WLAN Basic Configuration

WLAN Basic Configuration
1. Configuring AP Management
2. Configuring STA Management
3. Configuring CAPWAP
4. Configuring WBS
5. Configuring WBS-FWD
6. Configuring Ethernet Management
7. Configuring Data Plane
8. Configuring WLOG
9. Configuring Roaming
Configuration Guide
Configuring APMG
1. Configuring APMG
1.1 Overview
Tailored for the wireless network structures that support centralized management, AP Management (APMG)implements
centralized management and configuration of access points (APs).
A Wireless Local Area Network (WLAN) refers to a network system that allows different PCs to communicate and share
resources with each other by interconnecting different PCs through wireless communication technologies. The essence of
a WLAN is that PCs are interconnected with each other in wireless rather than wired mode, thus constructing a network and
allowing terminals to move more flexibly.
A traditional WLAN adopts the fat AP network structure in which APs work independently. On the traditional WLAN, each
AP must be separately configured and managed, which increases the complexity of network management and O&M
workload. In addition, problems, such as radio interference between APs and roaming of wireless users, cannot be
effectively resolved due to poor collaboration between APs. To address these issues, a wireless network structure that
supports centralized management emerges. This network structure consists of access controllers (ACs) and fit APs, and is
also called fit AP network structure. In this network structure, APs are connected to ACs through the Control and
Provisioning of Wireless Access Points (CAPWAP), and ACs perform centralized management on APs.
Protocols and
Standards

RFC5415: Control And Provisioning of Wireless Access Points (CAPWAP) Protocol Specification

RFC5416: Control and Provisioning of Wireless Access Points (CAPWAP) Protocol Binding for IEEE 802.11
1.2 Application
Application
Description
Fit AP Network Structure
This type of network consists of wired switches, ACs, and fit APs.
1.2.1 Fit AP Network Structure
Scenario
A fit AP network consists of wired switches, ACs, and fit APs. In the fit AP network structure, APs serve as the simple
wireless access points and do not have the management or control function. The AC manages all the APs in a centralized
manner, and pushes control policies to APs, and it is not necessary to configure APs one by one.As shown in Figure 1-1,
the AC is connected to multiple APs through the CAPWAP tunnels. Users only need to perform configuration management
on all the connected APs through the AC.
Configuration Guide
Configuring APMG
Figure 1-1 Simple fit AP network topology
Remark
AP1 and AP2 are AP devices in fit AP mode.
s
Deployment

Configure a meaningful name for each AP so that the AP can be configured based on the name.

Create a WLAN and configure WLAN-related properties.

Create an AP group and add APs to a specified AP group so that all the APs in this AP group can be configured in a
centralized manner through the AP group.

Deploy the WLAN on all the APs in the AP group through configuration of the AP group, after which the APs can
provide the WLAN access service for external entities and wireless terminals users can access the WLAN.
1.3 Features
Basic Concepts

AP
AP is an access point used by wireless terminals to access a wired network. It is equivalent to a bridge for communication
between wireless terminals and a wired network.

AC
AC is a wireless access controller. It is connected with APs through the wired network to manage and control APs in a
centralized manner.

AC cluster
AC cluster is also called AC redundancy. With this function, multiple ACs with different priorities are designated for an AP.
When the connection between the AP and a high-priority AC is interrupted, the AP is connected to a low-priority AC
Configuration Guide
Configuring APMG
(standby AC). When the connection with the high-priority AC is recovered, the AP disconnects the CAPWAP tunnel with the
low-priority AC, and sets up a CAPWAP tunnel with the high-priority AC again.
Overview
Feature
Description
Configuration of AC
Configure the license activation/deactivation key of an old version system.
Authorization Key
Configuration of AC
Configure parameters, such as the AC name and Trap message control.
Parameters
Configuration of AP
Configure parameters, such as the AP name, Telnet user name and password, and periodical
Parameters
statistics report interval.
Configuration of AP
Configure AP behaviors, including daily scheduled restart of an AP, restoration of AP factory
Behaviors
settings, and AP reset.
AP Group
Manage APs through the AP group to reduce the workload incurred by configuring APs one by one.
Management
AP Quantity Limit
Limit the maximum number of APs that can be connected to the AC.
AP Compliance
Implement the AP access control based on the bound MAC address.
Check
AP Access
Authenticate the AP access.
Authentication
AP Priority
Implement the AP access control based on the priority.
AC Cluster
Implement AC redundancy by using the AC cluster to reduce the AC single-point failure and
improve availability of the wireless network.
AC Hot Backup
Set up the hot standby connection to ensure that the AP can set up two CAPWAP tunnels.
WLAN Configuration
Configure a WLAN and deploy the WLAN on APs to provide network services for wireless users.
AP Backup
Configure the AP backup function to improve availability of the wireless network.
1.3.1 Configuration of AC Authorization Key
The AC authorization key is a license activation key of an earlier version system, and used to control the upper limit of APs
supported by an AC.
Working Principle
The license activation key is used to control the upper limit of APs supported by an AC. You can use a command to
configure or add a valid license. The input license must be valid, effective, and applicable to the local device. If the upper
limit of APs supported by the AC is reached, no new license can be configured or added. You can also inactivate a license
using the no set license activation-key command.
1.3.2 Configuration of AC Parameters
AC parameters include the AC name, Trap message control, and AC network access server (NAS) ID.
Working Principle
Configuration of AC parameters does not involve any working principle.
Configuration Guide
Configuring APMG
1.3.3 Configuration of AP Parameters
AP parameters include the AP name, Telnet user name and password, and periodical statistics report interval.
Working Principle
The AC configures AP parameters by pushing CAPWAP packets to an AP.
1.3.4 Configuration of AP Behaviors
AP behaviors include daily scheduled restart of an AP, restoration of AP factory settings, and AP reset.
Working Principle
Configuration of AP behaviors is implemented by pushing CAPWAP packets to an AP. The AP performs the related
behaviors based on the configuration pushed by the AC.
1.3.5 AP Group Management
The AC manages APs through the AP group. All the APs in an AP group can be configured through the AP group, which
reduces the configuration workload. Configurations of the AP group take effect on all the APs in the group. For the same
configuration, if both the AP-based configurations and the AP-group-based configurations exist, the AP-based
configurations prevail.
Working Principle
The system automatically creates a default AP group, which is named "default". By default, APs are added to the default
group. You can create AP groups and add APs to these groups to manage APs by group.
1.3.6 AP Quantity Limit
The maximum number of APs that can be connected to an AC is configured to limit the maximum AP load of the AC, thus
avoiding overload of the AC.
Working Principle
When the number of APs connected to the AC reaches the maximum number, no more APs can access the AC.
For the WALL-AP product series supplied by Ruijie Network, each device is treated as 0.5 devices when the
maximum number of APs that can be connected to an AC is calculated. That is, the maximum number of WALL-APs
that can be connected to an AC is twice the number of APs supported by the AC.
1.3.7 AP Compliance Check
The AP compliance check is also called AP access control based on the bound MAC address. If the AP compliance check
is enabled, only APs with some specified MAC addresses are allowed to access the AC. This prevents access of unwanted
APs and enhances security of the wireless network.
Working Principle
An AP is allowed to access the AC only when the AP configuration that is bound with the MAC address of this AP exists on
the AC; otherwise, access of the AP to the AC is denied. To prevent binding MAC addresses with a large number of AP
Configuration Guide
Configuring APMG
configurations, the MAC addresses of currently online APs are automatically bound when the AP compliance check is
enabled. In addition, MAC addresses can be bound with specified AP configurations.
1.3.8 AP Access Authentication
AP access authentication can be implemented based on the serial number, password, or certificate. With the AP access
authentication function, only authorized APs can access the AC.
Working Principle
When an AP sends an access request to the AC and uploads the authentication information, the AC verifies the
authentication information. Only the AP that is successfully authenticated can access the AC.
1.3.9 AP Priority
The AP priority function is an advanced version of the AP quantity limit function. With this function, when the current
number of APs connected to the AC reaches the upper limit, if a high-priority AP sends an access request, the AC
proactively forces a low-priority AP to go offline and allows the access of the high-priority AP.
Working Principle
When an AP sends an access request, the current number of APs connected to the AC reaches the upper limit, and the AP
priority function is enabled, the AC first compares the priorities. If the priority of an online AP is lower than the requesting AP,
the AC forces a low-priority AP to go offline and allows the access of the high-priority AP.
1.3.10 AC Cluster
On the one hand, the AC cluster function enhances reliability of the AC cluster. On the other hand, this function controls the
home AC of APs in stable conditions based on the priority to facilitate AP management.
Working Principle
See the CAPWAP protocol in RFC5415.
1.3.11 AC Hot Backup
The AC hot backup function is a dual-host hot standby function. It enables switchover of the CAPWAP tunnels between
ACs and APs within several milliseconds when an AC is unreachable or faulty, thus ensuring uninterrupted services for
associated STAs to the maximum extent.
Working Principle
Two tunnels are set up between an AP and two ACs, and one tunnel works in active mode, and the other works in standby
mode. The AC corresponding to the active tunnel serves as the active device that processes all services and transfers the
service status information to the standby device for backup purpose. The standby device does not process services, and
only backs up the service data. If the active AC is faulty, the standby AC takes over all services.
For details about AC hot standby, see "Configuring WLAN Hot Standby".
Configuration Guide
Configuring APMG
1.3.12 WLAN Configuration
Create and deploy a WLAN on an AP so that the AP can provide the WLAN access service for external entities.
Working Principle
The WLAN created on the AC is used for WLAN parameter configuration. The WLAN deployment information and
parameters are pushed through the packets defined in the CAPWAP protocol.
1.3.13 AP Backup
The AP backup function is used to back up radio signals transmitted by APs that are physically adjacent with each other,
have overlapped coverage, and transmit different radio signals. When an AP that transmits important radio signals is faulty,
one or more standby APs transmit radio signals of the faulty AP to replace the faulty AP, thus ensuring stability of radio
signals transmitted by devices supplied by Ruijie Networks. This function is generally used in special scenarios. For
example, in the zero roaming scenario of the medial industry, the AP4210 with a wide coverage is an important AP, and the
APD-M within the coverage of the AP4210serves as a standby AP of the AP4210.
Working Principle
An AP backup group is created on the AC. In this AP backup group, one AP is selected as the active AP, and other APs are
standby APs. When the active AP is faulty and goes offline, the WLAN configuration of the active AP is sent to all the
standby APs in the group so that the standby APs can transmit radio signals of the active AP.
1.4 Configuration
Configuration
Configuring the AC
Authorization Key
Description and Command
(Optional) To increase the number of APs supported by an AC, purchase and install a
new license.
set license
Configuring an AC Name
Configures the license activation key.
(Optional) A meaningful name can be configured for the AC to facilitate management.
ac-name
Configures the name of the local AC.
(Optional) It is used to enable sending of Trap messages. Network operation and
Configuring the Trap
maintenance (O&M) can be implemented based on the received Trap messages.
Message Control Function
acctrl-trap
Configures whether the AC sends specified Trap
messages.
(Optional) By default, the NAS ID is the MAC address of the AC in dotted decimal
Configuring the NAS ID of
notation.
an AC
nas-id
Creating an AP
Configuration
Configures the NAS ID of the AC in AC configuration
mode.
(Optional) It is used to create an AP configuration to configure a specified AP.
ap-config
Adds an AP configuration, or enter the AP configuration
Configuration Guide
Configuration
Configuring APMG
Description and Command
mode.
(Optional) In AP group configuration mode, this command takes effect on all the online
Creating an AP Group
APs in the AP group.
ap-group
Configuring the AP Group of
an AP
mode. By default, an AP belongs to the default group.
with an AP Configuration
and Password of an AP
Configures an AP name.
(Optional) It is used to bind an MAC address with an AP configuration so that the AP
configuration can take effect on the AP with the MAC address.
ap-mac
Configuring the User Name
Configures the AP group of an AP.
(Optional) A new name can be configured for an AP according to requirements.
ap-name
Binding an MAC Address
configuration mode.
(Optional) It is used to configure the AP group of a specified AP in AP configuration
ap-group
Configuring an AP Name
Adds an AP group configuration, or enters the AP group
Binds an MAC address with an AP configuration.
(Optional) It is used to modify the Telnet user name and password of an AP according
to requirements.
credential
Configures the user name and password of an AP.
Configuring the Interval at
(Optional) According to the standard, the AP reports statistics at the interval of 120s by
Which the AP Reports
default. The interval can be configured according to requirements.
Statistics
statistics-timer
Configures the interval at which the AP reports statistics.
Configuring the Daily
(Optional) The daily scheduled restart function can be configured for an AP to prevent
Scheduled Restart Time for
the AP from working for a long time.
an AP
Restoring Factory Settings
of a Specified AP
Resetting an AP
reload at
Configures the daily scheduled restart time for an AP.
(Optional) It is used to restore factory settings of an AP.
factory-reset
Restores factory settings of a specified AP.
(Optional) It is used to reset an AP.
reset
Resets an AP.
(Optional) The maximum number of APs connected to the AC can be configured
Configuring the AP Quantity
according to requirements to reduce the maximum load of the AC.
Limit
wtp-limit
Configures the maximum number of APs that can be
connected to the AC.
(Optional) The AP compliance check can be enabled to allow the access of only APs
Configuring the AP
with the bound MAC addresses, thus effectively controlling the access of APs.
Compliance Check
bind-ap-mac
Configuring AP Access
Enables or disables the AP compliance check in AC
configuration mode.
(Optional) AP access authentication can be configured so that only authorized APs
Configuration Guide
Configuration
Authentication
Configuring APMG
Description and Command
can access the AC, which enhances security of the wireless network.
ap-auth enable
ap-auth serial-update
ap-auth
Enables or disables the AP access authentication function
of the AC in AC configuration mode.
Updates authentication serial numbers for all online APs in
AC configuration mode.
Configures the access authentication information of an AP
in AP configuration mode.
(Optional) This command is available in both the AC and AP configuration modes.
ap-priority
Configuring the AP Priority
Enables or disables the AP access priority function of the
AC in AC configuration mode.
priority
Configures the failover priority of a specified AP in AP
configuration mode.
(Optional) It is used to configure the redundancy ACs of a specified AP or all APs in
AP configuration mode.
primary-base
Configures the primary AC of an AP.
Configuring the AC Cluster
secondary-base
Configures the secondary AC of an AP.
Function
tertiary-base
Configures the tertiary AC of an AP.
backup-controller-primary
Configures the fourth AC of an AP.
backup-controllersecondary
backup-controller-tertiary
Configures the fifth AC of an AP.
Configures the sixth AC of an AP.
(Optional) It is used to adjust the hot backup connection parameters.
Configuring the AC Hot
ap-group
Binds an AP group.
Backup Function
peer-ip
Configures the peer IP address.
peer-ipv6
Configures the peer IPv6 address.
peer-ipv6 enable
Enables the peer IPv6.
(Optional) It is used to configure the log information of a specified AP or all APs in AP
configuration mode.
Configuring the AP System
Log Information
Creating a WLAN
logging on
Enables or disables the function of displaying system logs.
logging server
Configures the address of the system logging server.
(Optional) A WLAN must be created before it can be deployed.
wlan-config
Creates a WLAN, or enters the WLAN configuration mode.
(Optional) It is used to configure the WLAN-VLAN mapping of a specified AP group
Deploying a WLAN
and deploy the WLAN on all the APs in the AP group.
interface-mapping
Enabling or Disabling WLAN
Configures the WLAN-VLAN mapping of a specified AP
group in AP group configuration mode.
(Optional) SSID broadcasting is disabled by default.
Configuration Guide
Configuration
SSID Broadcasting
Configuring APMG
Description and Command
enable-broad-ssid
Configuring the NAS ID of
WLAN Users
Enables or disables SSID broadcasting of a specified
WLAN in WLAN configuration mode.
(Optional) The NAS ID is a null string by default.
nas-id
Configures the NAS ID of a specified WLAN user.
(Optional) The AP mode can be switched between the fit AP mode and the fat AP
mode according to requirements.
Configuring the Fit or Fat AP
Mode
switch2fat
Switches the mode of a specified AP to the fat AP mode in
AC configuration mode on the AC device.
(Optional) It is used to configure the Address Resolution Protocol (ARP) proxy function
on the AP.
Configuring the ARP Proxy
Function
proxy-arp
Configures the IP address of the ARP proxy server.
proxy-arp enable
Enables the ARP proxy.
(Optional) A new SSID name can be configured for the WLAN according to
requirements.
Configuring the WLAN SSID
Name
Modifies the SSID name of the WLAN in WLAN
ssid
Configuring the AP Backup
Function
configuration mode.
(Optional) It is used to improve availability of the wireless network.
ap-backup group
Creates an AP backup group in AC configuration mode.
ap-backup-group
Binds an AP backup group.
1.4.1 Configuring the AC Authorization Key
Configuration Effect

Increase the number of APs supported by an AC.
Notes

A configured license takes effect permanently. That is, the license never expires. Once you configure the license, you
are authorized to use the function permanently.

The license takes effect as soon as it is configured on a device, and restart of the device is not necessary.

Multiple licenses can be configured on the same AC device. That is, the maximum number of APs supported by an AC
is equal to the sum of the AP quantities authorized by the licenses, but cannot exceed the capacity of the AC.

After being inactivated, the license cannot be installed on the device again. But you can apply for a new license for
another device using this license, the old SN, the deactivation key and a new SN.

After you inactivate a license, the number of APs allowed to be online reduces immediately. The APs that are already
online are not affected.

This command is used to import the activation key of the earlier-version license system. A new license is installed by
using the license file installation command. For details, see "Software Authorization Management."
Configuration Guide
Configuring APMG
Configuration Steps

Optional. To increase the number of APs supported by an AC, purchase and install a new license.

The license activation key is not installed by default.

You can run the set license activation-key command in global configuration mode to import the activation key of the
earlier-version license system.

You can run the no set license activation-key command in global configuration mode to inactivate an existing
activation key.
Command
set licenseactivation-key
Parameter
activation-key: indicates the license activation key to be configured. The format of the license key
Description
depends on the actual situations, for example, AAAA-BBBB-CCCC-DDDD-EEEE-FFFF-GGGG-HHHH.
Defaults
None
Command
Global configuration mode
Mode
Usage Guide
A license is applicable to only the device that you specify when applying for a license, and does not take
effect on other devices. The same license cannot be configured for multiple times on one device.
Command
no set license activation-key
Parameter
activation-key: indicates the license key to be inactivated. The format of the license key depends on the
Description
actual situations, for example, AAAA-BBBB-CCCC-DDDD-EEEE-FFFF-GGGG-HHHH.
Defaults
N/A
Command
Global configuration mode
Mode
Usage Guide
After being inactivated, the license cannot be installed on the device again. But you can apply for a new
license for another device using this license, the old SN, the deactivation key and a new SN.
Verification

Run the show license all-license command to check the license information and determine whether the
configuration is successful.

show license unbind-code command to check the inactivated license.
Configuration Example

Configuring the license activation key
Configuratio

Add a license.
n Steps
AC
Ruijie#config terminal
Ruijie(config)#set license4A3F-16AB-330C-B254-42C4-E18A-24F3-15CA
Verification
Run the show license all-license command to check the current license.
Configuration Guide
AC
Configuring APMG
Ruijie(config)#show license all-license
Searching license in the system...
There's no license installed in the system.
-------------------------------------------There are some old version licenses:
1. 4A3F-16AB-330C-B254-42C4-E18A-24F3-15CA 128

Inactivating a license
Configuration

Inactivate a license.
Steps
AC
Ruijie#config terminal
Ruijie(config)# no set license 4A3F-16AB-330C-B254-42C4-E18A-24F3-15CA
After unbinding, you can not install the corresponding license again. Are you sure to
continue[y/n]:y
The verification string is: xxxxxxxxxxxx
Verification
AC
Run the show license all-license command to check the inactivated license.
Ruijie(config)#show license unbind-code
LICENSE
UNBINDING-CODE
4A3F-16AB-330C-B254-42C4-E18A-24F3-15CA
xxxxxxxxxxxxxxxxxxxxxxxxxxx
Common Errors

None
1.4.2 Configuring an AC Name
Configuration Effect

Set the name of an AC to a specified string.
Notes

The AC name is a string of 1 to 63 characters, and cannot contain any space.
Configuration Steps

Optional. Run the ac-name ac-name command in AC configuration modeto configure a new name for an AC.

Run the ac-controller command to enter the AC configuration mode.

Run the ac-name command to configure an AC name in AC configuration mode on an AC device.
Configuration Guide
Configuring APMG
Command
ac-controller
Parameter
-
Description
Defaults
None
Command
Global configuration mode
Mode
Usage Guide
-
Command
ac-nameac-name
no ac-name
Defaults
The default AC name is Ruijie_Ac_Last six digits of MAC address. For example, if the MAC address of an
AC is 001a.a916.e7b8, the default name of this AC is Ruijie_Ac_16e7b8.
Parameter
ac-name: indicates the name of an AC. The name is a string of 1 to 63 characters, and cannot contain any
Description
space.
Command
AC configuration mode
Mode
Usage Guide
Different names can be configured for different ACs to facilitate management.
Verification

Run the show ac-config command to check the current AC name and determine whether the configuration is
successful.
Configuration Example

Configuring the name of an AC as "Ruijie-AC1"
Configuratio

Enter the AC configuration mode.
n Steps

Configure an ACname.

Use the no form of this command to restore the default AC name.
AC
Ruijie(config)#ac-controller
Ruijie(config-ac)#
Ruijie(config-ac)#ac-name Ruijie-AC1
Ruijie(config)#ac-controller
Ruijie(config-ac)#no ac-name
Verification
Run the show ac-config command to check the current AC name.
AC
Ruijie#show ac-config
ac_name
:Ruijie-AC1
Configuration Guide
Configuring APMG
Common Errors

None
1.4.3 Configuring the Trap Message Control Function
Configuration Effect

The AC sends the following types of Trap messages: CAPWAP tunnel up/down information, failures to add APs to the
AC,CAPWAP tunnel packet decryption failures, upgrade failures, time synchronization failures, and STA online/offline
information.

By default, all the preceding Trap messages are not sent. You can run the acctrl-trap command in AC configuration
mode to enable sending of specified Trap messages.
Notes

None
Configuration Steps

Optional. On the AC device, enter the AC configuration mode and run the acctrl-trap command to configure the Trap
message control function.
Command
acctrl-trap[ acap-updown-ctrl | acap-joinfail-ctrl | acap-decryeroreport-ctrl | acap-imageupdt-ctrl |
acap-timestamp-ctrl | acsta-oper-ctrl ]
Parameter
acap-updown-ctrl: Determines whether to send the Trap messages that contain the CAPWAP tunnel
Description
up/down information.
acap-joinfail-ctrl:Determines whether to send the Trap messages that contain information about failures
of adding APs to the AC.
acap-decryeroreport-ctrl: Determines whether to send the Trap messages that contain information
about CAPWAP tunnel packet decryption failures.
acap-imageupdt-ctrl: Determines whether to send the Trap messages that contain information about the
bin file upgrade failures of the AP.
acap-timestamp-ctrl: Determines whether to send the Trap messages that contain the time
synchronization information.
acsta-oper-ctrl: Determines whether to send the Trap messages that contain the STA online/offline
information.
Defaults
By default, all types of Trap messages are not sent. You can run the acctrl-trap command in AC
configuration mode to enable sending of these messages.
Command
AC configuration mode
Mode
Usage Guide
This command is used to control sending of Trap messages on the AC.
Verification

Run the show ac-config command to check the sending status of various types of Trap messages.
Configuration Guide
Configuring APMG
Configuration Example

Enabling the AC to send the Trap messages that contain information about failures to add APs to the AC
Configuratio

Enter the AC configuration mode.
n Steps

Enable the AC to send the Trap messages that contain information about failures to add APs to the
AC.

AC
Use the no form of this command to restore the default setting.
Ruijie(config)#ac-controller
Ruijie(config-ac)#acctrl-trap acap-joinfail-ctrl
Ruijie(config)#ac-controller
Ruijie(config-ac)#no acctrl-trap acap-joinfail-ctrl
Verification
Run the show ac-config command to check the sending status of various types of Trap messages.
AC
Ruijie#show ac-config
acctrl-trap acap-updown-ctrl
:Disable
acctrl-trap acap-joinfail-ctrl
:Enable
acctrl-trap acap-decryeroreport-ctrl
:Disable
acctrl-trap acap-imageupdt-ctrl
:Disable
acctrl-trap acap-timestamp-ctrl
:Disable
acctrl-trap acsta-oper-ctrl
:Disable
Common Errors

None
1.4.4 Configuring the NAS ID of an AC
Configuration Effect

On the WLAN, the NAS IDs identify different hot spot areas. By default, the NAS ID of an AC is the MAC address of
the AC in dotted decimal notation.
Notes

None
Configuration Steps

Optional.

On the AC device, enter the AC configuration mode and run the nas-id command to configure the NAS ID.
Command
nas-id ac-nas-id
no nas-id
Parameter
-
Configuration Guide
Configuring APMG
Description
Defaults
MAC address of the AC in dotted decimal notation
Command
AC configuration mode
Mode
Usage Guide
-
Verification

Run the show running command to check the AC configuration.
Configuration Example

Setting the NAS ID of the AC to 123456789
Configuratio

Enter the AC configuration mode.
n Steps

Configure the NAS ID.
AC
Ruijie(config)# ac-controller
Ruijie(config-ac)#nas-id123456789
Verification
Run the show running command to check the AC configuration.
AC
Ruijie#show running
!
ac-controller
nas-id 123456789
!
Common Errors

None
1.4.5 Creating an AP Configuration
Configuration Effect

Create an AP configuration with the specified name, and enter the AP configuration mode.

If the AP configuration corresponding to a name already exists, you can directly enter the AP configuration mode after
the command is executed.

The ap-name parameter indicates the name of the AP configuration. When an AP gets online, the AP name uploaded
by the AP is matched with the AP configuration name to determine the mapping relationship between the AP device
and AP configuration.
Notes

None
Configuration Steps

Optional.
Configuration Guide

Configuring APMG
On the AC device, enter the global configuration mode and run the ap-configap-name command to create an AP
configuration.
Command
ap-config ap-name
Parameter
ap-name: indicates the name of the AP configuration.
Description
Defaults
No AP configuration is created by default.
Command
Global configuration mode
Mode
Usage Guide
1. You can run the ap-config all command to enter the all AP configuration mode. Configurations made in
this mode take effect on all APs associated with the current AC. Configurations made in AP configuration
mode take precedence over configurations made in all AP configuration mode. If configurations
(non-default settings) exist in AP configuration mode (entered by running the ap-config ap-name
command), such configurations are preferentially used; otherwise, configurations made in all AP
configuration mode (entered by running the ap-config all command) are used.
2. You can run the no ap-config ap-name command to delete a specified AP configuration. If the AP
corresponding to this configuration is already online, the AP will be forced offline and then go online again
after the configuration is deleted.
3. You can run the no ap-config all command to delete configurations of all offline APs on the current
AC.
Verification

Run the show ap-config running ap-name command to check the configurations of the AP.
Configuration Example

Creating an AP configuration named "Ruijie_AP"
Configuratio

Create an AP configuration named "Ruijie_AP".
n Steps
AC
Ruijie(config)#ap-config Ruijie_AP
You are going to config AP(Ruijie_AP), which is not on line now.
Ruijie(config-ap)#
Verification
Run the show ap-config runningcommand to check the current configurations of the AP.
AC
Ruijie#show ap-config running Ruijie_AP
!
ap-config Ruijie_AP
!
Common Errors

None
Configuration Guide
Configuring APMG
1.4.6 Creating an AP Group
Configuration Effect

The AC manages APs through the AP group. All the APs in an AP group can be configured through the AP group,
which reduces the configuration workload. Configurations of the AP group take effect on all the APs in the group.
Notes

The default group is created automatically by the system, and cannot be deleted.

When an AP group is deleted, APs of this group are automatically moved to the default group.

Configurations made in different configuration modes take effect in the following sequence: ap-config
ap-name>ap-group>ap-config all.
Configuration Steps

Optional.

On the AC device, enter the global configuration mode, and run the ap-group ap-group-name command to create an
AP group.
Command
ap-group ap-group-name
no ap-group ap-group-name
Parameter
ap-group-name: indicates the name of an AP group.
Description
Defaults
An AP group named "default" is automatically created by default after the system is started. This group
can neither be created nor deleted.
Command
Global configuration mode
Mode
Usage Guide
When the no form of the command is used to delete an AP group, APs of this group are automatically
moved to the default group.
Verification

Run the show running command to check configurations of all AP groups.
Configuration Example

Creating an AP group named "APG-1"
Configuratio

In global configuration mode, run the ap-group command to create an AP group.
n Steps
AC
Ruijie(config)#ap-group APG-1
Ruijie(config-ap-group)#
Verification
Run the show running command to check whether the AP group named "APG-1" exists.
AC
Ruijie#show running
!
ap-group APG-1
Configuration Guide
Configuring APMG
!
Common Errors

None
1.4.7 Configuring the AP Group of an AP
Configuration Effect

An AP group must already exist if you want to add an AP to this group.

By default, APs belong to the default AP group, that is, the AP group named "default".

APs inherit all configurations of the AP group to which APs belong. If the same configuration exists in the specified AP
configurations (ap-configap-name), all AP configurations (ap-config all), and AP group configurations, the
configurations take effect in the following sequence: specified AP configurations > AP group configurations > all AP
configurations. Therefore, if the AP group of an AP changes, AP group configurations inherited by this AP change as
well.
Notes

None
Configuration Steps

Optional.

Run the ap-config command to create an AP group or enter the AP configuration mode.

On the AC device, enter the AP configuration mode and run the ap-group command to configure the AP group of an
AP.
Command
ap-configap-name
Parameter
ap-name: indicates the name of the AP configuration.
Description
Defaults
None
Command
Global configuration mode
Mode
Usage Guide
None
Command
ap-group ap-group-name
no ap-group
Parameter
ap-group-name: indicates the name of an AP group.
Description
Defaults
By default, APs are automatically added to the default group.
Command
AP configuration mode
Mode
Usage Guide
When an AP group is deleted, APs of this group are automatically moved to the default group.
Configuration Guide
Configuring APMG
Verification

Run the show ap-config running command to check the current configurations of the AP.
Configuration Example

Configuring the AP group to which Ruijie-AP1 belongs
Configuratio

Create an AP group named "apg-1".
n Steps

Enter the AP configuration mode.

Use the no form of this command to restore the default AP group, that is, the AP group named
"default".
AC
Ruijie(config)#ap-group apg1
Ruijie(config-ap-group)#
Ruijie(config)#ap-config Ruijie-AP1
Ruijie(config-ap)#
Ruijie(config-ap)#ap-group apg-1
Ruijie(config)#ap-config Ruijie-AP1
Ruijie(config-ac)#no ap-group
Verification
Run the show ap-config runningcommand to check the current configurations of the AP.
AC
Ruijie(config)#show ap-config running Ruijie-AP1
!
ap-config Ruijie-AP1
ap-group apg-1
!
Common Errors

None
1.4.8 Configuring an AP Name
Configuration Effect
Configure an AP name on the AC

If the AP is currently online, the configuration of the AP name takes effect immediately. In addition, the AP name in the
specified AP configuration mode (that is, the string next to ap-config) is immediately replaced by the new name.

If the AP is currently offline, the configuration of the AP name takes effect after the AP goes online, and the AP name
in the AP configuration mode is not replaced by the new name until the AP goes online.

After the AP name is configured, you can continue to configure this AP without exiting from the AP configuration
mode.

If the corresponding AP is online, the no form of the command is not supported.
Configuration Guide

Configuring APMG
If the corresponding AP is online, the no form of the command can be used to delete the AP name configuration that is
currently not effective.

If the new name is already in use, the configuration fails.
Configure an AP name on the AC.
Configure an AP name on the AP

If the CAPWAP connection is not set up, the AP name is configured directly.

If the CAPWAP connection is set up, the AP name is configured first. Then the CAPWAP tunnel will be torn down and
a connection will be set up again. If the AP name is already configured on the AC or configured offline, this AP name
prevails.
Notes

The AP name is a string of 1 to 63 characters, and cannot contain any space.

The AP name cannot be configured as "all" or "AP".

Avoid configuring the same AP name for different offline APs. If the same AP name is configured for different offline
APs, the new name takes effect on the AP that goes online first, and the APs that go online later still use the original
names.

Configuring the AP name on the AP only takes effect in fit AP mode.
Configuration Steps

Optional. You can run the ap-name ap-name command in AP configuration mode to configure an AP name. It is
recommended that a meaningful AP name be configured to facilitate management.

On the AC device, enter the AP configuration mode and run the ap-group command to configure an AP name.
Command
ap-name name
Parameter
name: indicates the name of an AP. The name cannot contain any space.
Description
Defaults
The AC uses the name uploaded by the AP as the AP name. In the factory settings, the MAC address is
often used as the name of an AP.
Command
AP configuration mode
Mode
Usage Guide
1. Do not configure the AP name as "all" or "AP".
2. After the command is executed, the command mode of an online AP is the AP command mode with the
new AP name, and you can continue to configure other properties of the AP without existing from the
command mode. The command mode of an offline AP remains unchanged.

On the AP device, enter the global configuration mode and run the ap-name command to configure an AP name.
Command
ap-name name
Parameter
name: indicates the name of an AP. The name cannot contain any space.
Description
Defaults
The default name is AP.
Configuration Guide
Command
Configuring APMG
Global configuration mode
Mode
Usage Guide
1. Do not configure the AP name as "all".
2. After this command is executed, the CAPWAP tunnel will be set up again.
Verification

Run the show ap-config running command to check the current configurations of the AP.

Run the show ap-config summary command to check whether the name of the online AP is the new name.

Run the show running-config command to check the AP configuration.
Configuration Example

Changing the name of an online AP from "Ruijie-AC1" to "Ruijie-AC2"
Configuratio

Enter the AP configuration mode.
n Steps

Configure the name of an AP.
AC
Ruijie(config)#ap-config Ruijie-AC1
Ruijie(config-ap)#ap-name Ruijie-AC2
Verification
AC

Run the show ap-config running command to check the current configurations of the AP.

Run the show ap-config summary command to query the current name of the online AP.
Ruijie#show ap-config running
!
ap-config Ruijie-AC2
!
Ruijie#show ap-config summary
========= show ap status =========
Radio: Radio ID or Band: 2.4G = 1#, 5G = 2#
E = enabled, D = disabled, N = Not exist
Current Sta number/Max Sta number supported
Channel: * = Global
Power Level = Percent
Online AP number: 0
Offline AP number: 1
AP Name
Radio 2
IP Address
Up/Off time
State
Mac Address
Radio 1
Configuration Guide
Configuring APMG
---------------------------------------- --------------- -------------- ------------------------------------- ------------- ----ap1
-/-

10.0.20.15
-
-
00d0.f822.33b0 N
-/-
0:00:16:03 Quit
Changing the name of an offline AP from "Ruijie-AC1" to "Ruijie-AC2"
Configuratio

Enter the AP configuration mode.
n Steps

Configure the name of an AP.
AC
Ruijie(config)#ap-config Ruijie-AC1
Ruijie(config-ap)#ap-name Ruijie-AC2
Verification
Run the show ap-config running command to check the current configurations of the AP.
AC
Ruijie#show ap-config running
!
ap-config Ruijie-AC1
ap-name Ruijie-AC2
!

Deleting the name configuration of an offline AP Ruijie-AC1
Configuratio

Enter the AP configuration mode.
n Steps

Delete the name configuration of an offline AP Ruijie-AC1.
AC
Ruijie(config)#ap-config Ruijie-AC1
Ruijie(config-ap)#no ap-name
Verification
Run the show ap-config running command to check the current configurations of the AP.
AC
Ruijie#show ap-config running
!
ap-config Ruijie-AC1
!

Configuring the name of an AP as Ruijie-AP1.
Configuratio

Enter the global configuration mode.
n Steps

Configure the AP name.
AP
Ruijie(config)#ap-name Ruijie-AP1
Verification
Run the show ap-config running command to check the current configurations of the AP.
AP
Ruijie#show running-config
Building configuration...
-
- N
Configuration Guide
Configuring APMG
Current configuration: 1592 bytes
version 11.1(5)B0
privilege exec all level 1 debug
privilege exec all level 1 show
privilege exec all level 1 terminal
privilege exec all level 1 undebug
ap-name Ruijie-AP1
fair-schedule
!
Common Errors

None
1.4.9 Binding an MAC Address with an AP Configuration
Configuration Effect

In AP configuration mode, run the ap-mac command to bind an MAC address with an AP configuration so that the AP
configuration takes effect only on the AP with the MAC address.

Generally, when an AP goes online, it determines the configuration to be used based on the mapping between the AP
name and the AP configuration name. MAC address binding is a stronger binding relationship than name mapping,
and takes precedence over name mapping. Therefore, when an AP goes online, the AP uses the configuration so far
as the MAC address bound with the AP configuration is the same as the MAC address of the AP.

If no MAC address is bound with an AP configuration, the MAC address is automatically bound when the
corresponding AP goes online. This bounding relationship still takes effect when the AP goes offline. That is, the
binding configuration will be automatically generated when the AP goes online.

MAC address binding is also used for the AC access control function configured by using the bind-ap-mac command.
For details, see the configuration description of this command.

You can bind a specified MAC address only with the configuration of an offline AP.

In the hot standby environment, you can ensure consistency of configurations between two ACs by binding the MAC
addresses with AP configurations.
Notes

You can bind a specified MAC address only with the configuration of an offline AP.
Configuration Steps

Optional.

On the AC device, enter the AP configuration mode and run the ap-mac command to bind an MAC Address with an
AP configuration.
Command
ap-mac ap-mac-address
no ap-mac
Configuration Guide
Parameter
Configuring APMG
ap-mac-address: indicates the MAC address that is bound.
Description
Defaults
No AP configuration is bound with the MAC address by default. You can bind the MAC address of an AP
with the AP configuration to forcibly apply this AP configuration on the AP with the MAC address.
Command
AP configuration mode
Mode
Usage Guide

The ap-mac ap-mac-address command is applicable to configurations of offline APs. You can use
this command to specify the MAC address of an offline AP so that the AP configuration can be
located directly based on the MAC address after the AP goes online.

The no ap-mac command is applicable to all AP configurations.
Verification

Run the show ap-config running command to check the MAC address binding of the current AP.
Configuration Example

Binding the offline AP Ruijie-AP1 with the MAC address 001a.a979.1234
Configuratio

Enter the AP configuration mode.
n Steps

The no form of the command is used to delete the MAC address binding.
AC
Ruijie(config)#ap-config Ruijie-AP1
Ruijie(config-ap)#ap-mac 001a.a979.1234
Ruijie(config)#ap-config Ruijie-AP1
Ruijie(config-ac)#no ap-mac
Verification
Run the show ap-config running command to check the current configurations of the AP.
AC
Ruijie(config)#show ap-config running Ruijie-AP1
!
ap-config Ruijie-AP1
ap-mac 001a.a979.1234
!
Common Errors

None
1.4.10 Configuring the User Name and Password of an AP
Configuration Effect

Authorized users may directly login to an AP and modify the AP configuration through Telnet, which affects normal
running of theWLAN. To prevent this problem, you can configure the Telnet user name and password of a specified
AP.
Configuration Guide

Configuring APMG
The credential command can be used in ap-config ap-name, ap-group, or ap-config all configuration mode.
Configurations made by using the credential command take effect in the following sequence: ap-config
ap-name>ap-group>ap-config all.
Notes

None
Configuration Steps

Optional: You can run the credential user-name password command to configure a new Telnet user name and
password in AP configuration mode to enhance security.

On the AC device, enter the AP or AP group configuration mode and run the credential command for configuration.
Command
credential user-name password
nocredential
Parameter
user-name: indicates the user name. A user name cannot contain any space.
Description
password: indicates the password. A password cannot contain any space.
Defaults
The AC device uses factory settings of the Telnet user name and password of an AP. You can modify the
Telnet user name and password of an AP according to requirements to facilitate management.
Command
AP configuration mode or AP group configuration mode
Mode
Usage Guide
-
Verification

Run the show ap-config running or show running command to check the configurations.
Configuration Example

Configuring the user name and password of Ruijie-AP1
Configuratio

Configure the user name and password of Ruijie-AP1.
n Steps

Use the no form of the command to delete the configuration of the user name and password of the
AP. (After the deletion, the default user name and password are restored on the AP.)
AC
Ruijie(config)#ap-config Ruijie-AP1
Ruijie(config-ap)#credential user pass
Ruijie(config)#ap-config Ruijie-AP1
Ruijie(config-ac)#no credential
Verification
Run the show ap-config runningcommand to check the current configurations of the AP.
AC
Ruijie(config)#show ap-config running Ruijie-AP1
!
ap-config Ruijie-AP1
credential user pass
Configuration Guide
Configuring APMG
!
Common Errors

None
1.4.11 Configuring the Interval at Which the AP Reports Statistics
Configuration Effect

Run the statistics-timer command to configure the interval at which the AP reports statistics.
Notes

None
Configuration Steps

Optional. You can adjust the interval based on the statistics accuracy requirement and loads on the AC and AP.

On the AC device, enter the AP or AP group configuration mode and run the statistics-timer command for
configuration.
Command
statistics-timer timer-interval
nostatistics-timer
Parameter
timer-interval: indicates the interval that the AP reports statistics. The unit is second.
Description
Defaults
120s
Command
AP configuration mode or AP group configuration mode
Mode
Usage Guide
-
Verification

Run the show ap-config running command to check the configurations.
Configuration Example

Setting the interval at which Ruijie-AP1 reports statistics to 300s
Configuratio

Set the interval at which Ruijie-AP1 reports statistics to 300s.
n Steps

Use the no form of the command to restore the default interval at which Ruijie-AP1 reports
statistics.
AC
Ruijie(config)#ap-config Ruijie-AP1
Ruijie(config-ap)#statistics-timer 300
Ruijie(config)#ap-config Ruijie-AP1
Ruijie(config-ac)#no statistics-timer
Verification
Run the show ap-config running command to check the current configurations of the AP.
AC
Ruijie(config)#show ap-config running Ruijie-AP1
Configuration Guide
Configuring APMG
!
ap-config Ruijie-AP1
statistics-timer 300
!
Common Errors

None
1.4.12 Configuring the AP System Log Information
Configuration Effect

Control displaying of the AP system logs, and set the IP address of the server that records the AP system logs.
Notes

None
Configuration Steps

Optional.

Run the logging on command to display system logs of a specified AP.

Run the logging server ip-address [udp-port num] command to configure the IP address of the system log server of
a specified AP.
Command
loggingon
no loggingon
Parameter
-
Description
Defaults
The system logs are displayed by default.
Command
AP configuration mode or all AP configuration mode
Mode
Usage Guide
-
Command
logging server ip-address[udp-port num]
no logging server ip-address
Parameter
ip-address: indicates the IP address of the host that receives the log information.
Description
num: indicates the ID of the port on the host that receives the log information. This parameter is optional.
Defaults
None
Command
AP configuration mode or all AP configuration mode
Mode
Usage Guide
You can configure at most five log server addresses. The log information will be sent simultaneously to all
the configured log servers.
Configuration Guide
Configuring APMG
Verification

Run the show ap-config running command to check the configurations.
Configuration Example

Disablingthe function of displaying system logs on Ruijie-AP1
Configuratio

Enter the AP configuration mode.
n Steps

Disable the function of displaying system logs.
AC
Ruijie(config)#ap-config Ruijie-AP1
Ruijie(config-ap)#no logging on
Verification
Run the show ap-config running command to check the current configurations of the AP.
AC
Ruijie(config)#show ap-config running Ruijie-AP1
!
ap-config Ruijie-AP1
no logging on
!

Configuring the log server address of Ruijie-AP1
Configuratio

Enter the AP configuration mode.
n Steps

Set the log server address to 1.1.1.1.
AC
Ruijie(config)#ap-config Ruijie-AP1
Ruijie(config-ap)#logging server 1.1.1.1
Verification
Run the show ap-config running command to check the current configurations of the AP.
AC
Ruijie(config)#show ap-config running Ruijie-AP1
!
ap-config Ruijie-AP1
logging server 1.1.1.1
!
Common Errors

None
1.4.13 Configuring the Daily Scheduled Restart Time for an AP
Configuration Effect

If APs work too long, the load may be too heavy, affecting the network access quality of users. To prevent this
problem, you can configure the daily scheduled restart time for an AP so that the network access quality of users can
be ensured every day.
Configuration Guide
Configuring APMG
Notes

None
Configuration Steps

Optional. You can enable the daily scheduled restart function based on the AP load.

Configure the daily scheduled restart time to prevent APs from working for a long time, enhancing availability of the
network.
Command
reload attime
no reload at
Parameter
time: indicates the time when the AP is restarted every day. The time is expressed in the format of
Description
hh:mm:ss.
Defaults
The daily scheduled restart function of an AP is disabled by default.
Command
AP configuration mode
Mode
Usage Guide
-
Verification

Run the show ap-config running command to check the configurations.
Configuration Example

Enabling Ruijie-AP1 to restart at 1:00:00 every day
Configuratio

Enable Ruijie-AP1 to restart at 1:00:00 every day.
n Steps

Use the no form of the command to cancel the scheduled restart configuration.
AC
Ruijie(config)#ap-config Ruijie-AP1
Ruijie(config-ap)#reload at 1:00:00
Ruijie(config)#ap-config Ruijie-AP1
Ruijie(config-ac)#no reload at
Verification
Run the show ap-config running command to check the current configurations of the AP.
AC
Ruijie(config)#show ap-config running Ruijie-AP1
!
ap-config Ruijie-AP1
reload at 1:00:00
!
Common Errors

None
Configuration Guide
Configuring APMG
1.4.14 Restoring Factory Settings of a Specified AP
Configuration Effect

Restore factory settings of a specified AP.

