BSSID-WLAN mappings

Thread: BSSID-WLAN mappings

Search this list only Search all lists
BSSID-WLAN mappings
	2006-04-17 17:06:21

There are also security issues when there is not a 1:1 mapping of WLAN to BSSID.  Without this restriction, a station will not have any assurance that traffic it believes is encrypted and protected according to the policy of the WLAN to which it is associated is not being decrypted by an oracle (the AP) and rebroadcast to other stations without the same requirements for abiding with the same security policies. We should not be implementing, or requiring an CAPWAP implementation to implement a method that lowers the security of the WLAN. -Bob From: Puneet [mailto:pb.ietfgmail.com] Sent: Sunday, April 16, 2006 4:47 PM To: Saravanan Govindan Cc: capwapfrascone.com Subject: Re: [Capwap] BSSID-WLAN mappings Hi Saravanan, I see your point, but this seems to address a very specific deployment scenario (service providers sharing WLAN equipment). If nothing else in the CAPWAP messages is dependent on this, then this should be a recommendation instead of a mandate. That way the protocol remains inclusive, and also meets its objective. I think it is very important that existing implementations are not excluded just because they dont seem to meet one specific need in a specific deployment scenario. Thanks, Puneet On 4/15/06, Saravanan Govindan <hotmail.com">saravananghotmail.com> wrote: Hi Puneet, My concern regarding the BSSID - WLAN mapping is based on the mandatory Objective "Logical Groups" (Section 5.1.1 of CAPWAP Objectives). The Objective requires that WTP traffic be kept logically distinct among logical groups. This arises from the commercial need of service providers sharing WLAN infrastructure equipment. Service providers want their traffic to be distinguished both over the wireless environment (e.g. BSSIDS) and over the AC-WTP environment (e.g. WLANs). The BSSID-WLAN mapping issue is the technical requirement coming from this commercial need. It allows an AC - or WTP - to decide how logical groups are separated over the wireless and AC-WTP segments. So by making this mapping, CAPWAP frames of different logical groups (WLANs) can be distinctly exchanged. I agree with others that this mapping should not exclude any implementation - my concern is that the mapping be including in the first place. Cheers, Saravanan >  ------------------------------ > From Puneet [mailto:gmail.com">pb.ietfgmail.com] > Sent Friday, April 14, 2006 12:29 AM > To frascone.com">capwapfrascone.com > Subject [Capwap] BSSID-WLAN mappings > > the BSSID description in Section 11.9.1 'WTP Radio Configuration' notes > that a WTP that supports 16 WLANS MUST have 16 MAC addresses reserved for > it. Why? ie. what part of the protocol does not work if we have multiple > SSIDs on a single BSSID? (whether thats good design or bad is a different > matter). Since the WLAN ID could be used in all such places to convey WLAN > information back to the AC, why do we need to mandate this 1:1 BSSID-WLAN > mapping? > > Thanks, > Puneet >; > _________________________________________________________________ > To unsubscribe or modify your subscription options, please visit: >; http://lists.frascone.com/mailman/listinfo/capwap >; > Archives: http://lists.frascone.com/pipermail/capwap > _________________________________________________________________ Get an advanced look at the new version of MSN Messenger. http://messenger.msn.com.sg/Beta/Default.aspx

[1]

about | contact Other archives ( Real Estate discussion Medical topics )