Cisco RRM: Clear To Send Hosts Cisco Champion Radio

François and I were fortunate to be able to host Cisco Champion Radio this week. We tackled the topic of Cisco Radio Resource Management (RRM) with subject matter expert, Jim Florwick.

Jim is a Technical Marketing Engineer with deep knowledge of how Cisco RRM works.

I started off the conversation by asking Jim what the most common misconceptions are of RRM. He provides a great response because many people seem to leave RRM at its defaults or believe RRM would fix all their RF problems.

Jim provides insight into how the algorithms work and how you should consider them into your design or existing WLAN infrastructure. The important tip he provided was to initiate a DCA restart when major changes have been applied to the WLAN. These changes can be new APs, channel changes, a new controller, you name it.

François asked an important question, how do you perform your validation surveys with RRM in mind? Jim responded with freezing RRM to prevent any changes from occurring while you’re conducting your validation survey. You don’t want to see the same AP shown with two different channels or have transmit power changing while you’re doing your survey.

We then go into the addition of FRA and the complexity it adds to RRM and other topics as well. Give the episode a listen on SoundCloud!

Links and Resources

CTS 112: Wi-Fi Assurance With Sensors

Fred Niehaus and Wes Purvis, of Cisco, discuss how the network sensor brings an impact with Wi-Fi assurance.

CTS 112

The Network Sensor

This episode was all brought together because of a recent announcement of Cisco’s dedicated Wi-Fi network sensor. A smaller AP-looking device, similar to the Cisco 1815, that can be wall-mounted or placed close to the users. It’s purpose is to validate Wi-Fi connectivity.

Named the Cisco Aironet Sensor, there are three components:

  • Wireless performance analytics
  • Real-time client troubleshooting
  • Proactive Health Assessment

Wes Purvis talks about the requirements of running the dedicated sensor:

  • Cisco WLC with 8.5 MR2
  • Cisco DNA Center
Tests for the Cisco Sensor

Cisco Aironet Sensor Tests

François and Rowell ask why even build a sensor with other companies in the market also developing their own kind of sensors. Primarily it was to give more visibility into the network and to do prescribed testing.

The Cisco Aironet Sensor will associate directly with a Cisco AP. Various health checks can be performed by acting like a client device. The results of those tests bypass the Cisco WLC and get reported directly to Cisco DNA Center.

There are three modes to the sensor:

  • Active sensor
  • Wave 2 AP as a sensor
  • Radio as a sensor
Results of the sensor tests

Results of the tests ran by the network sensor

Those last two modes are interesting. A Wave 2 AP can stop serving clients and become a sensor itself to run any diagnostic tests. The third option is available to APs with an XOR radio. One of the radios goes out of service to clients and acts as a client itself, connecting to other APs.

In the episode we did speak about turning an AP into a sensor and the cautions there. Because APs are not near the clients, the results may not reflect the experience of a real client.

Currently, Cisco supports a number of different tests on the sensor. There are about 10-15 available with future expansion into custom tests. Some of those tests include:

  • DNS
  • DHCP
  • Basic connectivity
  • Default gateway
  • Connect to an IP address
  • Download a webpage
  • FTP test

Let us know what you think below in the comments after you listen to the episode with Wes Purvis and Fred Niehaus.

The heatmap of a Cisco sensor.

Sensor heatmap

This Week In Wireless

New CWNE this week – Oguzhan Eren from Turkey became CWNE #266

CWNP Wi-Fi Trek Registration – The registration for this years CWNP Wi-Fi Trek conference begins on March 12th.
Registration Link

T-Mobile Annouces Plans to Deploy 5G in 30 U.S. Cities this year. T-Mobile is already installing 5G equipment as it continues to build its LTE network in the US. The company should be able to deploy a comprehensive 5G layer in time for the debut of 5G consumer devices next year. The service will be used over the 600 MHz spectrum along with spectrum in the 28GHz and 39GHz bands. First cities to be served: New York, Los Angeles, Dallas and Las Vegas. Read more here.

LTE University
Following a Twitter conversation which happened last weekend driven by Jeremy Ward on Private LTE networks or LTE network in general. Jeremy recommended the website to start learning about LTE.

