Unleashed traffic flow and Management VLAN

  • 1
  • Question
  • Updated 1 week ago
  • Answered
Hi, 

I am deploying 25 x R510's and have been told that setting up an unleashed network is very easy!

After a day I have a few questions. 

My setup is a school with two switches - one in each building - buildings are 15m apart so am hoping the mesh can stretch between the two. 

My question is where does the traffic flow? 
I am configuring each AP to drop main network to VLAN 4 and Guest network to VLAN 5
Does this traffic drop locally at the AP and on the network or does it backhaul to the Master AP and drop out there? 

Also I am having issues with the management VLAN for these devices and need to understand if all the devices need a management IP or just power? 

As when I have 3 AP's connected and I try to change the IP of one of the AP's it says to go to system settings which just points me to the IP address of the Master 

I hope this makes sense 

Network is based on Cisco SG300 switches and all ports are trunk with native VLAN on trunk port being the management IP for the AP's 

Thanks
Roger 
https://www.rogerperkin.co.uk/
Photo of Roger Perkin

Roger Perkin

  • 6 Posts
  • 0 Reply Likes
  • slightly frustrated

Posted 1 week ago

  • 1
Photo of Michael Brado

Michael Brado, Official Rep

  • 2922 Posts
  • 406 Reply Likes
Hm, first issue is that Unleashed is designed for a single LAN / VLAN, you cannot split traffic from one WLAN to VLAN4 and one WLAN to VLAN5.
Well, I take it back, in 200.7 I see Access VLAN when you create a new WLAN, but AP management VLAN should remain 'untagged'.
(Edited)
Photo of Roger Perkin

Roger Perkin

  • 6 Posts
  • 0 Reply Likes
Hi Michael, I will have to disagree with you there. Where do you get that information from as I have that setup and working? Click on WLAN and the under Priority tab select VLAN. Corporate clients drop into VLAN4 and guest clients drop into VLAN 5 - this is the whole concept of a wireless solution. 

My question was where does the traffic flow as I will have 25 AP's running and needed to find out if traffic drops locally or via the Master AP
Photo of Michael Brado

Michael Brado, Official Rep

  • 2922 Posts
  • 406 Reply Likes
For setup, simply connect a few APs with a factory default, connect wirelessly to a Configure.Me-XXYYZZ wlan, and go to URL: unleashed.ruckuswireless.com, and you will be on the Master AP, so you can initiate the Unleashed network.  The other APs will all join / be seen, once you have a Master AP and network started.

The steps are outlined in this KBA: Can I setup Ruckus Unleashed network remotely?
https://support.ruckuswireless.com/articles/000005204
Photo of Roger Perkin

Roger Perkin

  • 6 Posts
  • 0 Reply Likes
Thanks Michale, 

I have gone through these steps already, need to find out some more in depth information as listed above which I can't seem to find anywhere?
Photo of Darrel Rhodes

Darrel Rhodes, Employee

  • 126 Posts
  • 66 Reply Likes
Hi Roger,

Firstly; I can confirm that Unleashed wireless client traffic will break-out locally at the AP, there is no data tunnelling. 

Secondly: each AP's IP address needs to be configured via the Unleashed Master.  Simply log-in to the Unleashed Master, head to access points, select the AP you wish to apply the static IP to, click 'Edit', navigate to the 'Network' tab and configure the AP's manual address, mask, gateway, DNS.

Full Unleashed online manual is here:  http://docs.ruckuswireless.com/unleashed/200.7.10.102/GUID-577F5F8B-BCB6-4BF5-9FA6-8A41DC821927-home...

It's not recommended to deploy an outdoor Mesh link with indoor APs, however the performance will be dictated by the SNR between the two APs.

I hope that helps, I'm a UK-based Systems Engineer, so please don't hestiate to ask any further questions.

Best regards,
Darrel.
(Edited)
Photo of Roger Perkin

Roger Perkin

  • 6 Posts
  • 0 Reply Likes
Thanks Darrel, 

That does help A LOT! 

I now know what I need to do to get this all working, I just need to get a separate Management VLAN setup outside of the IP ranges of the clients. 

Question: 
We are splitting this mesh network between two buildings, from one building there is an AP close to the outside wall and in the other building (about 12m away) there will be 3 visible APs) 

I am testing this today, from the Master can you see which AP's have meshed to which AP's?

