Example for Configuring Dual-Link HSB in Load Balancing Mode

WLAN V200R019C00 Typical Configuration Examples

Rate and give feedback:

Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).

Service Requirements

An enterprise deploys a WLAN to provide WLAN services to users. The enterprise requires that dual-link HSB in load balancing mode be used to improve data transmission reliability.

Networking Requirements

AC networking mode: Layer 2 networking in bypass mode
DHCP deployment mode: The router functions as a DHCP server to assign IP addresses to APs and STAs.
Service data forwarding mode: direct forwarding

Figure 4-49 Networking diagram for configuring dual-link HSB (load balancing)

Data Planning

Table 4-49 AC data planning

Item	Data
Management VLANs for APs	VLAN100
Service VLAN for STAs	VLAN101
Backup VLAN for ACs	VLAN102
DHCP server	The router functions as a DHCP server to assign IP addresses to AP and STA. STAs' gateway: 10.23.101.1/24 APs' gateway: 10.23.100.1/24
IP address pool for APs	10.23.100.4-10.23.100.254/24
IP address pool for STAs	10.23.101.2-10.23.101.254/24
AC's source interface	VLANIF 100
Management IP address of AC1	VLANIF 100: 10.23.100.2/24
Management IP address of AC2	VLANIF 100: 10.23.100.3/24
Active and standby ACs	AC1 functions as the active AC for AP1 and the standby AC for AP2. AC2 functions as the active AC for AP2 and the standby AC for AP1.
IP address and port number of the HSB channel for AC1	IP address: 10.23.102.1/24 of VLANIF 102 Port number: 10241
IP address and port number of the HSB channel for AC2	IP address: 10.23.102.2/24 of VLANIF 102 Port number: 10241
AP group	Name: ap-group1 Referenced profiles: VAP profile wlan-net, regulatory domain profile default, and AP system profile ap-system1
AP group	Name: ap-group2 Referenced profiles: VAP profile wlan-net, regulatory domain profile default, and AP system profile ap-system2
AP system profile	Name: ap-system1 Active AC: AC1 Standby AC: AC2
AP system profile	Name: ap-system2 Active AC: AC2 Standby AC: AC1
Regulatory domain profile	Name: default Country code: CN
SSID profile	Name: wlan-net SSID name: wlan-net
Security profile	Name: wlan-net Security policy: WPA-WPA2+PSK+AES Password: a1234567
VAP profile	Name: wlan-net Forwarding mode: direct forwarding Service VLAN: VLAN 101 Referenced profiles: SSID profile wlan-net and security profile wlan-net

Configuration Roadmap

The configuration roadmap is as follows:

Configure network connectivity between AC1, AC2, and other network devices.
Bring the AP online and configure basic WLAN services on AC2.
Configure dual-link HSB in load balancing mode.
Configure HSB on the ACs so that the WLAN and NAC services on the active AC are backed up to the standby AC in real time or in batches. If the active AC is faulty, the standby AC takes over services from the active AC. User services are not interrupted.

Configuration Notes

No ACK mechanism is provided for multicast packet transmission on air interfaces. In addition, wireless links are unstable. To ensure stable transmission of multicast packets, they are usually sent at low rates. If a large number of such multicast packets are sent from the network side, the air interfaces may be congested. You are advised to configure multicast packet suppression to reduce impact of a large number of low-rate multicast packets on the wireless network. Exercise caution when configuring the rate limit; otherwise, the multicast services may be affected.
- In direct forwarding mode, you are advised to configure multicast packet suppression on switch interfaces connected to APs.
- In tunnel forwarding mode, you are advised to configure multicast packet suppression in traffic profiles of the AC.
For details on how to configure traffic suppression, see How Do I Configure Multicast Packet Suppression to Reduce Impact of a Large Number of Low-Rate Multicast Packets on the Wireless Network?.
Configure port isolation on the interfaces of the device directly connected to APs. If port isolation is not configured and direct forwarding is used, a large number of unnecessary broadcast packets may be generated in the VLAN, blocking the network and degrading user experience.
In tunnel forwarding mode, the management VLAN and service VLAN cannot be the same. Only packets from the management VLAN are transmitted between the AC and APs. Packets from the service VLAN are not allowed between the AC and APs.
Dual-link backup does not support DHCP information backup. If the active AC functions as a DHCP server to assign IP addresses to APs and STAs, the APs and STAs need to obtain IP addresses again upon a failure of the active AC. Therefore, the router is recommended as a DHCP server. If the AC must be used as the DHCP server, manually plan address pools with different IP address ranges on the active and standby ACs to prevent repeated IP address allocation.

