CTS 107: What’s The Purpose of Cisco CleanAir

Are you fully utilizing CleanAir to it’s maximum capability? We dive into the intricacies of Cisco CleanAir.

This episode is sponsored by Metageek

Sponsored by Metageek

Cisco CleanAir

Download your free CleanAir Reference Sheet PDF

The earliest Cisco WLC version where Cisco CleanAir was released dates back to the 7.0 days. Sometime around the year 2010. Cisco CleanAir is always on within an AP, granted if it is Enabled in the WLC. There is a Spectrum Analysis Engine (SaGE) chip built into the AP. This is important to know because it doesn’t prevent the AP from serving clients. SaGE works alongside the Wi-Fi chip. There is no affect to client throughput or traffic.

To enhance Cisco RRM’s features, CleanAir plays a critical role in allowing RRM to change channels if persistent interference is detected. CleanAir will field the appropriate algorithms to help the WLC make changes to improve an environment.

Cisco CleanAir produces two important elements:

  • Interference Device Report
  • Air Quality Index

The Interference Device Report (IDR) provides information on detected interference. It will provide a class type, what band the interference was detected on and on what channel(s), the severity of the interference, it’s duty cycle, and the interference signature.

The Air Quality Index (AQI) provides a quality score, from 0 – 100%, with 100% being good. The index will display total channel power, total channel duty cycle, the power of the interferer and total interference duty cycle.

A benefit of using Cisco CleanAir is having the ability to troubleshoot the shared spectrum remotely and without any additional hardware. A CleanAir supported access point can be utilized for this purpose. Some things to keep in mind when using your CleanAir access point for troubleshooting interference:

There are three modes:

  • Local – The AP will continue to serve clients on its operating channel. But any spectrum monitoring is performed on that channel only.
  • Monitor – The AP doesn’t server any clients but provides full time scanning.
  • Spectrum Expert Connect – This is a dedicated spectrum sensor and doesn’t serve any clients.

In times when the best response is to use technical support hands to troubleshoot the issue, having a method of automatically mitigating an interference issue can be highly beneficial. It can cut time to resolution down and react faster than a support team that is reactionary.

What we’d like to see from CleanAir is the ability to tell an administrator whether any action needs to be performed. While interference and air quality is determined on any given channel, does it even matter? Are any users impacted negatively? A smarter system would be able to detect interference and provide exactly which users are having issues directly related to this interferer and what kind of impact that is. And a step further would be to automatically adjust the system to fix the problem.

We’ve included some images of Cisco CleanAir in action from within Spectrum Expert and Metageek Chanalyzer.

Links and Resources and News


We are giving away CTS apparel of your choice. Either a CTS shirt or sweater! To enter, do the following:

  1. Enter the form below
  2. Follow @cleartosend on twitter
  3. Leave us a review on iTunes
  4. Let us know what was your most recent interference encounter in the comments below
  5. And don’t forget to tell everyone that you’ve entered #cts107 giveaway

CTS 104: Cisco DCA

What is Cisco DCA and how does it work with RRM.

This episode is sponsored by Metageek

Sponsored by Metageek

Cisco RRM DCA – Dynamic Channel Assignment

DCA, or Dynamic Channel Assignment, is a core component of Cisco Radio Resource Management (RRM). It runs a critical algorithm which dynamically changes an access points (AP) client serving channel based on multiple parameters, collectively called a Cost Metric. To really get an understanding of Cisco RRM, start with our previous episode on Cisco NDP.

DCA is configured under 802.11a/n/ac (5 GHz) and 802.11b/g/n (2.4 GHz)

Configuring DCA for 802.11a/n/ac

Channel Assignment Method

The first thing you will notice is the Channel Assignment Method of Automatic, Freeze, or Off.

Automatic will run the DCA algorithm at the define Interval which is every 10 minutes by default. The anchor point is used to set the time of day the DCA algorithm would start.

For less frequent channel changes, increase the interval.

Keep in mind that clients will be disconnected briefly for a channel change.

Freeze does not run the DCA algorithm unless triggered.

Off disables the use of RRM and its auto-rf capabilities.

Avoid Foreign AP interference

Enabling this option allows RRM to take surrounding neighboring APs that are not part of your network into consideration.

