Understanding Distributed Access Point Behavior on a Layer 3 Network
Access Points can be connected to a wireless network two different ways, either directly to a controller or through a switch. When an access point is connected directly to a controller, operation is straightforward—the access point communicates with the controller by default.
An access point that is connected to a network instead of directly to a controller is referred to as a distributed access point—the operation of a distributed access point is more complex because the access point has to complete a number of steps to find, then connect to, a working controller. This topic describes how a distributed access point boots on a Layer 3 network.
This topic describes:
What Is a Layer 3 Network?
Layer 2 networks forward all broadcast traffic so that any broadcast traffic is transmitted. A large Layer 2 network, forwarding all of this data, can suffer from congestion and decreased network efficiency. In contrast, Layer 3 devices restrict broadcast traffic such as ARP and DHCP broadcasts to the local network. This reduces overall traffic levels by allowing administrators to segment networks into subnetworks and restrict broadcasts to that subnetwork. This means there is a limit to the size of a Layer 2 network, but a Layer 3 network, properly configured, can grow to any size.
This explanation uses the following hardware components to form a typical Layer 3 network:
One DHCP server
One DNS server
One access point set to Distributed Connection and High Bias for controller1 and controller3. The access point is set to low bias for controller2. For more information about bias, see Understanding Access Point Bias for Controllers.
Figure 1 illustrates this network topology. As you can see, the access point is in a different subnet than the controllers, so the access point must negotiate its way to one of the controllers. In this case, the access point must also select one of three available controllers using the bias settings on the access point and controllers.
How Does an Access Point Find a Controller on a Layer 3 Network?
In a Layer 3 network, a distributed access point behaves as described in Table 1. Interactions are color coded as indicated in the table. Interaction begins with the first action in the table (access point sends a discover message to the DHCP server) and ends with a list of SSIDs on the access point.
Table 1: Access Point Connecting to a Controller in a Layer 3 Network
Access Point Action
Color of Route in Figure
Access point sends a discover message from port 1 on the access point to the DHCP server.
DHCP server replies with a DHCP offer message containing:
Note: DHCP can optionally provide Option 43 information to the access point, which specifies controller information directly without need for the DNS step.
Access point sends a DHCP request message to the DHCP server.
DHCP server sends an ACK to the access point.
Access point sends a broadcast find controller message to the IP subnet broadcast address.
When the access point is unable to locate an controller on the subnet connected to it, the access point sends a DNS request for wlan-switch.
The DNS server sends the system IP address of the controller mapped to wlan-switch. DNS returns controller1 in this example.
Access point sends a unicast find controller message to controller1.
Controller1 receives the find controller message and compares the bias settings on each controller. More than one controller has a high bias for this access point, therefore controller1 selects the controller with the greatest capacity to add new active access point connections. In this example, controller1 has more capacity. Controller1 sends its own IP address to the access point in the find controller reply message.
Access point contacts controller1 and determines whether to use a locally stored operational image or download an image from the controller.
Controller1 sends an access point image if requested.
Once the operational image is loaded, the access point requests configuration information from controller1.
Controller1 sends SSID information to the access point.