Procedure

Configure the network devices.

# On SwitchA, set the PVID on GE0/0/1 and GE0/0/2 connected to APs to management VLAN 100 and add the interfaces to VLAN 100 and VLAN 101. Add GE0/0/3 connected to SwitchB to VLAN 100 and VLAN 101.

<HUAWEI> system-view
[HUAWEI] sysname SwitchA
[SwitchA] vlan batch 100 101
[SwitchA] interface gigabitethernet 0/0/1
[SwitchA-GigabitEthernet0/0/1] port link-type trunk
[SwitchA-GigabitEthernet0/0/1] port trunk pvid vlan 100
[SwitchA-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 101
[SwitchA-GigabitEthernet0/0/1] port-isolate enable
[SwitchA-GigabitEthernet0/0/1] quit
[SwitchA] interface gigabitethernet 0/0/2
[SwitchA-GigabitEthernet0/0/2] port link-type trunk
[SwitchA-GigabitEthernet0/0/2] port trunk pvid vlan 100
[SwitchA-GigabitEthernet0/0/2] port trunk allow-pass vlan 100 101
[SwitchA-GigabitEthernet0/0/2] port-isolate enable
[SwitchA-GigabitEthernet0/0/2] quit
[SwitchA] interface gigabitethernet 0/0/3
[SwitchA-GigabitEthernet0/0/3] port link-type trunk
[SwitchA-GigabitEthernet0/0/3] port trunk allow-pass vlan 100 101
[SwitchA-GigabitEthernet0/0/3] quit

# On the aggregation switch SwitchB, add GE0/0/1 connected to SwitchA to VLAN 100 and VLAN 101, GE0/0/2 connected to AC1 and GE0/0/3 connected to AC2 to VLAN 100 and VLAN 102, and GE0/0/4 connected to the router to VLAN 100 and VLAN 101.

<HUAWEI> system-view
[HUAWEI] sysname SwitchB
[SwitchB] vlan batch 100 to 102
[SwitchB] interface gigabitethernet 0/0/1
[SwitchB-GigabitEthernet0/0/1] port link-type trunk
[SwitchB-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 101
[SwitchB-GigabitEthernet0/0/1] quit
[SwitchB] interface gigabitethernet 0/0/2
[SwitchB-GigabitEthernet0/0/2] port link-type trunk
[SwitchB-GigabitEthernet0/0/2] port trunk allow-pass vlan 100 102
[SwitchB-GigabitEthernet0/0/2] quit
[SwitchB] interface gigabitethernet 0/0/3
[SwitchB-GigabitEthernet0/0/3] port link-type trunk
[SwitchB-GigabitEthernet0/0/3] port trunk allow-pass vlan 100 102
[SwitchB-GigabitEthernet0/0/3] quit
[SwitchB] interface gigabitethernet 0/0/4
[SwitchB-GigabitEthernet0/0/4] port link-type trunk
[SwitchB-GigabitEthernet0/0/4] port trunk allow-pass vlan 100 101
[SwitchB-GigabitEthernet0/0/4] quit

# On the router, add GE0/0/1 connected to SwitchB to VLAN 100 and VLAN 101.

<Huawei> system-view
[Huawei] sysname Router
[Router] vlan batch 100 101
[Router] interface gigabitethernet 0/0/1
[Router-GigabitEthernet0/0/1] port link-type trunk
[Router-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 101
[Router-GigabitEthernet0/0/1] quit

Configure the AC to communicate with the network devices.

