Lwapp Mailing List: RE: Lightweight definition?

[Pat R. Calhoun (pcalhoun]

Title: RE: [Lwapp] Lightweight definition?

<SG> The intent of my question was to determine which functions are to be
centralized and thereby managed in concert for all APs. Understanding this
would better help solve the technical issues of the CAPWAP problems. A major
issue is to centrally control APs, for which knowing exactly what to control
is important. In this regard, using a function's real-time or dynamic
characteristic is a good metric to determine the placement for its control.

<PRC> So here is my take:

AP:
  - All 802.11 control messages
  - 802.11 beacons
  - 802.11 probes are responded to locally but forwarded to the AC for info
  - (optional) link layer encryption (e.g. WEP, TKIP, AES)
  - basic policy enforcement, meaning
     - default: allow 802.11 mac mgmt messages
     - override 1: allow 802.11 data messages in the clear
     - override 2: allow 802.11 data messages encrypted (with an associated key)
     - override 3: only allow 802.1x messages
  - Gathers basic (RF related) stats and responds to stat requests from AP

AC:
  - listens, but does not respond to probes (provides visibility)
  - 802.11 auth, assoc, disassoc and deauth messages
  - peforms all access control based on the above
  - Sends specific client policies to AP (see AP section) after assoc is complete
    and optionally once more once 802.1x/WPA is complete
  - Sends configuration information down to the AP
  - Requests & gathers statistics from the AP

I am probably missing some stuff, but the above is a good first attempt at defining
specific functional components.

PatC