评分并提供意见反馈 :
华为采用机器翻译与人工审校相结合的方式将此文档翻译成不同语言,希望能帮助您更容易理解此文档的内容。 请注意:即使是最好的机器翻译,其准确度也不及专业翻译人员的水平。 华为对于翻译的准确性不承担任何责任,并建议您参考英文文档(已提供链接)。
配置射频调优示例
配置流程
WLAN不同的特性和功能需要在不同类型的模板下进行配置和维护,这些模板统称为WLAN模板,如域管理模板、射频模板、VAP模板、AP系统模板、AP有线口模板、WIDS模板、WDS模板。当用户在配置WLAN业务功能时,需要在对应功能的WLAN模板中进行参数配置,配置完成后,须将此模板引用到AP组或AP中,配置下发到AP,进而配置的功能在AP上生效。由于模板之间是存在各相互引用关系的,因此在用户配置过程中,需要提前了解各个模板之间存在的逻辑关系。模板的逻辑关系和基本配置流程请参见WLAN业务配置流程。
组网需求
如图5-9所示,在办公楼部署多个AP,AP和AC相连,用来为用户提供无线业务。
由于AP数量较多,逐一手工配置信道等射频参数将会非常繁琐,客户IT部门希望AC能够根据无线网络环境,自动为AP分配信道,提高网络部署的便捷性。
配置思路
采用如下的思路配置射频调优:
- 配置AP、AC和上层网络设备之间实现网络互通。
- 配置AC作为DHCP服务器为STA和AP分配IP地址。
- 配置AP上线。
- 创建AP组,用于将需要进行相同配置的AP都加入到AP组,实现统一配置。
- 配置AC的系统参数,包括国家码、AC与AP之间通信的源接口。
- 配置AP上线的认证方式并离线导入AP,实现AP正常上线。
- 配置WLAN业务参数,实现STA访问WLAN网络功能。
- 配置射频调优功能,通过AC自动为AP分配最佳工作信道。
表5-3 为完成配置任务,需规划以下数据项
配置项 |
数据 |
|---|---|
| DHCP服务器 | AC作为DHCP服务器为STA和AP分配IP地址 |
| AP的IP地址池 | 10.10.10.2~10.10.10.254/24 |
| STA的IP地址池 | 10.10.11.2~10.10.11.254/24 10.10.12.2~10.10.12.254/24 |
| AC的源接口IP地址 | VLANIF100:10.10.10.1/24 |
| AP组 | 名称:guest 引用模板:VAP模板guest、域管理模板domain1 |
名称:employee 引用模板:VAP模板employee、域管理模板domain1 |
|
| 域管理模板 | 名称:domain1 国家码:CN |
| SSID模板 | 名称:guest SSID名称:guest |
名称:employee SSID名称:employee |
|
| 安全模板 | 名称:guest
|
名称:employee
|
|
| VAP模板 | 名称:guest
|
名称:employee
|
|
| 5G射频模板 |
|
| 2G射频模板 |
|
| RRM模板 | 名称:wlan-net |
| 空口扫描模板 |
|
配置注意事项
纯组播报文由于协议要求在无线空口没有ACK机制保障,且无线空口链路不稳定,为了纯组播报文能够稳定发送,通常会以低速报文形式发送。如果网络侧有大量异常组播流量涌入,则会造成无线空口拥堵。为了减小大量低速组播报文对无线网络造成的冲击,建议配置组播报文抑制功能。配置前请确认是否有组播业务,如果有,请谨慎配置限速值。
- 业务数据转发方式采用直接转发时,建议在直连AP的交换机接口上配置组播报文抑制。
- 业务数据转发方式采用隧道转发时,建议在AC的流量模板下配置组播报文抑制。
- 管理VLAN和业务VLAN不能配置为同一VLAN。
在配置多个VAP模板,且多个VAP模板共用同一个service-vlan的场景下,如果配置数据转发方式为tunnel模式,则需要启动service-vlan间的Proxy ARP功能。
操作步骤
- 配置AP与AC之间网络互通
# 将接口Eth2/0/0和Eth2/0/1加入VLAN100(管理VLAN)、VLAN101和VLAN102(业务VLAN)。
建议在AC连接AP的接口Eth2/0/0和Eth2/0/1上配置端口隔离,如果不配置端口隔离,可能会在VLAN内存在不必要的广播报文,或者导致不同AP间的WLAN用户二层互通的问题。
<Huawei> system-view [Huawei] sysname AC [AC] vlan batch 100 to 102 [AC] interface ethernet 2/0/0 [AC-Ethernet2/0/0] port link-type trunk [AC-Ethernet2/0/0] port trunk pvid vlan 100 [AC-Ethernet2/0/0] port trunk allow-pass vlan 100 to 102 [AC-Ethernet2/0/0] port-isolate enable [AC-Ethernet2/0/0] quit [AC] interface ethernet 2/0/1 [AC-Ethernet2/0/1] port link-type trunk [AC-Ethernet2/0/1] port trunk pvid vlan 100 [AC-Ethernet2/0/1] port trunk allow-pass vlan 100 to 102 [AC-Ethernet2/0/1] port-isolate enable [AC-Ethernet2/0/1] quit
- 配置AC作为DHCP服务器,为AP和STA分配IP地址
[AC] dhcp enable [AC] interface vlanif 100 [AC-Vlanif100] ip address 10.10.10.1 255.255.255.0 [AC-Vlanif100] dhcp select interface [AC-Vlanif100] quit [AC] interface vlanif 101 [AC-Vlanif101] ip address 10.10.11.1 255.255.255.0 [AC-Vlanif101] dhcp select interface [AC-Vlanif101] quit [AC] interface vlanif 102 [AC-Vlanif102] ip address 10.10.12.1 255.255.255.0 [AC-Vlanif102] dhcp select interface [AC-Vlanif102] quit
- 配置AP上线
# 创建AP组“guest”和“employee”。
[AC] wlan ac [AC-wlan-view] ap-group name guest Info: This operation may take a few seconds. Please wait for a moment..done. [AC-wlan-ap-group-guest] quit [AC-wlan-view] ap-group name employee Info: This operation may take a few seconds. Please wait for a moment..done. [AC-wlan-ap-group-employee] quit