# Add GE0/0/1 on AC1 to VLAN 100 and VLAN 102.

<HUAWEI> system-view
[HUAWEI] sysname AC1
[AC1] vlan batch 100 to 102
[AC1] interface vlanif 100
[AC1-Vlanif100] ip address 10.23.100.2 24
[AC1-Vlanif100] quit
[AC1] interface vlanif 102
[AC1-Vlanif102] ip address 10.23.102.1 24
[AC1-Vlanif102] quit
[AC1] interface gigabitethernet 0/0/1
[AC1-GigabitEthernet0/0/1] port link-type trunk
[AC1-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 102
[AC1-GigabitEthernet0/0/1] quit

# Add GE0/0/1 on AC2 to VLAN 100 and VLAN 102.

<HUAWEI> system-view
[HUAWEI] sysname AC2
[AC2] vlan batch 100 to 102
[AC2] interface vlanif 100
[AC2-Vlanif100] ip address 10.23.100.3 24
[AC2-Vlanif100] quit
[AC2] interface vlanif 102
[AC2-Vlanif102] ip address 10.23.102.2 24
[AC2-Vlanif102] quit
[AC2] interface gigabitethernet 0/0/1
[AC2-GigabitEthernet0/0/1] port link-type trunk
[AC2-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 102
[AC2-GigabitEthernet0/0/1] quit

Configure the router as a DHCP server to assign IP addresses to APs and STAs.

Configure the DNS server as required. The common methods are as follows:

In interface address pool scenarios, run the dhcp server dns-list ip-address &<1-8> command in the VLANIF interface view.
In global address pool scenarios, run the dns-list ip-address &<1-8> command in the IP address pool view.

[Router] dhcp enable
[Router] ip pool sta
[Router-ip-pool-sta] network 10.23.101.0 mask 24
[Router-ip-pool-sta] gateway-list 10.23.101.1
[Router-ip-pool-sta] quit
[Router] ip pool ap
[Router-ip-pool-ap] network 10.23.100.0 mask 24
[Router-ip-pool-ap] excluded-ip-address 10.23.100.2
[Router-ip-pool-ap] excluded-ip-address 10.23.100.3
[Router-ip-pool-ap] gateway-list 10.23.100.1
[Router-ip-pool-ap] quit
[Router] interface vlanif 100
[Router-Vlanif100] ip address 10.23.100.1 24
[Router-Vlanif100] dhcp select global
[Router-Vlanif100] quit
[Router] interface vlanif 101
[Router-Vlanif101] ip address 10.23.101.1 24
[Router-Vlanif101] dhcp select global
[Router-Vlanif101] quit

Configure the AP to go online.

Only the configurations on AC1 are provided here. The configurations on AC2 are the same as those on AC1.

# Create AP groups ap-group1 and ap-group2.

[AC1] wlan
[AC1-wlan-view] ap-group name ap-group1
[AC1-wlan-ap-group-ap-group1] quit
[AC1-wlan-view] ap-group name ap-group2
[AC1-wlan-ap-group-ap-group2] quit

# Create a regulatory domain profile, configure the AC country code in the profile, and apply the profile to the AP group.

[AC1-wlan-view] regulatory-domain-profile name default
[AC1-wlan-regulate-domain-default] country-code cn
[AC1-wlan-regulate-domain-default] quit
[AC1-wlan-view] ap-group name ap-group1
[AC1-wlan-ap-group-ap-group1] regulatory-domain-profile default
Warning: Modifying the country code will clear channel, power and antenna gain configurations of the radio and reset the AP. Continue?[Y/N]:y  
[AC1-wlan-ap-group-ap-group1] quit
[AC1-wlan-view] ap-group name ap-group2
[AC1-wlan-ap-group-ap-group2] regulatory-domain-profile default
Warning: Modifying the country code will clear channel, power and antenna gain configurations of the radio and reset the AP. Continue?[Y/N]:y  
[AC1-wlan-ap-group-ap-group2] quit
[AC1-wlan-view] quit