RRM will create a channel plan to help mitigate co-channel interference.

Avoid Cisco AP Load

This option allows RRM to consider the traffic load on an access point to help build a better channel plan.

I don’t believe in enabling this feature because it can be difficult to make a client device associate with a specific AP.

Avoiding non-802.11a|b noise

This RRM option takes interference on the channel into consideration for the channel plan.

The category of interference is anything coming from a non-AP.

Persistent Device Avoidance

Sometimes there is non-Wi-Fi device interference affecting your wireless network. DCA can help mitigate the issue if Avoid Persistent Non-WiFi Interference option is enabled.

RRM will receive information from CleanAir and if the interference is creating a negative impact, RRM can issue a channel change to avoid it.

Viewing persistent devices can be done by viewing the details of an AP from the web interface. At the bottom of the page are all the persistent devices being tracked including the class type, on what channel the interference was heard, what the duty cycle is, RSSI, and when it was last seen.

Persistent Device Avoidance

DCA Channel Sensitivity

DCA has three different modes it could be in:

  • Scheduled – DCA algorithm runs at a selected time. Usually to minimize changes to off peak hours.
  • Steady State – DCA algorithm running at a specified interval.
  • Startup Mode – Used when making changes to the wireless network architecture. It restarts the DCA algorithm and runs for 100 minutes at high sensitivity.

By default, DCA has a medium channel sensitivity at 15 dB for 5 GHz and 10 dB for 2.4 GHz. This is the DCA Sensitivity Threshold.

By changing the channel sensitivity to high, then a cost metric of 5 dB better will recommend a channel change.

DCA Channel List

To have DCA dynamically select a channel, it must be in the Channel List. You can select specific channels for DCA to select from or select them all, including the UNII-2 channels.

Dynamic Bandwidth Selection

RRM has a flexible way to assign bandwidth to APs by analyzing the RF and selecting the best channel width.

By default, DCA uses 20 MHz channels. You can configure Cisco RRM DCA all the way up to 160 MHz channels or select Best to have RRM pick for you.

If an AP doesn’t support 40/80/160 MHz channels it will not be configured for it.

Dynamic Bandwidth Selection

To see DCA dynamically select channels, head over to the CLI on the controller and enter the debug command:

debug airewave-director channel enable

*RRM-CLNT-5_0: Aug 27 12:04:48.270: 58:bc:27:33:33:33 Slot 1: Channel set request on 58:bc:27:33:33:33(1) to (100, 104, 0, 0) 40 MHz Before -62, After -72  Second best: ch 157 wd 40 mt -86 RRF:enabled(0) metric(199) 
*RRM-CLNT-5_0: Aug 27 12:04:48.270:    [spamGetMeshBhRRMStatus] 0 
*RRM-CLNT-5_0: Aug 27 12:04:48.270: 58:bc:27:33:33:33 new channel width label set from 3 to 4 
*RRM-CLNT-5_0: Aug 27 12:04:48.270: 58:bc:27:33:33:33 slot 1 Set new channel 100 width label 4 
*RRM-CLNT-5_0: Aug 27 12:04:48.270: 58:bc:27:33:33:33 sent channel to spam  and call trap(0) 
*RRM-CLNT-5_0: Aug 27 12:04:48.270: 58:bc:27:33:33:33 Airewave Director: Final Channel Assignment (100,104,0,0) configured on AP  58:bc:27:33:33:33(1) 
*RRM-CLNT-5_0: Aug 27 12:04:48.270: 58:bc:27:33:33:33 Airewave Director: set channel on cell 58:bc:27:33:33:33(1) to 100 from 100 to reduce co-channel interference from (-128,-128,-62) to (-128,-128,-72) reason 1

In the output above, Cisco RRM DCA made a request to change an AP to a 40 MHz channel width using primary channel 100 and secondary 104.

At the very end, RRM sets the channel to 100 with the reason – to reduce co-channel interference.

From command line, it is possible to view when the last channel assignment was set using the following show command:

show ap auto-rf 802.11a <ap-name>

  Channel Assignment Information 
    Current Channel Average Energy...............  -71 dBm 
    Previous Channel Average Energy..............  -71 dBm 
    Channel Change Count......................... 541 
    Last Channel Change Time..................... Sat Aug 27 12:14:59 2016 
    Recommended Best Channel..................... 116

802.11a – shows the 5 GHz radio
802.11b – shows the 2.4 GHz radio
<ap-name> – replace with the name of your AP

The output was truncated just to display the channel assignment information. You can see the current and previous channel average energy, how many times the channel has changed, when it was last changed, and which is the best recommended channel.

