Re: [WIRELESS-LAN] Cisco Wireless Controller
This is probably unrelated, but here goes. We are running 4.2.61.0 on all our WiSMs and they have been very stable as long as ssh is disabled. We were getting reports of clients that were connected and working one minute and connected and not working the next. We traced the problem down to a failed roam. If we looked the user up in WCS, they would exist on two different controllers at the same time with a protocol of mobile on one of them. The only way we could get them working again was for them to disconnect, wait for 5 minutes and try again (or we could kick both connections off manually). We did some searching and found that lots of users were in this same state at any given time. We enabled symmetric mobility on all our controllers. This solved the problem. Now when a client roams to an AP on a different controller, a tunnel is setup between the anchor controller and the new controller. Roaming is fast and simple. On Wed, 8 Oct 2008, Johnson, Bruce T wrote: Date: Wed, 08 Oct 2008 18:43:15 -0400 From: Johnson, Bruce T [EMAIL PROTECTED] Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco Wireless Controller Bear in mind the controllers are designed to remove associations (and save resources) if there hasn't been any traffic seen from the clients. The User Idle Timeout is responsible for this behavior. You can increase this value from its default of 300s to a higher value. This will keep the (inactive) association active longer. I'm trying to find out from Cisco whether this will preserve L3 roaming for mobile devices that don't issue DHCP renewals effectively. Note this can increase memory utilization and will adversely impact location-by-association. BTW, here's an example of the radio reset syslog messages I'm seeing from the APs. Looks like it might be related to another control-plane management function like the aforementioned TSM. Only the b/g radios are affected. 10-08-2008 18:28:46Local7.Error172.20.42.198 17333: AP:0016.465a.884c: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up 10-08-2008 18:28:45Local7.Error172.20.42.198 17332: AP:0016.465a.884c: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down 10-08-2008 18:28:40Local7.Error172.20.42.198 17331: AP:0016.465a.884c: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up 10-08-2008 18:28:40Local7.Error172.20.42.198 17330: AP:0016.465a.884c: %SYS-3-MGDTIMER: Running timer, init, timer = A0786C. -Process= LWAPP 802.11 MAC Management Reception, ipl= 0, pid= 37 -Traceback= 0x5DCB8 0x15F194 0x15F300 0x15F490 0x46F17C 0x46D0E0 0x46D4C4 0x46D5BC 0x193F50 10-08-2008 18:28:39Local7.Error172.20.42.198 17329: AP:0016.465a.884c: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down 10-08-2008 18:12:20Local7.Error132.183.112.28 16239: AP:0015.fa05.a54e: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up 10-08-2008 18:12:19Local7.Error132.183.112.28 16238: AP:0015.fa05.a54e: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down 10-08-2008 18:12:14Local7.Error132.183.112.28 16237: AP:0015.fa05.a54e: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up 10-08-2008 18:10:42Local7.Error172.20.42.143 101: AP:001e.be27.017e: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up 10-08-2008 18:10:42Local7.Error172.20.42.143 100: AP:001e.be27.017e: %SYS-3-MGDTIMER: Running timer, init, timer = D382B4. -Process= LWAPP 802.11 MAC Management Reception, ipl= 0, pid= 42 -Traceback= 0x5DCB8 0x161FBC 0x162128 0x1622B8 0x4C32FC 0x4C1260 0x4C1644 0x4C173C 0x196D90 10-08-2008 18:10:41Local7.Error172.20.42.143 99: AP:001e.be27.017e: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down 10-08-2008 18:10:36Local7.Error172.20.42.143 98: AP:001e.be27.017e: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up 10-08-2008 18:10:35Local7.Error172.20.42.143 97: AP:001e.be27.017e: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down 10-08-2008 18:07:40Local7.Error172.20.42.198 17328: AP:0016.465a.884c: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up 10-08-2008 18:07:39Local7.Error172.20.42.198 17327: AP:0016.465a.884c: %SYS-3-MGDTIMER: Running timer, init, timer = A07D7C. -Process= LWAPP 802.11 MAC Management Reception, ipl= 0, pid= 37 -Traceback= 0x5DCB8 0x15F194 0x15F300 0x15F490 0x46F17C 0x46D0E0 0x46D4C4 0x46D5BC 0x193F50 10-08-2008 18:07:39Local7.Error172.20.42.198 17326: AP:0016.465a.884c: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down 10-08-2008 18:07:34Local7.Error172.20.42.198 17325: AP:0016.465a.884c:
Re: [WIRELESS-LAN] ITunes
Brian, We have experienced the same issue during the last month. A colleague of mine mentioned that iTunes Library sharing was now ON by default...it could explain a lot! We still have a large layer2 subnet (1000 APs, 4000 users in one subnet...a monster) to provide roaming and, lately, have been killed by Broadcast and Multicast Packets. In a desperate measure we have blocked (yesterday) on our Fat APs (Proxim AP-2000 and 4000) Multicast (IP range filtering) , IPv6 (Ethertype) and Netbios Name Service (port 137) and Netbios Datagram (port 138). Broadcast packets went during peak from 80 Packets/s to 30 Packets/s and Multicats packets went from 150 Packets/s to 10-20 Packets/s. Our dormatories, based a Aruba controller Architecture, have /24 subnets. No symptoms, no filtering there. We will revert this measure as soon as we upgrade our main campus wireless to a Controller Based Architecture with small subnets. So far not too many HelpDesk Calls... Philippe -- Philippe Hanset IT Manager University of Tennessee, Knoxville Office of Information Technology Network Services 108 James D Hoskins Library 1400 Cumberland Ave Knoxville, TN 37996 Tel: 1-865-9746555 phanset at utk dot edu -- On Tue, 7 Oct 2008, Brian J David wrote: Greetings We where wondering how other schools have handled ITunes. We have seen the ITunes shared library's list exploding in size this year. With all that multicast traffic everywhere how have you handled the situation. Brian Brian J David Network Systems Engineer Boston College ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
UNSUBSCRIBE
From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of WIRELESS-LAN automatic digest system Sent: Wednesday, October 08, 2008 11:00 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: WIRELESS-LAN Digest - 7 Oct 2008 to 8 Oct 2008 (#2008-165) http://www.lsoft.com LISTSERV mailing list manager http://listserv.educause.edu/cgi-bin/wa.exe?LIST=WIRELESS-LAN LISTSERV 15.0 WIRELESS-LAN Digest - 7 Oct 2008 to 8 Oct 2008 (#2008-165) Table of contents: * Cisco Wireless Controller (11) 1. Cisco Wireless Controller o Cisco Wireless Controller (10/08) From: Mike King [EMAIL PROTECTED] o Re: Cisco Wireless Controller (10/08) From: Manoj Abeysekera [EMAIL PROTECTED] o Re: Cisco Wireless Controller (10/08) From: Justin Dover [EMAIL PROTECTED] o Re: Cisco Wireless Controller (10/08) From: Foerst, Daniel P. [EMAIL PROTECTED] o Re: Cisco Wireless Controller (10/08) From: Kristina Gasca [EMAIL PROTECTED] o Re: Cisco Wireless Controller (10/08) From: Hector J Rios [EMAIL PROTECTED] o Re: Cisco Wireless Controller (10/08) From: Johnson, Bruce T [EMAIL PROTECTED] o Re: Cisco Wireless Controller (10/08) From: Jason Mueller [EMAIL PROTECTED] o Re: Cisco Wireless Controller (10/08) From: John Watters [EMAIL PROTECTED] o Re: Cisco Wireless Controller (10/08) From: Todd Lane [EMAIL PROTECTED] o Re: Cisco Wireless Controller (10/08) From: Johnson, Bruce T [EMAIL PROTECTED] Browse the http://listserv.educause.edu/cgi-bin/wa.exe?LIST=WIRELESS-LAN WIRELESS-LAN online archives. http://www.lsoft.com/products/default.asp?item=secured-by-FShost=LISTSERV. EDUCAUSE.EDUwa=http://listserv.educause.edu/cgi-bin/wa.exe Anti-Virus Filter http://www.lsoft.com/products/listserv-powered.asp Powered by the LISTSERV Email List Manager ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Cisco Wireless Controller
I had to do the sameI believe the correct term is symmetric tunneling picky, picky, picky :) -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of Todd M. Hall Sent: Thursday, October 09, 2008 9:06 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco Wireless Controller This is probably unrelated, but here goes. We are running 4.2.61.0 on all our WiSMs and they have been very stable as long as ssh is disabled. We were getting reports of clients that were connected and working one minute and connected and not working the next. We traced the problem down to a failed roam. If we looked the user up in WCS, they would exist on two different controllers at the same time with a protocol of mobile on one of them. The only way we could get them working again was for them to disconnect, wait for 5 minutes and try again (or we could kick both connections off manually). We did some searching and found that lots of users were in this same state at any given time. We enabled symmetric mobility on all our controllers. This solved the problem. Now when a client roams to an AP on a different controller, a tunnel is setup between the anchor controller and the new controller. Roaming is fast and simple. On Wed, 8 Oct 2008, Johnson, Bruce T wrote: Date: Wed, 08 Oct 2008 18:43:15 -0400 From: Johnson, Bruce T [EMAIL PROTECTED] Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco Wireless Controller Bear in mind the controllers are designed to remove associations (and save resources) if there hasn't been any traffic seen from the clients. The User Idle Timeout is responsible for this behavior. You can increase this value from its default of 300s to a higher value. This will keep the (inactive) association active longer. I'm trying to find out from Cisco whether this will preserve L3 roaming for mobile devices that don't issue DHCP renewals effectively. Note this can increase memory utilization and will adversely impact location-by-association. BTW, here's an example of the radio reset syslog messages I'm seeing from the APs. Looks like it might be related to another control-plane management function like the aforementioned TSM. Only the b/g radios are affected. 10-08-200818:28:46Local7.Error172.20.42.198 17333: AP:0016.465a.884c: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up 10-08-200818:28:45Local7.Error172.20.42.198 17332: AP:0016.465a.884c: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down 10-08-200818:28:40Local7.Error172.20.42.198 17331: AP:0016.465a.884c: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up 10-08-200818:28:40Local7.Error172.20.42.198 17330: AP:0016.465a.884c: %SYS-3-MGDTIMER: Running timer, init, timer = A0786C. -Process= LWAPP 802.11 MAC Management Reception, ipl= 0, pid= 37 -Traceback= 0x5DCB8 0x15F194 0x15F300 0x15F490 0x46F17C 0x46D0E0 0x46D4C4 0x46D5BC 0x193F50 10-08-200818:28:39Local7.Error172.20.42.198 17329: AP:0016.465a.884c: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down 10-08-200818:12:20Local7.Error132.183.112.28 16239: AP:0015.fa05.a54e: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up 10-08-200818:12:19Local7.Error132.183.112.28 16238: AP:0015.fa05.a54e: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down 10-08-200818:12:14Local7.Error132.183.112.28 16237: AP:0015.fa05.a54e: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up 10-08-200818:10:42Local7.Error172.20.42.143 101: AP:001e.be27.017e: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up 10-08-200818:10:42Local7.Error172.20.42.143 100: AP:001e.be27.017e: %SYS-3-MGDTIMER: Running timer, init, timer = D382B4. -Process= LWAPP 802.11 MAC Management Reception, ipl= 0, pid= 42 -Traceback= 0x5DCB8 0x161FBC 0x162128 0x1622B8 0x4C32FC 0x4C1260 0x4C1644 0x4C173C 0x196D90 10-08-200818:10:41Local7.Error172.20.42.143 99: AP:001e.be27.017e: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down 10-08-200818:10:36Local7.Error172.20.42.143 98: AP:001e.be27.017e: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up 10-08-200818:10:35Local7.Error172.20.42.143 97: AP:001e.be27.017e: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down 10-08-200818:07:40Local7.Error172.20.42.198 17328: AP:0016.465a.884c: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up 10-08-200818:07:39Local7.Error172.20.42.198 17327: AP:0016.465a.884c: %SYS-3-MGDTIMER: Running timer, init, timer = A07D7C.
RE: [WIRELESS-LAN] Cisco Wireless Controller
Bruce: Too bad these features can't be enabled/disabled on a per-AP basis. You just nailed the essence of one of the big trade-offs of all that is gained with the thin wireless architecture. In many ways, the WiSM is the AP, and the APs have become antennas- the feature granularility of autonomous APs is greatly reduced, and often in ways that are counter-intuitive (at least to me). One man's o-pinon:-) Lee Lee H. Badman Wireless/Network Engineer Information Technology and Services Syracuse University 315 443-3003 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of Johnson, Bruce T Sent: Thursday, October 09, 2008 10:40 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco Wireless Controller That's a good point Jeff, I understood RLDP causes APs to become active clients in order to associate to rogues and hence can impact active connections; I didn't realize this would reset the radios, however. Either way, the impact on connections is, as all Cisco caveats are, neatly tucked in the back of the Field Notices. I had this enabled on one controller to test its effectiveness, and it explains why I see the resets exclusively on the b/g radios of APs that actually hear rogues. Too bad these features can't be enabled/disabled on a per-AP basis. Thanks, --Bruce Johnson From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of Legge, Jeffry Sent: Thursday, October 09, 2008 10:08 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco Wireless Controller Do you have RLDP enabled on your controllers? See the attachment. RLDP actually resets the radio interface in order to associate to a rogue AP as a client and attempts to send a message through the rogue AP to see if it reaches the controller. This can take 30 seconds. Just a thought. -Jeff Legge Radford University From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of Manoj Abeysekera Sent: Wednesday, October 08, 2008 2:55 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco Wireless Controller Mike, We run 4.2.130. I was told by Cisco Engineer to downgrade to this version as we had a nightmare with 5.x. However we still get Clients disconnected at random intervals(Radio seems to reset somehow forcing clients to roam to nearby LAP's). Cisco has no clue and i wonder why not many people have called them yet. WLC's 4404 AP's 1230 Open Network Let me know if you find a cure.. Good Luck! Manoj American U. Mike King [EMAIL PROTECTED] Sent by: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 10/08/2008 02:44 PM Please respond to The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU To WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU cc Subject [WIRELESS-LAN] Cisco Wireless Controller So Cisco LWAPP people, Currently we're on 4.1.185.0 http://4.1.185.0/ . It's a 4402 controller, with 1131AG access points. Anyone made the leap to one of the 4.2, 5.0 , or 5.1 trains without seriously regretting it? We've had some random disconnects with clients. It's pretty common, happening to most all users. We're running WPA-PSK, so it's not an 802.1x issue. Before we involve TAC, we figured we should upgrade to a new code train. Mike ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. http://www.educause.edu/groups/ ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. The information transmitted in this electronic communication is intended only for the person or entity to whom it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this information in error, please contact the Compliance HelpLine at 800-856-1983 and properly dispose of this information. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Management Software
For multi-vendor management, AirWave is it. See http://www.networkcomputing.com/showArticle.jhtml?articleID=197005719qu eryText=AirWave It's not cheap, but is extremely powerful. One nice thing is that you can do basic switch monitoring (not management)despite it being a wireless management tool. Lee Lee H. Badman Wireless/Network Engineer Information Technology and Services Syracuse University 315 443-3003 -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of Martin Jr., D. Michael Sent: Thursday, October 09, 2008 10:44 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Management Software I need a quick survey of what all of you out there use for management of your wireless devices (APs and such). We are a small shop with only 127 Access Points and 97 switches but the number of APs will probably double within the next year or so. Most of our devices are HP but we have some legacy Cisco stuff too. Any advice would be appreciated on management software for handling firmware updates, mass configuration changes, monitoring, etc... Thanks, D. Michael Martin, Jr. Network Administrator University of Montevallo ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] ITunes
I forgot: Quality of Service has improved tremendously! -- Philippe Hanset IT Manager University of Tennessee, Knoxville Office of Information Technology Network Services 108 James D Hoskins Library 1400 Cumberland Ave Knoxville, TN 37996 Tel: 1-865-9746555 phanset at utk dot edu -- On Thu, 9 Oct 2008, Philippe Hanset wrote: Brian, We have experienced the same issue during the last month. A colleague of mine mentioned that iTunes Library sharing was now ON by default...it could explain a lot! We still have a large layer2 subnet (1000 APs, 4000 users in one subnet...a monster) to provide roaming and, lately, have been killed by Broadcast and Multicast Packets. In a desperate measure we have blocked (yesterday) on our Fat APs (Proxim AP-2000 and 4000) Multicast (IP range filtering) , IPv6 (Ethertype) and Netbios Name Service (port 137) and Netbios Datagram (port 138). Broadcast packets went during peak from 80 Packets/s to 30 Packets/s and Multicats packets went from 150 Packets/s to 10-20 Packets/s. Our dormatories, based a Aruba controller Architecture, have /24 subnets. No symptoms, no filtering there. We will revert this measure as soon as we upgrade our main campus wireless to a Controller Based Architecture with small subnets. So far not too many HelpDesk Calls... Philippe -- Philippe Hanset IT Manager University of Tennessee, Knoxville Office of Information Technology Network Services 108 James D Hoskins Library 1400 Cumberland Ave Knoxville, TN 37996 Tel: 1-865-9746555 phanset at utk dot edu -- On Tue, 7 Oct 2008, Brian J David wrote: Greetings We where wondering how other schools have handled ITunes. We have seen the ITunes shared library's list exploding in size this year. With all that multicast traffic everywhere how have you handled the situation. Brian Brian J David Network Systems Engineer Boston College ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: Management Software
We've been using Airwave with a mixed vendor environment (rapidly moving to Aruba-only) and have been very happy. -Joe -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of Martin Jr., D. Michael Sent: Thursday, October 09, 2008 10:44 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Management Software I need a quick survey of what all of you out there use for management of your wireless devices (APs and such). We are a small shop with only 127 Access Points and 97 switches but the number of APs will probably double within the next year or so. Most of our devices are HP but we have some legacy Cisco stuff too. Any advice would be appreciated on management software for handling firmware updates, mass configuration changes, monitoring, etc... Thanks, D. Michael Martin, Jr. Network Administrator University of Montevallo ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] Cisco Wireless Controller
It depends where you look. WCS has Symmetric Tunneling, the controller documentation says Symmetric Mobility Tunneling. I guess that's what stuck in my head when I read it. On Thu, 9 Oct 2008, Legge, Jeffry wrote: Date: Thu, 09 Oct 2008 10:23:57 -0400 From: Legge, Jeffry [EMAIL PROTECTED] Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco Wireless Controller I had to do the sameI believe the correct term is symmetric tunneling picky, picky, picky :) -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of Todd M. Hall Sent: Thursday, October 09, 2008 9:06 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco Wireless Controller This is probably unrelated, but here goes. We are running 4.2.61.0 on all our WiSMs and they have been very stable as long as ssh is disabled. We were getting reports of clients that were connected and working one minute and connected and not working the next. We traced the problem down to a failed roam. If we looked the user up in WCS, they would exist on two different controllers at the same time with a protocol of mobile on one of them. The only way we could get them working again was for them to disconnect, wait for 5 minutes and try again (or we could kick both connections off manually). We did some searching and found that lots of users were in this same state at any given time. We enabled symmetric mobility on all our controllers. This solved the problem. Now when a client roams to an AP on a different controller, a tunnel is setup between the anchor controller and the new controller. Roaming is fast and simple. On Wed, 8 Oct 2008, Johnson, Bruce T wrote: Date: Wed, 08 Oct 2008 18:43:15 -0400 From: Johnson, Bruce T [EMAIL PROTECTED] Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco Wireless Controller Bear in mind the controllers are designed to remove associations (and save resources) if there hasn't been any traffic seen from the clients. The User Idle Timeout is responsible for this behavior. You can increase this value from its default of 300s to a higher value. This will keep the (inactive) association active longer. I'm trying to find out from Cisco whether this will preserve L3 roaming for mobile devices that don't issue DHCP renewals effectively. Note this can increase memory utilization and will adversely impact location-by-association. BTW, here's an example of the radio reset syslog messages I'm seeing from the APs. Looks like it might be related to another control-plane management function like the aforementioned TSM. Only the b/g radios are affected. 10-08-2008 18:28:46Local7.Error172.20.42.198 17333: AP:0016.465a.884c: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up 10-08-2008 18:28:45Local7.Error172.20.42.198 17332: AP:0016.465a.884c: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down 10-08-2008 18:28:40Local7.Error172.20.42.198 17331: AP:0016.465a.884c: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up 10-08-2008 18:28:40Local7.Error172.20.42.198 17330: AP:0016.465a.884c: %SYS-3-MGDTIMER: Running timer, init, timer = A0786C. -Process= LWAPP 802.11 MAC Management Reception, ipl= 0, pid= 37 -Traceback= 0x5DCB8 0x15F194 0x15F300 0x15F490 0x46F17C 0x46D0E0 0x46D4C4 0x46D5BC 0x193F50 10-08-2008 18:28:39Local7.Error172.20.42.198 17329: AP:0016.465a.884c: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down 10-08-2008 18:12:20Local7.Error132.183.112.28 16239: AP:0015.fa05.a54e: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up 10-08-2008 18:12:19Local7.Error132.183.112.28 16238: AP:0015.fa05.a54e: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down 10-08-2008 18:12:14Local7.Error132.183.112.28 16237: AP:0015.fa05.a54e: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up 10-08-2008 18:10:42Local7.Error172.20.42.143 101: AP:001e.be27.017e: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up 10-08-2008 18:10:42Local7.Error172.20.42.143 100: AP:001e.be27.017e: %SYS-3-MGDTIMER: Running timer, init, timer = D382B4. -Process= LWAPP 802.11 MAC Management Reception, ipl= 0, pid= 42 -Traceback= 0x5DCB8 0x161FBC 0x162128 0x1622B8 0x4C32FC 0x4C1260 0x4C1644 0x4C173C 0x196D90 10-08-2008 18:10:41Local7.Error172.20.42.143 99: AP:001e.be27.017e: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down 10-08-2008 18:10:36Local7.Error172.20.42.143 98:
RE: [WIRELESS-LAN] Cisco Wireless Controller
Agreed, I From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of Lee H Badman Sent: Thursday, October 09, 2008 10:50 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco Wireless Controller Bruce: Too bad these features can't be enabled/disabled on a per-AP basis. You just nailed the essence of one of the big trade-offs of all that is gained with the thin wireless architecture. In many ways, the WiSM is the AP, and the APs have become antennas- the feature granularility of autonomous APs is greatly reduced, and often in ways that are counter-intuitive (at least to me). One man's o-pinon:-) Lee Lee H. Badman Wireless/Network Engineer Information Technology and Services Syracuse University 315 443-3003 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of Johnson, Bruce T Sent: Thursday, October 09, 2008 10:40 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco Wireless Controller That's a good point Jeff, I understood RLDP causes APs to become active clients in order to associate to rogues and hence can impact active connections; I didn't realize this would reset the radios, however. Either way, the impact on connections is, as all Cisco caveats are, neatly tucked in the back of the Field Notices. I had this enabled on one controller to test its effectiveness, and it explains why I see the resets exclusively on the b/g radios of APs that actually hear rogues. Too bad these features can't be enabled/disabled on a per-AP basis. Thanks, --Bruce Johnson From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of Legge, Jeffry Sent: Thursday, October 09, 2008 10:08 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco Wireless Controller Do you have RLDP enabled on your controllers? See the attachment. RLDP actually resets the radio interface in order to associate to a rogue AP as a client and attempts to send a message through the rogue AP to see if it reaches the controller. This can take 30 seconds. Just a thought. -Jeff Legge Radford University From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of Manoj Abeysekera Sent: Wednesday, October 08, 2008 2:55 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco Wireless Controller Mike, We run 4.2.130. I was told by Cisco Engineer to downgrade to this version as we had a nightmare with 5.x. However we still get Clients disconnected at random intervals(Radio seems to reset somehow forcing clients to roam to nearby LAP's). Cisco has no clue and i wonder why not many people have called them yet. WLC's 4404 AP's 1230 Open Network Let me know if you find a cure.. Good Luck! Manoj American U. Mike King [EMAIL PROTECTED] Sent by: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 10/08/2008 02:44 PM Please respond to The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU To WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU cc Subject [WIRELESS-LAN] Cisco Wireless Controller So Cisco LWAPP people, Currently we're on 4.1.185.0 http://4.1.185.0/ . It's a 4402 controller, with 1131AG access points. Anyone made the leap to one of the 4.2, 5.0 , or 5.1 trains without seriously regretting it? We've had some random disconnects with clients. It's pretty common, happening to most all users. We're running WPA-PSK, so it's not an 802.1x issue. Before we involve TAC, we figured we should upgrade to a new code train. Mike ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. http://www.educause.edu/groups/ ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. The information transmitted in this electronic communication is intended only for the person or entity to whom it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this information in error, please contact the Compliance HelpLine at 800-856-1983 and properly dispose of this information. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Management Software
We use a couple of the Airwave AMP products to manage Cisco IOS Cisco WiSM/LWAPP. 850+ on one AMP (ResNet) and 600+ on the other (general campus use). Both will continue to grow. Very nice product. Tried the Cisco WCS but it was not nice at all to drive. In addition, licensing is a real pain. It took months to get a valid license for an upgrade. By then, I needed another. I could never get licenses (increments of 100) as fast as I needed them without buying too many in advance. -jcw - John Watters UA: OIT 205-348-3992 -Original Message- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of Martin Jr., D. Michael Sent: Thursday, October 09, 2008 9:44 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Management Software I need a quick survey of what all of you out there use for management of your wireless devices (APs and such). We are a small shop with only 127 Access Points and 97 switches but the number of APs will probably double within the next year or so. Most of our devices are HP but we have some legacy Cisco stuff too. Any advice would be appreciated on management software for handling firmware updates, mass configuration changes, monitoring, etc... Thanks, D. Michael Martin, Jr. Network Administrator University of Montevallo ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
