So long, and thanks for all the great times

January 30, 2021 by 7 Comments

Cisco posted the EOS notices for their stalwart Wireless LAN Controllers yesterday, covering the 5520 and the 8540 (and VM). This, coupled with the EOS notice for the 3504 model just the week prior marks the end of all of the hardware/virtual AireOS controllers from Cisco. It’s worth noting that the embedded AireOS (called Mobility Express) is not included in this months announcements. Mobility Express aside, this marks an ending of an era that began with the Aironet acquisition by Cisco in 1999. 22 years of service out of an acquisition is a pretty good run if you ask me. As I reflect on the past two decades, we’ve seen a ton of changes – not only on the Cisco front, but industry wide. We saw 802.11 evolve from hotspot networks of connivence to being mission critical, redundancy focused, pervasive solutions that our business critical applications rely on. We’ve also seen an industry where every single enterprise WLAN only manufacturer has been absorbed by those looking to address “access layer” technologies all in, regardless of physical medium. We saw Cisco mature the Wi-Fi portfolio with some pretty significant milestones:

  • Migration of APs running VxWorks to Cisco IOS
  • Cisco acquire meraki for their Cloud infrastructure offering
  • Rolling some pretty awesome tech from Navini into the core product offering (Beamforming)
  • Turning “real” spectrum analyzers from Cognio into everyday table stakes (CleanAir still can’t be beat!)
  • 26 major WLC releases in the AireOS family (more on this below)
  • Converged Access (although we largely gloss over this milestone)
  • Cisco APs migrate from IOS to AP-COS (with it’s heritage in ClickOS from the meraki acquisition)
  • WCS to NCS to Prime Infrastructure to DNA Center management platforms
  • Merchant silicon from the 1242 days to custom silicone in Marvell radios, and back again to QCA/BCM based solutions intermixed with custom RF ASIC
  • Driving fixes back into 802.11 through custom Wi-Fi extensions in the CCX program (802.11r and others)
  • Countless forays into industrial and outdoor Wi-Fi solutions along with some pretty cool innovations (PRP over Wi-Fi, FSR, MRC, and on and on…)
  • Cisco transitioning their core WLC architecture over to IOS-XE and not screwing it up (frankly, like everyone expected them to do)

I’ll admit, it’s easy to beat up on Cisco – they’re a large target – but the fact remains that a very large percentage of Wi-Fi in the world today is driven by AireOS networks and it’s worth stopping down for a moment to acknowledge that Cisco devoted well over two decades of development and maturity into the product. Since we’re looking at the close of a generation, I wanted to share a list I’ve been working on for sometime now that marks each and every AireOS code name and the version/release it went with. It’s well known that the AireOS founder is enamored with wineries so all major release has been named after a winery – and here they all are, in alphabetical order:

ReleaseVersionCode
A3.20Amberhill
B4.00Beringer
C4.10Concannon
D4.20D-Cubed
E5.00Edgewood
F5.10Franciscan
G5.20Grgich hill
H6.00Heitz
INever built
J7.00Jwine
7.10Unnamed
K7.20Kenwood
L7.30LaReserve
M7.40Mosaic
N7.50NineHills
O7.60Oakcreek
P8.00Pineridge
Q8.10Quintessa 
R8.20Riesling
S8.30Sherry
T8.40Testarossa
U8.50Uva
V8.60Veuve
W8.70Wente
X8.80Xurus
Y8.90Yara
Z8.10Zucca
Not sure why, but this fascinates me – 8.10 being the last release, did they run out of letters or wineries?

When Cisco launched the Catalyst 9800 almost two years ago, it was well acknowledged that they actually delayed the release more than once to allow time for the product to mature – integrating 2 decades of features into a new product take time and I must admit, Cisco has done a pretty fantastic job of keeping new features rolling over the past two years in both AireOS and cat9800 platforms – something that’s difficult to do (especially as we reflect on Converged Access). With this weekends announcements, it’s safe to say that new APs from this point forward will require Catalyst 9800 WLCs. Consider yourself warned, especially as we look into 2021 and 2022 with every one eyes forward on getting to 6GHz (Wi-Fi 6e). If you’re still on AireOS, regardless of where you may be in it’s (which has been significant), the not-so-new-anymore kid on the block is the Catalyst 9800 WLC. I won’t gush on endlessly about what others have written, but suffice it to say, if you’re not getting on the 9800 bandwagon, you’re being left behind. Get up on the IOS-XE based 9800 sooner rather than later and start understanding how your migration looks, especially around models of APs that are supported. Check out the EOS notices for the 3504, 5520, 8540, and Virtual WLC at these links, and check out some of the CCIE preparedness videos I helped with here. Regardless of where you’re at on your journey, if you’ve got virtualization resources available to you – you really should be running a 9800 in a lab, or really anywhere you can.

Filed under 802.11ac, 802.11ax (Wi-Fi 6), Access Points, Cisco, Meraki, Wireless, WLC

APoS survey with Cisco 802.11ax APs

May 24, 2019 by 5 Comments

In case you hadn’t heard, Cisco has launched new Wi-Fi 6 (802.11ax) APs. This generally presents issues for those on the bleeding edge of doing Wi-Fi designs – especially if you rely on empirical data for your AP locations before hanging your APs. Cisco has a tendency to get gear out the door and usually enables site survey through autonomous (on 802.11ac wave 1 or earlier APs) or Mobility Express (read my writeup on 802.11ac wave 2 APs here) at a later date. The new Catalyst 9115, 9117, and 9120 APs are no exception. We know that Mobility Express is coming on these platforms, but between now and the time that we get Mobility Express for site survey mode, we’re very much out of luck.

