Category Archives: Cisco Wireless Configurations

Category for sharing the configuration related practices for Cisco Wireless LAN equipment.

Wireless Access Point Hostname Character Limitation and recommendation

Cisco Wireless Configurations

Introduction

One amongst the most overlooked configuration in Wireless LAN is the Wireless Access Point hostnames. Few network administrators leave the

Hostnames to their factory shippped defaults, while few will use all the characters that are permissible (for instance 32 characters in Cisco) to make the name self-illustrative.

Both approaches have their own disadvantages and the rather recommended limit is of only 15 characters as will be illustrated in preceding section.

Disadvantages of Leaving the Wireless Access Point Hostnames to their defaults

By default the Wireless Access Points comes with their hostnames as their mac address typically appended by character “AP”. This approach is rather considered a most careless approach since once we see Wireless Access Point(s) going down on the Wireless LAN Controller / Network Management Solution, it would be difficult to determine which specific location of an Access Point has gone down.

On the contrary having a meaningful AP host name which depicts the location of an Access Point makes it lot more easier to determine the area of compromise and also the to take an appropriate action. These actions could include verifying the PoE status on the AP’s switchport, rectify the patch cord related issues or identify similar issues and accordingly address them for the specific AP identified through its descriptive Hostname.

Disadvantages of Using the Wireless Access Point Hostnames with its full permissible limits.

Vendors like Cisco does allow the AP hostnames to be of up to 32 characters. This has a major drawback during troubleshooting when we are require to take Over the Air Packet captures and the information element would be restricted with only 15 characters in length.

The snippets below reflects the configured AP Hostname characters and those reflected in the IE Element of Wireshark Packet capture.

Configured AP Hostname

Reflected AP Hostname

Recommended Wireless Access Point Hostnames

Its thus recommended to use the Wireless Access Point Hostnames which are self descriptive and also at the same time well within the character limit of 15 else any hostname that is beyond 15 character will not get reflected in the OTA packet captures.

In order to meet this requirement, its recommended to develop a naming convention document for your project/ site wherein shorter length codes are used to signify the campus, building & Floor name or number. Based on your site (indoor/ outdoor) you will have to innovate accordingly so as to have it well within 15 characters. Below table is one such example.

Please follow and like us:
error
fb-share-icon
Tweet
fb-share-icon

Upgrading Cisco WLC Code in HA

Cisco Wireless Configurations

Step 1: Evaluate the image that you wish to put on the WLC

Look for the Cisco suggested image

For the deployments which are not particular about availing the most recent features, its always a safer approach to look for Cisco suggest image. This is generally depicted by having a “star” beside the image on CCO page.

https://software.cisco.com/download/home/281189496

  • OR-

Evaluate the release notes to determine the image that has the features you require

https://www.cisco.com/c/en/us/support/wireless/wireless-lan-controller-software/products-release-notes-list.html

Step 2: Evaluate the WLC code compatibility matrix

The WLAN infrastructure traditionally comprises of Cisco WLC, Prime, CMX and MSE (wIPS). Thus while planning to upgrade the WLC code, it quite essential to evaluate the code compatibility matrix as you may be required to consider upgrading these components as well.

The compatibility matrix could be found at:

https://www.cisco.com/c/en/us/td/docs/wireless/compatibility/matrix/compatibility-matrix.html

Step 3: Identity the upgrade path

When ever we are trying to upgrade the WLC image to the latest available code, identifying the upgrade path is quite essential. If the WLC is running a very older code, then it may be required to proceed with step upgrade by moving to the intermediate image and then the image of interest.

The current Cisco WLC code available at the time of writing is 8.8.x and in order to have this code the minimum code, the WLC should be running is 8.5.x

Step 4: Preliminary tasks before the schedule of code upgrade

a.      Make sure no firewall policies are changed.

Evaluate if there has been any changes to the firewall policies. When a network is being deployed, people generally prefer allowing communication between infrastructure devices. Once the network matures, deployments generally prefer introducing stringent firewall rules allowing communication between only specific devices and on specific ports.

