The earliest Cisco WLC version where Cisco CleanAir was released dates back to the 7.0 days. Sometime around the year 2010. Cisco CleanAir is always on within an AP, granted if it is Enabled in the WLC. There is a Spectrum Analysis Engine (SaGE) chip built into the AP. This is important to know because it doesn’t prevent the AP from serving clients. SaGE works alongside the Wi-Fi chip. There is no affect to client throughput or traffic.
To enhance Cisco RRM’s features, CleanAir plays a critical role in allowing RRM to change channels if persistent interference is detected. CleanAir will field the appropriate algorithms to help the WLC make changes to improve an environment.
Cisco CleanAir produces two important elements:
Interference Device Report
Air Quality Index
The Interference Device Report (IDR) provides information on detected interference. It will provide a class type, what band the interference was detected on and on what channel(s), the severity of the interference, it’s duty cycle, and the interference signature.
The Air Quality Index (AQI) provides a quality score, from 0 – 100%, with 100% being good. The index will display total channel power, total channel duty cycle, the power of the interferer and total interference duty cycle.
A benefit of using Cisco CleanAir is having the ability to troubleshoot the shared spectrum remotely and without any additional hardware. A CleanAir supported access point can be utilized for this purpose. Some things to keep in mind when using your CleanAir access point for troubleshooting interference:
There are three modes:
Local – The AP will continue to serve clients on its operating channel. But any spectrum monitoring is performed on that channel only.
Monitor – The AP doesn’t server any clients but provides full time scanning.
Spectrum Expert Connect – This is a dedicated spectrum sensor and doesn’t serve any clients.
In times when the best response is to use technical support hands to troubleshoot the issue, having a method of automatically mitigating an interference issue can be highly beneficial. It can cut time to resolution down and react faster than a support team that is reactionary.
What we’d like to see from CleanAir is the ability to tell an administrator whether any action needs to be performed. While interference and air quality is determined on any given channel, does it even matter? Are any users impacted negatively? A smarter system would be able to detect interference and provide exactly which users are having issues directly related to this interferer and what kind of impact that is. And a step further would be to automatically adjust the system to fix the problem.
We’ve included some images of Cisco CleanAir in action from within Spectrum Expert and Metageek Chanalyzer.
In this episode, we go over the Cisco Neighbor Discovery Protocol. The basis of Cisco RRM.
This episode is sponsored by Metageek.
Cisco WLC Neighbor Discovery Protocol (NDP)
Cisco NDP, short for Neighbor Discovery Protocol and Neighbor Discovery Packets, is a critical component of Cisco’s auto RF feature, Radio Resource Management (RRM). The purpose of NDP is to provide over the air (OTA) messages between access points (AP). It monitors and manages what each AP sees in the radio frequency (RF). It’s essentially how every AP sees other APs in an RF Group or Neighborhood. The end result is actual RF path loss between APs.
I see NDP as a way for APs to build a map of their locations in relation to each other based on RF propagation and path losses. Every 180 seconds (3 minutes), an AP will send an over the air (OTA) message to a multicast address, 01:0B:85:00:00:00, from each channel.
NDP messages are sent at the highest transmit power and at the lowest data rate supported for the channel being transmitted on. The transmit power and data rate selection is not configurable by the end user and is hard coded.
Cisco Neighbor Discovery Protocol forms the basis of many algorithms within Cisco RRM. Because of that, it goes without saying, if NDP doesn’t work neither does RRM.
Transmit Power Control (TPC – basis calculation for TPCv2)
Flexible Radio Architecture (FRA – basis for coverage overlap factor)
Rogue detection (If AP isn’t sending NDPs or unintelligible NDP then it is a rogue)
CleanAir (Used for interference reports)
CMX (For AP RF distance and path loss measurements)
As you can see, NDP is very important for RRM.
What’s inside a Cisco NDP Packet?
Slot ID for the sending radio
IP Address and Priority code of sends WLC
RF Group name converted to a hash for authentication
IP of sending AP’s RRM Group Leader
Are we using Encrypted NDP?
Version of NDP
Operating channel of the sending radio
Encryption Key Length
Encryption Key Name
Channel the NDP was sent on
The power (in dBm) the message was sent at
Antenna pattern of the sending radio
When an AP hears and receives an NDP message, it will validate the message from the transmitting AP to determine if it is a member of the same RF group. If it’s a valid NDP, the receiving AP will forward the message to the controller along with information such as the received channel and RSSI.
If the message is not in the same RF group it will be invalid and the packet will be dropped.
The message is added to a neighbor database. Each radio on each AP can store up to 34 neighbors ordered by RSSI, high to low.
There are two measurements taken:
RX neighbors – “How I hear other APs”
TX Neighbors – “How other APs hear me”
Configure Cisco NDP frequency
The frequency in which Neighbor Discovery Packets are sent out can be configured from the WLAN controller. By default, it is 180 seconds (3 minutes). It is recommended to keep this at the default.
The Channel Scan Interval is 180 seconds by default. Each channel dwell has to be completed within 180 seconds.
The Neighbor Timeout Factor is by default set to 5. This multiplier is multiplied by the Neighbor Packet Frequency value to come up with the timeout value. So with a default of 180 seconds for the Neighbor Packet Frequency x 5 = 900 seconds. This is the value used to determine when to prune access points from the neighbor list that have timed out.
If an AP were to disappear from the network, it would remain on other AP’s neighbor list until the pruning begins which is every 15 minutes.