We have a few customers that rely on empirical validation of their APs using APoS so we had to come up with a workaround. No, it’s not graceful, yes it’s a touch on the cumbersome side, but it works – and until we get the fully baked Mobility Express from Cisco, it’ll have to do…

Things you’ll need:

  • A real WLC running AireOS 8.9 code to support 802.11ax hardware (temporarily)
  • A wave 2 AP that can be dedicated to Mobility Express
  • 2x Site survey batteries
  • A console cable and this guide
  • Some network cables to hook it all up

This guide will walk you though configuring your 802.11ac wave 2 AP as a Mobility Express controller, then joining your 802.11ax AP to it so you can bring it’s radios up. Leveraging the built in WLC on the wave 2 APs running AireOS based Mobility Express, you can then configure radio power levels, channels, etc – all as needed for your AP on a Stick designs. You’ll need to carry two APs (and site survey batteries) with you, but for now – it’s what we have.

Start with a WLC running 8.9.100.0 (or a newer build that supports 802.11ax APs) and join your two APs to it. Ensure that your APs have the build on your WLC as both their primary and secondary images. Verify this using the ‘show ap image all’ command. This is important do to because once you have this all built out, you’re not going to have a lot of opportunity for monkeying with AP release images and you could save yourself some heartache if one of your APs decides to boot off of it’s secondary image. If you’re image numbers are different, use the ‘archive download-sw capwap <ap_image>’ command on your APs console to get it to update properly and reboot.

APs with same primary and backup

APs with same primary and backup

Once you get your AP image versions matched, take your 802.11ac wave 2 AP and convert it to mobility express for site survey using the guide I wrote previously. There are one or two things you should note when you’re doing this – we’ll be eventually using your 802.11ax AP as a subordinate AP to the one you’re now converting to Mobility Express and it won’t start it’s CAPWAP process without a pingable default-gateway. In this instance, we’ll have to make sure that, when we build our DHCP scope, we tell the scope option for the default gateway to be the IP address of the WLC – yes, even though the WLC can’t actually route packets. This will ‘fool’ the subordinate AP into thinking that the default gateway is reachable and will let it complete its eventual CAPWAP join. You’ll also want to make doubly sure that you’re converting it to the same release version of Mobility Express as is on your APs.

Match your default GW and WLC address

Once you have your converted 802.11ac wave 2 AP operational, hook it up to your first site survey battery, then hook your second site survey battery to your first using the ethernet (non-POE) interfaces. One you do this, you can hook your 802.11ax AP onto your second site survey battery POE interface to allow it to boot. You’re effectively creating a chain that goes AP <-> battery <-> battery <-> AP and using the ethernet passthrough for the master AP running Mobility Express to talk to the subordinate AP. Once all of your APs are up and talking to the Mobility Express controller, I’d recommend renaming the Mobility Express AP to WLC and the 802.11ax AP to ‘ap’ for the rest of the commands in the previous blog post to work properly.

Two batteries, two APs

802.11ax temporary rig, ready to go!

If you’re concerned about battery performance of your WLC AP, you can also issue the ‘config ap disable WLC’ (after you’ve renamed it properly) to save some power and to make it’s radios not show up in your survey!

Name your APs, disable the WLC AP!

Functional site survey!

Of course we’re looking forward to a complete Mobility Express instance to allow us to do site surveys with a single battery and AP, but until then, this will do if you’ve got the necessary parts and pieces!

Filed under 802.11ac, 802.11ax (Wi-Fi 6), Access Points, Cisco, Surveying, Wireless

Management Frame Detection?

August 30, 2018 by 1 Comment

Nope! But MFD does stand for something even more exciting! Mobility Field Day (3!) is just around the corner! As a long time delegate with a few minutes to burn on the family PTO trip, I thought I’d take a moment to reflect on the upcoming event. As you can see from the Tech Field Day page there are tons of great sponsors lined up. Here is my take on the coming week, the sponsors strengths, weaknesses, and what I’d like to see. In order of presentation:

Arista (http://techfieldday.com/companies/arista-networks/, @AristaNetworks)

Arista has made a splash in the Wi-Fi space with their recent acquisition of Mojo Networks (nee: AirTight). I’m happy to see Mojo get scooped up, especially in the ever diminishing landscape of infrastructure providers especially since they have a strong story about ‘hardware agnostic’ solutions. Their story since the AirTight days has been one of open platforms and this strength has carried them to the success they’ve had so far. Arista has not. Admittedly I’m not a strong Data Center switch guy, but I don’t see a similar story of how the open, commodity hardware platforms with custom ‘better than you’ software on top meshes well with their corporate messaging. I’d love to see some reconciliation on that front, and a clear vision for the Mojo team moving forward. Please spare me the ‘HP acquired Aruba’, ‘Cisco acquired Meraki’, and those companies are fine story. Paint me a genuine story of market leadership backed by strong technical chops that promise to survive the acquisition.

Aruba (http://www.arubanetworks.com/, @ArubaNetworks)

Aruba (a Hewlett Packard Enterprise company) has been touting ‘industry leadership’ on several fronts recently. They have clearly claimed leadership on several fronts including WPA3 and some intriguing messaging around 802.11ax. Their strength is messaging. They do it well, but I fail to see how Aruba single handedly ‘landed’ WPA3 and how their messaging around 802.11ax (buy when *we’re* ready, but not anyone else) is anything more than corporate marketing fluff. I’d love to see how they are helping the industry move forward *as a whole* on more than just ‘standards stuff coming down the road’. Help me understand why Aruba’s implementation of QCA radios is better than someone else’s. Help me understand why their switches brings more value to an enterprise other than an ABC play. Help me understand why end to end networking with the Aruba logo on it is better.

