Introduction to Cisco Wireless- Flex Connect Mode

 Today I am going to talk about the Cisco Wireless Flex-connect mode and how it works in the enterprise or campus network with wireless connect with APs. There are two different modes, one is the local switched mode and another is called as Flex-connect mode.

In the case of the local switched mode, an AP creates two CAPWAP tunnels to the WLC.  One is for management, the other is data traffic.  This behaviour is known as "centrally switched" because the data traffic is switched(bridged) from the AP to the controller where it is then routed by some routing device.

Let's take an example here, let us suppose the below example about the difference between Local vs Flex-connect mode

Local Switching Vs Flex-Connect

Office 1 is located in New Delhi (using local mode)

Office 2 is located in Sydney(using flex connect)

Datacenter is located in San Jose 

Local Mode means that a tunnel is created from Wireless AP to the WLC. All traffic goes to the WLC. Authentication and user traffic. If office 1(New Delhi) is configured with local mode, the wireless clients will actually have all of their traffic tunnelled to San Jose and will use an IP from the WLC to get to other locations on the network. Internet browsing for the users will be from San Jose. If New Delhi wants to get a resource from Sydney the client will tunnel to San Jose and then go over company network to Sydney and back.

In FlexConnect. Only authentication traffic is sent to WLC. The AP will hand out local VLANS from the Sydney office. It will use DHCP from Sydney office. So once authentication takes place all traffic takes place locally. Internet browsing would go out Sydney connection. traffic from Sydney user to San Jose resource would follow same path as a wired user. 

Flex-Connect Mode

In the case of Flex connect mode, it allows data traffic to be switched locally and not go back to the controller. Flex Connect also known as HREAP, It basically causes the AP to behave like an autonomous AP, but be managed by the WLC.  

Fig 1.1- Cisco Wireless Flex-Connect Mode

In this mode, the AP can still function even if it looses connection with the controller.  Also, anytime you want to switch traffic locally, that would be the time to use Flex Connect.  I used it once when my users were needing the wireless and wired networks to be on the same subnet for broadcasting reasons.

There are still a couple of key features that FlexConnect does not support.  FlexConnect groups can only contain up to group of 25 APs (unless you are using a 7500, 8500, or vWLC).  That group determines the APs between which a client can do fast-roaming.  Converting multicast to layer 2 unicast over the air (VideoStream) is not supported, and thus all multicast streaming video will be sent at the highest mandatory rate and not the highest rate that the client supports.  

There are some other issues for many of customers is that the SSID to VLAN mapping is done on an AP by AP basis.  This is an issue for two reasons.  You have to touch each AP to manually do this, or you can use a lightweight AP template in Prime/NCS/WCS.  If you don't have Prime/NCS/WCS, then that can be a headache.  

The second is that there are times, particularly when upgrading code, that the APs will "forget" their mappings and revert to the default.  And, you don't necessarily know that until your end users are calling to complain that they can't connect to the network.  I'm going to check on how that is working with current code on my next upgrade.

Flex-Connect Modes

There are two modes in Flex-connect deployments and these modes are 

• Connected mode: In the case of the Connected mode, the FlexConnect AP has CAPWAP connectivity with its WLC and WLC is reachable.
• Standalone mode: In the Standalone mode, first of all the WLC is unreachable. The FlexConnect has lost or failed to establish CAPWAP connectivity with its WLC: for example, when there is a WAN link outage between a branch and its central site. 

Supported Hardware

FlexConnect is only supported on these components: 

• Cisco AP-1130, AP-1240, AP-1040, AP-1140, AP-1260, AP-1250, AP-3500, AP-1600, AP-2600, AP-3600, AP-3700, AP-1700, AP-2700, AP 700, AP-1520, AP-1530, AP-1550, AP-1570 access points 
• Cisco 5520, 8540, Flex 7500, Cisco 8500, 4400, 5500, and 2500 series controllers 
• Cisco WiSM-2 
• Cisco virtual controller (vWLC) 

Like us on Facebook : Networks Baseline on Facebook

Subscribe us on Youtube: Youtube Subscription for Videos !