Event Driven RRM

If you need the wireless network to react quickly and automatically to bad interference, ED-RRM is an option to enable.

An example could be a device using 100% duty cycle causing all nearby APs and clients to hold off communicating on the wireless medium. ED-RRM would allow an AP to make the channel change sooner than when the DCA interval kicks in.

To configure ED-RRM:

1. Click on Wireless
2. Click on 802.11a/n/ac or 802.11b/g/n
3. Click on DCA
4. At the bottom of the page, enable EDRRM
5. Set the sensitivity threshold to Low (my recommendation is not go above Medium)

Event Driven RRM

The sensitivity threshold defines the air quality (AQ) at the following:

  • Low sensitivity – AQ at 35%
  • Medium sensitivity – AQ at 50%
  • High sensitivity – AQ at 60%

An air quality of 100% is good, very bad is 0%

The Rogue Duty-Cycle option will allow you to set the percentage of duty cycle and rogue duty cycle occurs before triggering EDRRM.

To learn more details about Cisco’s RRM – DCA be sure to check out the white paper from Cisco.

Links and Resources

CTS 103: Cisco WLC NDP

In this episode, we go over the Cisco Neighbor Discovery Protocol. The basis of Cisco RRM.

This episode is sponsored by Metageek.

Sponsored by Metageek

Cisco WLC Neighbor Discovery Protocol (NDP)

Cisco NDP, short for Neighbor Discovery Protocol and Neighbor Discovery Packets, is a critical component of Cisco’s auto RF feature, Radio Resource Management (RRM). The purpose of NDP is to provide over the air (OTA) messages between access points (AP). It monitors and manages what each AP sees in the radio frequency (RF). It’s essentially how every AP sees other APs in an RF Group or Neighborhood. The end result is actual RF path loss between APs.

I see NDP as a way for APs to build a map of their locations in relation to each other based on RF propagation and path losses. Every 180 seconds (3 minutes), an AP will send an over the air (OTA) message to a multicast address, 01:0B:85:00:00:00, from each channel.

NDP messages are sent at the highest transmit power and at the lowest data rate supported for the channel being transmitted on. The transmit power and data rate selection is not configurable by the end user and is hard coded.

Cisco Neighbor Discovery Protocol forms the basis of many algorithms within Cisco RRM. Because of that, it goes without saying, if NDP doesn’t work neither does RRM.

Learn more RRM from the white paper.

NDP is used by the following

  • RF Grouping Algorithm
  • Transmit Power Control (TPC – basis calculation for TPCv2)
  • Flexible Radio Architecture (FRA – basis for coverage overlap factor)
  • Rogue detection (If AP isn’t sending NDPs or unintelligible NDP then it is a rogue)
  • CleanAir (Used for interference reports)
  • CMX (For AP RF distance and path loss measurements)

As you can see, NDP is very important for RRM.

What’s inside a Cisco NDP Packet?

Field Name
Radio Identifier
Slot ID for the sending radio
Group ID
IP Address and Priority code of sends WLC
RF Group name converted to a hash for authentication
IP address
IP of sending AP’s RRM Group Leader
Encrypted ?
Are we using Encrypted NDP?
Version of NDP
APs Channel
Operating channel of the sending radio
Encryption Key Length
Encryption Key Name
Message Channel
Channel the NDP was sent on
Message Power
The power (in dBm) the message was sent at
Antenna pattern of the sending radio

When an AP hears and receives an NDP message, it will validate the message from the transmitting AP to determine if it is a member of the same RF group. If it’s a valid NDP, the receiving AP will forward the message to the controller along with information such as the received channel and RSSI.

If the message is not in the same RF group it will be invalid and the packet will be dropped.

The message is added to a neighbor database. Each radio on each AP can store up to 34 neighbors ordered by RSSI, high to low.

