the 802.1q sub-interfaces for VLAN1, VLAN2, VLAN3, and associate their respective bridge groups.
WGB1#configure terminal WGB1(config)#interface fastethernet0.1 WGB1(config-subif)#description VLAN1 WGB1(config-subif)#encapsulation dot1q 1 native WGB1(config-subif)#interface fastethernet0.2 WGB1(config-subif)#description VLAN2 WGB1(config-subif)#encapsulation dot1q 2 WGB1(config-subif)#bridge-group 2 WGB1(config-subif)#interface fastethernet0.3 WGB1(config-subif)#description VLAN3 WGB1(config-subif)#encapsulation dotq 3 WGB1(config-subif)#bridge-group 3 WGB1(config-subif)#end WGB1#
Now lets move onto the other side of the Wireless Bridge and configure Switch SW2.
SW2#configure terminal SW2(config)#vtp mode client SW2(config)#vtp domain ABC SW2(config)#end SW2#
As we did with SW1 we need to do the same with SW2 with regards to 802.1q trunking.
SW2#configure terminal SW2(config)#interface Gi0/1/24 SW2(config-if)#description Trunk to WGB2 SW2(config-if)#switchport trunk allowed vlan 1,2,3 SW2(config-if)#switchport nonegotiate SW2(config-if)#mls trust dscp SW2(config-if)#speed 100 SW2(config-if)#duplex full SW2(config-if)#end SW2#
Now lets get started with second wireless bridge configuration. As I mentioned above we need to make sure we use the Infrastucture SSID on the none Root Bridge in this case WGB2.
AP#configure terminal AP#(config)#hostname WGB2 WGB2(config)#dot11 ssid VLAN1 WGB2(config-ssid)#authentication open WGB2(config-ssid)#infrastructure-ssid WGB2(config-ssid)#end WGB2(config)#dot11 ssid VLAN2 WGB2(config-ssid)#authentication open WGB2(config-ssid)#vlan 2 WGB2(config)#dot11 ssid VLAN3 WGB2(config-ssid)#vlan 3 WGB2(config-ssid)#authentication open WGB2(config-ssid)#end WGB2(config)#
At this point we can associate the SSID’s we created above with the 802.11 Radio.
WGB2#configure terminal WGB2(config)#interface Dot11Radio0 WGB2(config-if)#ssid VALN1 WGB2(config-if)#ssid VLAN2 WGB2(config-if)#ssid VLAN3 WGB2(config-if)#station-rool workgroup WGB2(config-if)#infrastructure-client WGB2(config-if)#no shutdown WGB2(config-if)#end WGB2(config)#
Now lets create the DOT11 subinterface on the WGB2’s radio for VLAN’s 1, 2 and 3.
WGB2(config)#interface Dot11Radio0.1 WGB2(config-subif)#encapsulation dot1q 1 native WGB2(config-subif)#bridge-group 1 WGB2(config-subif)#interface Dot11Radio.2 WGB2(config-subif)#encapsualation dot1q 2 WGB2(config-subif)#bridge-group 2 WGB2(config-subif)#interface Dot11Radio.3 WGB2(config-subif)#encapsulation dot1q 3 WGB2(config-subif)#bridge-group 3 WGB2(config-subif)#end WGB2(config)#
Lets create the same 802.1q sub-interface for VLAN1, VLAN2, VLAN3, and associate the bridge groups.
WGB2(config)#interface fastethernet0.1 WGB2(config-subif)#description VLAN1 WGB2(config-subif)#encapsulation dot1q 1 native WGB2(config-subif)#bridge-group 1 WGB2(config-subif)#interface fastethernet0.2 WGB2(config-subif)#description VLAN2 WGB2(config-subif)#encapsulation dot1q 2 WGB2(config-subif)#bridge-group 2 WGB2(config-subif)#interface fastethernet0.3 WGB2(config-subif)#description VLAN3 WGB2(config-subif)#encapsulation dotq 3 WGB2(config-subif)#bridge-group 3 WGB2(config-subif)#end WGB2#
As I mentioned above Something that’s often misunderstood when configuring a wireless bridge is use of native VLAN as the management VLAN. You’re not required to use VLAN1 as your management VLAN, and you shouldn’t..! The key to the management VLAN is making sure that it’s not encapsulated or tagged on the trunk between the switch, and the wireless bridge.
I hope you found this post on Bridging The Gap helpful. Be sure to let me know what you think by leaving suggestions, and feedback in the comments section below. You can find out more about these and other articles be checking out recent posts and archives. To learn more about myself be sure to check out the About page. And as always thanks again for visiting The Packet.