I just need to understand if this closest AP in building one will be the single point of failure for wireless into building 2 

Or if others get visbility will also mesh? 

Thanks
Roger
Photo of Darrel Rhodes

Darrel Rhodes, Employee

  • 126 Posts
  • 66 Reply Likes
Hi Roger,

Glad that helps! 

You can also setup a management interface for the Unleashed network in SYSTEM>IP SETTINGS>MANAGEMENT INTERFACE. From the manual I sent you a link to:

The Management IP address can be configured to allow an administrator to manage the Unleashed network from a single IP address, regardless of which Unleashed AP is currently the Unleashed Master AP.
The Management IP can be reached from anywhere on the network as long as it is routable via the default Gateway configured in Device IP Settings. Then, you only have to remember one IP address.

However you don't need to have a management interface configured to use an IP range different to that your client devices are using.  The Unleashed network is a layer-2 bridge, so all IP traffic will pass through the APs, regardless of the IP address the APs are using for management.

With Ruckus SmartMesh, once you enable Mesh functionality on the network, all (Mesh-capable) APs are configured to support Mesh.  SmartMesh is self-forming and self-healing, so one you've enabled it the Mesh will automatically form without further configuration.

APs directly connected to the main network are known as Root APs (RAPs), Mesh-connected APs are Mesh APs (MAPs). MAP connectivity is enabled if the AP cannot reach the Unleashed Master via the Ethernet port. 

The APs will also support Ruckus eMesh this means that if the 3 APs in the 'remote' building are connected to each other via switch, only one of the APs will become a MAP and the other two APs will communicate with the main part of the network on their Ethernet interface (eMAPs), via the MAP AP.  Should the MAP fail, then one of the other remote APs will take up the MAP role as part of the SmartMesh self-healing functionality. I would recommend you set a 'Preferred Master' AP on the main wired-side of the building.

I recommend you connect and fully adopt ALL the APs to the Unleashed Master to be provisioned with the Mesh credentials before taking them to the remote site.  However it is possible to manually configure Mesh if necessary.

Mesh topology and connectivity can be monitored via the Unleashed Master AP: http://docs.ruckuswireless.com/unleashed/200.7.10.102/GUID-0D528543-DAE7-421E-AE4A-01E29D87211A.html

I hope that helps, please let me know if you need any further info.

Best regards,
Darrel.

Photo of Roger Perkin

Roger Perkin

  • 6 Posts
  • 0 Reply Likes
Thanks Darrel, 

Reading the manual now. 

Can you just tell me if I am going about this the right way and not fighting with the AP!

1: Setup Master AP - Native VLAN is 1 - AP gets management address and configure SSID Ruckus-1 
2: Connect to SSID Ruckus-1 and get access to management portal 
2a: I can connect to SSID Ruckus-1 and get an IP in VLAN 1
3: Configure SSID CORP - Priority Tab - VLAN 4 - want to drop clients on this into VLAN 4
4: Connect to CORP - however I don't get an IP address from VLAN 4
5: If I put the AP in VLAN 4 (Native) then I can connect and drop into 4 no problem. 

Should this work on the R510 ? 

I want to do step 6 to create SSID-Guest and drop that into VLAN 5

So I have 

AP in VLAN 1
SSID-Corp drops clients into VLAN 4
SSID-Guest drops clients into VLAN 5

What am I missing? As I can only seem to drop clients into the same vlan that the AP is in?

Photo of Darrel Rhodes

Darrel Rhodes, Employee

  • 126 Posts
  • 66 Reply Likes
Hi Roger,

It sounds like you have everything setup correctly on the Unleashed side.  As you've said, you create the WLAN and configure the Access VLAN to whatever you require.  Then any traffic sent/recieved on that WLAN will be tagged at the AP's ethernet port. This funcationality is supported on all Ruckus APs.

I suspect an issue with the config on the SG300.  I've used these switches with Ruckus APs and multiple VLAN on many sites with no problem, so I'm sure it works! The one difference from my config was I didn't use the default VLAN for management, I set that up separately. E.g.:

Default VLAN: 101
Management VLAN: 10
Corp VLAN: 20
Guest VLAN: 30
Warehouse VLAN: 40

With all ports set to Trunk on the switch.

The Unleashed documentation confirms:  "By default, all ports are enabled as Trunk Ports with Untag VLAN set as 1. "

Let me know how you get on.

Thanks,
Darrel.