There are two measurements taken:

  • RX neighbors – “How I hear other APs”
  • TX Neighbors – “How other APs hear me”

Configure Cisco NDP frequency

The frequency in which Neighbor Discovery Packets are sent out can be configured from the WLAN controller. By default, it is 180 seconds (3 minutes). It is recommended to keep this at the default.

The Channel Scan Interval is 180 seconds by default. Each channel dwell has to be completed within 180 seconds.

The Neighbor Timeout Factor is by default set to 5. This multiplier is multiplied by the Neighbor Packet Frequency value to come up with the timeout value. So with a default of 180 seconds for the Neighbor Packet Frequency x 5 = 900 seconds. This is the value used to determine when to prune access points from the neighbor list that have timed out.

If an AP were to disappear from the network, it would remain on other AP’s neighbor list until the pruning begins which is every 15 minutes.

Configuring NDP intervals in Cisco WLC.

To see these NDP packets over-the-air, I had two access points joined to my Cisco 2504 lab controller. Using Omnipeek, I set my adapter to to capture on Channel 64. I created a filter on the MAC address using addr(ethernet:’01:0B:85:00:00:00’).

In the screenshot below, notice the destination multicast address of 01:0B:85:00:00:00. Under the Relative Time column the NDP is sent out every 3 minutes, which is the default.

List of Cisco NDP packets in Omnipeek.

To find neighbor information using the Web GUI, click on the Monitor heading and on the left side, expand Access Points > Radios > Select radio.

Monitoring Cisco access points.

Then move your cursor all the way to the right and hover over the blue dropdown box to select Detail.

Selecting detailed under the 5GHz radio.

Cisco WLC displaying Rx neighbors based on NDP.

Use Command Line

Using the CLI, we can view nearby APs from the controller by selecting which AP to get the view from. There are three options to select from.
(Cisco Controller) >show ap auto-rf ?

802.11-abgn Display information for DualBand 802.11a/b/g/n.
802.11a Display information for 802.11a.
802.11b Display information for 802.11b/g.
802.11-abgn is used for APs with FRA.
802.11a displays information from the 5 GHz radio.
802.11b displays information from the 2.4 GHz radio.

Here’s truncated output from AP1 showing three neighboring APs.
(Cisco Controller)> show ap auto-rf 802.11a AP1
Nearby APs
AP 00:3a:7d:44:44:44 slot 1.................. -23 dBm on 36 20MHz ( AP4
AP 58:bc:27:33:33:33 slot 1.................. -18 dBm on 100 20MHz ( AP3
AP 58:bc:27:22:22:22 slot 1.................. -40 dBm on 44 20MHz ( AP2

View NDP via CLI on AP

Another great debugging command is to view the RM measurements occurring from the access point. NDP packets will be sent out on each channel as you can see in the output below. I’ve truncated the rest of the messages.
AP1#debug capwap rm measurements
CAPWAP RM Measurements display debugging is on
*Aug 23 18:17:46.016: CAPWAP_RM: Timer expiry
*Aug 23 18:17:46.016: CAPWAP_RM: Neighbor interval timer expired, slot 1, band 0
*Aug 23 18:17:46.016: CAPWAP_RM: Triggering neighbor request on ch index: 2
*Aug 23 18:17:46.016: CAPWAP_RM: Sending neighbor packet #2 on channel 44 with power 1 slot 1
*Aug 23 18:17:46.016: CAPWAP_RM: Scheduling next neighbor request on ch index: 3
*Aug 23 18:17:46.230: CAPWAP_RM: Notification for Request id: 4044, slot: 1, status 1
*Aug 23 18:17:46.230: CAPWAP_RM: Neighbor packet sent successfully on 44
*Aug 23 18:17:46.233: CAPWAP_RM: Notification for Request id: 4044, slot: 1, status 1
*Aug 23 18:17:46.233: CAPWAP_RM: Neighbor packet sent successfully on 44
*Aug 23 18:17:49.017: CAPWAP_RM: Timer expiry
*Aug 23 18:17:49.017: CAPWAP_RM: Neighbor interval timer expired, slot 1, band 0
*Aug 23 18:17:49.017: CAPWAP_RM: Triggering neighbor request on ch index: 3
*Aug 23 18:17:49.017: CAPWAP_RM: Sending neighbor packet #3 on channel 48 with power 1 slot 1
*Aug 23 18:17:49.017: CAPWAP_RM: Scheduling next neighbor request on ch index: 4
*Aug 23 18:17:49.159: CAPWAP_RM: Notification for Request id: 4048, slot: 1, status 1
*Aug 23 18:17:49.159: CAPWAP_RM: Neighbor packet sent successfully on 48
*Aug 23 18:17:49.162: CAPWAP_RM: Notification for Request id: 4048, slot: 1, status 1
*Aug 23 18:17:49.162: CAPWAP_RM: Neighbor packet sent successfully on 48
*Aug 23 18:17:52.018: CAPWAP_RM: Timer expiry
*Aug 23 18:17:52.018: CAPWAP_RM: Neighbor interval timer expired, slot 1, band 0
*Aug 23 18:17:52.018: CAPWAP_RM: Skipping neighor request chan 52; DFS channel
*Aug 23 18:17:52.018: CAPWAP_RM: Scheduling next neighbor request on ch index: 5
*Aug 23 18:17:53.327: CAPWAP_RM: Timer expiry