# Configure the AC's source interface.

[AC1] capwap source interface vlanif 100

# Import AP1 and AP2 offline on the AC, and add AP1 to AP group ap-group1 and AP2 to AP group ap-group2.

[AC1] wlan
[AC1-wlan-view] ap auth-mode mac-auth
[AC1-wlan-view] ap-id 0 ap-mac 00e0-fc76-e360
[AC1-wlan-ap-0] ap-name area_1
Warning: This operation may cause AP reset. Continue? [Y/N]:y  
[AC1-wlan-ap-0] ap-group ap-group1
Warning: This operation may cause AP reset. If the country code changes, it will clear channel, power and antenna gain configuration s of the radio, Whether to continue? [Y/N]:y  
[AC1-wlan-ap-0] quit
[AC1-wlan-view] ap-id 1 ap-mac 00e0-fc76-e380
[AC1-wlan-ap-1] ap-name area_2
Warning: This operation may cause AP reset. Continue? [Y/N]:y  
[AC1-wlan-ap-1] ap-group ap-group2
Warning: This operation may cause AP reset. If the country code changes, it will clear channel, power and antenna gain configuration s of the radio, Whether to continue? [Y/N]:y  
[AC1-wlan-ap-1] quit

# After the AP is powered on, run the display ap all command to check the AP state. If the State field displays nor, the AP has gone online.

[AC1-wlan-view] display ap all
Total AP information:
nor  : normal          [2]
Extra information:
P  : insufficient power supply
--------------------------------------------------------------------------------------------------
ID   MAC            Name   Group     IP            Type            State STA Uptime      ExtraInfo
--------------------------------------------------------------------------------------------------
0    00e0-fc76-e360 area_1 ap-group1 10.23.100.254 AP5030DN        nor   0   31S         -
1    00e0-fc76-e380 area_2 ap-group2 10.23.100.253 AP5030DN        nor   0   10S         -
--------------------------------------------------------------------------------------------------
Total: 2

Configure WLAN service parameters.

Only the configurations on AC1 are provided here. The configurations on AC2 are the same as those on AC1.

# Create security profile wlan-net and configure a security policy in the profile.

In this example, the security policy is set to WPA-WPA2+PSK+AES and the password to a1234567. In actual situations, configure the security policy according to service requirements.

[AC1-wlan-view] security-profile name wlan-net
[AC1-wlan-sec-prof-wlan-net] security wpa-wpa2 psk pass-phrase a1234567 aes
[AC1-wlan-sec-prof-wlan-net] quit

# Create SSID profile wlan-net and set the SSID name to wlan-net.

[AC1-wlan-view] ssid-profile name wlan-net
[AC1-wlan-ssid-prof-wlan-net] ssid wlan-net
[AC1-wlan-ssid-prof-wlan-net] quit

# Create VAP profile wlan-net, set the data forwarding mode and service VLAN, and apply the security profile and SSID profile to the VAP profile.

[AC1-wlan-view] vap-profile name wlan-net
[AC1-wlan-vap-prof-wlan-net] forward-mode direct-forward
[AC1-wlan-vap-prof-wlan-net] service-vlan vlan-id 101
[AC1-wlan-vap-prof-wlan-net] security-profile wlan-net
[AC1-wlan-vap-prof-wlan-net] ssid-profile wlan-net
[AC1-wlan-vap-prof-wlan-net] quit

# Bind VAP profile wlan-net to the AP group and apply the profile to radio 0 and radio 1 of APs in the AP group.

[AC1-wlan-view] ap-group name ap-group1
[AC1-wlan-ap-group-ap-group1] vap-profile wlan-net wlan 1 radio 0
[AC1-wlan-ap-group-ap-group1] vap-profile wlan-net wlan 1 radio 1
[AC1-wlan-ap-group-ap-group1] quit
[AC1-wlan-view] ap-group name ap-group2
[AC1-wlan-ap-group-ap-group2] vap-profile wlan-net wlan 1 radio 0
[AC1-wlan-ap-group-ap-group2] vap-profile wlan-net wlan 1 radio 1
[AC1-wlan-ap-group-ap-group2] quit

Configure dual-link HSB in load balancing mode on AC1 and AC2.

