某客戶因辦公區域改造，部分線路需要拆除，但是WIFI覆蓋又不能少，否則就沒辦法辦公了，原來每個無線AP都是有網線連接到交換機的，現在有部分AP要改為通過MESH鏈路連接到網絡，好在距離不是很遠，采用MESH組網技術，擴展WIFI覆蓋范圍，問題不大。

現場簡圖如下所示，繪畫水平極度有限，將就看吧。

AP1-4原來都是接入到SW1，從圖片可以看到，AP3和4已經沒有網線了，所以需要重新配置——將使用雙MPP Mesh組網，使AP3和4通過Mesh鏈路無線接入AP1和AP2，從而擴大AP1、2的覆蓋范圍。

配置思路：

1、配置網絡互通，AP1和AP2配置為MPP節點，通過有線的方式在AC上線；

2、配置Mesh業務，AP3和4配置為MP節點，通過無線Mesh鏈路在AC上線。

前期工作：

1、 簡易拓撲圖

開始工作之前，弄個簡易拓撲圖，便于接線以及后期配置，上圖雖然看著草率，卻已經是后補的了，現場就是借個鉛筆畫畫，更亂。

2、 預定義參數

同理，一些配置參數，也要提前定義好，免得配置過程中，記混寫錯。

配置步驟：

1、 配AC與AP1、AP2之間網絡互通；

配置接入交換機SW1。將SW1的接口GE0/0/1、GE0/0/2加入VLAN100（管理VLAN），且其PVID為VLAN100。同時配置接口GE0/0/1、GE0/0/2和GE0/0/3允許攜帶VLAN100報文通過。

