Manualshelf

Installation guide

ManualsBrandsMotorola ManualsComputer equipmentRFS6000 - Wireless RF Switch
21222324252627282930
Overview 1-15
with UPSD enabled. After the AP acknowledges the trigger frame, it transmits the frames in its UPSD power
save buffer addressed to the triggering switch.
UPSD is well suited to support bi-directional frame exchanges between a voice STA and its AP.
1.2.2.17 Multiple VLANs per WLAN
The switch permits the mapping of a WLAN to more than one VLAN. When a MU associates with a WLAN,
the MU is assigned a VLAN by means of load balance distribution. The VLAN is picked from a pool assigned
to the WLAN. The switch tracks the number of MUs per VLAN, and assigns the least used/loaded VLAN to
the MU. This number is tracked on a per-WLAN basis.
A broadcast key, unique to the VLAN, encrypts packets coming from the VLAN. If two or more MUs are on
two different VLANs, they both hear the broadcast packet, but only one can decrypt it. The switch provides
each MU a unique VLAN broadcast key as part of the WPA2 handshake or group key update message of a
WPA handshake.
Limiting Users Per VLAN
Not all VLANs within a single WLAN must have the same DHCP pool size. Assign a user limit to each VLAN
to allow the mapping of different pool sizes.
Specify the VLAN user limit. This specifies the maximum number of MUs associated with a VLAN (for a
particular WLAN). When the maximum MU limit is reached, no more MUs can be assigned to that VLAN.
Packet Flows
There are four packet flows supported when the switch is configured to operate with multiple VLAN per
WLAN:
Unicast From Mobile Unit – Frames are decrypted, converted from 802.11 to 802.3 and switched to the
wired side of the VLAN dynamically assigned to the mobile device. If the destination is another mobile
device on the wireless side, the frame is encrypted and switched over the air.
Unicast To Mobile Unit – The frame is checked to ensure the VLAN is same as that assigned to the mobile
device. It is then converted to an 802.11 frame, encrypted, and sent over the air.
Multicast/Broadcast From Mobile Unit – The frame is treated as a unicast frame from the MU, with the
exception that it is encrypted with the per-VLAN broadcast key and then transmitted over the air.
Multicast/Broadcast from Wired Side – If the frame comes from a VLAN mapped to the WLAN, it’s
encrypted using a per-VLAN broadcast key and transmitted over the air. Only MUs on that VLAN have a
broadcast key that can decrypt this frame. Other MUs receive it, but discard it.
In general, when there are multiple VLANs mapped to the same WLAN, the broadcast buffer queue size
scales linearly to accommodate a potential increase in the broadcast packet stream.
Roaming within the Switch
When a MU is assigned to a VLAN, the switch registers the VLAN assignment in its credential cache. If the
MU roams, it is assigned back to its earlier assigned VLAN. The cache is flushed upon detected MU inactivity
or if the MU associates over a different WLAN (on the same switch).
Roaming across a Cluster
MUs roam amongst switch cluster members. The switch must ensure a VLAN remains unchanged as an MU
roams. This is accomplished by passing MU VLAN information across the cluster using the interface used by
a hotspot. It automatically passes the username/password across the credential caches of the member