Cisco (http://www.cisco.com/, @Cisco)

Cisco, the 800 lb. gorilla that everyone loves to hate. Cisco is a machine unlike any other. They have critical mass despite themselves and are painting some intriguing messaging around Assurance products that seem to resonate well with the on-premises enterprises. All other networking aside (routing, switching, security, Data Center, etc), Cisco Wi-Fi has seemingly lost its way as of late. Their adoption of QCA radios (CleanAir is awesome, unless they sell an AP without it!), their continued duality around the Meraki acquisition (it’s right when it will land a sale), and the feature gaps as new platforms come online has always stuck in my craw. The 802.11ac wave 2 APCOS change (the OS on the APs) debacle has left many with souring appetites for a monolithic beast of an assurance platform. I’d love to see how Cisco is involved in driving standards (WPA3, 802.11ax) while allowing their ecosystem around CCX fall to the wayside despite not having a standards based equivalent to 100% of those components (DTPC anyone?).

Fortinet (http://fortinet.com/, @Fortinet)

Fortinet (nee: Meru) has always been intriguing to me. If there is a dark horse in the Wi-Fi space, this is it. Out of left field, some strange security company acquired ‘those SCA guys’ which raised more than a few eyebrows in the industry. I’m not super passionate about firewalls so when someone touts that their strong suit is plopping some security stuff onto an already delicate Wi-Fi ecosystem, I get nervous. I’d love to see what Fortinet is doing on the SCA front (other than the occasional corner case deployment). How are you fostering the technology that made Meru, Meru? If you’re going to be the one exception in the CWNP curriculum, own that. Embrace it, get the delegates to see what makes it special. Get into the nuts and bolts of how it works, what makes it tick. Get your radio firmware developer into the room and nerd out with us for a bit. Don’t be afraid to put that unpolished guy on stage that only knows protocol. We love that kind of stuff.

Mist (http://mist.com, @MistSystems)

Mist is on the short list of Wi-Fi only players that I suspect will be acquired soon. Between them and AeroHive, there aren’t many players left and to be fair, Mist came out of nowhere when Cisco ‘spun out’ (my speculation) the previous owners of the AireOS legacy. They claimed virtual BLE was the next big thing, now it’s AI driven Wi-Fi – what’s next? Do they realize that the ‘heritage’ that they claim ownership of has turned off more people than it’s attracted? When someone claims to be at the helm of Cisco Wi-Fi during the Meraki acquisition, or to have the father of controllers (and RRM) in the drivers seat, how is that a compelling story when so many of todays woes are centered around those two topics? I’d like to hear how Mist has those people at the helm, but how they’re not destined to repeat the past. Mist claims to have an AI driven interface but fails to answer some pretty plain english queries. Tell me how Mist is better. How the AI is not just a bunch of if statements. Burning Man Wi-Fi, I hope not!

NETSCOUT (http://www.netscout.com, @NETSCOUT)

NETSCOUT (or is it netscout or NetScout?) has long held the mantle of go to wired insight products and only recently entered into the Wi-Fi foray with the Fluke (nee: AirMagnet) acquisition. They inherited an impressive product in the AirCheck G2, but also a legacy of tools that are, quite frankly, stale. What is next for the G2? Many of us in the industry love our hulk green Wi-Fi diagnostics tool and the G2 v2 additions were welcome. Is there enough left in the AirCheck to hope for a v3? I’d love to see a cleaner picture about link-live and how it plays a role in the beloved AirCheck G2. I’d love to hear a definitive story on the likes of AirMagnet Survey Pro, Wi-Fi Analyzer, Spectrum XT – all of which are *very* stale. Let’s put these to bed or make something of them that the industry can use.

nyansa (http://www.nyansa.com, @Nyansa)

nyansa has been that strange analytics company with the funny name that promises to fix all of our ails through machine learning and comparative analytics. They’re doing some neat things with ‘just a bunch of flows’, but is it enough? It seems like everyone is jumping on the analytics bandwagon now a days, but with the hefty price tag for a point-in-time resolution product, it feels somewhat estranged. Do you know what happens when your help desk has 9 dashboards all with different data in it, and you try to aggregate and correlate it into a meaningful dashboard? Your help desk now has 10 dashboards. I’d love to see why your data is better (of course), but tell me how it gets rid of data I don’t use today, and tell me how it does it at a price point that makes it a no brainer.

Dear reader, what do you want to see? Feel free to reach out to me by comment, or privately, or on twitter before or during the event and I’ll make sure you get a response. Till then, see you at MFD3 on September 12 through the 14th – make sure to tune in at: http://techfieldday.com/event/mfd3/

Filed under 802.11ac, Access Points, AirMagnet, Aruba, Cisco, NETSCOUT, Security, Wireless, Wireless Tech Field Day, WLC

Meraki gets smart

April 6, 2018 by 1 Comment

I’m a fan of antennas. They’re pretty awesome components of Wi-Fi networks and I think they’re one of the most under-appreciated and oft-overlooked components, so when someone introduces a new antenna related technology, I tend to sit up and take notice!

 Recently, Meraki released their new external antenna model APs, the MR42E and MR53E. In the past, if you needed antenna flexibility in a Meraki solution, you had to use their outdoor rated AP. This introduction, in addition to rounding out their AP portfolio, snuck a new innovation into the market that Meraki has dubbed ‘Smart Antennas’. With the promise of auto-identifying an antenna to the AP, I couldn’t not know more about it! One of the more notable aspects of using external antennas is the potential risk to exceed regulatory compliance. While not terribly complex, the risks for getting it wrong could see the Feds breathing down your back – and nobody wants that! In addition to self-identification for compliance reasons, the new models of APs include more connectors than one might otherwise expect – 5 connectors for the MR42E, and 6 for the MR53E! This breaks down to 3 Wi-Fi antennas, 1 security/scan antenna, and 1 BLE/IoT antennas for the MR42E, and the same compliment on the MR53E with one more Wi-Fi antenna to support that 4th spatial stream. Without delving into each individual component, I really wanted to get a feel for if this thing did what it promised it would do, so I hooked them all up to their respective ports:

That’s a lot of cables!

Fired up the AP, claimed the hardware in my dashboard account and went poking on the antenna settings! Sure enough, where you would normally define an antenna, the exact model number of the antenna array I had was shown!

