Access point profile for a mesh access point in a wireless mesh network
First Claim
Patent Images
1. A method comprising:
- (A) receiving in a mesh access point one or more advertisements from one or more potential parent mesh access points of at least one wireless mesh network, each mesh network having a mesh network identifier and controlled by a mesh network controller, each advertisement including the mesh network identifier; and
wherein the access point includes non-volatile memory in which an access point profile data structure is stored, the access point profile data structure being pre-configured, prior to joining any wireless mesh network, with a plurality of sub-profiles, such that the mesh access point is able to join a mesh network controlled by a controller using information in the pre-defined sub-profiles, the pre-defined sub-profiles including two or more of;
a security sub-profile data structure including at least one parameter that provides security information related to the mesh access point, the at least one parameter in the security sub-profile data structure including an indication of whether or not mutual authentication is required, and in the case the indication is that mutual authentication is required, credential information to use in mutual authentication,one or more initial radio parameters to use,a quality of service (QoS) sub-profile that includes one or more entries for describing one or more QoS capabilities and/or QoS requirements of the mesh access point,a mobility profile that includes one or more entries defining mobility policies,a management sub-profile including one or more entries for one or more of;
what versions of simple network management protocol (SNMP) are supported, diagnostic and/or troubleshooting policies, whether remote login is supported, whether console support is enabled, whether remote power cycling is enabled, whether active probing is enabled, and whether passive probing is enabled, andan additional sub-profile including one or more entries to indicate one or more of what mesh role or roles and what access point role or roles the mesh access point can undertake,the method further comprising;
(B) selecting by the mesh access point a particular wireless mesh network controlled by a particular controller, and a particular parent mesh access point of the particular wireless mesh network, the selecting using one or more parameters stored in the access point profile,(C) setting up a physical radio link with a particular parent mesh access point as a child mesh access point;
(D) requesting association with the particular parent mesh access point as a potential child mesh access point of the particular parent mesh access point, the requesting using one or more parameters in the access point profile data structure, including one or more parameters in the security sub-profile data structure;
(E) receiving a response to the association request; and
(F) in the case that the received response is positive, using one or more policies stored in the access point profile data structure to join the particular wireless mesh network via the particular parent mesh access point; and
after joining the particular mesh network, transmitting from the mesh access point advertisements to indicate the mesh access point'"'"'s access point capabilities,wherein in the case the indication is that mutual authentication is required, the using one or more policies to join includes mutual authenticating with the mesh access point as supplicant, starting with credential information stored in the security sub-profile of the access point profile data structure.
1 Assignment
0 Petitions
Accused Products
Abstract
A mesh access point that includes an access point profile storing one ore more parameters in non-volatile memory, and a method of using the mesh access point having the access point profile to select and carry out mutual authentication on a wireless mesh network to establish itself to the mesh network using information in the access point profile, and further to provide services to wireless clients according to information in the access point profile. Access point profiles can be pre-configured/configured/updated suitably in order to adapt the mesh access point in a mesh network according to its capabilities and requirements.
