Understanding Configuration Hierarchy
TheMobility Masterhierarchy simplifies the configuration process by supporting multiple configurations for multiple deployments using a singleMobility Master. Configuration elements can be mapped to one or more end devices, such as amanaged deviceorVPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.concentrator. Common configurations across devices are extracted to a shared template, which merges with device-specific configurations to generate the configuration for an individual device.
Figure 1Example of the Configuration Hierarchy
Figure 1provides an example of the configuration hierarchy. The solid lines represent the hierarchy, the dotted arrows represent the device mapping, and each box represents a node in the hierarchy. When a device is added toMobility Master, it must be mapped to a node or node-path in order to inherit configurations from the hierarchy. An explicit configuration node is also created for each device so that any device-specific configurations can be added directly to that node. Any device that is managed byMobility Masteris known as amanaged device. For example, deviceinFigure 1retrieves all device-specific configurations from thenode. Since thenode is mapped to the,, andnodes, the device also receives configurations from those nodes.
Each node contains a unique combination of common and device-specific configurations. The root node appears by default upon logging in toMobility MasterCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions..
The configuration hierarchy contains the following nodes and node structure:
Category |
Node Name |
Node Description |
|---|---|---|
/ |
Configurations common toMobility Masterand itsmanaged devices(the root node). Configuration changes are not allowed on the root node. |
|
/md |
Configurations common to allmanaged devices. The user can create additional nodes under this node. |
|
/mm |
Configurations common to the primary and standbyMobility Master(VRRPVirtual Router Redundancy Protocol. VRRP is an election protocol that dynamically assigns responsibility for a virtual router to one of the VRRP routers on a LAN.pair). |
|
/mm/mynode |
Configurations specific to a particularMobility Master. This can only be edited on the respectiveMobility Master. |
|
/mm |
Configurations common to the primary and standby stand-alonecontrollers(VRRPVirtual Router Redundancy Protocol. VRRP is an election protocol that dynamically assigns responsibility for a virtual router to one of the VRRP routers on a LAN.pair). |
|
/mm/mynode |
Configurations specific to a particular stand-alonecontroller. This can only be edited on the respective stand-alonecontroller. |
The term "mm" refers toMobility Masterand "md" refers tomanaged device. |
Configurations for a node are obtained by traversing the node-path from the root node to the given node. For example, thedevice inFigure 1receives configurations from all nodes along thenode-path. Configurations that are set lower in the hierarchy (child node) can have more precedence than the same configurations set higher in the hierarchy (parent node), depending on the configuration type. In a single-instance configuration, such as theESSID扩展服务集标识符。ESSID指to the ID used for identifying an extended service set.从一个孩子或device-specif名称、配置ic node override common configurations from a parent node. In a multi-instance configuration, such as a server in an Auth Server group, configurations from a child node are placed in addition to the parent node configuration. For example, if a parent node specifies two radius servers and the child node specifies three radius servers, the device is provisioned with a total of five radius servers.
The configuration hierarchy is not the same as the physical topology. The hierarchy provides a simple way to organize configurations so that configuration elements can be shared across multiple devices without being duplicated. Configurations that are added to the root node, for example, are applied to all nodes within the hierarchy, while configurations that are only applied to a specific region override configurations for the corresponding child nodes. Order-dependent configurations, however, cannot be overridden. These configurations can only be set up once in the network hierarchy. For example, if a aaa server-group is configured on a parent node, it cannot be edited at the child node. Configuration hierarchies are tailored and organized to meet the unique needs of each customer.
