Access point profile for a mesh access point in a wireless mesh network

US 8,305,996 B2
Filed: 12/21/2011
Issued: 11/06/2012
Est. Priority Date: 11/14/2006
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

(a) receiving in a first mesh access point one or more advertisements from a second mesh access point of a first wireless mesh network controlled by a mesh network controller, wherein the first mesh access point includes non-volatile memory in which an access point profile data structure is pre-stored and pre-configured with a plurality of sub-profiles usable for discovering one or more wireless mesh networks and for joining a wireless mesh network;

wherein the plurality of pre-configured sub-profiles in the access point profile data structure includes at least two of items (i) to (vi);

(i) one or more parameters that provide security information, including an indication of whether or not mutual authentication is required for the first mesh access point, and in the case the indication is that mutual authentication is required, credential information to use in mutual authentication;

(ii) one or more initial radio parameters to use;

(iii) one or more entries for describing one or more QoS capabilities and/or QoS requirements of the first mesh access point;

(iv) one or more entries defining at least one mobility policy;

(v) at least one of;

what version or versions of simple network management protocol (SNMP) are supported, a diagnostic policy or policies, a troubleshooting policy or policies, whether remote login is supported, whether console support is enabled, whether remote power cycling is enabled, whether active probing is enabled, and whether passive probing is enabled; and

(vi) one or more entries to indicate at least one of;

what mesh role or roles and what access point role or roles the first mesh access point can undertake;

(b) deciding in the first mesh access point whether or not to join the first wireless mesh network via the second mesh access point using information from the received one or more advertisements and the pre-configured sub-profiles;

in the case that the decision is to join the first wireless mesh network via the second mesh access point, performing steps (c) to (f) by the first mesh access point;

(c) setting up a physical radio link with the second mesh access point;

(d) requesting association with the second mesh access point as a potential child mesh access point of the second mesh access point in the first wireless mesh network, the requesting using at least one of the one or more parameters that provide security information;

(e) receiving a response to the association request; and

(f) in the case that the received response is positive, using one or more policies stored in the access point profile data structure to join the first wireless mesh network via the second mesh access point; and

after joining the particular mesh network, transmitting from the first mesh access point advertisements to indicate the first mesh access point'"'"'s access point capabilities for servicing wireless clients.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mesh access point that includes an access point profile storing one ore more parameters in non-volatile memory, and a method of using the mesh access point having the access point profile to select and carry out mutual authentication on a wireless mesh network to establish itself to the mesh network using information in the access point profile, and further to provide services to wireless clients according to information in the access point profile. Access point profiles can be pre-configured/configured/updated suitably in order to adapt the mesh access point in a mesh network according to its capabilities and requirements.

Citations

24 Claims

1. A method comprising:
- (a) receiving in a first mesh access point one or more advertisements from a second mesh access point of a first wireless mesh network controlled by a mesh network controller, wherein the first mesh access point includes non-volatile memory in which an access point profile data structure is pre-stored and pre-configured with a plurality of sub-profiles usable for discovering one or more wireless mesh networks and for joining a wireless mesh network;
  
  wherein the plurality of pre-configured sub-profiles in the access point profile data structure includes at least two of items (i) to (vi);
  
  (i) one or more parameters that provide security information, including an indication of whether or not mutual authentication is required for the first mesh access point, and in the case the indication is that mutual authentication is required, credential information to use in mutual authentication;
  
  (ii) one or more initial radio parameters to use;
  
  (iii) one or more entries for describing one or more QoS capabilities and/or QoS requirements of the first mesh access point;
  
  (iv) one or more entries defining at least one mobility policy;
  
  (v) at least one of;
  
  what version or versions of simple network management protocol (SNMP) are supported, a diagnostic policy or policies, a troubleshooting policy or policies, whether remote login is supported, whether console support is enabled, whether remote power cycling is enabled, whether active probing is enabled, and whether passive probing is enabled; and
  
  (vi) one or more entries to indicate at least one of;
  
  what mesh role or roles and what access point role or roles the first mesh access point can undertake;
  
  (b) deciding in the first mesh access point whether or not to join the first wireless mesh network via the second mesh access point using information from the received one or more advertisements and the pre-configured sub-profiles;
  
  in the case that the decision is to join the first wireless mesh network via the second mesh access point, performing steps (c) to (f) by the first mesh access point;
  
  (c) setting up a physical radio link with the second mesh access point;
  
  (d) requesting association with the second mesh access point as a potential child mesh access point of the second mesh access point in the first wireless mesh network, the requesting using at least one of the one or more parameters that provide security information;
  