Links and Resources

CTS 107: What’s The Purpose of Cisco CleanAir

Are you fully utilizing CleanAir to it’s maximum capability? We dive into the intricacies of Cisco CleanAir.

This episode is sponsored by Metageek

Sponsored by Metageek

Cisco CleanAir

Download your free CleanAir Reference Sheet PDF

The earliest Cisco WLC version where Cisco CleanAir was released dates back to the 7.0 days. Sometime around the year 2010. Cisco CleanAir is always on within an AP, granted if it is Enabled in the WLC. There is a Spectrum Analysis Engine (SaGE) chip built into the AP. This is important to know because it doesn’t prevent the AP from serving clients. SaGE works alongside the Wi-Fi chip. There is no affect to client throughput or traffic.

To enhance Cisco RRM’s features, CleanAir plays a critical role in allowing RRM to change channels if persistent interference is detected. CleanAir will field the appropriate algorithms to help the WLC make changes to improve an environment.

Cisco CleanAir produces two important elements:

  • Interference Device Report
  • Air Quality Index

The Interference Device Report (IDR) provides information on detected interference. It will provide a class type, what band the interference was detected on and on what channel(s), the severity of the interference, it’s duty cycle, and the interference signature.

The Air Quality Index (AQI) provides a quality score, from 0 – 100%, with 100% being good. The index will display total channel power, total channel duty cycle, the power of the interferer and total interference duty cycle.

A benefit of using Cisco CleanAir is having the ability to troubleshoot the shared spectrum remotely and without any additional hardware. A CleanAir supported access point can be utilized for this purpose. Some things to keep in mind when using your CleanAir access point for troubleshooting interference:

There are three modes:

  • Local – The AP will continue to serve clients on its operating channel. But any spectrum monitoring is performed on that channel only.
  • Monitor – The AP doesn’t server any clients but provides full time scanning.
  • Spectrum Expert Connect – This is a dedicated spectrum sensor and doesn’t serve any clients.

In times when the best response is to use technical support hands to troubleshoot the issue, having a method of automatically mitigating an interference issue can be highly beneficial. It can cut time to resolution down and react faster than a support team that is reactionary.

What we’d like to see from CleanAir is the ability to tell an administrator whether any action needs to be performed. While interference and air quality is determined on any given channel, does it even matter? Are any users impacted negatively? A smarter system would be able to detect interference and provide exactly which users are having issues directly related to this interferer and what kind of impact that is. And a step further would be to automatically adjust the system to fix the problem.

We’ve included some images of Cisco CleanAir in action from within Spectrum Expert and Metageek Chanalyzer.

Links and Resources and News


We are giving away CTS apparel of your choice. Either a CTS shirt or sweater! To enter, do the following:

  1. Enter the form below
  2. Follow @cleartosend on twitter
  3. Leave us a review on iTunes
  4. Let us know what was your most recent interference encounter in the comments below
  5. And don’t forget to tell everyone that you’ve entered #cts107 giveaway

CTS 104: Cisco DCA

What is Cisco DCA and how does it work with RRM.

This episode is sponsored by Metageek

Sponsored by Metageek

Cisco RRM DCA – Dynamic Channel Assignment

DCA, or Dynamic Channel Assignment, is a core component of Cisco Radio Resource Management (RRM). It runs a critical algorithm which dynamically changes an access points (AP) client serving channel based on multiple parameters, collectively called a Cost Metric. To really get an understanding of Cisco RRM, start with our previous episode on Cisco NDP.

DCA is configured under 802.11a/n/ac (5 GHz) and 802.11b/g/n (2.4 GHz)

Configuring DCA for 802.11a/n/ac

Channel Assignment Method

The first thing you will notice is the Channel Assignment Method of Automatic, Freeze, or Off.

Automatic will run the DCA algorithm at the define Interval which is every 10 minutes by default. The anchor point is used to set the time of day the DCA algorithm would start.

For less frequent channel changes, increase the interval.

Keep in mind that clients will be disconnected briefly for a channel change.

Freeze does not run the DCA algorithm unless triggered.

Off disables the use of RRM and its auto-rf capabilities.

Avoid Foreign AP interference

Enabling this option allows RRM to take surrounding neighboring APs that are not part of your network into consideration.

