Packet6

San Francisco Bay Area Wi-Fi Professional Services

cisco

Success Story: SFAI Deploys 802.11ac Wi-Fi To New Campus

by 1 Comment

Located in the historic Herbst Pavilion in prime San Francisco Bay waterfront, the San Francisco Art Institute (SFAI) opened a new campus at Fort Mason Center. The Fort Mason campus is home to over 160 art students and faculty in a large 67,000 square foot space. There is 4,300 square feet of exhibition galleries which is open to the public, 160+ artist studios, performance spaces, a student lounge, multipurpose teaching spaces and staff offices.

Performing a wireless validation site survey.
Validating the Wi-Fi installation.

SFAI transformed the Fort Mason building on Pier 2. Previously it housed pieces of crates and trash. At one point it used to house military supplies. $50 million later it is beautifully remodeled for SFAI graduate students. A building like this comes with its own set of technology challenges which is SFAI looked to Packet6 to deliver a modern Wi-Fi network with new network infrastructure.

The school’s wireless network was finally due for a network upgrade and the Fort Mason campus was going to get it. Many parts of the campus were still using Cisco 1231Gs, providing 802.11a/b/g to students, faculty, and staff. To make matters more challenging, the access points were autonomous. Each one would have to be managed individually without a central network management system. Keeping up with the demand of Wi-Fi connectivity was a challenge solved with the new Wi-fi access points being deployed at Fort Mason. The students, staff, and faculty can benefit from using 802.11ac with modern devices and SFAI IT can centrally manage their Wi-Fi network.

quote-left

"The San Francisco Art Institute worked with Packet6 to configure and deploy a Wi-Fi network in our new 67,000-square-foot graduate campus. They helped accomplish this goal quickly and professionally." - Patrick

With SFAI bringing in new technology generations ahead of what they had on campus, they looked to Packet6 for the knowledge and expertise in Wi-Fi design, configuration, and deployment. Packet6 helped to augment the existing IT team to provide a reliable network within weeks of the grand opening of the Fort Mason campus.

SFAI’s goal was to provide a fast frictionless Wi-Fi network to the students, staff, faculty, and visitors. Coverage throughout the campus was a must and more importantly, capacity. SFAI decided to go with the Cisco 3802 access points. The 3802 access point upgraded their network to 802.11ac. A significant upgrade from their 802.11a/b/g Wi-Fi network.

Analyzing the RF environment.
Analyzing the RF environment.

A total of 31 Cisco 3802 802.11ac dual band access points were purchased, mounted, and wired throughout the campus. Powered by a stack of Catalyst 3850 switches and protected by a Cisco ASA firewall, Packet6 configured the switches, firewalls, configured the Mobility Express controllers, and created secure tunnels back to SFAI’s main campus. Initially, the Cisco Converged Wireless was a selected solution. Packet6 made the recommendation to migrate away from Converged Wireless and into an updated and supported platform, Cisco Mobility Express. A pair of the Cisco 3802 access points were converted to primary and standby virtual controllers to manage the other access points.

The location of each access point were predetermined and wired by the building architect. Packet6 utilized these locations and produced a predictive site survey to help visualize what the Wi-Fi network could look like with the Cisco 3802 access points. After the access points were mounted and powered on, Packet6 configured the access points via the virtual controllers according to the RF plan Packet6 designed. A validation site survey was performed to produce a report confirming proper operation and consequently successfully closing out the project.

As a result of the new 802.11ac capable network, students and staff have had pleasant experiences on the Wi-Fi network. From what SFAI IT has heared, “People are very happy with the speed.”

What’s New In Cisco WLC 8.5.105.0?

by Leave a Comment

Cisco 1542i Outdoor Access PointOver the weekend of October 21st 2017, Cisco released wireless LAN controller (WLC) and lightweight access points version 8.5.105.0. We take a look at what is new with Cisco WLC and why we should consider upgrading.

One thing to note is that this release is a repost of 8.5.103.0. Most notably it resolves the AP / Infrastructure vulnerability to the KRACK attack. Cisco had some challenges getting this release out after the vulnerability was published. Over the weekend they had posted an update and then pulled it back.

I have upgraded a few controllers to 8.5.105.0 without any issue.

Here are a few features that stuck out to me in the release notes:

New AP support for Aironet 1540 series, 1815m and 1815t

Of course with newer access points you must be running the latest version of code. I’ve been able to see the Aironet 1540 in person and it’s a small outdoor AP that fits even our aesthetic requirements. The other two I haven’t had experience with it.

