In this episode, we go over the Cisco Neighbor Discovery Protocol. The basis of Cisco RRM.
This episode is sponsored by Metageek.
Cisco WLC Neighbor Discovery Protocol (NDP)
Cisco NDP, short for Neighbor Discovery Protocol and Neighbor Discovery Packets, is a critical component of Cisco’s auto RF feature, Radio Resource Management (RRM). The purpose of NDP is to provide over the air (OTA) messages between access points (AP). It monitors and manages what each AP sees in the radio frequency (RF). It’s essentially how every AP sees other APs in an RF Group or Neighborhood. The end result is actual RF path loss between APs.
I see NDP as a way for APs to build a map of their locations in relation to each other based on RF propagation and path losses. Every 180 seconds (3 minutes), an AP will send an over the air (OTA) message to a multicast address, 01:0B:85:00:00:00, from each channel.
NDP messages are sent at the highest transmit power and at the lowest data rate supported for the channel being transmitted on. The transmit power and data rate selection is not configurable by the end user and is hard coded.
Cisco Neighbor Discovery Protocol forms the basis of many algorithms within Cisco RRM. Because of that, it goes without saying, if NDP doesn’t work neither does RRM.
Learn more RRM from the white paper.
NDP is used by the following
- RF Grouping Algorithm
- Transmit Power Control (TPC – basis calculation for TPCv2)
- Flexible Radio Architecture (FRA – basis for coverage overlap factor)
- Rogue detection (If AP isn’t sending NDPs or unintelligible NDP then it is a rogue)
- CleanAir (Used for interference reports)
- CMX (For AP RF distance and path loss measurements)
As you can see, NDP is very important for RRM.
What’s inside a Cisco NDP Packet?
Field Name | Description |
Radio Identifier | Slot ID for the sending radio |
Group ID | IP Address and Priority code of sends WLC |
Hash | RF Group name converted to a hash for authentication |
IP address | IP of sending AP’s RRM Group Leader |
Encrypted ? | Are we using Encrypted NDP? |
Version | Version of NDP |
APs Channel | Operating channel of the sending radio |
Encryption Key Length | |
Encryption Key Name | |
Message Channel | Channel the NDP was sent on |
Message Power | The power (in dBm) the message was sent at |
Antenna | Antenna pattern of the sending radio |
When an AP hears and receives an NDP message, it will validate the message from the transmitting AP to determine if it is a member of the same RF group. If it’s a valid NDP, the receiving AP will forward the message to the controller along with information such as the received channel and RSSI.
If the message is not in the same RF group it will be invalid and the packet will be dropped.
The message is added to a neighbor database. Each radio on each AP can store up to 34 neighbors ordered by RSSI, high to low.
There are two measurements taken:
- RX neighbors – “How I hear other APs”
- TX Neighbors – “How other APs hear me”
Configure Cisco NDP frequency
The frequency in which Neighbor Discovery Packets are sent out can be configured from the WLAN controller. By default, it is 180 seconds (3 minutes). It is recommended to keep this at the default.
The Channel Scan Interval is 180 seconds by default. Each channel dwell has to be completed within 180 seconds.
The Neighbor Timeout Factor is by default set to 5. This multiplier is multiplied by the Neighbor Packet Frequency value to come up with the timeout value. So with a default of 180 seconds for the Neighbor Packet Frequency x 5 = 900 seconds. This is the value used to determine when to prune access points from the neighbor list that have timed out.
If an AP were to disappear from the network, it would remain on other AP’s neighbor list until the pruning begins which is every 15 minutes.
To see these NDP packets over-the-air, I had two access points joined to my Cisco 2504 lab controller. Using Omnipeek, I set my adapter to to capture on Channel 64. I created a filter on the MAC address using addr(ethernet:’01:0B:85:00:00:00’).
In the screenshot below, notice the destination multicast address of 01:0B:85:00:00:00. Under the Relative Time column the NDP is sent out every 3 minutes, which is the default.
To find neighbor information using the Web GUI, click on the Monitor heading and on the left side, expand Access Points > Radios > Select radio.
Then move your cursor all the way to the right and hover over the blue dropdown box to select Detail.
Use Command Line
Using the CLI, we can view nearby APs from the controller by selecting which AP to get the view from. There are three options to select from.
(Cisco Controller) >show ap auto-rf ?
802.11-abgn Display information for DualBand 802.11a/b/g/n.
802.11a Display information for 802.11a.
802.11b Display information for 802.11b/g.
802.11-abgn is used for APs with FRA.
802.11a displays information from the 5 GHz radio.
802.11b displays information from the 2.4 GHz radio.
Here’s truncated output from AP1 showing three neighboring APs.
(Cisco Controller)> show ap auto-rf 802.11a AP1
Nearby APs
AP 00:3a:7d:44:44:44 slot 1.................. -23 dBm on 36 20MHz (192.168.1.5) AP4
AP 58:bc:27:33:33:33 slot 1.................. -18 dBm on 100 20MHz (192.168.1.5) AP3
AP 58:bc:27:22:22:22 slot 1.................. -40 dBm on 44 20MHz (192.168.1.5) AP2
View NDP via CLI on AP
Another great debugging command is to view the RM measurements occurring from the access point. NDP packets will be sent out on each channel as you can see in the output below. I’ve truncated the rest of the messages.