To see these NDP packets over-the-air, I had two access points joined to my Cisco 2504 lab controller. Using Omnipeek, I set my adapter to to capture on Channel 64. I created a filter on the MAC address using addr(ethernet:’01:0B:85:00:00:00’).
In the screenshot below, notice the destination multicast address of 01:0B:85:00:00:00. Under the Relative Time column the NDP is sent out every 3 minutes, which is the default.
To find neighbor information using the Web GUI, click on the Monitor heading and on the left side, expand Access Points > Radios > Select radio.
Then move your cursor all the way to the right and hover over the blue dropdown box to select Detail.
Use Command Line
Using the CLI, we can view nearby APs from the controller by selecting which AP to get the view from. There are three options to select from. (Cisco Controller) >show ap auto-rf ?
802.11-abgn Display information for DualBand 802.11a/b/g/n.
802.11a Display information for 802.11a.
802.11b Display information for 802.11b/g.
802.11-abgn is used for APs with FRA.
802.11a displays information from the 5 GHz radio.
802.11b displays information from the 2.4 GHz radio.
Here’s truncated output from AP1 showing three neighboring APs. (Cisco Controller)> show ap auto-rf 802.11a AP1
AP 00:3a:7d:44:44:44 slot 1.................. -23 dBm on 36 20MHz (192.168.1.5) AP4
AP 58:bc:27:33:33:33 slot 1.................. -18 dBm on 100 20MHz (192.168.1.5) AP3
AP 58:bc:27:22:22:22 slot 1.................. -40 dBm on 44 20MHz (192.168.1.5) AP2
View NDP via CLI on AP
Another great debugging command is to view the RM measurements occurring from the access point. NDP packets will be sent out on each channel as you can see in the output below. I’ve truncated the rest of the messages. AP1#debug capwap rm measurements
CAPWAP RM Measurements display debugging is on
*Aug 23 18:17:46.016: CAPWAP_RM: Timer expiry
*Aug 23 18:17:46.016: CAPWAP_RM: Neighbor interval timer expired, slot 1, band 0
*Aug 23 18:17:46.016: CAPWAP_RM: Triggering neighbor request on ch index: 2
*Aug 23 18:17:46.016: CAPWAP_RM: Sending neighbor packet #2 on channel 44 with power 1 slot 1
*Aug 23 18:17:46.016: CAPWAP_RM: Scheduling next neighbor request on ch index: 3
*Aug 23 18:17:46.230: CAPWAP_RM: Notification for Request id: 4044, slot: 1, status 1
*Aug 23 18:17:46.230: CAPWAP_RM: Neighbor packet sent successfully on 44
*Aug 23 18:17:46.233: CAPWAP_RM: Notification for Request id: 4044, slot: 1, status 1
*Aug 23 18:17:46.233: CAPWAP_RM: Neighbor packet sent successfully on 44
*Aug 23 18:17:49.017: CAPWAP_RM: Timer expiry
*Aug 23 18:17:49.017: CAPWAP_RM: Neighbor interval timer expired, slot 1, band 0
*Aug 23 18:17:49.017: CAPWAP_RM: Triggering neighbor request on ch index: 3
*Aug 23 18:17:49.017: CAPWAP_RM: Sending neighbor packet #3 on channel 48 with power 1 slot 1
*Aug 23 18:17:49.017: CAPWAP_RM: Scheduling next neighbor request on ch index: 4
*Aug 23 18:17:49.159: CAPWAP_RM: Notification for Request id: 4048, slot: 1, status 1
*Aug 23 18:17:49.159: CAPWAP_RM: Neighbor packet sent successfully on 48
*Aug 23 18:17:49.162: CAPWAP_RM: Notification for Request id: 4048, slot: 1, status 1
*Aug 23 18:17:49.162: CAPWAP_RM: Neighbor packet sent successfully on 48
*Aug 23 18:17:52.018: CAPWAP_RM: Timer expiry
*Aug 23 18:17:52.018: CAPWAP_RM: Neighbor interval timer expired, slot 1, band 0
*Aug 23 18:17:52.018: CAPWAP_RM: Skipping neighor request chan 52; DFS channel
*Aug 23 18:17:52.018: CAPWAP_RM: Scheduling next neighbor request on ch index: 5
*Aug 23 18:17:53.327: CAPWAP_RM: Timer expiry
RM Neighbor debugging
Another debugging command at the AP level will display NDP packets being received from other APs, including those not in the same RF group.
AP1#debug capwap rm neighbor
CAPWAP RM Neighbor display debugging is on *Aug 23 18:31:33.529: LWAPP NEIGHBOR: Pak size 104 from 58bc.27xx.xxxx, interface - 1
*Aug 23 18:31:33.529: LWAPP NEIGHBOR: Updating existing neighbor 58bc.27xx.xxxx(1), rssi -35 on channel: 161 with encryption: 0
*Aug 23 18:31:33.532: LWAPP NEIGHBOR: NDP Rx: From 58bc.27xx.xxxx RSSI [raw:norm:avg]=[-36:-36:-36] [Neigh Srv Chan: Neigh Off Chan : NDP Pwr]=[161:157:20 dB] Rcv Ch Max Pwr [20 dB]
We briefly went over the purpose of Cisco NDP, neighbor discovery protocol, and how crucial it is to the RRM algorithms. I showed you where in the WLC GUI you can make changes to the NDP intervals but it is not recommended to change them other than the Neighbor Timeout Factor interval. In addition to capturing the NDP messages over-the-air, we saw how to capture NDP and some other RRM functions using debug commands from the controller and the AP.
The content of this post was first published on packet6.com