# 创建域管理模板,在域管理模板下配置AC的国家码并在AP组下引用域管理模板。
[AC-wlan-view] regulatory-domain-profile name domain1 [AC-wlan-regulate-domain-domain1] country-code cn Info: The current country code is same with the input country code. [AC-wlan-regulate-domain-domain1] quit [AC-wlan-view] ap-group name guest [AC-wlan-ap-group-guest] regulatory-domain-profile domain1 Warning: Modifying the country code will clear channel, power and antenna gain configurations of the radio and reset the AP. Continu e?[Y/N]:y [AC-wlan-ap-group-guest] quit [AC-wlan-view] ap-group name employee [AC-wlan-ap-group-employee] regulatory-domain-profile domain1 Warning: Modifying the country code will clear channel, power and antenna gain configurations of the radio and reset the AP. Continu e?[Y/N]:y [AC-wlan-ap-group-employee] quit [AC-wlan-view] quit
# 配置AC的源接口。
# 在AC上离线导入AP。将部署在前台大厅的AP都加入到AP组“guest”,部署在办公区域的AP都加入到AP组“employee”,并且根据AP的部署位置为AP配置名称,便于从名称上就能够了解AP的部署位置。例如MAC地址为60de-4476-e360的AP部署在办公区域的1号房间,命名此AP为“area_1”。ap auth-mode命令缺省情况下为MAC认证,如果之前没有修改其缺省配置,可以不用执行ap auth-mode mac-auth。
[AC] wlan ac [AC-wlan-view] ap auth-mode mac-auth [AC-wlan-view] ap-id 0 ap-mac 60de-4476-e360 [AC-wlan-ap-0] ap-name area_1 [AC-wlan-ap-0] ap-group guest Warning: This operation may cause AP reset. If the country code changes, it will clear channel, power and antenna gain configuration s of the radio, Whether to continue? [Y/N]:y Info: This operation may take a few seconds. Please wait for a moment.. done. [AC-wlan-ap-0] quit [AC-wlan-view] ap-id 1 ap-mac 60de-4474-9640 [AC-wlan-ap-1] ap-name area_2 [AC-wlan-ap-1] ap-group employee Warning: This operation may cause AP reset. If the country code changes, it will clear channel, power and antenna gain configuration s of the radio, Whether to continue? [Y/N]:y Info: This operation may take a few seconds. Please wait for a moment.. done. [AC-wlan-ap-1] quit
# 将AP上电后,当执行命令display ap all查看到AP的“State”字段为“nor”时,表示AP正常上线。
[AC-wlan-view] display ap all Info: This operation may take a few seconds. Please wait for a moment.done. Total AP information: nor : normal [2] -------------------------------------------------------------------------------------------- ID MAC Name Group IP Type State STA Uptime -------------------------------------------------------------------------------------------- 0 60de-4476-e360 area_1 guest 10.10.10.253 AP6010DN-AGN nor 0 1M:22S 1 60de-4474-9640 area_2 employee 10.10.10.254 AP6010DN-AGN nor 0 5S -------------------------------------------------------------------------------------------- Total: 2 - 配置WLAN业务参数# 创建名为“guest”和“employee”的安全模板,并配置安全策略。
举例中以配置WEP-40和WPA2+PSK+AES的安全策略为例,密码分别为“a1234”和“b1234567”,实际配置中请根据实际情况,配置符合实际要求的安全策略。