RM Neighbor debugging

Another debugging command at the AP level will display NDP packets being received from other APs, including those not in the same RF group.

AP1#debug capwap rm neighbor

CAPWAP RM Neighbor display debugging is on
*Aug 23 18:31:33.529: LWAPP NEIGHBOR: Pak size 104 from 58bc.27xx.xxxx, interface - 1

*Aug 23 18:31:33.529: LWAPP NEIGHBOR:  Updating existing neighbor 58bc.27xx.xxxx(1), rssi -35 on channel: 161 with encryption: 0

*Aug 23 18:31:33.529: LWAPP NEIGHBOR: Configured Antennas: 2, PA_POWER: 17, TPO_CONTRIBUTION: 3, Total NDP Power: 20

*Aug 23 18:31:33.529: LWAPP NEIGHBOR:  Neighbor update 58bc.27xx.xxxx(avg -36), new rssi -35, channel 161

*Aug 23 18:31:33.529: LWAPP NEIGHBOR: NDP-TLV: Received ndp-tlv payload

*Aug 23 18:31:33.529: LWAPP NEIGHBOR: NDP: copy TLV data to neighbor

*Aug 23 18:31:33.529: LWAPP NEIGHBOR: NDP Rx: From 58bc.27xx.xxxx RSSI [raw:norm:avg]=[-35:-35:-36] [Neigh Srv Chan: Neigh Off Chan : NDP Pwr]=[161:157:20  dB] Rcv Ch Max Pwr [20  dB]

*Aug 23 18:31:33.532: LWAPP NEIGHBOR: Pak size 76 from 58bc.27xx.xxxx, interface - 1

*Aug 23 18:31:33.532: LWAPP NEIGHBOR:  Updating existing neighbor 58bc.27xx.xxxx(1), rssi -36 on channel: 161 with encryption: 0

*Aug 23 18:31:33.532: LWAPP NEIGHBOR: Configured Antennas: 2, PA_POWER: 17, TPO_CONTRIBUTION: 3, Total NDP Power: 20

*Aug 23 18:31:33.532: LWAPP NEIGHBOR:  Neighbor update 58bc.27xx.xxxx(avg -36), new rssi -36, channel 161

*Aug 23 18:31:33.532: LWAPP NEIGHBOR: NDP Rx: From 58bc.27xx.xxxx RSSI [raw:norm:avg]=[-36:-36:-36] [Neigh Srv Chan: Neigh Off Chan : NDP Pwr]=[161:157:20  dB] Rcv Ch Max Pwr [20  dB]


We briefly went over the purpose of Cisco NDP, neighbor discovery protocol, and how crucial it is to the RRM algorithms. I showed you where in the WLC GUI you can make changes to the NDP intervals but it is not recommended to change them other than the Neighbor Timeout Factor interval. In addition to capturing the NDP messages over-the-air, we saw how to capture NDP and some other RRM functions using debug commands from the controller and the AP.
The content of this post was first published on

CTS 097: Studying For CCNP Wireless Certification

François talks about this experience in studying for the CCNP Wireless certification and how you can get started.