The cloud got it right!

Hoping it wasn’t fluke of some sort, I powered off the AP, disconnected them all, and tried again. Sure enough, this time, the dashboard presented me with the expected drop down list of available antennas.

The cloud still wants to help out.

I was impressed, it was magic, it worked automatically and wonderfully – and I had to know how. One screwdriver later (the tool, not the drink), I had done the unthinkable, and performed the ill-advised dissection of the shiny new antenna looking for something out of place:

No stranger to the inside of an antenna, the culprit jumped out at me pretty readily:

What appears to be a Maxim Integrated DS2431 1-wire EEPROM was sitting inline just before an antenna element. I traced it back to the connector and found it belonged to the externally-labeled IoT connector:

So, I dutifully connected just the IoT port to the AP, fired it up and viola! The dashboard indicated that the antenna was identified properly despite the fact that only 1 of the 6 connections was attached. This seems to reinforce that Meraki has indeed found a pretty intuitive way to integrate a digital component onto an analog line (as opposed to Cisco that has actual digital connectors in the DART) for a one-time polling of the antenna ID. This was further reinforced by booting the AP without the IoT port connected (so it did not identify the antenna correctly) and then re-attaching it without powering down the AP. After a day of uptime, the AP never properly re-identified it’s antenna. This means that, if you’re using the Meraki smart antenna solution:

  1. Make sure that the antenna cables are attached to the proper port using the silkscreen indicator on the RP-TNC connectors
  2. Make sure that if you change any antenna ports (especially the IoT port), you should reboot the AP so it can properly identify itself to the AP, and subsequently the cloud

It remains to be seen what kind of ecosystem Meraki intends to develop with 3rd party antenna developers, but rest assured, if you want to use a 3rd party antenna today on these new Meraki APs, you certainly can – you just need to log into the dashboard and make sure you pick the equivalent Meraki antenna that closest matches the gain of your 3rd party antenna.

Filed under 802.11ac, Access Points, Cisco, Meraki

Hands on the Cisco 3504 WLC

September 4, 2017 by 9 Comments

Not only are WLCs not dead, they’re not even on life support. Continued investment into the WLC platform is a clear indicator that there are still several use cases for centralized data, control, and management plane functions. Cisco has a long heritage of building awesome Wireless LAN Controllers (WLCs) and the 3504 is the next in a long line of purpose built WLCs. If you’re familiar with the Cisco WLC portfolio, the 5520 and 8540 WLCs are basically UCS based appliances with hardware offloading cards added in. The 3504 returns to the heritage of a ‘from the ground up’ design of a purpose built desktop WLC solution and it’s aimed pretty squarely at the aging 2504 and 5508 platforms. As many people are moving forward with 802.11ac deployments, a look at your infrastructure controller may be warranted.

IMG_8526.JPG

Without going into the details that are readily available on the data-sheet, I’ll instead focus on one or two key items of the platform that I find the most compelling.

1) Feature parity. This WLC marks the first time the entry level boxes have feature parity with the larger WLCs. If you peruse any of the release notes, you’ll see a list of exceptions for various platforms especially on the low end. The 3504 was launched out of the gate expecting to support all of the features of the 5520 & 8540 making the differences between the three platforms strictly speeds, feeds, and capacity. This should be a comfort to those that regularly struggle with the feature gap in the Cisco WLC portfolio.

IMG_8527.JPG

2) Quiet operation. Let’s be honest, there are more than a few deployments where the equipment is sitting table top or on a cabinet out in the open somewhere. The 3504 supports ‘fan off’ operation at temperatures up to 86 F (30 C). For the overwhelming majority of situations, it’s difficult to get up to 86 degrees and maintain it with any level of comfort. This basically means that for most deployments, you’ll never hear a sound coming out of the WLC – even if it’s in your home lab.

IMG_8530.JPG

3) mGig support. Multigigabit (or NBASE-T) is becoming more and more prevalent on switching infrastructure and this marks the first time we can break the 1G link speed on the infrastructure side without having to deploy a full on 10G infrastructure. Those of you that read my posts regularly may recall that I’m a fan of being able to deploy solutions that break the 1G barrier on my existing copper runs. This was commonly APs but if you’ve been investing in the latest and greatest and ignoring the FUD about not needing mGig, this is another opportunity to leverage that investment.

IMG_8528.JPG

All of these coupled together mean that you can get a quite elegant solution for most any environment now that we’re able to breath some life into the low end of the Cisco WLC portfolio. The 3504 is a notable improvement on the hardware and scale of the 2504 but don’t let it’s ‘desktop friendliness’ fool you – if you’re a 5508 customer today, there are going to be tons of places where ‘stepping down’ into a 3504 makes really great sense. With the rack mount kit available for it, you could easily put two 3504s in HA/SSO mode in 1RU and have all of the same features as the 5508 with a bit less capacity. Regardless of your current deployment, you really should make sure you take a peek at the 3504 as you’re considering lifecycle management of your gear.

IMG_8525.JPG

Disclaimer: I was provided a 3504 from Cisco as part of an early field trial and formed my opinions on my own. This post is my original work and I composed it without an expectation from Cisco.

Filed under 802.11ac, Access Points, Cisco, Wireless, WLC

Musings on Multigigabit and APeX

July 20, 2017 by 1 Comment

Cisco Live is always a whirlwind of information and the 2017 US event was no exception! Between the Catalyst 9k launch, the focus on Software Defined Access, and Intuitive Networking, it’s easy to miss some of the nuance that was to be uncovered on the show floor. In the Enterprise Networking booth there was a hidden nugget that was focused on developers called APeX (short for Access Point Extensions). One part of this APeX program is the Extender Module Hardware Development Kit – EM-HDK for short (or just HDK for even shorter!) that plugs directly into the often-overlooked module port on the AP3800. The board itself is a neat springboard for developing on – it allows you to attach a Raspberry Pi, Arduino, XBee or other Small Board Computer directly to the AP. Of course, you wouldn’t deploy a production solution like this, but you would take the solution you’re working on, and compress it to a design that’s purpose built for the modular slot that’s part of the AP3800.