RRM will create a channel plan to help mitigate co-channel interference.

Avoid Cisco AP Load

This option allows RRM to consider the traffic load on an access point to help build a better channel plan.

I don’t believe in enabling this feature because it can be difficult to make a client device associate with a specific AP.

Avoiding non-802.11a|b noise

This RRM option takes interference on the channel into consideration for the channel plan.

The category of interference is anything coming from a non-AP.

Persistent Device Avoidance

Sometimes there is non-Wi-Fi device interference affecting your wireless network. DCA can help mitigate the issue if Avoid Persistent Non-WiFi Interference option is enabled.

RRM will receive information from CleanAir and if the interference is creating a negative impact, RRM can issue a channel change to avoid it.

Viewing persistent devices can be done by viewing the details of an AP from the web interface. At the bottom of the page are all the persistent devices being tracked including the class type, on what channel the interference was heard, what the duty cycle is, RSSI, and when it was last seen.

Persistent Device Avoidance

DCA Channel Sensitivity

DCA has three different modes it could be in:

  • Scheduled – DCA algorithm runs at a selected time. Usually to minimize changes to off peak hours.
  • Steady State – DCA algorithm running at a specified interval.
  • Startup Mode – Used when making changes to the wireless network architecture. It restarts the DCA algorithm and runs for 100 minutes at high sensitivity.

By default, DCA has a medium channel sensitivity at 15 dB for 5 GHz and 10 dB for 2.4 GHz. This is the DCA Sensitivity Threshold.

By changing the channel sensitivity to high, then a cost metric of 5 dB better will recommend a channel change.

DCA Channel List

To have DCA dynamically select a channel, it must be in the Channel List. You can select specific channels for DCA to select from or select them all, including the UNII-2 channels.

Dynamic Bandwidth Selection

RRM has a flexible way to assign bandwidth to APs by analyzing the RF and selecting the best channel width.

By default, DCA uses 20 MHz channels. You can configure Cisco RRM DCA all the way up to 160 MHz channels or select Best to have RRM pick for you.

If an AP doesn’t support 40/80/160 MHz channels it will not be configured for it.

Dynamic Bandwidth Selection

To see DCA dynamically select channels, head over to the CLI on the controller and enter the debug command:

debug airewave-director channel enable

*RRM-CLNT-5_0: Aug 27 12:04:48.270: 58:bc:27:33:33:33 Slot 1: Channel set request on 58:bc:27:33:33:33(1) to (100, 104, 0, 0) 40 MHz Before -62, After -72  Second best: ch 157 wd 40 mt -86 RRF:enabled(0) metric(199) 
*RRM-CLNT-5_0: Aug 27 12:04:48.270:    [spamGetMeshBhRRMStatus] 0 
*RRM-CLNT-5_0: Aug 27 12:04:48.270: 58:bc:27:33:33:33 new channel width label set from 3 to 4 
*RRM-CLNT-5_0: Aug 27 12:04:48.270: 58:bc:27:33:33:33 slot 1 Set new channel 100 width label 4 
*RRM-CLNT-5_0: Aug 27 12:04:48.270: 58:bc:27:33:33:33 sent channel to spam  and call trap(0) 
*RRM-CLNT-5_0: Aug 27 12:04:48.270: 58:bc:27:33:33:33 Airewave Director: Final Channel Assignment (100,104,0,0) configured on AP  58:bc:27:33:33:33(1) 
*RRM-CLNT-5_0: Aug 27 12:04:48.270: 58:bc:27:33:33:33 Airewave Director: set channel on cell 58:bc:27:33:33:33(1) to 100 from 100 to reduce co-channel interference from (-128,-128,-62) to (-128,-128,-72) reason 1

In the output above, Cisco RRM DCA made a request to change an AP to a 40 MHz channel width using primary channel 100 and secondary 104.

At the very end, RRM sets the channel to 100 with the reason – to reduce co-channel interference.