298 Citations
29 Claims
-
1. A method comprising:
-
(A) receiving in a mesh access point one or more advertisements from one or more potential parent mesh access points of at least one wireless mesh network, each mesh network having a mesh network identifier and controlled by a mesh network controller, each advertisement including the mesh network identifier; and wherein the access point includes non-volatile memory in which an access point profile data structure is stored, the access point profile data structure being pre-configured, prior to joining any wireless mesh network, with a plurality of sub-profiles, such that the mesh access point is able to join a mesh network controlled by a controller using information in the pre-defined sub-profiles, the pre-defined sub-profiles including two or more of; a security sub-profile data structure including at least one parameter that provides security information related to the mesh access point, the at least one parameter in the security sub-profile data structure including an indication of whether or not mutual authentication is required, and in the case the indication is that mutual authentication is required, credential information to use in mutual authentication, one or more initial radio parameters to use, a quality of service (QoS) sub-profile that includes one or more entries for describing one or more QoS capabilities and/or QoS requirements of the mesh access point, a mobility profile that includes one or more entries defining mobility policies, a management sub-profile including one or more entries for one or more of;
what versions of simple network management protocol (SNMP) are supported, diagnostic and/or troubleshooting policies, whether remote login is supported, whether console support is enabled, whether remote power cycling is enabled, whether active probing is enabled, and whether passive probing is enabled, andan additional sub-profile including one or more entries to indicate one or more of what mesh role or roles and what access point role or roles the mesh access point can undertake, the method further comprising; (B) selecting by the mesh access point a particular wireless mesh network controlled by a particular controller, and a particular parent mesh access point of the particular wireless mesh network, the selecting using one or more parameters stored in the access point profile, (C) setting up a physical radio link with a particular parent mesh access point as a child mesh access point; (D) requesting association with the particular parent mesh access point as a potential child mesh access point of the particular parent mesh access point, the requesting using one or more parameters in the access point profile data structure, including one or more parameters in the security sub-profile data structure; (E) receiving a response to the association request; and (F) in the case that the received response is positive, using one or more policies stored in the access point profile data structure to join the particular wireless mesh network via the particular parent mesh access point; and
after joining the particular mesh network, transmitting from the mesh access point advertisements to indicate the mesh access point'"'"'s access point capabilities,wherein in the case the indication is that mutual authentication is required, the using one or more policies to join includes mutual authenticating with the mesh access point as supplicant, starting with credential information stored in the security sub-profile of the access point profile data structure. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method comprising:
-
transmitting in a mesh access point of a wireless mesh network one or more advertisements for potential child mesh access points, the mesh network having a mesh network identifier and controlled by a mesh network controller, each advertisement including the mesh network identifier and one or more parameters determined from content stored in an access point profile data structure stored in non-volatile memory included in the mesh access point, the access point profile data structure being pre-configured prior to joining any mesh network with a plurality of sub-profiles, such that the mesh access point is able to join a mesh network controlled by a controller using information in the pre-defined sub-profiles, the pre-defined sub-profiles including two or more of; a security sub-profile data structure including at least one parameter that provides security information related to the mesh access point, the at least one parameter in the security sub-profile data structure including an indication of whether or not mutual authentication is required, and in the case the indication is that mutual authentication is required, credential information to use in mutual authentication, one or more initial radio parameters to use, a quality of service (QoS) sub-profile that includes one or more entries for describing one or more QoS capabilities and/or QoS requirements of the mesh access point, a mobility profile that includes one or more entries defining mobility policies, a management sub-profile including one or more entries for one or more of;
what versions of simple network management protocol (SNMP) are supported, diagnostic and/or troubleshooting policies, whether remote login is supported, whether console support is enabled, whether remote power cycling is enabled, whether active probing is enabled, and whether passive probing is enabled, andan additional sub-profile including one or more entries to indicate one or more of what mesh role or roles and what access point role or roles the mesh access point can undertake; setting up a physical radio link with a particular child mesh access point as a result of the particular child mesh access point receiving one of the advertisements; receiving an association request from the particular child mesh access point as a potential child mesh access point of the mesh access point, ascertaining, using one or more parameters stored in the access point profile data structure whether or not the child mesh access point can and should join the mesh network with the mesh access point being the parent mesh access point of the particular child mesh access point; and sending a response to the association request, wherein the mesh access point is a lightweight mesh access point having a secure tunnel with a controller and whose access point functionality is controlled by the controller, the secure tunnel using a pre-defined lightweight access point protocol, and wherein the method further comprises; in the case the mesh access point ascertains that the child mesh access point can join the mesh network, sending a controller association request to the controller and receiving a controller response to the controller association request as a result of the controller ascertaining whether or not the child mesh access point can join the mesh network; in the case that the response is positive, mutually authenticating with the particular child mesh access point, starting with the child mesh access point as supplicant and the controller as authenticator.