RE: [WIRELESS-LAN] Cisco Wireless Controller
Agreed, So many (more) features, semi-centralized on several controllers, is a tradeoff. Until I don't have to care about multiple controllers, its neither centralized nor intelligent. How much more innovation we can expect from the big infrastructure vendors remains to be seen. So far, the lack of a middle-ground (group-level) flexibility of configuration, between autonomous and centralized, is where I've felt the pain. I do like AirWave in that you can create configuration containers/domains - this is the right approach (I am not a fan of the single flat template domain of the WCS). The more I hear of the Aerohive approach, the more it seems the right fit for virtualized radio management. My declining .02 --Bruce From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of Lee H Badman Sent: Thursday, October 09, 2008 10:50 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco Wireless Controller Bruce: Too bad these features can't be enabled/disabled on a per-AP basis. You just nailed the essence of one of the big trade-offs of all that is gained with the thin wireless architecture. In many ways, the WiSM is the AP, and the APs have become antennas- the feature granularility of autonomous APs is greatly reduced, and often in ways that are counter-intuitive (at least to me). One man's o-pinon:-) Lee Lee H. Badman Wireless/Network Engineer Information Technology and Services Syracuse University 315 443-3003 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of Johnson, Bruce T Sent: Thursday, October 09, 2008 10:40 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco Wireless Controller That's a good point Jeff, I understood RLDP causes APs to become active clients in order to associate to rogues and hence can impact active connections; I didn't realize this would reset the radios, however. Either way, the impact on connections is, as all Cisco caveats are, neatly tucked in the back of the Field Notices. I had this enabled on one controller to test its effectiveness, and it explains why I see the resets exclusively on the b/g radios of APs that actually hear rogues. Too bad these features can't be enabled/disabled on a per-AP basis. Thanks, --Bruce Johnson From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of Legge, Jeffry Sent: Thursday, October 09, 2008 10:08 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco Wireless Controller Do you have RLDP enabled on your controllers? See the attachment. RLDP actually resets the radio interface in order to associate to a rogue AP as a client and attempts to send a message through the rogue AP to see if it reaches the controller. This can take 30 seconds. Just a thought. -Jeff Legge Radford University From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL PROTECTED] On Behalf Of Manoj Abeysekera Sent: Wednesday, October 08, 2008 2:55 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Cisco Wireless Controller Mike, We run 4.2.130. I was told by Cisco Engineer to downgrade to this version as we had a nightmare with 5.x. However we still get Clients disconnected at random intervals(Radio seems to reset somehow forcing clients to roam to nearby LAP's). Cisco has no clue and i wonder why not many people have called them yet. WLC's 4404 AP's 1230 Open Network Let me know if you find a cure.. Good Luck! Manoj American U. Mike King [EMAIL PROTECTED] Sent by: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 10/08/2008 02:44 PM Please respond to The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU To WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU cc Subject [WIRELESS-LAN] Cisco Wireless Controller So Cisco LWAPP people, Currently we're on 4.1.185.0 http://4.1.185.0/ . It's a 4402 controller, with 1131AG access points. Anyone made the leap to one of the 4.2, 5.0 , or 5.1 trains without seriously regretting it? We've had some random disconnects with clients. It's pretty common, happening to most all users. We're running WPA-PSK, so it's not an 802.1x issue. Before we involve TAC, we figured we should upgrade to a new code train. Mike ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. http://www.educause.edu/groups/ ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion
Re: [WIRELESS-LAN] Cisco Wireless Controller
Jeff, I checked and RLDP is disabled. (I had previously checked that) I setup a syslog, and found that the following errors are kicked out when a client is disconnected: apf_ms.c:3946 APF-4-MOBILESTATION_NOT_FOUND: Could not find the mobile 00:00:00:00:00:00 in internal database (Where 00:00 is the MAC of the client) Then two Could not find appropriate RADIUS Server WLAN 1 error messages. Sounds like a TAC call. I think I'll upgrade to 4.2.130.0 and see if the problem is still here before I do. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: WIRELESS-LAN Digest - 7 Oct 2008 to 8 Oct 2008 (#2008-165)