Place Aironet 1540, 1560, and 18xx APs into monitor mode

This is a welcomed feature. Monitor mode is used to collect RF channel info that is used with rogue detection, wIPS, and CleanAir. The following Aironet APs that will be capable of going into monitor mode:

  • 1540 series
  • 1560 series
  • 1810 OfficeExtend
  • 1810W
  • 1815
  • 1850
  • 1830

Cisco Spectrum Expert-Remote Sensor on Wave 2 APs

Another great feature. Check out our previous blog post on using Chanalyzer CleanAir accessory. While placing APs into Spectrum Expert mode doesn’t allow it to service clients, it does become a tremendous troubleshooting tool when needed.

New AP Commands

  • show controllers dot11radio 1 antenna – displays last seen power (per antenna RSSI) with the radio port as input.
  • show controllers dot11radio 1 client mac-address – Displays info on what the client is doing (rate selection and streams). Also displays non-zero RX, TX, or TX-Retries (cumulative) for each rate, stream, or width combination

Support for Client-Aware Flexible Radio Assignment

Client-Aware FRA will be supported on Aironet 2800 and 3800 APs. What this allows you to do is set a utilization threshold to turn a monitor mode radio to a client serving 5 GHz radio and vice versa.

The two features are called Client select and Client reset. The default percentage value is 50% and 5% respectively.

  • View FRA assignment settings using the show advanced fra command

Software-Defined Access Wireless

This is for those wanting to enable SD-Access for wireless. We have yet to try SD-Access.

  • Enterprise Fabric

Identity PSK

Identity PSK allows you to configure a unique pre-shared key for devices to join a PSK network. Think about devices that are unable to join 802.1X networks but you don’t want to share one key across all devices. This is useful for IoT devices.

  • Provide devices with unique pre-shared keys to join a WPA-PSK network.

Conclusion

Look out for future updates on the features we’ve listed above. We will be testing the features out and sharing our experiences. Version 8.5.105.0 is the TAC recommended AireOS build for those needing 8.5 features.

How To Connect Chanalyzer To Cisco CleanAir

by 2 Comments

Learn how to use Chanalyzer for spectrum analysis with Cisco CleanAir APs to gather the spectrum data.

Animated sequence from Chanalyzer

One of my favorite things about Wi-Fi is visualizing the invisible with a spectrum analyzer. I like to use Metageek’s Chanalyzer to do this. But you need to have the dBx adapter with you to start seeing the spectrum.

Another way to get detailed spectrum data is to use a configured Cisco CleanAir AP. Chanalyzer has an accessory to connect to a CleanAir AP to view this spectrum data.

The best part of using a CleanAir AP is being able to do it remotely. That’s right, doing spectrum analysis from your seat several miles, even hundreds of miles, away from the source.

Granted, the view of the spectrum is from the APs perspective but it sure beats flying out there. It works great in a pinch.
Please Note: Spectrum Expert Connect is not supported on Cisco Aironet 1810 OEAP, 1810W, 1830, 1850, 2800, and 3800 Series APs.
The obvious requirement here is CleanAir must be enabled on the AP.

You can connect to an AP that is actively serving clients but you will only be able to see the spectrum from its operating channel. If the AP is serving clients on channel 36, then you will only see the spectrum of that channel.

In this post I am using a Cisco Aironet 3502i.

You may be familiar with Local mode which tunnels the user traffic back to the controller. This mode only shows you spectrum on the serving channel.

Monitor mode will scan for interferers on all channels but will not serve any clients.

SE-Connect is the mode we want to use to connect Chanalyzer to a CleanAir AP. This mode also doesn’t serve clients but will provide you the spectrum data you seek.

Connecting Chanalyzer To CleanAir

From the Monitor page, click on Wireless.

Selecting Wireless in the Cisco WLC

From the list of APs, click on the one that will be used for Spectrum Expert.

List of access points on Cisco WLC

From the General tab of the AP, click the dropdown for AP Mode and select SE-Connect. Click Apply.

Changing the AP mode to SE-Connect

The AP will reboot into SE-Connect mode. Get coffee. It isn’t kidding about a few minutes.

When the AP reconnects to the controller, navigate to the General tab and copy the Network Spectrum Interface (NSI) Key. This will be used to authenticate the AP in Chanalyzer.

The NSI key for the Cisco AP

Open Chanalyzer.

Please Note: You must have a license to the CleanAir Accessory to connect Chanalyzer to an AP.

Click on CleanAir from the top menu and click on Connect to a CleanAir AP.

Connecting Chanalyzer to CleanAir

Type in the IP address of the AP, the NSI Key you copied from the Cisco WLC, and give it a name. Then click Connect.

Entering details of the CleanAir AP

Chanalyzer will establish a connection to the Spectrum Expert enabled AP.

Once connected you will see the panes populate with colors.

Spectrum view from Chanalyzer

Because we are using a Cisco AP in SE-Connect mode, we are able to see a double rainbow. That is both 2.4 GHz and 5 GHz views at the same time.

Interferers are detected using Cisco CleanAir signatures. By selecting one of the interferers it will be displayed in the density view pane. Another useful view is the Utilization graph to identify congested channels.

