《无线网络基础》PPT课件.pptx

CiscoConfidential2010Ciscoand/oritsaffiliates.Allrightsreserved.1无线网络培训2010Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential22.4G有三个非干扰信道为1，6，11，所以一般不在2.4G频段开启40Mhz信道捆绑2010Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential3中国5G频段可以使用36,40,44,48,52,56,60,64,149,153,157,161,165(见下图红色线框部分)2010Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential4Wi-Fi联盟（全称：国际Wi-Fi联盟组织），英语：Wi-FiAlliance，简称WFA），是一个商业联盟，拥有Wi-Fi的商标，网址为www.wi-fi.orgWi-FiCERTIFIED是国际公认的产品认证标准，表示产品在互操作性、安全性和一系列应用专有协议方面，达到了行业认同的标准。2010Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential52010Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential6802.11ac千兆无线网驱动力高密度客户端部署，BYOD和移动设备在网络中的爆炸性增长日益增长的视频流量（尤其是高清是视频）对带宽的需求增加性能和吞吐19971999200320071SS8SS20132010Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential7802.11ac是是对802.11n的一种改的一种改进和和发展。展。802.11ac的其中一个目的其中一个目标是提供与千兆以太网是提供与千兆以太网络相比肩相比肩的高性能的高性能，无无线数据速率可达数据速率可达 1Gbps，甚至，甚至 6.9Gbps特性特性802.11n 标准标准802.11ac 频段支持频段支持2.4 GHz and 5 GHz5 GHz onlyPHY 数据速率数据速率MAC 吞吐量吞吐量*65 Mbps 600Mbps45 Mbps 420Mbps290 Mbps-6.9Gbps194 Mbps-4.8 Gbps空间流数量空间流数量48调制模式调制模式64 QAM256 QAM信道宽度信道宽度20,40 MHz20,40,80,80+80,160 MHzMIMO 类型类型Single User MIMOMulti User MIMO802.11 协议支持协议支持b,g,n and a,na,ac,n*:MAC throughput calculated 70%the defined PHY capability2010Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential8*符合符合802.11ac标准的准的产品会分成两个品会分成两个阶段段进入市入市场，即即1代和代和2代代产品品*两个两个阶段的段的产品都需要不同的芯片，因此需要新的硬件。品都需要不同的芯片，因此需要新的硬件。特性特性第一代第一代 2013第二代第二代 2014/2015PHY 数据速率数据速率1.3 Gbps1.3 Gbps1.73 Gbps2.6 Gbps3.5 Gbps空间流数量空间流数量33434调制方式调制方式256 QAM256 QAM256 QAM256 QAM256 QAM信道宽度信道宽度20,40,80 MHz20,40,80 MHz20,40,80 MHz20,40,80,80+80,160 MHz20,40,80,80+80,160 MHzMIMO类型类型Single UserMulti UserMulti UserMulti UserMulti User802.11 协议支持协议支持a,n,aca,n,aca,n,aca,n,aca,n,ac以太网上连以太网上连GbEGbE and 10GbE2010Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential9Wave-1allowsupto80MHzchannelbonding802.11n can bond up to 40 MHz802.11ac can bond up to 80 MHz(Wave-1)*up to 160 MHz(Wave-2)-Z SKU!2010Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential10智能手机210Mbps*平板电脑460Mbps*高端笔记本电脑680Mbps*802.11ac性能*假假设 70%MAC 层效率效率第一代产品2010Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential11有限等效加密（RC4）802.11i标准的前期版本(RC4)通常使用TKIP方式进行加密WEP802.11i标准最终版本通常使用AES进行加密WPAWPA22010Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential12MACWebportal基于基于802.1x/EAP的的WPA2动态强认证方方式式弱弱强强2010Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential13至少3颗AP能够侦听到客户端，每个AP都会检测到客户端的RSSI值。通过后台的函数算法来确认客户端的位置。Wi-Fi Access Point#1Wi-Fi Access Point#2Wi-Fi Access Point#3Measured Strength S1Measured Strength S2Measured Strength S3Derived D1Derived D2Derived D3D1D2D32010Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential14在定位计算中要考虑多径效应在部署完成后需要进行RF校准（即所谓的指纹采集）在实际位置计算中RSSI计算+指纹对比会取得更好的精度Wi-Fi Access PointSignal sent byTag or ClientsMeasured StrengthD1D2D32010Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential15AWIFIdeviceseenbyoneAPcouldbelocatedonanywhereinthiscircleWhenadeviceisseenbytwoAPthenlocationmustbeinthis lineWhenadeviceisseenbyfourAPthenlocationmustbeatthispoint.Accuracyhighestwhenadeviceisseenbyatleast4Accesspoints2010Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential162011思科and/oritsaffiliates.Allrightsreserved.