Pages

Tuesday, January 29, 2013

LWAPP Protocol Basics


In this topic i am planning to cover LWAPP protocol which is basic protocol for all controller based communications. For  CAPWAP protocol also base is LWAPP protocol. Now all the vendors are using CAPWAP/LWAPP protocol for communicating between Controller and APs.


Overview

        LWAPP is a generic protocol defining how Wireless Termination Points   communicate with Access Controllers.  Wireless Termination Points and   Access Controllers may communicate either by means of Layer 2   protocols or by means of a routed IP network.


LWAPP goals
  •   Centralization of the bridging, forwarding, authentication and policy enforcement
  •   Permit shifting of the higher level protocol processing burden away from the WTP
  •   Providing a generic encapsulation and transport mechanism
Note :

  WTP -Wireless Termination Points . Llike APs.
  AC   - Acess Controller . Like Controllers or Wireless Switchesor WLAN appliance  

State machine of LWAPP


LWAPP communication will happen with below messages

LWAPP discovery

     L2: MAC level Broadcast domain

     L3:
        No need of same subnet
        Discovery request
        Limited broad cast(255.255.255.255)
       Well Known Multicast
       Unicast IP address
       Discovery Response is always Unicast message


LWAPP Packets are classified into two types.

LWAPP data messages
For waded Wireless frames

LWAPP control messages
Control channel is series of Control messages between AC and WTP assosiated with session ID and key.


LWAPP control messages

1. Discovery
2. Control Channel management
3. WTP configuration management
4. Mobile session management
5. Firmware management

Control message format


      0                   1                   2                   3
      0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     |  Message Type |    Seq Num    |      Msg Element Length                           |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     |                           Session ID                                                                      |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     |      Msg Element [0..N]                    |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+





All LWAPP control messages

    Description                                                      Value
Discovery Request                                             1
Discovery Response                                          2
Join Request                                                      3
Join Response                                                   4
Join ACK                                                         5
Join Confirm                                                     6
Unused                                                            7-9
Configure Request                                           10
Configure Response                                        11
Configuration Update Request                         12
Configuration Update Response                      13
WTP Event Request                                       14
WTP Event Respons                                      15
Change State Event Request                           16
Change State Event Response                         17
Unused                                                           18-21

   Echo Request                                                 22
Echo Response                                               23
Image Data Request                                        24
Image Data Response                                     25
Reset Request                                                26
Reset Response                                              27
Unused                                                           28-29
Key Update Request                                      30
Key Update Response                                    31
Primary Discovery Request                             32
Primary Discovery Response                          33
Data Transfer Request                                    34
Data Transfer Response                                 35
Clear Config Indication                                  36
WLAN Config Request                                 37
WLAN Config Response                              38
Mobile Config Request                                  39
Mobile Config Response                               40




Discovery

a. Discovery Request:
Necessary step even for static AC also
Wait MaxDiscoveryInterval

b. Discovery Response
Wait Discovery Interval and select one of ACs move to joining state


c. Primary Discovery Request
Check Preferred AC availability
If it is connected to Another AC and configured with primary AC

d. Primary Discovery Response
Advertises availability and services
Connect to Primary AC



Control Channel management

a.Join Request

It is used as MTU discovery Mechanism
With unknown MTU path discovery ,Initial Join Request with 1596bytes.
It will try with 15961500bytes.
If valid certificate generates session key and context for session.
Note : Join Request consists of certificate and Wnonce must be considered as invalid.



b. Join Response

Capable and willing to provide service
Heartbeat timer initiated ,expiration deletion of AC-WTP session.
Timer refreshed on Echo Request.
Valid PSK-MIC responds with Join ACK.





C. Join ACK

WTP to AC , a mean of Key confirmation

D. Join confirm

AC to WTC , a mean of Key confirmation
It will put NeighbourDeadInterval expiration will give Echo request.
Note : This two happen with Pre shared key only.




e. Echo Request

Keep alive mechanism

f. Echo Response

AC should reset Heartbeat timer.
If not received AC consider WTP not reachable.

g. Key Update Request

WTP to AC to initiate re-keying phase
Includes new session unique identifier.


h. Keyupdate Response

Includes session ID,PSK-MIC element.

i. Keyupdate ACK

By WTP used for key derivation process
Those session keys used in encryption

j . KeyUpdate confirm

Closes re-keying loop.

h. KeyUpadate Trigger

AC to make WTP to start keyupdate request.








2 comments:

  1. Hi Nagababu,

    Below two links gives the diagram for AP join process. May be you can add the same in your blog that which help also other readers.

    http://www.google.co.in/imgres?imgurl=http://support.huawei.com/enterprise/product/images/036336073dcd44eba62809af1818721e&imgrefurl=http://support.huawei.com/enterprise/docinforeader.action?contentId%3DDOC0100591386%26partNo%3D100122&h=549&w=426&tbnid=y4-EcxV_oer6aM:&docid=6Zi6wbYfk_13uM&ei=sr8KVpjuLdWJuATAvb2gDw&tbm=isch&ved=0CFkQMygzMDNqFQoTCJiP1ZzYnMgCFdUEjgodwF4P9A


    http://www.google.co.in/imgres?imgurl=http://www.cisco.com/c/dam/en/us/support/docs/wireless-mobility/wireless-vlan/117551-troubleshoot-ap-01.jpg&imgrefurl=http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-vlan/117551-troubleshoot-ap-00.html&h=728&w=484&tbnid=6Yr1INxnkc5QAM:&docid=Y1Dw77caMe8USM&ei=sr8KVpjuLdWJuATAvb2gDw&tbm=isch&ved=0CCQQMygIMAhqFQoTCJiP1ZzYnMgCFdUEjgodwF4P9A


    ReplyDelete
  2. Enter the IP address in your program address bar or snap on "Access Router Panel" button beneath. It tends to be on your PC or your cell phone. Simply ensure that the gadget is associated with a similar router's network.

    At the point when you enter 192.168.42.1 - Login Admin - Router Help in the address bar and hit enter, you will be incited to enter a client id and password. Enter your default client id and password accreditations (You can find them starting from the drop list referenced beneath) in the content field, and hit Enter.

    In the event that you don't have the foggiest idea about your default possibilities, take a stab at entering "admin" for both client id and password. It works fine for my iBall Modem, however I don't know whether it will chip away at each model each and every time. You can likewise recuperate router password with our bit by bit manage.

    There is a rundown down underneath which will assist you with recognizing your modem and default accreditations to do don't stress over that to an extreme. We have you secured.

    ReplyDelete