[AC-wlan-view] security-profile name guest [AC-wlan-sec-prof-guest] security wep share-key [AC-wlan-sec-prof-guest] wep key 0 wep-40 pass-phrase a1234 Warning: This action may cause service interruption. Continue?[Y/N]y Info: This operation may take a few seconds, please wait.done. [AC-wlan-sec-prof-guest]wep default-key 0 Warning: This action may cause service interruption. Continue?[Y/N]y Info: This operation may take a few seconds, please wait.done. [AC-wlan-sec-prof-guest] quit [AC-wlan-view] security-profile name employee [AC-wlan-sec-prof-employee] security wpa2 psk pass-phrase b1234567 aes [AC-wlan-sec-prof-employee] quit
# 创建名为“guest”和“employee”的SSID模板,并分别配置SSID名称为“guest”和“employee”。
[AC-wlan-view] ssid-profile name guest [AC-wlan-ssid-prof-guest] ssid guest Warning: This action may cause service interruption. Continue?[Y/N]y Info: This operation may take a few seconds, please wait.done. [AC-wlan-ssid-prof-guest] quit [AC-wlan-view] ssid-profile name employee [AC-wlan-ssid-prof-employee] ssid employee Warning: This action may cause service interruption. Continue?[Y/N]y Info: This operation may take a few seconds, please wait.done. [AC-wlan-ssid-prof-employee] quit
# 创建名为“guest”和“employee”的VAP模板,配置业务VLAN,并且引用安全模板和SSID模板。
[AC-wlan-view] vap-profile name guest [AC-wlan-vap-prof-guest] service-vlan vlan-id 101 Info: This operation may take a few seconds, please wait.done. [AC-wlan-vap-prof-guest] security-profile guest Info: This operation may take a few seconds, please wait..done. [AC-wlan-vap-prof-guest] ssid-profile guest Info: This operation may take a few seconds, please wait..done. [AC-wlan-vap-prof-guest] quit [AC-wlan-view] vap-profile name employee [AC-wlan-vap-prof-employee] service-vlan vlan-id 102 Info: This operation may take a few seconds, please wait.done. [AC-wlan-vap-prof-employee] security-profile employee Info: This operation may take a few seconds, please wait..done. [AC-wlan-vap-prof-employee] ssid-profile employee Info: This operation may take a few seconds, please wait..done. [AC-wlan-vap-prof-employee] quit
# 配置AP组引用VAP模板,AP上射频都使用VAP模板的配置。
[AC-wlan-view] ap-group name guest [AC-wlan-ap-group-guest] vap-profile guest wlan 1 radio all Info: This operation may take a few seconds, please wait..done. [AC-wlan-ap-group-guest] quit [AC-wlan-view] ap-group name employee [AC-wlan-ap-group-employee] vap-profile employee wlan 1 radio all Info: This operation may take a few seconds, please wait..done. [AC-wlan-ap-group-employee] quit
- 配置射频调优功能
# 创建RRM模板“wlan-net”,在RRM模板下使能信道自动选择信道功能和发送功率自动选择信道功能。缺省情况下,信道自动选择信道功能和发送功率自动选择信道功能都已经使能。
[AC-wlan-view] rrm-profile name wlan-net [AC-wlan-rrm-prof-wlan-net] undo calibrate auto-channel-select disable [AC-wlan-rrm-prof-wlan-net] undo calibrate auto-txpower-select disable [AC-wlan-rrm-prof-wlan-net] quit
# 创建空口扫描模板“wlan-airscan”,并配置扫描信道集合、扫描间隔时间和扫描持续时间。缺省情况下,空口扫描信道集合为AP对应国家码支持的所有信道。
[AC-wlan-view] air-scan-profile name wlan-airscan [AC-wlan-air-scan-prof-wlan-airscan] scan-channel-set country-channel [AC-wlan-air-scan-prof-wlan-airscan] scan-period 80 Warning: Modifying the scan parameters may affect services. [AC-wlan-air-scan-prof-wlan-airscan] scan-interval 80000 [AC-wlan-air-scan-prof-wlan-airscan] quit