The unique part is, these firewall policies would not immediately be seen taking into effect for the already established TCP sessions between the network devices. The moment we reset these TCP sessions (in our case the reload of WLC resulting from code upgrade), the existing TCP session would go down and firewall rules to only allow specific communication kicks in. If the firewall rules misses to have any communication between the networking equipment then they would not be able to communicate.

 Following link from Cisco give an elaborative list of port communication that needs to be taken into consideration: https://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/113344-cuwn-ppm.html#anc8

b.      Download a suitable TFTP / FTP server

c.      Get the configuration back up

d.      Get the cli output of “show run-config”, “show ap summary” & “show client summary”

Helps evaluate the state of AP and client association pre & post WLC code upgrade

(WLC1) >show ap summary

Number of APs……………………………… 341

Global AP User Name………………………… admin

Global AP Dot1x User Name…………………… Not Configured

Global AP Dot1x EAP Method………………….. EAP-FAST

(WLC1) >show client summary

Number of Clients………………………….. 2380

Number of PMIPV6 Clients……………………. 0

Number of EoGRE Clients…………………….. 0

e.      Get the cli output of “show nmsp subscription detail”

Helps identify WLC communication with CMX, MSE and CMX connector before code upgrade

Step 5 : Plan for downtime

The code upgrade procedure will have the WLC and APs to reload and thus the adequately planned time has to be evaluated.

The downtime would be dependent on the number of APs in the network.

Step 6 : WLC and AP pre-image download

WLC image pre-download

Issue the “show boot” on primary WLC to obtain the current status of Active and standby image currently available on the WLC

Active WLC:

(WLC1) >show boot

Primary Boot Image…………………………. 8.8.111.0 (default) (active)

Backup Boot Image………………………….. 8.7.106.0

Standby WLC:

(WLC1-Standby) >show boot

Primary Boot Image…………………………. 8.8.111.0 (default) (active)

Backup Boot Image………………………….. 8.7.106.0

While the WLCs are operating in box to box HA, the code on them cannot be upgraded separately.

 The code has to be first uploaded on the primary which automatically gets pushed on to the standby. Once the active WLC is successfully upgraded, the active WLC executes all the upgrade scripts and transfers the entire image to the Standby WLC using the Redundant Port.

Standby WLC starts executing the upgrade scripts upon receiving the entire image on the active WLC.

Verification of WLC image pre-download

On the WLC is uploaded with the desired image of interest, cross check from the

(WLC1) >show boot

Primary Boot Image…………………………. 8.8.120.0 (default) (active)

Backup Boot Image………………………….. 8.8.111.0

(WLC1-Standby) >show boot

Primary Boot Image…………………………. 8.8.120.0 (default) (active)

Backup Boot Image………………………….. 8.8.111.0

Ap Image pre-download

Verify the status of AP image before initiating AP image pre-download
Initiate AP image pre-download
Verify the AP pre-downloaded image is reflected
Swap the Primary and Backup image on the AP

Issue the command “Config ap image swap all”.

Swapping of image on AP further reduces the downtime because of the following sequence during code upgrade process:

  1. WLC will be rebooted to come up with the new image from flash (marked as primary)
  2. During the course of APs failing to find the WLC for it under reload process, will also undergo a reload and comes up with the preloaded image.
  3. Once the APs send the join request, WLC responds with the image version that the WLC is running.
  4. The APs compares its running image with the image version the WLC has responded with.
  5. If the image is same, the AP reloads and joins the controller.

Step 7 : Once the code is successfully copied on primary and secondary WLC, reload the WLCs

Verify the time taken for WLC and APs to comes up with new code

Time taken by WLC to come up with new code was around 3 Mins 15 seconds

Time taken for all APs to show up on the WLC was around 4 mins 47 seconds

After over 90 seconds of WLC coming up, all the 340 AP were seen up on the WLC.

Time taken for all APs to get reflected with upgraded code was around 7 mins 45 seconds

Conclusion

A properly planned WLC code upgrade activity would take only over 7 mins 45 seconds for 340 APs. The only exceptions to these would be:

  1. Flex connect APs
  2. Local mode APs connected behind the WGBs.

For above two scenarios with the AP pre-image download my take very longer time.

Please follow and like us:
error
fb-share-icon
Tweet
fb-share-icon