Tuesday, May 18, 2010

Wi-Fi Tip: AP Join in a Pinch

Ever been in an emergency situation where you need to get an AP up in
a hurry? Perhaps you didn't configure DHCP Option 43 b/c you have a
gizillion scopes, or the DNS name b/c of a common suffix across
multiple sites. Try this...

On the default gateway device (router or L3 switch) issue these

ip forward-protocol udp 12223

ip forward-protocol udp 5246

interface GigabitEthernet0/0

   ! Define the helper address for the DHCP

   ! server so APs can obtain an IP address

   ip helper-address

   ! Define the helper address for the WLC

   ! to forwarded LWAPP/CAPWAP discovery broadcasts

   ip helper-address

Configure the interface attached to the subnet the AP is connected to,
and use the controller's management interface as the helper address.

These commands tell the router to forward LWAPP and CAPWAP control
broadcast frames, including discovery requests, to configured ip
helpers which now includes the controller!

You should see the AP discover and join the controller within seconds
as if they were on the same subnet.



  1. Wouldn't the capwap equivalent to lwapp 12223 be 5247?

  2. No, the port order was reversed from LWAPP to CAPWAP.

    LWAPP data port = 12222
    LWAPP control port = 12223 (used during discovery)

    CAPWAP control port = 5246 (used during discovery)
    CAPWAP data port = 5247


  3. In this scenario, would the DHCP server be the WLC?

  4. The DHCP server can be any valid server on the network, it does not need to be the WLC.

  5. How can that be if you have a helper on the interface pointing to the DHCP server, how would the layer 3 LWAPP controller discovery broadcast reach the controller? Or am i mixing apples with oranges here?

    That's why I asked if the WLC would be the DHCP server in this scenario.

  6. Sorry for the confusion. There would likely be another ip helper on the interface pointing to a DHCP server, or the router could be configured with DHCP pools to provide addresses to clients.

    Cisco routers forward certain broadcast packets to configured helper addresses. This includes BOOTP / DHCP by default, along with several other protocols. See here:
    Cisco Command Reference - IP Forward Protocol

    By issuing the command to forward the LWAPP/CAPWAP ports, you're just telling the router to also forward broadcast packets using those ports in addition to the default.

    What would end up happening is that the broadcasts for both DHCP and LWAPP/CAPWAP would be forwarded to all ip helpers.

    The DHCP servers will understand the DHCP requests and respond, while the WLC will ignore those (it only serves DHCP, if configured, for wireless clients coming through the LWAPP/CAPWAP tunnel, or for lightweight APs on the same management subnet).

    Likewise, the LWAPP/CAPWAP broadcasts will be forwarded to all ip helpers. The WLC will understand the LWAPP Discovery Request and respond appropriately, while the DHCP server will not and discard the packet.

    Since some of this traffic forwarding to ip helpers that don't understand the traffic is not ideal, it is recommended that this method only be used temporarily and not be left in a production configuration.

    Hope this helps to clarify.


    PS - I'll update the post to reflect both a DHCP helper and a WLC helper address.

  7. Thank you very much for the information.

  8. Andrew,
    Other than CISCO do other AP vendors use CAPWAP? I want a list of AP vendors who support CAPWAP in their products.
    Thanks in advance.

    1. Yes, other vendors support CAPWAP. But APs and controllers from different vendors are still not interoperable. And vendors use CAPWAP for different purposes too.

      Cisco uses CAPWAP for management, control, and data plane operations with their APs.

      Aerohive uses CAPWAP only for management plane functions, since control plane and data plane functions are distributed and function directly between APs (and other devices, like the HiveOS Virtual Appliance which can terminate tunneled traffic).