Configuring Cisco RRM DCA – Dynamic Channel Assignment

by Leave a Comment

Configuring Cisco RRM DCA is part of a series of posts on Cisco RRM. In this post I will go over the configuration options of DCA.

Part I – Cisco NDP
Part II – Configuring Cisco RRM DCA > you are here

DCA, or Dynamic Channel Assignment, is a core component of Cisco Radio Resource Management (RRM). It runs a critical algorithm which dynamically changes an access points (AP) client serving channel based on multiple parameters, collectively called a Cost Metric.

DCA is configured under 802.11a/n/ac (5 GHz) and 802.11b/g/n (2.4 GHz)

Configuring DCA for 802.11a/n/ac

Channel Assignment Method

The first thing you will notice is the Channel Assignment Method of Automatic, Freeze, or Off.

Automatic will run the DCA algorithm at the define Interval which is every 10 minutes by default. The anchor point is used to set the time of day the DCA algorithm would start.

For less frequent channel changes, increase the interval.

Keep in mind that clients will be disconnected briefly for a channel change.

Freeze does not run the DCA algorithm unless triggered.

Off disables the use of RRM and its auto-rf capabilities.

Avoid Foreign AP interference

Enabling this option allows RRM to take surrounding neighboring APs that are not part of your network into consideration.

RRM will create a channel plan to help mitigate co-channel interference.

Avoid Cisco AP Load

This option allows RRM to consider the traffic load on an access point to help build a better channel plan.

I don’t believe in enabling this feature because it can be difficult to make a client device associate with a specific AP.

Avoiding non-802.11a|b noise

This RRM option takes interference on the channel into consideration for the channel plan.

The category of interference is anything coming from a non-AP.

Persistent Device Avoidance

Sometimes there is non-Wi-Fi device interference affecting your wireless network. DCA can help mitigate the issue if Avoid Persistent Non-WiFi Interference option is enabled.

RRM will receive information from CleanAir and if the interference is creating a negative impact, RRM can issue a channel change to avoid it.

Viewing persistent devices can be done by viewing the details of an AP from the web interface. At the bottom of the page are all the persistent devices being tracked including the class type, on what channel the interference was hurt, what the duty cycle is, RSSI, and when it was last seen.

Persistent Device Avoidance

DCA Channel Sensitivity

DCA has three different modes it could be in:

  • Scheduled – DCA algorithm runs at a selected time. Usually to minimize changes to off peak hours.
  • Steady State – DCA algorithm running at a specified interval.
  • Startup Mode – Used when making changes to the wireless network architecture. It restarts the DCA algorithm and runs for 100 minutes at high sensitivity.

By default, DCA has a medium channel sensitivity at 15 dB for 5 GHz and 10 dB for 2.4 GHz. This is the DCA Sensitivity Threshold.

By changing the channel sensitivity to high, then a cost metric of 5 dB better will recommend a channel change.

DCA Channel List

To have DCA dynamically select a channel, it must be in the Channel List. You can select specific channels for DCA to select from or select them all, including the UNII-2 channels.

Dynamic Bandwidth Selection

RRM has a flexible way to assign bandwidth to APs by analyzing the RF and selecting the best channel width.

By default, DCA uses 20 MHz channels. You can configure Cisco RRM DCA all the way up to 160 MHz channels or select Best to have RRM pick for you.

If an AP doesn’t support 40/80/160 MHz channels it will not be configured for it.

Dynamic Bandwidth Selection

To see DCA dynamically select channels, head over to the CLI on the controller and enter the debug command:

debug airewave-director channel enable

*RRM-CLNT-5_0: Aug 27 12:04:48.270: 58:bc:27:33:33:33 Slot 1: Channel set request on 58:bc:27:33:33:33(1) to (100, 104, 0, 0) 40 MHz Before -62, After -72  Second best: ch 157 wd 40 mt -86 RRF:enabled(0) metric(199) 
*RRM-CLNT-5_0: Aug 27 12:04:48.270:    [spamGetMeshBhRRMStatus] 0 
*RRM-CLNT-5_0: Aug 27 12:04:48.270: 58:bc:27:33:33:33 new channel width label set from 3 to 4 
*RRM-CLNT-5_0: Aug 27 12:04:48.270: 58:bc:27:33:33:33 slot 1 Set new channel 100 width label 4 
*RRM-CLNT-5_0: Aug 27 12:04:48.270: 58:bc:27:33:33:33 sent channel to spam  and call trap(0) 
*RRM-CLNT-5_0: Aug 27 12:04:48.270: 58:bc:27:33:33:33 Airewave Director: Final Channel Assignment (100,104,0,0) configured on AP  58:bc:27:33:33:33(1) 
*RRM-CLNT-5_0: Aug 27 12:04:48.270: 58:bc:27:33:33:33 Airewave Director: set channel on cell 58:bc:27:33:33:33(1) to 100 from 100 to reduce co-channel interference from (-128,-128,-62) to (-128,-128,-72) reason 1

In the output above, Cisco RRM DCA made a request to change an AP to a 40 MHz channel width using primary channel 100 and secondary 104.

