H3C WX系列AC下两个FIT AP桥接配置指导

---

H3C WX系列AC下两个FIT AP桥接配置

一、    组网需求

无线控制器（AC）、无线接入点（FIT AP）、无线笔记本

二、    组网图

本次配置举例中使用AC为WX3010，FIT AP为WA2210-AG/WA2220-AG，AC作为DHCP 服务器，AP在AC上自动获取IP地址（192.168.1.0），并在AC上注册成功；笔记终端通过5GHz接入无线服务，在AC上获取IP地址（192.168.2.0），并通过AC转发外网数据。

三、    特性介绍

无线网桥是无线射频技术和传统的有线网桥技术相结合的产物，无线网桥可以无缝地将相隔较远距离的局域网络连接在一起，创建统一的企业或小型城域网络系统，在最简单的网络构架中，网桥的以太网端口连接到局域网中的某个接入层的交换机上，信号发射端口则通过电缆和天线相连接；通过这样的方式实现现有网络系统的扩展。其优势和特点就是省去了有线的架设难度，可以简单的将有线网络或者无线网络孤岛连接到一个现有的网络中，或者将几个有线或者无线网络的孤岛链接一个局域网络。并且在两点之间提供数据传输，具备基本功能：

?  链路的建立：通过在对等体之间交换消息来建立连接

?  链路的安全：提供PSK＋CCMP的无线安全连接

AC + FIT AP建立桥接组网中，近端AP 2通过有线与AC通信，远端AP 1是通过默认的桥接与AP 2建立桥接连接（该桥接可以维持2分钟，2分钟之后将断开连接），AP 1通过默认的桥接链路到AC注册，并下载新的桥接配置，然后使用新的桥接配置建立桥接关系。AP 1上通过无线接入的终端数据报文，使用桥接链路将数据报文上传到AC，由AC统一转发；如果数据报文从AP的以太网口传送过来，那数据报文通过桥接链路传送到AP 2之后，AP 2二层转发数据。

四、    主要配置步骤

1.   开启端口安全

[AC]port-security enable

2.   使能MKD服务绑定，为Mesh Profile使能MKD服务

[AC]mkd-service  enable  mesh-profile  1

3.   配置桥接接口

[AC]int wlan-mesh 1

[AC-WLAN-MESH1] port link-type trunk

[AC-WLAN-MESH1] port trunk permit vlan all

[AC-WLAN-MESH1]port-security port-mode psk

[AC-WLAN-MESH1] port-security tx-key-type 11key

[AC-WLAN-MESH1]port-security preshared-key pass-phrase mesh1234

4.   配置桥接mesh-profile

[AC]wlan mesh-profile  1

[AC-wlan-mshp-1]mesh-id mesh1

[AC-wlan-mshp-1]bind WLAN-MESH 1

[AC-wlan-mshp-1]mesh-profile enable

5.   配置无线服务

[AC]wlan ser 1 clear

[AC-wlan-st-1]wlan service-template 1 clear

[AC-wlan-st-1]ssid H3C-WLAN

[AC-wlan-st-1]bind WLAN-ESS 0

[AC-wlan-st-1]service-template enable

6.   配置AP模板

[AC]wlan ap 1 model WA2220-AG id 1

[AC-wlan-ap-1]serial-id 000F-E2F2-0340

[AC-wlan-ap-1]radio 1

[AC-wlan-ap-1-radio-1]service-template 1

[AC-wlan-ap-1-radio-1] radio enable

[AC-wlan-ap-1-radio-1]quit

[AC-wlan-ap-1]radio 2

[AC-wlan-ap-1-radio-2]channel 11

[AC-wlan-ap-1-radio-2]mesh-profile 1

[AC-wlan-ap-1-radio-2]mesh peer-mac-address 0023-892f-42a0

[AC-wlan-ap-1-radio-2]radio enable

[AC]wlan ap 2 model WA2210-AG id 2

[AC-wlan-ap-2] serial-id 0023-892F-42A0

[AC-wlan-ap-2] portal-service enable

[AC-wlan-ap-2]radio 1

[AC-wlan-ap-2-radio-1]channel 11

[AC-wlan-ap-2-radio-1]mesh-profile 1

[AC-wlan-ap-2-radio-1]mesh peer-mac-address 0023-892f-42a0

[AC-wlan-ap-2-radio-1]radio enable

AP 1为远端AP，AP 2 为近端AP。

 

五、    配置信息：

1.   AC软件版本

[AC]_ ver

H3C Comware Platform Software

Comware Software, Version 5.20, Release 3111P12

Comware Platform Software Version COMWAREV500R002B71D024

H3C WX3010 Software Version V300R001B71D024

Copyright (c) 2004-2011 Hangzhou H3C Tech. Co., Ltd. All rights reserved.