Or HDK for short.

The APeX EM-HDK

The thing that struck me though is that while the HDK is neat – and if you have any SBC experience at all, a very interesting platform, the hidden secret of the HDK is that it also sports two Gigabit Ethernet connections supporting PoE out. It is worth noting that if your host AP had a single 1 Gigabit link, and you put two additional 1 Gigabit links on the back side of it, you can safely assume you have an automatic bottleneck. This is the genesis of my epiphany – those that were shortsighted enough to make claims that 802.11ac wave 2 doesn’t justify uplink speeds beyond 1 Gigabit, clearly did not take into account that 2x 802.11ac wave 2 radios moves you a lot closer to that 1 Gigabit bottleneck, and when you want to pass an additional 2x 1 Gigabit Ethernet interfaces on the same link as your 2x 802.11ac wave 2 radios, your use case for Multigigabit becomes pretty clear.

HDK with Raspberry Pi attached to an AP3802i.

Remember folks, your wired infrastructure is expected to last much longer than your typical switches will. As you start seeing very obvious use cases for breaking the 1 Gigabit uplink requirement, make sure you’re considering the cost savings of investing in multi gig technology today – especially if you can get it for a nominal uptick in price.

Multigigabit!

Multigigabit interfaces, left. 10G, right.

Go here for more information on Cisco’s mgig (or NBASE-T) and here for information on the APeX program over at Devnet.

Filed under 802.11ac, Access Points, Cisco

Cisco Wave2 site survey how-to

March 20, 2017 by 16 Comments

So, you have a shiny new Cisco 802.11ac wave 2 Access Point and you went to go grab the autonomous code for it to do an APoS survey – but then realized there isn’t autonomous code for the 2802 or 3802 (or any other wave 2) Cisco AP, huh? You may have noticed that there is a new product called Mobility Express. You can use this ‘controller on an AP’. Here is a guide I co-authored for doing just this.

-Sam

Summary:

Cisco 802.11ac Wave 2 APs do not run IOS like previous platforms. This presents a challenge when trying to perform an AP on a Stick site survey with only a battery pack. The standalone mode for these Access Points is achieved using Mobility Express – or the function to use the integrated WLC on the Access Point to control the radio functionality in a standalone fashion.

Prerequisites:

  • 8.3MR1 code supporting Mobility Express for your Access Point
  • Local power source for your Access Point (AIR-PWR-C or site survey battery with sufficient power)
  • Operational Standalone or Virtual Wireless Lan Controller running 8.2MR2 or 8.3 for configuring the Access Point mode and moving the images
  • TFTP server
  • 802.11ac Wave 2 Access Point (Please note, the 1810 platform is not supported at the time of this writing)
  • A serial console cable to watch/configure your AP

Process:

Step 1) Join your Access Point to your local WLC as you would during a normal deployment.

For the 2800/3800 platforms, you must be running a minimum of 8.2MR2 or 8.3 for step 1. For 1830/1850, there is no similar requirement aside from running a release that supports those platforms. Please note that this is not the above referenced ME image version which will be used in step 2.

Step 2) Convert the Access Point to Mobility Express mode using the correct image.

This is accomplished by going to the console of the AP and logging in, then enabling, then using the ap-type command to convert the AP over to Mobility Express and download the new image from your TFTP server. To get the correct AP image file, you will need to decompress the image bundle and use the correct image for your AP platform. For example:

  • 1830/1850 you should use ap1g4
  • 2800/3800 you should use ap3g3

Note: You can also use the platform specific ME image from CCO if you have that available. If you’re using a Universal SKU AP, you should wait for it to regulatory prime before trying to convert the image to make sure you don’t incur a reboot mid-code change.

Once your AP goes down for a reboot, disconnect the LAN cable and ensure its powered by local power or your survey battery pack:

Step 3) Wait for your Access Point to boot completely.

At this point your Access Point will do several things. It will boot and you will see about 2 minutes of the following messages:

Once these timeout, the Access Point will boot the Mobility Express WLC automatically:

Step 4) Configure the WLC using the following values:

Would you like to terminate autoinstall? [yes]: yes
Enter Administrative User Name (24 characters max): admin
Enter Administrative Password (3 to 24 characters): Cisco123
Re-enter Administrative Password : Cisco123
System Name [Cisco_11:aa:1a] (31 characters max): ME_WLC
Enter Country Code list (enter ‘help’ for a list of countries) [US]: US
Configure a NTP server now? [YES][no]: no
Configure the system time now? [YES][no]: yes
Enter the date in MM/DD/YY format: <date>
Enter the time in HH:MM:SS format: <time>
Enter timezone location index (enter ‘help’ for a list of timezones): 7
Management Interface IP Address: 192.168.1.2
Management Interface Netmask: 255.255.255.0
Management Interface Default Router: 192.168.1.1
Create Management DHCP Scope? [yes][NO]: yes
DHCP Network : 192.168.1.0
DHCP Netmask : 255.255.255.0
Router IP: 192.168.1.1
Start DHCP IP address: 192.168.1.10
Stop DHCP IP address: 192.168.1.200
DomainName : me.local
DNS Server : [OPENDNS][user DNS] OPENDNS
Create Employee Network? [YES][no]: yes
Employee Network Name (SSID)?: survey_ME
NOTE, USE YOUR INITIALS INSTEAD OF ‘ME’ TO DIFFERENTIATE YOUR SSID
Employee VLAN Identifier? [MGMT][1-4095]: MGMT
Employee Network Security? [PSK][enterprise]: PSK
Employee PSK Passphrase (8-38 characters)?: <temp key>
Re-enter Employee PSK Passphrase: <temp key>
Create Guest Network? [yes][NO]: no
Enable RF Parameter Optimization? [YES][no]: no
Configuration correct? If yes, system will save it and reset. [yes][NO]: yes

It is highly recommended to use the values above. Once the Access Point reboots continue on.