At the very end, RRM sets the channel to 100 with the reason – to reduce co-channel interference.

From command line, it is possible to view when the last channel assignment was set using the following show command:

show ap auto-rf 802.11a <ap-name>

  Channel Assignment Information 
    Current Channel Average Energy...............  -71 dBm 
    Previous Channel Average Energy..............  -71 dBm 
    Channel Change Count......................... 541 
    Last Channel Change Time..................... Sat Aug 27 12:14:59 2016 
    Recommended Best Channel..................... 116

802.11a – shows the 5 GHz radio
802.11b – shows the 2.4 GHz radio
<ap-name> – replace with the name of your AP

The output was truncated just to display the channel assignment information. You can see the current and previous channel average energy, how many times the channel has changed, when it was last changed, and which is the best recommended channel.

Event Driven RRM

If you need the wireless network to react quickly and automatically to bad interference, ED-RRM is an option to enable.

An example could be a device using 100% duty cycle causing all nearby APs and clients to hold off communicating on the wireless medium. ED-RRM would allow an AP to make the channel change sooner than when the DCA interval kicks in.

To configure ED-RRM:

1. Click on Wireless
2. Click on 802.11a/n/ac or 802.11b/g/n
3. Click on DCA
4. At the bottom of the page, enable EDRRM
5. Set the sensitivity threshold to Low (my recommendation is not go above Medium)

Event Driven RRM

The sensitivity threshold defines the air quality (AQ) at the following:

  • Low sensitivity – AQ at 35%
  • Medium sensitivity – AQ at 50%
  • High sensitivity – AQ at 60%

An air quality of 100% is good, very bad is 0%

The Rogue Duty-Cycle option will allow you to set the percentage of duty cycle and rogue duty cycle occurs before triggering EDRRM.

To learn more details about Cisco’s RRM – DCA be sure to check out the white paper from Cisco.

Cisco NDP – Neighbor Discovery Protocol – What Is It?

by Leave a Comment

Cisco NDP, short for Neighbor Discovery Protocol and Neighbor Discovery Packets, is a critical component of Cisco’s auto RF feature, Radio Resource Management (RRM). The purpose of NDP is to provide over the air (OTA) messages between access points (AP). It monitors and manages what each AP sees in the radio frequency (RF). It’s essentially how every AP sees other APs in an RF Group or Neighborhood. The end result is actual RF path loss between APs.

I see NDP as a way for APs to build a map of their locations in relation to each other based on RF propagation and path losses. Every 180 seconds (3 minutes), an AP will send an over the air (OTA) message to a multicast address, 01:0B:85:00:00:00, from each channel.

NDP messages are sent at the highest transmit power and at the lowest data rate supported for the channel being transmitted on. The transmit power and data rate selection is not configurable by the end user and is hard coded.

Cisco Neighbor Discovery Protocol forms the basis of many algorithms within Cisco RRM. Because of that, it goes without saying, if NDP doesn’t work neither does RRM.

Learn more RRM from the white paper.

NDP is used by the following

  • RF Grouping Algorithm
  • Transmit Power Control (TPC – basis calculation for TPCv2)
  • Flexible Radio Architecture (FRA – basis for coverage overlap factor)
  • Rogue detection (If AP isn’t sending NDPs or unintelligible NDP then it is a rogue)
  • CleanAir (Used for interference reports)
  • CMX (For AP RF distance and path loss measurements)

As you can see, NDP is very important for RRM.

What’s inside a Cisco NDP Packet?

Field Name
Description
Radio Identifier
Slot ID for the sending radio
Group ID
IP Address and Priority code of sends WLC
Hash
RF Group name converted to a hash for authentication
IP address
IP of sending AP’s RRM Group Leader
Encrypted ?
Are we using Encrypted NDP?
Version
Version of NDP
APs Channel
Operating channel of the sending radio
Encryption Key Length
Encryption Key Name
Message Channel
Channel the NDP was sent on
Message Power
The power (in dBm) the message was sent at
Antenna
Antenna pattern of the sending radio

When an AP hears and receives an NDP message, it will validate the message from the transmitting AP to determine if it is a member of the same RF group. If it’s a valid NDP, the receiving AP will forward the message to the controller along with information such as the received channel and RSSI.

If the message is not in the same RF group it will be invalid and the packet will be dropped.

The message is added to a neighbor database. Each radio on each AP can store up to 34 neighbors ordered by RSSI, high to low.