Compiled Nov 29 2011 16:26:24, RELEASE SOFTWARE

H3C WX3010 uptime is 0 week, 0 day, 23 hours, 32 minutes

H3C WX3010 with 1 RMI XLS 208 750MHz Processor

256M bytes DDR2

56M bytes Flash Memory

Config Register points to FLASH

Hardware Version is Ver.A

CPLD Version is 003

Basic Bootrom Version is 1.16

Extend Bootrom Version is 1.16

[Slot 0]WX3010LSW Hardware Version is NA

[Slot 1]WX3010RPU Hardware Version is Ver.A

2.  配置信息

dis cu

#

 version 5.20, Release 3111P12

#

 sysname AC

#

 domain default enable system

#

 telnet server enable

#

 port-security enable

#

 portal trap server-down

#

 oap management-ip 192.168.0.101 slot 0

#

vlan 1

#

vlan 2 to 100

#

domain system

 access-limit disable

 state active

 idle-cut disable

 self-service-url disable

#

dhcp server ip-pool 1

 network 192.168.1.0 mask 255.255.255.0

 gateway-list 192.168.1.1

#

dhcp server ip-pool 2

 network 192.168.2.0 mask 255.255.255.0

 gateway-list 192.168.2.1

#

user-group system

#

local-user admin

 password simple admin

 authorization-attribute level 3

 access-limit 1024

 service-type telnet

#

wlan mesh-profile 1

 mesh-id mesh1

 bind WLAN-MESH 1

 mesh-profile enable

#

wlan rrm       

 dot11a mandatory-rate 6 12 24

 dot11a supported-rate 9 18 36 48 54

 dot11b mandatory-rate 1 2

 dot11b supported-rate 5.5 11

 dot11g mandatory-rate 1 2 5.5 11

 dot11g supported-rate 6 9 12 18 24 36 48 54

#

wlan service-template 1 clear

 ssid H3C-WLAN

 bind WLAN-ESS 0

 service-template enable

#

interface NULL0

#

interface Vlan-interface1

 ip address 192.168.1.1 255.255.255.0

#

interface Vlan-interface2

 ip address 192.168.2.1 255.255.255.0

#

interface GigabitEthernet1/0/1

 port link-type trunk

 port trunk permit vlan all

#

interface WLAN-ESS0

#

interface WLAN-ESS1

 port access vlan 2

#

interface WLAN-MESH1

 port link-type trunk

 port trunk permit vlan all

 port-security port-mode psk

 port-security tx-key-type 11key

 port-security preshared-key pass-phrase cipher 2MbQwnFxVIuBQNiR6GZCew==

#

wlan ap 1 model WA2220-AG id 1

 serial-id 000F-E2F2-0340

 radio 1

  service-template 1

  radio enable

 radio 2

  channel 11

  mesh-profile 1

  mesh peer-mac-address 0023-892f-42a0

  radio enable 

#

wlan ap 2 model WA2210-AG id 2

 serial-id 0023-892F-42A0

 portal-service enable

 radio 1

  channel 11

  mesh-profile 1

  mesh peer-mac-address 000f-e2f2-0340

  mesh peer-mac-address 000f-e2f2-0350

  radio enable

#

 dhcp enable

#

 mkd-service enable mesh-profile 1

#

 load xml-configuration

#

user-interface aux 0

user-interface vty 0 4

 authentication-mode scheme

 user privilege level 3

#

return         

六、    结果验证：

1.   查看桥接链路

[WA2210-AG]dis wlan mesh-link all

                              Peer Link Information

--------------------------------------------------------------

 Nbr-Mac        BSSID          Interface         Link-state  Uptime (hh:mm:ss)

--------------------------------------------------------------000f-e2f2-0350 0023-892f-42a0 WLAN-MESHLINK7    Active        5: 8:50

2.   查看桥接链路详细信息

 [WA2210-AG-hidecmd]dis wlan mesh neighbors  all

                                 Mesh Neighbor Parameters

--------------------------------------------------------------

 Neighbor MINDEX               :20488

 BSS ID                        :0023-892f-42a0

 Peer Mac Addr                 :000f-e2f2-0350

 Mesh ID                       :mesh1

 Neighbor state                :Connected peer

 Mean RSSI                     :84

 Zero Config State             :No

--------------------------------------------------------------

 Link FSM State                :Established

 Peer's LinkId                 :0008

 Interface Index               :00CC0000

--------------------------------------------------------------

[WA2210-AG-hidecmd]

3.   查看接入终端信息

[AC]dis wlan cl

 Total Number of Clients           : 1

 Total Number of Clients Connected : 1

                              Client Information

MAC Address        BSSID              AID    State           PS Mode  QoS Mode

--------------------------------------------------------------

 001e-654c-6708     000f-e2f2-0340     1      Running         Active   WMM    

--------------------------------------------------------------

[AC]

4.   终端ping AC