From command line, it is possible to view when the last channel assignment was set using the following show command:

show ap auto-rf 802.11a <ap-name>

  Channel Assignment Information 
    Current Channel Average Energy...............  -71 dBm 
    Previous Channel Average Energy..............  -71 dBm 
    Channel Change Count......................... 541 
    Last Channel Change Time..................... Sat Aug 27 12:14:59 2016 
    Recommended Best Channel..................... 116

802.11a – shows the 5 GHz radio
802.11b – shows the 2.4 GHz radio
<ap-name> – replace with the name of your AP

The output was truncated just to display the channel assignment information. You can see the current and previous channel average energy, how many times the channel has changed, when it was last changed, and which is the best recommended channel.

Event Driven RRM

If you need the wireless network to react quickly and automatically to bad interference, ED-RRM is an option to enable.

An example could be a device using 100% duty cycle causing all nearby APs and clients to hold off communicating on the wireless medium. ED-RRM would allow an AP to make the channel change sooner than when the DCA interval kicks in.

To configure ED-RRM:

1. Click on Wireless
2. Click on 802.11a/n/ac or 802.11b/g/n
3. Click on DCA
4. At the bottom of the page, enable EDRRM
5. Set the sensitivity threshold to Low (my recommendation is not go above Medium)

Event Driven RRM

The sensitivity threshold defines the air quality (AQ) at the following:

  • Low sensitivity – AQ at 35%
  • Medium sensitivity – AQ at 50%
  • High sensitivity – AQ at 60%

An air quality of 100% is good, very bad is 0%

The Rogue Duty-Cycle option will allow you to set the percentage of duty cycle and rogue duty cycle occurs before triggering EDRRM.

To learn more details about Cisco’s RRM – DCA be sure to check out the white paper from Cisco.

Links and Resources

CTS 103: Cisco WLC NDP

In this episode, we go over the Cisco Neighbor Discovery Protocol. The basis of Cisco RRM.

This episode is sponsored by Metageek.

Sponsored by Metageek

Cisco WLC Neighbor Discovery Protocol (NDP)

Cisco NDP, short for Neighbor Discovery Protocol and Neighbor Discovery Packets, is a critical component of Cisco’s auto RF feature, Radio Resource Management (RRM). The purpose of NDP is to provide over the air (OTA) messages between access points (AP). It monitors and manages what each AP sees in the radio frequency (RF). It’s essentially how every AP sees other APs in an RF Group or Neighborhood. The end result is actual RF path loss between APs.

I see NDP as a way for APs to build a map of their locations in relation to each other based on RF propagation and path losses. Every 180 seconds (3 minutes), an AP will send an over the air (OTA) message to a multicast address, 01:0B:85:00:00:00, from each channel.

NDP messages are sent at the highest transmit power and at the lowest data rate supported for the channel being transmitted on. The transmit power and data rate selection is not configurable by the end user and is hard coded.

Cisco Neighbor Discovery Protocol forms the basis of many algorithms within Cisco RRM. Because of that, it goes without saying, if NDP doesn’t work neither does RRM.

Learn more RRM from the white paper.

NDP is used by the following

  • RF Grouping Algorithm
  • Transmit Power Control (TPC – basis calculation for TPCv2)
  • Flexible Radio Architecture (FRA – basis for coverage overlap factor)
  • Rogue detection (If AP isn’t sending NDPs or unintelligible NDP then it is a rogue)
  • CleanAir (Used for interference reports)
  • CMX (For AP RF distance and path loss measurements)

As you can see, NDP is very important for RRM.

What’s inside a Cisco NDP Packet?

Field Name
Radio Identifier
Slot ID for the sending radio
Group ID
IP Address and Priority code of sends WLC
RF Group name converted to a hash for authentication
IP address
IP of sending AP’s RRM Group Leader
Encrypted ?
Are we using Encrypted NDP?
Version of NDP
APs Channel
Operating channel of the sending radio
Encryption Key Length
Encryption Key Name
Message Channel
Channel the NDP was sent on
Message Power
The power (in dBm) the message was sent at
Antenna pattern of the sending radio

When an AP hears and receives an NDP message, it will validate the message from the transmitting AP to determine if it is a member of the same RF group. If it’s a valid NDP, the receiving AP will forward the message to the controller along with information such as the received channel and RSSI.

If the message is not in the same RF group it will be invalid and the packet will be dropped.

The message is added to a neighbor database. Each radio on each AP can store up to 34 neighbors ordered by RSSI, high to low.