This episode is sponsored by Metageek

Sponsored by Metageek

CCNP Wireless

Studying for CCNP Wireless

In order to get the CCNP Wireless certification, you need to pass the following 4 exams:

  • 300-360 WIDESIGN – Designing Cisco Wireless Enterprises Networks
  • 300-365 WIDEPLOY – Deploying Cisco Wireless Enterprises Networks
  • 300-375 WISECURE – Securing Cisco Wireless Enterprises Networks 
  • 300-370 WITSHOOT – Troubleshoot Cisco Wireless Enterprises Networks

François recommends studying them in the order above.

They are ranging between 55 and 60 questions each and you have 110 mins to complete them and each exam is $300 USD each.

How to study

Self study

  • Read the exam objectives
    • WIDESIGN Exam Topics – The Cisco Learning Network
    • WIDEPLOY Exam Topics – The Cisco Learning Network
    • WITSHOOT Exam Topics – The Cisco Learning Network
    • WISECURE Exam Topics – The Cisco Learning Network
  • Create a study book of all of the subjects you want to study
  • Research Cisco documentations to find more information about these specific subjects
  • Look at the Study Materials Tab on the exam page
  • If you have equipment, you can setup a lab and practise the configurations
    • Setup your own labs you will need at least 1 AP and 1 WLC
    • Configure dynamic interfaces
    • Configure Interfaces groups
    • Configure AP Groups and RF Profiles
    • Configure different SSID configurations
    • Troubleshoot an AP no joining
    • Ask a friend to break your config and try to troubleshoot it
    • Setup a freeradius server so you can test 802.1X even if you don’t have ISE
  • If you don’t have access to a WLC, you can download a virtual WLC with a 60 days eval license at Wireless – Cisco Virtual Wireless Controller – Cisco
    • It will be a .ova file ready to be used as a virtual machine
  • If you don’t have a Cisco AP, you can purchase an older one on eBay for cheap (ex: 3502)

Other ways to study

CTS 075: Controller vs Controller-less?

Today’s wireless networks can be built using controller-based hardware or controller-less (cloud managed). Which solution is best for your needs depends on what the requirements are.

Wi-Fi Question

Thanks Matt for submitting a question to the podcast:

Hi Guys,

I’m fairly experienced with networking but just starting to focus on wifi for my current employer.

I’ve been listening for a few months now and have heard mentioned a couple of time in regard to the placement of APs in an office environment that they should be in hallways not rooms, also, that in dense environments some 2.4 radios should be turned off.

We have an upgrade happening at the moment and I am considering the AP placement, particularly around larger meeting rooms (~20 seats). Most of our offices are open plan with a large meeting/board room at one end so AP’s are generally in the open but would it also be best to include one in the large meeting room itself?

More generally, what is the technical reason for hallways not rooms and why disable some 2.4 radios and how to calculate which APs to disable?

Really enjoying a different focus and the podcasts have been a great source of knowledge, also considering sitting the CWNA exam soon.

Looking forward to future podcasts, keep up the great work and content.

Listen to the episode for our responses to Matt’s question.

Controller vs Controller-less

What’s the best model to go with today. Should a controller be purchased for the network and utilize centralized traffic forwarding? Or should a controller-less model be a better fit. There’s no hardware controller involved to purchase and updates are done regularly.

François and I tackle some of these points at a high level.

Here are some of the topics we discuss:


  • Centralized
  • Tunneled traffic
  • Hardware costs (CapEx)


  • Locally switched traffic
  • Features added regularly
  • No controller hardware
  • Licensing (OpEx)
  • Examples
    • Meraki
    • Mojo
    • Aerohive
    • Open Mesh
    • Ubiquiti


  • Cisco Mobility Express
  • Aruba Instant
  • Virtual controller
  • Can be tunneled or locally switched

Which is better for you?

The universal answer is, it depends. There are many questions to ask which involves your technical team and management. Do you prefer to have granularity over your WLAN and have ultimate control? Does your team have the expertise to manage a controller? Maybe you need that extra troubleshooting you get when accessing the command line interface.

Many times cost is a big factor. Purchasing a physical controller can take a big chunk of your budget. If you need redundancy you have to buy more than one controller. Cloud-based management of access points gives you less control or flexibility due to the vendor owning the cloud. But on the upside, you get updates much faster, newer features, and easier management of your wireless network.

So it always depends on your needs and requirements.

What do you think is the best model and why?