-
-
16. An apparatus comprising:
-
at least a backhaul radio interface; a control processor coupled to the backhaul radio interface operative with the radio interface to connect as a mesh access point to one or more mesh nodes to form a wireless mesh network; a non-volatile memory coupled to or residing in the control processor, and usable by the control processor, the non volatile memory configured with an access point profile data structure configured to store one or more parameters, the access point profile data structure pre-configured, prior to the apparatus joining any wireless mesh network as a mesh access point, with a plurality of sub-profiles, such that the apparatus is able to join a mesh network controlled by a controller using information in the pre-defined sub-profiles, the pre-defined sub-profiles including two or more of; a security sub-profile data structure that provides security information usable by the processor to authenticate the apparatus in the process of joining a particular mesh network as a mesh access point that is a child mesh access point to a particular parent mesh access point, the security sub-profile data structure including at least one parameter comprising an indication of whether or not mutual authentication is required, and in the case the indication is that mutual authentication is required, credential information to use in mutual authentication, one or more initial radio parameters to use, a quality of service (QoS) sub-profile that includes one or more entries for describing one or more QoS capabilities and/or QoS requirements of the mesh access point, a mobility profile that includes one or more entries defining mobility policies, a management sub-profile including one or more entries for one or more of;
what versions of simple network management protocol (SNMP) are supported, diagnostic and/or troubleshooting policies, whether remote login is supported, whether console support is enabled, whether remote power cycling is enabled, whether active probing is enabled, and whether passive probing is enabled, andan additional sub-profile including one or more entries to indicate one or more of what mesh role or roles and what access point role or roles the mesh access point can undertake; wherein the control processor is configured to select a particular wireless mesh network controlled by a particular controller, and a particular parent mesh access point of the particular wireless mesh network, the selecting using one or more parameters stored in the access point profile, set up a physical radio link with a particular parent mesh access point as a child mesh access point; request association with the particular parent mesh access point as a potential child mesh access point of the particular parent mesh access point, the requesting association using one or more parameters in the access point profile data structure, including one or more parameters in the security sub-profile data structure; receive a response to the association request; and in the case that the received response is positive, use one or more policies stored in the access point profile data structure to join the particular wireless mesh network via the particular parent mesh access point; and
after joining the particular mesh network, wirelessly transmit advertisements to indicate the apparatus'"'"'s access point capabilities,wherein in the case the indication is that mutual authentication is required, the using one or more policies to join includes mutual authenticating with the apparatus as supplicant, starting with credential information stored in the security sub-profile of the access point profile data structure. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A tangible computer-readable storage medium on which is encoded logic for execution and when executed configured to:
-
receive in a mesh access point one or more advertisements from one or more potential parent mesh access points of at least one wireless mesh network, each mesh network having a mesh network identifier and being controlled by a mesh network controller, each advertisement including the mesh network identifier; wherein the computer-readable storage medium further comprises non-volatile memory in which an access point profile data structure is stored, the access point profile data structure being pre-configured, prior to joining any wireless mesh network, with a plurality of sub-profiles, such that the mesh access point is able to join a mesh network controlled by a controller using information in the pre-defined sub-profiles, the pre-defined sub-profiles including two or more of; a security sub-profile data structure including at least one parameter that provides security information related to the mesh access point, the at least one parameter in the security sub-profile data structure including an indication of whether or not mutual authentication is required, and in the case the indication is that mutual authentication is required, credential information to use in mutual authentication, one or more initial radio parameters to use, a quality of service (QoS) sub-profile that includes one or more entries for describing one or more QoS capabilities and/or QoS requirements of the mesh access point, a mobility profile that includes one or more entries defining mobility policies, a management sub-profile including one or more entries for one or more of;
