Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1737
Views
20
Helpful
6
Replies

STICK_CACHE_SIZE_EXCEEDED: Sticky cache can't be supported for 9th AP

Karel Navratil
Level 1
Level 1

‎03-11-2013 03:33 AM - edited ‎07-03-2021 11:42 PM

Hi,

it's possible to somehow increase the sticky cache? 9 APs is not enough.

STICK_CACHE_SIZE_EXCEEDED: Sticky cache can't be supported for 9th AP.Client MAC 44:2b:03:55:f4:c0.

Thanks

K.

Labels:
0 Helpful
6 Replies 6

maldehne
Cisco Employee
Cisco Employee

‎03-11-2013 03:53 AM

sticky caching is only supported for 8 APs

----------------------------------------------------------------------

Please make sure to rate correct answers

Karel Navratil
Level 1
Level 1
In response to maldehne

‎03-11-2013 04:02 AM

Why so low number? I thought if WLC supports 500 APs and 7000 clients so caching for all would be very useful.

0 Helpful

maldehne
Cisco Employee
Cisco Employee
In response to Karel Navratil

‎03-11-2013 04:12 AM

If you want that to happen then the memory allocated for one client will starve others

-----------------------------------------------------------------------------------------------------------------------

Please make sure to rate correct answers

Karel Navratil
Level 1
Level 1
In response to maldehne

‎03-11-2013 04:17 AM

I supposed, that the controller which costs a lot of money should be optimized for this. I would be thankful at least for 30ty APs ...

0 Helpful

maldehne
Cisco Employee
Cisco Employee
In response to Karel Navratil

‎03-11-2013 04:39 AM

contact your account manager and ask for PER

---------------------------------------------------------------------------------------------------------------------------

Please make sure to flag this thread as answered

Deepika Bharadwaj
Cisco Employee
Cisco Employee

‎05-04-2015 11:01 AM

The controller appears to be configured with sticky key caching (SKC).

You can verify if a WLAN is configured for SKC with: show wlan wlan_id

With sticky key caching, the client receives and stores a different PMKID for every AP it associates with. The APs also maintain a database of the PMKID issued to the client.

In SKC, the client stores each Pairwise Master Key ID (PMKID) against a Pairwise Master Key Security Association (PMKSA). When a client finds an AP for which it has the PMKSA, it sends the PMKID in the association request to the AP. If the PMKSA is alive in the AP, the AP provides support for fast roaming. In SKC, full authentication is done on each new AP to which the client associates and the client must keep the PMKSA associated with all APs. For SKC, PMKSA is a per AP cache that the client stores and PMKSA is pre-calculated based on the BSSID of the new AP.

 

With sticky key caching the end device after completing full 802.1x authentication caches the PMKID for that AP. When it roams to the next AP say AP2 it has to complete re-authentication again. It caches the PMKID for this as well. Now when it roams back to the first AP it gives the PMKID in the re-association request. The controller uses this and realizes that the client is authenticated and just goes ahead with the four way handshake. So the client HAS TO authenticate to each new AP that it goes to.

 

Now this works fine in a small setup due to a limitation on the controller. The controller can cache upto 8 PMKID'S for each client. So the client can roam to 8 AP's again and again without requiring 802.1x authentication. However if it goes to a ninth AP this will required re-authentication (even if the client has previously roamed to this AP) as the controller will not have the necessary PMKID.

 

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card