The configuration takes effect only on an online AP.
Notes

This operation will cause offline and reset of the AP.
Configuration Steps

Optional. You can restore factory settings of a specified AP according to requirements.

Restoring AP factory settings is an instant behavior of an AP. This command can restore factory settings of the AP
and will trigger reset of the AP.
Command
factory-resetap-name
Parameter
ap-name: indicates the name of an AP.
Description
Defaults
-
Command
AC configuration mode
Mode
Usage Guide
This operation will cause reset of the AP.
Verification

After this command is executed for an online AP, this AP will go offline. After the AP goes online again, run the show
ap-config running command to check whether factory settings of the AP are restored.
Configuration Example

Restoring factory settings of the online AP Ruijie-AP1
Configuratio

Enter the AC configuration mode.
n Steps

Restore factory settings of the online AP Ruijie-AP1.
AC
Ruijie(config)#ac-controller
Ruijie(config-ac)#factory-reset Ruijie-AP1
Verification
After this command is executed for an online AP, this AP will go offline. After the AP goes online again,
run the show ap-config running command to check whether factory settings (null settings) of the AP are
restored.
Common Errors

None
Configuration Guide
Configuring APMG
1.4.15 Resetting an AP
Configuration Effect

Reset an online AP.

Reset all online APs.
Notes

None
Configuration Steps

Optional. You can reset one or more APs according to requirements.

If you configure AP reset on the AC, the corresponding AP will reset. You can configure reset of a specified AP or all
online APs.
Command
reset{ all |single ap-name}
Parameter
all: indicates that all online APs are reset.
Description
single ap-name: indicates that a specified AP is reset.
Defaults
-
Command
AC configuration mode
Mode
Usage Guide
-
Verification

After the configuration is completed, you can view the syslog record on the AC, indicating that the corresponding AP
goes offline, and the AP will be reset.
Configuration Example

Resetting Ruijie-AP1
Configuratio

Enter the AC configuration mode.
n Steps

Reset Ruijie-AP1.
AC
Ruijie(config)#ac-controller
Ruijie(config-ac)#
Ruijie(config-ac)#reset Ruijie-AP1
Verification
Check whether Ruijie-AP1 is reset, and whether the following syslog record indicating the offline event of
the AP can be viewed on the AC.
AC
%APMG-6-RX_CTRL_MSG: AP(AP_20#3F_S:001a.a912.3456) leave AC.
Common Errors

None
Configuration Guide
Configuring APMG
1.4.16 Configuring the AP Quantity Limit
Configuration Effect

The number of online APs connected to the AP does not exceed the configured maximum number of APs supported
by the AC.
Notes

The weight of an AP varies according to the AP model. For example, the weight of one WALL-AP is 0.5 and two
WALL-APs are treated as one AP. When APs are connected to an AC, the weighted number of APs is calculated
based on the weight. This command and the license control the weighted number of APs, instead of the actual
number of APs.
Configuration Steps

Optional. You can configure the AP quantity limit within the capacity range according to requirements.
Command
wtp-limit max-num
Parameter
max-num: indicates the maximum number of APs that can be connected to an AC.
Description
Defaults
By default, this number is equal to the number of APs supported by an AC.
Command
AC configuration mode
Mode
Usage Guide
This command is used to configure the maximum number of APs connected to an AC. This number
cannot exceed the maximum number of APs supported by the AC or the maximum number of APs
allowed by the license.
Verification

Run the show ac-config command to check the current AC name and determine whether the configuration is
successful.
Configuration Example

Setting the maximum number of APs connected to the AC to 512
Configuratio

Enter the AC configuration mode.
n Steps

Set the maximum number of APs connected to the AC to 512.

Use the no form of this command to restore the default setting.
AC
Ruijie(config)#ac-controller
Ruijie(config-ac)#wtp-limit 512
Ruijie(config)#ac-controller
Ruijie(config-ac)#no wtp-limit
Verification
Run the show ac-config command to check the configured maximum number of APs that can be
connected to the AC.
AC
Ruijie#show ac-config
Configuration Guide
Configuring APMG
…
max_wtp
:512
…
Common Errors

None
1.4.17 Configuring the AP Compliance Check
Configuration Effect

The AP compliance check is also called AP access control based on the bound MAC address, or bind-ap-mac
function. If AP compliance check is enabled, only APs that have offline configurations bound with their MAC
addresses are allowed to associate with the AC.
Notes

None
Configuration Steps

Optional. You can enable the AP compliance check to allow only APs with specified MAC address to go online, thus
implementing strict control on access of APs.

When the AP compliance check is enabled, all online APs are automatically bound with MAC addresses. Therefore, it
is recommended that this function be disabled during network deployment, and enabled after all APs within the plan
go online.

When the bind-ap-mac function is enabled, MAC addresses automatically bound with all online APs are converted to
the formal MAC address binding, which is not automatically deleted when APs go offline.

On the AC device, you can run the ap-mac X.Y.Z command in AP configuration mode to configure the MAC address
binding of an individual AP configuration.
Command
bind-ap-mac
no bind-ap-mac
Parameter
-
Description
Defaults
The AP compliance check is disabled by default.
Command
AC configuration mode
Mode
Usage Guide
This command is used to enable the AP compliance check.
Command
ap-mac ap-mac-address
no ap-mac
Parameter
ap-mac-address: indicates the MAC address that is bound.
Description
Defaults
-
Configuration Guide
Command
Configuring APMG
AP configuration mode
Mode
Usage Guide
The ap-macap-mac-address command is applicable to offline APs. You can use this command to specify
the MAC address of an offline AP so that the AP configuration can be located directly based on the MAC
address after the AP goes online.
Verification

Run the show running command to check whether the bind-ap-mac function is enabled.

Run the show ap-config running command to check the MAC address binding information of AP configurations.
Configuration Example

Enabling the bind-ap-mac function on an AC
Configuratio

After all authorized APs go online, enter the AC configuration mode and run the bind-ap-mac
command to enable the bind-ap-mac function.
n Steps
AC
Ruijie(config)#ac-controller
Ruijie(config-ac)#bind-ap-mac
Verification
Run the show running command to check whether the bind-ap-mac function is enabled.
AC
Ruijie#show running
!
ac-controller
bind-ap-mac
!
Common Errors

None
1.4.18 Configuring AP Access Authentication
Configuration Effect

AP access authentication can be implemented based on the serial number, password, or certificate.
Notes

If you run the ap-auth { serial | password | certificate } enable command in AC configuration mode to enable the
access authentication function, but do not run the ap-auth { serial serial-string |password password |ac-cert
ac-cert-name |ap-cert ap-cert-name } command in AP configuration mode to configure related authentication
parameters, AP access authentication will fail and the AP cannot go online.
Configuration Steps

Optional.

Run the ap-auth serial-update command to update the authentication serial numbers for all online APs.
Configuration Guide
Configuring APMG

Run the ap-auth enable command in AC configuration mode to enable a specified type of AP access authentication.

Run the ap-auth { serial serial-string|password password |ac-cert ac-cert-name |ap-cert ap-cert-name } command
to configure the related AP access authentication parameters.
Command
ap-auth serial-update
Parameter
-
Description
Defaults
This function is disabled by default.
Command
AC configuration mode
Mode
Usage Guide
All online APs use the current AP serial numbers for authentication.
Command
ap-auth {serial |password |certificate} enable
Parameter
serial: indicates the authentication function based on the AP access serial number.
Description
password: indicates the authentication function based on the AP access password.
certificate: indicates the authentication function based on the AP certificate.
Defaults
The authentication function is disabled by default.
Command
AC configuration mode
Mode
Usage Guide
-
Command
ap-auth{serial serial-string|password password |ac-cert ac-cert-name|ap-cert ap-cert-name}
Parameter
serial-string: indicates the AP access serial number.
Description
password: indicates the AP access password.
ac-cert-name: indicates the AC certificate file name.
ap-cert-name: indicates the AP certificate file name.
Defaults
This function is disabled by default.
Command
AP configuration mode
Mode
Usage Guide
The AP access authentication configurations take effect only when the AP makes an access attempt. If
the AP is already online, the configurations take effect next time when the AP goes online.
The ap-auth serial command cannot be used in all AP configuration mode because the serial number
varies according to the AP.
The certificate file issued by the ap-auth ap-cert command will be stored as cert.crt on the AP, and the
file name cannot be changed.
Verification

Run the show ap-config running command to check whether the configuration is successful.
Configuration Example

Configuring the AP access authentication function based on the serial number
Configuratio

After all authorized APs go online, update the authentication serial numbers for all online APs.
Configuration Guide
n Steps
AC
Configuring APMG

Enable the AP access authentication function based on the serial number.

Configure the authentication serial number of a specified AP.
Ruijie(config)#ac-controller
Ruijie(config-ac)#ap-auth serial-update
Ruijie(config)#ac-controller
Ruijie(config-ac)#ap-auth serial enable
Ruijie(config)#ap-config Ruijie-AP1
Ruijie(config-ap)#ap-auth serial G1GD10U000456
Verification
Run the show running or show ap-config running command to check the AP access authentication
configurations.
AC
Ruijie(config)#show run
!
ac-controller
ap-auth serial enable
!
Ruijie(config)#show ap-config running Ruijie-AP1
!
ap-config Ruijie-AP1
ap-auth serial G1GD10U000456
!

Updating the access authentication certificate of an AP
Configuratio

Update the access authentication certificate of an AP.
n Steps
AC
Ruijie(config)#ap-config Ruijie-AP1
Ruijie(config-ap)#ap-auth ap-cret ap1_cret.crt
Verification
Run the show ap-config running command to check the name of the current AC. If the corresponding
AP is online, the ap1_cret.crt file is updated to the AP instantly; otherwise, the file is updated to the AP
after the AP goes online.
AC
Ruijie(config)#show ap-config running Ruijie-AP1
!
ap-config Ruijie-AP1
ap-auth ap-cret ap1_cret.crt
!
Configuration Guide
Configuring APMG
Common Errors

None
1.4.19 Configuring the AP Priority
Configuration Effect

By default, the AC allows the access of APs based on the sequence of AP association requests received by the AC.
You can set the failover priorities of APs and enable the AC to support the failover priorities of APs so that the AC can
allow the access of APs based on the AP priorities. The AP priority ranges from 1 to 4, where 1 is the lowest priority.
Notes

None
Configuration Steps

Optional. You can enable the AP priority function according to requirements and configure the priority of a specified
AP.

On the AC device, enter the AC configuration mode and run the ap-priority { enable | disable } command to enable
or disable the AP priority function.

On the AC device, enter the AP configuration mode and run the priority priority-value command to configure the
priority of a specified AP.
Command
ap-priority { enable | disable}
Parameter
enable: enables the AP to support the failover priority.
Description
disable: disables the AP to support the failover priority.
Defaults
Disable
Command
AC configuration mode
Mode
Usage Guide
-
Command
priority priority-value
Parameter
priority-value: indicates the AP priority. The value ranges from 1 to 4, where 1 is the lowest priority.
Description
Defaults
The default priority of an AP is 1. The priority can be set to a value from 1 to 4, where 1 is the lowest
priority and 4 is the highest priority. You can run the priority command in AP configuration mode to
configure the AP priority.
Command
AP configuration mode
Mode
Usage Guide
-
Verification

Run the show running or show ap-config running command to check the configurations.
Configuration Guide
Configuring APMG
Configuration Example

Setting the priority of Ruijie-AP1 to 2 and enabling the AP priority function
Configuratio

Enter the AP configuration mode.
n Steps

Configure the AP priority.

Enter the AC configuration mode.

Enable the AP priority function.
AC
Ruijie(config)#ap-config Ruijie-AP1
Ruijie(config-ap)#priority 2
Ruijie(config)#ac-controller
Ruijie(config-ac)#ap-priority enable
Verification
Run the show running command to check whether the ap-priority enable command is configured in AC
configuration mode.
Run the show ap-config running command to check the AP configurations.
AC
Ruijie(config)#show running
!
ac-controller
ap-priority enable
!
Ruijie#show ap-config running
!
ap-config Ruijie-AP1
priority 2
!
Common Errors

None
1.4.20 Configuring the AC Cluster Function
Configuration Effect

AC cluster is also called AC redundancy. With this function, multiple ACs with different priorities are designated for an
AP. When the connection between the AP and a high-priority AC is interrupted, the AP is connected to a low-priority
AC (standby AC). When the connection with the high-priority AC is recovered, the AP disconnects the CAPWAP
tunnel with the low-priority AC, and sets up a CAPWAP tunnel with the high-priority AC again.

On the one hand, the AC cluster function enhances reliability of the AC cluster. On the other hand, this function
controls the home AC of APs in stable conditions based on the priority to facilitate AP management.
Configuration Guide
Configuring APMG
Notes

For a specified AP, the same priority must be configured for this AP on each AC that belongs to the cluster. For
example, on AC1, AC2 is configured as the primary AC for AP1, and AC1 is configured as the secondary AC for AP1.
On AC2, AC1 is configured as the primary AC for AP1, and AC2 is configured as the secondary AC for AP1. That is,
on both AC1 and AC2, the peer AC is configured as the high-priority AC for AP1. In this way, an endless loop is
formed because the AP keeps switching between tunnels with two ACs.

The redundancy AC configuration supports both the ap-config ap-name and ap-config all configuration modes. The
redundancy AC configuration made in ap-config ap-name configuration mode takes precedence over that made in
ap-config all configuration mode.

Except the primary-base command, commands of other priorities do not support switchback to prevent network
interruption caused by the switchback. The administrator can re-configure the priorities for a manual switchover, or
configure the switch-back parameter for an automatic switchback.
Configuration Steps

Optional. The redundancy AC configuration does not exist on an AP by default. You can configure redundancy ACs
with different priorities for an AP based on the number of ACs deployed on the wireless network.

Run the primary-base ac-name { ip-address | ipv6-address } command to configure the primary AC for a specified
AP.

Run the secondary-base ac-name { ip-address | ipv6-address } [ switch-back ] command to configure the secondary
AC for a specified AP.

Run the tertiary-baseac-name { ip-address | ipv6-address } [ switch-back ] command to configure the tertiary AC for
a specified AP.

Run the backup-controller-primaryac-name { ip-address | ipv6-address } [ switch-back ] command to configure the
fourthAC for a specified AP.

Run the backup-controller-secondaryac-name { ip-address | ipv6-address } [ switch-back ] command to configure
the fifthAC for a specified AP.

Run the backup-controller-tertiaryac-name { ip-address | ipv6-address } [ switch-back ] command to configure the
sixthAC for a specified AP.
Command
primary-baseac-name { ip-address | ipv6-address }
no primary-base
Parameter
ac-name: indicates the name of the AC to be configured.
Description
ip-address: indicates the IP address of the primary AC. The format is A.B.C.D.
ipv6-address: indicates the IPv6 address of the primary AC. The format is X;Y::Z.
Defaults
-
Command
AP configuration mode (supporting the ap-config all configuration mode)
Mode
Usage Guide
-
Command
secondary-baseac-name {ip-address | ipv6-address }[ switch-back]
no secondary-base
Configuration Guide
Parameter
ac-name: indicates the name of the AC to be configured.
Description
ip-address: indicates the IP address of the AC. The format is A.B.C.D.
ipv6-address: indicates the IPv6 address of the AC. The format is X;Y::Z.
switch-back: indicates the switchback function. Switchback is disabled by default.
Defaults
-
Command
AP configuration mode (supporting the ap-config all configuration mode)
Mode
Usage Guide
-
Command
tertiary-baseac-name {ip-address | ipv6-address}[ switch-back]
no tertiary-base
Parameter
ac-name: indicates the name of the AC to be configured.
Description
ip-address: indicates the IP address of the AC. The format is A.B.C.D.
ipv6-address: indicates the IPv6 address of the AC. The format is X;Y::Z.
switch-back: indicates the switchback function. Switchback is disabled by default.
Defaults
-
Command
AP configuration mode (supporting the ap-config all configuration mode)
Mode
Usage Guide
-
Command
backup-controller-primaryac-name {ip-address | ipv6-address}[ switch-back]
no backup-controller-primary
Parameter
ac-name: indicates the name of the AC to be configured.
Description
ip-address: indicates the IP address of the AC. The format is A.B.C.D.
ipv6-address: indicates the IPv6 address of the AC. The format is X;Y::Z.
switch-back: indicates the switchback function. Switchback is disabled by default.
Defaults
-
Command
AP configuration mode (supporting the ap-config all configuration mode)
Mode
Usage Guide
-
Command
backup-controller-secondaryac-name { ip-address | ipv6-address}[ switch-back]
no backup-controller-secondary
Parameter
ac-name: indicates the name of the AC to be configured.
Description
ip-address: indicates the IP address of the AC. The format is A.B.C.D.
ipv6-address: indicates the IPv6 address of the AC. The format is X;Y::Z.
switch-back: indicates the switchback function. Switchback is disabled by default.
Defaults
-
Command
AP configuration mode (supporting the ap-config all configuration mode)
Mode
Configuring APMG
Configuration Guide
Configuring APMG
Usage Guide
-
Command
backup-controller-tertiaryac-name { ip-address | ipv6-address }[ switch-back]
no backup-controller-tertiary
Parameter
ac-name: indicates the name of the AC to be configured.
Description
ip-address: indicates the IP address of the AC. The format is A.B.C.D.
ipv6-address: indicates the IPv6 address of the AC. The format is X;Y::Z.
switch-back: indicates the switchback function. Switchback is disabled by default.
Defaults
-
Command
AP configuration mode (supporting the ap-config all configuration mode)
Mode
Usage Guide
-
Verification

Run the show ac-config command to check the current AC name and determine whether the configuration is
successful.
Configuration Example

Configuring Ruijie-AC1 as the primary AC of Ruijie-AP1, and Ruijie-AC2 as the secondary AC
Configuratio

Enter the AP configuration mode.
n Steps

Configure the primary AC and secondary AC of the AP.
Ruijie-AC1
Ruijie(config)#ap-config Ruijie-AP1
Ruijie(config-ap)#primary-base Ruijie-AC1 5.5.5.5
Ruijie(config-ap)#secondary-base Ruijie-AC2 6.6.6.6
Ruijie-AC2
Ruijie(config)#ap-config Ruijie-AP1
Ruijie(config-ap)#primary-base Ruijie-AC1 5.5.5.5
Ruijie(config-ap)#secondary-base Ruijie-AC2 6.6.6.6
Verification
Run the show ap-config running command to check the AP configurations.
Ruijie-AC1
Ruijie#show ap-config running
!
ap-config Ruijie-AP1
primary-base Ruijie-AC1 5.5.5.5
secondary-base Ruijie-AC2 6.6.6.6
!
Ruijie-AC2
Ruijie#show ap-config running
!
Configuration Guide
Configuring APMG
ap-config Ruijie-AP1
primary-base Ruijie-AC1 5.5.5.5
secondary-base Ruijie-AC2 6.6.6.6
!
Common Errors

None
1.4.21 Configuring the AC Hot Backup Function
Configuration Effect

Set up the hot backup connection to ensure that the AP can set up two CAPWAP tunnels.
Notes

None
Configuration Steps

Optional. If an AP does not use the hot backup address of the AC to set up a tunnel, the AC address of the first tunnel
must be specified. When IPv6must be used to set up the second channel, the IPv6 hot backup tunnel function must be
enabled.

Run the peer-ip command to configure the IP address for setting up a CAPWAP tunnel with the hot backup neighbor.
This IP address will be pushed to the AP device, and the AP device will set up the second CAPWAP tunnel with the
hot backup neighbor based on the peer-ip address. If the AP does not use the default hot backup address of the AC to
set up a tunnel, you need to configure the peer-ip address.

Run the peer-ipv6 command to configure the IPv6 address for setting up a CAPWAP tunnel with the hot backup
neighbor. This IPv6 address will be pushed to the AP device, and the AP device will set up the second CAPWAP IPv6
tunnel with the hot backup neighbor based on the peer-ipv6 address. When an AP and an AC use the IPv6 address to
set up a tunnel, you need to configure the peer-ipv6 address to set up the second CAPWAP IPv6 tunnel because
currently IPv6 cannot be used for setting a hot backup connection between ACs.

After the peer-ipv6 enable command is executed, the AP device sets up the second CAPWAP IPv6 tunnel with the
hot backup neighbor. To set up a CAPWAP IPv6 tunnel between an AP and an AC, you must enable peer-ipv6so that
the second CAPWAP IPv6 tunnel can be set up between the AP and the AC.

Run the ap-group command to bind an AP group with the hot backup instance. After the AP group is bound with the
hot backup instance, data of STAs associated with APs in the AP group can be synchronized from the active AC to the
standby AC.
Command
peer-ipipv4-address
Parameter
ipv4-address: indicates the IP address used by the hot backup neighbor to set up a CAPWAP tunnel.
Description
Defaults
Source address used by CAPWAP
Command
Hot backup instance mode
Mode
Configuration Guide
Usage Guide
Configuring APMG
In the non-NAT environment, use the default setting, that is, the source address used by CAPWAP.
In the NAT environment, configure the IPv6 address based on the environment where the AC and AP are
located. When the AC is located inside the NAT, its address is a private network address, which is not
accessible by the AP. Therefore, the AP must be notified of the configured public network address.

If both the AP and the AC are within the NAT internal network, use the default setting.

If the AP is in the NAT external network, use the IP address configured by the user as the peer AC
address.
Command
peer-ipv6ipv6-address
Parameter
ipv6-address: indicates the IPv6 address used by the hot backup neighbor to set up a CAPWAP tunnel.
Description
Defaults
Source address used by CAPWAP
Command
Hot backup instance mode
Mode
Usage Guide
In the non-NAT environment, use the default setting, that is, the source address used by CAPWAP.
In the NAT environment, configure the IPv6 address based on the environment where the AC and AP are
located. When the AC is located inside the NAT, its address is a private network address, which is not
accessible by the AP. Therefore, the AP must be notified of the configured public network address.

If both the AP and the AC are within the NAT internal network, use the default setting.

If the AP is in the NAT external network, use the IP address configured by the user as the peer AC
address.
You need to run the peer-ipv6 enable command to enable the function of using CAPWAP to set up the
dual IPv6 hot backup tunnels.
Command
peer-ipv6 enable
Parameter
-
Description
Defaults
Disable
Command
Hot backup instance mode
Mode
Usage Guide
The peer-ipv6must be enabled when CAPWAP is used to set up an IPv6 tunnel between the AP and a hot
backup AC so that the AP can use CAPWAP to set up an IPv6 tunnel with another hot backup AC.
Command
ap-group ap-group
Parameter
ap-group: indicates the name of an AP group.
Description
Defaults
None
Command
Hot backup instance mode
Mode
Usage Guide
After the AP group is bound with the hot backup instance, data of STAs associated with APs in the AP
group can be synchronized from the active AC to the standby AC.
Configuration Guide
Configuring APMG
Verification

Run the show running command to check the configurations.
Configuration Example
For details about the AC hot backup deployment solution, see "WLAN Hot Backup."

Enabling the AC to use the public network address as the AC address
Configuratio

Configure the hot backup address and enter the hot backup configuration mode.
n Steps

Configure the hot backup instance.

In the hot backup instance configuration mode, configure the peer IP address.
AC
Ruijie(config-hotbackup)# context 10
Ruijie(config-hotbackup-ctx)# peer-ip 1.1.1.1
Verification
Run the show running command to check the configurations.
AC
Ruijie(config)#show running
wlan hot-backup 1.1.1.1
!
context 10
peer-ip 1.1.1.1
Common Errors

None
1.4.22 Creating a WLAN
Configuration Effect

You can create multiple WLANs on an AC and enter the configuration mode of a specified WLAN to configure related
functions and properties of the WLAN according to the actual network requirements.

The WLAN service template that is generated based on the following configurations can take effect only after the
WLAN is deployed on a specified AP group. Wireless users can access related APs to access the WLAN.

On the wireless network, you can divide the network into multiple WLAN subnets by creating WLANs. In addition, you
can configure the functions and properties of a specified WLAN in WLAN configuration mode to provide different
network services for wireless users.

When creating a WLAN, you must associate the WLAN with an SSID, which is the name of a network service zone.
One SSID can be mapped to one or multiple WLANs.
Notes

None
Configuration Guide
Configuring APMG
Configuration Steps

Optional. No WLAN is configured by default. You must create a WLAN before deploying the WLAN.

Run the wlan-config command to create a WLAN, and use the no form of the command to delete the WLAN.
Command
wlan-configwlan-id [profile –string][ssid-string]
no wlan-configwlan-id
Parameter
wlan-id: indicates the ID of a WLAN. The value ranges from 1 to 4094.
Description
profile -string: indicates the profile of the WLAN. This parameter is optional. The maximum length is 32
bytes.
ssid-string: indicates the SSID. The maximum length is 32 bytes.When creating a WLAN, you must
specify the SSID associated with the WLAN.
Use the no form of the command to delete a specified WLAN.
Defaults
No WLAN is created by default.
Command
Global configuration mode
Mode
Usage Guide
One SSID can be mapped to one or multiple WLANs, but one WLAN can be associated with only one
SSID.
Verification

Run the show running command to check the WLAN configurations.
Configuration Example

Creating a WLAN
Configuratio

Create WLAN 1. The SSID of WLAN 1 is ruijie-wireless.
n Steps
AC
Ruijie(config)#wlan-config 1 ruijie-wireless
Ruijie(config-wlan)#
Verification
Run the show running command to check the WLAN configurations.
AC
Ruijie#show running
!
wlan-config 1 ruijie-wireless
!
Common Errors

None
1.4.23 Deploying a WLAN
Configuration Effect

The WLAN configuration takes effect only after the WLAN is deployed on a specified AP group. Wireless users can
access the WLAN through the related APs. Run the interface-mapping command in AP group configuration mode to
Configuration Guide
Configuring APMG
deploy the WLAN on a specified AP group.This command also configures the mapping between the WLAN and the
VLANs or VLAN group of the wired network.
Notes

Assume that the WLAN forwarding mode is local forwarding. In this case, if the vlan-id assigned to a STA in vlan-id or
vlan-group mode configured by this interface-mapping command is the same as the vlan-id specified by the ap-vlan
command, the real VLAN of the STA will be determined by the access switch of the AP, instead of the VLAN
configured by the interface-mapping command or the VLAN assigned in vlan-group mode. In particular, the default
vlan-id of the ap-vlan is 1. If the ap-vlan is not configured and the vlan-id configured in the interface-mapping
command is 1, the VLAN of the STA in local forwarding mode is determined by the access switch.
Configuration Steps

Optional. You can run the interface-mapping command in AP group configuration mode to configure a WLAN and
deploy the WLAN on all APs in the AP group.

On the AC device, enter the AP configuration mode and run the interface-mapping command for configuration.
Command
interface-mappingwlan-id{vlan-id I groupvlan-group-id}[radio{radio-id | [802.11b | 802.11a]}]
[ap-wlan-idap-wlan-id]
Parameter
wlan-id: indicates the ID of the specified WLAN. This WLAN must have been created. The WLAN ID
Description
ranges from 1 to 4094.
vlan-id: indicates the ID of the specified VLAN. The VLAN ID ranges from 1 to 4094.
vlan-group-id: indicates the ID of the specified VLAN group. The VLAN group ID ranges from 1 to 128.
radio-id: indicates the ID of the radio of a specified AP. If radio-id is not specified, the mapping is applied
to all radios of all APs in the AP group.
802.11b: indicates that the mapping is applied to all 2.4 GHz radios of all APs in the AP group.
802.11a: indicates that the mapping is applied to all 5.8 GHz radios of all APs in the AP group.
ap-wlan-id: specifies the wlan-id that is used on the AP through interface-mapping. The value ranges from
1 to 64.
Defaults
By default, the WLAN is not deployed on any AP.
Command
AP group configuration mode
Mode
Usage Guide
If the ap-wlan-id parameter is not specified, the mapping automatically selects and uses an idle
ap-wlan-id.
Verification

Run the show running command to check the AP group configurations.
Configuration Example

Configuring a WLAN and deploying the WLAN on a specified AP group
Configuratio
Ruijie-AP1 belongs to the AP group APG-1. Create a WLAN, and deploy the WLAN on Ruijie-AP1.
n Steps

Create WLAN 1. The SSID of WLAN 1 is ruijie-wireless.

Create VLAN 1.

Configure the WLAN-VLAN mapping in AP group configuration mode.
Configuration Guide
AC
Configuring APMG
Ruijie(config)#wlan-config 1 ruijie-wireless
Ruijie(config-wlan)#exit
Ruijie(config)#vlan 1
Ruijie(config-vlan)#exit
Ruijie(config)#ap-group APG-1
Ruijie(config-ap-group)#interface-mapping 1 1
Verification
Run the show running command to check the AP group configurations.
Ruijie#show running
!
wlan-config 1 ruijie-wireless
!
!
ap-group APG-1
interface-mapping 1 1
!
Common Errors

None
1.4.24 Enabling or Disabling WLAN SSID Broadcasting
Configuration Effect

On the WLAN, the AP periodically broadcasts the SSID information to notify other entities of the existence of the
wireless network. Wireless users use the wireless network interface cards (NICs) to search SSIDs and detect the
wireless network. The SSID broadcasting function can be enabled to prevent the wireless network from being
searched and connected by unauthorized users based on the SSID.
Notes

None
Configuration Steps

Optional. WLAN SSID broadcasting is enabled by default. If the WLAN SSID should be hidden to prevent the wireless
network from being searched and connected by unauthorized users based on the SSID, you can disable the WLAN
SSID broadcasting function.

On the AC device, enter the WLAN configuration mode and run the enable-broad-ssid command for configuration.
Command
enable-broad-ssid
no enable-broad-ssid
Parameter
-
Configuration Guide
Configuring APMG
Description
Defaults
WLAN SSID broadcasting is enabled by default.
Command
WLAN configuration mode
Mode
Usage Guide
WLAN SSID broadcasting is enabled by default. You can use the no form of the command to disable this
function.
If the SSID broadcasting configuration of the WLAN changes, users associated with the WLAN will go
offline.
Verification

Run the show running command to check the WLAN configurations.
Configuration Example

Disabling SSID broadcasting of WLAN 1
Configuratio

Enter the WLAN configuration mode.
n Steps

Disable SSID broadcasting.
AC
Ruijie(config)#wlan-config 1
Ruijie(config-wlan)#no enable-broad-ssid
Verification
Run the show running command to check the WLAN configurations.
AC
Ruijie#show running
!
wlan-config 1 ruijie-wireless
no enable-broad-ssid
!
Common Errors

None
1.4.25 Configuring the NAS ID ofa WLAN User
Configuration Effect

On the WLAN, the NAS IDs of WLAN users identify different hot spot areas. By default, the NAS ID of a WLAN user is
a null string.
Notes

None
Configuration Steps

Optional.

On the AC device, enter the WLAN configuration mode and run the nas-id command to configure the NAS ID.
Configuration Guide
Command
Configuring APMG
nas-id wlan-nas-id
no nas-id
Parameter
-
Description
Defaults
Null string
Command
WLAN configuration mode
Mode
Usage Guide
None
Verification

Run the show running command to check the WLAN configurations.
Configuration Example

Configuring the NAS ID ofa WLAN user
Configuratio

Enter the WLAN configuration mode.
n Steps

Configure the NAS ID ofa WLAN user.
AC
Ruijie(config)#wlan-config 1
Ruijie(config-wlan)#nas-id0000059159100460
Verification
Run the show running command to check the WLAN configurations.
AC
Ruijie#show running
!
wlan-config 1 ruijie-wireless
nas-id0000059159100460
!
Common Errors

None
1.4.26 Configuring the Fit or Fat AP Mode
Configuration Effect

On the AC device, run the switch2fat command in AC configuration mode to switch the mode of an online AP to the
fat AP mode.

On the AC device, run the ap-mode command in global configuration mode to switch between the fit AP mode and the
fat AP mode.
Notes

If the switch2fat command is executed on the AC in AP configuration mode to switch the mode of an online AP to the
fat AP mode, the AP will be disconnected from the AC. After that, you cannot configure the AP on the AC.
Configuration Guide
Configuring APMG
Configuration Steps

Optional. For an AC, an online AP definitely works in fit AP mode. You can run the switch2fat command if you need to
switch the mode of the AP to the fat AP mode.

On the AC device, run the switch2fat command in AC configuration mode to switchthe mode of an online AP to the
fat AP mode.

On the AC device, run the ap-mode command in global configuration mode to switch between the fit AP mode and the
fat AP mode.
Command
switch2fat ap-name
Parameter
ap-name: indicates the name of a specified AP.
Description
Defaults
By default, all fit APs are controlled by the associated AC. A fit AP can be switched to a fat AP to
implement self-control.
Command
AC configuration mode
Mode
Usage Guide
This command takes effect only on an online AP.
Command
ap-mode{ fit | fat[dhcp]}
Parameter
fit: indicates that the AP mode is switched to the fit AP mode.
Description
fat: indicates that the AP mode is switched to the fat AP mode.
dhcp: If the ap-mode fat command contains this parameter, the AP obtains the IP address through
DHCP by default after the AP mode is switched to the fat AP mode; otherwise, the AP uses the static IP
address by default after the AP mode is switched to the fat AP mode.
Defaults
None
Command
AP global configuration mode
Mode
Usage Guide
After the AP mode is switched between the fit and fat AP modes, the AP must be restarted to ensure the
configuration consistency.
For WALL-APs supplied by Ruijie Networks, when the fat AP mode is used, the default IP address of
the rear wired network interface (connected to the PoE switching device) is
192.168.110.1/255.255.255.0, and the default IP address of the front wired network interface
(Ethernet interface) is 192.168.111.1/255.255.255.0.
If ap-mode fat dhcp is configured, when the AP mode is switched to the fat AP mode, the IP
address is obtained through DHCP by default. After the AP is restarted, if related configuration is not
available, the IP address is still obtained through DHCP by default. In addition, the following two
issues should also be noted:
1.If ap-mode fat dhcp is configured for the WALL-AP, only the IP address of the rear wired network
interface is obtained through DHCP, and the front wired network interface uses the static IP address
by default. 2.In fat AP mode, the ap-mode fat dhcp and ap-mode fat commands cannot be
mutually switched, and must be switched to the fit AP mode first.
Configuration Guide
Configuring APMG
Verification

On the AP, run the show ap-mode command to check the current mode of the AP.
Configuration Example

Switching the mode of the online AP Ruijie-AP1 to the fat AP mode on the AC
Configuratio

Enter the AC configuration mode.
n Steps

Run the switch2fat command.
AC
Ruijie(config)#ac-controller
Ruijie(config-ac)#switch2fat Ruijie-AP1
Verification
On the AP, run the show ap-mode command to check the current mode of the AP.
AP
Ruijie#show ap-mode
current mode: fat
Common Errors

None
1.4.27 Configuring the ARP Proxy Function
Configuration Effect

On the AP, when the CAPWAP tunnel is disconnected, the ARP request packets are forwarded to the proxy server.
When the CAPWAP tunnel is set up again, the ARP proxy server is disabled and packets are forwarded normally.
Notes

None
Configuration Steps

Optional.

On the AC device, enter the AP or AP group configuration mode, and run the proxy-arp enable command to enable
the ARP proxy server of a specified AP.

On the AC device, enter the AP or AP group configuration mode, and run the proxy-arp ip-address mac-address
command to configure the ARP proxy server of a specified AP.
Command
proxy-arp enable
no proxy-arp enable
Parameter
-
Description
Defaults
Disable
Command
AP configuration mode
Mode
AP group configuration mode
Usage Guide
-
Configuration Guide
Configuring APMG
Command
proxy-arp ip-address mac-address
Parameter
ip-address: indicates the IP address of the ARP proxy server.
Description
mac-address: indicates the MAC address of the ARP proxy server.
Defaults
-
Command
AP configuration mode
Mode
AP group configuration mode
Usage Guide
-
Verification

Run the show running or show ap-config running command to check the configurations.
Configuration Example

Setting the IP address of the ARP proxy server of Ruijie-AP1 to 192.168.1.1 and the MAC address to
0080.0001.0001, and enabling the ARP proxy server function
Set the IP address of the ARP proxy server of the default AP group to 192.168.1.2 and the MAC address to
0080.0001.0002, and enable the ARP proxy server function.
Configuratio

Enter the AP configuration mode.
n Steps

Configure the IP address and MAC addressof the ARP proxy server of the AP.

Enable the ARP proxy server function of the AP.

Enter the AP configuration mode.

Configure the IP address and MAC address of the ARP proxy server of the AP.

Enable the ARP proxy server function of the AP.
AC
Ruijie(config)#ap-config Ruijie-AP1
Ruijie(config-ap)#proxy-arp 192.168.1.1 0080.0001.0001
Ruijie(config-ap)# proxy-arpenable
Ruijie(config-ap)#exit
Ruijie(config)#ap-groupdefault
Ruijie(config-ap-group)#proxy-arp 192.168.1.2 0080.0001.0002
Ruijie(config-ap-group)# proxy-arpenable
Verification
Run the show running command to check whether the proxy-arp enable and proxy-arp ip-address
mac-address commandsare configured in all AP and AP group configuration modes.
Run the show ap-config running command to check the AP configurations.
AC
Ruijie(config)#show running
!
ap-group default
proxy-arp 192.168.1.2 0080.0001.0002
proxy-arp enable
Configuration Guide
Configuring APMG
!
Ruijie#show ap-config running
!
ap-config Ruijie-AP1
proxy-arp 192.168.1.1 0080.0001.0001
proxy-arp enable
!
Common Errors

None
1.4.28 Configuring the WLAN SSID Name
Configuration Effect

Configure a new SSID name for the WLAN. If this WLAN has been deployed, all users associated with this WLAN will
go offline.
Notes

None
Configuration Steps

Optional.

On the AC device, enter the WLAN configuration mode and run the ssid command to configure the new SSID name.
Command
ssid ssid-string
Parameter
-
Description
Defaults
None
Command
WLAN configuration mode
Mode
Usage Guide
None
Verification

Run the show running command to check the WLAN configurations.
Configuration Example

Configuring a new SSID name "ruijie" for WLAN 1
Configuratio

Enter the WLAN configuration mode.
n Steps

Configure a new SSID name "ruijie".
AC
Ruijie(config)#wlan-config 1
Configuration Guide
Configuring APMG
Ruijie(config-wlan)#ssid ruijie
Verification
Run the show running command to check the WLAN configurations.
AC
Ruijie#show running
!
wlan-config 1 ruijie
!
Common Errors

None
1.4.29 Configuring the AP Backup Function
Configuration Effect

If the active AP in an AP backup group is faulty and disconnected, other standby APs in the group receive the WLAN
configuration of the active AP and transmit radio signals of the active AP.
Notes

In an AP backup group, if the active AP is not selected, the AP backup function does not take effect.
Configuration Steps

Configuring an AP backup group

Optional. Create an AP backup group when the wireless network of an AP needs to be backed up.

In AC configuration mode, run the ap-backup group command to create an AP backup group.
Command
ap-backup group backup-group
Parameter
backup-group: indicates the name of the AP backup group.
Description
Defaults
By default, if only the AP backup group named "default" exists on the AC, the backup function of this
group does not take effect.
Command
AC configuration mode
Mode
Usage Guide
-

Adding APs to an AP backup group

Optional. When the wireless network of an AP must be backed up by other APs, add the standby APs and the AP to
be backed up to the AP backup group, and select the AP to be backed up as the active AP.

In AP configuration mode, run the ap-backup-group command to add the AP to the AP backup group. When adding
an AP to an AP backup group, you can specify whether the AP is the active AP.
Command
ap-backup-group backup-group[master]
Parameter
backup-group: indicates the name of the AP backup group.
Description
Configuration Guide
Defaults
Configuring APMG
By default, the AP is not added to the default group, and the backup function of the backup group does
not take effect.
Command
AP configuration mode
Mode
Usage Guide
This command does not support the ap-config all mode.
The keyword master is optional. If the command contains this keyword, the AP is designated as the
active AP of the group; otherwise, the AP is the standby AP. An AP backup group can have multiple
standby APs but only one active AP.
When the AP backup group starts to work, that is, the standby APs have inherited WLAN signals
from the active AP, note that the following four operations change the WLAN configurations of the
standby APs that should take effect, and the inherited WLAN signals will take effect again:
1. Modify the WLAN configurations of the AP group to which the standby APs belong. 2. Modify the
WLAN configurations of the AP group to which the active AP belongs. 3. Change the AP group of the
standby APs. 4. Change the AP group of the active AP.
If online users already exist, these users will go offline.
Verification

Run the show ap-config running and show ac-config ap-backup-group commands to check the configurations.
Configuration Example

Creating an AP backup group named "APBACK-APG-1"
Configuratio

In AC configuration mode, run the ap-backup group command to create an AP backup group.
n Steps
AC
Ruijie(ac-config)#ap-backup group APBACK-APG-1
Verification

AC
Ruijie#show ac-config ap-backup-group
Cnt
Run the show ac-config ap-backup-group command to check the configurations.
Group-Name
Master-AP cntStandby-AP cnt
Master-AP-Name
------ ---------------------------------- ----------------------------------1

APBACK-APG-1
1
2
AP4210-1
Working
----------false
Adding ap4210-1 to the AP backup group named "APBACK-APG-1", and configuring this AP as the active AP
of the group
Configuratio

In AP configuration mode, run the backup-group command to add the AP to the AP backup group.
n Steps
AC
Ruijie(ap-config)#ap-backup-group APBACK-APG-1 master
Verification

AC
Ruijie#show ac-config ap-backup-groupAPBACK-APG-1
Run the show ac-config ap-backup-group command to check the configurations.
Configuration Guide
Configuring APMG
Cnt
Ap-Name
Ap-Mac
Online
Is-Master
Inherit-Wlan Cnt
------- ------------------------ -------------------- ------- ------------ ----------------1
AP4210-1
8832.0000.1111
true
Common Errors

None
1.5 Monitoring
Displaying
Description
Command
Displays the basic configurations of the
show ac-config
current AC
Displays the AP backup group information
show ac-config ap-backup-group
Displays the BSSID list of all APs
show ap-config bssid
Displays the AP status information
show ap-config cb
Displays the WLAN information inherited
show ap-config inherit-wlan
by the AP
Displays the AP product list
show ap-config product
Displays the current status of all APs
show ap-config summary
Displays authentication-related
show ap-config summary ap-auth
information of all APs
Displays APs that try to associate with the
show ap-config summary deny-ap
AC but are rejected by the AC
Displays the information about all hot
show ap-config summary hot-backup
backup APs associated with the AC
Displays the APs in a specified AP group
show ap-group aps
Displays the APs in all AP groups
show ap-group aps summary
Displays the basic information about a
show ap-group cb
specified AP
To display the WLAN-VLAN mapping of a
show ap-group intf-wlan-map
specified AP group
Displays all APs
show ap-group summary
Displays the fit or fat mode of the AP
show ap-mode
Displays the basic information about a
show wlan-config cb
specified WLAN
Displays the WLAN configuration list on
the AC
show wlan-config summary
Yes
0
Configuration Guide
Configuring STA Management
2. Configuring STA Management
2.1 Overview
STA Management (STAMG) implements station (STA) management, including STA access control management and STA
event notification. Event notification is mainly used to serve other function modules. Applications of the STAMG functions
are as follows:

The dynamic blacklist is used on a security-sensitive network to prevent user attacks.

The STA limit is used when the number of STAs exceeds the AP capacity.

Load balancing is used when STAs need to be evenly distributed to multiple APs.