AP1#debug capwap rm measurements
CAPWAP RM Measurements display debugging is on
*Aug 23 18:17:46.016: CAPWAP_RM: Timer expiry
*Aug 23 18:17:46.016: CAPWAP_RM: Neighbor interval timer expired, slot 1, band 0
*Aug 23 18:17:46.016: CAPWAP_RM: Triggering neighbor request on ch index: 2
*Aug 23 18:17:46.016: CAPWAP_RM: Sending neighbor packet #2 on channel 44 with power 1 slot 1
*Aug 23 18:17:46.016: CAPWAP_RM: Scheduling next neighbor request on ch index: 3
*Aug 23 18:17:46.230: CAPWAP_RM: Notification for Request id: 4044, slot: 1, status 1
*Aug 23 18:17:46.230: CAPWAP_RM: Neighbor packet sent successfully on 44
*Aug 23 18:17:46.233: CAPWAP_RM: Notification for Request id: 4044, slot: 1, status 1
*Aug 23 18:17:46.233: CAPWAP_RM: Neighbor packet sent successfully on 44
*Aug 23 18:17:49.017: CAPWAP_RM: Timer expiry
*Aug 23 18:17:49.017: CAPWAP_RM: Neighbor interval timer expired, slot 1, band 0
*Aug 23 18:17:49.017: CAPWAP_RM: Triggering neighbor request on ch index: 3
*Aug 23 18:17:49.017: CAPWAP_RM: Sending neighbor packet #3 on channel 48 with power 1 slot 1
*Aug 23 18:17:49.017: CAPWAP_RM: Scheduling next neighbor request on ch index: 4
*Aug 23 18:17:49.159: CAPWAP_RM: Notification for Request id: 4048, slot: 1, status 1
*Aug 23 18:17:49.159: CAPWAP_RM: Neighbor packet sent successfully on 48
*Aug 23 18:17:49.162: CAPWAP_RM: Notification for Request id: 4048, slot: 1, status 1
*Aug 23 18:17:49.162: CAPWAP_RM: Neighbor packet sent successfully on 48
*Aug 23 18:17:52.018: CAPWAP_RM: Timer expiry
*Aug 23 18:17:52.018: CAPWAP_RM: Neighbor interval timer expired, slot 1, band 0
*Aug 23 18:17:52.018: CAPWAP_RM: Skipping neighor request chan 52; DFS channel
*Aug 23 18:17:52.018: CAPWAP_RM: Scheduling next neighbor request on ch index: 5
*Aug 23 18:17:53.327: CAPWAP_RM: Timer expiry
RM Neighbor debugging
Another debugging command at the AP level will display NDP packets being received from other APs, including those not in the same RF group.
AP1#debug capwap rm neighbor
CAPWAP RM Neighbor display debugging is on
*Aug 23 18:31:33.529: LWAPP NEIGHBOR: Pak size 104 from 58bc.27xx.xxxx, interface - 1
*Aug 23 18:31:33.529: LWAPP NEIGHBOR: Updating existing neighbor 58bc.27xx.xxxx(1), rssi -35 on channel: 161 with encryption: 0
*Aug 23 18:31:33.529: LWAPP NEIGHBOR: Configured Antennas: 2, PA_POWER: 17, TPO_CONTRIBUTION: 3, Total NDP Power: 20
*Aug 23 18:31:33.529: LWAPP NEIGHBOR: Neighbor update 58bc.27xx.xxxx(avg -36), new rssi -35, channel 161
*Aug 23 18:31:33.529: LWAPP NEIGHBOR: NDP-TLV: Received ndp-tlv payload
*Aug 23 18:31:33.529: LWAPP NEIGHBOR: NDP: copy TLV data to neighbor
*Aug 23 18:31:33.529: LWAPP NEIGHBOR: NDP Rx: From 58bc.27xx.xxxx RSSI [raw:norm:avg]=[-35:-35:-36] [Neigh Srv Chan: Neigh Off Chan : NDP Pwr]=[161:157:20 dB] Rcv Ch Max Pwr [20 dB]
*Aug 23 18:31:33.532: LWAPP NEIGHBOR: Pak size 76 from 58bc.27xx.xxxx, interface - 1
*Aug 23 18:31:33.532: LWAPP NEIGHBOR: Updating existing neighbor 58bc.27xx.xxxx(1), rssi -36 on channel: 161 with encryption: 0
*Aug 23 18:31:33.532: LWAPP NEIGHBOR: Configured Antennas: 2, PA_POWER: 17, TPO_CONTRIBUTION: 3, Total NDP Power: 20
*Aug 23 18:31:33.532: LWAPP NEIGHBOR: Neighbor update 58bc.27xx.xxxx(avg -36), new rssi -36, channel 161
*Aug 23 18:31:33.532: LWAPP NEIGHBOR: NDP Rx: From 58bc.27xx.xxxx RSSI [raw:norm:avg]=[-36:-36:-36] [Neigh Srv Chan: Neigh Off Chan : NDP Pwr]=[161:157:20 dB] Rcv Ch Max Pwr [20 dB]