There are two measurements taken:

  • RX neighbors – “How I hear other APs”
  • TX Neighbors – “How other APs hear me”

Configure Cisco NDP frequency

The frequency in which Neighbor Discovery Packets are sent out can be configured from the WLAN controller. By default, it is 180 seconds (3 minutes). It is recommended to keep this at the default.

The Channel Scan Interval is 180 seconds by default. Each channel dwell has to be completed within 180 seconds.

The Neighbor Timeout Factor is by default set to 5. This multiplier is multiplied by the Neighbor Packet Frequency value to come up with the timeout value. So with a default of 180 seconds for the Neighbor Packet Frequency x 5 = 900 seconds. This is the value used to determine when to prune access points from the neighbor list that have timed out.

If an AP were to disappear from the network, it would remain on other AP’s neighbor list until the pruning begins which is every 15 minutes.

Configuring NDP intervals in Cisco WLC.

To see these NDP packets over-the-air, I had two access points joined to my Cisco 2504 lab controller. Using Omnipeek, I set my adapter to to capture on Channel 64. I created a filter on the MAC address using addr(ethernet:’01:0B:85:00:00:00’).

In the screenshot below, notice the destination multicast address of 01:0B:85:00:00:00. Under the Relative Time column the NDP is sent out every 3 minutes, which is the default.

List of Cisco NDP packets in Omnipeek.

To find neighbor information using the Web GUI, click on the Monitor heading and on the left side, expand Access Points > Radios > Select radio.

Monitoring Cisco access points.

Then move your cursor all the way to the right and hover over the blue dropdown box to select Detail.

Selecting detailed under the 5GHz radio.

Cisco WLC displaying Rx neighbors based on NDP.

Use Command Line

Using the CLI, we can view nearby APs from the controller by selecting which AP to get the view from. There are three options to select from.
(Cisco Controller) >show ap auto-rf ?

802.11-abgn Display information for DualBand 802.11a/b/g/n.
802.11a Display information for 802.11a.
802.11b Display information for 802.11b/g.
802.11-abgn is used for APs with FRA.
802.11a displays information from the 5 GHz radio.
802.11b displays information from the 2.4 GHz radio.

Here’s truncated output from AP1 showing three neighboring APs.
(Cisco Controller)> show ap auto-rf 802.11a AP1
Nearby APs
AP 00:3a:7d:44:44:44 slot 1.................. -23 dBm on 36 20MHz ( AP4
AP 58:bc:27:33:33:33 slot 1.................. -18 dBm on 100 20MHz ( AP3
AP 58:bc:27:22:22:22 slot 1.................. -40 dBm on 44 20MHz ( AP2

View NDP via CLI on AP

Another great debugging command is to view the RM measurements occurring from the access point. NDP packets will be sent out on each channel as you can see in the output below. I’ve truncated the rest of the messages.
AP1#debug capwap rm measurements
CAPWAP RM Measurements display debugging is on
*Aug 23 18:17:46.016: CAPWAP_RM: Timer expiry
*Aug 23 18:17:46.016: CAPWAP_RM: Neighbor interval timer expired, slot 1, band 0
*Aug 23 18:17:46.016: CAPWAP_RM: Triggering neighbor request on ch index: 2
*Aug 23 18:17:46.016: CAPWAP_RM: Sending neighbor packet #2 on channel 44 with power 1 slot 1
*Aug 23 18:17:46.016: CAPWAP_RM: Scheduling next neighbor request on ch index: 3
*Aug 23 18:17:46.230: CAPWAP_RM: Notification for Request id: 4044, slot: 1, status 1
*Aug 23 18:17:46.230: CAPWAP_RM: Neighbor packet sent successfully on 44
*Aug 23 18:17:46.233: CAPWAP_RM: Notification for Request id: 4044, slot: 1, status 1
*Aug 23 18:17:46.233: CAPWAP_RM: Neighbor packet sent successfully on 44
*Aug 23 18:17:49.017: CAPWAP_RM: Timer expiry
*Aug 23 18:17:49.017: CAPWAP_RM: Neighbor interval timer expired, slot 1, band 0
*Aug 23 18:17:49.017: CAPWAP_RM: Triggering neighbor request on ch index: 3
*Aug 23 18:17:49.017: CAPWAP_RM: Sending neighbor packet #3 on channel 48 with power 1 slot 1
*Aug 23 18:17:49.017: CAPWAP_RM: Scheduling next neighbor request on ch index: 4
*Aug 23 18:17:49.159: CAPWAP_RM: Notification for Request id: 4048, slot: 1, status 1
*Aug 23 18:17:49.159: CAPWAP_RM: Neighbor packet sent successfully on 48
*Aug 23 18:17:49.162: CAPWAP_RM: Notification for Request id: 4048, slot: 1, status 1
*Aug 23 18:17:49.162: CAPWAP_RM: Neighbor packet sent successfully on 48
*Aug 23 18:17:52.018: CAPWAP_RM: Timer expiry
*Aug 23 18:17:52.018: CAPWAP_RM: Neighbor interval timer expired, slot 1, band 0
*Aug 23 18:17:52.018: CAPWAP_RM: Skipping neighor request chan 52; DFS channel
*Aug 23 18:17:52.018: CAPWAP_RM: Scheduling next neighbor request on ch index: 5
*Aug 23 18:17:53.327: CAPWAP_RM: Timer expiry