# 创建2G射频模板“radio2g”,并在该模板下引用RRM模板“wlan-net”和空口扫描模板“wlan-airscan”。
[AC-wlan-view] radio-2g-profile name radio2g [AC-wlan-radio-2g-prof-radio2g] rrm-profile wlan-net [AC-wlan-radio-2g-prof-radio2g] air-scan-profile wlan-airscan [AC-wlan-radio-2g-prof-radio2g] quit
# 创建5G射频模板“radio5g”,并在该模板下引用RRM模板“wlan-net”和空口扫描模板“wlan-airscan”。
[AC-wlan-view] radio-5g-profile name radio5g [AC-wlan-radio-5g-prof-radio5g] rrm-profile wlan-net [AC-wlan-radio-5g-prof-radio5g] air-scan-profile wlan-airscan [AC-wlan-radio-5g-prof-radio5g] quit
# 在名为“guest”的AP组下引用5G射频模板“radio5g”和2G射频模板“radio2g”。
[AC-wlan-view] ap-group name guest [AC-wlan-ap-group-guest] radio-5g-profile radio5g radio all Warning: This action may cause service interruption. Continue?[Y/N]y [AC-wlan-ap-group-guest] radio-2g-profile radio2g radio all Warning: This action may cause service interruption. Continue?[Y/N]y [AC-wlan-ap-group-guest] quit
# 在名为“employee”的AP组下引用5G射频模板“radio5g”和2G射频模板“radio2g”。
[AC-wlan-view] ap-group name employee [AC-wlan-ap-group-employee] radio-5g-profile radio5g radio all Warning: This action may cause service interruption. Continue?[Y/N]y [AC-wlan-ap-group-employee] radio-2g-profile radio2g radio all Warning: This action may cause service interruption. Continue?[Y/N]y [AC-wlan-ap-group-employee] quit
# 配置射频调优模式为手动调优,并手动触发射频调优。缺省情况下,射频调优的模式为手动模式。
[AC-wlan-view] calibrate enable manual [AC-wlan-view] calibrate manual startup
# 提交配置。
[AC-wlan-view] commit all Warning: Committing configuration may cause service interruption, continue?[Y/N]:y
- 验证配置结果
# STA搜索到名为“guest”的无线网络,输入密码“a1234”并正常关联后,在AC上执行命令display station ssid guest,可以查看到用户已经接入到无线网络“guest”中。
[AC-wlan-view] display station ssid guest Rf/WLAN: Radio ID/WLAN ID Rx/Tx: link receive rate/link transmit rate(Mbps) ------------------------------------------------------------------------------------------ STA MAC AP ID Ap name Rf/WLAN Band Type Rx/Tx RSSI VLAN IP address ------------------------------------------------------------------------------------------ cc3a-61cf-6344 0 area_1 1/1 5G 11a 54/44 -49 101 10.10.11.254 ------------------------------------------------------------------------------------------ Total: 1 2.4G: 0 5G: 1
# STA搜索到名为“employee”的无线网络,输入密码“b1234567”并正常关联后,在AC上执行命令display station ssid employee,可以查看到用户已经接入到无线网络“employee”中。
[AC-wlan-view] display station ssid employee Rf/WLAN: Radio ID/WLAN ID Rx/Tx: link receive rate/link transmit rate(Mbps) ------------------------------------------------------------------------------------------ STA MAC AP ID Ap name Rf/WLAN Band Type Rx/Tx RSSI VLAN IP address ------------------------------------------------------------------------------------------ cc3a-61cf-6344 1 area_2 0/1 2.4G 11n 36/56 -44 102 10.10.12.254 ------------------------------------------------------------------------------------------ Total: 1 2.4G: 1 5G: 0
