Many people seem to assume that engineers who work on very large networks are better than those who work on smaller ones. This is often not the case. Perhaps the biggest difference between a large network and a small network are the suite of protocols used in each one. When things are much bigger, the protocols used need to allow more centralized management as well as a greater ability to scale. Almost nowhere is this truer than with wireless networks.

Today, almost every household uses an 802.11 wireless network of some kind. But even people who are very good at administering their own personal wireless area networks at home would really struggle to do the same in an enterprise-level solution. The reason for this is that they are not familiar with the different suite of protocols and technologies used in enterprise-level wireless networks.

For an engineer to really advance their career within wireless technology, you need to have an understanding of the enterprise-level protocols. This is a crucial skill to have to find an employer that has a wireless network requiring enough of your services to make a good living. A lot of people may need help with their wireless network at home, but they may not give you 40 hours a week and benefits!

In this article, we will be reinforcing the importance of why learning these protocols is so critical in advancing your career, as well as, of course, doing an overview of a few of these protocols to understand what they are and what they do. For the purposes of this article, we will specifically be focusing on Cisco’s delivery of enterprise wireless, though most other vendors will use similar, if not, identical protocols and terms. Cisco refers to their enterprise-level solution as CUWN, which stands for Cisco Unified Wireless Network.

CUWN Elements

Within the CUWN solution, Cisco defines 5 elements, namely client devices, access point, network unification, management, and mobility. We will look at each of these elements briefly.

Client devices are pretty self explanatory – they are the devices that actually use the wireless network. In certain cases, these client devices will even participate with other elements of the CUWN solution to add additional services to the network. Active client participation in control plane protocols in CUWN usually requires that the client support a special Cisco-proprietary set of features called CCX (or cisco client extensions).

Access points are also something we are probably familiar with. However, in the CUWN solution, the access point and how it delivers the wireless service to the customer device is a huge differentiator between CUWN and a smaller solution. With a non-CUWN solution, you have “intelligence” on each access point. When we say intelligence, we mean that the access-point handles everything – the authentication of clients, maintenance of the wireless connection, de-authentication, etc. If you want to change a setting in 5 non-CUWN access points, you have to log into each one and change it individually. In a CUWN solution, however, there is much less intelligence on the access points. Multiple access points are controlled by a single device – referred to as a WLC (wireless LAN controller). There is generally no configuration of an access point from the access point itself – almost all of the configuration for all the access points is done from the WLC.

Figure 1

CUWN offers centralized management. This notion of centralized management fits nicely, given that the access points themselves have very little intelligence. Beyond the AP/WLC relationship, the CUWN solution offers multiple levels of centralized management. You can manage multiple WLCs from a device known as a WCS (wireless control system). You can even manage multiple WCS devices from a WCS navigator. For the top levels of hierarchy, configuration is not exclusively on the parent device. For example, you can configure a WLC from either the WLC itself or from the WCS.

Finally, mobility is the ability of the client device to maintain its connection to resources as it moves around the physical network. As you go out of range of one access point and into the range of a different one, your connection transfers to the new access point. This transfer from an end user perspective is completely transparent – they likely never even know that it has occurred. You probably take this for granted if you use wireless access at a large campus, like in a university or office building. It may look like they just have one REALLY BIG wireless access point that covers the entire building, but that is not actually the case. What you probably have in the background is all the elements of the Cisco CUWN solution working together to allow you to maintain your connection as you are passed from one access point to the other.

So now that we understand some of the basic elements of the CUWN solution, we can look more in depth at a few of the protocols these elements use to deliver the CUWN experience to the end user.


The first sets of protocols we will look at are the two options on how the access points communicate back to their “brain” – also known as the WLC. There are two choices – either LWAPP (Lightweight Access Point Protocol) or CAPWAP (Control and Provisioning of Wireless Access Points).LWAPP is a Cisco proprietary protocol, meaning it only works on CUWN type devices manufactured by Cisco. CAPWAP on the other hand is the industry standard. Cisco initially and exclusively supported LWAPP on their devices, though over the years transitioned CUWN access points from supporting both LWAPP and CAPWAP to now only supporting the CAPWAP standard. Both of these protocols accomplish a similar objective – and that is to provide a secure way for the WLC and access point to exchange control and data plane traffic between one another.

CAPWAP and LWAPP serve as the encapsulation for every frame going between the AP and WLC. This protocol encapsulation only exists between the AP and the WLC. Once it reaches either end, this encapsulation is stripped off – either for transmission from the AP to the client or from the WLC to the upstream network. In addition to serving as a method of encapsulation, CAPWAP and LWAPP provide a standard way for the WLC to configure and maintain the connection to the access point.