Association control is used in the E-bag scenario.
Protocols and
Standards

N/A
2.2 Applications
Application
Description
Fit AP Networking
In fit AP network mode, at least one AC and one AP are required.
Large Conference Room
In fit AP network mode, at least one AC and two APs are required.
E-Bag
In fit AP network mode, at least one AC and two APs are required.
2.2.1 Fit AP Networking
Scenario
One AC is deployed on the wireless network, and dynamic blacklist and STA limit functions are enabled on the AC.
As shown in Figure 2-1, dynamic blacklist and STA limit are enabled on the AC.
Figure 2-1
Remark
AC is the wireless access controller.
s
PoE is the switch that functions as the gateway of APs.
Configuration Guide
Configuring STA Management
AP is the wireless access device.
STA1 and STA2 are user devices.
Deployment

Enable dynamic blacklist and STA limit on the AC.
2.2.2 Large Conference Room
Scenario
In a large conference room, the number of STAs is generally large, and STAs must be evenly distributed to multiple APs;
otherwise, too many STAs are connected to some specific APs, resulting in a low network speed and a poor user
experience.
As shown in Figure 2-2, two APs (AP1 and AP2) are deployed in the conference room so that STAs can be evenly
distributed to the two APs.
Figure 2-2
Remark
AC is the wireless access controller.
s
AP1 and AP2 are wireless access devices.
PC1, PC2, and PC3 are user devices.
Deployment

Enable load balancing on the AC, and add AP1 and AP2 to the load balancing group.
2.2.3 E-Bag
Scenario
One AC is deployed on the wireless network, and multiple APs are deployed in different classrooms. When the teacher's
STA is associated with an AP, the students' STAs must also be associated with the same AP. This ensures the network
transmission speed.
Configuration Guide
Configuring STA Management
As shown in Figure 2-3, AP1 is deployed in Classroom1 and AP2 is deployed in Classroom2. When the teacher's STA is
associated with AP1, the students' STAs must also be associated with AP1, instead of AP2. In this way, traffic destined for
Classroom1 is only sent to AP1 without affecting users on AP2.
Figure 2-3
Remark
AC is the wireless access controller.
s
Switch functions as the gateway of APs.
AP1 and AP2 are wireless access devices.
In the E-bag scenario, if the teacher uses the wired network connection, one of STAs used by students must be
configured as the primary STA to implement association control. Who uses this primary STA is determined by users
themselves. For example, the primary STA can be used by the class monitor or the teacher so that secondary STAs
can be associated correctly. After correct association of the secondary STAs, the teacher can put this primary STA
aside, and use the wired network connection during the class.
Deployment

Enable association control on the AC, and add APs to a specified association control zone.
2.3 Features
Overview
Feature
Description
Dynamic Blacklist
Detects association of unauthorized users.
STALimit
Limits the number of STAs.
Load Balancing
Distributes STAs evenly to multiple APs.
Inter-Radio Load
Distributes STAs evenly to multiple radios of the same AP.
Balancing
Association Control
Associates secondary STAs with APs in the same control zone if the primary STA is associated
with these APs.
Configuration Guide
Configuring STA Management
STA Management
Deassociates STAs without traffic forcibly to recycle resources.
STA Informational
Suppresses the informational syslog output rate of STAs.
Syslog Suppression
2.3.1 Dynamic Blacklist
The AC can use the dynamic blacklist to punish malicious or unauthorized STAs so that these STAs cannot be associated
within a period of time. In addition, the dynamic blacklist can be used to deassociate these STAs.
Working Principle
The number of STA association failures (including failures caused by incorrect user names or passwords) is counted in a
period of time. When the number of association failures of a STA exceeds a certain threshold, the STA is added to the
blacklist. STAs in the blacklist cannot be associated within a period of time.
2.3.2 STA Limit
STA limit aims to limit the number of STAs that can be associated with an AP based on the load capacity. This prevents the
risk of insufficient resources caused by overload of APs.
Working Principle
When STAs are associated, the AP checks whether the number of associated STAs exceeds the threshold. If yes, STAs
cannot be associated.
2.3.3 Load Balancing
Load balancing can balance the load among APs managed by an AC. The load here can be traffic or the number of
associated STAs. The purpose is to prevent the problem that some APs are overloaded and some APs are in the idle state.
Working Principle
When a STA tries to be associated, if the load on the AP associated by the STA exceeds the preset threshold, the system
checks whether the load difference between all the APs in the load balancing group of this AP exceeds the threshold. If yes,
the STA is not allowed to associate with this AP. The load difference can be configured as the number of STAs or the traffic.
To prevent the problem that the STA can receive signals from only one AP but fails to be associated due to load balancing,
the maximum number of load balancing times can be configured. If association fails for consecutively twice due to load
balancing, load balancing is not performed for the third time and the STA can be associated with the AP.
2.3.4 Inter-Radio Load Balancing
Inter-radio load balancing can balance the load among radios of the same AP to prevent overload of a single radio.
Similarly, the load here can be the traffic or the number of associated STAs.
Working Principle
The principle of inter-radio load balancing is similar to that of load balancing group except that you can configure the load
balancing thresholds respectively for intra-frequency radios (2.4 GHz or 5 GHz) or inter-frequency radios. If all the radios of
an AP are in the same frequency, the intra-frequency configuration takes effect; otherwise, the inter-frequency
configuration takes effect.
Configuration Guide
Configuring STA Management
2.3.5 Association Control
Association control is a method for controlling association behaviors of wireless STAs. STAs are divided into two groups. In
each group, only one STA is defined as the primary STA, and the other STAs are defined as secondary STAs. The
secondary STAs must follow the association behaviors of the primary STA. That is, the primary and secondary STAs must
be associated with the same wireless network. In this way, association behaviors of wireless STAs can be properly
controlled.
Working Principle
The coverage area of a wireless network is divided into several association control zones. One or several APs are deployed
in each zone, and wireless terminals are divided into groups. The control zones that can be associated with the terminals
are strictly controlled. For example, a school has many classrooms, and a wireless AP is deployed in each classroom.
Radio signals travel in the space. When E-bags are used in two adjacent classrooms at the same time, the ideal condition
is that all the teacher and student terminals are associated with the AP of their own classrooms so that the two classrooms
will not interfere with each other. In this case, a classroom must be defined as an association control zone and all the
teacher and student terminals in a classroom must be associated with the AP of the classroom.
Association control aims to prevent terminals from associating with a wireless network at random when multiple wireless
networks are available for selection. The following are prerequisites for network configurations:

Based on the pre-configured association control zones and package information, the AC pushes the information about
primary STAs in all packages to all APs in the association control zones and generates a whitelist of primary STAs on
these APs.

The information about primary STAs in all packages is available in the AP whitelist. Therefore, before the association
control function is enabled, the primary STA must associate itself with the corresponding SSID in the specified control
zone. After that, the AC pushes all corresponding secondary STAs to all APs in the association control zone and
generates a whitelist according to the configuration of the primary STA package to allow the secondary STAs to
associate themselves with the control zone.

When the primary STA is de-associated from the control zone, all the secondary STAs will also be de-associated and
deleted from the AP whitelist.

The above process can be summarized as follows: The secondary STAs must follow the primary STA to associate
themselves with an AP in the same control zone, with which the primary STA is associated. Only the APs of this
control zone have a whitelist of the corresponding secondary STAs. This ensures that STAs are not randomly
associated with APs.
2.3.6 STA Management
STA management is used to manage association and deassociation logic processing of STAs.
Working Principle
In normal cases, a STA sends a deassociation frame to inform the AC that the STA is deassociated. If the STA does not
send a deassociation frame to the AC when it is deassociated abnormally (for example, because the user removes the
network interface card (NIC)), the AC cannot learn the deassociation of the STA. In this case, the AC detects the STA traffic
and finds that the STA has no traffic within a period of time, and concludes that the STA had been deassociated. Then, the
AC performs deassociation processing on the STA.
Configuration Guide
Configuring STA Management
2.3.7 STA Informational Syslog Suppression
STA informational syslog suppression prevents a high CPU usage caused by the large number of informational syslogs
generated when STAs are frequently associated or deassociated.
Working Principle
The number of syslogs output per second is counted. When this number reaches the upper limit, no more syslog is output
within the second, thereby suppressing the syslog. In the next second, the number of syslogs is counted again.
2.4 Configuration
Configuration
Description and Command
(Mandatory) It is used to enable the dynamic blacklist function.
sta-blacklist enable
Enables the dynamic blacklist function.
(Optional) It is used to configure the parameters of the dynamic blacklist.
Configuring Dynamic
Blacklist
sta-blacklist lifetime
sta-blacklist detect-time
sta-blacklist fail-limit
Configures the lifetime of the dynamic
blacklist.
Configures the detection time of the
dynamic blacklist.
Configures the maximum number of
association failures.
(Optional) It is used to configure the maximum number of STAs.
sta-limit
Configuring STA Limit
Configures the maximum number of
STAs.
Configures the maximum number of
sta-limit radio
STAs that can be associated with a
radio of the AP.
(Mandatory) It is used to configure load balancing.
num-balance-group create
num-balance-group add
Configuring Load Balancing
num-balance-group del
flow-balance-group create
flow-balance-group add
flow-balance-group del
Creates a number-based balancing
group.
Adds an AP to the number-based
balancing group.
Deletes an AP from the number-based
balancing group.
Creates a traffic-based balancing group.
Adds an AP to the traffic-based
balancing group.
Deletes an AP from the traffic-based
balancing group.
(Optional) It is used to configure the load balancing parameters.
Configuration Guide
Configuring STA Management
num-balance-group num
num-balance-group mode
flow-balance-group flow
Configures the threshold of the
number-based balancing group.
Configures the working mode of the
number-based balancing group.
Configures the threshold of the
traffic-based balancing group.
Enables a specified traffic balancing
flow-balance-group radio-flow
group to use the traffic uploaded by
APs.
(Mandatory) It is used to enable the load balancing function among radios.
inter-radio-balance flow-balance enable
Enables inter-radio traffic-based
balancing.
inter-radio-balance num-balance enable
Enables inter-radio number –based
balancing.
(Optional) It is used to configure the load balancing parameters.
inter-radio-balance flow-balance dual-band
Configures parameters for traffic –
Configuring Inter-Radio
based balancing among inter-frequency
Load Balancing
radios.
inter-radio-balance flow-balance
Configures parameters for traffic –
same-band
based balancing among intra-frequency
radios.
inter-radio-balance num-balance dual-band
Configures parameters for
number-based balancing among
inter-frequency radios.
inter-radio-balance num-balance
Configures parameters for
same-band
number-based balancing among
intra-frequency radios.
(Mandatory) It is used to enable the association control function.
package
primary-sta
Configuring Association
Control
secondary-sta
Configures a package.
Configures the primary STA in the
package.
Configures the secondary STA in the
package.
control-zone
Configures an association control zone.
ap
Configures the AP information.
assoc-control
Enables association control.
(Optional) It is used to configure the time after which the STA is deassociated if no
Configuring STA
traffic is detected.
Management
sta-idle-timeout
Configures the time after which the STA
is deassociated if no traffic is detected.
Configuration Guide
Configuring STA Management
(Optional) It is used to configure the maximum output rate of the STA informational
Configuring STA
syslogs.
Informational Syslog
Suppression
sta-logging rate-limit
Configures the maximum output rate of
the STA informational syslogs.
2.4.1 Configuring Dynamic Blacklist
Configuration Effect

When it is detected that the number of association failures on a STA reaches the threshold within the specified time,
this STA is added to the blacklist.
Notes

The time period is not fixed and is between detect-time and (detect-time + 5).detect-time is expressed in second.
This factor must be considered during configuration.

If multiple authentication modes are applied, the number of STA association failures increases by 1 so far as one of
the authentication modes fails. Combinations of authentication modes include, but are not limited to, PSK+Web,
PSK+MAB+Web, PSK+MAB, MAB+Web, and 802.1x+Web.
Configuration Steps

Enabling Dynamic Blacklist

(Mandatory) Enable the dynamic blacklist function on an AC or a fat AP.
Command
sta-blacklist enable
Parameter
N/A
Description
Defaults
The blacklist function is disabled.
Command
AC configuration mode
Mode
Usage Guide
N/A

Configuring the Dynamic Blacklist Parameters

(Optional) Configure the dynamic blacklist parameters on an AC or a fat AP.

Configure the blacklist lifetime.

Run the sta-blacklist lifetime command to configure the lifetime of the dynamic blacklist. A longer lifetime indicates a
longer period of time within which the STA added to the blacklist is not allowed to associate itself with the AC.

Run the sta-blacklist detect-time command to configure the detection time. As the detection time decreases, the
unauthorized STA detection becomes more sensitive and the number of false reports increases.

Run the sta-blacklist fail-limit command to configure the upper limit of association failures. A larger upper limit
indicates that a STA can make more association attempts.
Command
sta-blacklist lifetime seconds
Parameter
seconds: Indicates the blacklist lifetime. The value ranges from 60s to 1200s.
Configuration Guide
Configuring STA Management
Description
Defaults
300s
Command
AC configuration mode
Mode
Usage Guide
N/A
Command
sta-blacklist detect-time seconds
Parameter
seconds: Indicates the STA detection time. The value ranges from 5s to 60s.
Description
Defaults
60s
Command
AC configuration mode
Mode
Usage Guide
This command is used to configure the STA detection time. When encountering the first association failure,
the STA is listed as a suspected attacker. If the number of association failures on the STA reaches the upper
limit (namely, the fail-limit) within the detection time, the STA is added to the blacklist.
Command
sta-blacklist fail-limit number
Parameter
number: Indicates the maximum number of association failures. The value ranges from 1 to 100.
Description
Defaults
5
Command
AC configuration mode
Mode
Usage Guide
N/A
Verification

Run the show sta-blacklist command to display the STAs in the blacklist.
Configuration Example

Configuring Dynamic Blacklist
Scenario
Figure 1-4
Configuratio
n Steps

Configure the dynamic blacklist function.
Configuration Guide
Configuring STA Management
AC# configure terminal
AC
Enter configuration commands, one per line. End with CNTL/Z.
AC(config)# ac-controller
AC(config-ac)# sta-blacklist enable
Verification

After the CAPWAP tunnel is established between an AP and an AC, enter an incorrect password for
several times to verify that the STA can be added to the blacklist.
AC# show sta-blacklist
AC
Num
STA MAC
Add time
---------- -------------- -------------------1
0080.1111.1111 2013-07-02 13:56:22
2
0090.2222.3333 2013-07-02 13:56:35
3
0070.1111.2233 2013-07-02 13:57:08
Common Errors

N/A
2.4.2 Configuring STA Limit
Configuration Effect

Limit the maximum number of STAs that can be associated with an AC, a WLAN, an AP, or a radio of an AP on the
wireless network.
Notes

The STA limits configured for an AC, a WLAN, an AP, or a radio of an AP take effect simultaneously. That is, a STA
can be associated only if all the STA limits are met.

The STA limit configured on the AC is subject to the license.
Configuration Steps

Configuring STA Limit

(Optional) Configure the STA limitation an AC or a fat AP.

If the number of STAs on the wireless network is large, the STA limit can be configured to allow more STAs are
associated, but the total bandwidth will decrease.

Run the sta-limit command to configure the STA limit. A large STA limit indicates that more STAs can be associated.

The AC-based STA limit is (32 x Number of APs) by default. The WLAN-based STA limit is not specified by default.
The AP-based STA limit is 32 by default.

Run the sta-limit radio command to configure the radio-based STA limit for an AP. A large STA limit indicates that
more STAs can be associated.
Configuration Guide
Configuring STA Management
Command
sta-limit max-num
Parameter
max-num: Indicates the maximum number of STAs. The value varies according to the configuration mode
Description
and device.
Defaults
In AC configuration mode, the default value is (32 x Number of APs supported by the AC), depending on the
license.
In AP group configuration mode, the default value is 32.
In AP configuration mode, the default value is 32 for a deassociated AP or in the ap-config all configuration
mode. The default value for an associated AP is determined by the AP model.
In WLAN configuration mode, the STA limit is not specified.
Command
AC configuration mode, WLAN configuration mode, AP configuration mode, or AP group configuration mode
Mode
Usage Guide
If the maximum number of STAs configured for a deassociated AP exceeds the actual capacity, the STA
limit automatically changes to the actual maximum number of STAs supported after the AP is
associated.
Command
Parameter
sta-limit max-num radio radio-id
max-num: Indicates the maximum number of STAs. The value ranges from 1 to 156.
Description
radio-id: Indicates the radio ID. The value ranges from 1 to 32.
Defaults
The STA limit is not specified by default.
Command
AP configuration mode
Mode
AP group configuration mode
Usage Guide
If the maximum number of STAs configured for a deassociated AP exceeds the actual capacity of the radio,
the STA limit automatically changes to the actual maximum number of STAs supported after the AP is
associated.
Verification

Verify that the number of STAs is limited.
Configuration Example

Configuring STA Limit
Scenario
Figure 1-5
Configuration Guide
Configuratio

Configuring STA Management
Configure the STA limit.
n Steps
AC# configure terminal
AC
Enter configuration commands, one per line. End with CNTL/Z.
AC(config)# ap-config ap1
AC(config-ap)# sta-limit64
Verification

After the CAPWAP tunnel is established between an AP and an AC, check the AC running
configuration.
AC# show ap-config running
AC
ap-config ap1
sta-limit 64
!
Common Errors

N/A
2.4.3 Configuring Load Balancing
Configuration Effect

Enable even distribution of STAs on multiple APs in a load balancing group.
Notes

Load balancing is applicable only to STAs that are associated, but not to STAs that are deassociated. Therefore, after
STAs are deassociated, the traffic difference between APs or the STA quantity difference may exceed the threshold.

Load balancing takes effect only on the same type of radios (2.4 GHz or 5 GHz). If the types of radios are different,
load balancing is performed only when the AP reports that the STAs are capable of dual-band operation. Otherwise,
the 2.4 GHz STAs may fail to be associated with 2.4 GHz radios when no STA is associated with 5 GHz radio.

After the traffic-based balancing group is configured to use the traffic information uploaded by APs, APs must upload
the traffic information to the AC at a regular interval because the traffic only exists on APs and is not routed to the AC.
During this interval, the traffic information on the AC does not change. At this time, if the traffic between APs is not
balanced, STAs cannot be associated with APs with heavy traffic until the APs upload the traffic information to the AC.
Configuration Steps

Creating a Number-based Balancing Group

(Mandatory)Create a number-based balancing group on the AC.

APs can be only added to a created load balancing group.
Configuration Guide
Command
num-balance-group create group-name
Parameter
group-name: Indicates the name of a load balancing group.
Description
Defaults
No number-based balancing group is created.
Command
AC configuration mode
Mode
Usage Guide
N/A

Adding an AP to the Number-based Balancing Group

(Mandatory) The configuration is performed on the AC.

Load balancing applies to the APs which are added to the load balancing group.
Command
num-balance-group add group-name ap-name
Parameter
group-name: Indicates the name of a load balancing group.
Description
ap-name: Indicates the AP name.
Defaults
No AP is added to the number-based balancing group.
Command
AC configuration mode
Mode
Usage Guide
N/A

Creating a Traffic-based Balancing Group

(Mandatory) The configuration is performed on the AC.

APs can be only added to a created load balancing group.
Command
flow-balance-group create group-name
Parameter
group-name: Indicates the name of a load balancing group.
Description
Defaults
No traffic-based balancing group is created.
Command
AC configuration mode
Mode
Usage Guide
N/A

Adding an AP to the Traffic-based Balancing Group

(Mandatory) The configuration is performed on the AC.

Load balancing applies to the APs which are added to the load balancing group.
Command
flow-balance-group add group-name ap-name
Parameter
group-name: Indicates the name of a load balancing group.
Description
ap-name: Indicates the AP name.
Defaults
No AP is added to the traffic-based balancing group.
Command
AC configuration mode
Mode
Usage Guide

N/A
Configuring Parameters of Load Balancing Group
Configuring STA Management
Configuration Guide
Configuring STA Management

(Optional) Configure the parameters of load balancing group on the AC.

Run the num-balance-group num command to configure the threshold of number-based balancing group. A larger
threshold indicates a greater difference in the number of STAs associated with two APs, and the less balanced load.

Run the num-balance-group mode command to configure the radio-based balancing function. If radio-based
balancing is enabled, the control on the distribution of STAs is more accurate, but the effect of balancing among APs
is less satisfying.

Run the num-balance-group enable command to configure the trigger threshold of the number-based balancing
group. A higher trigger threshold indicates that load balancing is enabled only when the AP load is heavy.

Run the num-balance-group del command to delete an AP from the number-based balancing group.

Run the flow-balance-group flow command to configure the traffic-based balancing threshold. A higher traffic
balancing threshold indicates that the traffic difference between two APs is greater and the traffic is less balanced.

Run the flow-balance-group radio-flow command to enable the traffic balancing group to use the traffic information
uploaded by APs. In local forwarding mode, data packets are not routed to the AC, and the AC cannot obtain the
traffic information. Therefore, the traffic information uploaded by APs must be used to determine whether to enable
load balancing.

Run the flow-balance-group enable command to configure the trigger threshold of the traffic-based balancing group.
A higher trigger threshold indicates that load balancing is enabled only when the AP load is heavy.

Run the flow-balance-group del command to delete an AP from the traffic-based balancing group.

Run the flow-balance-group base command to configure the baseline of traffic balancing in global configuration
mode.

Run the sta-balance num-limit enable command to limit the maximum times of load balancing.
Command
num-balance-group num group-name number
Parameter
group-name: Indicates the name of a load balancing group.
Description
number: Indicates the trigger threshold. The default value is 3. The value ranges from 0 to 20, where 0
indicates that the number balancing function is disabled for the load balancing group.
Defaults
3
Command
AC configuration mode
Mode
Usage Guide
N/A
Command
num-balance-group mode group-name{ radio-mode| ap-mode }
Parameter
group-name: Indicates the name of a load balancing group.
Description
Default s
AP-based number balancing
Command
AC configuration mode
Mode
Usage Guide
N/A
Command
num-balance-group enable group-name number
Configuration Guide
Configuring STA Management
Parameter
group-name: Indicates the name of a load balancing group.
Description
number: indicates the trigger threshold. The default value is 3. The value ranges from 0 to 10, where 0
indicates that the number balancing function is disabled for the load balancing group.
Defaults
3
Command
AC configuration mode
Mode
Usage Guide
N/A
Command
num-balance-group del group-name ap-name
Parameter
group-name: Indicates the name of a load balancing group.
Description
ap-name: Indicates the AP name.
Defaults
N/A
Command
AC configuration mode
Mode
Usage Guide
N/A
Command
flow-balance-group flow group-name number
Parameter
group-name: Indicates the name of a load balancing group.
Description
number: indicates the trigger threshold. The unit is %. The default value is 5%. The value ranges from 0 to
1000, where 0 indicates that the load balancing function is disabled for the load balancing group. The
percentage baseline is 10 Mbps by default.
Defaults
5%
Command
AC configuration mode
Mode
Usage Guide
N/A
Command
flow-balance-group radio-flow group-name
Parameter
group-name: Indicates the name of the traffic balancing group.
Description
Defaults
Traffic information on the CAPWAP data channel is used on the AC.
Command
AC configuration mode
Mode
Usage Guide
You can enable a traffic balancing group to use the traffic information uploaded by APs. In this way, the
traffic balancing group can receive the traffic information periodically sent by APs for load balancing.
Command
flow-balance-group enable group-name number
Parameter
group-name: Indicates the name of a load balancing group.
Description
number: Indicates the trigger threshold. The unit is %. The default value is 5%. The value ranges from 0 to
500, where 0 indicates that the load balancing function is disabled for the load balancing group. The
percentage baseline is 10 Mbps by default.
Defaults
5%
Configuration Guide
Command
Configuring STA Management
AC configuration mode
Mode
Usage Guide
N/A
Command
flow-balance-group del group-name ap-name
Parameter
group-name: Indicates the name of a load balancing group.
Description
ap-name: Indicates the AP name.
Defaults
N/A
Command
AC configuration mode
Mode
Usage Guide
N/A
Command
flow-balance-group base number
Parameter
number: Indicates that traffic baseline. The default value is 10 Mbps. The value ranges from 1 to 100.
Description
Defaults
10 Mbps
Command
AC configuration mode
Mode
Usage Guide
N/A
Command
sta-balance num-limit enable
Parameter
N/A
Description
Defaults
The function is disabled by default.
Command
AC configuration mode
Mode
Usage Guide
N/A
Verification

Number balancing:Check whether the difference in the number of STAs associated with APs in the load balancing
group is within the threshold.

Traffic balancing:Check whether the difference in the traffic of APs in the load balancing group is within the threshold.
Configuration Example

Configuring Traffic Balancing
Configuration Guide
Configuring STA Management
Scenario
Figure2-4
Configuration

Create a load balancing group.
Steps

Set the trigger threshold of this load balancing group to 1000 Kbps.

Add AP1 and AP2 to the load balancing group named test-group. (If two APs are added to the same
load balancing group, PCs in this group can search the RF signals of all APs.)
AC
AC# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
AC(config)#ac-controller
AC(config-ac)#flow-balance-group create test-group
AC(config-ac)#flow-balance-group flow test-group 10
AC(config-ac)#flow-balance-group add test-group AP1
AC(config-ac)#flow-balance-group add test-group AP2
Verification

AC
AC# show ac-config flow-balance summary
Check the configuration of the load balancing group.
Group
State Enable
---------------
-----
Threshold Base mode
--------------
AP NAME
---------
---------------------------------------------------------------------test-group
UP
5*100kbps
10%
10 ap-mode(0) AP1, AP2
Common Errors

N/A
2.4.4 Configuring Inter-Radio Load Balancing
Configuration Effect

Enable inter-radio load balancing on APs to balance the load among radios.
----
----------
Configuration Guide
Configuring STA Management
Notes

This function is not applicable to the i-Share solution. Signals of different radios cover different areas. A STA may
receive signals from one or several radios. In this case, the inter-radio load balancing function cannot be enabled.

Load balancing is applicable only to STAs that are associated. Therefore, after STAs are deassociated, the traffic
difference between APs or the STA quantity difference may exceed the threshold.

If the radio that a STA attempts to associate with is different from the radio with the lowest load, load balancing is
performed only when the AP reports that the STA is capable of dual-band operation. Otherwise, the 2.4 GHz STAs
may fail to be associated with 2.4 GHz radios when no STA is associated with 5 GHz radio.

After the traffic balancing group is configured to use the traffic information uploaded by APs, APs must upload the
traffic information to the AC at a regular interval because the traffic only exists on APs in local forwarding mode.
During this interval, the traffic information on the AC does not change. At this time, if the traffic between APs is not
balanced, STAs cannot be associated with APs with heavy traffic until the APs upload the traffic information to the AC.

Configuration of load balancing parameters varies according to the inter-frequency and intra-frequency radios. When
an AP is associated, the AP type is identified. If the AP supports inter-frequency radios, the inter-frequency
configuration takes effect; otherwise, the intra-frequency configuration takes effect.

For a specific AP, so far as load balancing is enabled in any of the ap-config, ap-group, and ap-config all modes, load
balancing is enabled on this AP. If the load balancing configurations in the three modes are different, the
configurations take effect in the following sequence: ap-config > ap-group > ap-config all.

When inter-radio load balancing is enabled, the association attempt of the same STA will be denied for at most twice
within five minutes. If the STA is still associated with a radio with a heavy load for the third time, the association is
allowed. Therefore, the effect of inter-radio load balancing is related to the actual STA behaviors.
Configuration Steps

Enabling Inter-radio Traffic Balancing

(Mandatory). The configuration is performed on the AC. After the function is enabled, traffic is balanced whenever
possible among different radios of the same AP.

This function can be enabled for a single AP, all APs in an AP group, or all APs (configured in ap-config all mode).
Command
inter-radio-balance flow-balance enable
Parameter
N/A
Description
Defaults
Inter-radio traffic balancing is disabled.
Command
AP configuration mode, AP group configuration mode
Mode
Usage Guide
N/A

Enabling Inter-radio Number Balancing

(Mandatory)The configuration is performed on the AC. After the function is enabled, the number of STAs is balanced
whenever possible among different radios of the same AP.

This function can be enabled for a single AP, all APs in an AP group, or all APs (configured in ap-config all mode).
Command
inter-radio-balance num-balance enable
Configuration Guide
Parameter
Configuring STA Management
-
Description
Defaults
Inter-radio number balancing is disabled.
Command
AP configuration mode, AP group configuration mode
Mode
Usage Guide
N/A

Configuring Inter-radio Load Balancing Parameters

(Optional) The configuration is performed on the AC. Parameters can be adjusted based on actual requirements of
network optimization.

Run the inter-radio-balance flow-balance dual-band enable-load en-num threshold thrs-num command to
configure the trigger threshold and the load threshold for traffic balancing among inter-frequency radios. A smaller
trigger threshold indicates that it is easier to enable load balancing. A smaller load threshold indicates that the load is
better balanced.

Run the inter-radio-balance flow-balance same-band enable-load en-num threshold thrs-num command to
configure the trigger threshold and the load threshold for traffic balancing among intra-frequency radios. A smaller
trigger threshold indicates that it is easier to enable load balancing. A smaller load threshold indicates that the load is
better balanced.

Run the inter-radio-balance num-balance dual-band enable-load en-num threshold thrs-num command to
configure the trigger threshold and the load threshold for number balancing among inter-frequency radios. A smaller
trigger threshold indicates that it is easier to enable load balancing. A smaller load threshold indicates that the load is
better balanced.

Run the inter-radio-balance num-balance same-band enable-load en-num threshold thrs-num command to
configure the trigger threshold and the load threshold for number balancing among intra-frequency radios. A smaller
trigger threshold indicates that it is easier to enable load balancing. A smaller load threshold indicates that the load is
better balanced.
Command
inter-radio-balance flow-balance dual-band enable-load en-num threshold thrs-num
Parameter
en-num: Indicates the trigger threshold. The unit is 100 kbps. The value ranges from 1 to 1000.
Description
thrs-num: Indicates the load threshold. The unit is 100 Kbps. The value ranges from 1 to 1000.
Defaults
By default, both the trigger threshold and the load threshold are 10.
Command
AP configuration mode, AP group configuration mode
Mode
Usage Guide
N/A
Command
inter-radio-balance flow-balance same-band enable-loade n-num threshold thrs-num
Parameter
en-num: Indicates the trigger threshold. The unit is 100 kbps. The value ranges from 1 to 1000.
Description
thrs-num: Indicates the load threshold. The unit is 100 Kbps. The value ranges from 1 to 1000.
Defaults
By default, both the trigger threshold and the load threshold are 5.
Command
AP configuration mode, AP group configuration mode
Mode
Usage Guide
N/A
Configuration Guide
Configuring STA Management
Command
inter-radio-balance num-balance dual-band enable-load en-num threshold thrs-num
Parameter
en-num: Indicates the trigger threshold. The value ranges from 1 to 20.
Description
thrs-num: Indicates the load threshold. The value ranges from 1 to 20.
Defaults
By default, both the trigger threshold and the load threshold are 8.
Command
AP configuration mode, AP group configuration mode
Mode
Usage Guide
N/A
Command
inter-radio-balance num-balance same-band enable-load en-num threshold thrs-num
Parameter
en-num: Indicates the trigger threshold. The value ranges from 1 to 1000.
Description
thrs-num: Indicates the load threshold. The value ranges from 1 to 1000.
Defaults
By default, both the trigger threshold and the load threshold are 10.
Command
AP configuration mode, AP group configuration mode
Mode
Usage Guide
N/A
Verification

Number balancing: Run the show ap-config summary command to check whether the difference in the number of
STAs between radios of the AP where load balancing is within the threshold.

Traffic balancing: Run the show ac-config client command to check whether the traffic difference between radios of
the AP where load balancing is enabled is within the threshold.
Configuration Example

Enabling Inter-radio Number Balancing on All APs in the Default AP Group.
Scenario
Figure2-5
Configuration

Enter the default AP group configuration mode.
Steps

Enable inter-radio number balancing.
AC
AC# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
AC(config)#ap-group default
AC(config-group)#inter-radio-balance num-balance enable
Configuration Guide
Configuring STA Management
Verification

AC
AC# show run | begin ap-group default
Run the show run command and check the configurations.
ap-group default
inter-radio-balance num-balance enable
Common Errors

N/A
2.4.5 Configuring Association Control
Configuration Effect

Secondary STAs must be associated with APs in the same group as the primary STA when being associated.
Notes

When a package is deleted, all its related configurations are deleted as well. If some STAs in this package are
currently associated, all these STAs will be deassociated.

A package can only be configured with one primary STA. If the information about the primary STA in the package is
configured for multiple times, the latest configuration prevails.

When a primary STA is deleted from a package, the primary STA and all secondary STAs in this package may be
deassociated.

When a secondary STA is deleted from a package, this secondary STA may be deassociated.

The association control zone name cannot be duplicated; otherwise, an error will be prompted. In addition, if an
association control zone is deleted, all configurations related to this zone will be deleted. Consequently, STAs in the
package associated with this control zone may be deassociated.

When the AP information in an association control zone is deleted, STAs in the package associated with this AP be
deassociated.
Configuration Steps

Configuring a Package

(Mandatory) The configuration is performed on an AC or a fat AP.

The primary and secondary STA information can be configured only after a package is configured.
Command
package pkg-name
Parameter
pkg-name: Indicates the name of a package. The package name is a string of 1 to 32 characters.
Description
Defaults
No package is configured by default.
Command
Global configuration mode
Mode
Usage Guide
N/A
Configuration Guide
Configuring STA Management

Configuring the Primary and Secondary STAs in a Package

(Mandatory) The configuration is performed on an AC or a fat AP.

Run the primary-sta command to configure the primary STA. Only one primary STA can be configured. The
secondary STAs will be associated with APs in the same group as the primary STA.

Run the secondary-sta command to configure a secondary STA. After the secondary STA is configured, the
secondary STA will be associated with an AP in the same group as the primary STA.
Command
primary-sta mac-address
Parameter
mac-address: Indicates the MAC address of the STA.
Description
Defaults
No primary STA is configured by default.
Command
Package configuration mode
Mode
Usage Guide
N/A
Command
secondary-sta mac-address
Parameter
mac-address: indicates the MAC address of the STA.
Description
Defaults
No secondary STA is configured by default.
Command
Package configuration mode
Mode
Usage Guide
-

Configuring an Association Control Zone

(Mandatory) The configuration is performed on an AC or a fat AP.

Configure an association control zone.

APs can be added to an association control zone only after this association control zone is configured.
Command
control-zone czone-name
Parameter
czone-name: Indicates the name of an association control zone. The name is a string of 1 to 64 characters.
Description
Defaults
No association control zone is configured by default.
Command
Global configuration mode
Mode
Usage Guide
N/A

Adding an AP to an Association Control Zone

(Mandatory) The configuration is performed on an AC or a fat AP.

Add an AP to an association control zone.

Association control can be performed on only APs that are added to the association control zone.
Command
ap WORD
Parameter
WORD: Indicates the name of an AP. The name is a string of 1 to 64 characters.
Configuration Guide
Configuring STA Management
Description
Defaults
No AP is added to an association control zone by default.
Command
Association control zone configuration mode
Mode
Usage Guide
N/A

Enabling the Association Control Function

(Mandatory) The configuration is performed on an AC or a fat AP.The assoc-control command must be used to
enable the association control function.

Enable the association control function.
Command
assoc-control
Parameter
N/A
Description
Defaults
The association control function is disabled by default.
Command
Global configuration mode
Mode
Usage Guide
N/A
Verification

Verify that secondary STAs can be associated with APs in the same group as the primary STA.
Configuration Example

Configuring the E-bag in Fit AP Structure.
Scenario
Figure2-6
Configuratio

Configure packages and related primary STAs and secondary STAs.
n Steps

Configure association control zones and related APs.

Enable the association control function.
AC
AC#configure terminal
Configuration Guide
Configuring STA Management
Enter configuration commands, one per line. End with CNTL/Z.
AC(config)# package Cart 1
AC(config-package)#primary-sta 00d0.f800.0001
AC(config-package)#secondary-sta 00d0.f800.0002
AC(config-package)#secondary-sta 00d0.f800.0003
AC(config-package)#exit
AC(config)# control-zone Classroom 1
AC(config-czone)#apAP1
AC(config-czone)#exit
AC(config)# control-zone Classroom 2
AC(config-czone)# apAP2
AC(config-czone)#exit
AC(config)#assoc-control
Verification

Display the association control running state.

Display the package configuration.

Display the association control zone configurations.
AC#show assoc-control
AC
Association control is enabled.
AC# show package
total package num : 1
========= Cart 1 =========
primary STA : 00d0.f800.0001
secondary STA num : 2
00d0.f800.0002
00d0.f800.0003
AC# show control-zone
control zone num : 2
control-zoneAP
------------Classroom 1
AP1 00d0.f800.889e
Classroom 2
AP2 00d0.f800.889f
Common Errors

N/A
------------------------
Configuration Guide
Configuring STA Management
2.4.6 Configuring STA Management
Configuration Effect

STAs are deassociated if no traffic is detected on the STAs within the specified time.
Notes

N/A
Configuration Steps

Configuring the STA Aging Time

(Optional) The configuration is performed on an AC or a fat AP.

A shorter time configured indicates that a STA without traffic can be detected and deassociated in a faster manner.
Command
sta-idle-timeout value
Parameter
value: Indicates the aging time in second. The value ranges from 60 to 86400.
Description
Defaults
300s
Command
AP configuration mode
Mode
Usage Guide
N/A
Verification

Check whether the STA aging time is successfully configured.
Configuration Example

Configuring the STA Aging Time
Scenario
Figure2-7
Configuratio

Configure the STA aging time.
n Steps
AC
AC# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
AC(config)# ap-config ap1
AC(config-ap)# sta-idle-timeout 15
Configuration Guide
Verification

Configuring STA Management
After the CAPWAP tunnel is established between an AP and an AC, check the configuration
information.
AC# show ap-config running
AC
ap-config ap1
sta-idle-timeout 15
!
Common Errors

N/A
2.4.7 Configuring STA Informational Syslog Suppression
Configuration Effect

Even STAs are frequently associated or deassociated, the number of informational syslogs output per second does
not exceed the limit.
Notes

N/A
Configuration Steps

Configuring the Syslog Suppression Rate

(Optional) The configuration is performed on the AC.

Configure the syslog suppression rate. A larger rate configured indicates that more syslogs can be output per second.
Command
sta-logging rate-limit limit-num
Parameter
limit-num: Indicates the rate, which is expressed in records per seconds. The value ranges from 0 to
Description
10000.
Defaults
By default, less than five syslog records are output per second, that is, the maximum syslog output rate is
5 records per second.
Command
AC configuration mode
Mode
Usage Guide
N/A
Verification

Run the show running command to check whether the syslog suppression rate is successfully configured.
Configuration Example

Configuring the STA Informational Syslog Suppression Function.
Configuration Guide
Configuring STA Management
Scenario
Figure2-8
Configuratio

Configure the STA informational syslog suppression function.
n Steps
AC# configure terminal
AC
Enter configuration commands, one per line. End with CNTL/Z.
AC(config)# ac-controller
AC(config-ac)# sta-logging rate-limit 50
Verification

After the CAPWAP tunnel is established between an AP and an AC, check the configuration
information.
AC# show running
AC
ac-controller
sta-logging rate-limit 50
!
Common Errors

N/A
2.5 Monitoring
Displaying
Description
Command
Displays the information about all STAs connected to the
show ac-config client [ by-ap-name | 802.11a | 802.11b |
AC.
802.11n | 802.11g | 802.11ac | other ]
Displays the detailed information about a specified STA.
show ac-config client detail mac-address
Displays the statistics of all STAs.
show ac-config client statistic
Displays the detailed configuration of the traffic-based
show ac-config flow-balance summary
balancing group.
Displays the detailed configuration of the number-based
show ac-config num-balance summary
balancing group.
Displays the status of the association control function.
show assoc-control
Configuration Guide
Configuring STA Management
Displays the association control zone configuration.
show control-zone [ summary | czone-name ]
Displays the package configuration.
show package [ pkt-name ]
Displays the STAs in the blacklist.
show sta-blacklist
Displays the 802.11ac wave2 information.
show ac-config client 11ac-wave2
Configuration Guide
Configuring CAPWAP
3. Configuring CAPWAP
3.1 Overview
Control And Provisioning of Wireless Access Points (CAPWAP) is a protocol proposed to address the issue of large-scale
access point (AP) deployment on the wireless local area network (WLAN).
On a fit AP network, the access controller (AC) manages all APs in a unified manner through CAPWAP. The AC pushes
control polices to specified APs, instead of configuring APs one by one. CAPWAP is used to set up the control channel and
the data channel between an AP and an AC. The control channel is used by ACs to configure APs, or by APs to send event
notifications to ACs. The data channel is used to exchange data packets between APs and ACs.
Protocols and
Standards

RFC5415: Control And Provisioning of Wireless Access Points (CAPWAP) Protocol Specification

RFC5416: Control and Provisioning of Wireless Access Points (CAPWAP) Protocol Binding for IEEE 802.11

RFC5417: Control And Provisioning of Wireless Access Points (CAPWAP) Access Controller DHCP Option
3.2 Applications
Application
Description
Dynamically Setting up a CAPWAP
An AP accesses an AC through switches. The DCHP server is deployed on the
Tunnel
switch connected to APs. The AP obtains the AC address dynamically through
DHCP to set up a CAPWAP tunnel with the AC.
Statically Setting up a CAPWAP
An AP accesses an AC through switches. The static IP address of the AC is
Tunnel
configured on the AP. The AP sets up a CAPWAP tunnel with the AC based on the
configured static IP address of the AC.
Upgrading APs
After a CAPWAP tunnel is set up between an AC and each AP, the AC
upgradesAPs in a large scale through CAPWAP.
3.2.1 Dynamically Setting up a CAPWAP Tunnel
Scenario
APs access the AC through switches. The DCHP server is deployed on the switch connected to APs. On the DHCP server,
the DHCP address pool is configured and Option138 is pushed, where Option138 is the IP address of the AC. The AP
obtains the AC address and sets up a CAPWAP tunnel with the AC. As shown in Figure 3-1, the AC, switches (SwitchA and
SwitchB), and APs (AP1 and AP2) are connected with each other through the trunk ports. PC1 is connected to AP1, and
PC2 is connected to AP2.
Configuration Guide
Configuring CAPWAP
Figure 3-1
Deployment

APs do not need to be configured one by one on a fit AP network. When an AP is powered on, the IP address must be
obtained first. Therefore, a DHCP server must be deployed on the network. If the DHCP server is not deployed, the
DHCP function of the AC is used to implement functions of the DHCP server.

The AC communicates with the AP through the Layer3 (L3) switch, and the DHCP server must send Option138, which
contains the IP address of the AC. After obtaining the IP address of the AC, the AP sets up a CAPWAP
communication tunnel with the AC.

On the AC, configure a loopback interface address, or run the capwap ctrl-ip ip-address command to configure the
source address for setting up a CAPWAP tunnel.

Configure a route to implement interworking between the AC and the IP address obtained by the AP.
3.2.2 Statically Setting up a CAPWAP Tunnel
Scenario
The AP sets up a CAPWAP tunnels with the AC based on the configured static IP address of the AC. An AP accesses an
AC through switches. The topology is the same as that shown in Figure 3-1.
Deployment

Configure the static IP addresses of ACs. The AP will send the Discover Request messages to these static IP
addresses to check the effectiveness of ACs, and then select and join an AC.

On the AC, configure a loopback interface address as the source address for setting up a CAPWAP tunnel.

Configure a route to implement interworking between the AC and the IP address obtained by the AP.
3.2.3 Upgrading APs
Scenario
The AP obtains the AC address based on the configured static IP address of the AC or from the DHCP server, and sets up a
CAPWAP tunnel with the AC. The AP accesses the AC through switches. The topology is the same as that shown in Figure
3-1.
Configuration Guide
Configuring CAPWAP
Deployment

On the AC, configure an IP interface address as the source address for setting up a CAPWAP tunnel.

Configure a route to implement interworking between the AC and the IP address obtained by the AP.

On the AC, activate the AP software that is stored locally.
3.3 Features
Basic Concepts

STA, AP, and AC
STA:It is a wireless workstation that is equipped with the wireless network interface card (NIC), such as a laptop computer
or a mobile phone.
AP: It is a wireless access point that provides radio signals so that the STA can access the wireless network.
AC: It is a wireless access controller that provides wireless connection and related service functions.

Control channel and data channel
Control channel: It is used by ACs to configure APs, or by APs to send event notifications to ACs.
Data channel: It is used to exchange data packets between APs and ACs.

AC discovery
AC discovery phase: An AP can send a discover request message by means of broadcast, multicast, DHCP, DNS, or static
configuration to detect ACs, select an optimum AC from one or more ACs, join the AC, and set up a CAPWAP session with
the AC.

Datagram Transport Layer Security (DTLS)
The CAPWAP control channel uses the DTLS protocol for key negotiation and encryption.

