Once the lightweight Cisco access point starts up, it operates in a number of different states before it becomes a functional basic service set (BSS).
Each of these possible states are defined as part of the Control and Provisioning of Wireless Access Points (CAPWAP) specification in a process called a state machine.
Access Point Boots
Once power is applied to the wireless access point, it boots a small IOS image so it can work through the rest of the states and communication over a network connection.
The access point receives an IP address from DHCP or a static configuration so it can communication over the network connection.
Wireless LAN Controller Discovery
The access point goes through steps to try find one or more wireless controllers that it can join.
The access point will try to build a CAPWAP tunnel with one or more controllers that were discovered in the last step. The tunnel will use Datagram Transport Layer Security (DTLS) for any further access point to wireless LAN controller control messages. A series of digital certificates are used to authenticate the access point to the wireless LAN controller, and from the wireless LAN controller to the access point.
Wireless LAN Controller Join
The access point will select a Wireless LAN controller from a list of discovered controllers and send a CAPWAP join request to it. The Wireless LAN controller will respond with a CAPWAP Join response message.
Download Software Image
The wireless LAN controller will tell the access point of the required software release. If the access points own software image is different to that sent by the wireless LAN controller, it will download the matching image and reboot to apply that new image.
If there a number of lightweight access points connected to the network that require the software image to change; this may take a while as they all need to fetch their software file from the WLC. This can occur in a software upgrade of the Wireless LAN controller for example.
The software upgrade can be preloaded to access points if it has been preloaded already on the wireless LAN controller (and is pending a reboot) to minimise downtime
The access point will download configuration parameters from the wireless LAN controller and update existing settings with the new settings sent by the controller.
With the access point fully initialised, the wireless LAN controller will place it in the run state. The access point and wireless LAN controller can provide a basic service set – BSS – and start accepting wireless clients
If the wireless LAN controller requests a reset to the access point, it will close any existing sessions with wireless clients and reboot, starting the state machine process again.