We are working on blocking communication within the same VLAN, so two hosts on the same VLAN will not be able to communicate with each other.
We have many access points (APs) on a single VLAN. Do the APs need to communicate with each other(layer2)? If so, for what purpose?
Can someone confirm?
I think they should on the management vlan. For example for client balancing.
https://documentation.meraki.com/MR/Other_Topics/Client_Balancing
For wireless you could just set Layer2 isolation on a ssid
https://documentation.meraki.com/MR/Firewall_and_Traffic_Shaping/Wireless_Client_Isolation
Yes I can do that but I want to understand what are the use cases where APs needs to communicate with each other on layer 2.
Like do they need to communicate for RF changes, client roaming, broadcast, multicast etc? That's what I am trying to understand.
Open a support case.
LOL what a helpful response. Support is going to say we are break-fix so reach out to your SE.
Well looks like time to post on Reddit wireless group.
APs on the same VLAN do not necessarily need to communicate with each other directly. Each AP communicates with the devices connected to it and forwards that traffic to the network’s router or switch. The router or switch then handles the distribution of traffic to other APs or devices on the network.
Thanks.
What about client roaming like using fast-roaming 802.11r. When a client moves from AP1 to AP2, how do Aps handoff the info such as authentication etc ? Does this happens just over the Air without needing to traverse the switch they are connected to?
How do APs create a Mesh? Does it happen over the Air or Layer 2 communication via switch.
I need to understand if this happens directly over the Air or the frame comes into the switch they are connected and then goes out to another AP.
I really recommend that you read this document, it's a good read and will save me time explaining.
https://www.cisco.com/c/dam/en/us/td/docs/wireless/controller/technotes/80211r-ft/b-80211r-dg.html
https://documentation.meraki.com/MR/Wi-Fi_Basics_and_Best_Practices/Wireless_Mesh_Networking
APs on the same VLAN exchanging client roaming information with each other. I think it is done using multicast (not sure).
Also if you are using the L3 roaming mode they forward the packets between APs using unicast.