H3C WA系列AP自动信道桥接配置 |
您所在的位置:网站首页 › h3cmini系列AP › H3C WA系列AP自动信道桥接配置 |
H3C WA系列AP自动信道桥接配置 一、 组网需求 无线控制器(AC)、无线接入点(FIT AP),无线桥接设备(FAT AP),网管服务器(MIB Browser)。 二、 组网图 本次配置举例中使用AC为WX5004,FIT AP为WA2620i-AGN,FAT AP 为WA2220E-AG,AC作为DHCP 服务器,AP在AC上自动获取IP地址(192.168.1.0/24),并在AC上注册成功。AC对FIT AP下发桥接相关配置,FAT AP上配置好桥接参数,保证与FIT AP桥接成功。NMS通过网管软件MIB Browser设置FAT AP信道为自动信道,FAT AP通过扫描信道与FIT AP建立MESH链路并转发数据报文。 三、 特性介绍 无线网桥是无线射频技术和传统的有线网桥技术相结合的产物,无线网桥可以无缝地将相隔较远距离的局域网络连接在一起,创建统一的企业或小型城域网络系统,在最简单的网络构架中,网桥的以太网端口连接到局域网中的某个接入层的交换机上,信号发射端口则通过电缆和天线相连接,通过这样的方式实现现有网络系统的扩展。其特点就是省去了有线的架设,可以方便地将有线网络或者无线网络孤岛连接到一个现有的网络中,或者将几个有线或者无线网络的孤岛连接成一个局域网络,并在两点之间提供数据传输,而传输链路包括两个方面的内容: ? 链路的建立:通过在对等体之间交换消息来建立连接 ? 链路的安全:提供PSK+CCMP的无线安全连接 在轨道交通车辆段方案上,可以采用自动信道方式建立MESH链路,解决车辆段数据传送问题。当列车回库时,列车根据压轨信号通知网管服务器更改车载MR信道为自动信道,MR切换为自动信道后,扫描各个信道桥接信号,当扫描到桥接信号之后将与轨旁的AP建立MESH链路并转发数据。车辆段轨旁AP可以部署多个不同信道,降低信道拥塞率,提高空间转发带宽,解决车辆段干扰大、带宽小的问题。 四、 配置步骤 1. AC配置信息 (1) 开启端口安全 [AC]port-security enable (2) 使能MKD服务绑定,为Mesh Profile使能MKD服务 [AC]mkd-service enable mesh-profile 1 (3) 配置桥接接口 [AC]int wlan-mesh 1 [AC-WLAN-MESH1] port link-type trunk [AC-WLAN-MESH1] port trunk permit vlan all [AC-WLAN-MESH1]port-security port-mode psk [AC-WLAN-MESH1] port-security tx-key-type 11key [AC-WLAN-MESH1]port-security preshared-key pass-phrase mesh1234 (4) 配置桥接mesh-profile [AC]wlan mesh-profile 1 [AC-wlan-mshp-1]mesh-id mesh1 [AC-wlan-mshp-1]bind WLAN-MESH 1 [AC-wlan-mshp-1]mesh-profile enable (5) 配置AP模板 [AC]wlan ap 1 model WA2620i-AGN id 1 [AC-wlan-ap-1] serial-id 5866-BA6B-F2C0 [AC-wlan-ap-1] portal-service enable [AC-wlan-ap-1]radio 1 [AC-wlan-ap-1-radio-1] channel 149 [AC-wlan-ap-1-radio-1] mesh-profile 1 [AC-wlan-ap-1-radio-1] radio enable 2. FAT(车载MR)配置 (1) 开启端口安全 [MR]port-security enable (2) 配置桥接接口 [MR]int wlan-mesh 1 [MR-WLAN-MESH1] port link-type trunk [MR-WLAN-MESH1] port trunk permit vlan all [MR-WLAN-MESH1]port-security port-mode psk [MR-WLAN-MESH1] port-security tx-key-type 11key [MR-WLAN-MESH1]port-security preshared-key pass-phrase mesh1234 (3) 配置桥接mesh-profile [MR]wlan mesh-profile 1 [MR-wlan-mshp-1]mesh-id mesh1 [MR-wlan-mshp-1]bind WLAN-MESH 1 [MR-wlan-mshp-1]mesh-profile enable (4) 射频口绑定信息 [MR-WLAN-Radio1/0/1] mesh-profile 1 3. 网管设置车载AP为自动信道 h3cDot11RadioCfgChannel :1.3.6.1.4.1.2011.10.2.75.4.4.1.1.10 在网管软件MiB Browser上找到节点,右击选择set: 点击set之后弹出新的对话框,instance对于数值3和4分别代表射频1和射频2,选择桥接的射频并设值: 点击instance数值之后弹出新的对话框,按照下面步骤设值 设值之后,网管软件反馈设值之后的数值,数值0代表自动信道: ***** SNMP SET-RESPONSE START ***** 1: h3cDot11RadioCfgChannel.3 (H3cDot11ChannelScopeType) 0 ***** SNMP SET-RESPONSE END *****
在轨道交通车辆段应用中,当车辆进入车辆段时,MR(FAT AP)的信道由固定信道切换至可变自动信道,在这个过程中原有MESH链路会断开,相关日志: #Aug 13 15:17:22:956 2013 MR IFNET/4/INTERFACE UPDOWN: Trap 1.3.6.1.6.3.1.1.5.3: Interface 13369344 is Down, ifAdminStatus is 1, ifOperStatus is 2 %Aug 13 15:17:22:957 2013 MR IFNET/3/LINK_UPDOWN: WLAN-MESHLINK4 link status is DOWN. %Aug 13 15:17:22:957 2013 MR WMSH/6/WMESH_PEER_LINK_CLOSED: Peer link is closed with neighbor 5866-ba6b-f2c0 for reason:LINK_CANCELLED.