  (e) receiving a response to the association request; and
  
  (f) in the case that the received response is positive, using one or more policies stored in the access point profile data structure to join the first wireless mesh network via the second mesh access point; and
  
  after joining the particular mesh network, transmitting from the first mesh access point advertisements to indicate the first mesh access point'"'"'s access point capabilities for servicing wireless clients.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. A method as recited in claim 1, wherein in the case the indication of whether or not mutual authentication is required indicates that mutual authentication is required, the using one or more policies to join includes mutual authenticating with the first mesh access point as supplicant, starting with the credential information in the access point profile data structure.
  - 3. A method as recited in claim 1, wherein the access point profile data structure includes at least one of:
    - (i) one or more entries for an indication of which wireless mesh networks the first mesh access point is authorized to join, and(ii) one or more entries for an indication of which wireless mesh networks the first mesh access point is to not join.
  - 4. A method as recited in claim 1, wherein the access point profile data structure includes one or more entries for an indication of wireless mesh networks that the first mesh access point has previously joined, and one or more parameters on such previously joined mesh networks.
  - 5. A method as recited in claim 1, wherein the deciding whether or not to join the first wireless mesh network includes using information from the first access point'"'"'s access point profile data structure to ascertain if the first wireless mesh network is an authorized mesh network and can provide required services.
  - 6. A method as recited in claim 1, wherein one or more of the mesh nodes of the first mesh network are lightweight access points whose respective access point functionalities are controlled by one or more controllers that are in communication with the respective lightweight access points using a pre-defined lightweight access point protocol, and wherein the access point profile data structure includes one or more entries for an indication of whether the first mesh access point can join any controller, or whether the first mesh access point can only join one or more controllers identified in the access point profile data structure.
  - 7. A method as recited in claim 1, wherein the access point profile data structure includes one or more entries for an indication of one or more different security policies that the first mesh access point can support.
  - 8. A method as recited in claim 1, wherein the one or more parameters that provide security information further include at least one of key management information and secure roaming capability information.
  - 9. A method as recited in claim 1, wherein the access point profile data structure includes one or more entries for an indication of one or more different types of authentication that the first mesh access point can engage in for joining a mesh network.
  - 10. A method as recited in claim 1, wherein the access point profile data structure includes one or more entries for Quality of Service (QoS) information for the first mesh access point.
  - 11. A method as recited in claim 9, wherein the Quality of Service information includes the one or more QoS levels supported by the first mesh access point.
  - 12. A method as recited in claim 9, wherein the Quality of Service information includes at least one of:
    - (i) one or more entries for an indication of one or more different types of authentication that the first mesh access point can engage in for joining a mesh network; and
      
      (ii) an indication of which one or more types of call admission control methods are supported by the first mesh access point.
  - 13. A method as recited in claim 1, wherein the access point profile data structure is pre-configured with one or more default parameters.
  - 14. A method as recited in claim 1, wherein the first mesh access point is a lightweight access point that can be coupled to a controller to have access point capabilities controlled by the controller by communication between the lightweight access point and the controller according to a pre-defined lightweight access point protocol, and wherein the access point profile data structure is configurable once the first mesh access point is coupled to a controller, including at least one of the default parameters being changeable.

15. A method comprising:
- (a) transmitting in a mesh access point of a wireless mesh network one or more advertisements for potential child mesh access points, the mesh network having a mesh network identifier and controlled by a mesh network controller, the mesh access point being a lightweight mesh access point that has a secure tunnel with the controller and whose access point functionality is controlled by the controller, the secure tunnel using a pre-defined lightweight access point protocol, each advertisement including the mesh network identifier and one or more parameters determined from content stored in an access point profile data structure stored in non-volatile memory included in the mesh access point, the access point profile data structure being pre-stored and pre-configured with a plurality of sub-profiles usable for discovering one or more wireless mesh networks and for joining a wireless mesh network,wherein the plurality of pre-configured sub-profiles in the access point profile data structure includes at least two of items (i) to (vi);
  
  (i) one or more parameters that provide security information, including an indication of whether or not mutual authentication is required for the mesh access point, and in the case the indication is that mutual authentication is required, credential information to use in mutual authentication;
  
  (ii) one or more initial radio parameters to use;
  
  (iii) one or more entries for describing one or more QoS capabilities and/or QoS requirements of the mesh access point;
  
  (iv) one or more entries defining at least one mobility policy;
  
  (v) at least one of;
  
  what version or versions of simple network management protocol (SNMP) are supported, a diagnostic policy or policies, a troubleshooting policy or policies, whether remote login is supported, whether console support is enabled, whether remote power cycling is enabled, whether active probing is enabled, and whether passive probing is enabled; and
  
  (vi) one or more entries to indicate at least one of;
  
  what mesh role or roles and what access point role or roles the mesh access point can undertake;
  
  (b) setting up by the mesh access point a physical radio link with a particular child mesh access point as a result of the particular child mesh access point receiving one of the advertisements and deciding to join the wireless mesh network via the mesh access point;
  
  (c) receiving by the mesh access point an association request from the particular child mesh access point as a potential child mesh access point of the mesh access point,(d) ascertaining by the mesh access point, using one or more parameters stored in the access point profile data structure whether or not the particular child mesh access point can and should join the mesh network with the mesh access point being the parent mesh access point of the particular child mesh access point; and
  