There are two measurements taken:

  • RX neighbors – “How I hear other APs”
  • TX Neighbors – “How other APs hear me”

Configure Cisco NDP frequency

The frequency in which Neighbor Discovery Packets are sent out can be configured from the WLAN controller. By default, it is 180 seconds (3 minutes). It is recommended to keep this at the default.

The Channel Scan Interval is 180 seconds by default. Each channel dwell has to be completed within 180 seconds.

The Neighbor Timeout Factor is by default set to 5. This multiplier is multiplied by the Neighbor Packet Frequency value to come up with the timeout value. So with a default of 180 seconds for the Neighbor Packet Frequency x 5 = 900 seconds. This is the value used to determine when to prune access points from the neighbor list that have timed out.

If an AP were to disappear from the network, it would remain on other AP’s neighbor list until the pruning begins which is every 15 minutes.

Configuring NDP intervals in Cisco WLC.

To see these NDP packets over-the-air, I had two access points joined to my Cisco 2504 lab controller. Using Omnipeek, I set my adapter to to capture on Channel 64. I created a filter on the MAC address using addr(ethernet:’01:0B:85:00:00:00’).

In the screenshot below, notice the destination multicast address of 01:0B:85:00:00:00. Under the Relative Time column the NDP is sent out every 3 minutes, which is the default.

List of Cisco NDP packets in Omnipeek.

To find neighbor information using the Web GUI, click on the Monitor heading and on the left side, expand Access Points > Radios > Select radio.

Monitoring Cisco access points.

Then move your cursor all the way to the right and hover over the blue dropdown box to select Detail.

Selecting detailed under the 5GHz radio.

Cisco WLC displaying Rx neighbors based on NDP.

Use Command Line

Using the CLI, we can view nearby APs from the controller by selecting which AP to get the view from. There are three options to select from.

(Cisco Controller) >show ap auto-rf ?

802.11-abgn Display information for DualBand 802.11a/b/g/n.
802.11a Display information for 802.11a.
802.11b Display information for 802.11b/g.

802.11-abgn is used for APs with FRA.
802.11a displays information from the 5 GHz radio.
802.11b displays information from the 2.4 GHz radio.

Here’s truncated output from AP1 showing three neighboring APs.
(Cisco Controller)> show ap auto-rf 802.11a AP1
Nearby APs
AP 00:3a:7d:44:44:44 slot 1.................. -23 dBm on 36 20MHz (192.168.1.5) AP4
AP 58:bc:27:33:33:33 slot 1.................. -18 dBm on 100 20MHz (192.168.1.5) AP3
AP 58:bc:27:22:22:22 slot 1.................. -40 dBm on 44 20MHz (192.168.1.5) AP2

View NDP via CLI on AP

Another great debugging command is to view the RM measurements occurring from the access point. NDP packets will be sent out on each channel as you can see in the output below. I’ve truncated the rest of the messages.
AP1#debug capwap rm measurements
CAPWAP RM Measurements display debugging is on
*Aug 23 18:17:46.016: CAPWAP_RM: Timer expiry
*Aug 23 18:17:46.016: CAPWAP_RM: Neighbor interval timer expired, slot 1, band 0
*Aug 23 18:17:46.016: CAPWAP_RM: Triggering neighbor request on ch index: 2
*Aug 23 18:17:46.016: CAPWAP_RM: Sending neighbor packet #2 on channel 44 with power 1 slot 1
*Aug 23 18:17:46.016: CAPWAP_RM: Scheduling next neighbor request on ch index: 3
*Aug 23 18:17:46.230: CAPWAP_RM: Notification for Request id: 4044, slot: 1, status 1
*Aug 23 18:17:46.230: CAPWAP_RM: Neighbor packet sent successfully on 44
*Aug 23 18:17:46.233: CAPWAP_RM: Notification for Request id: 4044, slot: 1, status 1
*Aug 23 18:17:46.233: CAPWAP_RM: Neighbor packet sent successfully on 44
*Aug 23 18:17:49.017: CAPWAP_RM: Timer expiry
*Aug 23 18:17:49.017: CAPWAP_RM: Neighbor interval timer expired, slot 1, band 0
*Aug 23 18:17:49.017: CAPWAP_RM: Triggering neighbor request on ch index: 3
*Aug 23 18:17:49.017: CAPWAP_RM: Sending neighbor packet #3 on channel 48 with power 1 slot 1
*Aug 23 18:17:49.017: CAPWAP_RM: Scheduling next neighbor request on ch index: 4
*Aug 23 18:17:49.159: CAPWAP_RM: Notification for Request id: 4048, slot: 1, status 1
*Aug 23 18:17:49.159: CAPWAP_RM: Neighbor packet sent successfully on 48
*Aug 23 18:17:49.162: CAPWAP_RM: Notification for Request id: 4048, slot: 1, status 1
*Aug 23 18:17:49.162: CAPWAP_RM: Neighbor packet sent successfully on 48
*Aug 23 18:17:52.018: CAPWAP_RM: Timer expiry
*Aug 23 18:17:52.018: CAPWAP_RM: Neighbor interval timer expired, slot 1, band 0
*Aug 23 18:17:52.018: CAPWAP_RM: Skipping neighor request chan 52; DFS channel
*Aug 23 18:17:52.018: CAPWAP_RM: Scheduling next neighbor request on ch index: 5
*Aug 23 18:17:53.327: CAPWAP_RM: Timer expiry

RM Neighbor debugging

Another debugging command at the AP level will display NDP packets being received from other APs, including those not in the same RF group.