Step 5) Clean up the AP

Some of the defaults are not completely friendly. We’ll clean those up now. Discover the name of the Access Point using ‘show ap summary’ and rename it to something more friendly like ‘ap’. It should be noted that renaming your Access Point to ‘ap’ will make configurations easier and in line with the examples below, but if you’re part of a larger team and require unique Access Point names, this is where you would set them, making note to use your defined Access Point name instead of the shortened name ‘ap’ as described in the rest of this document.

Next we want to disable the PSK security on the WLAN for easier association and testing and enable Aironet Extensions to include the AP name in beacons. This step is optional, but recommended. You must first disable the WLAN, the disable the PSK, then re-enable the WLAN:

(Cisco Controller) >config wlan disable 1
(Cisco Controller) >config wlan security wpa disable 1
(Cisco Controller) >config wlan ccx aironetIeSupport enable 1
(Cisco Controller) >config wlan enable 1
(Cisco Controller) >save config
Are you sure you want to save? (y/n) y

Once you’ve made these changes, perform a ‘save config’ as shown on the WLC to ensure the changes aren’t overwritten.

Step 6) Configure your radios for site survey specifics including channel and TX power.

To set these values, you must admin disable the radio, make the change, then re-enable it. Remember, these are the same commands you’d use on a production, bare-metal WLC and are not new. Here are a few examples:

To change the 2.4GHz radio to channel 6:
(Cisco Controller) >config 802.11b disable ap
(Cisco Controller) >config 802.11b channel ap ap 6
(Cisco Controller) >config 802.11b enable ap

To change the 2.4GHz radio to power level 3:
(Cisco Controller) >config 802.11b disable ap
(Cisco Controller) >config 802.11b txPower ap ap 3
(Cisco Controller) >config 802.11b enable ap

To change the 5GHz radio to channel 44:
(Cisco Controller) >config 802.11a disable ap
(Cisco Controller) >config 802.11a channel ap ap 44
(Cisco Controller) >config 802.11a enable ap

To change the 5GHz radio to power level 5:
(Cisco Controller) >config 802.11a disable ap
(Cisco Controller) >config 802.11a txpower ap ap 5
(Cisco Controller) >config 802.11a enable ap

To change the 5GHz radio width to 40MHz:
(Cisco Controller) >config 802.11a disable ap
(Cisco Controller) >config 802.11a chan_width ap 40
(Cisco Controller) >config 802.11a enable ap

Of course, you can couple all of these commands together to reduce the number of times you’re disabling your radio if you’re doing an initial configuration. Here is an example of setting the radios both to power level 2 and the 2.4GHz radio to channel 11, and the 5GHz channel to 100@40MHz all in one script:

(Cisco Controller) >config 802.11b disable ap
(Cisco Controller) >config 802.11a disable ap
(Cisco Controller) >config 802.11b channel ap ap 11
(Cisco Controller) >config 802.11b txPower ap ap 2
(Cisco Controller) >config 802.11a channel ap ap 100
(Cisco Controller) >config 802.11a txpower ap ap 2
(Cisco Controller) >config 802.11a chan_width ap 40
(Cisco Controller) >config 802.11b enable ap
(Cisco Controller) >config 802.11a enable ap

To see the channel of the Access Point currently configured, use the ‘show ap channel ap’ command:

To see the power level of the Access Point currently configured, use the ‘show ap config slot 0 ap’ (for 2.4GHz) or ‘show ap config slot 1 ap’ (for 5GHz’ command and look for the following data:

Alternatively, use the grep command to just pick out the data you’re interested in:

Step 7) Alternative management via the WLC GUI

If you’ve followed this guide up till now, you can also access the management interface of the WLC by using your PC and joining your open survey SSID. Then open a web browser and navigate to https://192.168.1.2/ .

Step 8) Putting it all back the way you found it

To convert the AP back to capwap mode and undo this configuration, you must goto the AP console using ‘apciscoshell’ and perform the ‘ap-type’ command again:

Addendum:

Dual role radio notes:

The AP2800 and AP3800 both include the ability to change the slot 0 radios personality from 2.4GHz to 5GHz. This presents some unique configuration considerations as follows:

To convert the XOR radio from the default 2.4GHz to 5GHz and change its channel to 40 @ 40MHz wide use:
(Cisco Controller) >config 802.11-abgn disable ap
(Cisco Controller) >config 802.11-abgn role ap manual client-serving
(Cisco Controller) >config 802.11-abgn band ap ap 5GHz
(Cisco Controller) >config 802.11-abgn channel ap ap 40
(Cisco Controller) >config 802.11-abgn chan_width ap 40
(Cisco Controller) >config 802.11-abgn enable ap

The following should be noted for this configuration:

When you convert the XOR radio into 5GHz mode, you must use a channel that is 100MHz apart from the slot 1 radio in the Access Point. When you configure the XOR radio into 5GHz mode on an ‘e’ model of AP, you must have an external antenna plugged into the DART connector or this configuration will fail. When you configure the XOR radio into 5GHz mode on an ‘i’ model of AP, the tx power will be fixed and not modifiable (by design) to its lowest possible value to retain micro-cell integrity.

To change the XOR radio from a configured 5GHz to 2.4GHz and change its channel to 6 use:

(Cisco Controller) >config 802.11-abgn disable ap
(Cisco Controller) >config 802.11-abgn band ap ap 2.4GHz
(Cisco Controller) >config 802.11-abgn channel ap ap 6
(Cisco Controller) >config 802.11-abgn enable ap

Filed under 802.11ac, Access Points, Cisco, Surveying, Wireless, WLC

NETSCOUT AirCheck G2 unleashed!