Option
The Option information sent by the DHCP server can carry the IPv4 or IPv6 address of an AC. The AP obtains the AC
address from the Option information sent by the DHCP server.
The AP can obtain the IP address of an AC using Option 138 or Option 43, or obtain the IPv6 address of an AC using
Option 52. When configuring the DHCP server of the AP, you must configure the related options to set the IP address of the
AC; otherwise, the AP cannot discover the AC through DHCP discovery.
Option 138 and Option 52 are standard formats defined in RFC5417, and Option 43 is defined by vendors. Currently,
Option 43 in the following formats can be analyzed:
Format 1: Assume that the IP address of a specified AC is 1.1.1.1. The corresponding configuration is Option 43 hex
f10401010101.
01234567890123456789012345678901
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
option-code
| option-length | Sub-opt Type
|
Sub-opt Len
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Configuration Guide
|
Configuring CAPWAP
Server Address
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
option-code: indicates the option code. In this example, the option code is 43 in decimal format.
option-length: indicates the length of the option data, which excludes option-code and option-length.
Sub-opt Type: indicates the sub-option type. In this example, the sub-option type is 0xF1, that is, 241 in decimal format.
Sub-opt Len: indicates the length of the sub-option, which is equal to (Number of addresses x 4).
Server Address: indicates the server address.
Format 2: Assume that the IP address of a specified AC is 1.1.1.1. The corresponding configuration is option 43 hex
800700000101010101.
01234567890123456789012345678901
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
option-code
| option-length | Sub-opt Type
|
Sub-opt Len
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
PXE Server Type
| PXE Server Num|
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
PXE Server Address
|
…
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
option-code: indicates the option code. In this example, the option code is 43 in decimal format.
option-length: indicates the length of the option data, which excludes option-code and option-length.
Sub-opt Type: indicates the sub-option type. In this example, the sub-option type is 0x80, that is, 128 in decimal format.
Sub-opt Len: indicates the length of the sub-option, which is equal to (Number of addresses x 4 +3).
Server Type: indicates the server type. The value is 0x0000.
Server Num: indicates the number of server addresses.
Server Address: indicates the server address.
Format 3: Assume that the IP address of a specified AC is 1.1.1.1. The corresponding configuration is option 43 hex
01010101.
01234567890123456789012345678901
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
option-code
| option-length | Server Address
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Server Address
|
… |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
option-code: indicates the option code. In this example, the option code is 43 in decimal format.
option-length: indicates the length of the option data, which excludes option-code and option-length.
Server Address: indicates the server address.
Configuration Guide
Configuring CAPWAP
Overview
Feature
Description
Discovering an AC
The AP discovers potential ACs.
by an AP
Joining an AC by an
The AP selects an optimum AC from one or more ACs, joins the AC, and sets up a CAPWAP
AP
tunnel with the AC.
Upgrading APs
After a CAPWAP tunnel is set up between an AC and each AP, the AC upgrades APs in a large
scale.
Forwarding Data on
After a CAPWAP tunnel is set up between an AC and each AP, data packets can be exchanged
the Tunnel
through the data channel.
3.3.1 Discovering an AC by an AP
An AP discovers potential ACs by sending a Discovery Request message.
Working Principle
As soon as an AP is connected to the network, the AP enters the process of discovering ACs. The AP sends a Discovery
Request message by means of broadcast, multicast, or unicast If unicast is used, the AP obtains the AC IP address list
through the DHCP server, DNS, or configuration of the static AC IP addresses.
3.3.2 Joining an ACby an AP
The AP selects an optimum AC from one or more ACs, joins the AC, and sets up a CAPWAP tunnel with the AC.
Working Principle
The AP sends a Discovery Request message to ACs. ACs that receive the Discovery Request message return a Discovery
Response message to the AP. Among the ACs that send the response message, the AP selects an optimum AC, and sets
up a DTLS connection with this AC. After the DTLS connection is successfully set up, the AP sends a Join Request
message. The AC returns a Join Response message to confirm that the AP is added to the management scope of the AC,
and starts to provide services for this AP.
3.3.3 Upgrading APs
After a CAPWAP tunnel is set up between an AC and each AP, the AC upgrades APs in a large scale.
Working Principle
After an AP joins an AC, if the AP firmware version expires, the AP enters the firmware upgrade process. The AP
downloads the latest firmware version from the AC, restarts after the successful upgrade, and reinitiates an AC discovery
process. If the AP firmware is of the latest version, the AP downloads configuration parameters from the AC and starts
running. Figure 3-2 shows the working principle.
Figure 3-2
Configuration Guide
Configuring CAPWAP
Figure 3-3 shows the typical upgrade scenario where the bandwidth is limited.
Figure 3-3
The following explains the configuration method for upgrading APs in a bank. Assume that the bank consists of one level-1
branch and multiple level-2 branches, and each branch has hundreds of outlets. One AP is deployed in one outlet, and the
AC is deployed in the level-1 branch. The bandwidth between the level-1 bank and the level-2 bank is 20 Mbps, and the
bandwidth between the level-2 bank and the outlet is 2 Mbps. To prevent affecting normal service provisioning of the bank,
the bandwidth occupied by the AP upgrade process cannot exceed 50% of the total available bandwidth. Assume that there
are eight level-2 branches, eight upgrade groups are configured on the AC, and APs of outlets under each level-2 branches
are added to the corresponding upgrade group. For each AP, the maximum available bandwidth is 1 Mbps. Therefore, a
bandwidth of 128 Kbps (1MByte = 128KByte) should be configured for each AP. Under each level-2 branch, the number of
APs that can be upgraded concurrently is 10 (10 Mbps/1 Mbps). In addition, it is recommended that the maximum number
Configuration Guide
Configuring CAPWAP
of APs that can be concurrently upgraded by an AC be set to the number of upgrade groups multiplied by the number of
APs that can be upgraded concurrently in a upgrade group, that is, 80.
3.3.4 Forwarding Data on the Tunnel
After a CAPWAP tunnel is set up between an AC and each AP, data packets can be exchanged over the data channel.
Working Principle
The CAPWAP sets up a control channel and a data channel between APs and ACs. The control channel is used by ACs to
configure APs, or by APs to send event notifications to ACs, and must be encrypted. The data channel is used to exchange
the 802.11 or 802.3 frames between APs and ACs. When running on the IPv4 protocol stack, the CAPWAP uses the UDP
for data transmission. When running on the IPv6 protocol stack, the CAPWAP uses the UDP over the control channel, and
UDP or UDP-lite over the data channel for data transmission.
3.4 Configuration
Configuration
Description and Command
(Optional) It is used to configure the location information of an AC.
Configuring the AC Location
location
Configuring the version number
Configures the location information of an AC so that
the physical location of the AC can be viewed.
(Optional) It is used to configure the version number.
set-version
Configures the version number,
(Optional) It is used to configure the location information of an AP.
Configuring the AP Location
location
Configuring AP Time
Synchronization
Configuring the Default VLAN
of an AP
Configuring the transmission
VLAN
Configures the location information of an AP so that
the physical location of the AP can be viewed.
(Optional) It is used to enable the AP to synchronize the time with the AC.
timestamp
Enables the AP to synchronize the time with the
AC.
(Optional) It is used to configure the native VLAN of an AP.
ap-vlan
Configures the default VLAN of an AP.
(Optional) It is used to configure the transmission VLAN of an AP.
pass-vlan
Configures the transmission VLAN of an AP.
(Optional) It is used to configure the VLAN of wired users when the AP provides an
Configuring the VLAN of AP
Ethernet interface for access of wired users.
Wired Users
wired-vlan
Configures the VLAN used by the wired network
port.
Configuration Guide
Configuring CAPWAP
(Optional) It is used to disable wired network ports when the AP provides Ethernet
Configuring the Wired Network
ports for access of wired users.
Port Status of an AP
wired-interface
(Optional) It is used to configure the sub-interface of the WAN interface on the AP.
Configuring the Sub-Interface
of the WAN Interface on the AP
Disables wired network ports of an AP.
ap-subif
Configures the sub-interface of the WAN interface
on the AP.
(Optional) It is used to configure an AP on the AC to set up a CAPWAP tunnel.
ac-domain-name
acip ipv4
Configuring Data to Allow an
AP to Join an AC
acip ipv6
ip address
Configures the DNS domain name of the AP, which
is used to obtain the AC address.
Configures the static IP address of the AC
accessed by the AP.
Configures the static IPv6 address of the AC
accessed by the AP.
Configures the static IP address, subnet mask, and
gateway.
ipv6 address
Configures the static IPv6 address and gateway.
ipv6 enable
Enables the CAPWAP IPv6 function on the AP.
(Optional) It is used to configure the ERPS ring.
Configuring the ERPS ring
ap-cfg erps raps-vlan
Configures the EPRS ring.
(Optional) It is used to configure an AP via an AC.
Configuring an AP via an AC
exec-cmd
Executes ap-config commands on an AP/AP group
via an AC.
(Optional) It is used to perform pre-configuration on an AP to set up a CAPWAP
tunnel.
acip ipv4
acip ipv6
Configuring a Fit AP
Configures the static IP address of the AC
accessed by the AP.
Configures the static IPv6 address of the AC
accessed by the AP.
Configures the static IP address, subnet mask, and
apip
gateway.
apip ipv6 address
Configures the static IPv6 address and gateway.
apip ipv6 address autoconfig
Enables the AP to use the IPv6 stateless address
default
autoconfiguration and generates a default route.
apip ipv6 enable
Enables the IPv6 function of the AP.
apip pppoe
Enables the AP to use the PPPoE dial-up mode to
obtain the address.
Configuring AP Upgrade
(Optional) It is used to configure the AP upgrade data.
Configuration Guide
Configuring CAPWAP
Creates the name of an AP product series, and
ap-serial
specifies the AP product models that belong to this
series.
In AP configuration mode, configures the specified
AP upgrade version.
ap-image
In AC configuration mode, configures the specified
AP software version that should be used by a
specified AP product series for the upgrade, or sets
the adaptive upgrade mode.
active-bin-file
Activates the AP software version file.
capwapupgrade
Configures the maximum number of APs that can
max-concurrent
be concurrently upgraded by the AC.
capwap upgrade group
ap-upgrade band-width
ap-upgrade group
In AC configuration mode, createsa bandwidth
control upgrade group.
In AC configuration mode, configures the
bandwidth for centralized AP upgrade.
In AC configuration mode, adds APs to the
bandwidth control upgrade group.
(Optional) It is used to configure the control IP address of the CAPWAP tunnel.
Configuring the CAPWAP
Control Address
When this address is not configured, the address of the loopback interface is used
as the control IP address by default.
capwap ctrl-ip
Configures the control IP address of the CAPWAP
tunnel.
(Optional) It is used to configure CAPWAP fragmentation.
Configuring CAPWAP
capwap mtu
Fragmentation
capwap fragment enable
Configuring CAPWAP
Encryption
Configures the maximum transmission unit (MTU)
on the tunnel of a specified AP.
Enables CAPWAP fragmentation for a specified
AP.
(Optional) It is used to configure CAPWAP encryption.
capwap dtls enable
Enables encryption on the CAPWAP control
channel.
(Optional) It is used to control the maximum number of APs that can concurrently
Configuring CAPWAP Access
go online.
Control
capwap max-concurrent
Configuring the Echo Interval of
the CAPWAP Tunnel
Configuring the Maximum
Configures the maximum number of APs that can
concurrently go online.
(Optional) It is used to configure the echo interval of the CAPWAP tunnel.
echo-interval
Configures the echo interval of the CAPWAP
tunnel.
(Optional) It is used to configure the maximum transmission times of a CAPWAP packet.
Configuration Guide
Configuring CAPWAP
Retransmission Times of a
CAPWAP Packet
capwap max-retransmit
Configures the maximum transmission times of a
CAPWAP packet.
3.4.1 Configuring the AC Location
Configuration Effect

Configure the location information of an AC so that users can conveniently check the locations of ACs on the WLAN.
Notes

The location information is a string of 1 to 255 characters, and cannot contain any space.
Configuration Steps

(Optional) Configure the AC location so that users can conveniently check the locations of ACs when a large number
of ACs exist on the network.

Enter the AC configuration mode, and run the location command to configure the AC location on the AC.

Use the no form of this command to restore the default setting.
Command
locationlocation-string
Parameter
location-string: indicates the location of an AC. The location is a string of 1 to 255 characters, and cannot
Description
contain any space.
Defaults
Ruijie_COM
Command
AC configuration mode
Mode
Usage Guide
The AC location information is Ruijie_COM by default. You can configure the location information for each
AC according to actual requirements so that you can conveniently check the AC location on the WLAN.
Verification

Run the show ac-config command to display the AC location information and accordingly determine whether the
configuration is successful.
Configuration Example

Configuring the AC location information as "computer-layer2"
Configuratio

Enter the AC configuration mode.
n Steps

Configure the AC location information.
AC
Ruijie(config)#ac-controller
Ruijie(config-ac)# locationcomputer-layer2

AC
Use the no form of this command to restore the default AC location information.
Ruijie(config)#ac-controller
Ruijie(config-ac)#no location
Verification
Run the show ac-config command to display the current location of the AC.
Configuration Guide
AC
Configuring CAPWAP
Ruijie#show ac-config
ac location
:Ac_COM
Common Errors

N/A
3.4.2 Configuring the Customized Version Number
Configuration Effect

Customize the firmware version.
Notes

The customized version number contains a maximum of 63 characters.
Configuration Steps

Optional.

Run this command to configure the customized firmware version number.

Use the no form of this command to restore the default settings.
Command
set-version string
Parameter
string: indicates the customized version number.
Description
Defaults
N/A
Command Mode
AC configuration mode
Usage Guide
This command is used to configure the firmware version number of the AC and push the firmware
version number to APs.
Verification

Run the show version command to display the version number.
Configuration Example

Configuring the Customized Firmware Version Number to RGOS 10.4(2B17)-SP2
Configuration
Steps
AC
Enter the AC configuration mode.
Configure the customized version number.
Ruijie(config)#ac-controller
Ruijie(config-ac)# set-version RGOS 10.4(2B17)-SP2
Verification
Run the show version command to display the version number.
Configuration Guide
Configuring CAPWAP
Ruijie#show version
AC
System software version : RGOS 10.4(2B17)-SP2
Common Errors
N/A
3.4.3 Configuring the AP Location
Configuration Effect

Configure the location information of an AP.
Notes

The AP location information is a string of 1 to 255 characters, and cannot contain any space.
Configuration Steps

Configuring the AP location information

Optional.

Run the location command to configure the AP location information.

You can enter the AP configuration mode and configure the AP location information on the AC so that you can
conveniently learn the physical location of the AP.
Command
locationlocation-string
Parameter
location-string: indicates the location of an AP. The location is a string of 1 to 255 characters, and cannot
Description
contain any space
Defaults
Null
Command
AP configuration mode
Mode
Usage Guide
N/A
Verification

Run the show ap-config running command to display the AP location information.
Configuration Example

Configuring the location information of AP0001 as "AP-company"
Configuratio

Enter the AP configuration mode on the AC.
n Steps

Configure the location information of AP0001 as "AP-company".
AC
Ruijie(config)# ap-config AP0001
Ruijie(config-ap)# location AP-company
Verification

Run the show ap-config running command to display the location information of AP0001.
Configuration Guide
AC
Configuring CAPWAP
Ruijie#show ap-config running
!
ap-config AP0001
location AP-company
!
Common Errors

N/A
3.4.4 Configuring AP Time Synchronization
Configuration Effect

Enable a specified AP or all APs in an AP group to synchronize the time with the AC.
Notes

N/A
Configuration Steps

Enabling a specified AP or all APs in an AP group to synchronize the time with the AC

Optional.

To synchronize the time on the AP with that on AC, enter the AP or AP group configuration mode on the AC and run
the timestamp command.
Command
timestamp
Parameter
N/A
Description
Defaults
N/A
Command
AP configuration mode or AP group configuration mode
Mode
Usage Guide
N/A
Verification

Check whether the time on the AC is the same as that on the AP.
Configuration Example

Enabling AP0001 to synchronize the time with the AC
Configuratio

Enter the AP configuration mode on the AC.
n Steps

Enable AP0001 to synchronize the time with the AC.
AC
Ruijie(config)# ap-config AP0001
Ruijie(config-ap)# timestamp
Configuration Guide
Configuring CAPWAP
Run the show clock command to display the time on the AP0001 and the AC.
Verification

AC
Ruijie#showclock
16:41:05 UTC Thu, Oct 17, 2013
Common Errors

N/A
3.4.5 Configuring the Default VLAN of an AP
Configuration Effect

The AP automatically removes the TAG from a frame that contains the native VLAN before forwarding the frame. That
is, in local forwarding mode, when the VLAN of the user is the same as the native VLAN, the frame of the user does
not contain the TAG when forwarded, and the access switch determines the VLAN to which the user belongs.
Notes

After this command is executed, an online AP will go offline and then the connection will be set up again.

When a wireless distribution system (WDS) is deployed, the same AP-VLAN must be planned for the ROOT-BRIDGE
and NONROOT-BRIDGE devices; otherwise, the NONROOT-BRIDGE devices cannot share the same address pool
with the ROOT-BRIDGE devices or the NONROOT-BRIDGE devices cannot even forward packets properly.

This command is configured only in local forwarding mode when both the VLANs of STAs on a WLAN and APs must
be determined by the access switch, whereas STAs on another WLAN must belong to VLAN 1 but the native VLAN of
the access switch is not VLAN 1. Generally, this configuration is not required.

If the static DHCP address pool is configured, and the client ID is specified to use Bridge-Group Virtual Interface (BVI)
1, configuration of this command will change the BVI interface of the AP. In this case, the DHCP server configuration
must be modified; otherwise, the address cannot be obtained.

If the AP uses the PPPoE dial-up mode to obtain the address, the CAPWAP module on the AP will select dialer 1 as
the source interface, and the STA traffic will be forwarded without containing the TAG. Therefore, this command is
meaningless.
Configuration Steps

Configuring the default VLAN of an AP

Optional.

When planning of the users' native VLANs is required, you can configure the same VLAN as the default VLAN of an
AP and the VLAN of the user. In this way, both the VLAN of the user and the VLAN of the AP are determined by the
access switch.
Command
ap-vlanvlan-id
Parameter
vlan-id: indicates the ID of the specified VLAN. The VLAN ID ranges from 1 to 4094. The default value is
Description
1.
Defaults
1
Command
AP configuration mode or all AP (ap-config all) configuration mode
Configuration Guide
Configuring CAPWAP
Mode
Usage Guide
The AP automatically removes the TAG from a frame that contains the native VLAN before forwarding the
frame. That is, in local forwarding mode, when the VLAN of the user is the same as the native VLAN, the
frame of the user does not contain the TAG when forwarded, and the access switch determines the VLAN
to which the userbelongs.
Verification

Run the show runningcommand to display the configurations of all APs, or the show ap-config running command
to display the configurations of a specified AP.
Configuration Example

Setting the VLAN ID of the native VLAN of AP1 to 20
Configuratio

Enter the AP configuration mode on the AC.
n Steps

Set the VLAN ID of the native VLAN of AP1 to 20.
AC
Ruijie(config)# ap-config AP1
Ruijie(config-ap)# ap-vlan20
Verification

AC
Ruijie#show ap-config running
Run the show ap-config running command to display the location information of AP1.
!
ap-config AP1
ap-vlan 20
!
Common Errors
According to the planning, the native VLAN of the switch is VLAN 20, and all wireless/wired users and APs belong to VLAN
20. The following configurations are incorrect:
On the AC:
Ruijie(config)# ap-configAP120
Ruijie(config-ap)# wired-vlan20
Ruijie(config-ap)# exit
Ruijie(config)#wlan-config 1 ssid
Ruijie(config-wlan)#tunnel local
Ruijie(config-wlan)#exit
Ruijie(config)#ap-group default
Ruijie(config-ap-group)#interface-mapping 1 20 radio 1
On the switch:
Configuration Guide
Configuring CAPWAP
Ruijie(config)#interface GigabitEthernet 0/1
Ruijie(config-if-GigabitEthernet 0/1)# switchport mode trunk
Ruijie(config-if-GigabitEthernet 0/1)#switchport trunk native vlan 20
The configurations here are incorrect because the VLAN of users is different from the native VLAN of APs. Therefore, the
uplink packets of APs contain TAG 20 when forwarded, and the access switch transparently forwards VLAN 20 and assigns
addresses to users. As the native VLAN of the switch is VLAN 20, the downlink packets do not contain the TAG when
forwarded. The Native VLAN of APs is 1 by default. Therefore, the packets cannot be forwarded to users, and the wireless
and wired users cannot obtain their addresses.
Either of the following methods can be used to modify the configurations:
Method 1: Change wired-vlan 20 to wired-vlan 1 and interface-mapping 1 20 radio 1 to interface-mapping 1 1 radio 1,
and the native VLAN of the switch remains unchanged.
Method 2: Add the native VLAN configurations for APs, and other configurations remain unchanged.
On the AC:
Ruijie(config)# ap-configAP120
Ruijie(config-ap)# ap-vlan 20
3.4.6 Configuring the Transmission VLAN for an AP
Configuration Effect

When the i-Share+ APs are cascaded or a ring network is deployed, configure the transmission VLAN for the master
AP, so that STAs associated with different APs can forward packets if they are deployed in different VLANs.
Notes

The transmission VLAN cannot conflict with the VLANs specified by the interface-mapping, ap-vlan, and wired-vlan
commands, and cannot be VLAN 2444.
Configuration Steps

Configuring the Transmission VLAN for the AP

Optional.

When the i-Share+ APs are cascaded or a ring network is deployed, run this command to configure the transmission
VLAN, so that STAs associated with different APs can forward packets if they are deployed in different VLANs.
Command
pass-vlan vlan-range
Parameter
vlan-range: indicates the VLAN ID range. Multiple VLAN IDs can be specified. Separate two VLAN
Description
IDs by a comma (,) and separate two VLAN ID ranges by a hyphen (-).
Defaults
No VLAN is configured by default.
Command Mode
AP configuration mode
Usage Guide
1. This command can be configured for all APs but takes effect only on the i-Share+ master AP.
Configuration Guide
Configuring CAPWAP
2. When this command is run, the transmission VLAN will be created on the i-Share+ master AP, so
that the master AP can forward packets based on the transmission VLAN. In addition, the
transmission VLAN will be automatically pruned on the downlink port of the master AP, to prevent
broadcast and multicast packets of other master APs from being flooded to mini APs connected to the
master AP.
Verification

Run the show ap-config running command to display the AP configuration.
Configuration Example

Configuring the Transmission VLAN of AP1 to VLAN 20
Configuration
Steps

Enter the AP configuration mode of the AC.

Configure the transmission VLAN of AP1 to VLAN 20.
Ruijie(config)# ap-config AP1
AC
Ruijie(config-ap)# pass-vlan 20
Verification

Run the show ap-config running command to display transmission VLAN.
Ruijie#show ap-config running
AC
!
ap-config AP1
pass-vlan 20
!
Common Errors

N/A
3.4.7 Configuring the VLAN of Wired Users
Configuration Effect

Specify the VLAN of wired users when the AP provides an Ethernet interface for access of wired users.
Notes

This command can be configured on all APs, but the configurations take effect only on APs that are equipped with the
wired network ports.

If this command does not contain the port parameter, the same VLAN is configured for all the wired network ports.
When the same VLAN should be configured for four ports, the command without the port parameter is configured and
displayed.
Configuration Guide

Configuring CAPWAP
In wireless AP mode, the AP implements only the wireless access function, but does not assign addresses to users. In
this mode, if the VLAN used by the wired network port is configured the same as the VLAN of the AP, the VLAN of the
packets sent over the wired network port will be determined by the access switch, instead of the VLAN specified in
this command. If the packets sent over the wired network port must contain the TAG when forwarded, the native
VLAN of the access switch cannot be the same as the VLAN of the wired network port; otherwise, the packets cannot
be forwarded to the wired network port.

In wireless routing mode, the AP can assign addresses to users. In this mode, wired users obtain IP addresses from
the DHCP address pool, and the VLAN of the interface of the address pool must be the same as the VLAN specified
in this command.

When the configurations of the wired network port areautomatically saved on the AP and the VLAN of the wired
network port is different from the native VLAN of the AP, the AP cannot obtain the IP address of the LAN interface on
the AP after the AP is restarted, and management cannot be implemented through the wired network port. In this case,
the RESET key of the AP can be pressed and held to restore the factory settings.
Configuration Steps

Configuring the access VLAN of the AP wired network port

Optional.

To plan VLANs so that the VLAN of a wired user is different from the VLAN of the AP, run the wired-vlan command on
the AC.
Command
wired-vlanvlan-id[portport-id ]auto-save
Parameter
vlan-id: indicates the ID of the specified VLAN. The VLAN ID ranges from 1 to 4094. By default, the VLAN
Description
used by the wired network port is the same as the VLAN of the AP.
port-id: indicates the ID of the wired network port. The value ranges from 1 to 4.
auto-save: indicates that configurations are automatically saved on the AP. After the AP is restarted, the
configurations can be restored.
Defaults
By default,the VLAN used by the wired network port is not configured, indicating that this VLAN is the
same as the VLAN of the AP.
Command
AP configuration mode, all AP configuration mode, or AP group configuration mode
Mode
Usage Guide
The fit AP is started without being configured, and its configurations are sent from the AC. The auto-save
parameter can be configured to enable automatic saving of the wired network port configurations on the
AP. In this way, when the AP is disconnected from the AC, the wired network port configurations can be
restored after the AP is restarted, and users can still access the network through the wired network port.
Verification

Run the show running command to display the configurations of all APs, or the show ap-config running command
to display the configurations of a specified AP.
Configuration Example

Configuring VLAN 20 for the wired network port of AP1
Configuratio

Enter the AP configuration mode on the AC.
n Steps

Configure VLAN 20 for the wired network port of AP1.
Configuration Guide
AC
Configuring CAPWAP
Ruijie(config)# ap-config AP1
Ruijie(config-ap)# wired-vlan20
Verification

AC
Ruijie#show ap-config running
Run the show ap-config running command to display the configurations of AP1.
!
ap-config AP1
wired-vlan 20
!
Common Errors

N/A
3.4.8 Configuring the Wired Network Port Status of an AP
Configuration Effect

Enable or disable the wired network port of an AP.
Notes

This command can be configured on all APs, but the configurations take effect only on APs that are equipped with the
wired network ports.

If this command does not contain the port parameter, the same configurations are applied to all the wired network
ports. When all the four ports should be disabled, the command without the port parameter is configured and
displayed.

After the AP wired network port is disabled and the AP is restarted, management cannot be implemented through the
wired network port. In this case, you can press and hold the RESET key of the AP to restore factory settings.
Configuration Steps

Configuring the wired network port status of an AP

Optional.

To enable or disable wired network ports of an AP, run the wired-interface command on the AC.
Command
wired-interface[portport-id ]enable
Parameter
port-id: indicates the ID of the wired network port. The value ranges from 1 to 4.
Description
enable: indicates that the specified wired port is enabled.
Defaults
All the wired network portsare enabled by default.
Command
AP configuration mode, all AP configuration mode, or AP group configuration mode
Mode
Usage Guide
The wired network ports of APs can be disabled when APs provide the Ethernet ports for access of wired
users, but the application scenario does not require access to the wired network or deployment of the
Configuration Guide
Configuring CAPWAP
wired network is not completed yet.
Verification

Run the show running command to display the configurations of all APs, or the show ap-config running command
to display the configurations of a specified AP.
Configuration Example

Disabling all wired network ports of AP1
Configuratio

Enter the AP configuration mode on the AC.
n Steps

Disable all wired network ports of AP1.
AC
Ruijie(config)# ap-config AP1
Ruijie(config-ap)# no wired-interfaceenable
Verification

AC
Ruijie#show ap-config running
Run the show ap-config running command to display the configurations of AP1.
!
ap-config AP1
no wired-interfaceenable
!
Common Errors

N/A
3.4.9 Configuring the Sub-Interface of the WAN Interface on the AP
Configuration Effect

A wireless AP creates a sub-interface of the WAN interface by default so that the STA data contains the TAG when
forwarded. In wireless routing mode that AP can assign addresses to users, the users' gateway is located on the AP,
and the related packets do not need to contain the TAG when forwarded. Therefore, the ap-subif enable command
can be used to delete the sub-interface of the WAN interface on the AP to prevent an address conflict caused by the
same gateway address of STAs.
Notes

If the AP obtains the address in PPPoE dial-up mode, the sub-interface of the WAN interface on the AP will be
automatically deleted. In dial-up mode, this command cannot be used to configure the sub-interface of the WAN
interface on the AP.
Configuration Steps

Configuring the sub-interface of the WAN interface on the AP

Optional.
Configuration Guide

Configuring CAPWAP
In wireless routing mode, delete the sub-interface of the WAN interface on the AP; otherwise, an address conflict
occurs when a large number of packets are forwarded through the sub-interface because the gateway addresses of
users are the same.
Command
ap-subif enable
Parameter
N/A
Description
Defaults
A sub-interface of the WAN interface is created by default.
Command
AP configuration mode or all AP configuration mode
Mode
Usage Guide
N/A
Verification

Run the show running command to display the configurations of all APs, or the show ap-config running command
to display the configurations of a specified AP.
Configuration Example

Deleting the sub-interface of the WAN interface from AP1
Configuratio

Enter the AP configuration mode on the AC.
n Steps

Delete the sub-interface of the WAN interface from AP1.
AC
Ruijie(config)# ap-config AP1
Ruijie(config-ap)# no ap-subif enable
Verification

AC
Ruijie#show ap-config running
Run the show ap-config running command to display the configurations of AP1.
!
ap-config AP1
no ap-subif enable
!
Common Errors

N/A
3.4.10 Configuring Data to Allow an AP to Join an AC
Configuration Effect

Configure the static IP addresses of ACs. The AP will send the Discover Request messages to these static IP
addresses to check the effectiveness of ACs, and then select and joint an AC to set up a CAPWAP tunnel.
Configuration Guide
Configuring CAPWAP
Notes

A fit AP is generally not configured. It can discover ACs by means of broadcast, unicast, DHCP, or DNS, or join ACs
based on the statically configured AC addresses.

If the AP address is configured as the static address, the DHCP/DHCPv6 function will be disabled. In this case, the AC
address cannot be obtained from the DHCP/DHCPv6 option. Therefore, before this command is configured, you need
to configure the address of the connected AC in AP configuration mode so that the AP can discover and join the AC
when the AP and the AC are not in the same subnet.

If the current address of the AP is different from the address specified in the AC command, the AP static address will
be updated and the CAPWAP tunnel will be re-established. If IPv6 is not enabled on the AP, the CAPWAP tunnel will
not be re-established.

If both the IPv4 and IPv6 addresses of the AP are specified in the configuration, and IPv6 is enabled on the AP, the AP
will discover the IPv4 and IPv6 ACs simultaneously.
Configuration Steps

Configuring the static AC address

Optional.

The AC address can be obtained through DHCP or DNS. Alternatively, the static AC address can be configured in AP
configuration mode on the AC or configured on the AP.

When the AC address is obtained in static mode, run the acip ipv4 or acip ipv6 command to configure the static AC
address.
Command
acip ipv4ip-address[ip-address…]
Parameter
ip-address: indicates the static IP address. At most six static addresses can be configured.
Description
Defaults
No static AC IP address is configured by default.
Command
Global configuration mode on the AP or AP configuration mode on the AC
Mode
Usage Guide
-
Command
acip ipv6 ipv6-address[ipv6-address…]
Parameter
ipv6-address: indicates the static IP address. At most six static addresses can be configured.
Description
Defaults
N/A
Command
Global configuration mode on the AP or AP configuration mode on the AC
Mode
Usage Guide
N/A

Configuring the domain name used by the AP to discover the AC

(Optional) Run the ac-domain-name command to configure the DNS domain name on the AC so that the AP can
discover the AC based on the DNS domain name.

When the AC address is obtained in dynamic mode, configure the DNS domain name on the AC. The AC address can
be obtained based on the DNS domain name.
Configuration Guide

Configuring CAPWAP
Generally, if the DNS domain name is not configured, the AP cannot obtain the IP address of the AC through the
DNS.
Command
ac-domain-nameac-domain-name
Parameter
ac-domain-name: indicates the AC domain name.
Description
Defaults
ac.ruijie.com.cn
Command
AP configuration mode or AP group configuration mode on the AC
Mode
Usage Guide
N/A

Configuring the static IP address of the AP

Optional.

On the AP, configure the static IPv4 or IPv6 address of the AP so that the AP can use the fixed IPv4 or IPv6 address to
access the AC.
Command
ip address ip-address network-mask gateway
Parameter
ip-address: indicates the IP address of the AP.
Description
network-mask: indicates the subnet mask of the AP.
gateway: indicates the gateway of the AP.
Defaults
N/A
Command
AP configuration mode
Mode
Usage Guide
An AP can obtain its own IP address through the static configuration or DHCP. If the static IP address is
not configured on the AP, the AP obtains the address through DHCP and joins the AC. In this case, you
can run this command to configure the static IP address of the AP so that the address can remain
unchanged after the AP is restarted.

Configuring the static IPv6 address of a specific AP

Optional.
Command
ipv6 address ipv6-address-with-mask gateway
Parameter
ipv6-address-with-mask: indicates the IPv6 address of the AP. The format is X:X:X:X::X/24.
Description
gateway: indicates the IPv6 gateway of the AP.
Defaults
-
Command
AP configuration mode
Mode
Usage Guide
When IPv6 is enabled, the AP can obtain its own IPv6 address through the static configuration or
DHCPv6. If the static IPv6 address is not configured on the AP, the AP obtains the address through
DHCPv6 and joins the AC. In this case, you can run this command to configure the static IPv6 address of
the AP so that the address can remain unchanged after the AP is restarted.

Enabling the AP to support IPv6 access

Optional.

Run this command to control whether an AP sets up a CAPWAP IPv6 tunnel.
Configuration Guide

Configuring CAPWAP
If a CAPWAP IPv6 tunnel needs to be set up, run the ipv6 enable command in AP configuration mode on the AC to
support establishment of the IPv6 tunnel.
Command
ipv6 enable
Parameter
-
Description
Defaults
IPv6 is disabled on the AP by default.
Command
AP configuration mode
Mode
Usage Guide
If the IPv6 enable/disable status of the AP changes due to configuration of this command, the AP
re-establishes the CAPWAP tunnel. When IPv6 is enabled on the AP, and the AP is configured with both
static IPv4 and IPv6 addresses, the AP attempts to discover the IPv4 and IPv6 ACs simultaneously during
re-establishment of the CAPWAP tunnel. For discovered ACs, the AP does not necessarily select and join
an IPv6 AC. To ensure that the AP selects and joins an IPv6 AC, delete the IPv4 static address of the AP
and retain only the static IPv6 address of the AP before IPv6 is enabled on the AP.
Verification

Run the show ap-config running command to check whether the configuration is successful.
Configuration Example

Enabling the AP to obtain the IP address of the AC based on the static IPv4 address of the AP
Configuratio

Enter the AP configuration mode on the AC.
n Steps

Set the static IP address of the AC accessed by the AP to 192.168.1.1.

Set the static IP address of the AP to 1.1.1.1, subnet mask to 255.255.255.0, and gateway to
1.1.1.2.
AC
Ruijie(config)# ap-config AP0001
Ruijie(config-ap)# acip ipv4 192.168.1.1
Ruijie(config-ap)# ip address 1.1.1.1 255.255.255.0 1.1.1.2
Verification

AC
Ruijie#show ap-config running
Check the AP configurations.
!
ap-config AP0001
acip ipv4 192.168.1.1
ip address 1.1.1.1 255.255.255.0 1.1.1.2
!

Enabling the AP to obtain the IP address of the AC based on the DNS domain name
Configuratio
n Steps

Enter the AP configuration mode on the AC.

Set the DNS domain name of the AC to ruijie-ac.
Configuration Guide
AC
Configuring CAPWAP
Ruijie(config)# ap-config AP0001
Ruijie(config-ap)# ac-domain-name ruijie-ac
Verification

AC
Ruijie#show ap-config running
Check the AP configurations.
!
ap-config AP0001
ac-domain-name ruijie.ac
!

Enabling IPv6 on the AP
Configuratio
n Steps
AC

Enter the AP configuration mode on the AC.

Enable IPv6 on the AP.
Ruijie(config)# ap-config AP0001
Ruijie(config-ap)# ipv6 enable
Verification

AC
Ruijie#show ap-config running
Check the AP configurations.
!
ap-config AP0001
ipv6 enable
!
Common Errors

N/A
3.4.11 Configuring the ERPS Function on the AP
Configuration Effect

The i-Share+ master AP requires the Ethernet Ring Protection Switching (ERPS) function. The fit AP does not save
any configuration and therefore, the ERPS command needs to be saved.
Notes

A link needs to be disconnected or a port needs to be shut down during network planning. The ring topology can be
built only after the ERPS link is configured.

Configure a Ring Protection Link (RPL) link on a device in the ERPS ring, so that traffic is balanced to dual upstream
links. When one link fails or one device is faulty, the blocked RPL link is connected to prevent link failure.

The VLAN used by the ERPS will occupy the VLAN capacity of the device. Therefore, the VLAN cannot be set to
VLAN 1 or VLAN 2444, both of which are default VLANs. It cannot be the same with the VLAN of an STA specified by
Configuration Guide
Configuring CAPWAP
the Interface-mapping command or the VLAN of a wired port specified by the wired-VLAN command. It cannot be
the same with the VLAN specified by the ap-vlan command, neither.
Configuration Steps

Configuring an ERPS Single Ring

Optional.

Only the i-Share+ master AP supports this command.
Command
ap-cfg erps raps-vlan vlan-id ring-port west interface-name1 east interface-name2
Parameter
vlan-id: indicates the R-APS VLAN ID.
Description
interface-name1: indicates the name of the west port.
interface-name2: indicates the name of the east port.
Defaults
N/A
Command
AP configuration mode
Mode
Usage Guide
N/A
Command
ap-cfg erps raps-vlan vlan-id rpl-port { west | east } rpl-owner
Parameter
vlan-id: indicates the R-APS VLAN ID.
Description
West: specifies the west port to be the RPL owner.
east: specifies the east port to be the RPL owner.
Defaults
N/A
Command
AP configuration mode
Mode
Usage Guide
N/A
Verification

Run the show erps command to display the ERPS configuration.
Configuration Example

Configuring the ERPS Function on the AM5528
Configuration
Steps

Enter the AP configuration mode of the AC.

Configure an ERPS single ring.

Configure the RPL port.
Configuration Guide
Configuring CAPWAP
Ruijie(config)#ap-cfg erps raps-vlan 10 ring-port west gigabitEthernet 0/26 east
AP
gigabitEthernet 0/25
Ruijie(config)#ap-cfg erps raps-vlan 10 rpl-port east rpl-ower
Verification

Run the show erps command to display the ERPS configuration.
Ruijie(config)#show erps
AP
ERPS Information
Global Status
: Enabled
Link monitored by
: Not Oam
------------------------------------------R-APS VLAN
: 10
Ring Status
: Enabled
West Port
: Gi0/26
(Link Failure)
East Port
: Gi0/25
(Forwarding)
RPL Port
: East Port
Protected VLANs
: ALL
RPL Owner
: Enabled
Holdoff Time
: 0 milliseconds
Guard Time
: 500 milliseconds
WTR Time
: 2 minutes
Current Ring State
: protection
Associate R-APS VLAN
:
Ruijie(config)#
Common Errors

N/A
3.4.12 Configuring an AP to Execute a Command
Configuration Effect

(Optional) On the AC, configure an AP to execute a command.

(Optional) On the AC, configure all APs in an AP group to execute a command.
Notes

N/A
Configuration Guide
Configuring CAPWAP
Configuration Steps

Configuring an AP to Execute a Command

(Optional) Enter the AP configuration mode.

On the AC, configure the AP to execute a command.
Command
exec-cmd mode exec-mode cmd exec-cmd once
Parameter
exec-mode: indicates the mode in which a command is executed on the AP.
Description
exec-cmd: indicates the command to be executed on the AP.
once: indicates that the command is executed only once and is not saved.
Defaults
N/A
Command Mode
Single AP configuration mode/All APs configuration mode
Usage Guide
Some configuration commands are supported currently only by the AP and they are unavailable on
the AC. To configure the commands for APs on the AC, run the exec-cmd command. To cancel or
change the configuration of the exec-cmd command, run the no exec-cmd command to remove
the configuration and then run the exec-cmd command to cancel or change the required
configuration.
If ap-config all and ap-config are configured simultaneously, for online APs, the later configuration
will take effect; for offline APs, ap-config has a higher priority than ap-config all.
If the AC is already configured with a command for configuration delivery, please do not use this
command again. Otherwise, the configuration may conflict.
Verification

Log in to the AP to check whether the configuration takes effect. On the AC, run the show run or show ap-config run
command to check whether the configuration takes effect.

Configuring APs in an AP group to execute a command

(Optional) Enter the AP group configuration mode.

Configure all APs in an AP group to execute a command.
Command
exec-cmd exec-cmd
Parameter
exec-cmd: indicates the command to be executed on all APs in an AP group.
Description
Defaults
N/A
Command Mode
AP group configuration mode.
Usage Guide
Some configuration commands are available only in AP configuration mode and they are
unavailable in AP group configuration mode. To configure such a command for all APs in an AP
group, run the exec-cmd command in the AP group. Note that the configuration is not saved in AP
Configuration Guide
Configuring CAPWAP
group configuration mode, that is, the command is executed only once on all APs in the current AP
group. If the configuration already exists in AP configuration mode, the original configuration will be
overridden when the command is executed in AP group configuration mode.
Verification

Run the show ap-config run command to check whether the configuration of the APs in an AP group takes effect.
Configuration Example

Disabling the Eweb Function for an AP on the AC and Configuring Bluetooth iBeacon for all APs in an AP
Group
Configuration
Steps

On the AC, disable the Eweb function for APs.

On the AC, enable the Eweb function for APs.

Enable Bluetooth iBeacon for all APs in an AP group.

Disable the Eweb function for all APs in the AP group.
Ruijie(config)#ap-config AP1
AC
Ruijie(config-ap)# exec-cmd mode configure cmd "no enable service web-server all"
Ruijie(config-ap)# no exec-cmd mode configure cmd "no enable service web-server all"
Ruijie(config-ap)# exec-cmd mode configure cmd "enable service web-server all"
Ruijie(config)#ap-group default
Ruijie(config-group)#exec-cmd ibeacon uuid ffffffffffffffffffffffffffffffff major ffff minor ffff
Ruijie(config-group)#exec-cmd exec-cmd mode configure cmd "no enable service web-server all"
Verification

On the AC, check whether the configuration takes effect.
Ruijie#show ap-config running
AC
ap-config AP1
exec-cmd mode configure cmd "no enable service web-server all"
ibeacon uuid ffffffffffffffffffffffffffffffff major ffff minor ffff
Common Errors
The exec-cmd command needs to be changed, but the no exec-cmd command is not executed to delete original
configuration, or the exec-cmd command is not re-executed to cancel the configuration.
3.4.13 Configuring a Fit AP
Configuration Effect

Configure the static IP address, subnet mask, next hop, and AC address on a fit AP so that the AP can use the static
address to communicate with the AC.
Configuration Guide
Configuring CAPWAP
Notes

If the AP address is configured as the static address, the DHCP function will be disabled. In this case, the AC address
cannot be obtained from the DHCP/DHCPv6 option. Therefore, you need to configure the address of the connected
AC on the fit AP so that the AP can discover and join the AC when the AP and the AC are not in the same subnet.

The fit AP configuration commands have the same functions as some AP configuration commands used on the AC.
When the two configurations conflict with each other, the AP may be re-connected to the AC only based on the
configurations on the AC.

The fit AP configuration commands are automatically saved.
Configuration Steps

Configuring the static IP address of the AP

Optional.

When IP addresses of APs must be statically planned at the early stage of deployment, you can configure IP
addresses on the APs.

Configure the static IPv4 or IPv6 address of the AP so that the AP can use the IPv4 or IPv6 address to access the AC.

Run the apip ipv4 command to configure the static IPv4 address of the AP.

Run the apip ipv6 command to configure the static IPv6 address of the AP.
Command
apip ipv4 ip-addressnetwork-mask gateway
Parameter
ip-address: indicates the static IP address.
Description
network-mask: indicates the subnet mask.
gateway: indicates the gateway address.
Defaults
N/A
Command
Global configuration mode on the AP
Mode
Usage Guide
N/A
Command
apip ipv6 ipv6-address-with-mask gateway
Parameter
ipv6-address-with-mask: indicates the IPv6 address containing the mask length. The format is
Description
X:X:X:X::X/24.
gateway: indicates the IPv6 gateway address.
Defaults
N/A
Command
Global configuration mode on the AP
Mode
Usage Guide
N/A

Configuring the static IP address of the AC accessed by the AP

Optional.

When the AP is configured to use the static IP address, you must also specify the IP address of the accessed AC on
the AP.
Configuration Guide

Configuring CAPWAP
The static address type of the AC accessed by the AP must be the same as that of the AP. Ensure that both the AC
and the AP use the IPv4 static address, or both use the IPv6 static address.

Run the acip ipv4 command so that the AP joins a specified IPv4 AC.

Run the acip ipv6 command so that the AP joins a specified IPv6 AC.
Command
acipipv4 ip-address[ip-address…]
Parameter
ip-address: indicates the static IP address. At most six static addresses can be configured.
Description
Defaults
N/A
Command
Global configuration mode on the AP or AP configuration mode on the AC
Mode
Usage Guide
N/A
Command
acipipv6 ipv6-address [ipv6-address…]
Parameter
ipv6-address: indicates the IPv6 address of the connected AC. At most six static addresses can be
Description
configured.
Defaults
N/A
Command
Global configuration mode on the AP or AP configuration mode on the AC
Mode
Usage Guide
N/A

Enabling the AP to use the stateless address

Optional.

On the AP, configure data so that the AP uses the IPv6 stateless address autoconfiguration and a default route is
generated.

Run the apip ipv6 enable command to enable the IPv6 function of the AP.
Command
apip ipv6 address autoconfig default
Parameter
N/A
Description
Defaults
N/A
Command
Global configuration mode on the AP
Mode
Usage Guide
After this command is executed, the AP uses the IPv6 stateless address autoconfiguration, and a default
route is generated.
Command
apip ipv6 enable
Parameter
N/A
Description
Defaults
The IPv6 function of the AP is enabled by default.
Command
Global configuration mode on the AP
Mode
Usage Guide
You can run this command to enable or disable the CAPWAP IPv6 discovery function only on an IPv4
network.
Configuration Guide
Configuring CAPWAP

Configuring the CAPWAP IPv6 discovery function on the AP

Optional.

You can disable the CAPWAP IPv6 discovery function only on an IPv4 network to prevent the attempts made by
CAPWAP to set up an IPv6 tunnel, thus reducing the CAPWAP packets on the network.

Run the no apip ipv6 enable command to disable the IPv6 function of the AP.
Command
apip ipv6 enable
Parameter
N/A
Description
Defaults
The IPv6 function of the AP is enabled by default.
Command
Global configuration mode on the AP
Mode
Usage Guide
You can run this command to enable or disable the CAPWAP IPv6 discovery function only on an IPv4
network.

Enabling the AP to use the PPPoE dial-up mode to obtain the address

Optional.

