Wireless - CAPWAP tunnel

CAPWAP, which stands for Control And Provisioning of Wireless Access Points, is a standard protocol defined by the Working Group of the Internet Engineering Task Force (IETF) to enable the centralized control of wireless (Wi-Fi) access points.

In the context of Cisco Wi-Fi deployments using Wireless LAN Controllers (WLCs), a CAPWAP tunnel is a connection that is established between a wireless access point (AP) and the WLC. This tunnel allows for a split in the traffic handling between control traffic and data traffic:

  1. Control Traffic: This is the traffic between the AP and the WLC that is used for management and control functions. This could include functions like the AP discovering the WLC, the AP joining the WLC, synchronization of configurations, and statistics gathering.
  2. Data Traffic: This is the actual client data that the AP forwards to the WLC. The data from wireless clients is encapsulated in CAPWAP packets at the AP, sent to the WLC, decapsulated, and then typically routed to the enterprise network.

The key advantages of using CAPWAP tunnels in a Cisco deployment include:

  1. Centralized Configuration: WLCs provide a centralized point for configuration, policy application, and management, which simplifies deployments.
  2. Fast Roaming: As the client roams between APs, the WLC can facilitate quick transitions without requiring the client to get a new IP address.
  3. Layer 3 Mobility: Even if APs are on different IP subnets or different physical locations, the WLC can manage them seamlessly, and client devices can roam across these boundaries without changing their IP addresses.
  4. Security: The CAPWAP tunnel can ensure that the data traffic between the AP and WLC is secure, even if the underlying network is not.
  5. Optimized Traffic Flow: Depending on the WLC deployment model (like local switching), client traffic can be directly forwarded at the AP level, optimizing bandwidth use.

It's worth noting that prior to adopting CAPWAP, Cisco utilized a proprietary protocol called LWAPP (Lightweight Access Point Protocol). While the concepts and functioning were similar, CAPWAP became the more standardized approach later on.