what versions of simple network management protocol (SNMP) are supported, diagnostic and/or troubleshooting policies, whether remote login is supported, whether console support is enabled, whether remote power cycling is enabled, whether active probing is enabled, and whether passive probing is enabled, andan additional sub-profile including one or more entries to indicate one or more of what mesh role or roles and what access point role or roles the mesh access point can undertake, wherein the logic when executed is further configured to; select for the mesh access point a particular wireless mesh network and a particular parent mesh access point of the particular wireless mesh network, the selecting using one or more parameters stored in an access point profile data structure set up a physical radio link between the mesh access point and a particular parent mesh access point for the mesh access point to be a child mesh access point; request association of the mesh access point with the particular parent mesh access point as a potential child mesh access point of the particular parent mesh access point, the requesting using one or more parameters in the access point profile data structure, including one or more parameters in the security sub-profile data structure; receive at the mesh access point a response to the association request; and in the case that the received response is positive, use one or more policies stored in the access point profile data structure to cause the mesh access point to join the particular wireless mesh network via the particular parent mesh access point; and
after joining the particular mesh network, transmitting from the mesh access point advertisements to indicate the mesh access point'"'"'s access point capabilities,wherein in the case the indication is that mutual authentication is required, the using one or more policies to join includes mutual authenticating with the mesh access point as supplicant, starting with credential information stored in the security sub-profile of the access point profile data structure. - View Dependent Claims (28)
-
-
29. An apparatus comprising:
-
means for receiving a wireless signal transmitted by a transmitting mesh access point in a particular wireless mesh network, including receiving one or more advertisements advertising the transmitting mesh access point'"'"'s availability to act as a parent mesh access point for a wireless mesh network; means for processing signals received, the means for processing configured, together with the means for receiving to connect to a mesh node of a wireless mesh network as a child node the connected-to mesh node as a result of receiving an advertisement from the connected-to mesh node; and non-volatile memory means coupled to or residing in the control processor for storing one or more parameters in a mesh access point data structure, the access point profile data structure pre-configured, prior to the apparatus joining any wireless mesh network as a mesh access point, with a plurality of sub-profiles, such that the apparatus is able to join a mesh network controlled by a controller using information in the pre-defined sub-profiles, the pre-defined sub-profiles including two or more of; a security sub-profile data structure containing one or more parameters usable by the means for processing to authenticate the apparatus in the process of joining a particular mesh network as a mesh access point that is a child mesh access point to a particular mesh access point as the child'"'"'s mesh access point'"'"'s parent mesh access point as a result of receiving an advertisement from the particular mesh access point, the security sub-profile data structure comprising at least one parameter including an indication of whether or not mutual authentication is required, and in the case the indication is that mutual authentication is required, credential information to use in mutual authentication, one or more initial radio parameters to use, a quality of service (QoS) sub-profile that includes one or more entries for describing one or more QoS capabilities and/or QoS requirements of the mesh access point, a mobility profile that includes one or more entries defining mobility policies, a management sub-profile including one or more entries for one or more of;
what versions of simple network management protocol (SNMP) are supported, diagnostic and/or troubleshooting policies, whether remote login is supported, whether console support is enabled, whether remote power cycling is enabled, whether active probing is enabled, and whether passive probing is enabled, andan additional sub-profile including one or more entries to indicate one or more of what mesh role or roles and what access point role or roles the mesh access point can undertake, wherein the means for processing is configured to select a particular wireless mesh network controlled by a particular controller, and a particular parent mesh access point of the particular wireless mesh network, the selecting using one or more parameters stored in the access point profile, set up a physical radio link with a particular parent mesh access point as a child mesh access point; request association with the particular parent mesh access point as a potential child mesh access point of the particular parent mesh access point, the requesting association using one or more parameters in the access point profile data structure, including one or more parameters in the security sub-profile data structure; receive a response to the association request; and in the case that the received response is positive, use one or more policies stored in the access point profile data structure to join the particular wireless mesh network via the particular parent mesh access point; and
after joining the particular mesh network, wirelessly transmit advertisements to indicate the apparatus'"'"'s access point capabilities,wherein in the case the indication is that mutual authentication is required, the using one or more policies to join includes mutual authenticating with the apparatus as supplicant, starting with credential information stored in the security sub-profile of the access point profile data structure.
-
Specification