# On AC1, configure AC1 as the active AC for AP1 and the standby AC for AP2, and configure AC2 as the active AC for AP2 and the standby AC for AP1.

[AC1-wlan-view] ac protect enable
Warning: This operation maybe cause AP reset, continue?[Y/N]:y
[AC1-wlan-view] ap-system-profile name ap-system1
[AC1-wlan-ap-system-prof-ap-system1] primary-access ip-address 10.23.100.2
[AC1-wlan-ap-system-prof-ap-system1] backup-access ip-address 10.23.100.3
[AC1-wlan-ap-system-prof-ap-system1] quit
[AC1-wlan-view] ap-system-profile name ap-system2
[AC1-wlan-ap-system-prof-ap-system2] primary-access ip-address 10.23.100.3
[AC1-wlan-ap-system-prof-ap-system2] backup-access ip-address 10.23.100.2
[AC1-wlan-ap-system-prof-ap-system2] quit
[AC1-wlan-view] ap-group name ap-group1
[AC1-wlan-ap-group-ap-group1] ap-system-profile ap-system1
[AC1-wlan-ap-group-ap-group1] quit
[AC1-wlan-view] ap-group name ap-group2
[AC1-wlan-ap-group-ap-group2] ap-system-profile ap-system2
[AC1-wlan-ap-group-ap-group2] quit

# On AC2, configure AC1 as the active AC for AP1 and the standby AC for AP2, and configure AC2 as the active AC for AP2 and the standby AC for AP1. The configurations on AC2 are the same as those on AC1. For details, see the configurations on AC1.

# Restart the APs on AC1 and AC2 and deliver the dual-link HSB configuration to the APs.

[AC1-wlan-view] ap-reset all
Warning: Reset AP(s), continue?[Y/N]:y
[AC1-wlan-view] quit

[AC2-wlan-view] ap-reset all
Warning: Reset AP(s), continue?[Y/N]:y
[AC2-wlan-view] quit

Configure the dual-link HSB function.

# Create HSB service 0 on AC1 and configure the IP addresses and port numbers for the active and standby channels.

[AC1] hsb-service 0
[AC1-hsb-service-0] service-ip-port local-ip 10.23.102.1 peer-ip 10.23.102.2 local-data-port 10241 peer-data-port 10241
[AC1-hsb-service-0] quit

# Bind the WLAN and NAC services to the HSB service on AC1.

[AC1] hsb-service-type ap hsb-service 0
[AC1] hsb-service-type access-user hsb-service 0

# Create HSB service 0 on AC2 and configure the IP addresses and port numbers for the active and standby channels.

[AC2] hsb-service 0
[AC2-hsb-service-0] service-ip-port local-ip 10.23.102.2 peer-ip 10.23.102.1 local-data-port 10241 peer-data-port 10241
[AC2-hsb-service-0] quit

# Bind the WLAN and NAC services to the HSB service on AC2.

[AC2] hsb-service-type ap hsb-service 0
[AC2] hsb-service-type access-user hsb-service 0

Verify the configuration.

# Run the display ac protect command on AC1 and AC2 to view the dual-link backup configuration.

[AC1] display ac protect
------------------------------------------------------------
Protect state             : enable
Protect AC IPv4           : -
Protect AC IPv6           : -
Priority                  : 0
Protect restore           : enable
...
------------------------------------------------------------

[AC2] display ac protect
------------------------------------------------------------
Protect state             : enable
Protect AC IPv4           : -
Protect AC IPv6           : -
Priority                  : 0
Protect restore           : enable
...
------------------------------------------------------------

# Run the display ap-system-profile name ap-system1 and display ap-system-profile name ap-system2 commands on AC1 and AC2 to check information about the active and standby ACs.