AP1#debug capwap rm neighbor

CAPWAP RM Neighbor display debugging is on

*Aug 23 18:31:33.529: LWAPP NEIGHBOR: Pak size 104 from 58bc.27xx.xxxx, interface - 1

*Aug 23 18:31:33.529: LWAPP NEIGHBOR:  Updating existing neighbor 58bc.27xx.xxxx(1), rssi -35 on channel: 161 with encryption: 0

*Aug 23 18:31:33.529: LWAPP NEIGHBOR: Configured Antennas: 2, PA_POWER: 17, TPO_CONTRIBUTION: 3, Total NDP Power: 20

*Aug 23 18:31:33.529: LWAPP NEIGHBOR:  Neighbor update 58bc.27xx.xxxx(avg -36), new rssi -35, channel 161

*Aug 23 18:31:33.529: LWAPP NEIGHBOR: NDP-TLV: Received ndp-tlv payload

*Aug 23 18:31:33.529: LWAPP NEIGHBOR: NDP: copy TLV data to neighbor

*Aug 23 18:31:33.529: LWAPP NEIGHBOR: NDP Rx: From 58bc.27xx.xxxx RSSI [raw:norm:avg]=[-35:-35:-36] [Neigh Srv Chan: Neigh Off Chan : NDP Pwr]=[161:157:20  dB] Rcv Ch Max Pwr [20  dB]

*Aug 23 18:31:33.532: LWAPP NEIGHBOR: Pak size 76 from 58bc.27xx.xxxx, interface - 1

*Aug 23 18:31:33.532: LWAPP NEIGHBOR:  Updating existing neighbor 58bc.27xx.xxxx(1), rssi -36 on channel: 161 with encryption: 0

*Aug 23 18:31:33.532: LWAPP NEIGHBOR: Configured Antennas: 2, PA_POWER: 17, TPO_CONTRIBUTION: 3, Total NDP Power: 20

*Aug 23 18:31:33.532: LWAPP NEIGHBOR:  Neighbor update 58bc.27xx.xxxx(avg -36), new rssi -36, channel 161

*Aug 23 18:31:33.532: LWAPP NEIGHBOR: NDP Rx: From 58bc.27xx.xxxx RSSI [raw:norm:avg]=[-36:-36:-36] [Neigh Srv Chan: Neigh Off Chan : NDP Pwr]=[161:157:20  dB] Rcv Ch Max Pwr [20  dB]

*Aug 23 18:31:33.802: LWAPP NEIGHBOR: Configured Antennas: 2, PA_POWER: 17, TPO_CONTRIBUTION: 3, Total NDP Power: 20

*Aug 23 18:31:33.802: LWAPP NEIGHBOR: NDP_ENC_TLV:- Ver:1, cntry:55 53 20 0, uAP:0

*Aug 23 18:31:33.802: LWAPP NEIGHBOR: NDP_ENC_TLV: Conf_B : 41 0 0

*Aug 23 18:31:33.802: LWAPP NEIGHBOR: NDP_ENC_TLV: Conf_A : 41 0 0

*Aug 23 18:31:33.802: LWAPP NEIGHBOR: TLV NDP Tx: Channel [Srv:Tx]=[157:48 ] TxPower [Srv:Tx]=[17 :20 ]

*Aug 23 18:31:33.802: LWAPP NEIGHBOR: Configured Antennas: 2, PA_POWER: 17, TPO_CONTRIBUTION: 3, Total NDP Power: 20

*Aug 23 18:31:33.802: LWAPP NEIGHBOR: NDP Tx: Channel [Srv:Tx]=[157:48 ] TxPower [Srv:Tx]=[17 :20 ]

*Aug 23 18:32:58.511: LWAPP NEIGHBOR: Pak size 76 from f40f.1bxx.xxxx, interface - 0

*Aug 23 18:32:58.511: LWAPP NEIGHBOR: Invalid rx neighbor f40f.1bxx.xxxx(0)

Conclusion

We briefly went over the purpose of Cisco NDP, neighbor discovery protocol, and how crucial it is to the RRM algorithms. I showed you where in the WLC GUI you can make changes to the NDP intervals but it is not recommended to change them other than the Neighbor Timeout Factor interval. In addition to capturing the NDP messages over-the-air, we saw how to capture NDP and some other RRM functions using debug commands from the controller and the AP.

