Bingo600 typically after the radio de-modulates the radio packet it then strips off the 802.11 header and sends it out on the erthernet interface, no vlan's or sub-netting required as all components in this scenario share the same sub-net. Only if you have multiple WLAN’s mapped to various vlan's (ethernet sub-interfaces) will the AP even add any .1q data to the 802.3 frame.
I agree.
But how many people , not knowing the difference between layer2/layer3 , has ever heard of (ethernet sub-interfaces)
Thats why i chose a "Box" the OP might have seen.
That’s why typically in say a Cisco environment you config a BVI interface and not the radio or Ethernet port for layer 3 so the AP will do nothing but strip off the 802.11 header and sent it on the wire.
Welll .....
In a simple Cisco config (aka. single SSID) you are prob correct , all you need to configre the BVI , and map it to/on the FE.
This also applies to most multi-"home" SSID installations i have met , where the users have a "private ssid" , and a "guest ssid". The meaning of that setup was to to be able to set/change the guest WPA static key (for guests), without having to change the key on all their own pc's. Not to separate the traffic.
In corp. i have normally always seen a 1:1 mapping between SSID & a different vlan on the "wire".
I know my security depp would get a fit if , i FSCK'ed up the ssid->vlan mapping , or even worse forgot it.
And the 802.11 packets ended up in "Native vlan"
And in our setup Cisco-lwapp's with 5500 controllers , the wireless data tunneled home via capwap.
And all your WiFi-Clients appear as if they were connected directly to/on the 5500 Controller.
As yoou prob. know , that makes seamless roaming between ap's easy. As the controller automatically (gre)tunnels the enduser's WiFi connection to(via) the ap he's connected to.
btw while I know what a wrt45g is I can’t speak about it technically as the only WLAN gear I see is real IT gear, Moto Cisco Aruba whatever?
I have been writing/modifying DD-WRT to suit my own needs , and thats why i suggested the wrt54g example.
As the wrt54g behaves excactly as i describe above.
You could even make a 5-port/IF firewall from it , as each of the 4 "inside switchports" are vlan mappable , and therefore can be. a new/different layer3 IF.
Edit:
Would you care to explain why a wrt54g isn't real IT Gear ?
The wrt54G is an excellent box (allthough it maxes out when routing/forwarding approx 26Mb)
I can't seem to understand why a user should use a $1000 Cisco-1142 , if a $60 Linksys fits the bill.
/Bingo