Hi Jason,
I've tried with various permutation of the repeater configuration with
regards to the bridge no assignment as well as the encapsulation dot1q
native command on both the dot11 and fa interface. From your lecture i
understand that the bridge group is used to link up the dot interface
with the fa interface so i think i'm not confused with the enc dot1q
no and the bridge group no.
With much effort, I can never get your configuration to work. The
wireless client when registered to the repeater will not be able to
get ip add from the dhcp. This is when the repeater is assigned a vlan
in dot11 ssid and the vlan gets dot1q native on the radio interface
(necessary for infr ssid and repeater mode) with the corresponding
bridge group no. To test the link between the repeater and the root, i
changed the repeater's int d0.15 to bridge-group 1 and edited the ip
add of int bv1 to the same subnet as the configured vlan. I can ping
from the repeater to the LAN behind the root. I configured a static ip
on the client (since no dhcp assigned address) and pinged the LAN
behind the root, but it doesn't go through. I pinged the repeater bvi
address from the wireless client and it went through. I can ping the
repeater from CAT2. I can even see the arp of the wireless client in
CAT2, but it just won't ping through.
The only time when i managed to get everything working is when
everything (both root and repeater) is on native vlan, bridge group 1.
very weird.
Alvin
Quoting Jason Boyers <[email protected]>:
As part of my last vLecture, I said that I would send configs for the
Repeater using a different bridge-group than BG 1, WGB using the
workgroup-bridge client-vlan x command, and WGB connecting to a non-native
VLAN. Note the use of the "bridge 20 protocol ieee" on the WGB, as well as
the "spanning-tree bpdufilter enable" command on the switch attaced to the
WGB. The WGB using the client-vlan command would not function without
them. And, the WGB connected to the non-native VLAN requires that the
"bridge 20 protocol ieee" command be applied to the root AP. Otherwise, the
corresponding VLAN (whichever VLAN that bridge group is associated with on
the Ethernet side) will go into a blocking state due to "self-looped." That
means that the switchport sees the same BPDU that it sent for the VLAN being
received on the same port. Hope these help clear up some confusion.
Jason Boyers - CCIE #26024 (Wireless)
Technical Instructor - IPexpert, Inc.
Mailto: *[email protected]
*
REPEATER USING BG 20
ROOT AP
dot11 ssid test
vlan 20
auth open
!
int dot 0
ssid test
station-role root
!
int d0.20
encap dot 20 native
bridge-group 20
!
int f0.20
encap dot 20
bridge-group 20
REPEATER
int d0.20
encap dot 20 native
bridge-group 20
!
int f0.20
encap dot 20
bridge-group 20
!
dot11 ssid test
auth open
infrastructure-ssid
!
int dot 0
ssid test
station-role repeater
WGB with Client-VLAN
ROOT AP
dot11 ssid test
vlan 20
auth open
!
int dot 0
ssid test
station-role root
!
int d0.20
encap dot 20
bridge-group 20
!
int f0.20
encap dot 20
bridge-group 20
WGB CLIENT
dot11 ssid test
auth open
!
int dot 0
ssid test
station-role workgroup-bridge
!
bridge 20 protocol ieee
!
workgroup-bridge client-vlan 20
WG SWITCH
int f0/2
sw host
sw access vlan 20
spanning-tree bpdufilter enable
WGB TO NON-NATIVE VLAN
ROOT AP
dot11 ssid test
vlan 20
auth open
!
int dot 0
ssid test
station-role root
!
int d0.20
encap dot 20
bridge-group 20
!
int f0.20
encap dot 20
bridge-group 20
!
bridge 20 protocol ieee
WGB CLIENT
dot11 ssid test
auth open
!
int dot 0
ssid test
station-role workgroup-bridge
!
WG SWITCH
int f0/2
sw host
sw access vlan 20
spanning-tree bpdufilter enable
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com