Control And Provisioning of Wireless Access Points (CAPWAP) Protocol Specification, March Canonical URL: txt; File. RFC (part 1 of 6): Control And Provisioning of Wireless Access Points ( CAPWAP) Protocol Specification. Control and Provisioning of Wireless Access Points (CAPWAP) is a standard and interoperable RFC defines the actual CAPWAP protocol specifications.

Author: Kajijar Zulugrel
Country: South Sudan
Language: English (Spanish)
Genre: Video
Published (Last): 14 November 2009
Pages: 263
PDF File Size: 16.29 Mb
ePub File Size: 11.26 Mb
ISBN: 357-5-89366-337-8
Downloads: 72614
Price: Free* [*Free Regsitration Required]
Uploader: Kile

Overview of CAPWAP (Cisco Wireless LAN Controllers)

Because they are standalone devices, they also cause difficulties when managing a growing network of many devices, as firmware and configuration must be handled on an individual basis for each device. The wireless key exchange is handled in a fully encrypted fashion, by utilizing preshared keys PSKsor a security certificate model.

The firmware is used to program radio capabilities on the AP. The controller and AP will exchange 2 types of messages: Figure 2 shows the Local MAC mode, in which a station transmits a wireless frame that is encapsulated in an Those binding specifications for the IEEE CAPWAP only seeks to relay what a device is and is not capable of, in order to classify and provision the device into operation.

Meru has made no plans public for enabling support for a standards compliant method of AP-controller interaction. Both the AP and controller must be either loaded with PSKs or certificate files to enable encrypted communication. The physical or network entity that contains an RF antenna and wireless Physical Layer PHY to transmit and receive station traffic for wireless access networks.

Conventions Used in This Document Thin APs have their MAC layers implemented entirely on the controller, and use tunneling to a controller to have all of their frames processed for forwarding onto the back haul network.

Because the AP relies on the controller for its MAC layer, it is sensible to extend this to apply to firmware and configuration as well. The DTLS tunnel allows for different authentication styles, ranging from full stream encryption, to one way encryption, to anonymous authentication.

CAPWAP – Wikipedia

capqap During this initialization, as well as operation, periodic control messages must be exchanged between the AP and the controller, for management and statistical purposes. This paper is 515 as follows: From the Run state, an AP and controller may exchange new key material, by entering the Key Update state. The paper covers the current architecture of enterprise WLAN deployments, as well as proposed protocols that attempt to simplify their management and configuration, and allow inter-vendor compatibility of access points APs and controllers.

  AF IMT 2096 PDF

Thus, the entire process of deploying an AP can be implemented in a vendor neutral format, from finding an initial controller, to deploying firmware updates, to configuration and access point redirection. WTPs require a set of dynamic management and control functions related to their primary task of connecting the wireless and wired mediums. And finally, ensuring network security, both from 3rd party hardware, such as rogue access points being connected to the network, as well as preventing the loss of network secrets from the physical theft of access points is also critical.

A standard that ensures compatibility between vendors is necessary to prevent vendor lock-in. Some vendors have produced products that allow operation with multiple brands of AP, such as Aruba Network’s AirWave being able to provision and control Aruba, Cisco, and Meru access points.

The AP would only implement the These 3 MAC layer concepts will be discussed in greater detail in [Section 2. Network Working Group P.

Current Status and Overview of the CAPWAP Protocol

This document describes the base CAPWAP protocol, while separate binding extensions will enable its use with additional wireless technologies. SLAPP operates as rff framework to make a connection between two devices, and negotiate a protocol. Consult [RFC] for a full overview.

Acquiring – This state represents both devices connecting to each other, to begin encrypting their communications. Local MAC refers to the location of the The exception is 6. The implementation rfx in [Bernaschi09] is not ready for currently available APs. Otherwise it moves back to the Discovery state.

In this survey, a look at different proposed standards for enabling WLAN controllers to support multi-vendor APs, and how to solve the problems introduced by the AP-controller architecture, has been taken. The need for flexible wireless network infrastructure will become more pronounced as Capwzp become larger and more widespread. The CAPWAP protocol does not include specific wireless technologies; instead, it relies on a binding specification to extend the technology to a particular wireless technology.


This creates some inconveniences, however, in that both APs and controllers need to be preconfigured in order to associate with each other. Major vendors have also expressed doubt over the demand from customers for interoperable WLAN infrastructure.

Many vendors use this to their advantage, and create product differentiation by including features into their wireless products, such as firewall capability in their controller hardware. Finally configuration dapwap place, and the AP is set into active mode. Access points retrieve their configuration from the controller, and report their status back to the controller for management purposes.

The controller can then authenticate the AP, and negotiate its advertised capabilities, such as being The only difference is the protocol being used between the AP and the controller. It is important to realize 545 the definition of what a controller is is not clearly capqap. Communication between a controller and AP must be encrypted, as all data sent to and received by the AP will be tunneled over the local LAN to or from the controller.

However, this simplicity does not come at the expense of flexibility. A unified CAPWAP standard aims to be a protocol that could enable centralized wireless hardware utilize a simple, streamlined method of communicating between access points and controllers. If a timer expires while the AP is in the Acquiring phase before receiving a “client hello”, the AP goes back to Discovery mode.

However, the header does not warrant any particular attention, and as such, will not be covered by this paper. An overview of the architecture and protocols use in access point AP to controller communication in enterprise grade wireless networks. Decryption Error Report Period This lack of customer mobility leads to less innovative product offerings from the wireless vendors. A controller must respond with a Discovery Response.

Split and Local MAC medium access control. The publishers argue that an unencrypted data channel is not a security threat, because full IPsec is available. The AP sends the controller its current configuration, and the controller responds with an updated configuration.