[AC1] display ap-system-profile name ap-system1
------------------------------------------------------------
AC priority                                    : -
Protect AC IP address                          : -
Primary AC                                     : 10.23.100.2
Backup AC                                      : 10.23.100.3
...
------------------------------------------------------------ 
[AC1] display ap-system-profile name ap-system2
------------------------------------------------------------
AC priority                                    : -
Protect AC IP address                          : -
Primary AC                                     : 10.23.100.3
Backup AC                                      : 10.23.100.2
...
------------------------------------------------------------

[AC2] display ap-system-profile name ap-system1
------------------------------------------------------------
AC priority                                    : -
Protect AC IP address                          : -
Primary AC                                     : 10.23.100.2
Backup AC                                      : 10.23.100.3
...
------------------------------------------------------------ 
[AC2] display ap-system-profile name ap-system2
------------------------------------------------------------
AC priority                                    : -
Protect AC IP address                          : -
Primary AC                                     : 10.23.100.3
Backup AC                                      : 10.23.100.2
...
------------------------------------------------------------

# Run the display hsb-service 0 command on AC1 and AC2 to check the HSB service status. If the value of the Service State field is Connected, the HSB channel is set up.

[AC1] display hsb-service 0
Hot Standby Service Information:
----------------------------------------------------------
  Local IP Address       : 10.23.102.1
  Peer IP Address        : 10.23.102.2
  Source Port            : 10241
  Destination Port       : 10241
  Keep Alive Times       : 5
  Keep Alive Interval    : 3
  Service State          : Connected
  Service Batch Modules  : AP
                           Access-user
  Shared-key             : -
----------------------------------------------------------

[AC2] display hsb-service 0
Hot Standby Service Information:
----------------------------------------------------------
  Local IP Address       : 10.23.102.2
  Peer IP Address        : 10.23.102.1
  Source Port            : 10241
  Destination Port       : 10241
  Keep Alive Times       : 5
  Keep Alive Interval    : 3
  Service State          : Connected
  Service Batch Modules  : AP
                           Access-user
  Shared-key             : -
----------------------------------------------------------

# The WLAN with SSID wlan-net is available for STAs connected to AP1, and these STAs can connect to the WLAN and go online normally.

# Simulate an active AC fault by restarting the active AC to verify the backup configuration. Restart AC1. When AP1 detects a fault on the link connected to AC1, AC2 takes the active role, ensuring service stability.

Before restarting the AC, run the save command to save the configuration file on the AC to prevent configuration loss after the restart.

# During the restart of AC1, services on the STAs are not interrupted. AP1 goes online on AC2. Run the display ap all command on AC2. The command output shows that the AP status changes from standby to normal.

# After AC1 recovers from the restart, an active/standby switchback is triggered. AP1 automatically goes online on AC1.

Configuration Files

SwitchA configuration file

#
sysname SwitchA
#
vlan batch 100 to 101
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk pvid vlan 100
 port trunk allow-pass vlan 100 to 101
 port-isolate enable group 1
#
interface GigabitEthernet0/0/2
 port link-type trunk
 port trunk pvid vlan 100
 port trunk allow-pass vlan 100 to 101
 port-isolate enable group 1
#
interface GigabitEthernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 100 to 101
#
return

SwitchB configuration file

#
sysname SwitchB
#
vlan batch 100 to 102
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 100 to 101
#
interface GigabitEthernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 100 102
#
interface GigabitEthernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 100 102
#
interface GigabitEthernet0/0/4
 port link-type trunk
 port trunk allow-pass vlan 100 to 101
#
return

Router configuration file

#
 sysname Router
#
vlan batch 100 to 101
#
dhcp enable
#
ip pool sta
 gateway-list 10.23.101.1
 network 10.23.101.0 mask 255.255.255.0
#
ip pool ap
 gateway-list 10.23.100.1
 network 10.23.100.0 mask 255.255.255.0
 excluded-ip-address 10.23.100.2 10.23.100.3      
#
interface Vlanif100
 ip address 10.23.100.1 255.255.255.0
 dhcp select global
#
interface Vlanif101
 ip address 10.23.101.1 255.255.255.0
 dhcp select global
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 100 to 101
#
return

AC1 and AC2 have similar configuration files, which are listed in the following table. (Configurations highlighted in bold are the dual-link backup configurations on AC1 and AC2.)