When the AP needs to connect to a remote Internet service provider (ISP) through the ADSL and obtains the network
access capability, run this command so that the AP can use the PPPoE dial-up mode to obtain the address.
Command
apip pppoe
Parameter
N/A
Description
Defaults
By default, the PPPoE mode is not specified and the AP obtains the address through DHCP.
Command
Global configuration mode on the AP
Mode
Usage Guide
The command configures only the mode (PPPoE dial-up mode) selected by the AP to obtain the address.
After this command is configured, you need to add the PPPoE configurations and let the default route to
point to the dialer interface so that the AP can communicate with the AC.
CAPWAP can only select dialer 1 as the source interface. Therefore, when configuring the PPPoE dial-up
mode, dialer 1 must be used.
Verification

Check whether the fit AP configuration commands exist.

Check whether the AP can communicate with the AC.
Configuration Example

Configuring the static IP address of the AC accessed by the AP
Configuratio

Configure the static IPv4 address of the AP.
n Steps

Configure the static IPv4 address of the AC accessed by the AP.
AP
Ruijie(config)# apip 192.168.1.2 255.255.255.0 192.168.1.1
Ruijie(config)# acip ipv4 1.1.1.1
Configuration Guide
Verification

AP
!
Configuring CAPWAP
Run the show running-config command to display the configurations.
apip 192.168.1.2 255.255.255.0 192.168.1.1
acip ipv4 1.1.1.1
!

Enabling the AP to use the PPPoE dial-up mode to obtain the address
Configuratio

Enable the AP to select the PPPoE dial-up mode to obtain the address.
n Steps

Configure the PPPoE.

Configure the default route.

Configure the static IPv4 address of the AC accessed by the AP.
AP
Ruijie(config)# apip pppoe
Ruijie(config)# interface FastEthernet 0/1
Ruijie(config-if-FastEthernet 0/1)#pppoe enable
Ruijie(config-if-FastEthernet 0/1)#pppoe-client dial-pool-number 1 no-ddr
Ruijie(config-if-FastEthernet 0/1)#exit
Ruijie(config)# interfacedialer 1
Ruijie(config-if-Dialer1)#ip address negotiate
Ruijie(config-if-Dialer1)#ppp chap hostname ruijie
Ruijie(config-if-Dialer1)#ppp chap password ruijie
Ruijie(config-if-Dialer1)#ppp pap sent-username ruijie password ruijie
Ruijie(config-if-Dialer1)#dialer pool 1
Ruijie(config-if-Dialer1)#exit
Ruijie(config)#ip route 0.0.0.0 0.0.0.0 dialer 1
Ruijie(config)# acip ipv4 1.1.1.1
Verification

AP
!
Run the show running-config command to display the configurations.
apip 192.168.1.2 255.255.255.0 192.168.1.1
acip ipv4 1.1.1.1
!
Common Errors

N/A
Configuration Guide
Configuring CAPWAP
3.4.14 Configuring AP Upgrade
Configuration Effect

Upgrade the AP software version through configuration on the AC.
Notes

Configure the data to activate the AP software version file. This command loads the .bin file to the memory only when
the AP needs to be upgraded. When no AP needs to be upgraded, the bin file will be automatically removed from the
memory.

During the adaptive upgrade, the transitional version between rgos10 and rgos11 cannot be used to upgrade an AP
using the rgos10 system.

When the bandwidth is limited, use the bandwidth control function for the upgrade.
Configuration Steps

Creating the AP product series

(Optional) Run the ap-serial command to configure an AP product series on the AC.

To upgrade the AP software version through the AC, you must configure the AP hardware version and product models
for a specified product series on the AC.

An AP software version is applicable to a series of AP products. You can configure the AP hardware version and
product models for a specified product series, and use the software version to upgrade specified AP models.
Command
ap-serialserial-name ap-pid1 ap-pid2 ... ap-pidn [ hw-ver hardware-version ]
Parameter
serial-name: indicates the name of the AP series to be created.
Description
ap-pid1 ap-pid2 ... ap-pidn: lists the product models to be added to the AP series.
hardware-version: specifies the AP hardware version.
Defaults
No AP series is configured by default.
Command
AC configuration mode
Mode
Usage Guide
-

Activating the AP software version file

(Optional) Run the active-bin-file command to activate an AP software version on the AC.

To upgrade the AP software version through the AC, you must activate the AP software version on the AC.

Only an activated AP software version can be used for the upgrade.
Command
active-bin-file filename[ rgos10 ]
Parameter
filename: specifies the name of a software version. The name may contain a path prefix (flash:,tmp:,
Description
orusb0:), followed by a real file name. The maximum length of a file name is 64 bytes.
rgos10: indicates that a transitional version between 10.X and 11.X is activated. It is applicable only to
the AP software version.
Defaults
The AP software version is not activated by default.
Command
AC configuration mode
Mode
Configuration Guide
Usage Guide
Configuring CAPWAP
1. To download a software version from the AC to upgrade an AP, you must first activate the version file.
The rgos10 system differs a lot from the rgos11 system. Therefore, when using a transitional version
between rgos10 and rgos11 for the upgrade, you must add the rgos10 keyword.
2. The .bin file is loaded to the memory only when an AP needs to be upgraded. When no AP needs to be
upgraded, the bin file will be automatically removed from the memory.
3. Before configuring this command, ensure that the software version file already exists in the AC system
files.

Upgrading the version of specified APs

Optional: Run the ap-image command to use a specified file to upgrade a specified AP series on the AC. This
command takes effect on all APs connected to the AC.

To upgrade the AP software version through the AC, you must first specify the upgrade file used by the AP.

To upgrade a specified AP series, you must activate the AP software version, specify the AP series, and specify a file
for upgrading the specified AP series.
Command
ap-image filename
Parameter
filename: specifies the software version name.
Description
Defaults
N/A
Command
AP configuration mode
Mode
Usage Guide
N/A

Configuring adaptive upgrade

(Optional) Run the ap-image auto-upgrade command so that the AC can automatically identify applicable AP
products based on the AP upgrade file and upgrade all applicable APs.

The command automatically matches the AP models to which the software version is applicable and upgrades these
APs.
Command
ap-image{ auto-upgrade | filename serial-name}
Parameter
auto-upgrade: indicates that the product model is automatically matched for the upgrade.
Description
filename: specifies the software version name. This file name must be the same as that specified by the
active-bin-file command.
serial-name: indicates the name of the AP series to be upgraded.
Defaults
N/A
Command
AC configuration mode
Mode
Usage Guide
You can use the auto-upgrade option to automatically match the software version and upgrade APs
without configuring the mapping relationship between the AP product models and software version. You
can also use a specified file to upgrade a specified AP product series. When both the automatic upgrade
mode and the specified series upgrade mode exist, the specified series upgrade mode is used
preferentially. To enable the AC to upgrade the version of a specified AP product series, you must create
the AP product series, configure the software version corresponding to the specified APs, and activate the
software version. The three steps are mandatory.
Configuration Guide

Configuring the maximum number of APs that can be concurrently upgraded by the AC

Optional.

Limit the maximum number of APs that can be concurrently upgraded by the AC.
Configuring CAPWAP
Command
capwapupgrade max-concurrent num
Parameter
num: indicates the maximum number of APs that can be concurrently upgraded by the AC. The default
Description
value is 18. The value ranges from 1 to 200.
Defaults
15
Command
AC configuration mode
Mode
Usage Guide
N/A

Creating an upgrade group

Optional.

Create an upgrade group. The AC can evenly distribute the centralized upgrade quota to the upgrade group through
balanced scheduling to limit the bandwidth and avoid wasting the bandwidth.
Command
capwap upgrade group group-name [ max-concurrentnum ]
Parameter
group-name: indicates the name of an upgrade group. The upgrade group name cannot be set to
Description
"default".
num: indicates maximum number of APs that can be concurrently upgraded in the group. The default
value is 5. The value ranges from 1 to 200.
Defaults
By default, no upgrade group is configured, and the AP upgrade is not limited by the bandwidth. When
configuring an upgrade group, the maximum number of APs that can be concurrently upgraded in the
group is 5 by default.
Command
AC configuration mode
Mode
Usage Guide
N/A

Adding APs to an upgrade group

Optional.

Add APs to an upgrade group. Limit the number of APs that are upgraded in a centralized manner in this group
through scheduling and configuration to control the bandwidth by upgrade group.
Command
ap-upgrade group group-name
Parameter
group-name: indicates the name of the upgrade group. Before adding APs to an upgrade group, you must
Description
run the capwap upgrade group command to create the upgrade group.
Defaults
APs are not added to any upgrade group.
Command
AP configuration mode
Mode
Usage Guide
N/A

Configuring the bandwidth used for AP upgrade

Optional.
Configuration Guide

Configuring CAPWAP
Configure the bandwidth used for AP upgrade.
Command
ap-upgrade band-widthnum
Parameter
num: indicates the bandwidth used for AP upgrade. The unit is 1 KB. The value ranges from 8 to 1024.
Description
Defaults
The bandwidth is not limited.
Command
AP configuration mode
Mode
Usage Guide
The bandwidth-limited AP upgrade configuration commands include the command for configuring the
bandwidth used for AP upgrade, the command for creating an upgrade group, and the command for
adding APs to the upgrade group.
Verification

Check whether the AP version is successfully upgraded.

Check the upgrade status of the bandwidth control upgrade group and APs in the group.
Configuration Example

Configuring the AP upgrade data
Configuratio

Enter the AC configuration mode on the AC.
n Steps

Create the name of an AP product series on the AC.

Activate the specified AP software version used for the upgrade on the AC.

Configure the AP upgrade version file on the AC.
AC
Ruijie(config-ac)# ap-serial serial1 AP220-E AP220-SE AP620-H hw-ver 1.0
Ruijie(config-ac)# active-bin-file ap.bin
Ruijie(config-ac)# ap-image ap.bin serial1
Ruijie(config-ac)# exit
Verification

AC
Ruijie#show ac-config active-file
Cnt
Display the list of files activated on the AC.
File Name
Version
Used Cnt
Ready
------ ------------ ----------------------------------- ---------- -------1

ap.bin
RGOS 10.4(1t7)(1T7), Release(88888)
Configuring the AP upgrade during which the bandwidth is under control
Configuratio

Enter the AC configuration mode on the AC.
n Steps

Create an AP upgrade group on the AC.

Exit from the AC configuration mode.

Enter the AP configuration mode.

Configure the specified AP upgrade group on the AC.

Activate the bandwidth used for AP upgrade on the AC.
1
1
Configuration Guide
Configuring CAPWAP
Ruijie(config-ac)# capwap upgrade group UPGRADE-GROUP1 max-concurrent 10
AC
Ruijie(config-ac)# exit
Ruijie(config)#ap-config 8832.0000.1111
Ruijie(config-ap)# ap-upgrade group UPGRADE-GROUP1
Ruijie(config-ap)# ap-upgrade band-width 128
Ruijie(config-ap)# exit
Verification
AC

Display the upgrade group and APs in the group on the AC.

Display the APs and their bandwidths in an upgrade group on the AC.
Ruijie#show ac-config upgrade-group
Cnt
Group-Name
Max-Concurrent Token cnt
Upgrading cnt
------ ---------------------------------- ----------------------------------1
UPGRADE-GROUP1
10
2
1
Ruijie#show ac-config upgrade-groupUPGRADE-GROUP1
Group have 2 ap, online 1 offline 1
Cnt
Ap-Name
Ap-Mac
Online
Upgrade
------- ------------------------ -------------------- ------- -----------1
ap220e
2
ap330
8832.0000.1111
-
Band-width
---------
true
true
128
false
false
128
Ruijie#show ap-config wtp-info 8832.0000.1111
Ruijie#show ap-config wtp-info ap220e
Upgrade-banfwidth
: 128
Upgrade group
: UPGRADE-GROUP1
Common Errors

The AP upgrade data is configured, but the software version file used for the upgrade does not exist in the AC system
files.
3.4.15 Configuring a Mini AP
Configuration Effect

One rack-type AP can carry multiple mini APs. This operation is performed to manage and name mini APs, and
display their installation status, thus facilitating the mini AP management.
Notes

N/A
Configuration Steps

Naming a mini AP
Configuration Guide
Configuring CAPWAP

(Optional) Run the slot command to name a mini AP in a specified slot.

This configuration takes effect only for i-Share APs. The corresponding radio frequency (RF) card can be named to
determine the position of this card.
Command
slotslot-idslot-name
Parameter
slot-id: indicates the slot ID. The slot ID ranges from 1 to 24.
Description
slot-name: indicates the name of an AP card. The name is a string of 1 to 63 characters, and cannot
contain any space.
Defaults
An AP card is not named by default.
Command
AP configuration mode
Mode
Usage Guide
This command takes effect only on a rack-type AP, and cannot be used in all AP configuration mode.

Updating the installation status of mini APs

(Optional) Run the install update or uninstall command to update the installation status of mini APs.

If the state of a removed mini AP is displayed as offline, you can update its installation status.
Command
install update
Parameter
N/A
Description
Defaults
N/A
Command
AP configuration mode
Mode
Usage Guide
If a mini AP is installed in a specified slot on the rack-type AP but is later manually removed, the system
determines that this mini AP is offline. This command is executed to query a rack-type AP that is currently
online, and the online mini APs on the rack are treated as installed mini APs. Configurations of this
command are not saved.
Command
uninstallslot-id
Parameter
slot-id: indicates the slot ID. The slot ID ranges from 1 to 24.
Description
Defaults
N/A
Command
AP configuration mode
Mode
Usage Guide
If a mini AP is installed in a specified slot on the rack-type AP but is later manually removed, the system
determines that this mini AP is offline. You can use this command to remove a mini AP from the
Configuration Guide
Configuring CAPWAP
corresponding slot. If the mini AP in this slot is online, execution of this command is meaningless.
Configurations of this command are not saved. In addition, the command cannot be used in all AP
configuration mode.

Restarting a mini AP

(Optional) Run the reset slot slot-id command to restart a mini AP in a specified slot.

To reset a mini AP, you can use this command to power off the mini AP and then power it on again.
Command
reset slotslot-id
Parameter
slot-id: indicates the slot ID. The slot ID ranges from 1 to 24.
Description
Defaults
N/A
Command
AP configuration mode
Mode
Usage Guide
This command takes effect only on a rack-type AP, and cannot be used in all AP configuration mode.
Configurations of this command are not saved.
Verification

Check the installation information of mini APs, including the names and online status.
Configuration Example

Naming a mini AP
Configuratio

Enter the AP configuration mode on the AC.
n Steps

Name the mini AP in a specified slot.
AC
Ruijie(config)# ap-config AP0001
Ruijie(config-ap)# slot 1 Dormitory 1#101
Verification

Check the name of the mini AP on the AC.
Configuration Guide
Configuring CAPWAP
Ruijie#show ap-config summary slot
AC
Total Install Number: 2
Total Online Number: 1
Total Offline Number: 1
AP(xxxx)'s Slots Information
Install Number: 2
Online Number: 1
Offline Number: 1
AP MAC
Slot ID
Up/Off time
Slot Name
Model
Mac Address
Radio Set
Status
-------------- -------- -------------------------------- -------- ------------ ---------------------- -------1414.4b5f.9a89
0:00:17:52
MAP552
1 2
MAP552
3 4
online
1414.4b5f.9a89
0:00:17:52
1
2
offline
Common Errors

N/A
3.4.16 Configuring the CAPWAP Control Address
Configuration Effect

Configure the address used by the AC to set up a CAPWAP tunnel.
Notes

When modifying the IP address of the CAPWAP tunnel of an AC, online APs may be forced to go offline.

If an address that does not exist on the AC is configured, the CAPWAP tunnel cannot be set up.

If the AP gateway is not deployed on the AC (that is, both the AC and the AP are deployed at L3), the option of the AP
address pool must be set to the address (if any) configured by using the capwap ctrl-ip command.

In the AC hot backup environment, if this command is used to configure the control address of the CAPWAP tunnel,
the peer-ipA.B.C.D command must be executed in the hot backup configuration mode on the peer standby AC to
configure this control address as the peer control IP address.
Configuration Steps

(Optional) This command is used when the address of a non-loopback interface must be used as the CAPWAP
control address.
Configuration Guide

Configuring CAPWAP
When configuring the IPv4 control address for a CAPWAP tunnel between the AC and the AP, you can specify the IP
address so that the AC uses this IP address to set up a CAPWAP tunnel with the AP.

Run the capwap ctrl-ip ip-address command to specify the control address used for setting up a CAPWAP tunnel
with the AP. ip-address must be the IP address of an interface on the AC device.
Command
capwap ctrl-ip ip-address
Parameter
ip-address: indicates the address used by the AC to set up a CAPWAP tunnel. The IP interface of the
Description
loopback0 interface is used by default.
Defaults
By default, the IPv4 address of thefirst loopback interface on the AC device is used to set up a CAPWAP
tunnel between the AC and the AP.
Command
AC configuration mode
Mode
Usage Guide
By default, the AC uses the IP address of the first loopback interface to set up a CAPWAP tunnel. This
command allows you to manually specify the IP address used by the AC to set up a CAPWAP tunnel with
the AP.
Verification

Run the show running-config command to check whether the configuration is successful.
Configuration Example

Setting the control IP address of the AC to 10.0.0.1
Configuratio

Enter the AC configuration mode.
n Steps

Configure the AC location information.
AC
Ruijie(config)#ac-controller
Ruijie(config-ac)#capwap ctrl-ip 10.0.0.1
Verification
Use the show running-config command to display the configurations.
AC
!
ac-controller
capwap ctrl-ip 10.0.0.1
!
Common Errors

N/A
3.4.17 Configuring CAPWAP Fragmentation
Configuration Effect

After a packet is encapsulated on the CAPWAP tunnel, the packet length may exceed the IP MTU, and will be
fragmented at the IP layer. When the IP MTUs of multiple nodes on the link are inconsistent, the packet may be
fragmented and reassembled for several times, which reduces the packet forwarding performance. After CAPWAP
Configuration Guide
Configuring CAPWAP
fragmentation is enabled, the packet will be fragmented when encapsulated on the CAPWAP channel. The CAPWAP
packet length is specified as the minimum IP MTU on the link, thereby avoiding fragmentation at the IP layer.
Notes

If the configured MTU is too small, a lot of fragmented packets will be generated, affecting the packet forwarding
performance. Even worse, large packets may fail to be transmitted. Therefore, it is important to determine the size of
the MTU.

The configured CAPWAP MTU must be equal to or smaller than the IP MTU at the egress of the device; otherwise, IP
fragmentation will be performed after CAPWAP fragment. The minimum IPv6 MTU is 1280, that is, the minimum path
MTU is 1280. Therefore, the CAPWAP MTU must be equal to or greater than 1280.
Configuration Steps

Configuring the path MTU of the CAPWAP tunnel

(Optional) Enter the AP or AP group configuration mode, and run the capwap mtu command to configure the path
MTU of the CAPWAP tunnel.

If the length of the packet encapsulated on the CAPWAP tunnel exceeds the path MTU of the CAPWAP tunnel, the
packet will be fragmented on the CAPWAP tunnel. When configuring the path MTU of the CAPWAP tunnel on the AC,
this path MTU must be set to the minimum IP MTU on the tunnel; otherwise, IP fragmentation and reassembly are
performed again during packet forwarding, reducing the forwarding performance.
Command
capwap mtu num
Parameter
num: indicates the path MTU of the CAPWAP tunnel. The value ranges from 68 to 1500. The unit is byte.
Description
Defaults
The default size of the MTU is 1500 bytes.
Command
AP configuration mode or AP group configuration mode
Mode
Usage Guide
-

Enabling CAPWAP fragmentation

Optional.

When multiple IP MTU nodes exist on the transmission network, it is recommended that CAPWAP fragmentation be
enabled on the AC, and the CAPWAP MTU be set to the path MTU.

After a packet is encapsulated on the CAPWAP tunnel, the packet length may exceed the IP MTU, and will be
fragmented at the IP layer. When the IP MTUs of multiple nodes on the link are inconsistent, the packet may be
fragmented and reassembled for several times, which reduces the packet forwarding performance. You can run this
command to enable CAPWAP fragmentation. After this function is enabled, the packet will be fragmented when
encapsulated on the CAPWAP channel. The CAPWAP packet length can be specified in the capwap mtu command
as the minimum IP MTU on the link, thereby avoiding fragmentation at the IP layer.
Command
capwap fragment enable
Parameter
-
Description
Defaults
CAPWAP fragmentation is disabled by default.
Configuration Guide
Command
Configuring CAPWAP
AP configuration mode or AP group configuration mode
Mode
Usage Guide
N/A
Verification

Check the detailed information about the CAPWAP to learn the MTU of the CAPWAP tunnel and whether the
fragmentation function is enabled.

Alternatively, run the show ap-config running command to check whether CAPWAP fragmentation is configured.
Configuration Example

Configuring the MTU of AP1 and enabling the fragmentation function
Configuratio

Set the path MTU of AP1 to 1200 bytes on the AC.
n Steps

Enable CAPWAP fragmentation of AP1 on the AC.
AC
Ruijie(config)# ap-config AP1
Ruijie(config-ap)# capwap mtu 1200
Ruijie(config-ap)# capwap fragment enable
Verification
Use the show ap-config running command to display the configurations.
AC
!
capwap fragment enable
capwap mtu 1200
!
Common Errors

N/A
3.4.18 Configuring CAPWAP Encryption
Configuration Effect

Disable the encryption function on the CAPWAP control channel to analyze packets when the network is faulty.
Notes
Configuration Steps

Configuring the encryption function on the CAPWAP control channel

Optional.

On the AC, you can disable the encryption function on the CAPWAP control channel to analyze packets for
troubleshooting purpose when the network is faulty.
Command
capwap dtls enable
Configuration Guide
Parameter
Configuring CAPWAP
-
Description
Defaults
By default, the DTLS encryption function is enabled on the CAPWAP control channel.
Command
AC configuration mode
Mode
Usage Guide
By default, the DTLS encryption function is enabled on the CAPWAP control channel to ensure security of
interaction between the AC and the AP. In special cases, you can disable the encryption function on the
CAPWAP control channel to facilitate tests.
Verification

Check the detailed information about the CAPWAP tunnel to determine the encryption policy of the control channel
and the data channel.

Run the show running-config command to check whether encryption is enabled on the control channel.
Configuration Example

Enabling encryption on the AP data channel and disabling encryption on the control channel
Configuratio

On the AC, disable the encryption function on the AP control channel.
n Steps
AC
Ruijie(config-ap)# no capwap dtls enable
Verification

On the AC, run the show running-config command to check whether the encryption function is
disabled on the control channel.
AC
Ruijie#show running-config
!
no capwap dtls enable
Common Errors

N/A
3.4.19 Configuring CAPWAP Access Control
Configuration Effect

Configure the maximum number of APs that can concurrently go online.
Notes

If the configured value is too small, the total online duration of all APs connected to the AC will be relatively long.
Configuration Steps

Configuring the maximum number of APs that can concurrently go online

Optional.
Configuration Guide

Configuring CAPWAP
On the AC, configure the maximum number of APs that can concurrently go online to prevent an excessively high
CPU usage caused by a large number of CAPWAP control packets.
Command
capwap max-concurrent num
Parameter
num: indicates the maximum number of APs that can concurrently go online. The number ranges from 1
Description
to 200.
Defaults
50
Command
AC configuration mode
Mode
Usage Guide
If a large number of APs go online concurrently, the CPU usage of the AC may increase or even reach
100%. Consequently, tunnels of APs that are already online will be disconnected due to keepalive
failures. You can use this command to limit the maximum number of APs go online concurrently.
Verification

Run the show running-config command to display the configurations.
Configuration Example

Configuring the maximum number of APs that can concurrently go online
Configuratio

On the AC, configure the maximum number of APs that can concurrently go online.
n Steps
AC
Ruijie(config-ac)#capwap max-concurrent 100
Verification

AC
!
On the AC, run the show running-config command to display the configurations.
ac-controller
capwap max-concurrent 100
!
Common Errors

N/A
3.4.20 Configuring the Echo Interval of the CAPWAP Tunnel
Configuration Effect

(Optional) Configure the interval at which a keepalive packet is set.
Notes

During deployment of the wireless network, the echo interval of the CAPWAP tunnel can be adjusted according to the
network scale to properly plan the network convergence performance. During the adjustment, ensure that you have a
good understanding about the network scale and confirm that the convergence is necessary. If a low echo interval is
configured on a wireless network where a large number of APs are deployed, the network environment will be
affected.
Configuration Guide
Configuring CAPWAP
Configuration Steps

(Optional) Enter the AP or AP group configuration mode for configuration.

Configure the echo interval of the CAPWAP tunnel on the AC to control the keepalive period of the CAPWAP tunnel.
Command
echo-interval seconds
Parameter
seconds: indicates the echo interval of the CAPWAP tunnel. The value ranges from 5 to 255.
Description
Defaults
30s
Command
AP configuration mode or AP group configuration mode
Mode
Usage Guide
In a fit AP network structure, an AC is interconnected with an AP through the CAPWAP tunnel. The Echo
Request and Echo Response packets are used between the AP and the AC to maintain the effectiveness
of links. If other request packets are not transmitted, the AP sends an Echo Request packet to the AC at
the interval specified by echo-interval to keep the CAPWAP tunnel alive. If the AP does not receive any
Echo Response packet, the Echo Request packet will be retransmitted. The transmission interval starts at
the initial transmission interval (3s or half of echo-interval, whichever the smaller), and then is doubled
upon next retransmission. The maximum retransmission interval cannot exceed the half of echo-interval
or 60s, whichever the smaller. If the AP does not receive the Echo Response packet when
max-retransmit (the maximum retransmission times) is reached, it is determined that the CAPWAP
tunnel is disconnected. That is, the keepalive failure time of the tunnel is equal to the keepalive time plus
the retransmission interval. This command takes effect only when the tunnel is in Run state. By default,
echo-interval is 30s, and max-retransmit is 5. If the Echo Response packet is not received 0s after the
Echo Request packet is sent, the Echo Request packet will be retransmitted at the interval of 3s, 6s, 12s,
15s, and 15s, respectively. The same rule is observed to calculate the packet timeout time if
echo-interval and max-retransmit are set to other values.
Verification

Check the detailed information about the CAPWAP tunnel. The modified interval at which the keepalive packet is sent
should be displayed.
Configuration Example

Configuring the echo interval of the CAPWAP tunnel
Configuratio

On the AC, set the echo interval of the CAPWAP tunnel to 50s.
n Steps
AC
Ruijie(config)#ap-config AP0001
Ruijie(config-ap)# echo-interval 50
Verification

AC
Ruijie#show capwap 1.1.1.1 detail
On the AC, check the detailed information about the CAPWAP tunnel.
Echo interval is 50 secs, Dead interval is 119 secs
Configuration Guide
Configuring CAPWAP
Common Errors

N/A
3.4.21 Configuring the Maximum Retransmission Times of a CAPWAP Packet
Configuration Effect

(Optional) Configure the maximum transmission times of a CAPWAP packet to adjust the keepalive time of the
CAPWAP tunnel.
Notes
N/A
Configuration Steps

(Optional) Enter the AP or AP group configuration mode for configuration.

Configure the maximum transmission times of a CAPWAP packet to adjust the keepalive time of the CAPWAP
tunnel.
Command
capwap max-retransmitnum
Parameter
num: indicates the maximum retransmission times of a CAPWAP packet
Description
Defaults
5
Command
AP configuration mode or AP group configuration mode
Mode
Usage Guide
If the AP does not receive any Echo Response packet after sending an Echo Request packet, the Echo
Request packet will be retransmitted. The transmission interval starts at the initial transmission interval
(3s or half of echo-interval, whichever the smaller), and then is doubled upon next retransmission. The
maximum retransmission interval cannot exceed the half of echo-interval or 60s, whichever the smaller.
If the AP does not receive the Echo Response packet when max-retransmit (the maximum
retransmission times) is reached, it is determined that the CAPWAP tunnel is disconnected. You can
configure the maximum transmission times of a CAPWAP packet to adjust the keepalive time of the
CAPWAP tunnel.This command takes effect only when the tunnel is in Run state.
Verification

Check the detailed information about the CAPWAP tunnel. The modified interval at which the keepalive packet is sent
should be displayed.
Configuration Example

Configuring the maximum retransmission times of a CAPWAP packet
Configuratio

Set the maximum retransmission times of AP1 to 20.
n Steps
AC
Ruijie(config)#ap-config AP1
Ruijie(config-ap)# capwap max-retransmit 20
Configuration Guide
Configuring CAPWAP
Verification

AC
Ruijie#show capwap 1.1.1.1 detail
On the AC, check the detailed information about the CAPWAP tunnel.
Config maxretransmit 20
Common Errors

N/A
3.5 Monitoring
Displaying
Description
Command
Displays the list of files activated on
show ac-config active-file
the AC.
Displays the mapping between AP
show ac-config serial-product
product series configured on the AC
and product models, and files used
to upgrade the product series.
Displays the information about the
show ac-config upgrade-group [ group-name ]
upgrade group configured on the
AC.
Displays the data on the master
show ap-config board-data ap-name
board of the AP.
Displays the status of links between
show ap-config link-latency { all | single ap-name }
ACs and APs.
Displays the AP vendor information.
show ap-config inventory ap-name
Displays the AP restart statistics
show ap-config reboot ap-name
Displays the mini AP information of
show ap-config slot
a specified AP
Displays the static IP address of an
show ap-config static-ip{ all | single ap-name }
AP
Displays the AP location information
show ap-config summary location
Displays the mini AP information of
show ap-configsummary slot
all APs
Displays the AP upgrade status
show ap-config updating-list
Displays the AP status descriptions
show ap-config wtp-descriptor ap-name
Displays the AP status information
show ap-config wtp-info ap-name
Displays the detailed information
show capwap [ index | [ ip-address [port ] ] ] detail
about the CAPWAP tunnel
Displays the status of the CAPWAP
show capwap state
tunnel
Displays the CAPWAP tunnel
statistics
show capwap [ index | [ ip-address [ port ] ] ] statistics
Configuration Guide
Configuring CAPWAP
Description
Command
Displays the AP version information
show version { all | ap-name }
Collects and displays various logs
tran-data-start ap-name {exception | memory | tech-support | tech-package}
on an AP
tran-data-show ap-name {exception | cpuinfo | memory | syslog| tech-support}
Displays all downlink ports of
show ap-config summary slot interface
i-Share+ APs
Configuration Guide
Configuring WBS
4. Configuring WBS
4.1 Overview
The Wireless Basic Service (WBS) is used to configure wireless-specific parameters on access controllers (ACs) when thin
access points (APs) are deployed.
Link integrity detection is a basic service of the WBS. It detects the wired uplinks on APs. When the links are disconnected,
the access services of the APs are stopped to force users offline. When the links are restored, the APs continue to provide
wireless access services. Enabling link integrity detection in a thin AP architecture with dense AP deployment helps reduce
the network disconnection time and improve user experience.
Protocols and
Standards
 802.11n: Enhancements for Higher Throughput
4.2 Applications
Application
Description
Configuring Thin APs
Run commands on ACs to configure the parameters of thin APs.
Enabling Link Integrity Detection
Enable link integrity detection in a thin AP architecture to improve the quality of
service (QoS) of wireless access.
4.2.1 Configuring Thin APs
Scenario
Configure thin APs. Administrators can manage the configurations of thin APs on an AC in a centralized manner. Assume
that a network has the following deployment requirements:
1.
Allow the AC to monitor the status of the feeder links on i-Share APs.
2.
Prevent stations (STAs) with received signal strength indication (RSSI) smaller than 20 from accessing the network.
3.
Enable short guard interval (GI) in 20 MHz.
4.
Prevent the use of low data rates, such as 1 Mbps, 2 Mbps, and 5.5 Mbps.
Figure 4-1 shows the thin AP networking topology.
Configuration Guide
Configuring WBS
Figure 4-1 Thin AP Networking Topology
Deployment
Main configuration points on the AC:
1.
Enable i-Share antenna feeder link detection for all the APs and set the detection interval to an expected value.
2.
Run response-rssi for the radios of all the APs and set the threshold to 20 dB.
3.
Run short-gi enable for the radios of all the APs and set the bandwidth to 20 MHz.
4.
Disable the use of the 1 Mbps, 2 Mbps, and 5.5 Mbps data rates for 802.11b/g network users.
4.2.2 Enabling Link Integrity Detection
Scenario
Enable link integrity detection on wireless networks with a thin AP architecture.
See Figure 4-2.
 An AC is connected to the Internet through a router. AP1, AP2, and AP3 are connected to the router through three
switches and associated with the AC.
 Station 1 (STA1) is associated with AP1, STA2 and STA3 are associated with AP2, and STA4 is associated with AP3.
The STAs access the Internet through the AC.
Configuration Guide
Configuring WBS
Figure 4-2
Remark
R is an egress router.
s
S1, S2, and S3 are Layer-2 switches and function as the access devices for APs.
AP1, AP2, and AP3 are directly connected to S1, S2, and S3.
Deployment
 Layer-2 switches provide the access service to APs.
 Router R sets up connections between ACs and APs and between STAs and the Internet.
4.3 Features
Basic Concepts

A-MPDU
The 802.11n standards adopt the aggregate MAC protocol data unit (A-MPDU). Multiple MPDUs are aggregated into an
A-MPDU, and only one PHY header is retained whereas the PHY headers of other MPDUs are removed. In this way, the
additional information of the PHY header of each MPDU to be transmitted is reduced, and the number of ACK frames is
also reduced, which mitigates the burden and improves network throughput.

MCS
The physical layer of 802.11n supports high data transmission rates and is compatible with 802.11a/b/g rates. The many
different speeds supported at the physical layer of 802.11n are called modulation and coding scheme (MCS) rates.

Beacon
The APs on wireless local area networks (WLANs) periodically send beacon frames externally. The beacon frames contain
AP information. Wireless STAs receive beacon frames to discover WLANs.
Configuration Guide

Configuring WBS
RSSI
RSSI indicates the quality of wireless connections.

Country Code
A country code identifies a country with radio frequency (RF) usage. RFs, channels, and powers vary with different country
codes. Before you configure an AP, determine the country code that the AP supports. If the configured country code is
changed, the RFs, channels, and powers mapped to the country code are also changed.

Frequency Band
FR transmission in the 2.4 GHz and 5 GHz frequency bands is supported.

Channel
Wireless channels transmit RF medium between APs and wireless STAs. The use of channels varies with different
countries and frequency bands. In China, the 2.4 GHz frequency band can be configured with 13 channels (channel 1 to
channel 13), and the 5 GHz frequency band can be configured with five channels (channels 149, 153, 157, 161, and 165).
The overlapping channels in the 2.4 GHz frequency band generate interference. It is recommended that these channels be
configured as non-overlapping channels (for example, channels 1, 6, and 11) to avoid radio signal collision. The five
channels in the 5 GHz frequency band do not overlap or generate interference.

Transmit Power
Transmit power indicates the strength of the RF signals transmitted by an AP. It is proportional to the radio signal coverage
area of the AP.

Timeslot Type
Channel contention may occur when multiple STAs send data on the same WLAN. To avoid this problem, STAs are
required to check the idle state of channels before sending data. If an STA detects that a channel is idle, the STA does not
send data until the backoff time has elapsed. The backoff time is a random integer of the slot time (which is an operation
time unit specified in the Media Access Control [MAC] protocol). The value of the backoff time is automatically subtracted
by 1 each time after the slot time has elapsed. When the backoff time is reduced to 0, the STA starts sending data. The slot
time on WLANs is classified into 20 μs and 9 μs, with the later being called short slot time.

Antenna Transmit/Receive Types
You can configure some antennas on an RF card to transmit signals and the other antennas to receive signals.

Short GI
802.11n adds optional support for a 0.4 μs guard interval, compared to the standard 0.8 μs guard interval.

Fragmentation Threshold
To increase the transmission success rate, the IEEE 802.11 MAC protocol supports the fragmentation of packets before
transmission. Packets are fragmented according to a threshold, which reduces the interference probability and saves
bandwidth resources during retransmission.

RTS
Configuration Guide
Configuring WBS
To avoid channel conflicts and the resulting data transmission failures, the IEEE 802.11 MAC protocol provides a
handshake protocol called Request To Send/Clear To Send (RTS/CTS). When STA A needs to send data to STA B, it first
sends an RTS frame. STA B responds with a CTS frame if it permits STA A to send data. After receiving the CTS frame,
STA A starts sending data. When multiple STAs send RTS frames to the same STA, only the STAs that receive CTS
frames are permitted to send data. The STAs that do not receive CTS frames can resend RTS frames after a time because
a channel conflict is considered to have occurred.

PHY Protection Modes
Frames can be transmitted in Greenfield mode or hybrid mode. The hybrid mode is intended to support compatibility with
other physical layers, and the Greenfield mode is used to transmit physical layer headers at high speeds. A device which
uses the high-throughput (HT) hybrid mode can transmit frames in 802.11a/b/g and 802.11n modes. Such a device first
transmits a conventional format preamble, followed by an HT format preamble. The device must send a conventional
CTS-to-Self or RTS/CTS frame before transmitting data. These protection mechanisms enable 802.11a/b/g devices,
including those devices not connected to APs in HT hybrid mode to sense the busy state of channels.

Preamble Type
A preamble is a group of bits in a packet header, used to synchronize the transmission signals between the transmit end
and receive end. You can configure the preamble type (long or short) that an AP supports. The data frames with long
preambles take a longer time to transmit than the data frames with a short preamble.

U-APSD
802.11e introduces Wi-Fi multimedia power save (WMM-PS) to reduce the delay of the services with high real-time
requirements during the power management process. WMM-PS adopts the Unscheduled Automatic Power Save Delivery
(U-APSD) technology to disable the transmission of radio signals during most of the time, which extends the battery life.
U-APSD is an enhancement of the 802.11 power saving mechanism.
Overview
Feature
Description
Configuring i-Share Antenna
Checks the status of the feeder links on i-Share APs.
Feeder Link Detection
Configuring STA Access
Controls the access of specified wireless STAs.
Control
Configuring AP RF Parameters
Configures the RF parameters for APs or radios.
Configuring Data Rate Control
Configures the RF parameters of data rate control.
Parameters
Configuring Power-Save
Sets the parameters of power saving.
Parameters
Enabling Link Integrity
Detects the integrity of links to improve the wireless service quality.
Detection
Configuring E-Bag Parameters
Provides a command to quickly configure E-bag network optimization in one-click mode,
which improves user experience.
Configuring WLANs in
Provides the one-click WLAN configuration feature to perform fast configuration on
One-Click Mode
devices with zero configurations.
Configuration Guide
Configuring WBS
4.3.1 Configuring STA Access Control
Working Principle
Ruijie Networks provides wireless STA access control.
Wireless STAs search for APs through active scan and passive scan.
 Active scan: A wireless STA sends a Probe Request frame to request access to an AP, which will respond with a
Probe Response frame.
 Passive scan: APs broadcast beacon frames periodically. Wireless STAs listen to beacon frames and initiate
connections to APs.
To control the network coverage areas of APs and improve the transmission quality of radio signals, the following methods
are used to limit the access of wireless STAs:
 Control the beacon frame broadcast ranges of APs to limit the access of long-distance wireless STAs.
 Control the minimum RSSI value applied to wireless STAs during the access process. The STAs which send request
frames with RSSI smaller than the minimum value are denied access.
 Control the minimum RSSI value applied to wireless STAs during the data transmission process. The STAs which
send data frames with RSSI smaller than the minimum value are forced offline. Then the STAs can roam to other APs
with better radio signals.
4.3.2 Configuring AP RF Parameters
You can configure the RF parameters for APs and radios.
Working Principle

A-MPDU
The 802.11n standards adopt A-MPDU. Multiple MPDUs are aggregated into an A-MPDU, and only one PHY header is
retained whereas the PHY headers of other MPDUs are removed. In this way, the additional information of the PHY header
of each MPDU to be transmitted is reduced, and the number of ACK frames is also reduced, which mitigates the burden
and improves network throughput.

MCS
In 802.11n, RF rates are configured by using the index values of the MCS, which is used to express the communication
rates on WLANs. The MCS is a rate table. The table columns show the factors of concern that affect communication rates,
and the table rows show the MCS indexes. Each MCS index maps a physical transmission rate which is determined by a
group of parameters. For the description of all the MCS rate tables, see the IEEE P802.11n D2.00.

Wireless Channel
Wireless channels transmit RF medium between APs and wireless STAs. The use of channels varies with different
countries and frequency bands. In China, the 2.4 GHz frequency band can be configured with 13 channels (channel 1 to
channel 13), and the 5 GHz frequency band can be configured with five channels (channels 149, 153, 157, 161, and 165).
The overlapping channels in the 2.4 GHz frequency band generate interference. It is recommended that these channels be
configured as non-overlapping channels (for example, channels 1, 6, and 11) to avoid radio signal collision. The five
channels in the 5 GHz frequency band do not overlap or generate interference.
Configuration Guide

Configuring WBS
Packet Fragmentation
To increase the transmission success rate, the IEEE 802.11 MAC protocol supports the fragmentation of packets before
transmission. Packets are fragmented according to a threshold, which reduces the interference probability and saves
bandwidth resources during retransmission.

RTS/CTS
To avoid channel conflicts and the resulting data transmission failures, the IEEE 802.11 MAC protocol provides a
handshake protocol called RTS/CTS. When STA A needs to send data to STA B, it first sends an RTS frame. STA B
responds with a CTS frame if it permits STA A to send data. After receiving the CTS frame, STA A starts sending data.
When multiple STAs send RTS frames to the same STA, only the STAs that receive CTS frames are permitted to send data.
The STAs that do not receive CTS frames can resend RTS frames after a time because a channel conflict is considered to
have occurred.
If each STA implements RTS/CTS handshake before sending data, many RTS frames will occupy channel bandwidths. To
avoid this problem, you can configure an RTS threshold to specify the frame length of transmitted data. If an STA sends
data with a frame length smaller than the RTS threshold, the STA will not implement RTS/CTS handshake.

Beacon
The APs on WLANs periodically send beacon frames externally. The beacon frames contain AP information. Wireless
STAs receive beacon frames to discover WLANs.

Preamble Type
A preamble is a group of bits in a packet header, used to synchronize the transmission signals between the transmit end
and receive end. You can configure the preamble type (long or short) that an AP supports. The data frames with long
preambles take a longer time to transmit than the data frames with a short preamble.

Timeslot Type
Channel contention may occur when multiple STAs send data on the same WLAN. To avoid this problem, STAs are
required to check the idle state of channels before sending data. If an STA detects that a channel is idle, the STA does not
send data until the backoff time has elapsed. The backoff time is a random integer of the slot time (which is an operation
time unit specified in the MAC protocol). Assume that the random integer is 3. The value of the backoff time is automatically
subtracted by 1 each time after the slot time has elapsed. When the backoff time is reduced to 0, the STA starts sending
data. Reducing the slot time can reduce the overall backoff time and increase network throughput.

Channel Bandwidth
In 802.11n, two 20 MHz bandwidths are combined into a 40 MHz bandwidth, which can be used as two 20 MHz bandwidths.
(One 20 MHz bandwidth is the primary bandwidth, and the other is the secondary bandwidth. Data can be received and
transmitted by using the 40 MHz bandwidth or two individual 20 MHz bandwidths.) In this way, data rates are doubled and
wireless network throughput is increased.

GI
802.11n adds optional support for a 0.4 μs guard interval, compared to the standard 0.8 μs guard interval.

Country Code
Configuration Guide
Configuring WBS
A country code identifies a country with RF usage. RFs, channels, and powers vary with different country codes. Before you
configure an AP, determine the country code that the AP supports. If the configured country code is changed, the RFs,
channels, and powers mapped to the country code are also changed.

Antenna Transmit/Receive Types
APs use different quantities of antennas for transmitting and receiving signals, which enables APs to use two or three
spatial streams to transmit signals in 802.11n mode, thus improving data transmission performance.

Internal Antenna and External Antenna
Internal antennas are integrated inside the enclosures of APs, and external antennas are connected to the reserved
hardware interfaces of APs. External antennas achieve longer transmission distances than internal antennas with the same
transmission power.

Maximum Distance of Radio Transmission Between AP Radios and the Peer End
Radio signals are transmitted in space at the speed of light. The longer the distance of radio transmission between AP
radios and the peer end, the longer time it takes to transmit radio packets in space and the longer the timeout time for APs
to wait for ACK and CTS frames. The timeout time must be adjusted based on the distance of radio transmission between
AP radios and the peer end; otherwise, radio data transmission will fail. A very long timeout time will cause resource waste
on the air interface when APs are still waiting for ACK and CTS frames.
4.3.3 Configuring Data Rate Control Parameters
You can configure the RF parameters of data rate control.
Working Principle
802.11 is the industry standards that the Institute of Electrical and Electronics Engineers (IEEE) developed for WLAN
communications. 802.11x is an improvement over 802.11. The main transmission standards include 802.11b, 802.11a,
802.11g, and 802.11n.
1.
802.11b
The operating band is 2.4 GHz, and the data transmission rate can reach 11 Mbps, which can be reduced to 5.5 Mbps, 2
Mbps, or 1 Mbps based on actual requirements.
2.
802.11a
The operating band is 5 GHz, and the data transmission rate can reach 54 Mbps, which can be reduced to 48 Mbps, 36
Mbps, 24 Mbps, 18 Mbps, 12 Mbps, 9 Mbps, or 6 Mbps based on actual requirements.
3.
802.11g
The operating band is 2.4 GHz, and the data transmission rate can reach 54 Mbps, which can be reduced to 48 Mbps, 36
Mbps, 24 Mbps, 18 Mbps, 12 Mbps, 9 Mbps, or 6 Mbps based on actual requirements. 802.11g STAs are backward
compatible with 802.11b.
4.3.4 Configuring Power-Save Parameters
Working Principle

DTIM Period
Configuration Guide
Configuring WBS
A delivery traffic indication map (DTIM) is a flag bit in a beacon frame, used to determine the interval at which an AP sends
broadcast or multicast frames. APs buffer the data that wireless STAs in dormant state need to receive according to the
DTIM period. After the DTIM period has elapsed, APs send the buffered data to wireless STAs.
The DTIM period is expressed based on the number of sent beacon frames. Assume that the DTIM period is set to 3. APs
send broadcast or multicast frames each time after three beacon frames are sent.