system-view

[HUAWEI] sysname SW1

[SW1] vlan batch 100

[SW1] interface gigabitEthernet 0/0/1

[SW1-GigabitEthernet0/0/1] port link-type trunk

[SW1-GigabitEthernet0/0/1] port trunk pvid vlan 100

[SW1-GigabitEthernet0/0/1] port trunk allow-pass vlan 100

[SW1-GigabitEthernet0/0/1] port-isolate enable

[SW1-GigabitEthernet0/0/1] quit

[SW1] interface gigabitEthernet 0/0/2

[SW1-GigabitEthernet0/0/2] port link-type trunk

[SW1-GigabitEthernet0/0/2] port trunk pvid vlan 100

[SW1-GigabitEthernet0/0/2] port trunk allow-pass vlan 100

[SW1-GigabitEthernet0/0/2] port-isolate enable

[SW1-GigabitEthernet0/0/2] quit

[SW1] interface gigabitEthernet 0/0/3

[SW1-GigabitEthernet0/0/3] port link-type trunk

[SW1-GigabitEthernet0/0/3] port trunk allow-pass vlan 100

[SW1-GigabitEthernet0/0/3] quit

配置匯聚交換機SW2。配置接口GE0/0/1允許攜帶VLAN100的報文通過，GE0/0/2允許攜帶VLAN100的報文通過。

system-view

[HUAWEI] sysname SW2

[SW2] vlan batch 100

[SW2] interface gigabitEthernet 0/0/1

[SW2-GigabitEthernet0/0/1] port link-type trunk

[SW2-GigabitEthernet0/0/1] port trunk allow-pass vlan 100

[SW2-GigabitEthernet0/0/1] quit

[SW2] interface gigabitEthernet 0/0/2

[SW2-GigabitEthernet0/0/2] port link-type trunk

[SW2-GigabitEthernet0/0/2] port trunk allow-pass vlan 100

[SW2-GigabitEthernet0/0/2] quit

配置AC連接匯聚交換機的接口GE1/0/1允許攜帶VLAN100的報文通過。

system-view

[HUAWEI] sysname AC

[AC] vlan batch 100

[AC] interface gigabitEthernet 1/0/1

[AC-GigabitEthernet1/0/1] port link-type trunk

[AC-GigabitEthernet1/0/1] port trunk allow-pass vlan 100

[AC-GigabitEthernet1/0/1] quit

2、 配置AC的DHCP功能，為AP分配IP地址；

[AC] wlan

[AC-wlan-view] ap-group name mesh-mpp

[AC-wlan-ap-group-mesh-mpp] quit

[AC-wlan-view] ap-group name mesh-mp

[AC-wlan-ap-group-mesh-mp] quit

3、配置AP組、國家碼和AC的源接口

創建MPP的AP組和MP的AP組，用于將相同配置的AP都加入同一AP組中。

[AC] wlan

[AC-wlan-view] ap-group name mesh-mpp

[AC-wlan-ap-group-mesh-mpp] quit

[AC-wlan-view] ap-group name mesh-mp

[AC-wlan-ap-group-mesh-mp] quit

創建域管理模板，在域管理模板下配置AC的國家碼并在AP組下引用域管理模板。

[AC-wlan-view] regulatory-domain-profile name domain1

[AC-wlan-regulate-domain-domain1] country-code cn

[AC-wlan-regulate-domain-domain1] quit

[AC-wlan-view] ap-group name mesh-mpp

[AC-wlan-ap-group-mesh-mpp] regulatory-domain-profile domain1

Warning: This configuration change will clear the channel and power configurations of radios, and may restart APs. Continue?[Y/N]:y

[AC-wlan-ap-group-mesh-mpp] quit

[AC-wlan-view] ap-group name mesh-mp

[AC-wlan-ap-group-mesh-mp] regulatory-domain-profile domain1

Warning: This configuration change will clear the channel and power configurations of radios, and may restart APs. Continue?[Y/N]:y

[AC-wlan-ap-group-mesh-mp] quit

[AC-wlan-view] quit

配置AC的源接口。

[AC] capwap source interface vlanif 100

將AP1、AP2加入到AP組“mesh-mpp”中，將AP3、AP4加入到AP組“mesh-mp”中。

[AC] wlan

[AC-wlan-view] ap auth-mode mac-auth

[AC-wlan-view] ap-id 1 ap-mac 00e0-fc00-9601

[AC-wlan-ap-1] ap-name AP1

[AC-wlan-ap-1] ap-group mesh-mpp

Warning: This operation may cause AP reset. If the country code changes, it will clear channel, power and antenna gain configuration s of the radio, Whether to continue? [Y/N]:y

[AC-wlan-ap-1] quit

[AC-wlan-view] ap-id 2 ap-mac 00e0-fc00-9602

[AC-wlan-ap-2] ap-name AP2

[AC-wlan-ap-2] ap-group mesh-mpp

Warning: This operation may cause AP reset. If the country code changes, it will clear channel, power and antenna gain configuration s of the radio, Whether to continue? [Y/N]:y

[AC-wlan-ap-2] quit

[AC-wlan-view] ap-id 3 ap-mac 00e0-fc00-9603

[AC-wlan-ap-3] ap-name AP3

[AC-wlan-ap-3] ap-group mesh-mp

Warning: This operation may cause AP reset. If the country code changes, it will clear channel, power and antenna gain configuration s of the radio, Whether to continue? [Y/N]:y

[AC-wlan-ap-3] quit

[AC-wlan-view] ap-id 4 ap-mac 00e0-fc00-9604

[AC-wlan-ap-4] ap-name AP4

[AC-wlan-ap-4] ap-group mesh-mp

Warning: This operation may cause AP reset. If the country code changes, it will clear channel, power and antenna gain configuration s of the radio, Whether to continue? [Y/N]:y