  (e) sending by the mesh access point a response to the association request,(f) in the case the mesh access point ascertains that the child mesh access point can join the mesh network, sending by the mesh access point a controller association request to the controller and receiving a controller response to the controller association request as a result of the controller ascertaining whether or not the child mesh access point can join the mesh network;
  
  (g) in the case that the controller response is positive, mutually authenticating by the mesh access point with the particular child mesh access point, starting with the child mesh access point as supplicant and the controller as authenticator.
- View Dependent Claims (16, 17)
- - 16. A method as recited in claim 15, wherein the one or more parameters that provide security information further include at least one of key management information and secure roaming capability information.
  - 17. A method as recited in claim 15, wherein in the case that the indication of whether or not mutual authentication is required is that mutual authentication is required, the using one or more policies to join includes mutual authenticating with the particular child mesh access point as supplicant, starting with credential information stored in the access point profile data structure.

18. An apparatus comprising:
- at least a backhaul radio interface;
  
  a control processor coupled to the backhaul radio interface operative with the radio interface to connect as a mesh access point to one or more mesh nodes to form a wireless mesh network;
  
  a non-volatile memory coupled to or residing in the control processor, and usable by the control processor, the non volatile memory having pre-stored therein an access point profile data structure pre-stored and pre-configured with a plurality of sub-profiles usable for discovering one or more wireless mesh networks and for joining a wireless mesh network,wherein the plurality of pre-configured sub-profiles in the access point profile data structure includes at least two of items (i) to (vi);
  
  (i) one or more parameter that provide security information, including an indication of whether or not mutual authentication is required for the mesh access point, and in the case the indication is that mutual authentication is required, credential information to use in mutual authentication;
  
  (ii) one or more initial radio parameters to use;
  
  (iii) one or more entries for describing one or more QoS capabilities and/or QoS requirements of the mesh access point;
  
  (iv) one or more entries defining at least one mobility policy;
  
  (v) at least one of;
  
  what version or versions of simple network management protocol (SNMP) are supported, a diagnostic policy or policies, a troubleshooting policy or policies, whether remote login is supported, whether console support is enabled, whether remote power cycling is enabled, whether active probing is enabled, and whether passive probing is enabled; and
  
  (vi) one or more entries to indicate at least one of;
  
  what mesh role or roles and what access point role or roles the mesh access point can undertake;
  
  wherein the control processor is configured toselect a particular wireless mesh network controlled by a particular controller, and a particular parent mesh access point of the particular wireless mesh network, the selecting using one or more parameters stored in the access point profile data structure,set up a physical radio link with a particular parent mesh access point as a child mesh access point of the particular parent mesh access point;
  
  request association with the particular parent mesh access point as a potential child mesh access point of the particular parent mesh access point, the requesting association using one or more parameters in the access point profile data structure, including the indication of whether or not mutual authentication is required;
  
  receive a response to the association request; and
  
  in the case that the received response is positive, use one or more policies stored in the access point profile data structure to join the particular wireless mesh network via the particular parent mesh access point.
- View Dependent Claims (19, 20, 21, 22, 23, 24)
- - 19. An apparatus as recited in claim 18, wherein the one or more parameters that provide security information further include at least one of key management information and secure roaming capability information.
  - 20. An apparatus as recited in claim 18, further comprising:
    - a wired network interface coupled to or residing in the control processor, and operable to couple the apparatus to a wired network.
  - 21. An apparatus as recited in claim 18, wherein the apparatus is operable as a lightweight mesh access point when coupled to a controller, the apparatus'"'"'s access point functionality being controlled by the controller in communication with the apparatus using a pre-defined lightweight access point protocol.
  - 22. An apparatus as recited in claim 21, wherein the access point profile data structure includes information on which controller or controllers the access point can join.
  - 23. An apparatus as recited in claim 18, wherein the access point profile data structure includes at least one of:
    - (i) one or more entries for an indication of allowed and/or not-allowed wireless mesh networks that the mesh network may and/or may not join, and(ii) one or more entries for an indication of wireless mesh networks that the first mesh access point has previously joined.
  - 24. An apparatus as recited in claim 18, wherein the access point profile data structure includes one or more entries for credential information on where to find the credential or credentials for authenticating with the particular wireless mesh network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Cam-Winget, Nancy, Rahman, Shabriar I.
Primary Examiner(s)
Gelin, Jean
Assistant Examiner(s)
PATEL, MAHENDRA R

Application Number

US13/333,772
Publication Number

US 20120087281A1
Time in Patent Office

321 Days
Field of Search

370/338, 370/256, 370/328, 370/401, 370/329, 370/331, 410/100, 410/117, 410/118, 410/97, 365/230.03, 606/151, 606/232, 455/41.2, 455/436, 455/411
US Class Current

370/331
CPC Class Codes

H04W 40/24   Connectivity information ma...

H04W 48/08   Access restriction or acces...

H04W 8/005   Discovery of network device...

H04W 84/18   Self-organising networks, e...

Access point profile for a mesh access point in a wireless mesh network

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Access point profile for a mesh access point in a wireless mesh network

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links