# 在AC上执行display radio all命令,查看射频调优效果。
[AC-wlan-view] display radio all CH/BW:Channel/Bandwidth CE:Current EIRP (dBm) ME:Max EIRP (dBm) CU:Channel utilization ST:Status ------------------------------------------------------------------------ AP ID Name RfID Band Type ST CH/BW CE/ME STA CU ------------------------------------------------------------------------ 0 area_1 0 2.4G bgn on 11/20M 27/27 0 25% 0 area_1 1 5G an on 157/20M 28/28 0 0% 1 area_2 0 2.4G bgn on 6/20M 27/27 1 15% 1 area_2 1 5G an on 153/20M 28/28 0 1% ------------------------------------------------------------------------ Total:4
# 待执行手动调优半小时后,调优结束。以下配置步骤在配置文件中不体现。此时用户可以选以下两种方案:(推荐)将射频调优模式改为定时调优,并将调优时间定为用户业务空闲时段(如当地时间凌晨00:00-06:00时段)。
[AC-wlan-view] calibrate enable schedule time 03:00:00
手动固定信道:将RRM模板下的信道自动选择信道功能和发送功率自动选择信道功能关闭。等待有新AP加入,用户可再次手动触发射频调优。
[AC-wlan-view] rrm-profile name wlan-net [AC-wlan-rrm-prof-wlan-net] calibrate auto-channel-select disable [AC-wlan-rrm-prof-wlan-net] calibrate auto-txpower-select disable [AC-wlan-rrm-prof-wlan-net] quit [AC-wlan-view] calibrate enable manual [AC-wlan-view] calibrate manual startup
配置文件
AC的配置文件
# sysname AC # vlan batch 100 to 102 # # dhcp enable # interface Vlanif100 ip address 10.10.10.1 255.255.255.0 dhcp select interface # interface Vlanif101 ip address 10.10.11.1 255.255.255.0 dhcp select interface # interface Vlanif102 ip address 10.10.12.1 255.255.255.0 dhcp select interface # interface Ethernet2/0/0 port link-type trunk port trunk pvid vlan 100 port trunk allow-pass vlan 100 to 102 port-isolate enable group 1 # interface Ethernet2/0/1 port link-type trunk port trunk pvid vlan 100 port trunk allow-pass vlan 100 to 102 port-isolate enable group 1 # capwap source interface vlanif100 # wlan ac calibrate enable manual security-profile name guest security wep share-key wep key 0 wep-40 pass-phrase %^%#G-~GU.v`U$RA7KCajYBCQ6};G#7OVIZ\=9HvBKZ6%^%# security-profile name employee security wpa2 psk pass-phrase %^%#H{1<-b]4~"*+Y:4-'/URy;$+,33UgQf)@9I(Yl]V%^%# aes ssid-profile name guest ssid guest ssid-profile name employee ssid employee vap-profile name guest service-vlan vlan-id 101 ssid-profile guest security-profile guest vap-profile name employee service-vlan vlan-id 102 ssid-profile employee security-profile employee regulatory-domain-profile name domain1 air-scan-profile name wlan-airscan scan-period 80 scan-interval 80000 rrm-profile name wlan-net radio-2g-profile name radio2g rrm-profile wlan-net air-scan-profile wlan-airscan radio-5g-profile name radio5g rrm-profile wlan-net air-scan-profile wlan-airscan ap-group name guest regulatory-domain-profile domain1 radio 0 radio-2g-profile radio2g radio-5g-profile radio5g vap-profile guest wlan 1 radio 1 radio-5g-profile radio5g vap-profile guest wlan 1 radio 2 radio-2g-profile radio2g radio-5g-profile radio5g vap-profile guest wlan 1 ap-group name employee regulatory-domain-profile domain1 radio 0 radio-2g-profile radio2g radio-5g-profile radio5g vap-profile employee wlan 1 radio 1 radio-5g-profile radio5g vap-profile employee wlan 1 radio 2 radio-2g-profile radio2g radio-5g-profile radio5g vap-profile employee wlan 1 ap-id 0 type-id 19 ap-mac 60de-4476-e360 ap-sn 210235554710CB000042 ap-name area_1 ap-group guest ap-id 1 type-id 19 ap-mac 60de-4474-9640 ap-sn 210235554710CB000075 ap-name area_2 ap-group employee # return
