Skip to main content

Wed, Mar 19, 2014 6:43 PM

Why use "tunnel mode"

There is an option in the WLAN settings that states "Tunnel WLAN traffic to ZoneDirector (Recommended for VoIP clients and PDA devices.)"

From what I understand it forces all traffic through an L2TP, which to me seems like it would introduce some latency.

If so, why does it say recommended for "VOIP and PDA devices"?

Thanks,
Bob

Responses

60 Messages

 • 

1K Points

7 years ago

Tunnel mode encapsulates traffic on the WLAN and tunnels it to the ZD, avoiding disruptions to delay-sensitive operations like VOIP. Especially with inter-subnet roaming. So even when changing subnets, the devices in the tunneled WLAN wil stay on the network that the ZD is connected to.

Champion

 • 

202 Messages

 • 

3K Points

7 years ago

I don't know why tunnel mode would be recommended for VoIP or PDA devices.
(though I'll trust what Jelle has to say)

By default, Ruckus APs bridge wifi traffic directly to the local wired ethernet connection.
Tunnel mode is useful when you want your wifi traffic on a VLAN that isn't (or can't be) carried on the ethernet cable where your AP is connected.

This is common in remote locations or other situations where you want a common wifi SSID/VLAN/Subnet even though your wifi traffic is carried over a routed infrastructure.

21 Messages

 • 

470 Points

7 years ago

Agreed, seems weird to me as well. The one time I used it was when I installed a new switch and did not setup the necessary vlan tags on the ports (we have different vlans for different SSIDs). Worked great for that.

I think from his explanation the inter-subnet roaming is the most important.

Bob

60 Messages

 • 

1K Points

7 years ago

There is a nice side effect: I have a ZD at my office that also controls AP's on different sites. I made one hidden SSID named "tunnel" that and have that one tunnel to the ZD. Whenever I connect to that wlan, it is as if I have a VPN connection to my office.
I turned on the encryption for tunneling, of course. So every AP can VPN bridge to the ZD, but on a lower level than normal VPN bridges. The ip ranges don't even need to be different, because it is tunneling on a lower level. Nice.