beautypg.com

Creating ip tunnels – Allied Telesis AT-WA7500 User Manual

Page 117

background image

AT-WA7500 User’s Guide

117

IP tunnels use encapsulation to establish a virtual LAN segment through
IP routers. The virtual LAN segment includes the root IP subnet and
logically extends to include end devices attached to access points on
remote IP subnets. IP tunnels are branches in the spanning tree
topology.

Any access point on a secondary LAN that can receive IP hello messages
can be the endpoint of an IP tunnel. Usually, the access point that is the
endpoint of an IP tunnel is also the designated bridge. After an IP tunnel
is formed between the root access point and an access point on a
remote IP subnet, end devices can roam to the remote IP subnet. End
devices must have an IP address from the root IP subnet. However, there
are no address restrictions for non-IP end devices. When end devices
roam to the remote IP subnet, their data is IP tunneled back to the root IP
subnet (where it belongs) and everything works properly.

If you have a DHCP server in your network, it must be on the root IP
subnet. All access points on secondary LANs must have permanent IP
addresses. On the root access point, you must allow IP multicast frames
to pass.

When an access point at the endpoint of the IP tunnel receives data from
an end device, it uses a standard IP protocol called Generic Router
Encapsulation (GRE) to encapsulate the data into a frame. These
encapsulated IP/GRE frames use normal IP routing to pass through IP
routers to the root access point. The root access point unencapsulates
the frame and forwards it to the host. When the root access point
receives data on the Ethernet network for an end device that is
communicating on a remote IP subnet, it reverses this process.

Creating IP

Tunnels

An IP tunnel is established when an access point on a remote IP subnet
attaches to the root access point through its IP tunnel port. The number
of IP tunnels the root access point can originate is practically unlimited.
However, currently the IP address list can only contain eight entries,
which effectively limits the number of tunnels that can be created if you
want to use unicast and directed broadcast IP addresses.

The IP address list can contain any combination of IP unicast, IP
broadcast, or IP multicast addresses:

‰ Only one IP tunnel can be created for each IP unicast address in

the list.

‰ One IP directed broadcast address can be used to create a

practically unlimited number of tunnels to a single remote IP
subnet. (An IP directed broadcast address is typically used to
specify all hosts on a single remote subnet.)

See also other documents in the category Allied Telesis Computer hardware: