Posts Tagged ‘Cisco Wireless’
Control roaming behavior on your Cisco wireless network.
Roaming is just another expectation from your end users. They expect to walk freely around the office to conference rooms or far off cubicles and have their laptop or handheld remain connected while downloading files or in the middle of a conversation. If the roaming process is not quick enough then you could see conversations and clients gets dropped forcing them reconnect to the WLAN, and I can guarantee you your end users will be calling.
Now, if you have done a proper site survey and have solid data to work off of, you can control the roaming behavior of your WLAN clients. The reason you need to know the details of your wireless environment is because you are going to set RSSI limits concerning when your clients should begin looking for a new AP to associate to and, how quickly they are roam between access points. Just keep in mind, making these settings will effect the entire WLAN not just individual sections.
I would also like to mention your clients should be CCXv4 or higher to take advantage of these features. To see if your clients are CCXv4 compliant go to Monitor -> Clients -> click on the client in question.
On your Cisco Wireless LAN Controller, you want to navigate to Wireless -> 802.11a/n or 802.11b/g/n (depending on which frequency you want to customize) -> Client Roaming.
The first thing you need to do when you want to customize these settings is change the mode to custom this will allow you to edit the default values for the rest of the parameters.
The next option is minimum rssi. If a clients RSSI value is below this threshold it will not associate/authenticate to the access point, instead it will continue to look for a better signal from different access points. Valid values for this field are -80 through -90. The understanding is that the signal strength/quality will be so low reliable communication will not be established.
Next we have a setting called hysteresis this value is in dB and states how much stronger the signal of another access point has to be before a client decides to roam to it. This is useful if you have multiple access points in close proximity of each other or clients are moving between the edge of coverage of different access point. The higher this value the closer a client needs to be to an access point for it to associate to the second access point. Valid ranges are from 2 through 4 dB.
Now we have the scan threshold this is another RSSI value range. When the wireless client’s RSSI drops below this threshold the client will begin actively scanning for another access point it can receive a stronger signal from. Valid values range between -70 through -77.
The last field on the page is the transition time this is the amount of a client is going to see a better signal from neighboring access, before it attempts to associate to the second access point. The client determines a better signal when its RSSI drops below the scan threshold and it sees a signal from a neighboring access point higher than the scan threshold.
So all these factors do work together and can be customized for your environment. Normal data traffic is more forgiving since it’s not as delay sensitive, but If you have voice on your WLAN you will want to fine tune these settings to avoid dropped calls.
Cisco WLC Interfaces.
If you have ever worked with a Cisco WLC or have looked through any configurations for a WLC, then you have no doubt seen the interfaces that make it work. You’ve probably also seen that diagram concerning how these interfaces relate to the physical interfaces on a Cisco WLC.
Now their are only five different types of interfaces (Management, AP-Manager, Virtual, Service-Port, and Dynamic Interfaces), I figured I would just take some time to quickly touch on them.
- Management Interface – As you can suspect this interface is for in-band management and handles any communication with AAA servers. This interface will also handle the layer 2 communication between the controller and any APs. Needless to say the configuration of this interface is mandatory and can not be skipped.
- AP-Manager – If you want to have APs on different subnets other then the subnet the WLC is on then this interface must be configured, it’s a requirement for Layer 3 LWAPP transport mode. So as you would suspect this interface handles all layer 3 traffic between the WLC and the APs. Since higher end WLCs can have multiple AP-Managers only 1 AP-Manager interface can be configured per physical port.
- Virtual Interface – Another mandatory interface that must be configured (once again like the management interface you don’t get the option to skip the configuration of this interface). This interface handles any mobility management, VPN Termination, Web authentication, and is also a DHCP relay for WLAN clients. You really want to give this interface a bogus type address (Like 1.1.1.1 or something) since it’s only accessed and used by the WLC, the APs and WLAN clients will not interact with this interface. (Other then it’s purpose as the DHCP relay, but it’s all in done within the controller unknown to the AP’s or clients)
- Service-Port – This is also a physical port for out of band management, so it’s configuration is optional. The port doesn’t even support 802.1Q, so you can’t use it for anything other then accessing the controller. (Note: This is only physical port that is active while the controller is booting)
- Dynamic Interface – Now these are the interfaces you can create and use to link specific SSID’s to specific VLAN’s on the wire. So this is where and how you can separate your wireless client traffic, this interface will also double as the DHCP relay for it’s subnet/VLAN (Note: A WLC can have up to 512 dynamic interfaces)
Understanding a Wi-Fi connection.
Just some more details on how drastically different wireless networks differ from the traditional wired network is understanding the client connection. Surely we all understand how the wired connection works, we plug in a cable two of the four pairs carry data then speed and duplex setting are auto-negotatiated. However when you look at a wireless client you see an antenna, signal strength, data rate, RSSI, power level, and SNR values definitely a little more to think about.
I’ll start with RSSI, which is the Received Signal Strength Indicator this value is typically shown as a negative dBm value (dB and watt values are a topic for another post). RSSI is the measurement of power in an RF signal, the more power in an RF signal the better the connection quality is. So the closer this value is to 0 the stronger the signal is. So a value of -61 is stronger then a value of -74. Now different vendors do have different scales some vendors will have a max value of -100 while others go higher or lower, of course signals that weak should be avoided (and probably won’t work anyway). So it’s best to get some documentation from the vendor of your client WLAN cards to see the RSSI value range. The value of the RSSI will also play a role in the connection speed, and once again vendor documentation will provide the RSSI value to link speed ratio (and do keep in mind many other factors play a role in the connection speed as well).
SNR is the Signal to Noise ratio, this is how much stronger the wireless signal is compared to the noise floor surrounding the WLAN client. This is shown in a positive dB value. Too much RF noise around the WLAN client will cause collisions resulting in frames being retransmitted thus lowering the throughput of the connection. Try connecting a cordless phone that works in the 2.4 GHz range right next to a b/g access point, the phone can generate enough RF noise to cancel out the wireless signal completely. It’s typically best practice to have the SNR value 20 to 25 dB’s away from the RSSI value. So to go back to our previous example if our RSSI is -61 we would want our SNR value to be around -86, or if our RSSI is -74 we would want the SNR to be -99.
The data rate can be one of many values depending on which wireless standard you are connecting with. Be aware though that wireless is a shared medium so it’s half duplex it can not transmit and receive at the same time. So your actual throughput will be about half of what your client is connecting at. A WLAN device showing a connection of 54 Mbps will really have throughput of maybe 30 Mbps. Throughput can be tested using nice little utility called iperf which is available on both Windows and Linux platforms for free.
The power level is measured in mW and depicts how much power a WLAN device is using to maintain the connection. Its typically best practice to design your WLAN infrastructure so your devices operate at half their max output power. This way if an AP goes down neighboring AP’s can double their output power and maintain the availability of the WLAN.
So the overall signal strength/quality registered by client will be a mixture of all those variables.
Below is a screen shot from the Cisco Aironet Site Survey Utility
Here you will see the RSSI at -50 dBm and noise level of -96 dBm, resulting in an SNR value of 46 dB. This utility will also provide you with the BSSID (MAC Address) of the AP you are connecting to along with the RF Channel, 64 in this case utilizing 802.11a.
Cisco band select and client RSSI.
I wanted to quickly touch on one more parameter pertaining to Cisco band select and that would be the acceptable RSSI level that client can register for it to be able to participate with band select.
The key thing is understand what the RSSI signifies to a WLAN device, it’s a received signal strength indicator it shows you in a numerical reading (usually dBm) of what the signal strength is of a wireless client.
The closer to 0 (zero) the value is the better the signal is and the better the link speed (of course the speed is also dependant on many other factors). The key to tweaking this is to know what client devices you have in your network, then you want to know the specifications of those client devices and see what RSSI values correlate with what link speed (You should be able to find that somewhere in the manufacturer’s website or in their documentation). Then you will need to decide what link speed is acceptable for your environment.
Here are the details from the Cisco Aironet a/b/g PCI Desktop Adapter
So judging from you could probably change the acceptable RSSI value to 81 dBM, this way any dual band clients will connect at 36 Mbps and above. (Just keep in mind different WLAN client devices register RSSI values on different scales so the above example is not going to fit well for everyone out there.) This setting may also take a bit of trial and error as well, because if set the acceptable RSSI too high not many dual band clients will connect to the 5 GHz range, set it too low and clients may just roam to the 2.4 GHz range very quickly because they may quickly be out of range of any 802.11a signal.
Cisco Band Select.
Thought I would shift gears to wireless for a little bit. Cisco introduced a feature some time ago called band select were the dual band clients have a better chance at joining the 5 GHz radio compared to the 2.4 GHz range. This is mainly due to the influx of dual band clients nowadays and how the 2.4 GHz range is generally over utilized.
The Cisco accomplishes this is by ignoring/delaying the first few 802.11b/g probe frames in hopes of it accepting the 802.11a probes because it will appear to have a quicker response time. I would also like to point out that this feature only works when the client first associates to the Access Point. So this feature will not kick in on the fly when the AP notices a high client count or high channel utilization. Plus this feature only goes in one direction from the 2.4 GHz range to the 5 GHz not visa-versa. So this is not a load balance mechanism.
This feature is configured very simply all from one screen in the WLC, under Wireless -> Advanced -> Band Select:
Now you’ve only got a few settings to configure here, but you still need to take care with these settings like anything on the network you are going to configure. Probe Cycle Count, tells the AP how many probe beacons/frames to ignore/delay. Scan Cycle Period Threshold tells the AP how often in milliseconds it can expect each probe from the client, this setting can be changed depending on the client Wi-Fi cards you are using in your environment and how often the send out probe requests (Check vendor documentation for this). Age Out Suppression, this is the time-out for when the clients will be declared as “new” and may have their probe frames delayed/ignored again. Age Out Dual Band is the very similar to age out suppression, however age out dual band only applies to dual band clients so it will not effect everyone. Just keep in mind something will need to happen for the client to disassociate and re-associate with access point. Acceptable Client RSSI just states the minimum RSSI value a client registers for it to be eligible for band select.
Also keep in mind this feature can be controlled per-WLAN, under the “Advanced” tab
This can also be done via the CLI of the WLC using the following commands:
config band-select cycle-count cycle_count
config band-select cycle-threshold milliseconds
config band-select expire suppression seconds
config band-select expire dual-band seconds
config band-select client-rssi client_rssi
config wlan band-select allow {enable | disable} wlan_ID
And if you want to verify the band select configuration use the following command:
show band-select
CCIE or Null! 