Seamless Roaming Checklist
For seamless wireless client roaming and handoff following items must be ensured:
- Sufficient coverage cell overlap, i.e. the worst client should hear an AP at least at -67dBm.
- Key Caching must be enabled on the WLAN for secure fast roaming. OKC and PMK caching is enabled by default. It is recommended to enable 802.11r (fast-bss-transition) when clients support it.
- WNMP roaming notifications are responsible for updating wired infrastructure MAC address tables, as well as key cache exchange between the Access Points. It is important to ensure that:
For locally bridged WLANs:
DST MAC 01:A0:F8:F0:F0:04 (WNMP roam notification) is allowed on the wired switches for all user VLANs, at least on the switchports going out to the APs.
For tunneled VLANs:
DST MAC 01:A0:F8:F0:F0:04 (WNMP roam notification) is allowed on the wired switches for all user VLANs, on the switchports going out to the controllers.
In case with MiNT level 2 tunneling and controller-managed RF Domains in a campus deployment “mint inter-tunnel-bridging” should be enabled only on the controller side to allow passing WNMP roam notifications between multiple MiNT tunnels. It must not be enabled in NOC deployments.
In case with L2TPv3 tunnels from every AP back to the controllers, “l2tpv3 inter-tunnel-bridging” must be enabled on the controller side to allow passing of WNMP messages. It is not required when each remote site is tunneling via an RF Domain Manager.
- Wireless Firewall is enabled for client session migration to work. Additionally, for this feature to work Access Points must be able to discover each other over MiNT either at level 1 or level 2.