Table 4-50 Configuration files of AC1 and AC2

AC1	AC2
# sysname AC1 # vlan batch 100 to 102 # interface Vlanif100 ip address 10.23.100.2 255.255.255.0 # interface Vlanif102 ip address 10.23.102.1 255.255.255.0 # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 100 102 # capwap source interface vlanif100 # hsb-service 0 service-ip-port local-ip 10.23.102.1 peer-ip 10.23.102.2 local-data-port 10241 peer-data-port 10241 # hsb-service-type access-user hsb-service 0 # hsb-service-type ap hsb-service 0 # wlan ac protect enable security-profile name wlan-net security wpa-wpa2 psk pass-phrase %^%#A>0:F8{q)0PWFAON0rK\{&<S>}oK#%{]c~egp.%^%# aes ssid-profile name wlan-net ssid wlan-net vap-profile name wlan-net service-vlan vlan-id 101 ssid-profile wlan-net security-profile wlan-net regulatory-domain-profile name default ap-system-profile name ap-system1 primary-access ip-address 10.23.100.2 backup-access ip-address 10.23.100.3 ap-system-profile name ap-system2 primary-access ip-address 10.23.100.3 backup-access ip-address 10.23.100.2 ap-group name ap-group1 ap-system-profile ap-system1 radio 0 vap-profile wlan-net wlan 1 radio 1 vap-profile wlan-net wlan 1 ap-group name ap-group2 ap-system-profile ap-system2 radio 0 vap-profile wlan-net wlan 1 radio 1 vap-profile wlan-net wlan 1 ap-id 0 ap-mac 00e0-fc76-e360 ap-sn 210235554710CB000042 ap-name area_1 ap-group ap-group1 ap-id 1 ap-mac 00e0-fc76-e380 ap-sn 210235554710CB000043 ap-name area_2 ap-group ap-group2 # return	# sysname AC2 # vlan batch 100 to 102 # interface Vlanif100 ip address 10.23.100.3 255.255.255.0 # interface Vlanif102 ip address 10.23.102.2 255.255.255.0 # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 100 102 # capwap source interface vlanif100 # hsb-service 0 service-ip-port local-ip 10.23.102.2 peer-ip 10.23.102.1 local-data-port 10241 peer-data-port 10241 # hsb-service-type access-user hsb-service 0 # hsb-service-type ap hsb-service 0 # wlan ac protect enable security-profile name wlan-net security wpa-wpa2 psk pass-phrase %^%#A>0:F8{q)0PWFAON0rK\{&<S>}oK#%{]c~egp.%^%# aes ssid-profile name wlan-net ssid wlan-net vap-profile name wlan-net service-vlan vlan-id 101 ssid-profile wlan-net security-profile wlan-net regulatory-domain-profile name default ap-system-profile name ap-system1 primary-access ip-address 10.23.100.2 backup-access ip-address 10.23.100.3 ap-system-profile name ap-system2 primary-access ip-address 10.23.100.3 backup-access ip-address 10.23.100.2 ap-group name ap-group1 ap-system-profile ap-system1 radio 0 vap-profile wlan-net wlan 1 radio 1 vap-profile wlan-net wlan 1 ap-group name ap-group2 ap-system-profile ap-system2 radio 0 vap-profile wlan-net wlan 1 radio 1 vap-profile wlan-net wlan 1 ap-id 0 ap-mac 00e0-fc76-e360 ap-sn 210235554710CB000042 ap-name area_1 ap-group ap-group1 ap-id 1 ap-mac 00e0-fc76-e380 ap-sn 210235554710CB000043 ap-name area_2 ap-group ap-group2 # return