Do you have something to add? Let us know in the comments below.

Cisco Live 2016 Recap

by 1 Comment

Blurry photo of Las Vegas

There isn’t any other event that will deploy 1600 wireless access points covering 2.4 million square feet. That is double the amount of square footage covered from San Diego Cisco Live in 2015.

And with over 32,000 unique clients served on this network, it isn’t a network to take lightly. WiFi went far and wide. The 1600 access points installed were the Cisco 3702E each with a patch antenna (air-ant2566d4m-r).

Access point mounted on a pole.

In the hallways, many of these access points and antennas are mounted on masts directed towards the middle where everyone walks to each session. I was actually surprised with the amount deployed. I’d be curious as to what the design looked like, how RRM worked in the environment, and how well roaming performed.

Each of the large session halls had many access points, and rightfully so. With people like me tweeting out the power points including screenshots, it was easy to push out lots of data. I didn’t really see any issues with WiFi at Cisco Live.

With that many access points and other network equipment, a total of 45 miles of network cable was laid out. Many of that cabling attached to 614 network switches. That’s an increase from 375 switches at Cisco Live 2015 in San Diego.

Attendees of Cisco Live 2016 used a total of 40 TB of traffic.

Mandalay Bay was home to Cisco Live 2016 and with over 28,000 attendees, it was packed with not just a lot of people nerding out but also full of information. An overwhelming amount of information but in a good way.

Temperatures went up to as high as 110F but as long as you stayed indoors you were safe. My accommodations were at the Cosmopolitan Hotel and it did not disappoint. Getting to and from the conference required a shuttle.

Alone on a shuttle
Hey a shuttle all to myself!

One thing I underestimated, besides the amount of sessions available, was the amount of swag you’ll acquire from touring the World of Solutions. I left with about two full bags of goodies including enough shirts to last me a week of outfits.

Fantastic Sessions

BRKEWN-2000 – Design and Deployment of Wireless LANs for Real Time Applications

Jerome Henry presenting.

Jerome Henry discusses real time applications of voice, video, and interactive video on wifi.

We strive to build a network that is self aware, self-optimizing, and self-defending but we still need people to design wifi.

Some points mentioned by Jerome that resonated with me:

  • Before building, determine how much bandwidth is needed for each application then multiply that number by the number of users of the application in the cell and that is the bandwidth needed at the edge of the cell.
  • Keep channel utilization under 50% in a cell. I’ve had to do a similar task for an interactive application but I’ve gone over the 50% channel utilization. Numbers come from Cisco’s labs.
  • For voip, keep retries under 20%, If higher than that then you must investigate why. I even consider 15% kind of high. Jitter should be under 100 ms and packet error rate under 1%.
  • Other points Jerome mentions are to aim for RSSI of greater than -67dBm, greater than 25 dBm SNR and again, under 50% channel utilization.
  • In regards to power matching with clients, Jerome recommended setting the AP power to half of your worst client max power and design for 5 GHz. If my notes are correct, it’s different from what we’ve heard from others by matching the AP power to the worst client’s max power. This could be because clients do not always transmit at high power. This also avoids the power mismatch where AP power may be set much higher than the client. The client could falsely believe the AP is closer than it really is because of the APs high transmit power. That power mismatch could make the client transmit at a higher data rate when it should be using a lower data rate.

What’s a good minimum data rate to enable?

As long as the client has

  1. Strong signal
  2. Client traffic and overhead traffic is reasonably fast, and
  3. Retries are low then you could use that low data rate in the cell. Disable 802.11b rates but not 802.11n

BRKEWN-2017 – Understanding RF Fundamentals and the Radio Design of 802.11n/ac Networks, Fred Niehaus

Faster data rates will need strong signal at the receiver end to properly decode. Fred went over antenna design and radiation patterns which is very important for wifi engineers. Selecting the right antenna can lead to better designs.

Basic overview of multipath and then into multi-user multipath.

Simplistic overview of Cisco’s Beamforming technology called Client-Link which I’d like to dive into further on a future episode.

Going into 802.11n and it’s specific elements such as MIMO vs SISO, MRC – maximal ratio combining (combining received signals from multiple antennas), spatial streams (multiple transmitted signals) and the number of transmitters and receivers.

Using 802.11n as a foundation, Fred moved onto 802.11ac which is 5 GHz only. 802.11ac Wave 2 introduced MU-MIMO, up to 160 MHz channels, up to 4 spatial streams.

Talking about faster transmissions. But of course higher data rates need larger channel widths which are problematic in channel assignment. There are requirements to be met to take full advantage of 802.11ac.