U-APSD Power Saving
U-APSD is an improvement over the power saving mode. When clients are associated with ACs, the clients can configure
which ACs have the trigger attribute, which ACs have the delivery attribute, and the maximum number of packets to be sent
after trigger. The trigger and delivery attributes can be modified when flows are created through connection access control
(CAC). When a client sleeps, the delivery-enabled AC packets destined for the client are buffered. To retrieve the buffered
packets, the client needs to send trigger-enabled AC packets. After receiving the trigger-enabled AC packets, the AP sends
the buffered packets according to the to-be-sent packet quantity determined during the access process. Other AC packets
than delivery-enabled AC packets are stored and transmitted in accordance with the 802.11 standards.
4.3.5 Enabling Link Integrity Detection
APs are wireless access devices without the switching feature. They implement all functions of the physical layer and
partial functions of the MAC layer. A fat AP or thin AP has only one wired uplink, which is the data channel allowing STAs to
access the AP. When the wired uplink is disconnected because of a fault, all the wireless STAs connected to the AP cannot
access the Internet.
Wireless STAs cannot sense link disconnections immediately or take measures; as a result, the network connection cannot
be restored for a long time.
Link integrity detection is designed to solve this problem.
Working Principle
The link integrity detection function continuously detects the status of the wired uplinks on APs. When a wired uplink is
disconnected, the RF interface of the AP is disabled to stop the access service. The wireless STAs associated with the AP
are forced offline and have to reconnect to other normal APs.
When the wired uplink is recovered, the link integrity detection function enables the RF interface of the AP again to restore
the wireless access service.
Link integrity detection enables the wireless STAs that are associated with APs with disconnected wired uplinks to
reconnect to other normal APs.
4.3.6 Configuring E-Bag Parameters
You can configure the E-bag parameters for APs and radios.
Working Principle
You can run a command to quickly configure E-bag network optimization in one-click mode, which improves user
experience.

A-MPDU
A-MPDU is short for aggregate MAC protocol data unit.
Configuration Guide

Configuring WBS
LDPC
A low-density parity-check (LDPC) code is a linear error correcting code. Being easy to use and with low complexity, this
coding method adopts the forward error correction (FEC) technology to improve the coding reliability and gains. LDPC was
developed at the beginning of the 1960 and supports the transmission of information in noisy frequencies with massive
background or content damage. It also greatly reduces the probability of information loss during transmission in frequencies
with serious noise interference. However, a small number of STAs are not compatible with LDPC, and enabling LDPC will
result in packet loss.

STBC
Space time block coding (STBC) is a technique used in wireless communications to transmit multiple copies of a data
stream across a number of antennas at different time points to improve the reliability of data transmission by means of time
diversity and space diversity. The outstanding advantage of STBC is the use of maximum likelihood decoding to obtain
complete antenna gains. Some STAs may not be compatible with STBC.

A-MPDU Software Retransmission Times
The A-MPDU software retransmission mechanism is designed to avoid the loss of sub-frames in wireless communications.
The greater the retransmission times, the lower the probability of sub-frame loss. If packets are retransmitted frequently,
the burden on the air interface is increased, which affects the real-time transmission of packets on the air interface. You can
increase the retransmission times if you need to avoid packet loss when there is a high probability of sub-frame loss.

A-MPDU-RTS
The RTS protection feature of A-MPDU prevents resource waste on the air interface caused by packet collision due to
hidden nodes. Because RTS interaction consumes air interface resources and has resulting adverse impact in many
application scenarios, this feature is disabled by default. Enable RTS protection only when the resource waste on the air
interface caused by hidden nodes is greater than the resource consumption of RTS interaction on the air interface.

Single-Time Received Ethernet Packet Quantity
A command is provided to adjust the number of Ethernet packets received at a single time. Increasing Ethernet packet
reception can improve network performance but may reduce APs' ability to handle key packets in real time. You can reduce
Ethernet packet reception when the requirements for performance are not high but user concurrency and real-time packet
handling are demanded. In this case, it is recommended that the single-time received Ethernet packet quantity be set to 25.
4.3.7 Configuring WLANs in One-Click Mode
The one-click WLAN configuration feature allows you to perform fast configuration on devices with zero configurations.
Working Principle

autowifi
Perform the following configuration on an AC:
1.
Division of virtual local area networks (VLANs): On the AC, configure VLAN1 as the VLAN for APs and VLAN2 as the
VLAN for STAs.
Configuration Guide
2.
Configuring WBS
Address pool: On the AC, configure the 192.168.1.0 network segment as the address pool for APs and configure the
192.168.2.0 network segment as the network segment for STAs. The default IP addresses of VLAN1 and VLAN2 are
192.168.1.1 and 192.168.2.1 respectively. The default management IP address is 88.88.88.88.
3.
WLAN configuration: Name the WLAN autowifi_XXXX. The last four characters are the last four digits of the MAC
address of the AC. You can use wlan-id 1.
4.
Security: By default, WPA2 encryption is used. The password is autowifi.
5.
WLAN-VLAN mapping: On the AC, configure the mapping between wlan-id 1 and VLAN2 in the group named
ap-group default.
6.
Service: Enable the Dynamic Host Configuration Protocol (DHCP) service.
4.3.8 Configuring Power Consumption Management for the AM5514
The power consumption management module of the AM5514 covers power consumption management and cable
detection.
When the AM5514 serves as the i-Share+ master AP, it is connected to multiple mini APs. When the power consumption of
the AM5514 reaches the rated power threshold (generally 90%), the power consumption management module applies the
power consumption reduction policy to the mini APs. Specifically, dual-stream mini APs are configured as single-stream
APs to reduce power consumption of the mini APs, thereby reducing the power consumption of the AM5514, and
preventing the restart of the AM5514 caused by insufficient power.
If the AM5514 supplies power by using High Power over Ethernet (HPoE), the impedance of the cable connecting the
HoPE device to the AM5514 may be very large due to poor network cable quality or cable length. As a result, the much
power is lost when the HPoE power supply reaches the AM5514, causing insufficient power supply and restart of the
AM5514. Cable detection aims at detecting whether the impedance of the cable connecting the HPoE device to the
AM5514 is too large when the AM5514 uses the HPoE mode. If yes, detection results and alarms will be displayed.
4.4 Configuration
Configuration
Description and Command
(Optional) It is used to configure STA access control.
{802.11a | 802.11b} network {enable |
Enables or disables the 2.4 GHz or 5 GHz
disable}
network.
11asupport enable
Enables 802.11a support for specified AP
radios in 5 GHz.
Configuring STA Access
11bsupport enable
Enables 802.11b support for specified AP
radios in 2.4 GHz.
Control
11gsupport enable
Enables 802.11g support for specified AP
radios on the 2.4 GHz network.
11nasupport enable
Enables 802.11n support for specified AP
radios in 5 GHz.
11ngsupport enable
Enables 802.11n support for specified AP
radios in 2.4 GHz.
Configuration Guide
Configuration
Configuring WBS
Description and Command
11acsupport enable
Enables 802.11ac support for specified AP
radios.
coverage-area-control
Configures the management frame power
for APs.
response-rssi
Configures the minimum RSSI for wireless
STAs to connect to specified AP radios.
assoc-rssi
Configures the minimum RSSI for wireless
STAs to maintain connections to specified
AP radios.
(Optional) It is used to configure the RF parameters for APs.
802.11n a-mpdu enable
Enables A-MPDU for specified AP radios.
802.11n mcs support
Configures the maximum 802.11n MCS
index value for specified AP radios.
802.11ac mcs support
Configures the maximum 802.11ac MCS
index value for specified AP radios.
antenna
Configures the antenna transmit/receive
type for specified AP radios.
external-antenna enable
Enables usage of external antennas for
specified AP radios, and disables usage of
internal antennas.
beacon dtim-period
Configures the DTIM period for specified AP
radios.
beacon period
Configures the beacon frame transmission
period for specified AP radios.
Configuring AP RF
chan-with
Configures bandwidth assignments for
specified AP radios.
Parameters
channel
Configures channel assignments for
specified AP radios.
country
Configures the country code set supported
by an AC or the country code used by AP
radios.
enable-radio
Enables specified or all AP radios.
fragment-threshold
Configures the fragmentation threshold for
specified AP radios.
green-field enable
Enables the protection mode for specified
AP radios.
power local
Configures the transmit power for specified
AP radios.
radio-type
Specifies the operating band for specified
AP radios.
rts-threshold
Configures the RTS threshold for specified
AP radios.
Configuration Guide
Configuration
Configuring WBS
Description and Command
short-gi
Enables short GI for specified AP radios.
update-key-tsc enable
Enables TKIP Sequence Counter (TSC)
update for APs during 802.11x
re-authentication.
peer-distance
Configures the maximum distance of
wireless transmission between APs and the
peer end.
(Optional) It is used to configure the parameters of data rate control.
802.11a network rate
Configuring Data Rate
802.11b network rate
Control Parameters
802.11g network rate
mcast-rate
beacon rate
Configures the data rate set supported by
802.11a STAs.
Configures the data rate set supported by
802.11b STAs.
Configures the data rate set supported by
802.11g STAs.
Configures the WLAN multicast rate.
Configures the beacon frame transmission
rate.
(Optional) It is used to configure the power-save parameters.
Configuring Power-Save
Parameters
beacon dtim-period
Configures the DTIM period.
apsd
Enables or disables U-APSD power saving.
Enabling Link Integrity
Detection
(Mandatory) It is used to enable link integrity detection.
link-check enable
Enables link integrity detection.
(Optional) It is used to configure the parameters of E-bag.
ampdu-retries
ampdu-rts
Configuring E-Bag
Parameters
eth-schd
One-Click Mode
Detection
Enables or disables RTS protection for
A-MPDU packets.
Configures the single-time received
Ethernet packet quantity for APs.
Enables or disables LDPC.
stbc
Enables or disables transmit/receive STBC.
Configures E-bag network optimization in
one-click mode.
(Optional) It is used to configure WLANs in one-click mode.
autowifi
Configuring Power
Management and Line
retransmission times.
ldpc
ebag
Configuring WLANs in
Configures the A-MPDU software
power-mng line-detect
Configures WLANs in one-click mode.
Configures power management and line
detection
Configuration Guide
Configuring WBS
4.4.1 Configuring STA Access Control
Configuration Effect
 Control the access of a specified type of wireless STAs to manage these wireless STAs conveniently.
Configuration Steps

Enabling or Disabling the 2.4 GHz or 5 GHz Network
 Optional.
 Enable or disable the 2.4 GHz or 5 GHz network on an AC.
 The AC assigns the network settings to all the APs to instruct the APs to enable or disable the 2.4 GHz or 5 GHz
network.
Command
{ 802.11a | 802.11b} network { enable | disable }
Parameter
N/A
Description
Defaults
By default, the 2.4 GHz and 5 GHz networks are enabled.
Command
AC configuration mode
Mode
Configuratio
N/A
n Usage
Guide

Enabling 802.11a Support
 Optional.
 The configuration takes effect only when the AP radios operate in 5 GHz.
 On the AC, enable 802.11a support for specified APs.
 The AC assigns the settings to the APs to instruct the APs to support the access of 802.11a STAs in 5 GHz.
Command
11asupport enable radio radio-id
Parameter
radio-id: specifies the IDs of the radios enabled with 802.11a support. The value ranges from 1 to 48.
Description
Defaults
By default, the access of 802.11a STAs is supported in 5 GHz.
Command
AP configuration mode
Mode
Configuratio
The configuration takes effect only when the AP radios operate in 5 GHz.
n Usage
The configuration is supported only by certain APs.
Guide

Enabling 802.11b Support
 Optional.
 The configuration takes effect only when the AP radios operate in 2.4 GHz.
 On the AC, enable 802.11b support for specified APs.
Configuration Guide
Configuring WBS
 The AC assigns the settings to the APs to instruct the APs to support the access of 802.11b STAs in 2.4 GHz.
Command
11bsupport enable radio radio-id
Parameter
radio-id: specifies the IDs of the radios enabled with 802.11b support. The value ranges from 1 to 48.
Description
Defaults
By default, the access of 802.11b STAs is supported in 2.4 GHz.
Command
AP configuration mode
Mode
Configuratio
The configuration takes effect only when the AP radios operate in 2.4 GHz.
n Usage
The configuration is supported only by certain APs.
Guide

Enabling 802.11g Support
 Optional.
 The configuration takes effect only when the AP radios operate in 2.4 GHz.
 On the AC, enable 802.11g support for specified APs.
 The AC assigns the settings to the APs to instruct the APs to support the access of 802.11g STAs in 2.4 GHz.
Command
11gsupport enable radio radio-id
Parameter
radio-id: specifies the IDs of the radios enabled with 802.11g support. The value ranges from 1 to 48.
Description
Defaults
By default, the access of 802.11g STAs is supported in 2.4 GHz.
Command
AP configuration mode
Mode
Configuratio
The configuration takes effect only when the AP radios operate in 2.4 GHz.
n Usage
The configuration is supported only by certain APs.
Guide

Enabling 802.11na Support
 Optional.
 The configuration takes effect only when the AP radios operate in 5 GHz.
 On the AC, enable 802.11na support for specified APs.
 The AC assigns the settings to the APs to instruct the APs to support the access of 802.11n STAs in 5 GHz.
Command
11nasupport enable radio radio-id
Parameter
radio-id: specifies the IDs of the radios enabled with 802.11na support. The value ranges from 1 to 48.
Description
Defaults
By default, the access of 802.11n STAs is supported in 5 GHz.
Command
AP configuration mode
Mode
Configuratio
The configuration takes effect only when the AP radios operate in 5 GHz.
n Usage
The configuration is supported only by certain APs.
Guide

Enabling 802.11ng Support
Configuration Guide
Configuring WBS
 Optional.
 The configuration takes effect only when the AP radios operate in 2.4 GHz.
 On the AC, enable 802.11ng support for specified APs.
 The AC assigns the settings to the APs to instruct the APs to support the access of 802.11n STAs in 2.4 GHz.
Command
11ngsupport enable radio radio-id
Parameter
radio-id: specifies the IDs of the radios enabled with 802.11ng support. The value ranges from 1 to 48.
Description
Defaults
By default, the access of 802.11n STAs is supported in 2.4 GHz.
Command
AP configuration mode
Mode
Configuratio
The configuration takes effect only when the AP radios operate in 2.4 GHz.
n Usage
The configuration is supported only by certain APs.
Guide

Enabling 802.11ac
 Optional.
 On the AC, enable 802.11ac support for specified APs.
 The AC assigns the settings to the APs to instruct the APs to support the access of 802.11ac STAs.
Command
11acsupport enable radio radio-id
Parameter
radio-id: specifies the IDs of the radios enabled with 802.11ac support. The value ranges from 1 to 48.
Description
Defaults
Only the radios with even IDs support the access of 802.11ac STAs.
Command
AP configuration mode
Mode
Configuratio
N/A
n Usage
Guide

Configuring the Management Frame Power for APs
 Optional.
 Perform the configuration only on the required device unless otherwise specified.
 On the AC, configure the management frame power for specified APs.
 The AC assigns the settings to the APs to instruct the APs to use the configured management frame transmit power. In
this way, the signal coverage areas of the APs are controlled to limit the access of wireless STAs.
Command
coverage-area-control power
Parameter
power: specifies the management frame power. The value ranges from 0 to 32, in the unit of dBm.
Description
Defaults
By default, the management frame power for APs is 0 dBm.
Command
AP configuration mode/AP group configuration mode
Mode
Configuration Guide
Configuratio
Configuring WBS
N/A
n Usage
Guide

Configuring the Minimum RSSI for Wireless STAs to Access APs
 Optional.
 On the AC, configure the minimum RSSI for wireless STAs to access specified AP.
 The AC assigns the settings to the APs to instruct the APs to use the configured minimum RSSI as the threshold for
allowing the access of wireless STAs.
Command
response-rssi rssi radio {radio-id | [802.11b | 802.11a]}
Parameter
rssi: specifies the minimum RSSI for wireless STAs to access APs. The value ranges from 0 to 100, in the
Description
unit of dB.
radio-id: specifies the IDs of the radios assigned with the minimum RSSI. The value ranges from 1 to 48.
802.11b: indicates that the minimum RSSI is assigned to all the radios in 2.4 GHz.
802.11a: indicates that the minimum RSSI is assigned to all the radios in 5.8 GHz.
Defaults
By default, the RSSI is set to 0, indicating that there is no RSSI limit on the access of wireless STAs.
Command
AP configuration mode
Mode
Configuratio
If you select 802.11b, the minimum RSSI is configured for all the radios in 2.4 GHz. The settings take
n Usage
effect when the APs go online for the first time and are automatically applied to the radios. If you select
Guide
802.11a, the condition is the same for the radios in 5.8 GHz.

Configuring the Minimum RSSI for Wireless STAs to Maintain Connections to APs
 Optional.
 On the AC, configure the minimum RSSI for wireless STAs to maintain connections to specified AP.
 The AC assigns the settings to the APs to instruct the APs to use the configured minimum RSSI as the threshold for
maintaining the connections of wireless STAs.
Command
assoc-rssi rssi radio radio-id
Parameter
rssi: specifies the minimum RSSI for wireless STAs to maintain connections. The value ranges from 0 to
Description
100, in the unit of dB.
radio-id: specifies the IDs of the radios assigned with the minimum RSSI. The value ranges from 1 to 48.
Defaults
By default, the RSSI is set to 0, indicating that there is no RSSI limit on the access of wireless STAs.
Command
AP configuration mode
Mode
Configuratio
N/A
n Usage
Guide
Verification
 Run show ap-config running ap-name to display the parameter settings of STA access control.
Configuration Guide
Configuring WBS
Configuration Example

Configuring the Parameters of STA Access Control
Scenario
Figure 4-3
In Figure 4-3, an AC is connected to thin APs. On the AC, configure STA access control for all the APs
according to the following step:
1. Disable the 2.4 GHz network.
On the AC, configure STA access control for AP1 according to the following steps:
Configuratio
1.
Enable the access of 802.11a and 802.11na STAs in 5 GHz
2.
Enable the access of 802.11g and 802.11ng STAs in 2.4 GHz.
3.
Enable the access of 802.11ac STAs.
4.
Set the management frame power to 20 dBm.
5.
Set the minimum RSSI for wireless STAs to access APs to 20 dB.
6.
Set the minimum RSSI for wireless STAs to maintain connections to15 dB.

Disable the 2.4 GHz network on the AC.
n Steps
AC
Ruijie# configure terminal
Ruijie(config)# ac-controller
Ruijie(config-ac)# 802.11b network disable

AC
Set the STA access control parameters for AP1 on the AC.
Ruijie# configure terminal
Ruijie(config)# ap-config AP1
Ruijie(config-ap)# 11asupport enable radio 2
Configuration Guide
Configuring WBS
Ruijie(config-ap)# 11nasupport enable radio 2
Ruijie(config-ap)# 11gsupport enable radio 1
Ruijie(config-ap)# 11ngsupport enable radio 1
Ruijie(config-ap)# 11acsupport enable radio 1
Ruijie(config-ap)# no 11bsupport enable radio 1
Ruijie(config-ap)# coverage-area-control 20
Ruijie(config-ap)# response-rssi 20 radio 1
Ruijie(config-ap)# response-rssi 20 radio 2
Ruijie(config-ap)# assoc-rssi 15 radio 1
Ruijie(config-ap)# assoc-rssi 15 radio 2
Verification

AC
Ruijie(config)# show running
Run show running to check whether the 2.4 GHz or 5 GHz network is enabled or disabled.
!
ac-controller
sta-limit 1024
no capwap dtls enable
802.11b network disable
country CN
country US
!

AC
Run show ap-config running ap-name to display the STA access control parameters for AP1.
Ruijie(config)# show ap-config running AP1
!
ap-config 220em
no 11bsupport enable radio 1
coverage-area-control 20
response-rssi 20 radio 1
response-rssi 20 radio 2
assoc-rssi 15 radio 1
assoc-rssi 15 radio 2
radio-type 1 802.11b
radio-type 2 802.11a
!
Configuration Guide
Configuring WBS
4.4.2 Configuring AP RF Parameters
Configuration Effect
 Configure the RF parameters for APs and radios for easier configuration management.
Configuration Steps

Enabling A-MPDU
 Optional.
 On an AC, enable A-MPDU for specified APs. Then the AC assigns the settings to the APs to instruct the APs to
enable A-MPDU.
Command
802.11n a-mpdu enable radio radio-id
Parameter
radio-id: specifies the IDs of the radios enabled with A-MPDU. The value ranges from 1 to 48.
Description
Defaults
By default, A-MPDU is enabled.
Command
AP configuration mode
Mode
Configuratio
The configuration takes effect only when the AP radios operate in 802.11n or 802.11ac mode.
n Usage
The configuration is supported only by certain APs.
Guide

Configuring the Maximum 802.11n MCS Index Value
 Optional.
 On an AC, configure the maximum 802.11n MCS index value for specified AP. Then the AC assigns the settings to the
APs to inform the APs of the maximum 802.11n MCS index value.
Command
802.11n mcs support num radio radio-id
Parameter
num: specifies the MCS index value, which ranges from 0 to 23.
Description
radio-id: specifies the IDs of the radios assigned with the maximum 802.11n MCS index value. The value
ranges from 1 to 48.
Defaults
By default, the maximum 802.11n MCS index value is 23.
Command
AP configuration mode
Mode
Configuratio
The configuration takes effect only when the AP radios operate in 802.11n or 802.11ac mode.
n Usage
Guide

Configuring the Maximum 802.11ac MCS Index Value
 Optional.
 On an AC, configure the maximum 802.11ac MCS index value for specified AP. Then the AC assigns the settings to
the APs to inform the APs of the maximum 802.11ac MCS index value.
Command
802.11ac mcs support num radio radio-id
Parameter
num: specifies the MCS index value, which ranges from 0 to 29.
Configuration Guide
Description
Configuring WBS
radio-id: specifies the IDs of the radios assigned with the maximum 802.11ac MCS index value. The value
ranges from 1 to 48.
Defaults
By default, the maximum 802.11n MCS index value is 29.
Command
AP configuration mode
Mode
Configuratio
The configuration takes effect only when the AP radios operate in 802.11ac mode.
n Usage
Guide

Configuring the Antenna Transmit/Receive Type
 Optional.
 On an AC, configure the antenna transmit/receive type for specified APs. Then the AC assigns the settings to the APs
to instruct the APs to use the specified antenna selection masks to send and receive packets.
Command
antenna { transmit | receive } value radio radio-id
Parameter
transmit: is the antenna transmit parameter.
Description
receive: is the antenna receive parameter.
value: specifies the antenna selection mask. The value ranges from 1 to 7.
radio-id: specifies the IDs of the radios assigned with the antenna transmit/receive type. The value ranges
from 1 to 48.
Defaults
In AP configuration mode, the default antenna selection mask varies with different product models and
antenna quantities and is determined based on the product model.
By default, no antenna transmit/receive type is configured in AP group configuration mode.
Command
AP configuration mode or AP group configuration mode
Mode
Configuratio
The configuration takes effect only when the AP radios operate in 802.11n or 802.11ac mode.
n Usage
Guide

Configuring Usage of External Antennas for APs
 Optional.
 On an AC, configure usage of external antennas for specified APs. Then the AC assigns the settings to the APs to
instruct the APs to enable external antennas and disable internal antennas.
Command
external-antenna enable radio radio-id
Parameter
radio-id: specifies the IDs of the radios enabled with external antenna usage. The value ranges from 1 to
Description
48.
Defaults
By default, usage of internal antennas is enabled, and usage external antennas is disabled.
Command
AP configuration mode
Mode
Configuratio
N/A
n Usage
Guide

Configuring the Beacon Frame Transmission Period
Configuration Guide
Configuring WBS
 Optional.
 On an AC, configure the beacon frame transmission period for specified APs. Then the AC assigns the settings to the
APs to instruct the APs to transmit beacon frames according to the configured period.
Command
beacon period milliseconds radio radio-id
Parameter
milliseconds: specifies the beacon frame transmission period. The value ranges from 20 to 1000, in the
Description
unit of ms.
radio-id: specifies the IDs of the radios assigned with the beacon frame transmission period. The value
ranges from 1 to 48.
Defaults
By default, the beacon frame transmission period is 100 ms.
Command
AP configuration mode
Mode
Configuratio
The configuration is supported only by certain APs.
n Usage
Guide

Configuring Bandwidth Assignments
 Optional.
 On an AC, configure bandwidth assignments for specified APs. Then the AC assigns the settings to the APs to instruct
the APs to switch the channel bandwidth to the specified bandwidth.
Command
chan-width { 20 | 40 | 80 } radio {radio-id | [802.11b | 802.11a]}
Parameter
20: specifies the 20 MHz bandwidth.
Description
40: specifies the 40 MHz bandwidth.
80: specifies the 80 MHz bandwidth.
radio-id: specifies the IDs of the radios assigned with bandwidth. The value ranges from 1 to 48.
802.11b: indicates that bandwidth is assigned to all the radios in 2.4 GHz.
802.11a: indicates that bandwidth is assigned to all the radios in 5.8 GHz.
Defaults
The default channel bandwidth is 20 MHz.
Command
AP configuration mode
Mode
Configuratio
If you select 802.11b, the bandwidth is configured for all the radios in 2.4 GHz. The settings take effect
n Usage
when the APs go online for the first time and are automatically applied to the radios. If you select 802.11a,
Guide
the condition is the same for the radios in 5.8 GHz. The bandwidth configuration takes effect only when
APs operate in 802.11n or 802.11ac mode.

Configuring Channel Assignments
 Optional.
 On an AC, configure channel assignments for specified APs. Then the AC assigns the settings to the APs to instruct
the AP radios to operate in specified channels.
Command
channel channel-id radio radio-id
Parameter
channel-id: specifies the operating channels of AP radios.
Description
radio-id: specifies the IDs of the radios assigned with channels. The value ranges from 1 to 48.
Defaults
The radio resource management (RRM) system automatically adjusts channels. By default, no channel
Configuration Guide
Configuring WBS
assignments are configured.
Command
AP configuration mode
Mode
Configuratio
The configuration is supported only by certain APs.
n Usage
Guide

Configuring the Country Code Set Supported by an AC
 Optional.
 Add a country code to the country code set supported by an AC before you configure AP radios to use the country
code.
Command
country country-code
Parameter
country-code: specifies the country code to be added.
Description
Defaults
The country code set supported by the AC is {"CN"}.
Command
AP configuration mode
Mode
Configuratio
The country code "CN" supported by the AC cannot be deleted.
n Usage
The following country codes are available for choice:
Guide

Code
Country
CN
China
US
United States
JP
Japan
ID
Indonesia
IN
India
KR
Korea ROC
MY
Malaysia
RU
Russia
SG
Singapore
Configuring a Country Code
 Optional.
 Ensure that the configured country code is in the country code set supported by an AC. The AC will assign the settings
to the APs to instruct the APs to use the configured country code.
Command
country country-code radio {radio-id | [802.11b | 802.11a]}
Parameter
country-code: specifies the country code to be added.
Description
radio-id: specifies the IDs of the radios assigned with the country code. The value ranges from 1 to 48.
802.11b: indicates that the country code is assigned to all the radios in 2.4 GHz.
802.11a: indicates that the country code is assigned to all the radios in 5.8 GHz.
Defaults
The country code used by APs is "CN".
Command
AP configuration mode
Mode
Configuration Guide
Configuratio
Configuring WBS
1.
The country code "CN" supported by the AC cannot be deleted.
2.
The configuration is supported only by certain APs.
3.
The following country codes are available for choice:
n Usage
Guide
Code
Country
CN
China
US
United States
JP
Japan
ID
Indonesia
IN
India
KR
Korea ROC
MY
Malaysia
RU
Russia
SG
Singapore
4.
Before you configure APs, determine the country code set supported by the AC. If the country code
used by an AP is changed, the RF band, channel, and power for the AP are also changed.
5.
If you select 802.11b, the country code is configured for all the radios in 2.4 GHz. The settings take
effect when the APs go online for the first time and are automatically applied to the radios. If you
select 802.11a, the condition is the same for the radios in 5.8 GHz.

Enabling Radios
 Optional.
 Enable radios on an AC. Then the AC assigns the settings to the APs to instruct the APs to enable the corresponding
radios.
Command
enable-radio { radio-id | all }
Parameter
radio-id: specifies the IDs of the radios to be enabled. The value ranges from 1 to 48.
Description
all: indicates that all radios are enabled.
Defaults
By default, radios are enabled.
Command
AP configuration mode
Mode
Configuratio
When radios are enabled or disabled, the wireless STAs connected to the radios will go offline.
n Usage
The configuration is supported only by certain APs.
Guide

Configuring the Fragmentation Threshold
 Optional.
 On an AC, configure the fragmentation threshold for specified APs. Then the AC assigns the settings to the APs to
instruct the AP radios to perform fragment logic processing according to the configured threshold.
Command
fragment-threshold value radio radio-id
Parameter
value: specifies the fragmentation threshold, which must be an even number ranging from 256 to 2346.
Description
radio-id: specifies the IDs of the radios assigned with the fragmentation threshold. The value ranges from
Configuration Guide
Configuring WBS
1 to 48.
Defaults
The default fragmentation threshold is 2346 bytes.
Command
AP configuration mode
Mode
Configuratio
The configuration is supported only by certain APs.
n Usage
Guide

Enabling the Protection Mode
 Optional.
 On an AC, enable the protection mode for specified APs. Then the AC assigns the settings to the APs to instruct the
AP radios to enable the protection mode.
Command
green-field enable radio radio-id
Parameter
radio-id: specifies the IDs of the radios enabled with the protection mode. The value ranges from 1 to 48.
Description
Defaults
By default, the protection mode is disabled.
Command
AP configuration mode
Mode
Configuratio
The configuration takes effect only when the AP radios operate in 2.4 GHz.
n Usage
Guide

Configuring the Transmit Power
 Optional.
 On an AC, configure the transmit power for specified APs. Then the AC assigns the settings to the APs to instruct the
AP radios to use the transmit power.
Command
power local powerradio {radio-id | [802.11b | 802.11a]}
Parameter
power: specifies the percent of transmit power for APs. The value ranges from 1 to 100.
Description
radio-id: specifies the IDs of the radios assigned with the transmit power. The value ranges from 1 to 48.
802.11b: indicates that the transmit power is assigned to all the radios in 2.4 GHz.
802.11a: indicates that the transmit power is assigned to all the radios in 5.8 GHz.
Defaults
The RRM system automatically adjusts the transmit power. By default, no transmit power is configured.
Command
AP configuration mode or AP group configuration mode
Mode
Configuratio
If you select 802.11b, the transmit power is configured for all the radios in 2.4 GHz. The settings take
n Usage
effect when the APs go online for the first time and are automatically applied to the radios. If you select
Guide
802.11a, the condition is the same for the radios in 5.8 GHz. The configuration is supported only by
certain APs.

Configuring a Frequency Band
 Optional.
Configuration Guide
Configuring WBS
 After a frequency band is assigned to AP radios, the RRM module analyzes the operating channel of the AP radios in
global mode, adjusts the channel, and assigns the optimal channel to the AP. The AP radios are instructed to operate
in the specified channel.
Command
radio-type radio-id { 802.11a | 802.11b }
Parameter
radio-id: specifies the IDs of the radios assigned with the frequency band. The value ranges from 1 to 48.
Description
802.11a: specifies the 5 GHz operating band.
802.11b: specifies the 2.4 GHz operating band.
Defaults
A single-band AP (radio 1) supports the 2.4 GHz frequency band. For a dual-band AP, radio 1 supports
the 2.4 GHz frequency band, and radio 2 supports the 5 GHz frequency band.
Command
AP configuration mode
Mode
Configuratio
The configuration is supported only by certain APs.
n Usage
Guide

Configuring the RTS Threshold
 Optional.
 On an AC, configure the RTS threshold for specified APs. Then the AC assigns the settings to the APs to instruct the
AP radios to use the configured threshold.
Command
rts-threshold value radio radio-id
Parameter
value: specifies the value of the RTS threshold. The value ranges from 257 to 2347, in the unit of bytes.
Description
radio-id: specifies the IDs of the radios assigned with the RTS threshold. The value ranges from 1 to 48.
Defaults
The default RTS threshold is 2347.
Command
AP configuration mode
Mode
Configuratio
N/A
n Usage
Guide

Enabling Short GI
 Optional.
 On an AC, enable short GI for specified APs. Then the AC assigns the settings to the APs to instruct the AP radios to
use short GI.
Command
short-gi enable radio radio-id chan-width { 20 | 40 | 80 }
Parameter
radio-id: specifies the IDs of the radios enabled with short GI. The value ranges from 1 to 48.
Description
20: specifies the 20 MHz bandwidth.
40: specifies the 40 MHz bandwidth.
80: specifies the 80 MHz bandwidth.
Defaults
By default, short GI is enabled in 40 MHz and disabled in 20 MHz.
Command
AP configuration mode
Mode
Configuratio
N/A
Configuration Guide
Configuring WBS
n Usage
Guide

Configuring the Preamble Type
 Optional.
 On an AC, configure the preamble type for specified APs. Then the AC assigns the settings to the APs to instruct the
AP radios to use the configured preamble type.
Command
preamble { long | short } radio radio-id
Parameter
long: indicates that APs transmit only the frames with long preambles.
Description
short: indicates that APs can transmit the frames with short or long preambles.
radio-id: specifies the IDs of the radios assigned with the preamble type. The value ranges from 1 to 48.
Defaults
By default, the short preamble type is supported.
Command
AP configuration mode
Mode
Configuratio
The configuration is supported only by certain APs.
n Usage
Guide

Configuring the Short Slot Time
 Optional.
 On an AC, configure the short slot time for specified APs. Then the AC assigns the settings to the APs to instruct the
AP radios to enable the short slot time feature.
Command
short-slot-time radio radio-id
Parameter
radio-id: specifies the IDs of the radios assigned with the short slot time. The value ranges from 1 to 48.
Description
Defaults
By default, the short slot time function is enabled.
Command
AP configuration mode
Mode
Configuratio
N/A
n Usage
Guide

Enabling TSC Update
 Optional.
 On an AC, enable TSC update for specified APs. Then the AC assigns the settings to the APs to instruct the AP to
enable TSC update.
Command
update-key-tsc enable
Parameter
N/A
Description
Defaults
By default, TSC update is disabled.
Command
AP configuration mode or AP group configuration mode
Mode
Configuration Guide
Configuratio
Configuring WBS
N/A
n Usage
Guide

Configuring the Maximum Distance of Wireless Transmission Between APs and the Peer End
 Optional.
 On an AC, configure the maximum distance of wireless transmission between APs and the peer end for specified APs.
Then the AC assigns the settings to the APs to instruct the AP radios to send and receive packets according to the
maximum distance.
Command
peer-distance val radio radio-id
Parameter
val: specifies the maximum wireless transmission distance allowed by APs. The value ranges from 1000
Description
to 25000, in the unit of m.
radio-id: specifies the IDs of the radios assigned with the maximum wireless transmission distance. The
value ranges from 1 to 48.
Defaults
By default, the maximum wireless transmission distance is 1000 m.
Command
AP configuration mode
Mode
Configuratio
The configuration is supported only by certain APs.Perform the configuration only when the actual
n Usage
maximum distance of wireless transmission between APs and the peer end is greater than 1000 m. You
Guide
can set the distance to a large value but do not set it to a value smaller than the actual distance.
Verification
 Run show ap-config running ap-name to display the parameter settings of STA access control.
Configuration Example

Configuring AP RF Parameters
Configuration Guide
Configuring WBS
Scenario
Figure 4-4
In Figure 4-4 an AC is connected to thin APs. On the AC, configure the RF parameters for AP1 according
to the following steps:
1.
Configure the "CN" country code.
2.
Enable A-MPDU for radio 1 of AP1.
3.
Set the maximum 802.11n MCS index value to 15 for radio 1 of AP1.
4.
Set the maximum 802.11ac MCS index value to 19 for radio 1 of AP1.
5.
Set the antenna selection masks of the transmit type and receive type to 7 and 5 respectively for
radio 1 of AP1.
6.
Enable usage of external antennas and disable usage of internal antennas for radio 1 of AP1.
7.
Set the beacon frame transmission period to 200 ms for radio 1 of AP1.
8.
Configure the "CN" country code for radio 1 of AP1.
9.
Assign channel 11 to radio 1 of AP1.
10. Assign the 20 MHz bandwidth to radio 1 of AP1.
11. Enable short GI for radio 1 of AP1 in 20 MHz.
12. Enable the protection mode for radio 1 of AP1.
13. Configure the short preamble type for radio 1 of AP1.
14. Configure the short slot time for radio 1 of AP1.
15. Configure the "CN" country code for radio 2 of AP1.
16. Assign channel 149 to radio 2 of AP1.
17. Assign the 40 MHz bandwidth to radio 2 of AP1.
18. Enable radio 2 of AP1.
19. Set the fragmentation threshold to 2346 bytes for radio 2 of AP1.
20. Set the percent of transmit power to 100% for radio 2 of AP1.
21. Set the RTS threshold to 2347 bytes for radio 2 of AP1.
22. Enables TSC update for AP1.
23. Set the maximum distance of wireless transmission between APs and the peer end to 3000 m for
radio 1 of AP1.
Configuratio
n Steps

On the AC, configure the RF parameters for AP1.
Configuration Guide
Configuring WBS
Ruijie# configure terminal
Ruijie(config)# ac-controller
Ruijie(config-ac)# country CN
Ruijie(config-ac)# exit
Ruijie(config)# ap-config AP1
Ruijie(config-ap)# 802.11n a-mpdu enable radio 1
Ruijie(config-ap)# 802.11n mcs support 15 radio 1
Ruijie(config-ap)# 802.11ac mcs support 19 radio 1
Ruijie(config-ap)# antenna transmit 7 radio 1
Ruijie(config-ap)# antenna receive 5 radio 1
Ruijie(config-ap)# external-antenna enable radio 1
Ruijie(config-ap)# beacon period 200 radio 1
Ruijie(config-ap)# country CN radio 1
Ruijie(config-ap)# channel 11 radio 1
Ruijie(config-ap)# chan-width 20 radio 1
Ruijie(config-ap)# short-gi enable radio 1 chan-width 20
Ruijie(config-ap)# green-field enable radio 1
Ruijie(config-ap)# preamble short radio 1
Ruijie(config-ap)# short-slot-time radio 1
Ruijie(config-ap)# country CN radio 2
Ruijie(config-ap)# channel 149 radio 2
Ruijie(config-ap)# chan-width 40 radio 2
Ruijie(config-ap)# enable-radio 2
Ruijie(config-ap)# fragment-threshold 2346 radio 2
Ruijie(config-ap)# power local 100 radio 2
Ruijie(config-ap)# rts-threshold 2347 radio 2
Ruijie(config-ap)# update-key-tsc enable
Ruijie(config-ap)# peer-distance 3000 radio 1
Verification

Run show ap-config running ap-name to display the RF parameter settings of AP1.
Ruijie(config)# show ap-config running AP1
!
ap-config AP1
802.11n mcs support 15 radio 1
Configuration Guide
Configuring WBS
802.11n mcs support 15 radio 2
802.11ac mcs support 19 radio 1
update-key-tsc enable
short-gi enable radio 1 chan-width 20
green-field enable radio 1
station-role root-ap radio 1
station-role root-ap radio 2
chan-width 40 radio 2
antenna receive 5 radio 1
external-antenna enable radio 1
channel 11 radio 1
channel 149 radio 2
beacon period 200 radio 1
power local 100 radio 2
peer-distance 3000 radio 1
!
4.4.3 Configuring Data Rate Control Parameters
Configuration Effect
 Configure the data rate control parameters for thin APs centrally for easier configuration management.
Configuration Steps

Configuring the Data Rate Set Supported by 802.11a STAs
 Optional.
 On an AC, configure the data rate set supported by 802.11a STAs. Then the AC assigns the settings to all the APs to
instruct the APs to apply the configured data rate set to 802.11a STAs.
Command
802.11a network rate { 6 | 9 | 12 | 18 | 24 | 36 | 48 | 54 } { disabled | mandatory | supported }
Parameter
6: specifies the 6 Mbps data rate.
Description
9: specifies the 9 Mbps data rate.
12: specifies the 12 Mbps data rate.
18: specifies the 18 Mbps data rate.
24: specifies the 24 Mbps data rate.
36: specifies the 36 Mbps data rate.
48: specifies the 48 Mbps data rate.
54: specifies the 54 Mbps data rate.
disabled: indicates that the data rate set is not supported.
mandatory: indicates that support for the data rate set is mandatory.
Configuration Guide
Configuring WBS
supported: indicates that support for the data rate set is optional.
Defaults
Support for the 6 Mbps, 12 Mbps, and 24 Mbps data rates is mandatory, whereas support for the 9 Mbps,
18 Mbps, 36 Mbps, 48 Mbps, and 54 Mbps data rates is optional.
Command
AC configuration mode/AP configuration mode/AP group configuration mode
Mode
Configuratio
N/A
n Usage
Guide

Configuring the Data Rate Set Supported by 802.11b STAs
 Optional.
 On an AC, configure the data rate set supported by 802.11b STAs. Then the AC assigns the settings to all the APs to
instruct the APs to apply the configured data rate set to 802.11b STAs.
Command
802.11b network rate { 1 | 2 | 5 | 11 } { disabled | mandatory | supported}
Parameter
1: specifies the 1 Mbps data rate.
Description
2: specifies the 2 Mbps data rate.
5: specifies the 5.5 Mbps data rate.
11: specifies the 11 Mbps data rate.
disabled: indicates that the data rate set is not supported.
mandatory: indicates that support for the data rate set is mandatory.
supported: indicates that support for the data rate set is optional.
Defaults
Support for the 1 Mbps, 2 Mbps, 5.5 Mbps, and 11 Mbps data rates is mandatory.
Command
AC configuration mode/AP configuration mode/AP group configuration mode
Mode
Configuratio
N/A
n Usage
Guide

Configuring the Data Rate Set Supported by 802.11g STAs
 Optional.
 On an AC, configure the data rate set supported by 802.11g STAs. Then the AC assigns the settings to all the APs to
instruct the APs to apply the configured data rate set to 802.11g STAs.
Command
802.11g network rate { 1 | 2 | 5 | 6 | 9 | 11 | 12 | 18 | 24 | 36 | 48 | 54 } { disabled | mandatory |
supported}
Parameter
1: specifies the 1 Mbps data rate.
Description
2: specifies the 2 Mbps data rate.
5: specifies the 5.5 Mbps data rate.
6: specifies the 6 Mbps data rate.
9: specifies the 9 Mbps data rate.
11: specifies the 11 Mbps data rate.
12: specifies the 12 Mbps data rate.
18: specifies the 18 Mbps data rate.
24: specifies the 24 Mbps data rate.
Configuration Guide
Configuring WBS
36: specifies the 36 Mbps data rate.
48: specifies the 48 Mbps data rate.
54: specifies the 54 Mbps data rate.
disabled: indicates that the data rate set is not supported.
mandatory: indicates that support for the data rate set is mandatory.
supported: indicates that support for the data rate set is optional.
Defaults
Support for the 1 Mbps, 2 Mbps, 5.5 Mbps, and 11 Mbps data rates is mandatory, whereas support for the
6 Mbps, 9 Mbps, 12 Mbps, 18 Mbps, 24 Mbps, 36 Mbps, 48 Mbps, and 54 Mbps data rates is optional.
Command
AC configuration mode/AP configuration mode/AP group configuration mode
Mode
Configuratio
N/A
n Usage
Guide

Configuring the Multicast Rate
 Optional.
 On an AC, configure the multicast rate for a WLAN. Then the AC assigns the settings to all the APs on the WLAN to
instruct the APs to apply the configured multicast rate within the range of the WLAN.
Command
mcast-rate mcas-num
Parameter
mcast-num: specifies the WLAN multicast rate. The 1 Mbps, 6 Mbps, 11 Mbps, 24 Mbps, and 54 Mbps
Description
options are available.
Defaults
The default multicast rate is 24 Mbps.
Command
WLAN configuration mode
Mode
Configuratio
N/A
n Usage
Guide

Configuring the Beacon Frame Transmission Rate
 Optional.
 On an AC, configure the beacon frame transmission rate for specified APs. Then the AC assigns the settings to the
APs to instruct the APs to transmit beacon frames according to the configured rate.
Command
beacon rate rate-Mbps radio {radio-id | [802.11b | 802.11a]}
Parameter
rate_Mbps: specifies the rate at which beacon frames are transmitted.
Description
radio-id: specifies the IDs of the radios assigned with the beacon frame transmission rate. The value
ranges from 1 to 48.
802.11b: indicates that the beacon frame transmission rate is assigned to all the radios in 2.4 GHz.
802.11a: indicates that the beacon frame transmission rate is assigned to all the radios in 5.8 GHz.
Defaults
By default, no beacon frame transmission rate is configured.
Command
AP configuration mode
Mode
Configuratio
n Usage
1.
Do not configure a beacon frame transmission rate that is disabled in the data rate set settings.
Configuration Guide
Guide
2.
Configuring WBS
Because the 1 Mbps, 2 Mbps, 5.5 Mbps, and 11 Mbps rates are not supported in 5 GHz, do not set
the beacon frame transmission rate to any of the preceding values for the radios in 5 GHz.
3.
If you select 802.11b, the beacon frame transmission rate is configured for all the radios in 2.4 GHz.
The settings take effect when the APs go online for the first time and are automatically applied to the
radios. If you select 802.11a, the condition is the same for the radios in 5.8 GHz.
Verification
 Run show running to display the parameter settings of data rate control.
Configuration Example

Configuring Data Rate Control Parameters
Scenario
Figure 4-5
In Figure 4-5, an AC is connected to thin APs. On the AC, configure the data rate control parameters
according to the following steps:
1.
Disable the 6 Mbps rate for 802.11a STAs.
2.
Disable the 1 Mbps, 2 Mbps, and 5.5 Mbps rates for 802.11b STAs.
3.
Disable the 1 Mbps, 2 Mbps, and 5.5 Mbps rates for 802.11g STAs.
4.
Set the multicast rate for WLAN1 to 54 Mbps.
On the AC, configure the data rate control parameters for AP1 according to the following step:
Configuratio
1.
Configure the beacon frame transmission rate for radio 1 of AP1.