The next protocol we will look at relates to mobility. It is referred to as EoIP (or Ethernet over IP). This protocol is just about what it sounds like – EoIP tunnels Ethernet frames over an IP-based tunnel. Ethernet over IP uses IP protocol 97. EoIP runs between WLCs, allowing them to communicate and send data to and from one another to support clients as they roam from an access point associated to one WLC to an access point associated to a different WLC. For the required EoIP tunnels between the WLCs, you need IP connectivity.

In the CUWN solution, in addition to IP protocol 97, EoIP mobility uses a UDP port as well. Actual data frames from the client traverse the EoIP tunnel whereas control frames between the WLCs supporting the mobility of clients use the UDP port. In reality, it is actually one of two UDP port numbers – depending on whether this control plane traffic is encrypted or unencrypted. If the traffic is encrypted, it flows over UDP 16667. If it is not encrypted, it flows over UDP 16666.

The information transferred between the WLCs over the UDP port includes that client’s MAC address, IP address, security context and associations, quality of service contexts, as well as which WLAN and access point they were or are associated to. Cisco, realizing how important these two protocols are for roaming, developed two tools to allow you to quickly test whether connectivity via EoIP and UDP 16666 exist between WLCs. These tools are referred to as eping and mping. The eping utility tests connectivity over IP protocol 97, while the mping utility tests connectivity over UDP 16666. If using them from the CLI, you use these utilities the same way you would use the normal ping command. Just type mping or eping and then the IP address of the device you are testing to. The pings must succeed if you expect mobility to work as expected.

Figure 2

Mobility groups are groupings of WLCs that support seamless roaming between all access points associated to them. All WLCs in the same mobility group need to have these mobility tunnels built to all other WLCs in the same mobility group. In other words, in order for you to move from being associated from one access point to another, without losing your connection, the access point you roam away from and the access point you roam to need to be associated to WLCs in the same mobility group. As a general rule, any time you have the possibility of a client roaming to another AP in the same area, the WLCs of those access points should be in the same mobility group.

Figure 3

Radio Resource Management (RRM)

Another very important protocol in the CUWN solution is radio resource management (RRM). RRM is a protocol which allows the wireless network to dynamically make changes to itself in response to external factors. Transmitting data over a wireless network is drastically different than transmitting it over a wired network. One of the key ways it is different is because you are sharing the “network” you are transmitting on. Not only could there be other wireless clients transmitting to the same or another close access point, but many other things can affect a wireless signal. They include things like a wireless phone, a video camera, a microwave, or even people. Anything that transmits a signal on the same frequency as your wireless network or that the signal must pass through can cause issues for the signal. Unfortunately, all of these external factors can and do change constantly. A microwave is not being used all the time. There are more wireless clients at certain times of the day, or big metal obstructions might drive by, etc., – there are thousands of possibilities. Each of these factors could change the channel with the least interference, or the signal strength required in reaching a client.

What RRM does is allow the network to intelligently see and respond to these factors automatically. If you suddenly see a lot of interference on a particular channel in a band, RRM can automatically cause your equipment to switch to a different channel within the band to avoid that interference. Or if the signal is obstructed, and you need more strength to get a clear signal to a client, RRM can automatically increase the signal strength. Without a protocol like RRM, you would need an army of wireless engineers to constantly be tweaking and changing wireless settings in the attempt to ensure a network was completely optimal.

HREAP (Hybrid Remote Edge Access Point)

The final protocol we will look at is HREAP (Hybrid Remote Edge Access Point). As you may recall, in a CUWN solution, you are removing intelligence from the access points and allowing a central WLC to manage it. Well, you might ask what happens if you have an access point at a remote office that is controlled by a WLC at a central location. It may not be feasible for you to have a WLC at each remote location. If the link connecting the two together goes down, the wireless network would be completely down. Access points configured as HREAPs allow limited functionality of wireless features even if the AP loses LWAPP/CAPWAP connectivity to the WLC. This gives a great deal on more flexibility as far as resilience of the wireless network for remote offices.

Figure 4


As we can see, it is a huge jump to go from a normal standalone, decentralized wireless network to a centralized CUWN model. The protocols used to implement the CUWN solution are many – with each solving a specific problem or providing a specific functionality. As you understand more about the CUWN model, you will be able to expand your career possibilities dramatically, by expanding the base of employers to whom your skills are considered valuable.