Wireless Intracontroller Roaming

Wireless access points are bound to a wireless controller in a Cisco wireless network.

When a client roams between access points in a Cisco wireless controller network, it is not the access point that handles the roaming but the controller due to it’s split-MAC architecture.

In a Cisco controller network not much changes when the client roams to another access point – the wireless controller simply updates its client to access point mapping table in a process called Intracontroller Roaming. Keeping the mapping table updated ensures the controller knows the correct CAPWAP tunnel to use to reach the client, and the process takes less than 10 milliseconds.

A quick roam between access points is essential for real time devices like phones and video conferencing devices.

During this roam there may be a couple of other processes that occur, DHCP operations or client authentication operations.

The client may be simply programmed to request or renew an IP address when it roams.

The controller may be programmed to reauthenticate clients when they connect to a wireless network using a technology like 802.1x

Reauthenticating a client may take a fair bit of time, so there are three technologies on Cisco wireless controllers that help improve and speed up the process:

Cisco Centralised Key Management

Cisco Centralised Key Management, CCKM, allows a controller to keep a central database of clients and keys on behalf of its access points. It can provide this central database to other wireless controllers and their access points as the client roams. Cisco Centralised Key Management requires the extension Cisco Compatible Extensions (CCX) to be supported on client devices.

Key Caching

The client has cache keys it had used previously with other access points associations and reuse them as it roams to a new access point. The access point that is roaming to must already be cached in this list. The list can contain up to eight entries.


802.11r allows fast roaming or fast BSS transitions. The client caches a portion of the authentication servers key and present it to future access points as it roams. The client maintains its quality of service parameters as it roams.



, ,




Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.