On the AC, configure the data rate control parameters.
n Steps
Ruijie# configure terminal
Ruijie(config)# ac-controller
Ruijie(config-ac)# 802.11a network rate 6 disabled
Ruijie(config-ac)# 802.11b network rate 1 disabled
Ruijie(config-ac)# 802.11b network rate 2 disabled
Ruijie(config-ac)# 802.11b network rate 5 disabled
Ruijie(config-ac)# 802.11g network rate 1 disabled
Configuration Guide
Configuring WBS
Ruijie(config-ac)# 802.11g network rate 2 disabled
Ruijie(config-ac)# 802.11g network rate 5 disabled
Ruijie(config-ac)# exit
Ruijie(config)# wlan-config 1
Ruijie(config-wlan)# mcast-rate 54

On the AC, configure the beacon frame transmission rate for AP1.
Ruijie# configure terminal
Ruijie(config)# ap-config AP1
Ruijie(config-ap)# beacon rate 12.0 radio 1
Verification

Run show running-config to display the parameter settings of data rate control.
Ruijie# show running-config
...
!
wlan-config 1 ss
enable-broad-ssid
mcast-rate 54
!
...
!
ac-controller
country CN
802.11g network rate 1 disabled
802.11g network rate 2 disabled
802.11g network rate 5 disabled
802.11g network rate 11 mandatory
802.11g network rate 6 supported
802.11g network rate 9 supported
802.11g network rate 12 supported
802.11g network rate 18 supported
802.11g network rate 24 supported
802.11g network rate 36 supported
Configuration Guide
Configuring WBS
802.11g network rate 48 supported
802.11g network rate 54 supported
802.11b network rate 1 disabled
802.11b network rate 2 disabled
802.11b network rate 5 disabled
802.11b network rate 11 mandatory
802.11a network rate 6 disabled
802.11a network rate 9 supported
802.11a network rate 12 mandatory
802.11a network rate 18 supported
802.11a network rate 24 mandatory
802.11a network rate 36 supported
802.11a network rate 48 supported
802.11a network rate 54 supported
!
...

Run show ap-config running ap-name to display the beacon frame transmission rate settings of
AP1.
Ruijie(config)# show ap-config running AP1
!
ap-config AP1
channel 11 radio 1
channel 149 radio 2
beacon period 200 radio 1
beacon rate 12.0 radio 1
power local 100 radio 2
!
4.4.4 Configuring Power-Save Parameters
Configuration Effect
 Configure the power-save parameters for thin APs centrally for easier configuration management.
Configuration Steps

Configuring the DTIM Period
 Optional.
Configuration Guide
Configuring WBS
 The power saving effect is improved if the DTIM period is set to a large value, but the delay for downstream multicast
packets is increased.
Command
beacon dtim-period period-num radio radio-id
Parameter
period-num: specifies the DTIM period. The value ranges from 1 to 255. The unit is expressed as the
Description
period of one beacon frame.
radio-id: specifies the IDs of the radios assigned with the DTIM period. The value ranges from 1 to 48.
Defaults
The unit of the DTIM period is expressed as the period of one beacon frame.
Command
AP configuration mode
Mode
Configuratio
N/A
n Usage
Guide

Enabling or Disabling U-APSD Power Saving
 Optional.
 Enable U-APSD power saving to reduce the delay of the services with high real-time requirements during the power
management process. The transmission of radio signals can be disabled during most of the time to extends the battery
life.
Command
apsd { enable | disable } radio radio-id
Parameter
enable: enables U-APSD power saving.
Description
disable: disables U-APSD power saving.
radio-id: specifies the IDs of the radios enabled with U-APSD power saving. The value ranges from 1 to
48.
Defaults
By default, U-APSD power saving is enabled.
Command
AP configuration mode
Mode
Configuratio
N/A
n Usage
Guide
Verification
 Run show ap-config running ap-name to display the power-save parameter settings.
Configuration Example

Configuring Power-Save Parameters
Configuration Guide
Configuring WBS
Scenario
Figure 4-6
Configuratio

On the AC, set the DTIM period to 3 for radio 1 of AP1.
n Steps

On the AC, enable U-APSD power saving for radio 1 of AP1.
Ruijie#configure terminal
Ruijie(config)#ap-config AP0001
Ruijie(config-ap)#beacon dtim-period 3 radio 1
Ruijie(config-ap)#apsd enable radio 1
Verification

Run show ap-config running ap-name to display the power-save parameter settings of AP1.
Ruijie(config)# show ap-config running AP1
!
ap-config AP1
802.11n mcs support 15 radio 1
802.11n mcs support 15 radio 2
update-key-tsc enable
short-gi enable radio 1 chan-width 20
green-field enable radio 1
station-role root-ap radio 1
station-role root-ap radio 2
chan-width 40 radio 2
antenna receive 5 radio 1
channel 11 radio 1
channel 149 radio 2
beacon period 200 radio 1
beacon dtim-period 3 radio 1
power local 100 radio 2
Configuration Guide
!
4.4.5 Enabling Link Integrity Detection
Configuration Effect
 Enable link integrity detection.
Configuration Steps

Enabling Link Integrity Detection
 (Mandatory) Run link-check enable to enable link integrity detection.
Command
link-check enable
Parameter
N/A
Description
Defaults
By default, link integrity detection is disabled.
Command
Global configuration mode
Mode
Configuratio
By default, link integrity detection is disabled.
n Usage
Guide
Verification
 Run show running-config to display the configuration status of link integrity detection.
Configuration Example

Enabling Link Integrity Detection
Configuring WBS
Configuration Guide
Configuring WBS
Scenario
Figure 4-7
In Figure 4-7, an AC is connected to thin APs. Enable link integrity detection according to the following
step:
Configuratio
1.
Enable link integrity detection.

Enable link integrity detection on the AC.
n Steps
Ruijie# configure terminal
Ruijie(config)# link-check enable
Verification

Run show running-config to display the configuration status of link integrity detection.
Ruijie(config)# show running-config
……
link-check enable
……
4.4.6 Configuring E-Bag Parameters
Configuration Effect
 Configure the E-bag parameters for APs and radios for easier configuration management.
Configuration Steps

Configuring the A-MPDU Software Retransmission Times
 Optional.
Configuration Guide
Configuring WBS
 On an AC, configure the A-MPDU software retransmission times for specified APs. Then the AC assigns the settings to
the APs to instruct the APs to transmit A-MPDU packets according to the configured times.
 The greater the retransmission times, the lower the probability of sub-frame loss. If packets are retransmitted
frequently, the burden on the air interface is increased, which affects the real-time transmission of packets on the air
interface. You can increase the retransmission times if you need to avoid packet loss when there is a high probability of
sub-frame loss.
Command
ampdu-retries times radio radio-id
Parameter
times: specifies the A-MPDU software retransmission times. The value ranges from 1 to 10.
Description
radio-id: specifies the IDs of the radios assigned with the A-MPDU software retransmission times. The
value ranges from 1 to 48.
Defaults
By default, the A-MPDU software retransmission times is 10.
Command
AP configuration mode
Mode
Configuratio
The configuration takes effect only when the AP radios operate in 802.11n or 802.11ac mode.
n Usage
The configuration is supported only by certain APs.
Guide

Enabling or Disabling RTS Protection for A-MPDU Packets
 Optional.
 On an AC, enable RTS protection for A-MPDU packets for specified APs. Then the AC assigns the settings to the APs
to instruct the APs to transmit A-MPDU packets using RTS protection.
 Enable RTS protection only when the resource waste on the air interface caused by hidden nodes is greater than the
resource consumption of RTS interaction on the air interface.
Command
ampdu-rts radio {radio-id | [802.11b | 802.11a]}
Parameter
radio-id: specifies the IDs of the radios enabled with RTS protection. The value ranges from 1 to 48.
Description
802.11b: indicates that RTS protection is enabled for all the radios in 2.4 GHz.
802.11a: indicates that RTS protection is enabled for all the radios in 5.8 GHz.
Defaults
By default, RTS protection for A-PMDU packets is disabled.
Command
AP configuration mode
Mode
Configuratio
If you select 802.11b, RTS protection for A-PMDU packets is enabled for all the radios in 2.4 GHz. The
n Usage
settings take effect when the APs go online for the first time and are automatically applied to the radios. If
Guide
you select 802.11a, the condition is the same for the radios in 5.8 GHz. The configuration takes effect only
when the AP radios operate in 802.11n or 802.11ac mode.

Configuring the Single-Time Received Ethernet Packet Quantity for APs
 Optional.
 By default, the single-time received Ethernet packet quantity varies with different APs.
 On an AC, configure the single-time received Ethernet packet quantity for specified APs. Then the AC assigns the
settings to the APs to instruct the APs to limit the number of Ethernet packets received at a single time according to the
settings. Increasing Ethernet packet reception can improve network performance but may reduce APs' ability to handle
key packets in real time. You can reduce Ethernet packet reception when the requirements for performance are not
Configuration Guide
Configuring WBS
high but user concurrency and real-time packet handling are demanded. In this case, it is recommended that the
single-time received Ethernet packet quantity be set to 25.
Command
eth-schd limit
Parameter
limit: specifies the number of Ethernet packets received at a single time. The value ranges from 1 to 256.
Description
Defaults
By default, the single-time received Ethernet packet quantity varies with different APs.
Command
AP configuration mode
Mode
Configuratio
N/A
n Usage
Guide

Enabling or Disabling LDPC
 Optional.
 On an AC, enable LDPC for specified APs. Then the AC assigns the settings to the APs to instruct the APs to send and
receive packets using LDPC.
 LDPC improves the coding reliability and gains. It also greatly reduces the probability of information loss during
transmission in frequencies with serious noise interference. However, a small number of STAs are not compatible with
LDPC, and enabling LDPC will result in packet loss.
Command
ldpc radio radio-id
Parameter
radio-id: specifies the IDs of the radios enabled with LDPC. The value ranges from 1 to 48.
Description
Defaults
By default, LDPC is enabled.
Command
AP configuration mode
Mode
Configuratio
N/A
n Usage
Guide

Enabling or Disabling Transmit/Receive STBC
 Optional.
 On an AC, enable transmit/receive STBC for specified APs. Then the AC assigns the settings to the APs to instruct the
APs to send and receive packets using STBC.
 STBC improves the reliability of data transmission. Some STAs may not be compatible with STBC.
Command
stbc radio radio-id
Parameter
radio-id: specifies the IDs of the radios enabled with STBC. The value ranges from 1 to 48.
Description
Defaults
By default, STBC is enabled.
Command
AP configuration mode
Mode
Configuratio
n Usage
N/A
Configuration Guide
Configuring WBS
Guide

Configuring E-bag Network Optimization in One-Click Mode
 Optional.
 Run ebag in AP configuration mode to quickly configure E-bag network optimization in one-click mode.
 The AP320, AP330, and AP3220 are optimized in the following aspects:
-
Packet handling optimization on wired ports: eth-schd 25
-
Optimization of wireless aggregate packet retransmission: ampdu-retries 2
-
WiFox is disabled.
 The AP530 is optimized in the following aspects:
-
By default, radios 1 and 2 use the sta-idle-time 1800 settings.
-
Radio 1 optimization: The 1 Mbps, 2 Mbps, and 5.5 Mbps mandatory rates are disabled for 802.11b/g STAs, and the
11 Mbps and 24 Mbps rates are configured as mandatory rates for 802.11g STAs. RTS protection for A-MPDU
packets is enabled.
 On an AC, configure E-bag network optimization for specified APs. Then the AC assigns the settings to the APs to
instruct the APs to send and receive packets according to the settings.
Command
ebag
Parameter
N/A
Description
Defaults
No default settings are available.
Command
AP configuration mode
Mode
Configuratio
Use this command only when E-bag is configured. If E-bag is not configured, do not use this command
n Usage
unless necessary.
Guide
Verification
 Run show ap-config running ap-name to display the E-bag parameter settings.
Configuration Example

Configuring E-Bag Parameters
Configuration Guide
Configuring WBS
Scenario
Figure 4-8
In Figure 4-8, an AC is connected to APs. On the AC, configure the E-bag parameters for AP1 according
to the following steps:
Configuratio
1.
Set the A-MPDU software retransmission times to 3 for radio 1 of AP1.
2.
Enable RTS protection for A-MPDU packets for radio 1 of AP1.
3.
Set the single-time received Ethernet packet quantity to 100 for AP1.
4.
Disable LDPC for radio 1 of AP1.
5.
Disable transmit/receive STBC for radio 1 of AP1.

On the AC, configure the RF parameters for AP1.
n Steps
Ruijie# configure terminal
Ruijie(config)# ap-config AP1
Ruijie(config-ap)# ampdu-retries 3 radio 1
Ruijie(config-ap)# ampdu-rts radio 1
Ruijie(config-ap)# eth-schd 100
Ruijie(config-ap)# no ldpc radio 1
Ruijie(config-ap)# no stbc radio 1
Verification

Run show ap-config running ap-name to display the E-bag parameter settings of AP1.
Ruijie(config)# show ap-config running AP1
!
ap-config AP1
ap-mac 00d0.f801.0528
country US radio 1
channel 11 radio 1
no 11acsupport enable radio 2
ampdu-retries 3 radio 1
ampdu-rts radio 1
Configuration Guide
Configuring WBS
no stbc radio 1
no ldpc radio 1
eth-schd 100
wmm edca-radio video aifsn 1 cwmin 3 cwmax 4 txop 90 radio 1
wmm edca-radio back-ground aifsn 7 cwmin 4 cwmax 10 txop 5 radio 2
!

Configuring E-bag Network Optimization in One-Click Mode
Scenario
Figure 4-9
In Figure 4-9, an AC is connected to thin APs. AP1 is configured with E-bag settings. On the AC,
configure E-bag network optimization for AP1 in one-click mode.
Configuratio

On the AC, configure E-bag network optimization for AP1 in one-click mode.
n Steps
Ruijie# configure terminal
Ruijie(config)# ap-config AP1
Ruijie(config-ap)# ebag
Verification

Run show ap-config running ap-name to display the E-bag parameter settings of AP1.
Ruijie(config)# show ap-config running AP1
!
ap-config AP1
ap-mac 00d0.f801.0528
country US radio 1
channel 11 radio 1
no 11acsupport enable radio 2
ampdu-retries 2 radio 1
ampdu-retries 2 radio 2
Configuration Guide
Configuring WBS
eth-schd 25
ebag
wmm edca-radio video aifsn 1 cwmin 3 cwmax 4 txop 90 radio 1
wmm edca-radio back-ground aifsn 7 cwmin 4 cwmax 10 txop 5 radio 2
!
4.4.7 Configuring WLANs in One-Click Mode
Configuration Effect
 Configure WLANs quickly on devices with zero configurations in one-click mode. The one-click WLAN configuration
feature helps the land survey personnel improve operation efficiency and the channel personnel execute performance
tests conveniently.
Configuration Steps

Configuring WLANs in One-Click Mode
 Optional.
 Run autowifi in configuration mode to configure WLANs in one-click mode, thus realizing fast configuration of wireless
networks. The one-click WLAN configuration feature helps the land survey personnel improve operation efficiency and
the channel personnel execute performance tests conveniently.
Command
autowifi
Parameter
N/A
Description
Defaults
No default settings are available.
Command
AC global configuration mode
Mode
Configuratio
n Usage
The one-click WLAN configuration feature allows you to perform fast configuration on devices with zero
configurations.
Guide
The one-click WLAN configuration feature helps the land survey personnel improve operation efficiency
and the channel personnel execute performance tests conveniently.
Verification
 Run show running to display the one-click WLAN configuration.
Configuration Example

Configuring WLANs in One-Click Mode
Configuration Guide
Configuring WBS
Scenario
Figure 4-10
In Figure 4-10, an AC is connected to thin APs. Configure WLANs in one-click mode on the AC.
Configuratio

Configure WLANs in one-click mode on the AC.
n Steps
Ruijie# configure terminal
Ruijie(config)# autowifi
Verification

Run show running to display the one-click WLAN configuration.
Ruijie(config)# show running
!
wlan-config 1 autowifi_1234
!
ap-group default
interface-mapping 1 2 ap-wlan-id 1
!
ap-config all
fair-schedule
!
ac-controller
country CN
802.11g network rate 1 mandatory
802.11g network rate 2 mandatory
802.11g network rate 5 mandatory
802.11g network rate 6 supported
802.11g network rate 9 supported
802.11g network rate 11 mandatory
802.11g network rate 12 supported
Configuration Guide
802.11g network rate 18 supported
802.11g network rate 24 supported
802.11g network rate 36 supported
802.11g network rate 48 supported
802.11g network rate 54 supported
802.11b network rate 1 mandatory
802.11b network rate 2 mandatory
802.11b network rate 5 mandatory
802.11b network rate 11 mandatory
802.11a network rate 6 mandatory
802.11a network rate 9 supported
802.11a network rate 12 mandatory
802.11a network rate 18 supported
802.11a network rate 24 mandatory
802.11a network rate 36 supported
802.11a network rate 48 supported
802.11a network rate 54 supported
!
ip dhcp pool web_ap_pool_1
option 138 ip 88.88.88.88
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
!
ip dhcp pool web_sta_pool_1
network 192.168.2.0 255.255.255.0
dns-server 8.8.8.8
default-router 192.168.2.1
!
link-check disable
!
vlan 1
!
vlan 2
!
Configuring WBS
Configuration Guide
Configuring WBS
interface Loopback 0
ip address 88.88.88.88 255.255.255.255
!
interface VLAN 1
ip address 192.168.1.1 255.255.255.0
!
interface VLAN 2
ip address 192.168.2.1 255.255.255.0
!
wlansec 1
security rsn enable
security rsn ciphers aes enable
security rsn akm psk enable
security rsn akm psk set-key ascii autowifi
!
4.4.8 Configuring Power Consumption Management for the AM5514
Configuration Effect

The power consumption management of the AM5514 adopts the automatic adjustment algorithm and no configuration
command is available. The cable detection is triggered by a command. When the command is configured, cable
detection is triggered only once and the configuration is not saved.
Notes

The configuration takes effect only on the AM5514.
Configuration Steps

Triggering Power Consumption Management and Cable Detection

Optional.

Run the power-mng line-detect command in AP configuration mode to trigger the power consumption management
module to conduct cable detection. After power consumption is triggered, the AM5514 detects the power cable
connected to the upstream HPoE device. If the impedance is too large, it stores detection results on the device. You
can run the show power-mng poe command to display the detection results.
Command
power-mng line-detect
Parameter
N/A
Description
Configuration Guide
Configuring WBS
Defaults
N/A
Command Mode
AP configuration mode
Usage Guide
When the power consumption management module conducts cable detection, it sets Port Gi0/14 of
the AM5514 in the down state and then in the up state due to hardware requirements.
Detection results are generated asynchronously. Therefore, the results cannot be immediately
obtained when the detection command is executed, but they will be stored on the device. Run the
show power-mng poe command to display detection results.
Verification

Run the show power-mng poe command to display detection results generated by the power consumption
management module.
Configuration Example

Triggering Power Consumption Management and Cable Detection
Scenario Figure
Assume that it is required to conduct cable detection in the environment where the AM5514 is
4-121
deployed.
Configuration

Steps
Run the following command to trigger cable detection on the AM5514:
Configuration Guide
Configuring WBS
Ruijie# power-mng line-detect
Verification

Run the show power-mng poe command to display cable detection results. In the detection
results, the warning field shows whether the cable impedance is too large.
Ruijie#show power-mng poe
Power-type
Cur_power
Max_power
Cur_ele
Line_len
Warning
----------
----------
----------
------
--------
------
Hpoe
75000
86
10
false
95000
Power-type: indicates the power supply mode of the AM5514.
Cur_power: indicates the current power in the unit of mW.
Max_powr: indicates the maximum power in the unit of mW.
Cur_ele: indicates the current in the unit of mA.
Line_len: indicates the length of the network cable from the AM5514 to HPoE device in the
unit of m.
Warning: indicates whether the impedance of the network cable from the AM5514 to HPoE exceeds
the limit.
4.5 Monitoring
Displaying
Description
Command
Displays the link information of wireless STAs.
linktest
Displays the AP list that maps the 802.11a or 802.11b
network on an AC.
show ac-config { 802.11a | 802.11b } summary
Displays the antenna feeder status of all APs.
show antenna all
Displays the antenna feeder status of an AP.
show antenna single ap-name
Displays the radio information of all APs.
show ap-config radio
Displays the radio information of an AP.
show ap-config radio ap-name ap-name
Displays the configuration information of an AP radio.
show ap-config radio radio-id config ap-name
Displays the status information of an AP radio.
show ap-config radio radio-id status ap-name
Displays the radio list of an AP.
show ap-config radio status ap-name
Displays the radio information of all APs.
show ap-config summary radio
Displays the STA information mapped to a MAC address.
show client details sta-mac
Configuration Guide
Configuring WBS FWD
5. Configuring WBS FWD
5.1 Overview
WLAN Basic Service-Forward Mode (WBS-FWD) is used to control the forwarding mode of packets on access points (APs).
Ruijie access controllers (ACs) and APs build communications through the Control and Provisioning of Wireless Access
Points (CAPWAP) channel. The AP forwards data packets in one of the following modes:

Centralized forwarding mode: An AP encapsulates received wireless data into 802.3 frames, and sends the packets
through the CAPWAP channel to the AC, which forwards the packets. When an AC receives the data packets, it
sends the packets through the CAPWAP channel to the AP, which transforms the format of the packets into 802.11
frame format and sends them to the STAs.

Local forwarding mode: An AP encapsulates received wireless data into 802.3 frames and performs Layer-2/Layer-3
forwarding, namely, the packets will be forwarded directly by the AP.
You can configure the forwarding mode for all the APs on the entire wireless local area network (WLAN), or you can specify
the forwarding mode for a specified virtual local area network (VLAN), IP address, or a packet of a certain type. You can
configure the AP forwarding mode based on different scenarios such as the AP load and centralized management, so that
packets of different types are forwarded as required.
5.2 Applications
Application
Description
Centralized Forwarding Mode
All branch APs are managed by an AC and all packets are forwarded by the AC.
Local Forwarding Mode
All branch APs are managed by an AC, and the packets are forwarded by the AP
locally.
5.2.1 Centralized Forwarding Mode
Scenario
Centralized forwarding mode is applied to the following scenarios:

All APs and the AC are within the same VLAN with sufficient bandwidth.

The AC has high forwarding performance.

The network egress is unified.
Configuration Guide
Figure 5-1
Deployment

On the AC, configure centralized forwarding mode for APs.
5.2.2 Local Forwarding Mode
Scenario
Local forwarding mode is applied to the following scenarios:

APs are deployed in different branches and are managed by the AC in the headquarters.

The bandwidth of the links between branches and the headquarter is low.

Each branch has an independent egress.
Configuring WBS FWD
Configuration Guide
Configuring WBS FWD
Figure 5-2
Deployment

On the AC, configure local forwarding mode for APs.

On the AC, configure centralized forwarding mode for Dynamic Host Configuration Protocol (DHCP).
5.3 Features
Basic Concepts

Centralized Forwarding Mode and Local Forwarding Mode
Ruijie ACs and APs build communications through the CAPWAP channel. The AP forwards data packets in one of the
following modes:

Centralized forwarding mode: An AP encapsulates received wireless data into 802.3 frames, and sends the packets
through the CAPWAP channel to the AC, which forwards the packets. When an AC receives the data packets, it
sends the packets through the CAPWAP channel to the AP, which transforms the format of the packets into 802.11
frame format and sends them to the STAs. In this case, packets are forwarded by an AC, which is convenient for
centralized control and maintenance on the AC. On the other hand, it will burden the AC and require higher
performance of the AC.
Configuration Guide

Configuring WBS FWD
Local forwarding mode: An AP encapsulates received wireless data into 802.3 frames and performs Layer-2/Layer-3
forwarding, namely, the packets will be forwarded directly by the AP. This mode poses little burden on the AC but
cannot achieve centralized control and maintenance.
Comparison between the Two Forwarding Modes:
Forwarding
Advantage
Disadvantage
Scenario
Centralized
Centralized control and
High requirement for AC
High AC performance, high bandwidth of
forwarding
maintenance on an AC;
performance
links between APs and AC, few APs
mode
flexible service expansion
Local
Low requirement for AC
No centralized control and
Low AC performance, low bandwidth of
forwarding
performance
maintenance
links between APs and AC, and many
Mode
under an AC, and flexible service
mode
APs under an AC
Overview
Feature
Description
Configuring the
Specifies the forwarding mode of different packets on an AP.
Forwarding Mode of
an AP
5.3.1 Configuring the Forwarding Mode of an AP
You can configure the AP forwarding mode based on different scenarios such as the AP load and centralized management,
so that packets of different types are forwarded as required.
Working Principle

Forwarding Mode
There are two kinds of forwarding modes, namely, centralized forwarding mode and local forwarding mode. When an AP
receives a wireless packet, it forwards the packet based on the configured mode.
You can configure the packet forwarding mode for an AP on an AC.

Configuring a Forwarding Mode
Ruijie products support the following forwarding modes:

WLAN-based forwarding mode: Forwards the packets on all APs based on the forwarding mode (centralized
forwarding mode or local forwarding mode) specified for the WLAN.

VLAN-based forwarding mode: Forwards the packets on APs within a specified VLAN of a WLAN based on the
forwarding mode (centralized forwarding mode or local forwarding mode) specified for the VLAN.

IP-based forwarding mode: Forwards the packets of a specified destination IP address in local forwarding mode.

DHCP-based centralized forwarding mode: Forwards all DHCP packets in centralized forwarding mode. If this function
is enabled, all DHCP packets will be sent in centralized forwarding mode.

Priorities of Different Forwarding Modes
Configuration Guide
Configuring WBS FWD
Ruijie products support the preceding four forwarding modes. These modes can be configured at the same time and their
priorities are ranked as follows (in descending order):
7.
DHCP-based centralized forwarding mode
8.
IP-based forwarding mode
9.
VLAN-based forwarding mode
10. WLAN-based forwarding mode
After a wireless packet is received by an AP, the packet will be forwarded based on the priority of the forwarding mode. If a
mode of high priority is detected, the packet will be forwarded in this mode; if not, the packet will be forwarded in the default
centralized forwarding mode.
For example:
1.
If DHCP forwarding mode is configured, all the DHCP packets will be forwarded in centralized mode.
2.
For a non-DHCP packet, if its IP address is specified for local forwarding, the packet will be forwarded in local
forwarding mode. If not, Step 3 will be performed.
3.
If the VLAN where the packet belongs is configured with a forwarding mode, the packet will be forwarded in this mode.
If not, Step 4 will be performed.
4.
If the WLAN where the packet belongs is configured with a forwarding mode, the packet will be forwarded in this mode.
If not, Step 5 will be performed.
5.
The packet will be forwarded in the default centralized forwarding mode.
5.4 Configuration
Configuration
Configuring WLAN-based
Forwarding Mode
Description and Command
(Mandatory) It is used to specify the forwarding mode for the entire WLAN.
tunnel
Specifies the forwarding mode for the entire WLAN.
(Optional) Specifies the forwarding mode for a specified VLAN of a WLAN.
Configuring VLAN-based
tunnel local wlan
Forwarding Mode
tunnel 8023 wlan
Specifies local forwarding as the forwarding mode for a
specified VLAN of a WLAN.
Specifies centralized forwarding as the forwarding mode
for a specified VLAN of a WLAN.
(Optional) It is used to specify local forwarding as the forwarding mode for a specified
Configuring IP-based
IP address.
Forwarding Mode
local fw ip
Forwards all packets of a specified IP address in local
forwarding mode.
(Optional) It is used to specify centralized forwarding as the forwarding mode for
Configuring DHCP-based
DHCP packets.
Forwarding Mode
central dhcp enable
Forwards all DHCP packets in a WLAN in centralized
forwarding mode.
Configuration Guide
Configuring WBS FWD
5.4.1 Configuring WLAN-based Forwarding Mode
Configuration Effect

Specify a forwarding mode for the entire WLAN, including local forwarding mode, centralized forwarding mode, and
local authentication forwarding mode.
Notes

The tunnel local-auth command takes effect only when remote intelligent perception technology (RIPT) is enabled.
Configuration Steps

Mandatory.

In WLAN configuration mode on an AC, configure the forwarding mode for the entire WLAN as local forwarding mode,
centralized forwarding mode, or local authentication forwarding mode.

The default forwarding mode is centralized forwarding.

Configure the forwarding mode before applying the WLAN template to a specified AP group. Otherwise, the
configuration will not take effect.
Command
tunnel { 8023 | local | local-auth }
Parameter
8023: An AP encapsulates received wireless data into a 802.3 frame and forwards the packet to an AC.
Description
local: An AP forwards packets locally.
local-auth: Indicates local forwarding mode. An AP forwards packets locally, and STAs are authenticated
on the AP.
Defaults
The default forwarding mode is centralized forwarding.
Command
WLAN configuration mode
Mode
Usage Guide
The local-auth command takes effect only when RIPT is enabled.
Verification

Verify the WLAN configuration.
Configuration Example

Configuring the Forwarding Mode for All Packets in a WLAN
Configuration Guide
Configuring WBS FWD
Scenario
Figure 5-3

With low bandwidth, WLAN 1 contains AP 1, AP 2 and AP 3 for the access of mobile phones. WLAN
1 is configured with centralized forwarding mode.

With high bandwidth. WLAN 2 contains AP 4, AP 5, and AP 6 for the access of PCs. WLAN 2 is
configured with local forwarding mode.
Configuratio

Enter WLAN configuration mode.
n Steps

Configure the forwarding mode of the WLAN.
WLAN1
Ruijie(config)#wlan-config 1
Ruijie(config-wlan)#tunnel local
WLAN2
Ruijie(config)#wlan-config 2
Ruijie(config-wlan)#tunnel 8023
Verification
N/A
5.4.2 Configuring VLAN-based Forwarding Mode
Configuration Effect

Specify the forwarding mode for a specified VLAN of a WLAN.
Notes

You can specify the forwarding mode for the entire WLAN in WLAN-based forwarding mode, or you can specify the
forwarding mode for a specified VLAN of the WLAN in VLAN-based forwarding mode.

As VLAN-based forwarding mode prevails over WLAN-based forwarding mode, if both of these modes are configured,
the packets in the specified VLAN will be forwarded in VLAN-based forwarding mode, and the others will be forwarded
in WLAN-based forwarding mode.
Configuration Guide
Configuring WBS FWD

Configure either local forwarding or centralized forwarding for a VLAN. The two cannot be both configured.

The VLAN can be an interface-based VLAN, MAC-based VLAN, or authentication-based VLAN.
Configuration Steps

Configuring the Forwarding Mode of a WLAN

(Optional) If the forwarding mode of a specified VLAN of a WLAN is different from the other VLANs, specify a
forwarding mode for this VLAN.

The default forwarding mode is the same as the WLAN-based forwarding mode.

In AP group configuration mode on an AC, run tunnel local wlan [ wlan-id ] vlan [ vlan-id ] to specify local forwarding
mode for a specified VLAN.

In AP group configuration mode on an AC, run tunnel 8023 wlan [ wlan-id ] vlan [ vlan-id ] to specify centralized
forwarding mode for a specified VLAN.
Command
tunnel local wlan [ wlan-id ] vlan [ vlan-id ]
Parameter
wlan-id: Indicates the WLAN. The WLAN must have been created. The value ranges from 1 to 4,094.
Description
vlan-id: Indicates the VLAN. The VLAN must have been created. The value ranges from 1 to 4,094.
Defaults
By default, no VLAN is specified. The forwarding mode is the same as that configured by the tunnel
command.
Command
ap-group configuration mode
Mode
Usage Guide
In WLAN configuration mode, you can run the tunnel 8023 command to specify centralized forwarding
mode for the entire WLAN, or you can run tunnel local wlan to specify local forwarding mode for a
specified VLAN on the WLAN.
Command
tunnel 8023 wlan [ wlan-id ] vlan [ vlan-id ]
Parameter
wlan-id: Indicates the WLAN. The WLAN must have been created. The value ranges from 1 to 4,094.
Description
vlan-id: Indicates the VLAN. The VLAN must have been created. The value ranges from 1 to 4,094.
Defaults
By default, no VLAN is specified. The forwarding mode is the same as that configured by the tunnel
command.
Command
ap-group configuration mode
Mode
Usage Guide
In WLAN configuration mode, you can run the tunnel local command to specify local forwarding mode for
the entire WLAN, or you can run the tunnel local wlan command to specify centralized forwarding mode
for a specified VLAN.
Configuration Example

Configuring the Forwarding Mode of a Specified VLAN on a WLAN
Scenario
Figure 5-4
Configuration Guide

Configuring WBS FWD
WLAN 1 contains AP 1, AP 2 and AP 3 which belong to VLAN 1, VLAN 2 and VLAN 3 respectively.
Among them, VLAN1 and VLAN 3 are used for the access of mobile phones while VLAN 2 for PCs
which require high bandwidth. Therefore, WLAN 1 is configured with centralized forwarding mode
while VLAN 2 is configured with local forwarding mode.

WLAN 2 contains AP 4, AP 5 and AP 6 which belong to VLAN 1, VLAN 2 and VLAN 3 respectively.
Among them, VLAN1 and VLAN 2 are used for the access of PCs while VLAN 3 for mobile phones
which require low bandwidth. Therefore, WLAN 2 is configured with local forwarding mode while
VLAN 3 is configured with centralized forwarding mode.
Configuratio

Enter WLAN configuration mode.
n Steps

Configure the forwarding mode of the WLAN.

Specify a forwarding mode for the specified VLAN on the WLAN.
WLAN1
Ruijie(config)#wlan-config 1
Ruijie(config-wlan)#tunnel 8023
Ruijie(config-wlan)#exit
Ruijie(config)#ap-group default
Ruijie(config-ap-group)#tunnel local wlan 1 vlan 2
WLAN2
Ruijie(config)#wlan-config 2
Ruijie(config-wlan)#tunnel local
Ruijie(config-wlan)#exit
Ruijie(config)#ap-group default
Ruijie(config-ap-group)#tunnel 8023 wlan 2 vlan 3
Verification
N/A
Configuration Guide
Configuring WBS FWD
5.4.3 Configuring IP-based Forwarding Mode
Configuration Effect

Forward the packet of the specified IP address in local forwarding mode.
Notes

You can configure the forwarding mode of an AP based on a WLAN or VLAN, or you can further configure local
forwarding mode for packets of a specified IP address.

As IP-based forwarding mode prevails over WLAN-based forwarding mode and VLAN-based forwarding mode, if all of
these modes are configured, packets of a specified address will be forwarded locally, and the others will be forwarded
in WLAN-based forwarding mode or VLAN-based forwarding mode.
Configuration Steps

Configuring IP-based Forwarding Mode

(Optional) You can configure local forwarding mode for packets of a specified IP address.

In AC configuration mode on an AC, specify local forwarding for a specified IP address.

If IP-based forwarding is not configured, packets are forwarded based on WLAN or VLAN. If IP-based forwarding is
configured, packets of a specified IP address are forwarded locally.
Command
local fw ip [ ip address ]
Parameter
ip address: Indicates the IP address of an STA.
Description
Defaults
By default, all IP packets are forwarded in WLAN-based forwarding mode.
Command
ac-controller configuration mode
Mode
Usage Guide
IP-based forwarding is a kind of flexible forwarding mode.
Configuration Example

Configuring Local Forwarding for Packets of a Specified IP Address
Scenario
Figure 5-5
Configuration Guide

Configuring WBS FWD
WLAN 1 contains AP 1, AP 2 and AP 3 which belong to VLAN 1, VLAN 2 and VLAN 3 respectively.
Among them, IP address 192.168.1.1 is used for the access of PCs while the others for mobile
phones which require low bandwidth. Therefore, configure local forwarding for IP address
192.168.1.1.
Configuratio

Enter AC configuration mode.
n Steps

Specify local forwarding mode for a specified IP address.
AC
ruijie(config)#ac-controller
ruijie(config-ac)#local fwip 192.168.1.1
Verification
N/A
5.4.4 Configuring DHCP-based Forwarding Mode
Configuration Effect

Forwards all DHCP packets in centralized forwarding mode.
Notes

As DHCP-based forwarding mode prevails over WLAN-based forwarding mode, VLAN-based forwarding mode, and
IP-based forwarding mode, if DHCP-based forwarding mode is configured, all the DHCP packets will be forwarded in
centralized mode, and others will be forwarded as configured.

To facilitate management of the DHCP address pool and simplify the DHCP topology, it is recommended to enable
this function.
Configuration Steps

Configuring DHCP-based Forwarding Mode

(Optional) Perform the configuration to assign IP addresses to STAs by the AC..

If DHCP forwarding mode is not configured, DHCP packets will be forwarded in the same way as general packets
based on the forwarding mode configured. If DHCP forwarding mode is configured, DHCP packets will be forwarded
in a centralized way.

Configure the forwarding mode before applying the WLAN template to a specified AP group. Otherwise, the
configuration will not take effect.
Command
central dhcp enable
Parameter
N/A
Description
Defaults
By default, all IP packets are forwarded in WLAN-based forwarding mode.
Command
WLAN configuration mode
Mode
Usage Guide
To facilitate management of the DHCP address pool and simplify the DHCP topology, it is recommended
to enable this function.
Configuration Guide
Configuring WBS FWD
Verification

Verify the WLAN configuration.
Configuration Example

Configuring DHCP Services on an AC
Scenario
Figure 5-6

APs are deployed in different branches and are managed by the AC in the headquarters.

The bandwidth of the links between branches and the headquarter is low.

Each branch has an independent egress.

IP addresses are assigned by the AC.
Configuratio

Enter WLAN configuration mode.
n Steps

Configure the forwarding mode of the WLAN.

Configure DHCP centralized forwarding mode.
AC
ruijie(config)#wlan-config 100 ruijie_wlan
ruijie(config-wlan)#tunnel local
ruijie(config-wlan)#central dhcp enable
Verification
N/A
Configuration Guide
Configuring WBS FWD
5.5 Monitoring
Displaying
Description
Command
Displays the WLAN configuration.
show wlan-config cb wlan-id
Configuration Guide
Configuring ETH-MNG
6. Configuring ETH-MNG
6.1 Overview
Ethernet Management (ETH-MNG) is an AP wired parameter management service used to configure wired parameters of
APs.
The LAN port bandwidth restriction function, as a fundamental service of ETH-MNG, is used to configure the maximum
bandwidth of various LAN ports of APs, so as to avoid the slow Internet access of wireless users in a scenario where
wireless and wired users coexist and wired users occupy a substantial bandwidth.
6.1.1 Protocols and Standards

N/A
6.2 Applications
Application
Description
Configuring Fit APs
Configure commands on an AC to specify the parameter configuration of various fit
APs.
Configuring Maximum LAN Port
Configure the maximum bandwidth of various LAN ports of APs in the fit AP
Bandwidth
scenario.
6.2.1 Configuring Fit APs
Scenario
Configure fit APs so that administrators can centrally manage the configuration of the APs on an AC. Assume a network
needs to meet the following deployment requirements:
1. The maximum bandwidth of LAN ports of the fit AP can be configured on the AC.
Figure 6-1 shows the networking environment.
Figure 6-1 Fit AP Networking Topology
Configuration Guide
Configuring ETH-MNG
Deployment

AC configuration tip is as follows:

Configure the maximum bandwidth of LAN ports for all the APs.
6.2.2 LAN Port Bandwidth Restriction
Scenario
Configure the LAN port bandwidth restriction function on a wireless network comprising fit APs.
In the following figure:

An AC is connected to the Internet through a router. Two APs (AP1 and AP2) are connected to the router through two
switches, and are associated with the AC.

PC1, PC2, PC3, and PC4 are associated with AP1; PC5, PC6, PC7, and PC8 are associated with AP2. These PCs
access the Internet through the AC.
Configuration Guide
Configuring ETH-MNG
R is a network egress router.
S1 and S2 are Layer 2 (L2) switches, and serve as the access devices of the APs.
AP1 is directly connected to S1, and AP2 to S2.
Corresponding
Protocols

The L2 switches provide the access function for the APs.

The router R is connected to the network formed by the AC and the APs. It is also connected to the PCs and the
Internet.

On the AC, configure bandwidth restriction for various LAN ports of the APs.
6.3 Features
Basic Concepts
N/A
Overview
Feature
Description
Maximum LAN Port Bandwidth
Configure the maximum bandwidth of various LAN ports of APs so as to avoid the slow
Internet access of wireless users in a scenario where wireless and wired users coexist
and wired users occupy a substantial bandwidth.
Configuration Guide
Configuring ETH-MNG
6.3.1 LAN port Bandwidth Restriction
Working Principle
The LAN port bandwidth restriction function is used to configure the maximum bandwidth of various LAN ports of APs so as
to avoid the slow Internet access of wireless users caused in a scenario where wireless and wired users coexist and wired
users occupy a substantial bandwidth.
6.4 Configuration
Configuration
Description and Command
(Optional) It is used to configure the maximum bandwidth of LAN ports of APs.
Configuring the Maximum
Configures the maximum bandwidth (in
Bandwidth of LAN ports
Mbps) of various LAN ports of the AP on the
For a fit AP: wired-rate value [ port port-id ]
AC. If no port ID is specified, all LAN ports
[ slot slot-id ]
are configured. If no slot ID is specified for
an i-Share+ AP, all LAN ports on all mini
APs are configured.
6.4.1 LAN port Bandwidth Restriction
Networking
Requirements

Configure the maximum bandwidth of various LAN ports.
Notes

N/A
Configuration Steps

Configuring the LAN Port Bandwidth Restriction Function

The configuration is optional.

Perform this configuration on the AC or on a fat AP.

Run the wired-rate command to configure the maximum bandwidth of various LAN ports.
Command
For a fit AP: wired-rate value [ port port-id ] [ slot slot-id ]
For a fat AP: wired-rate value
Parameter
If no port ID is specified, all ports are configured. If no slot ID is specified for an i-Share+ AP, all
Description
LAN ports on all mini APs are configured.
Configuration Guide
Configuring ETH-MNG
Defaults
By default, the maximum bandwidths of various LAN ports are not limited.
Command Mode
AP configuration mode/AP group configuration mode (for fit APs); interface configuration mode
(for fat APs)
N/A
Usage Guide
Verification

Run the show running-config command to display the configuration about the bandwidth restriction of various LAN
ports.
Configuration Example

Configuring LAN Port Bandwidth Restriction
Scenario
Figure 6-2
Suppose the bandwidths of the LAN ports need to be restricted in the fit AP environment, as shown in Figure 6-2.
1.
Configure the maximum bandwidth of various LAN ports.
Configuratio

On the AC, set the maximum bandwidth of port 3 on the AP to 30 Mbps.
n Steps
AC
Ruijie(config)# ap-config [ap-name]
Ruijie(config-ap)# wired-rate 30 port 3

On the AC, set the maximum bandwidth of port 3 on the group APs to 30 Mbps.
Ruijie(config)# ap-group default
Ruijie(config-group)#wired-rate 30 port 3

On the AC, set the maximum bandwidth of all LAN ports on the group APs to 30 Mbps.
Configuration Guide
Configuring ETH-MNG
Ruijie(config)# ap-group default
Ruijie(config-group)#wired-rate 30

On the AC, set the maximum bandwidth of port 3 on all APs to 30 Mbps.
Ruijie(config)# ap-config all
Ruijie(config-ap)# wired-rate 30 port 3

On the AC, set the maximum bandwidth of port 3 of slot 3 on the i-Share+ AP to 30 Mbps.
Ruijie(config)# ap-config am5528
Ruijie(config-ap)# wired-rate 30 port 3 slot 3

On the AC, set the maximum bandwidth of all LAN ports of slot 3 on the i-Share+ AP to 30 Mbps.
Ruijie(config)# ap-config am5528
Ruijie(config-ap)# wired-rate 30 slot 3
AP120-W

On one AP120-W, set the maximum bandwidth of FastEthernet 0/4 to 40 Mbps.
Ruijie(config)#interface fastEthernet 0/4
Ruijie(config-if-FastEthernet 0/4)#wired-rate 40
AP130-W

On one AP130-W, set the maximum bandwidth of GigabitEthernet 0/4 to 40 Mbps.
Ruijie(config)#interface GigabitEthernet 0/4
Ruijie(config-if-GigabitEthernet 0/4)#wired-rate 40
Verification

AC
Ruijie(config)# show ap-config running-config
On the AC, run the show ap-config running-config command to display the configuration.
ap-config ap120w-4
wired-rate 30 port 3

AC
On the AC, run the show running-config command to display the configuration.
Ruijie(config)# show running-config
ap-group default
wired-rate 30 port 3

AC
On the AC, run the show running-config command to display the configuration.
Ruijie(config)# show running-config
ap-group default
wired-rate 30

On the AC, run the show running-config command to display the configuration.
Configuration Guide
AC
Configuring ETH-MNG
Ruijie(config)# show running-config
ap-config all
…
wired-rate 30 port 3
…
Ruijie(config)# show running-config
ap-config am5528
…
wired-rate 30 port 3 slot 3
…
Ruijie(config)# show running-config
ap-config am5528
…
wired-rate 30 slot 3
…

AP120-W
On the AP, run the show running-config command to display the configuration.
Ruijie(config)# show running-config
…
interface FastEthernet 0/4
wired-rate 40
…
AP130-W
Ruijie(config)# show running-config
…
interface GigabitEthernet 0/4
wired-rate 40
…
Common Errors

N/A
6.5 Monitoring

N/A
Configuration Guide
Configuring DATA-PLANE
7. Configuring DATA-PLANE
7.1 Overview
The data plane provides broadcast forwarding control functions, including broadcast forwarding weight control and
broadcast wireless forwarding control.
Broadcast forwarding weight control means restricting the weights of packet types for broadcast forwarding, so as to
prevent STAs from being influenced when a certain type of packets occupy all resources.
Broadcast wireless forwarding control means forwarding only necessary packets to the wireless network, so as to prevent
some useless broadcast packets from occupying substantial radio frequency (RF) resources.