而MR(FAT AP)会扫描信道,并建立新的MESH链路: %Aug 13 15:17:28:034 2013 MR WMAC/6/WMAC_CHANNEL_CHANGE: Channel change for APID 1, RadioId 1 from channel 0 to channel 165. #Aug1315:17:54:9942013MRWMAC/4/ChannelChange: Channel:1.3.6.1.4.1.2011.10.2.75.2.3.0.5 Serial Id:210235A29FB094000055 Serial Id:210235A29FB094000055 Radio Id:12386305 ChangeMode:2 Old:165 New:0 Count:2 %Aug 13 15:17:54:995 2013 MR WMAC/6/WMAC_CHANNEL_CHANGE: Channel change for APID 1, RadioId 1 from channel 165 to channel 0. #Aug 13 15:17:57:465 2013 MR IFNET/4/INTERFACE UPDOWN: Trap 1.3.6.1.6.3.1.1.5.4: Interface 13369344 is Up, ifAdminStatus is 1, ifOperStatus is 1 %Aug 13 15:17:57:466 2013 MR IFNET/3/LINK_UPDOWN: WLAN-MESHLINK6 link status is UP. %Aug 13 15:17:57:466 2013 MR WMSH/6/WMESH_PEER_LINK_ESTABLISH: Peer link is established with neighbor 5866-ba6b-f2c0 in MESH h3c,on radio 1 with BSSID 000f-e2fb-f8e0. %Aug 13 15:17:57:486 2013 MR WMSH/6/WMESH_AUTH_SUCCESS: Authentication success with neighbor 5866-ba6b-f2c0 in MESH h3c,on radio 1 with BSSID 000f-e2fb-f8e0. #Aug13 15:17:58:008 2013 MR WMAC/4/Channel Change: Channel:1.3.6.1.4.1.2011.10.2.75.2.3.0.5 Serial Id:210235A29FB094000055 Serial Id:210235A29FB094000055 Radio Id:12386305 ChangeMode:2 Old:0 New:149 Count:3 %Aug 13 15:17:58:009 2013 MR WMAC/6/WMAC_CHANNEL_CHANGE: Channel change for APID 1, RadioId 1 from channel 0 to channel 149. 五、 配置信息: 1. AC配置信息 display current-configuration # version 5.20, Release 2507P18 # sysname AC # domain default enable system # telnet server enable # port-security enable # password-recovery enable # vlan 1 # vlan 2 # domain system access-limit disable state active idle-cut disable self-service-url disable # dhcp server ip-pool 1 network 192.168.1.0 mask 255.255.255.0 gateway-list 192.168.1.1 # user-group system group-attribute allow-guest # local-user admin password cipher $c$3$c4L1HLDZysGa7aqT0aMAtJ4t1fQpw3KL authorization-attribute level 3 service-type telnet # wlan mesh-profile 1 mesh-id h3c bind WLAN-MESH 1 mesh-profile enable # wlan rrm dot11a mandatory-rate 6 12 24 dot11a supported-rate 9 18 36 48 54 dot11b mandatory-rate 1 2 dot11b supported-rate 5.5 11 dot11g mandatory-rate 1 2 5.5 11 dot11g supported-rate 6 9 12 18 24 36 48 54 # wlan ap-group default_group ap ap1 # interface NULL0 # interface Vlan-interface1 ip address 192.168.1.1 255.255.255.0 # interface GigabitEthernet1/0/1 # interface GigabitEthernet1/0/2 # interface GigabitEthernet1/0/3 # interface GigabitEthernet1/0/4 port link-type trunk port trunk permit vlan 1 3 to 4094 # interface Ten-GigabitEthernet1/0/5 # interface WLAN-MESH1 port link-type trunk port trunk permit vlan all port-security port-mode psk port-security tx-key-type 11key port-security preshared-key pass-phrase cipher $c$3$cXqAkh+F7V0/MmTapJ0tk8XM3OMV/BMiy9AI # wlan ap ap1 model WA2620i-AGN id 1 serial-id 5866-BA6B-F2C0 portal-service enable radio 1 channel 149 mesh-profile 1 radio enable radio 2 radio enable # wlan ips malformed-detect-policy default signature deauth_flood signature-id 1 signature broadcast_deauth_flood signature-id 2 signature disassoc_flood signature-id 3 signature broadcast_disassoc_flood signature-id 4 signature eapol_logoff_flood signature-id 