June 30, 2016 by 2 Comments

This blog post is part 1 of a multipart series on the new generation of Wi-Fi tools. There has been a dramatic evolution of the various tools that the WiFi professional uses over the past year or so . I wanted to take a moment and spell out my thoughts on the current state of tools in our industry.

First shown at the Wireless Field Day 1 in San Jose the Fluke AirCheck rapidly became the staple of the ‘serious’ WLAN troubleshooter. It made a huge splash and was immediately lauded for it’s easy straightforward to getting down to the serious data that you need to see when troubleshooting your wireless network. All of the heavy hitters in the industry have been talking about them since then and it’s almost unbelievable that it was just assumed that people would have them on anything but the most entry level of jobs. The platform had very few deficiencies overall and almost became part of the de-facto tool that you would be expected to know and use – almost like site survey software.

The G2

AirCheck G2 – The green is a nice touch!

It’s hard to think of something replacing the Fluke AirCheck but the inevitable has happened. There is and Application & Network Performance Management company called NETSCOUT recently acquired the Fluke team responsible for the AirCheck – which was in the midst of developing the next generation of the product. Launched late last month, the AirCheck G2 promises to best it’s predecessor in several areas. Head on over to the official announcement and keep a keen eye out for a quote or two from yours truly! 🙂

 

IMG_2593

I was fortunate enough to be included early on in the development conversations of the AirCheck G2 and so like to believe that I helped shape in some small way the look, feel, and usability of the product as it exists today. From early on, there was a focus on the ‘gimme’ features such as inclusion of a color touchscreen. Other features didn’t develop till later on such as the built in ethernet port for wired testing in the field. Those of you that love the LinkSprinter functionality, this is aimed squarely at you! In fact, there is a laundry list of features that read like a who’s who of todays troubleshooting gear – 802.11ac support, long life battery, external antenna support, USB expansion ports, on screen keyboard and navigation menus, auto testing, and rapid boot & shutdown, just to name a few.

Note the External Antenna port on the far right (capped) for the directional antenna attachment.

Note the External Antenna port on the far right (capped) for the directional antenna attachment.

By far and away though, the feature that I’m most enamored with at the moment is the Link-Live.com integration. Starting with an easy way to claim the devices online, a one stop shop for getting your software and updates, and of course, upload notifications of the testing you’ve just done – the ability to bring Organizational structure to such an outstanding troubleshooting tool really brings the product full circle. NETSCOUT has done a superb job of rolling functionality and usability into a cloud based product and included it with the product! This wraps up all of the auto-testing into an easy to use and store place for testing and validation. While this may seem like simple functionality, for an organization with multiple units in the field, this sort of automated cloud-rollup functionality is hands down one of the best features of the AirCheck – and that’s saying a lot!

Useful for making sure the link you're using is functional!

Useful for making sure the link you’re using is functional!

If you haven’t had a chance to get your hands on an AirCheck or have been waiting for a refresh to make the product ‘perfect’, now is the time. You should go ask your VAR, NETSCOUT rep, or beg borrow or steal one to get some time under your belt with one. The simplicity of the product, ease of use, intuitive navigation, and ready access to some very in-depth and advanced data in a straightforward way to consume it.

Filed under 802.11ac, NETSCOUT, Wireless

10 reasons to take another look at 2015 Cisco Mobility

November 1, 2015 by 7 Comments

Let’s face it, Cisco is huge. They’re massive, and occasionally they get things wrong. If you’ve strayed away from Cisco in the past year (or longer) because of a specific issue or gap, it’s high time you took another look. The Cisco Mobility offerings today are a far cry from what they were just an easy year back. Here are 10 great reasons to go get reacquainted with the 2015 Cisco Mobility offerings:

1) 5520/8540 WLCs

The introduction of a Converged Access 60G solution highlighted the gaps in the WLC portfolio in the 20/40G of throughput range. Both of these new controllers (one 20G, one 40G capable) are based on the more mature AireOS codebase running 8.1 and later. While this doesn’t mark an EOS/EOL announcement for the 5508 (clocking in at 8G), it does give that 7 year old platform some good alternatives for lifecycle management.

2) Prime Infrastructure 2.2 then 3.0

Ever since WCS was taken over and moulded into the NCS then Prime Infrastructure products, it’s always bore the scars of a legacy mired in Adobe Flash performance issues. Couple that with a dramatic uptick in features and you’ve got a recipe for disaster. The new versions of Prime Infrastructure are actually performing as well as they should be starting at about the 2.2 version and the new UI of Prime Infrastructure 3.0 completely moves away from Flash and demonstrates a significant re-think of the product – including ‘Make a wish!’.

3) 802.11ac wave 2

Let’s not forget the fun stuff – APs and radios. With competitively positioned 802.11ac Wave 2 products, Cisco is staying in the lead of the latest and greatest standards. With impressive throughput numbers, multiple gigabit uplinks, and fancy new features like MU-MIMO, the 1830/1850 APs are clearly paving the way for the next generation of some pretty obviously numbered future platforms. The only question is, what does Cisco have in store for us next?

4) HALO

No, not the game – the new Hyper-Location Module and antenna array. Cisco is delivering on the promise that the industry made to us oh so many years ago about leveraging your WiFi network as a platform for tracking your enterprises assets. Touting down to 1 meter accuracy, this module for your AP3600/AP3700s will take your location fidelity ‘to the next level’.

5) Mobility Express

Those that don’t like having a bare metal controller and don’t see the need for controller based features (such as centralized data plane), we now have a ‘controller on the AP’ option! This allows us to focus on the smaller deployments without the extra cost and complexity (such as it is) for those customers. This isn’t a ‘one size fits all’ approach that we’ve seen in the past, but rather an evolution of a well thought out strategy to bring enterprise features to every market segment.