BRKEWN-2019 – 7 Ways To Fail As A Wireless Expert, Steven Heinsius

Lots of attendees filling up the session seats.
Talk about congestion!

Steven had a great analogy for modulation which involves a really well known professional darter. If you replace the dart board with a 256-QAM constellation map, its like trying to hit bulls eye every single time.

He mixed his presentation with technical data and humor which made it a very good stand up performance. Kept a large crowd very interested and I hope they all learned that they should not be using channel 4!

Those fails were:

  • Not properly setting channels such as using overlapping channels.
  • Always using max AP transmit power (had a good tip on RRM here)
  • Designing for 2.4 GHz
  • Not properly placing APs – He went all BadFi on us.
  • Poor security
  • Falling for marketing
  • Not doing your site surveys

BRKEWN-3000 – Analyzing and Fixing Wi-Fi Issues with Cisco WLC tools and Packet Capture Analysis, Jerome Henry

This session was heavy with command line options so I won’t bore you with reading them in for the audio podcast. I just highly recommend viewing this session online. It’s BRKEWN-3000.

Jerome goes over a lot of useful commands that can be used on both a WLC and AP for debugging and analyzing client issues.

This is Jerome’s most passionate subjects. He is constantly doing packet captures wherever he is and then he uses Excel to analyze the data. It’s quite impressive.

One session I was really looking forward to was Improve Enterprise WLAN Spectrum Quality using Cisco Advanced RF Features. My session on the last day was canceled so unfortunately all I have are the slides. Jim Florwick is the presenter and he is truly an expert in RRM. He’s great to speak to if you ever get a chance.

BRKEWN-3011 – Advanced Troubleshooting of Wireless LANs, Tim Smith

Part of troubleshooting is to remain calm and do not jump to conclusions. First thing is first. Identify what the problem is and work methodically.

On a wireless controller, find out what the client state is. You should be familiar with the 802.11 connection process to help identify what state it is in. The wireless controller calls this the Policy Manager State.

The Policy Manager State provides things such as WEBAUTH REQ or it needs DHCP or needs to complete 802.1X among other things. Tim goes through all these steps to help determine what’s wrong using examples. In the examples he displays numerous debugs. It’s good to know that someone knows what all of this means!

Overall it was a very good presentation diving into Cisco wireless LAN controllers and debugging.

Keynote

A sign showing where the Keynote is located.

A great experience I encountered was going up to the VIP suites to watch the opening Keynote as being part of the Cisco Champion program.

To have a comfortable seat around other smart individuals made the experience enjoyable, especially after seeing Chuck Robbins speak for the first time.

  • Went up to the VIP suites as part of the Cisco Champion program. Great seats and views of the welcome keynote in Mandalay Bay. The introduction was like watching a concert.
  • Chuck Robbins – his first Cisco Live Keynote since becoming CEO of Cisco.

Performers during the Cisco Live keynote.

Great Meet the Engineer Session

When scheduling my sessions I had almost forgotten to schedule a Meet The Engineer session. I’ve heard a lot about these and jumped onto the opportunity to speak with Matt Swartz about RRM.

I was surprised to see that Jim Florwick was also in the same room. To hear them both talk about the war stories of designing wireless networks in high density and to find out some useful tips and tools surely made it a highly valuable conversation.

Robert Boardman was also present alongside me and I could tell he was in awe with that session. Am I right Robert?

It was fun hearing Matt Swartz and Jim Florwick talk about their RRM war stories and in the end they provided us with a nifty tool that some of you may know which is the Cisco Wireless LAN Controller Config Analyzer. This is something I look forward to writing about soon.

The People

As informational as the sessions are, and how the meetings with existing vendors play out, all the way down to walking the World of Solutions.. there isn’t anything like meeting the people I speak to every day on social media.

Primarily I want to give a big thanks to Robert Boardman, Mitch Dickey, Brennan Martin, Scott McDermott, Jerry Olla, Jussi Kiviniemi, and John Regal. I have met some of you in previous conferences and the rest I met for the first time.

Talking to my fellow industry experts brings out some of the best conversations over beer and food. That’s where all the money is at.

Talking WiFi with Jerry Olla

Having fun at the Ekahau booth at Cisco Live 2016

Conclusion

If you couldn’t tell by my positive blog post about Cisco Live, I really enjoyed it. Next year I plan on going back, making more connections, and getting more out of it.

Cisco Live is more than a conference. It’s about the community and the experiences we create together. It’s a foolish, funny, smart, and wonderful crowd.

Cheers. Enjoy a couple more photos.

The emergency response vehicle from Cisco

Getting insight on how the Cisco Emergency Response Vehicle is used.
Look! Lots of knobs and buttons!

Telepresence inside the Cisco Emergency Response Vehicle

People heading to breakfast

Solo shot of me wearing the Cisco Hat

The famous Cisco Live Sign