Broadcast forwarding weight control is applicable to all packets to be flooded.

Broadcast wireless forwarding control is applicable to all packets to be sent to the radio interface.
Protocols and Standards

N/A
7.2 Applications
Application
Description
Broadcast Forwarding Control
Set up the network with at least one AC and one fit AP.
7.2.1 Broadcast Forwarding Control
Scenario
An AC is deployed in the wireless network and enabled with broadcast wireless forwarding control function.
The AC controls the wireless forwarding of broadcast packets, as shown in Figure 7-1.
Figure 7-1
AC: a wireless access controller.
PoE: a gateway switch for the AP.
Configuration Guide
Configuring DATA-PLANE
AP: a wireless access point.
STA1 and STA2: user equipment used as STAs.
Corresponding
Protocols

Enable the broadcast wireless forwarding control function on the AC.
7.3 Features
Basic Concepts

Broadcast Forwarding Weight Control
A network switching device may need to flood broadcast packets, multicast packets, and some unicast packets. A weight
can be set for each type of packets to prevent a certain type of broadcast packets from exhausting all broadcast forwarding
capabilities, thereby improving STAs' network experience.

Broadcast Wireless Forwarding Control
The broadcast wireless forwarding control function is used to forward only necessary broadcast packets to the wireless
network, so as to prevent certain broadcast packets from occupying substantial air interface resources and improve the
network rates of STAs.
Overview
Feature
Description
Broadcast
Restricts the weights of packet types for broadcast forwarding, so as to protect RF resources from
Forwarding Weight
being occupied by a certain type of packets and thereby guarantee normal forwarding of other
Control
packets.
Broadcast Wireless
Controls whether to forward broadcast packets to the wireless network, so as to prevent useless
Forwarding Control
broadcast packets from occupying substantial RF resources.
7.3.1 Broadcast Forwarding Weight Control
Broadcast forwarding weight control is used to restrict a certain type of packets, so that the ratio of this type of packets is no
greater than the specified weight during broadcast forwarding.
Working Principle
The broadcast forwarding weight control function classifies packets at first into unicast packets, multicast packets,
broadcast packets, unknown multicast packets, and unknown unicast packets.

Classify packets. Packets may be roughly classified into the following types: unicast packets, multicast packets,
broadcast packets, unknown multicast packets, and unknown unicast packets.

Allocate a token bucket to each type of packets, and record the number of packets permitted to pass at this moment.

According to the configured broadcast forwarding weights, calculate the number of packets permitted to pass within
each interval, and adjust the sizes of the token buckets accordingly.
Configuration Guide

Configuring DATA-PLANE
When a packet arrives, determine the type of the packet and check whether there is any token in the token bucket
corresponding to the packet type. If the token bucket contains a token, the packet is permitted to pass; otherwise, the
packet is discarded.
7.3.2 Broadcast Wireless Forwarding Control
The broadcast wireless forwarding control function is used to forward only partial packets that affect STAs to the wireless
network, so as to prevent useless broadcast packets from occupying substantial air interface resources.
Working Principle
Wireless networks differ from wired networks in performance. In a wireless network, air interface resources are shared by
STAs and APs which often becomes a bottleneck for STAs. Meanwhile, they are seized for a long time because broadcast
packets are sent at low rates.
In practice, some broadcast packets are useless for STAs. Forwarding these packets to the wireless network will result in
fewer air interface resources and worse user experience.
One solution is to classify broadcast packets for forwarding control. Only the packets of specified types are forwarded to the
wireless network.
7.4 Configuration
Configuration
Description and Command
Optional configuration. Set the weights of packet types for broadcast forwarding.
Broadcast Forwarding
Weight Control
data-plane queue-weight
Configures the weights of packet types for
broadcast forwarding on the AC or AP.
Configures the refresh interval of the broadcast
data-plane token
token bucket and bucket-based rate on the AC
or AP.
Broadcast Wireless
Optional configuration. Enable the broadcast wireless forwarding function.
Forwarding Control
data-plane wireless-broadcast
Enables or disables the broadcast wireless
forwarding control function on the AC or AP.
7.4.1 Configuring Broadcast Forwarding Weights
Networking
Requirements

You can control the weight of a packet type for forwarding according to actual network conditions, so as to avoid
network congestion for sudden traffic spike.
Configuration Guide
Configuring DATA-PLANE
Notes

N/A
Configuration Steps

Configuring Broadcast Forwarding Weights

Optional configuration. Run the data-plane queue-weight command to configure the broadcast forwarding weights.

For centralized forwarding, configure this command in the global configuration mode on the AC.

For local forwarding, configuration this command in the AP configuration mode on the AC.
Command
data-plane queue-weight unicast-packet-weight multicast-packet-weight broadcast-packet-weight
unknown-multicast-packet-weight unknown-unicast-packet-weight
Parameter
unicast-packet-weight: sets the forwarding weight of unicast packets. The range is from 1 to 100. The
Description
default weight is 16.
multicast-packet-weight: sets the forwarding weight of multicast packets. The range is from 1 to 50. The
default weight is 4.
broadcast-packet-weight: sets the forwarding weight of broadcast packets. The range is from 1 to 50.
The default weight is 2.
unknown-multicast-packet-weight: sets the forwarding weight of unknown multicast packets. The range is
from 1 to 25. The default weight is 1.
unknown-unicast-packet-weight: sets the forwarding weight of unknown unicast packets. The range is
from 1 to 25. The default weight is 1.
Defaults
Default weights are applied.
Command Mode
Global configuration mode
Configuration
N/A
Usage

Configuring Refresh Interval of Broadcast Token Bucket and Bucket-based Rate

Optional configuration. Run the show run command to display the configuration.

For centralized forwarding, configure this command in the global configuration mode on the AC.

For local forwarding, configuration this command in the AP configuration mode on the AC.
Command
data-plane token token-interval token-base-rate
Parameter
token-interval: Refresh interval of broadcast token bucket in 10ms. The default interval is 1.
Description
token-base-rate: Token bucket-based rate. The default rate is 64 for the AC and 5 for the AP.
Defaults
Default parameters are applied.
Command Mode
Global configuration mode
Configuration
Broadcast rate per second = Packet weight × (1s/Refresh Interval) x Token bucket-based rate
Usage
For example, the broadcast rate per second for the AC = 1 x (1 / 0.01) × 64 = 6400 pps
Configuration Example

Configuring Broadcast Forwarding Weights
Scenario
Configuration Guide
Configuring DATA-PLANE
Figure 7-2
Configuration
Configure the forwarding weights of packet types for broadcast forwarding in global configuration
Steps
mode.
AC/AP
Ruijie#configure terminal
Ruijie(config)#data-plane queue-weight 100 50 50 25 25
Ruijie(config)#data-plane token 10 10
Ruijie(config)#exit
Verification
Run the show run command to display the configuration.
AC/AP
Ruijie#show run
…
!
cwmp
!
data-plane queue-weight 100 50 50 25 25
data-plane token 10 10
!
…
Common Errors

N/A
7.4.2 Configuring Broadcast Wireless Forwarding
Networking
Requirements

Useless broadcast packets are not forwarded to the air interface.
Configuration Guide
Configuring DATA-PLANE
Notes

N/A
Configuration Steps

Broadcast Forwarding Function

Optional configuration. By default, the broadcast wireless forwarding function is disabled. Run the data-plane
wireless-broadcast command in global configuration mode to enable or disable this function.
Command
data-plane wireless-broadcast{ enable | disable }
Parameter
enable: permits all broadcast packets to be forwarded to the air interface
Description
disable: prohibits all broadcast packets from being forwarded to the air interface
Defaults
The broadcast wireless forwarding function is disabled; that is, broadcast packets are not forwarded to
the wireless network.
Command Mode
Global configuration mode
Configuration
N/A
Usage
Verification

Run the show run command to display configuration information.
Configuration Example

Enabling the Broadcast Wireless Forwarding Function
Scenario
Figure 7-3
Configuratio
Enable the broadcast wireless forwarding function in global configuration mode.
n Steps
AC/AP
Ruijie#configure terminal
Ruijie(config)#data-plane wireless-broadcast enable
Verification
Run the show running-config command to display the configuration.
Configuration Guide
AC/AP
Ruijie# show ap-config running
!
cwmp
!
data-plane wireless-broadcast enable
!
Common Errors

N/A
7.5 Monitoring

N/A
Configuring DATA-PLANE
Configuration Guide
Configuring WLOG
8. Configuring WLOG
8.1 Overview
WLOG (WLAN Log) enables storing and viewing wireless network and STA status in a past period of time. By collecting
and storing the information of wireless network, AP and STA in the past 24 hours and then displaying the information
through CLI commands, WLOG allows users to analyze the wireless network status and troubleshoot problems.
WLOG is for collecting and storage information, but does not support automatic information analysis temporarily. The
WLOG feature is dedicated to enabling users, with provided information, to have a more accurate understanding of the
wireless network and STA status in the past 24 hours to analyze and troubleshoot problems.
Protocols and
Standards

N/A
8.2 Applications
Application
Description
Fit AP Networking
The fit AP networking includes at least one AC and one AP.
8.2.1 Fit AP Networking
Scenario
Deploy an AC device in a wireless network to query the information on the whole network, AP and STA associated with the
AC device.
Figure 8-1 shows the networking topology for viewing the information on the whole network, AP and STA associated with
the AC device.
Figure 8-1
Note:
AC: wireless controller
PoE: switch, acted as the gateway of the AP
AP: wireless access device
STA1 and STA2: user devices, used as STA
Configuration Guide
Configuring WLOG
Deployment

Enable the WLOG feature on an AC device.
8.3 Features
Basic Concepts

Two modes of information collection on the AC:

Periodic Collection
The general information of the whole network, AP and STA is collected and stored on a regular basis (once/1 hour). The
general AP and STA information covers all the information of online APs and STAs.

Reception Advertisement Collection
When an AP behavior of "AP Behavior Type" occurs, the WLOG module is informed to collect and store the information of
the behavior.
When an STA behavior of "STA Behavior Type" occurs, the WLOG module is informed to collect and store the information
of the behavior.
The information collection on the AP covers only periodic collection of spatial information on all online STAs.

The general information on the whole network covers the following:

Continuous operation time of the AC

Number of online APs

Number of preset but offline APs

Versions of online APs (number of APs of each version)

The information on each WLAN (SSID) STA includes:
6.
Number of online STAs which have passed Web authentication
7.
Number of online STAs which have passed 802.1x authentication
8.
Number of online STAs which are authentication-free

The general information on the AP includes:

AP name

AP MAC address

AP IP address

AP uptime

Status of each wired port of the AP
1.
Input/output rate (bits/sec) in last 5 minutes
2.
Statistics of input/output of unicast, broadcast, multicast and error frames

General information on each radio
Configuration Guide
Configuring WLOG
1.
Working channel
2.
Transmit power (dBm, absolute value)
3.
Number of associated online STAs
4.
Number of online STAs which have passed Web authentication
5.
Number of online STAs which have passed 802.1x authentication
6.
Intensity of the co-channel interference signal
7.
Number of received error frames
8.
Packet retransmission times

The general information on the STA includes:
1.
IP address
2.
Signal strength
3.
Access rate
4.
Associated AP, radio and SSID

STA's spatial information

The STA's spatial information mainly includes the statistics of data frame and management frame of the STA, as well
as the statistics of each type of rate, as detailed below:
1.
Number of data frames successfully transmitted (from the AP to the STA)/total traffic
2.
Number of unresponsive data frames/total traffic
3.
Number of management frames/total traffic
4.
Statistics of each type of frames with access rate (The access rate is divided into 8 grades for statistics)
Grade
0
1
2
3
4
5
6
7
Access Type (Mbps)
1/2
5.5/11
6/9
12/18
24/36
48/54
Reserved
Reserved
5.
Statistics of each type of frame with MIMO rate (The MIMO rate is divided into 8 grades for statistics)
Grade
0
1
2
3
4
5
6
7
MIMO Type
mcs0
mcs2
mcs4
mcs6
mcs8
mcs10
mcs12
mcs14
mcs1
mcs3
mcs5
mcs7
mcs9
mcs11
mcs13
mcs15
The spatial information is mainly used to check whether the STA is in low-speed state, whether the proportion of the case in
which no ACK frame is transmitted is too high, and whether too many management frames are transmitted and received, so
as to further analyze and locate the network problems caused by low speed node, management frame attack, and poor
condition. The STA's spatial information varies in real time, and the current collection frequency is once every five minutes.
The information is saved only on the AP due to large data volume.

AP Behavior Type
The AP behavior type includes going online, going offline and CAPWAP connection failure.

STA Behavior Type
Configuration Guide
Configuring WLOG
The STA behavior type includes: association, de-association, Web authentication going online, Web authentication offline,
802.1X authentication going online, and 802.1X authentication offline.
Features
Feature
Description
Enabling the WLOG
You can enable the WLOG feature to automatically collect AC, AP and STA information.
Feature
8.3.1 Enabling the WLOG Feature
After the WLOG feature is enabled, the AC or AP automatically collects AC, AP and STA information and records the
information into memory, enabling users, with provided information, to have a more accurate understanding of the wireless
network and STA status in the past 24 hours and analyze and troubleshoot problems.
Working Principle
After the WLOG feature is enabled, the AC or AP automatically collects AC, AP and STA information and records the
information into memory, and receives online/offline advertisement of the AP and STA and records into memory for users to
view.
8.4 Configuration
Configuration
Description and Command
(Mandatory) It is used to enable the WLOG feature.
Enabling the WLOG Feature
wlan diag enable
Enables the WLOG feature
8.4.1 Enabling the WLOG Feature
Configuration Effect

After the WLOG feature is enabled, the AC or AP automatically records the AC, AP and STA information.
Notes

Enabling the WLOG feature pre-allocates memory. If the memory is not sufficient, the WLOG feature cannot be
enabled. Disabling the WLOG feature frees all memory for information storage and pre-allocated memory.
Configuration Steps

Enabling the WLOG Feature

(Mandatory) Run the wlog diag enable command to enable the WLOG feature.

Enable the WLOG feature in global configuration mode of the AC device.

After the WLOG feature is enabled, information is collected and recorded into memory on a regular basis.
Command
wlan diag enable
Parameter
-
Description
Configuration Guide
Configuring WLOG
Defaults
By default, the WLOG feature is disabled on the AC and AP device.
Command
Global configuration mode
Mode
Usage Guide
N/A
Verification

Run the show wlan diag network command to check whether the whole network information can be viewed on the
AC.

Run the show wlan diag sta command to check whether the STA information can be viewed on the AP.
Configuration Example

Enabling the WLOG Feature
Scenario
Figure 8-2
Configuratio

Enable the WLOG feature in global configuration mode.
n Steps
AC
Ruijie# configure terminal
Ruijie(config)# wlan diag enable
Verification
Use the show wlan diag network command to display the general information of the whole network.
AC
Ruijie# show wlan diag network
Time: 2017-05-05 14:57:07
AC uptime: 10 h
Online AP: 1
Offline AP:0
Online AP Version:
PID
HwVer
SwVer
AP Number
--------------- ---------- -------------------------------------------------- --------AP320-IAP520
1.00
AP_RGOS 11.1(5)B9P2, Release(04162423)
1
Wlan information:
WLAN ID SSID
RGWLAN_1T13_wireless
Active STA WEB Auth 1X Auth Other
-------- ---------------------------------- ---------- --------
-------- -------4
wlan-guest
2
2
0
0
Configuration Guide
0
Configuring WLOG
6
0
Common Errors

N/A
8.5 Monitoring
Displaying
Description
Command
Displays the general information on
show wlan diag network
the whole network
Displays the AP information on the
show wlan diag ap [ ap-mac ap-mac ] [ number number ]
AC
Displays the STA information on the
show wlan diag sta [ sta-mac sta-mac ] [ ip-range ip-prefix ] [ action action [ result
AC
result ] ] [ number number ]
Configuration Guide
Configuring Roaming
9. Configuring Roaming
9.1 Overview
Roaming is a function that allows re-association of stations (STAs) with access points (APs) when STAs move in the
coverage areas of different APs.
The roaming function enables moving STAs to maintain the ongoing IP communication and enjoy all applications and
services. Roaming is transparent and seamless for users without data interruption.
If STAs move in different areas in a wireless environment, the roaming function must be supported. Roaming scenarios are
classified into two types: intra-AC roaming and inter-AC roaming.

Intra-AC roaming is applicable for deployments having only one access controller (AC).

Inter-AC roaming is applicable for deployments having multiple ACs.
Protocols and
Standards

N/A
9.2 Applications
Application
Description
Intra-AC Roaming
One STA is associated with AP1 joined to one AC, and then moves to the coverage of
AP2 joined to the same AC and is associated with AP2.
Inter-AC Roaming
One STA is associated with AP1 joined to AC1, and then moves to the coverage of AP2
joined to AC2 and is associated with AP2.
9.2.1 Intra-AC Roaming
Scenario
One STA is associated with AP1 joined to one AC, and then moves to the coverage of AP2 joined to the same AC and is
associated with AP2.Based on the entity (AC or AP) that forwards data, intra-AC roaming is further classified into intra-AC
L2/L3 roaming in centralized forwarding mode and intra-AC L2/L3 roaming in local forwarding mode.
9.2.1.1 Intra-AC L2/L3 Roaming in Centralized Forwarding Mode
Figure 9-1 shows intra-AC L2/L3 roaming in centralized forwarding mode.
Figure 9-2 Intra-AC L2/L3 Roaming in Centralized Forwarding Mode
Configuration Guide
Configuring Roaming
Remark
VLAN X indicates the VLAN ID associated with the STA. (If the VLAN X corresponding to AP2 is changed to
s
VLAN Y, L3 roaming occurs.)
Unlike L2 roaming, VLANs associated with the STA are different before and after roaming. Except this difference,
other processing is the same in L2 and L3 roaming. Therefore, L2 roaming and L3 roaming are not discussed
separately hereinafter.
Deployment

AP1 and AP2 are associated with the AC through switches and are assigned to the same WLAN.

At first, the STA is associated with AP1, and the obtained IP address is A.A.A.A.

Later, the STA moves to the coverage of AP2, and is associated with AP2. The IP address remains unchanged
without communication interruption.
STA roaming is implemented only when the wireless service set identifiers (SSIDs) provided by AP1 and AP2 are the
same.
Configuration Guide
Configuring Roaming
9.2.1.2 Intra-AC L2/L3 Roaming in Local Forwarding Mode
Figures 9-3 shows intra-AC L2/L3 roaming in local forwarding mode.
Figure 9-4 Intra-AC L2/L3 Roaming in Local Forwarding Mode
Remark
CTI is the communication tunnel between an AP and an AC.
s
VLAN X indicates the VLAN ID associated with the STA.
Deployment

AP1 and AP2 set up a control channel with the AC through the CTI, and are assigned with the same WLAN. The
corresponding VLAN is VLAN X.

AP1 and AP2 work in local forwarding mode. At first, the STA is associated with AP1, and the obtained IP address is
A.A.A.A.

Later, the STA moves to the coverage of AP2, and is associated with AP2. The IP address remains unchanged
without communication interruption.

Before roaming, the data is directly sent out by AP1. After roaming, the data is forwarded from AP2 to AP1, and then
sent out by AP1.
STA roaming is implemented only when the wireless SSIDs provided by AP1 and AP2 are the same.
9.2.2 Inter-AC Roaming
Scenario
One STA is associated with AP1 joined to AC1, and then moves to the coverage of AP2 joined to AC2 and is associated
with AP2.Based on the entity (AC or AP) that forwards data, inter-AC roaming is further classified into inter-AC roaming in
centralized forwarding mode and inter-AC roaming in local forwarding mode.
Configuration Guide
Configuring Roaming
9.2.2.1 Inter-AC L2/L3 Roaming in Centralized Forwarding Mode
Figure 错误!未指定样式名。9-5 错误!未指定顺序。 shows inter-AC L2/L3 roaming in centralized forwarding mode.
Figure 错误!未指定样式名。9-6 错误!未指定顺序。 Inter-AC L2/L3 Roaming in Centralized Forwarding Mode
Remark
VLAN X indicates the VLAN ID associated with the STA.
s
MTI is the communication tunnel between ACs.
Deployment

AC1 and AC2 are configured as the mobility member of the peer AC, and can communicate with each other.

AP1 is connected to AC1, and AP2 is connected to AC2. Both AP1 and AP2 are assigned to the same WALN. The
corresponding VLAN is VLAN X.

At first, the STA is associated with AP1, and the obtained IP address is A.A.A.A. Later, the STA moves to the
coverage of AP2, and is associated with AP2. The IP address remains unchanged without communication
interruption.

Before roaming, the data is directly sent out by AC1. After roaming, the data is forwarded from AC2 to AC1 through
the MTI, and then sent out by AC1.
STA roaming is implemented only when the wireless SSIDs provided by AP1 and AP2 are the same.
9.2.2.2 Inter-AC L2/L3 Roaming in Local Forwarding Mode
Figure 错误!未指定样式名。错误!未指定样式名。9-7 错误!未指定顺序。错误!未指定顺序。 shows inter-AC L2/L3 roaming
in local forwarding mode.
Figure 9-8 Inter-AC L2/L3 Roaming in Local Forwarding Mode
Configuration Guide
Configuring Roaming
Remark
VLAN X indicates the VLAN ID associated with the STA.
s
MTI is the communication tunnel between ACs, and CTI is the communication tunnel between APs and ACs.
Deployment

AC1 and AC2 are included in the same mobility group, and are configured as the mobility member of the peer AC.

AP1 is connected to AC1, and AP2 is connected to AC2. Both AP1 and AP2 are assigned to the same WALN. The
corresponding VLAN is VLAN X. Both AP1 and AP2 work in local forwarding mode.

At first, the STA is associated with AP1, and the obtained IP address is A.A.A.A. Later, the STA moves to the
coverage of AP2, and is associated with AP2. The IP address remains unchanged without communication
interruption.

Before roaming, the data is directly sent out by AP1. After roaming, the data is forwarded from AP2 to AP1, and then
sent out by AP1.
STA roaming is implemented only when the wireless SSIDs provided by AP1 and AP2 are the same.
9.3 Features
Basic Concepts

Association and Re-Association
Association: A STA selects an extended service area, and sends the asso frame to set up a connection with this extended
service area.
Re-association: A STA moves from a basic service area of an extended service area to another basic service area of this
extended service area, and is associated with a new AP. In this case, the STA sends the reasso frame.

STA, AP, and AC
Configuration Guide
Configuring Roaming
STA: It is a wireless workstation that is equipped with the wireless network interface card (NIC), such as a laptop computer
or a mobile phone.
AP:It is a wireless access point that provides radio signals so that the STA can access the wireless network.
AC: It is a wireless access controller that provides wireless connection and related service functions.

L2 Roaming and L3 Roaming
L2 roaming: The VLAN to which a STA belongs remains unchanged before and after roaming.
L3 roaming: The VLAN to which a STA belongs changes after roaming.

Centralized Forwarding and Local Forwarding
Centralized forwarding: All packets of a STA are forwarded by the AC.
Local forwarding: Control packets of a STA are processed by the AC, whereas data packets are directly forwarded by the
AP.

Intra-AC Roaming and Inter-AC Roaming
Intra-AC roaming:A STA roams from one AP joined to an AC to another AP joined to the same AC.
Inter-AC roaming:A STA roams from an AP joined to an AC to another AP joined to a different AC.

Home AC and Foreign AC

Home AC (HA): When a STA is associated with an AC in the mobility group for the first time, this AC is called HA of
the STA.

Foreign AC (FA): A STA is currently connected to an AC that is not the HA. This AC is called FA of the STA.
For the intra-AC roaming, the HA is the same as the FA.
Overview
Feature
Description
Mobility Group
After a mobility group is configured, a STA can roam to different ACs in the same mobility group.
Mobility List
The mobility list is an extension of the mobility group. The number of AC members in the mobility
group is limited. The mobilizing list is introduced to extend the roaming scope of STAs without
affecting roaming of the mobility group.
Displaying STA
Displays the current status of all roaming STAs on the local AC and the roaming track of a STA.
Roaming Status and
Roaming Tracks
Suppressing STA
Suppresses the output rate of STA roaming syslogs.
Roaming Syslogs
9.3.1 Mobility Group
The roaming scope of wireless STAs within a WLAN cannot be expanded without limit. To enable a STA to roam among
APs joined to different ACs and manage the roaming scope of STAs, a mobility group is defined to include a group of ACs
within the STA roaming scope.
Configuration Guide
Configuring Roaming
Working Principle
Each AC is configured with a list of other members of the mobility group. When a STA joins an AC, the AC sends out a
message to all of the ACs in the mobility group. If it is the first time the STA accesses the mobility group, the initial AC (HA)
will save information about the STA. When the STA roams to another AC (FA), the HA synchronizes the STA information to
the FA. If this STA is roaming, the HA synchronizes the STA information to the current AC (FA) after receiving a message.
Generally, the roaming STA information is exchanged only after roaming occurs. Before roaming occurs, the information
synchronization function of the mobility group can be used to proactively share STA information among ACs in the mobility
group. This saves time in STA roaming and improves the roaming efficiency.

Topology of the Mobility Group
ACs in the mobility group encapsulate and transfer roaming information through the Controlling and Provisioning of
Wireless Access Point (CAPWAP) tunnel. The unique technology reduces the re-authentication time on the Radius server
after inter-AC roaming of STAs, and accelerates information authentication of roaming STAs, laying a solid foundation for
seamless roaming. Figure 9-9 shows the topology of the mobility group.
Figure 9-10 Topology of the Mobility Group
Remark
MTI is the communication tunnel between ACs.
s
AC1, AC2, and AC3 are in the same mobility group. On each AC, another two ACs are configured as its
mobility member.
9.3.2 Mobility List
The mobility list is an extension of the mobility group. The number of AC members in the mobility group is limited. The
mobility list is introduced to extend the roaming scope of STAs without affecting roaming of the mobility group.
Configuration Guide
Configuring Roaming
Working Principle

Comparison Between the Mobility List and the Mobility Group
Data exchange of roaming STAs in the mobility list is similar with that in the mobility group. The major difference is as
follows: Intra-group roaming adopts Proactive Key Caching (PKC), while inter-group roaming uses the mobility list that
requires the roaming STA to complete the entire authentication process with the AAA/Radius server. Therefore, compared
with intra-group roaming, inter-group roaming presents a relatively low efficiency. The common thing between the mobility
group and the mobility list is that the roaming process is seamless and transparent for users.
A mobility group can be designated for a specific AC. Then, STAs associated with this AC can roam in this mobility group.
In addition to configuration of a mobility group, you can also configure a mobility list on the AC. The member ACs in the
mobility list must be in a mobility group different from that of the current AC. In this way, STAs on the current AC can roam
across mobility groups.
9.3.3 Displaying STA Roaming Status and Roaming Tracks
To learn the roaming status and movements of all STAs on an AC, you can check the status and roaming tracks of current
roaming STAs.
Working Principle
Information about roaming STAs is recorded on the HA, including the roaming type, connected WLAN, as well as VLANs,
APs, and pre-roaming/post-roaming radios. Such information is stored, and deleted only when the STA is deassociated.
The roaming track is recorded by default.
You can run the show mobility user roam- track command to display the tracks of roaming STAs.
9.3.4 Suppressing STA Roaming Syslogs
STA roaming syslog suppression prevents a high CPU usage caused by the large amount of syslogs output during roaming
of a large number of STAs.
Working Principle
The number of syslog records output per second is counted. When this number reaches the upper limit, no more syslog is
output within the second, thereby suppressing the syslogs. In the next second, the number of syslogs is counted again.
9.3.5 Preventing STA Roaming
Roaming prevention is configured to facilitate distribution and use of WLAN resources.
Working Principle
When an AC receives a roaming request, it checks whether the roam-in/roam-out WLAN has been configured with roaming
prevention, If yes, the STA is prevented from roaming.
Configuration Guide
Configuring Roaming
9.4 Configuration
Configuration
Description and Command
(Optional) It is used to implement the inter-AC roaming function.
Configuring a Mobility Group
mobility-group
member
Configuring Proactive
Configures a mobility group.
Adds or deletes a mobility member to or
from the mobility group.
(Optional) It is used to exchange STA information within the mobility group.
Information Exchange
Within the Mobility
mobility-fast
Group
Enables proactive information exchange
within the mobility group.
(Optional) It is used to add members to a mobility list.
Configuring a Mobility List
Adds or deletes member ACs to or from the
list
mobility list.
Configuring the Maximum
(Optional) It is used to configure the maximum number of times a keepalive packet can
Number of Times a
be transmitted. If this number is exceeded, the keepalive attempt fails.
Keepalive Packet Can Be
Transmitted
Configuring the Interval at
keepalive-count
keepalive-interval
Testing Roaming
Connectivity
Suppressing STA Roaming
Syslogs
Preventing STA Roaming
a keepalive packet can be transmitted
(Optional) It is used to configure the interval at which a keepalive packet is sent.
Which a Keepalive Packet Is
Sent
Configures the maximum number of times
Configures the interval at which a keepalive
packet is sent.
(Optional) It is used to test whether ACs in the mobility are interconnected properly.
mti-ping
Tests the connectivity of tunnels between
ACs in the mobility group.
(Optional) It is used to suppress the output rate of STA roaming syslogs.
roaming logging rate-limit
Sets the output rate of STA roaming
syslogs.
(Optional) It is used to prevent STA roaming.
no roaming support wlan
Prevents STA roaming.
9.4.1 Configuring a Mobility Group
Configuration Effect

Configure a mobility group and add a mobility member to implement inter-AC roaming.

The centralized forwarding mode is configured in the same way as the local forwarding mode.
Configuration Guide
Configuring Roaming
Notes

The precondition of inter-AC roaming is that the two ACs can communicate with each other normally.
Configuration Steps

Creating a Mobility Group

(Optional) The configuration is mandatory if inter-AC roaming should be implemented. Run the mobility-group
group-name command to create a mobility group.

Configure at least one mobility group on every AC that involves inter-AC roaming.
Up to eight mobility groups can be created on an AC.
Command
mobility-group group-name
Parameter
group-name: Specifies the name of a mobility group.
Description
Defaults
No mobility group is configured by default.
Command
Global configuration mode
Mode
Usage Guide
N/A

Adding Mobility Members

(Optional) The configuration is mandatory if inter-AC roaming should be implemented.

Add at least one member to a mobility group on every AC that involves inter-AC roaming.

After a mobility group is created, there is no mobility member in the group. Therefore, you need to add one or more
mobility members.

To ensure efficiency and reliability of information synchronization between ACs within a mobility group, you must limit
the number of members in the mobility group. A mobility group supports up to 24 AC members.
Command
member {ip-address|ipv6-address}
Parameter
ip-address: Indicates the IPv4 address of a mobility member.
Description
ipv6-address: Indicates the IPv6 address of an mobility member.
Defaults
A newly created mobility group does not contain any member.
Command
Mobility group configuration mode
Mode
Usage Guide
N/A
Verification
Check the mobility group information to determine whether members are successfully added and whether the connections
are normal.
Configuration Example
All the configuration examples in this document are provided for the scenario of inter-AC roaming in centralized
forwarding mode.

Configuring a Mobility Group and Adding a Member to this Group
Configuration Guide
Configuring Roaming
Scenario
Figure 9-11
Configuratio

Inter-AC or intra-AC Roaming Scenario

Set the loopback address of AC1 to 192.168.1.1 and the loopback address of AC2 to 192.168.1.2,
and ensure that one AC can be pinged successfully from another AC.
n Steps
AC1

Add a mobility group.

Add a mobility member.
Ruijie#configure terminal
Enter configuration commands, one per line.
End with CNTL/Z.
Ruijie(config)#mobility-groupmgroup_name
Ruijie(config-mobility)#member 192.168.1.1
AC2
Ruijie#configure terminal
Enter configuration commands, one per line.
End with CNTL/Z.
Ruijie(config)#mobility-groupmgroup_name
Ruijie(config-mobility)#member 192.168.1.2
Verification
Check the mobility group information to determine the configurations are successful.

Run the show mobility status mgroup_name command on every AC.
Configuration Guide
AC1
Configuring Roaming
Ruijie# show mobility status mgroup_name
Mobility Group mgroup_name
Mobility Keepalive Interval...................... 10
Mobility Keepalive Count......................... 3
Mobility Group Status............................ normal
Mobility Members:
IP Address
Client/Server
192.168.1.1Client
Data Tunnel
OK
Ctrl Tunnel
OK
Mobility List Members:
AC2
Ruijie# show mobility status mgroup_name
Mobility Group mgroup_name
Mobility Keepalive Interval...................... 10
Mobility Keepalive Count......................... 3
Mobility Group Status............................ normal
Mobility Members:
IP Address
Client/Server
192.168.1.2Client
OK
Data Tunnel
Ctrl Tunnel
OK
Mobility List Members:
Common Errors

Mobility AC members fail to ping each other.

The mobility group or members are not configured on an AC.

The mobility group names are inconsistent.
9.4.2 Configuring Proactive Information Exchange within the Mobility Group
Configuration Effect

When roaming does not occur, an AC also shares the STA information with other AC members in the mobility group.
Notes

A mobility group must be configured.
Configuration Guide
Configuring Roaming
Configuration Steps

(Optional) After configuring a mobility group on ACs, enter mobility group configuration mode and enable proactive
information exchange.

(Optional) Configure fast roaming as required.
Command
mobility-fast
Parameter
N/A
Description
Defaults
Proactive information exchange is disabled by default.
Command
Mobility group configuration mode
Mode
Usage Guide
N/A
Verification

Check the mobility group information. If the mobility group status is Fast Mode, the configuration is successful.
Configuration Example

Configuring Proactive Information Exchange within the Mobility Group
Configuratio

Configure a mobility group.(The configurations are omitted here.)
n Steps

Enable proactive information exchange within the mobility group.
AC
Ruijie#configure terminal
Enter configuration commands, one per line.
End with CNTL/Z.
Ruijie(config)#mobility-groupmgroup_name
Ruijie(config-mobility)# mobility-fast
Verification
Check the mobility group information.
AC
Ruijie# show mobility status mgroup_name
Mobility Group mgroup_name
Mobility Keepalive Interval...................... 10
Mobility Keepalive Count......................... 3
Mobility Group Status............................ Fast Mode
……
Common Errors

N/A
9.4.3 Configuring a Mobility List
Configuration Effect

When no more members can be added to the mobility groups, apply the mobility list to implement roaming.
Configuration Guide
Configuring Roaming
Notes

A mobility group must be configured.
Configuration Steps

(Optional) Add members to the mobility list after a mobility group is configured on the AC. Run the list { ip-address |
ipv6-address } command to add a member to the mobility list.

If the number of mobility members exceeds the capacity of the mobility group, you can add members to the mobility
list as an alternative.
A mobility list supports up to 72 members.
Command
list {ip-address| ipv6-address}
Parameter
ip-address: Indicates the IPv4 address of a mobility member.
Description
ipv6-address: Indicates the IPv6 address of a mobility member.
Defaults
No mobility list is configured by default.
Command
Mobility group configuration mode
Mode
Usage Guide
N/A
Verification

Check the mobility group information to determine whether added members exist.
Configuration Example

Configuring a Mobility List
Configuratio

Configure a mobility group. (The configurations are omitted here.)
n Steps

Add members to the mobility list.
AC
Ruijie#configure terminal
Enter configuration commands, one per line.
End with CNTL/Z.
Ruijie(config)#mobility-groupmgroup_name
Ruijie(config-mobility)# list 192.168.1.1
Ruijie(config-mobility)# list 192.168.1.2
Verification
Check the mobility list information.
AC
Ruijie# show mobility status mgroup_name
Mobility Group mgroup_name
Mobility Keepalive Interval...................... 10
Mobility Keepalive Count......................... 3
Mobility Group Status............................ Fast Mode
Mobility Members:
IP Address
Client/Server
Data Tunnel
Ctrl Tunnel
Configuration Guide
Configuring Roaming
Mobility List Members:
IP Address
Client/Server
Data Tunnel
Ctrl Tunnel
192.168.1.2
Client
OK
OK
192.168.1.1
Client
OK
OK
Common Errors

N/A
9.4.4 Configuring the Maximum Number of Times a Keepalive Packet Can Be
Transmitted
Configuration Effect

(Optional) Configure the maximum number of times a keepalive packet can be transmitted. If this number is exceeded,
the keepalive attempt fails.
Notes

A mobility group must be configured and have at least one mobility member.
Configuration Steps

(Optional) Configure a mobility group on the AC, and enter mobility group configuration mode.

The maximum number of times a keepalive packet can be transmitted is not modified by default. If the network
environment is unstable, you can increase this value.
Command
keepalive-count counts
Parameter
counts: Indicates the keepalive times. The value ranges from 2 to 30.
Description
Defaults
4 times after a mobility group is created
Command
Mobility group configuration mode
Mode
Usage Guide
N/A
Verification

Check the mobility group information. The maximum number of times a keepalive packet can be transmitted should be
displayed.
Configuration Example

Configuring the Maximum Number of Times a Keepalive Packet Can Be Transmitted
Configuratio

Configure a mobility group. (The configurations are omitted here.)
n Steps

Set the maximum number of times a keepalive packet can be transmitted to 5.
AC
Ruijie(config)#mobility-group mgroup_name
Configuration Guide
Configuring Roaming
Ruijie(config-mobility)# keepalive-count 5
Verification
Check the mobility group configurations.
AC
Ruijie# show mobility status mgroup_name
Mobility Group mgroup_name
Mobility Keepalive Interval...................... 10
Mobility Keepalive Count......................... 5
Mobility Group Status............................ normal
Common Errors

N/A
9.4.5 Configuring the Interval at Which a Keepalive Packet Is Sent
Configuration Effect

(Optional) Configure the interval at which a keepalive packet is sent.
Notes

A mobility group must be configured and have at least one mobility member.
Configuration Steps

(Optional) Configure a mobility group on the AC, and enter mobility group configuration mode.

The interval at which a keepalive packet is sent is 10s by default. If the network environment is unstable, you can
increase the interval.
Command
keepalive- interval seconds
Parameter
seconds: Indicates the interval at which a keepalive packet is sent. The unit is second. The value ranges
Description
from 1 to 30.
Defaults
10s after a mobility group is created
Command
Mobility group configuration mode
Mode
Usage Guide
N/A
Verification

Check the mobility group information. The interval at which a keepalive packet is sent should be displayed.
Configuration Example

Configuring the Interval at Which a Keepalive Packet Is Sent
Configuratio

Configure a mobility group. (The configurations are omitted here.)
n Steps

Set the interval at which a keepalive packet is sent to 20s.
Configuration Guide
AC
Configuring Roaming
Ruijie(config)#mobility-group mgroup_name
Ruijie(config-mobility)# keepalive-interval20
Verification
Check the mobility group configurations.
AC
Ruijie# show mobility status mgroup_name
Mobility Group mgroup_name
Mobility Keepalive Interval...................... 20
Mobility Keepalive Count......................... 4
Mobility Group Status............................ normal
Common Errors

N/A
9.4.6 Testing Roaming Connectivity
Configuration Effect

(Optional) Start a connectivity test to check whether member ACs are connected with each other normally.
Notes

A mobility group must be configured and have at least one mobility member.
Configuration Steps

(Optional) After configuring a mobility group on the AC, enter mobility group configuration mode to start a connectivity
test.

Start a connectivity test to check whether member ACs in the mobility group communicate with each other normally,.
Command
mti-ping {ip-address|ipv6-address}
Parameter
ip-address: Indicates the IPv4 address of a mobility member.
Description
ipv6-address: Indicates the IPv6 address of a mobility member.
Defaults
N/A
Command
Mobility group configuration mode
Mode
Usage Guide
N/A
Verification

Check the test results.
Configuration Example

Starting a Roaming Connectivity Test
Configuration Guide
Configuring Roaming
Configuratio

Configure a mobility group and add mobility members. (The configurations are omitted here.)
n Steps

Start a roaming connectivity test.
AC
Ruijie(config)#mobility-group my_group_name
Ruijie(config-mobility)#mti-ping 192.168.1.2
Sending 4, MTI packet to
192.168.1.1, timeout is 2 seconds:
!!!!
Success rate is 100 percent (4/4)
Verification
Check the test results.
AC
Sending 4, MTI packet to
192.168.1.1, timeout is 2 seconds:
!!!!
Success rate is 100 percent (4/4)
Common Errors

The mti-ping command is different from the ping command, that is, successful execution of the ping command does
not mean that execution of the mti-ping command is also successful. The mti-ping command is applicable to mobility
group members.
9.4.7 Suppressing STA Roaming Syslogs
Configuration Effect

Even if STAs roam frequently, the number of roaming syslogs output per second does not exceed the limit.
Notes

N/A
Configuration Steps

Configuring the Syslog Suppression Rate

(Optional) The configuration is performed on the AC. Run the roaming logging rate-limit command to configure the
syslog suppression rate.

Configure the syslog suppression rate. A larger rate configured indicates that more syslogs can be output per second.
Command
roaming logging rate-limit limit-num
Parameter
limit-num: Indicates the rate, which is expressed in records per seconds. The value ranges from 1 to
Description
10000.
Defaults
By default, less than five syslog records are output per second, that is, the maximum syslog output rate is
5 records per second.
Command
Mode
Global configuration mode
Configuration Guide
Usage Guide
Configuring Roaming
N/A
Verification

Run the show running command to check whether the syslog suppression rate is successfully configured.
Configuration Example

Suppressing STA Roaming Syslogs
Scenario
Figure 9-12
Configuratio

Configure the STA syslog suppression rate.
n Steps
AC# configure terminal
AC
Enter configuration commands, one per line.
End with CNTL/Z.
AC(config)# roaming logging rate-limit 30
Verification

After the CAPWAP tunnel is established between an AP and an AC, check the configuration
information.
AC# show running
AC
roaming logging rate-limit 30
!
Common Errors

N/A
9.4.8 Preventing STA Roaming
Configuration Effect

STAs are prevented from roaming within a WLAN.
Notes

N/A
Configuration Steps
Configuration Guide
Configuring Roaming

Preventing STA Roaming within a WLAN

(Optional) The configuration is performed on the AC. Run the no roaming support wlan command to prevent STA
roaming.

Roaming is permitted by default. Run the no roaming support wlan command to prevent STA roaming.
Command
[ no ] roaming support wlan wlan-id
Parameter
wlan-id: Specifies a WLAN.
Description
Defaults
Roaming is permitted by default.
Command
Global configuration mode
Mode
Usage Guide
N/A
Verification

Run the show running command to check whether the syslog suppression rate is successfully configured.
Configuration Example

Preventing STA Roaming
Configuratio

Configure roaming prevention within WLAN100.
n Steps
AC# configure terminal
AC
Enter configuration commands, one per line.
End with CNTL/Z.
AC(config)# no roaming support wlan 100
Verification

After the CAPWAP tunnel is established between an AP and an AC, check the configuration
information.
AC# show running
AC
no roaming support wlan 100
!

Common Errors

N/A
9.5 Monitoring
Displaying
Description
Command
Displays configurations of all
show mobility summary
mobility groups.
Displays configurations of a
specified mobility group.
show mobility status group-name
Configuration Guide
Configuring Roaming
Displays roaming statistics.
show mobility statistics
Displays roaming STA information.
show mobility user [mac]
Displays the roaming tracks of
show mobility user roam-track mac
roaming STAs.