For those who aren't yet using the local switching feature with the Juniper WLAN, I've described a summarization of the configuration settings that are required to get this working.
Last year I did a 1-on-1 migration of my a Nortel 2300 series to the Juniper WLAN. This design was still based on a centralized approach. As WLAN vendors have been improving and using the best of both world thin and fat AP's offer, I started migrating the access points to locally switch the user traffic, instead of back hauling all traffic to the controllers first and then back to the destination.
By using local switching, user traffic can cross the shortest path available, it can reduce traffic on intermediate network links (WAN), and can offloads the traffic from the WLAN contollers. Especially real time traffic (VoIP) will benefit from this improvement as latency can be reduced dramatically.
Although Juniper has written a good explanation and helpfull configuration walkthrough (MSS Configuration Guide), the LAN part is missing in this documentation. As network designs will be different, like router and switch command varies from vendor to vendor, this post is limited in describing the required network configuration. The description below is based on a routable (layer 3) based network.
LAN:
- Configure two routable VLAN's, one intended for the WLA (mgmt traffic) and one for the clients (user traffic).
- Configure the LAN port (trunk) to allow marking of packets through tagging (802.1Q).
- Add the LAN port, on which the WLA is connected, to both VLAN's.
- Configure the LAN port to forward untagged traffic (WLA) to the untagged VLAN, and tagged traffic (client)to the tagged VLAN.
- Make sure STG is set to faststart/portfast as changing the LAN port settings could change this setting.
- Configure a DHCP relay on the LAN router-switch to the DHCP server
- When using DHCP snooping, make sure to enable snooping on both VLAN's.
WLAN:
- Create a VLAN profile (Local Switching) and have the specific VLAN with tagging enabled.
- Verify the Tag Value is set correctly and set VLAN mode to Local-Switched.
- Have the specific WLA added to the VLAN profile and enable Local Switching.
When using Local switching, WLA-2-WLA tunneling is available as well. When using WLA-2-WLA tunneling, the VLAN does not have to be configured on all WLA's. If the WLA receives traffic for a VLAN it doesn't have mapped, it will setup a tunnel to another WLA which has this VLAN mapped.
Although it is a nice feature especially when you 'forgot' to map the VLAN to all WLA's, I prefer to have the VLAN mapped to all WLA's which can receive this traffic. This prevents possible performance issues if only 1 WLA gets all traffic, or worse if this WLA goes down and traffic for this VLAN cannot be forwarded.
Keep in mind that IGMP is not (yet) supported when using Local Switching (rel. 8.0.3.6.0 and 9.0.1.2.0).
Goodluck configuring Local Switching!