WIRELESS-LAN automatic digest system wrote: There are 11 messages totalling 2342 lines in this issue. Topics of the day: 1. Cisco Wireless Controller (11) ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. -- Date:Wed, 8 Oct 2008 14:34:09 -0400 From:Mike King [EMAIL PROTECTED] Subject: Cisco Wireless Controller --=_Part_91742_10866272.1223490849819 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline So Cisco LWAPP people, Currently we're on 4.1.185.0. It's a 4402 controller, with 1131AG access points. Anyone made the leap to one of the 4.2, 5.0 , or 5.1 trains without seriously regretting it? We had upgraded to 5.1.151.0 on both 4404 and 4402 controller with 1252 APs. Currently we experienced the issue of controller crashing itself. Controllers crashed quite often. One of controllers was up and running for 6 days then it crashed. Sometimes it just lasted about 2 days after the previous crash. We are working with TAC and they had handed this to software team to find a fix for this bug. We've had some random disconnects with clients. It's pretty common, happening to most all users. We're running WPA-PSK, so it's not an 802.1x issue. Before we involve TAC, we figured we should upgrade to a new code train. Mike ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. --=_Part_91742_10866272.1223490849819 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline div dir=ltrSo Cisco LWAPP people,divbr/divdivCurrently we#39;re on a href=http://4.1.185.0;4.1.185.0/a. It#39;s a 4402 controller, with 1131AG access points./divdivbr/divdivAnyone made the leap to one of the 4.2, 5.0 , or 5.1 trains without seriously regretting it?/div divbr/divdivWe#39;ve had some random disconnects with clients. nbsp;It#39;s pretty common, happening to most all users. nbsp;We#39;re running WPA-PSK, so it#39;s not an 802.1x issue. nbsp;Before we involve TAC, we figured we should upgrade to a new code train./div divbr/divdivMike/div/div ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. p --=_Part_91742_10866272.1223490849819-- -- Date:Wed, 8 Oct 2008 14:54:44 -0400 From:Manoj Abeysekera [EMAIL PROTECTED] Subject: Re: Cisco Wireless Controller This is a multipart message in MIME format. --=_alternative 0067E3BB852574DC_= Content-Type: text/plain; charset=US-ASCII Mike, We run 4.2.130. I was told by Cisco Engineer to downgrade to this version as we had a nightmare with 5.x. However we still get Clients disconnected at random intervals(Radio seems to reset somehow forcing clients to roam to nearby LAP's). Cisco has no clue and i wonder why not many people have called them yet. WLC's 4404 AP's 1230 Open Network Let me know if you find a cure.. Good Luck! Manoj American U. Mike King [EMAIL PROTECTED] Sent by: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 10/08/2008 02:44 PM Please respond to The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU To WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU cc Subject [WIRELESS-LAN] Cisco Wireless Controller So Cisco LWAPP people, Currently we're on 4.1.185.0. It's a 4402 controller, with 1131AG access points. Anyone made the leap to one of the 4.2, 5.0 , or 5.1 trains without seriously regretting it? We've had some random disconnects with clients. It's pretty common, happening to most all users. We're running WPA-PSK, so it's not an 802.1x issue. Before we involve TAC, we figured we should upgrade to a new code train. Mike ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. --=_alternative 0067E3BB852574DC_= Content-Type: text/html; charset=US-ASCII brfont size=2 face=sans-serifMike,/font br brfont size=2 face=sans-serifWe run 4.2.130. I was told by Cisco Engineer to downgrade to this version as we had a nightmare with 5.x. However we still get Clients disconnected at random intervals(Radio seems to reset somehow forcing clients to roam to nearby LAP's). Cisco has no clue and i wonder why not many people have called them yet./font br brfont size=2 face=sans-serifWLC's 4404/font brfont size=2 face=sans-serifAP's 1230/font brfont size=2 face=sans-serifOpen
Re: [WIRELESS-LAN] WIRELESS-LAN Digest - 7 Oct 2008 to 8 Oct 2008 (#2008-165)
Are the crashes preceded by a spike in memory usage on the controller? -Chris Chris Murphy Network Engineer, NIST MIT Information Services Technology 617-253-4105 [EMAIL PROTECTED] On 10/9/08 12:57 PM, Yacheng, Janet, Shu [EMAIL PROTECTED] wrote: WIRELESS-LAN automatic digest system wrote: There are 11 messages totalling 2342 lines in this issue. Topics of the day: 1. Cisco Wireless Controller (11) ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. -- Date:Wed, 8 Oct 2008 14:34:09 -0400 From:Mike King [EMAIL PROTECTED] Subject: Cisco Wireless Controller --=_Part_91742_10866272.1223490849819 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline So Cisco LWAPP people, Currently we're on 4.1.185.0. It's a 4402 controller, with 1131AG access points. Anyone made the leap to one of the 4.2, 5.0 , or 5.1 trains without seriously regretting it? We had upgraded to 5.1.151.0 on both 4404 and 4402 controller with 1252 APs. Currently we experienced the issue of controller crashing itself. Controllers crashed quite often. One of controllers was up and running for 6 days then it crashed. Sometimes it just lasted about 2 days after the previous crash. We are working with TAC and they had handed this to software team to find a fix for this bug. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Educause Orlando Show
I'm going to be working (well, primarily drinking beer) at the EDUCAUSE show in Orlando the end of the month. I'll be hanging around Airwave and Aruba areas mostly in the evening. If anyone wants to have a beer or just say high (this includes other wireless vendors too - us engineers need to stick together!) that would be great. -Emerson 408-838-3801 cell ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