思科Public17无线网络架构2010Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential18CAPWAPCAPWAPCAPWAPCAPWAPNMSP over SSLNMSP over SSLSNMPSNMPSOAP/XML/REST overHTTP/HTTPSThirdPartyServerLocationAPIviaSOAP/XML,andRESToverHTTPSCisco Prime InfrastructureManagementStation(ClientBrowser)WirelessClientsWLCWLCAP2010Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential19CAPWAP:ControlandProvisioningofWirelessAccessPointsisusedbetweenAPsandWLANcontrollerandbasedonLWAPPCAPWAPcarriescontrolanddatatrafficbetweenthetwoControlplaneisDTLSencryptedDataplaneisDTLSencrypted(optional)LWAPP-enabledaccesspointscandiscoverandjoinaCAPWAPcontroller,andconversiontoaCAPWAPcontrollerisseamlessCAPWAPisnotsupportedonLayer2modedeploymentCAPWAPControllerWi-FiClientBusinessApplicationControlPlaneDataPlaneAccessPoint2010Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential20Layer2joinprocedureattemptedonLWAPPAPs(CAPWAPdoesnotsupportLayer2APs)BroadcastmessagesenttodiscovercontrolleronalocalsubnetLayer3joinprocessonCAPWAPAPsandonLWAPPAPsafterLayer2failsPreviouslylearnedorprimedcontrollersDHCPoption43DNSlookupControllerDiscoveryOrder2010Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential21PSTNPSTNCUCM集中数据集中数据转发下无下无线架构下的数据流：架构下的数据流：如果一个VoIP用户在无线网络上需要呼叫 有线网络的一个用户。我我们可以看到所有无可以看到所有无线用用户的流量都先上行的流量都先上行经过集中部署的中心控制器，然后再下行回来到达有集中部署的中心控制器，然后再下行回来到达有线网网络的的电话机；有机；有线用用户的无的无线用用户的流量也的流量也一一样。WiSM2s/5508sWired policiesWired policiesimplementedimplementedon switchon switchWireless policiesWireless policiesimplementedimplementedon controlleron controllerCiscoConfidential2010Ciscoand/oritsaffiliates.Allrightsreserved.22各门店/仓库数据中心ISEFileServer8500,5508ISR3925ISR3925InternetAP-2AP-1ControlChannelInternetTrafficDataCenterDataTrafficRTPISR3925ISR3925LocalServerBranchDataTraffic思科所有控制器都支持FlexConnect支持智能的数据转发：控制流量和认证流量集中转发，其他流量在本地转发2013Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential23http:/信信产部部-C入网入网证信信产部部-H入网入网证销售策略售策略AireOS无无线控制控制器版本建器版本建议IOS-XE无无线控控制器版本建制器版本建议-C转换到到-H700系列702I2017年前有效702I&702W销售售-H国家代国家代码型号型号-H：7.6-C：7.4-H：3.6-C：3.3YES需要开TACcase更新服务合同记录1600/2600/3600系列Yes3600：2016年前有效26/16：2017年前有效Yes-H：7.6-C：7.4-H：3.6-C：3.32700/3700系列NOYes-H：7.6-C：7.4-H：3.6不需要1530系列NOYes-H：7.6-C：7.4-H：3.6（localmode集中转发）1550系列YesNO销售-C国家代码-C：7.4-C：3.6（localmode集中转发）NO2011思科and/oritsaffiliates.Allrightsreserved.思科Public24认证配置MAC2012Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential25参考文档：无线局域网无线控制器MAC地址过滤配置实例http:/2011思科and/oritsaffiliates.Allrightsreserved.思科Public26认证配置WEBPORTAL2012Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential27参考文档：无线局域网控制器WEB认证配置实例http:/2011思科and/oritsaffiliates.Allrightsreserved.思科Public28认证配置802.1X2012Ciscoand/oritsaffiliates.Allrightsreserved.CiscoConfidential29参考文档：无线局域网控制器（WLC）EAP认证的配置实例http:/思科BYOD+ISE无线场景配置指南http:/Thankyou.