[AC-wlan-ap-4] quit

4、配置Mesh業務參數

配置Mesh節點使用的主要射頻參數。

[AC-wlan-view] ap-group name mesh-mpp

[AC-wlan-ap-group-mesh-mpp] radio 1

[AC-wlan-group-radio-mesh-mpp/1] channel 40mhz-plus 157

Warning: This action may cause service interruption. Continue?[Y/N]y

[AC-wlan-group-radio-mesh-mpp/1] coverage distance 3

[AC-wlan-group-radio-mesh-mpp/1] quit

[AC-wlan-ap-group-mesh-mpp] quit

[AC-wlan-view] ap-group name mesh-mp

[AC-wlan-ap-group-mesh-mp] radio 1

[AC-wlan-group-radio-mesh-mp/1] channel 40mhz-plus 157

Warning: This action may cause service interruption. Continue?[Y/N]y

[AC-wlan-group-radio-mesh-mp/1] coverage distance 3

[AC-wlan-group-radio-mesh-mp/1] quit

[AC-wlan-ap-group-mesh-mp] quit

配置AP有線口參數。本例中假設Mesh承載的業務VLAN為VLAN101，則需配置Mesh各節點的有線口以tagged形式加入VLAN101。

[AC-wlan-view] wired-port-profile name wired-port

[AC-wlan-wired-port-wired-port] vlan tagged 101

[AC-wlan-wired-port-wired-port] quit

配置Mesh鏈路使用的安全模板“mesh-sec”，Mesh僅支持WPA2+PSK+AES的安全策略。

[AC-wlan-view] security-profile name mesh-sec

[AC-wlan-sec-prof-mesh-sec] security wpa2 psk pass-phrase YsHsjx_202206 aes

[AC-wlan-sec-prof-mesh-sec] quit

配置Mesh白名單。

[AC-wlan-view] mesh-whitelist-profile name mesh-list

[AC-wlan-mesh-whitelist-mesh-list] peer-ap mac 00e0-fc00-9601

[AC-wlan-mesh-whitelist-mesh-list] peer-ap mac 00e0-fc00-9602

[AC-wlan-mesh-whitelist-mesh-list] peer-ap mac 00e0-fc00-9603

[AC-wlan-mesh-whitelist-mesh-list] peer-ap mac 00e0-fc00-9604

[AC-wlan-mesh-whitelist-mesh-list] quit

配置Mesh角色。配置AP1、AP2的Mesh角色為“mesh-portal”，缺省情況下Mesh角色為“mesh-node”，所以AP3、AP4可以使用默認配置。Mesh角色是通過AP系統模板配置的。

[AC-wlan-view] ap-system-profile name mesh-sys

[AC-wlan-ap-system-prof-mesh-sys] mesh-role mesh-portal

[AC-wlan-ap-system-prof-mesh-sys] quit

配置Mesh模板。配置Mesh網絡的ID為“mesh-net”，Mesh鏈路老化時間為30秒，并引用安全模板和Mesh白名單。

[AC-wlan-view] mesh-profile name mesh-net

[AC-wlan-mesh-prof-mesh-net] mesh-id mesh-net

[AC-wlan-mesh-prof-mesh-net] link-aging-time 30

[AC-wlan-mesh-prof-mesh-net] security-profile mesh-sec

[AC-wlan-mesh-prof-mesh-net] quit

配置AP射頻引用Mesh白名單模板。

[AC-wlan-view] ap-group name mesh-mpp

[AC-wlan-ap-group-mesh-mpp] radio 1

[AC-wlan-group-radio-mesh-mpp/1] mesh-whitelist-profile mesh-list

[AC-wlan-group-radio-mesh-mpp/1] quit

[AC-wlan-ap-group-mesh-mpp] quit

[AC-wlan-view] ap-group name mesh-mp

[AC-wlan-ap-group-mesh-mp] radio 1

[AC-wlan-group-radio-mesh-mp/1] mesh-whitelist-profile mesh-list

[AC-wlan-group-radio-mesh-mp/1] quit

[AC-wlan-ap-group-mesh-mp] quit

5、在AP組引用相關模板，使Mesh業務生效

配置AP組“mesh-mpp”和“mesh-mp”分別引用有線口模板“wired-port”，使AP的有線口參數在Mesh各節點上生效。本例假設AP均用GE0接口與SW1相連。

[AC-wlan-view] ap-group name mesh-mpp

[AC-wlan-ap-group-mesh-mpp] wired-port-profile wired-port gigabitethernet 0

[AC-wlan-ap-group-mesh-mpp] quit

[AC-wlan-view] ap-group name mesh-mp

[AC-wlan-ap-group-mesh-mp] wired-port-profile wired-port gigabitethernet 0

[AC-wlan-ap-group-mesh-mp] quit

配置AP組“mesh-mpp”引用AP系統模板“mesh-sys”，使MPP角色在AP1、AP2上生效。

[AC-wlan-view] ap-group name mesh-mpp

[AC-wlan-ap-group-mesh-mpp] ap-system-profile mesh-sys

[AC-wlan-ap-group-mesh-mpp] quit

配置AP組“mesh-mpp”和“mesh-mp”分別引用Mesh模板“mesh-net”，使Mesh業務生效。

[AC-wlan-view] ap-group name mesh-mpp

[AC-wlan-ap-group-mesh-mpp] mesh-profile mesh-net radio 1

[AC-wlan-ap-group-mesh-mpp] quit

[AC-wlan-view] ap-group name mesh-mp

[AC-wlan-ap-group-mesh-mp] mesh-profile mesh-net radio 1

[AC-wlan-ap-group-mesh-mp] quit

6、驗證Mesh業務配置結果

完成配置后，執行命令display ap all，查看Mesh各節點是否成功上線，當“State”字段顯示為“nor”，則表示AP已成功上線。

雙MPP的Mesh業務生效后，執行命令display wlan mesh link all，查看Mesh鏈路相關信息，

執行命令display wlan mesh route all，查看當前Mesh網絡的Mesh路由。

雙MPP Mesh組網還有個功能點：當AP2與AC間的鏈路出現了故障，AP2可以自動轉換為MP，通過Mesh鏈路上線，AP1同理。