Why use "tunnel mode"

  • 2
  • Question
  • Updated 3 years ago
There is an option in the WLAN settings that states "Tunnel WLAN traffic to ZoneDirector (Recommended for VoIP clients and PDA devices.)"

From what I understand it forces all traffic through an L2TP, which to me seems like it would introduce some latency.

If so, why does it say recommended for "VOIP and PDA devices"?

Thanks,
Bob
Photo of Bob Williamson

Bob Williamson

  • 21 Posts
  • 2 Reply Likes

Posted 3 years ago

  • 2
Photo of Jelle Alten

Jelle Alten

  • 60 Posts
  • 12 Reply Likes
Tunnel mode encapsulates traffic on the WLAN and tunnels it to the ZD, avoiding disruptions to delay-sensitive operations like VOIP. Especially with inter-subnet roaming. So even when changing subnets, the devices in the tunneled WLAN wil stay on the network that the ZD is connected to.
Photo of Bill Burns

Bill Burns, AlphaDog

  • 203 Posts
  • 38 Reply Likes
I don't know why tunnel mode would be recommended for VoIP or PDA devices.
(though I'll trust what Jelle has to say)

By default, Ruckus APs bridge wifi traffic directly to the local wired ethernet connection.
Tunnel mode is useful when you want your wifi traffic on a VLAN that isn't (or can't be) carried on the ethernet cable where your AP is connected.

This is common in remote locations or other situations where you want a common wifi SSID/VLAN/Subnet even though your wifi traffic is carried over a routed infrastructure.
Photo of Bob Williamson

Bob Williamson

  • 21 Posts
  • 2 Reply Likes
Agreed, seems weird to me as well. The one time I used it was when I installed a new switch and did not setup the necessary vlan tags on the ports (we have different vlans for different SSIDs). Worked great for that.

I think from his explanation the inter-subnet roaming is the most important.

Bob
Photo of Jelle Alten

Jelle Alten

  • 60 Posts
  • 12 Reply Likes
There is a nice side effect: I have a ZD at my office that also controls AP's on different sites. I made one hidden SSID named "tunnel" that and have that one tunnel to the ZD. Whenever I connect to that wlan, it is as if I have a VPN connection to my office.
I turned on the encryption for tunneling, of course. So every AP can VPN bridge to the ZD, but on a lower level than normal VPN bridges. The ip ranges don't even need to be different, because it is tunneling on a lower level. Nice.