Wireless architectures remain diverse

Although wireless LAN systems with voice support have been available for nearly two years, this is still an emerging market. As in our previous test of WLAN switches, there are huge differences in architectures and features.

The Aruba, Chantry and Cisco products are "wireless LAN switches." User authentication and spectrum management decisions are made by a wired Ethernet switch (the brains, handling user authentication and radio frequency management), not the access points. The switch not only controls access to the wired network, but also dynamically adjusts wireless radio signal strength in response to changes in the RF environment.

Cisco's Wireless LAN Services Module (WLSM) blade for the Catalyst 6500 switch is essentially a WLAN switch within a switch. It offers the same access control as the Aruba and Chantry devices, plus switching, routing, security and content management functions from other Catalyst blades. Not surprising, the WLSM is also stronger on IP routing support than the other entrants. While Chantry supports Open Shortest Path First and Colubris supports Routing Information Protocol, the Cisco offering supports virtually every major routing protocol available.

The Colubris CN1250 is a stand-alone access point with VPN features. Multiple CN1250s can be monitored and configured through the vendor's management software (not supplied for our test; instead, we configured each access point through its Web user interface). Colubris relies on third-party switches or routers to attach to the wired network.

None of the switches tested require direct attachment to its access points. A company can use one WLAN switch to manage dozens, or even hundreds, of access points scattered throughout the corporation, including at different physical locations. Aruba claims support for 50 access points on its A2400 switch (and 256 access points on the larger A5000, not tested). Chantry claims support for up to 200 access points, and Cisco claims support for up to 300 access points with a single WLSM blade.

The biggest architectural difference was in the methods used to shuttle traffic between access points and switches. Aruba and Cisco products set up Generic Routing Encapsulation tunnels between the access points and switches, but each system uses different structures within the GRE tunnel. For example, a protocol analyzer that decodes Aruba's traffic will not read Cisco's traffic. Chantry's BeaconMaster encapsulates traffic using IP-in-IP encapsulation. The Colubris CN1250, because it is a stand-alone access point, does not encapsulate traffic.

The varying transport methods raise interoperability and performance issues. Aruba and Chantry say their switches interoperate with third-party access points, but they may not offer all the same features as their own gear. Also, encapsulation adds some overhead, which reduces performance and may introduce packet fragmentation. But encapsulation can be very useful to manage client roaming because it lets clients keep the same credentials and IP address as clients move from one access point to another.