AC1

AC2

#
 sysname AC1
#
vlan batch 100 to 102
#
interface Vlanif100
 ip address 10.23.100.2 255.255.255.0
#
interface Vlanif102
 ip address 10.23.102.1 255.255.255.0
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 100 102
#
capwap source interface vlanif100
#
hsb-service 0
 service-ip-port local-ip 10.23.102.1 peer-ip 10.23.102.2 local-data-port 10241 peer-data-port 10241
#
hsb-service-type access-user hsb-service 0
#
hsb-service-type ap hsb-service 0
#
wlan
 ac protect enable
 security-profile name wlan-net
  security wpa-wpa2 psk pass-phrase %^%#A>0:F8{q)0PWFAON0*rK\{&<S>}oK#%{]c~egp*.%^%# aes
 ssid-profile name wlan-net
  ssid wlan-net
 vap-profile name wlan-net
  service-vlan vlan-id 101
  ssid-profile wlan-net
  security-profile wlan-net
 regulatory-domain-profile name default
 ap-system-profile name ap-system1
  primary-access ip-address 10.23.100.2
  backup-access ip-address 10.23.100.3
 ap-system-profile name ap-system2
  primary-access ip-address 10.23.100.3
  backup-access ip-address 10.23.100.2
 ap-group name ap-group1
  ap-system-profile ap-system1
  radio 0
   vap-profile wlan-net wlan 1
  radio 1
   vap-profile wlan-net wlan 1
 ap-group name ap-group2
  ap-system-profile ap-system2
  radio 0
   vap-profile wlan-net wlan 1
  radio 1
   vap-profile wlan-net wlan 1
 ap-id 0 ap-mac 00e0-fc76-e360 ap-sn 210235554710CB000042
  ap-name area_1
  ap-group ap-group1
 ap-id 1 ap-mac 00e0-fc76-e380 ap-sn 210235554710CB000043
  ap-name area_2
  ap-group ap-group2
#
return

#
 sysname AC2
#
vlan batch 100 to 102
#
interface Vlanif100
 ip address 10.23.100.3 255.255.255.0
#
interface Vlanif102
 ip address 10.23.102.2 255.255.255.0
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 100 102
#
capwap source interface vlanif100
#
hsb-service 0
 service-ip-port local-ip 10.23.102.2 peer-ip 10.23.102.1 local-data-port 10241 peer-data-port 10241
#
hsb-service-type access-user hsb-service 0
#
hsb-service-type ap hsb-service 0
#
wlan
 ac protect enable
 security-profile name wlan-net
  security wpa-wpa2 psk pass-phrase %^%#A>0:F8{q)0PWFAON0*rK\{&<S>}oK#%{]c~egp*.%^%# aes
 ssid-profile name wlan-net
  ssid wlan-net
 vap-profile name wlan-net
  service-vlan vlan-id 101
  ssid-profile wlan-net
  security-profile wlan-net
 regulatory-domain-profile name default
 ap-system-profile name ap-system1
  primary-access ip-address 10.23.100.2
  backup-access ip-address 10.23.100.3
 ap-system-profile name ap-system2
  primary-access ip-address 10.23.100.3
  backup-access ip-address 10.23.100.2
 ap-group name ap-group1
  ap-system-profile ap-system1
  radio 0
   vap-profile wlan-net wlan 1
  radio 1
   vap-profile wlan-net wlan 1
 ap-group name ap-group2
  ap-system-profile ap-system2
  radio 0
   vap-profile wlan-net wlan 1
  radio 1
   vap-profile wlan-net wlan 1
 ap-id 0 ap-mac 00e0-fc76-e360 ap-sn 210235554710CB000042
  ap-name area_1
  ap-group ap-group1
 ap-id 1 ap-mac 00e0-fc76-e380 ap-sn 210235554710CB000043
  ap-name area_2
  ap-group ap-group2
#
return

Service Requirements
Networking Requirements
Data Planning
Configuration Roadmap
Configuration Notes

Translation

简体中文

Download

Updated: 2021-11-18

Document ID: EDOC1100096116

Downloads: 2542

Average rating:

This Document Applies to these Products

Related Version

Digital Signature File

Digital Signature Authentication Mode

Enterprise

Huawei Cloud

Carrier

Consumer

Corporate