6) UI improvements

Along with the Mobility Express product, the ‘metal WLCs’ are sporting a new user interface and out of the box setup experience (Day 0 and Day 1 support). If you’ve felt the WLC interface was a bit dated in the past, go take a gander at the plethora of new graphs, charts, and actual usable data about your infrastructure – all without having to goto a larger NMS platform!

7) CMX Evolution

The MSE product is finally getting some legs under the advanced location pieces. This easy to deploy ‘for everyone’ product starts to bring some pretty insightful analytics to any sized deployment – all the way down to a ‘no maps required’ presence analytics and all the way up to a Hyperlocation enabled, social media engagement platform. With both on premises and cloud based offerings available, it really is very easy to start getting very insightful data out of any sized network.

8) CCIE Wireless version 3

The dated CCIE (Cisco Certified Internetwork Expert, Wireless) exam has been updated to include software and hardware platforms from this year. You can now tackle one of the industries most challenging certifications on contemporary labs that are actually relevant to solutions you’re deploying today!

9) UX domain APs

See my previous blog on the topic for a more in-depth look at the UX products, but for those buying and deploying APs spanning multiple countries, this is a pretty good way to reduce a ton of deployment and ordering complexities. By standardizing on a single SKU globally, you can make quick work of some of the logistics nightmares of the past.

10) Cisco ONE licensing

Yes, licensing is boring, complicated, and expensive. Cisco ONE addresses all three of those pain points in one easy go. With a ‘count the AP’ approach to licensing, you can now start to take advantage of all of the above products in an easy to consume, deploy, and license fashion – without breaking the bank. For example, if you wanted to replace your old WLC with a new one, in the past, you would end up repurchasing your AP licenses. In this model, all products start at 0 APs and you pick the size that’s right for you – at any scale. Pick the solutions you want to deploy: ISE, Prime Infrastructure, advanced location analytics, etc – and go! A significant departure from the traditional licensing model in Cisco-land.

I know that a ‘recap overview’ blog sometimes seems too lofty, but there really is a ton to see if you’ve been unplugged from the Cisco world over the past year or so. Take a deep breath and plunge back in at any level and you’ll find something new that wasn’t there before. The Cisco ship sometimes turns slowly and sometimes it’s easy to forget that there is innovation happening all over the mobility space in San Jose.

Disclaimer: I was part of the Wireless Field Day 8 delegation to Cisco where we learned about several of the above topics. For more information on Cisco’s appearance at WFD8, go check out the video!

Filed under 802.11ac, Access Points, Cisco, Prime, Wireless, Wireless Tech Field Day, WLC

The evolution that will start the revolution

March 3, 2015 by 10 Comments

You’ve heard it all before, evolutionary technology versus revolutionary technology. Everyone wants their newest technology to be revolutionary – expecting it to be life changing and a wide-sweeping, compelling reason to spend tons of money. This is rarely the case and more often than not marketing fluff to try and get you onto the next big thing. Occasionally we get such an unassuming technology announcement that fits squarely in the ‘no big deal’ from a speeds and feeds perspective that it’s easy to overlook. This is clearly the case with the recent multigigabit announcements from Cisco during Cisco Live, Milan. Multigigabit is a technology that allows your existing cabling to support speeds in excess of 1G, without having to make the jump all the way to significantly more costly 10G. Since we already have technology that address speeds and feeds above what we’re talking about here (how many 10G uplinks have you deployed recently?), it’s easy to overlook the impact this will bring to our daily lives. The ability to move to 2.5G and 5G link speeds without having to make the jump all the way to 10G will allow us to get improved link speeds without having to pay a premium for them. The expected cost increase is estimated to be anywhere from 0% to 15% according to the rumor mill which makes the 250% to 500% speed bump quite attractive!

802.11ac wave 2
The reason I’m taking about it is the fact that this brings with it the promise of addressing the 1G bottleneck that people have been gnashing their teeth over in the wireless space for the past couple of years. While we’ve been able to reasonably deflect the speeds and feeds conversation with 802.11ac wave 1 (speeds approaching 1G wired requirements), there has been no good way to move past that without having a two-cable conversation. The assumption up till now has been that 2x 1G links will be the way forward and many people have been running two copper runs out to their Access Points for the past several years in anticipation of this approach. 802.11ac wave 2 will undoubtedly break the 1G barrier in fairly short order with speeds being promised of (best case) 6,930Mbps PHY rate (about 4,900Mbps on the wire). Multigigabit solutions will allow us to address these concerns without having to invest in 10G links. Better yet, it will allow us to address these concerns without having to consume two 1G ports on our switches. Regardless of the solution you choose (1x 10G or 2x 1G), the cost for deploying a single Multigigabit link supporting up to 5G will be less at scale.

Power
The other unassuming byproduct of this conversation is that Access Points require power to bring up all of those components. It will be nearly impossible to power up a 10G ethernet interface in an AP in the power budgets that we have today. By reducing the link speed requirements to 5G, we can save power at the edge device and still fit in modern negotiation. Multigigabit solutions today will provide PoE, PoE+, and UPoE to ensure that the wave 2 APs that we’re going to be hanging will have ample power for whatever they’re going to bring.

The Revolution
I predict that the incremental cost and intermediary speeds will allow us to start having conversations about the jump to 10G. Multigigabit solutions on Access Points, switch uplinks, and desktop and server nics will be the next big thing. Stackable solutions today promise backwards compatibility so you don’t have to rip and replace – just add a stack member and you’re good to go in that closet/IDF! Regardless of your future proofing plans, enabling faster wireless, or just ensuring that you’re not spending money after (can you believe it?) now legacy 1G infrastructure, make sure you’re having a conversation today about ethernet to bridge the gap to 10G.

For more information about the NBASE-T alliance, go here.
For the Cisco Live, Milan – Tech Field Day Extra event with Peter Jones, go here.

Filed under 802.11ac, Access Points, Cisco, Wireless, Wireless Tech Field Day

Older posts