5 signature eap_success_flood signature-id 6 signature eap_failure_flood signature-id 7 signature pspoll_flood signature-id 8 signature cts_flood signature-id 9 signature rts_flood signature-id 10 signature addba_req_flood signature-id 11 signature-policy default countermeasure-policy default attack-detect-policy default virtual-security-domain default attack-detect-policy default malformed-detect-policy default signature-policy default countermeasure-policy default # undo info-center logfile enable # dhcp enable # mkd-service enable mesh-profile 1 # user-interface con 0 user-interface vty 0 4 authentication-mode scheme user privilege level 3 # return 2. MR配置信息 display current-configuration # version 5.20, Feature 1117P17 # sysname MR # domain default enable system # telnet server enable # port-security enable # password-recovery enable # vlan 1 # vlan 2 # domain system access-limit disable state active idle-cut disable self-service-url disable # user-group system group-attribute allow-guest # local-user admin password cipher $c$3$BcBPzkTT/3nGrNIPRy/ZlGOYjw7fCH7LGkpyUTg= authorization-attribute level 3 service-type telnet # wlan mesh-profile 1 mesh-id h3c bind WLAN-MESH 1 mesh-profile enable # wlan rrm dot11a mandatory-rate 6 12 24 dot11a supported-rate 9 18 36 48 54 dot11b mandatory-rate 1 2 dot11b supported-rate 5.5 11 dot11g mandatory-rate 1 2 5.5 11 dot11g supported-rate 6 9 12 18 24 36 48 54 # interface NULL0 # interface Vlan-interface1 ip address dhcp-alloc # interface Vlan-interface2 ip address 192.168.2.2 255.255.255.0 # interface Ethernet1/0/1 port link-type trunk port trunk permit vlan all # interface WLAN-MESH1 port link-type trunk port trunk permit vlan all port-security port-mode psk port-security tx-key-type 11key port-security preshared-key pass-phrase cipher $c$3$hCExxOrUqQDAHtoNnmBMe/57F1tx3CrR4ELn # interface WLAN-Radio1/0/1 mesh-profile 1 # interface WLAN-Radio1/0/2 # snmp-agent snmp-agent local-engineid 800063A203000FE2FBF8E0 snmp-agent community read public snmp-agent community write private snmp-agent sys-info version all # arp-snooping enable # load xml-configuration # user-interface con 0 user-interface vty 0 4 authentication-mode scheme # return 六、 结果验证: 1. 查看MESH链路 display wlan mesh-link all Peer Link Information ------------------------------------------------------------------------------- Nbr-Mac(rssi) BSSID Interface Link-state Uptime(hh:mm:ss) ------------------------------------------------------------------------------- 5866-ba6b-f2c0(43) 000f-e2fb-f8e0 WLAN-MESHLINK7 Active 0: 3:40 ------------------------------------------------------------------------------- 2. MR自动获取IP地址,能够与AC通信 ping 192.168.1.1 PING 192.168.1.1: 56 data bytes, press CTRL_C to break Reply from 192.168.1.1: bytes=56 Sequence=1 ttl=255 time=2 ms Reply from 192.168.1.1: bytes=56 Sequence=2 ttl=255 time=3 ms Reply from 192.168.1.1: bytes=56 Sequence=3 ttl=255 time=2 ms Reply from 192.168.1.1: bytes=56 Sequence=4 ttl=255 time=2 ms Reply from 192.168.1.1: bytes=56 Sequence=5 ttl=255 time=2 ms
--- 192.168.1.1 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 2/2/3 ms |
今日新闻 |
推荐新闻 |
CopyRight 2018-2019 办公设备维修网 版权所有 豫ICP备15022753号-3 |