RM Neighbor debugging

Another debugging command at the AP level will display NDP packets being received from other APs, including those not in the same RF group.

AP1#debug capwap rm neighbor

CAPWAP RM Neighbor display debugging is on
*Aug 23 18:31:33.529: LWAPP NEIGHBOR: Pak size 104 from 58bc.27xx.xxxx, interface - 1

*Aug 23 18:31:33.529: LWAPP NEIGHBOR:  Updating existing neighbor 58bc.27xx.xxxx(1), rssi -35 on channel: 161 with encryption: 0

*Aug 23 18:31:33.529: LWAPP NEIGHBOR: Configured Antennas: 2, PA_POWER: 17, TPO_CONTRIBUTION: 3, Total NDP Power: 20

*Aug 23 18:31:33.529: LWAPP NEIGHBOR:  Neighbor update 58bc.27xx.xxxx(avg -36), new rssi -35, channel 161

*Aug 23 18:31:33.529: LWAPP NEIGHBOR: NDP-TLV: Received ndp-tlv payload

*Aug 23 18:31:33.529: LWAPP NEIGHBOR: NDP: copy TLV data to neighbor

*Aug 23 18:31:33.529: LWAPP NEIGHBOR: NDP Rx: From 58bc.27xx.xxxx RSSI [raw:norm:avg]=[-35:-35:-36] [Neigh Srv Chan: Neigh Off Chan : NDP Pwr]=[161:157:20  dB] Rcv Ch Max Pwr [20  dB]

*Aug 23 18:31:33.532: LWAPP NEIGHBOR: Pak size 76 from 58bc.27xx.xxxx, interface - 1

*Aug 23 18:31:33.532: LWAPP NEIGHBOR:  Updating existing neighbor 58bc.27xx.xxxx(1), rssi -36 on channel: 161 with encryption: 0

*Aug 23 18:31:33.532: LWAPP NEIGHBOR: Configured Antennas: 2, PA_POWER: 17, TPO_CONTRIBUTION: 3, Total NDP Power: 20

*Aug 23 18:31:33.532: LWAPP NEIGHBOR:  Neighbor update 58bc.27xx.xxxx(avg -36), new rssi -36, channel 161

*Aug 23 18:31:33.532: LWAPP NEIGHBOR: NDP Rx: From 58bc.27xx.xxxx RSSI [raw:norm:avg]=[-36:-36:-36] [Neigh Srv Chan: Neigh Off Chan : NDP Pwr]=[161:157:20  dB] Rcv Ch Max Pwr [20  dB]


We briefly went over the purpose of Cisco NDP, neighbor discovery protocol, and how crucial it is to the RRM algorithms. I showed you where in the WLC GUI you can make changes to the NDP intervals but it is not recommended to change them other than the Neighbor Timeout Factor interval. In addition to capturing the NDP messages over-the-air, we saw how to capture NDP and some other RRM functions using debug commands from the controller and the AP.
The content of this post was first published on