Re: [WIRELESS-LAN] [External] Re: [WIRELESS-LAN] Anyone else seeing any issues in the fall with large classrooms and delayed connection times (Aruba 8.5.0.13)

2021-09-01 Thread Tolka, Bryan 
Ryan,

Do you have multicast enabled ?What is the mandatory rate you are using in 
the classrooms?

We just had some issues with this not on Aruba .

Bryan Tolka

Sent from my iPhone

On Sep 1, 2021, at 5:00 PM, Street, Chad A  wrote:



Cody and all...

We are also seeing STM spikes that are impacting associations.

We have also disabled all our polling ( Airwave, Orion, etc ) and reduced the 
client load balancing thresholds so that we have around 4K clients per 
controller.  This seemed to help a great deal.  After working with Aruba today, 
my understanding of the primary cause of the STM spikes is due to the MM 
polling the MCs.  With large client loads on the MCs ( combined with all the 
other SNMP polling going on ), this seems to take longer and sometimes does not 
work.  When it does not work, it bootstraps which spikes the STM process.

The suggested band-aid is to block the GUI polling traffic between the MM and 
MC.  You will lose the GUI information from your MM, but all the MC information 
is still present.  We have applied this to our lab and we are going to push to 
production tonight to see if it helps.  If it does help, we plan on turning 
back up our monitoring tools ( Airwave ).

fingers crossed

here is how to block the traffic:
cd /md/yourrootlocation
firewall-cp
 ipv4 deny any proto 6 ports 15260 15261 position 1
!

Chad
chad.str...@emory.edu

From: The EDUCAUSE Wireless Issues Community Group Listserv 
 on behalf of Cody Ensanian 

Sent: Wednesday, September 1, 2021 11:41 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU 
Subject: [External] Re: [WIRELESS-LAN] Anyone else seeing any issues in the 
fall with large classrooms and delayed connection times (Aruba 8.5.0.13)


I’m hearing issues of high cpu utilization for STM on the controllers causing 
issues. Maybe check your controllers and see if you are seeing the high cpu use 
for STM. Heard earlier today from our SE that Aruba has “identified the issue 
and is working on a fix.” I suggest opening the TAC case so they can track it 
better, and help them hone in on a fix better. We’re seeing the high cpu use on 
one of our controllers (but this controller also has higher client load). 
However, we have not had a flood of calls to our help desk for wireless issues 
(not saying they aren’t happening). Our SE also said if you’re experiencing the 
issue, disabling any system or process level debugging as helped, as well as 
disabling any SNMP polling.

[cid:image001.png@01D79F14.D04A94F0]



-Cody

UCCS





From: The EDUCAUSE Wireless Issues Community Group Listserv 
 On Behalf Of Turner, Ryan H
Sent: Wednesday, September 1, 2021 9:27 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Anyone else seeing any issues in the fall with large 
classrooms and delayed connection times (Aruba 8.5.0.13)



This is a stab in the dark.  With the University mostly shutdown since the 
Spring of 2020 (=not operating in standard mode and most people work from 
home), we got campus upgraded from 6.X to 8.X code base.  We’ve also installed 
many 515 series APs.  We are getting a large number of complaints in large 
classrooms that connecting to things like eduroam takes a long time.  Looking 
into the connection, we see many incomplete RADIUS challenges.  The general 
complaints are ‘we come into the classroom, and for some folks it can take up 
to 5 minutes to get connected’.  The odd thing is that our RADIUS 
infrastructure is very large, polished and load shared, and we can see no 
performance issues with any of the RADIUS servers.  We have begun reducing 
power in the large classrooms to make association issues better, but so far 
that hasn’t changed much.  We anticipate opening a ticket with Aruba, soon.  We 
do seem to see the most complaints in the big classrooms.  But I do keep going 
back to the RADIUS Challenges incomplete.  I know if no reason for those not to 
complete unless the connection is broken midway.



Has anyone else seen something like this?



Ryan Turner

Head of Networking

Communication Technologies | Information Technology Services

r...@unc.edu

+1 919 445 0113 (Office)

+1 919 274 7926 (Mobile)



**
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community

**
Replies to EDUCAUSE Community Group emails are sent to the

Re: [WIRELESS-LAN] Wireless Options

2018-05-17 Thread Tolka, Bryan 
Extreme networks is a vendor I would suggest.



Sent from my iPhone

On May 17, 2018, at 2:50 PM, Matt Freitag 
> wrote:

Another +1 on Aruba. We've also had varying experiences with their support but 
they are mostly positive experiences. The two negative experiences I had with 
their support went about like this:

  *   AP-125's spontaneously crash and reboot due to a memory management bug 
with no workaround. This went on for months while we were already replacing our 
AP-125's anyway because those went end-of-support a while ago, but their 
engineering group took months to release a fix to us.
  *   One single CPU in our data path module in our 7240s goes to 100% and 
causes authentication timeouts, increased ping times from our network monitor 
to our APs to the point that the network monitor says they're down, and users 
experience terribly slow connectivity. We saw the issue most when people were 
changing classes and increasing the load on the controller a lot with handling 
all the associations and disassociations, and the workaround roughly equated to 
"split the load between our controllers" which just hid the issue, and then 
when that began to fail us our school year ended and we haven't seen the issue 
since. We expect to see this again in the fall if Aruba doesn't release the fix 
to us over the summer. We've had a ticket open with them since October.

Overwhelmingly positive experience I had with their support tho: all APs on our 
campus would spontaneously reboot. Turns out this was due to a very well 
malformed UDP packet reaching the controller over the GRE tunnel between 
controller and AP causing the AP management process on the controller to hang. 
Since it was hung, the process stopped responding to heartbeat requests from 
the APs, APs would think the controller is down and reboot. Fix was enable 
control plane security which enables an IPSec tunnel between the APs and 
controller and IPSec packet validation mechanisms recognized the bad packets 
causing the bug as bad packets and silently discarded them which resolved our 
issue.

Side note for all the Aruba users, I personally recommend enabling cpsec on 
your controllers just to avoid this scenario and encrypt your user traffic on 
its way to the controller. Doing this will cause all your APs to reboot to 
establish tunnels to the controllers. Double check with your SE and/or Aruba 
TAC to check if there are any caveats to doing this in your environment but 
we've got 1,400 APs and are approaching 10k active users during the school year 
and haven't had a problem.

Back to the topic at hand: overall we've found the product itself is very 
stable and works well. We also stick with the conservative release branch 
because, while that branch doesn't have all the latest features, it's got all 
the stability and we're huge fans of stability here. The APs are easy to set 
up, reasonably priced, also solidly stable, the feature set you do have with 
your chosen release works well, etc. etc.


Matt Freitag
Network Engineer
Information Technology
Michigan Technological University
(906) 487-3696
https://www.mtu.edu/
https://www.mtu.edu/it

On Thu, May 17, 2018 at 2:24 PM, Pramod Bhardwaj 
> wrote:
I recommend Aruba as well, we moved to Aruba last year from Meru and very happy 
with it and no complaints for anyone so far. We have about 260 APS on both the 
campuses

Pramod
Principal Manager of IT Infrastructure
MCC
(978) 656-3308

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
> 
On Behalf Of James Moskwa
Sent: Thursday, May 17, 2018 2:22 PM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Wireless Options

You need to include Aruba in your list.

Regards,
-- Jim

Sr. Network Engineer
Information Technology Department
Johnson & Wales University
8 Abbott Park 
Place
Providence, RI 
02903
Office: 
401-598-1556
Mobile: 401-249-0579
eFax: 401-223-4998
Email: james.mos...@jwu.edu

Visit JWU Gateway to submit a ticket, get University 
forms, and more!


From: EDUCAUSE Listserv 
> 
on behalf of John Rodkey >
Reply-To: EDUCAUSE Listserv 
>
Date: Thursday, May 17, 2018 at 2:10 PM
To: EDUCAUSE Listserv

Re: [WIRELESS-LAN] Need help

2018-04-23 Thread Tolka, Bryan 

Good luck finding any Cisco code that actually works.

Bryan Tolka

Sent from my iPhone

On Apr 23, 2018, at 10:47 AM, Jeffrey D. Sessler 
> wrote:

Is there a reason you are on that code? I’d start with running the recommended 
8.2MR7 interim.

Jeff

From: 
"wireless-lan@listserv.educause.edu" 
> 
on behalf of Hector J Rios >
Reply-To: 
"wireless-lan@listserv.educause.edu" 
>
Date: Monday, April 23, 2018 at 7:10 AM
To: 
"wireless-lan@listserv.educause.edu" 
>
Subject: [WIRELESS-LAN] Need help

All,

Last fall we all shared our experiences with the beginning of the semester. 
Ours was not great, and what we thought had been resolved, came back to bite 
us, again. If you want more info, search for subject “Re: [WIRELESS-LAN] Move 
In/Opening Week- Any Problems?”

My question to all of you is the following: If you have Cisco 8540s and over 
3000 APs, have you ever moved APs from one controller to another with no 
issues? i.e. You move 3000 APs from one controller to another at once.  Please 
respond and let me know your basic setup.

Here is our problem. Last year we moved all of our APs to an HA pair of 8540. 
We experienced no issues until the beginning of the fall, when all students 
came back. Last week, we moved all the APs from one HA pair to another, and 
right away we started experiencing issues.

What is the issue? When the issue starts happening, it appears that a good 
portion of our APs cannot associate to our controllers. It seems like the 
controllers run out of resources to be able to establish CAPWAP tunnels (memory 
leak?).

Our configuration:

Two HA pairs of 8540s, AP/Client SSO
AVC turned on, only on eduroam
IPv4/IPv6 dual stack support
Our oldest AP model is 1140
Software 8.2.161 (yes, we know it is deferred)
3900 APs
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/discuss.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/discuss.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.

Re: [WIRELESS-LAN] Cisco WLC code recommendations

2017-03-16 Thread Tolka, Bryan 
we have 25% of our 3602 with ac module rebooting daily...  i have tried every 
code release from 8.0.140 to 8.3 MR1.   8.2 MR5  does not have a single 3600 ap 
bug fix that i could find..


Bryan Tolka
WVU Health Sciences Center
Information Technology Services
P.O. Box 9010
Morgantown, WV  26506
Voice:  304 293-4683
Fax: 304 293-7268

Confidentiality Notice: This e-mail message, including any attachments, is for 
the sole use of the intended recipient(s) and may contain confidential and/or 
privileged information. Any unauthorized review, use, disclosure or 
distribution by anyone other than the intended recipient(s) is prohibited. If 
you are not the intended recipient, please contact the sender by reply e-mail 
and destroy all copies of the original message.

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
 on behalf of Rick Coloccia 

Sent: Thursday, March 16, 2017 12:39:24 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco WLC code recommendations


The silent reboot bug was hitting us. We were having APs reboot all over campus 
with unpredictable frequency. We had to upgrade. It wasn't a question for us.

On 3/16/2017 12:27 PM, Lee H Badman wrote:
That’s my quandary- have had no problems on MR4 either. The devil you know, 
trading one set of bugs for another, etc.

-Lee

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jeffrey D. Sessler
Sent: Thursday, March 16, 2017 11:20 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco WLC code recommendations

I’ve been running various beta versions of MR5 in production and have had no 
problems.

If you have the new AP’s 1810/1850/2800/3800 then you should absolutely upgrade 
as it offers huge improvements across the board for those WAPs, including some 
fixes for client-side bugs.

Jeff

From: 
"wireless-lan@listserv.educause.edu" 
> 
on behalf of "lhbad...@syr.edu" 
>
Reply-To: 
"wireless-lan@listserv.educause.edu" 
>
Date: Thursday, March 16, 2017 at 8:05 AM
To: 
"wireless-lan@listserv.educause.edu" 
>
Subject: Re: [WIRELESS-LAN] Cisco WLC code recommendations

I just went through the release notes, am struggling with whether to try to 
rush an upgrade during this week while Spring Break has campus slower than 
normal. We’ve been refreshingly stable on MR4, and not experiencing any of the 
resolved caveats so I’m leaning towards waiting until end of semester. Does 
anyone know of anything that rises to the level of a stand-out bug that is so 
common and heinous that it drives this to “should update immediately” status?

Lee Badman | Network Architect

Adjunct Instructor | CWNE #200
Information Technology Services
206 Machinery Hall
120 Smith Drive
Syracuse, New York 13244
t 315.443.3003   f 315.443.4325   e lhbad...@syr.edu w 
its.syr.edu
SYRACUSE UNIVERSITY
syr.edu

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Scharloo, Gertjan
Sent: Thursday, March 16, 2017 6:54 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Cisco WLC code recommendations

Hi all,

8.2mr5 is now available and is rock solid!!!

http://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/crn82mr5.html

Kind regards,

Gertjan Scharloo
ICT Consultant
_

Universiteit van Amsterdam | Hogeschool van Amsterdam

ICT Services
Leeuwenburg | kamer A9.44
Weesperzijde 190 | 1097 DZ Amsterdam
+31 (0)20 525 4885
Mobiel : +31(0) 61013-5880
www.uva.nl
uva.nl/profile/g.scharloo
Beschikbaar : Ma | - | Wo | Do | Vr |


Van: wireless-lan 
> 
namens "Jeffrey D. Sessler" 
>
Beantwoorden - Aan: wireless-lan 
>
Datum: dinsdag 14 maart 2017 19:55
Aan: wireless-lan 
>
Onderwerp: Re: [WIRELESS-LAN] Cisco WLC code recommendations

Bruce,

Engineering version 8.2.150.4 is, to my knowledge, what will become 8.2 MR5. 
This is the code I’ve been running on and so far rock solid.

Jeff

From:

Re: [WIRELESS-LAN] Prime 3.1.4 - 2800/3800 - Maps - b/g clients always show zero

2016-12-21 Thread Tolka, Bryan 
I can check on this next week when I am back in the office.

Bryan tolka
West Virginia university


Sent from my iPhone

On Dec 21, 2016, at 8:22 PM, Mccormick, Kevin 
> wrote:

There is a bug with 2800/3800-series WAPs in prime when doing heat maps.

On our installation the b/g/n heat map will not be drawn, but the 5 Ghz works.

On Wed, Dec 21, 2016 at 6:07 PM, Jeffrey D. Sessler 
> wrote:
Would someone do a sanity check for me.

Prime 3.1.4 (with or without device pack 6) with 2800/3800-series WAPs.

When drilling down into a building, the b/g/n clients are properly reported at 
the building view level. If one drills down to the floor view, all 2.4Ghz (XOR) 
radios show zero (0) clients. I'm sure it's was like this in 3.0 and 3.1 too.

I've opened a TAC case, and I've been told I'm first to report it (no bug 
open). If you happen to have Prime and the new 2800/3800's I'd appreciate a 
double-check. Hopefully it's not unique to me.

Best,
jeff

** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.



--
Kevin McCormick
Network Administrator
University Technology - Western Illinois University
ke-mccorm...@wiu.edu | (309) 
298-1335 | Morgan Hall 106b
Connect with uTech: Website | 
Facebook | 
Twitter
[http://www.wiu.edu/university_technology/images/signatures/currentimage.jpg]
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.