With Flavien Richard
Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about how to overcome the challenges of planning, designing, deploying, and troubleshooting wireless networks with expert Flavien Richard.
High density, high availability, converged access, unified access, radio resource management, and site surveys: What do they have in common? They’re all complex and difficult to understand and implement properly, but there are tips and rules to follow that will make your life easier. Expert Flavien Richard will share best practices and make recommendations for the different phases, technologies, and features around enterprise wireless networks.
Flavien Richard is a technology solutions architect in the Borderless Networks team in France. He is an expert in wireless and mobility topics and serves as an escalation point of contact in the European theater. This gives him visibility over most of the biggest projects in EMEA. He is a technical interface between the Wireless business unit and Cisco customers, partners, and employees to help define and prioritize the new features and products for the mobility market. He is a frequent speaker and session manager at Cisco Live and other Cisco events on mobility. He also was a contributor to the writing of the first Wireless CCIE exams.
Remember to use the rating system to let Flavien know if you have received an adequate response.
Because of the volume expected during this event, Flavien might not be able to answer every question. Remember that you can continue the conversation in the Wireless Community, subcommunity Getting Started with Wireless shortly after the event. This event lasts through October 4, 2013. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.
Excellent Resource and Timely topic
Flavien thanks for taking on this topic :
This question/comment is to discuss/ designing networks and performing site surrveys. Especially those that are used to support smart phones. It has always been but more than ever becoming users portal to internet to avoid 3G/4G data charges with multimedia for video/voice application to include Netflix, Hulu, Skype, iTunes.
What is your recommendation for such environments? Granted we are moiving to the use 802.11a/n/ac in future devices Should the next design guides reflect that scenario ? Take on designing to support context awareness, location tracking since old guide requires at least from the clients perspective a minimum of 3 APs at -75dBm . Should we be changing that with these so called weaker devices with 802.11an/ac support ? I know you can sprinkle in some APs in Monitor mode. But what AP would you consider the best to use as a monitor mode AP given the presence of 802.11ac?
Thanks in advance.
If I understand your question well, you mainly want to know how to design a network with growing numbers of weaker transmitting devices that consume even more bandwidth than laptops, for instance?
First, I would say that you definitely have to use advanced MIMO technologies like MRC (Maximal Ratio Combining) to receive better than usual MLR (Most likely receiver) on 802.11n for those clients. By using MRC, you can virtually gain up to 3 to 4.5 dB of gain in your access point from those weaker devices.
Second, I would say that, as you mentioned, getting most of the clients on 5GHz compared to 2.4 GHz will greatly help, as there are so many more channels and you can bond multiple 20 MHz channels on this frequency, using 802.11n and 802.11ac, even with single spatial stream clients like the smartphones that you are referring to. BandSelect could be of help here.
Third, if you see that there is too much noise on the 2.4GHz coming from co-channel interference from your own APs, you can still disable, per AP, the "admin status" of the Radio, which will allow the AP to only service 5GHz, and therefore not add more potential co-channel interference in a crowded environment.
Last, you can deploy external antennas Access Points, with more directional antennas (patch most of the time - pointing downwards towards the clients), which will allow the AP to focus the reception on the area of antennas' Azimuth and Elevation planes. By doing this, the AP will essentially get better reception from the clients in its zone of coverage, and virtually filter out those clients that are not where the AP should be listening and talking to them. This will also allow RRM to reuse the same channel more often on the same floor, for instance, and will then allow more APs to be deployed in the same area with less interference overall between access points on the floor.
Regarding the Location tracking part of your question, what you mention is still valid. To do some kind of triangulation, the system has to see the client from at least 3 different access points. There are 2 ways to enhance the accuracy:
- you either get a beacon on multiple channels almost at the same time (this is the principle behind the active WiFi tags), so that APs on different channels can catch the signal and attach it to the same client,
- or you can use Access Points that are looking for multiple channels sequentially, so they can catch beacons coming from the same client on multiple channels (that is the principle behind the Monitor Mode AP).
In the case of 802.11ac, there still is a primary channel when you bond multiple channels together, so, the beacons can be heard from non 11ac access points in the neighborhood. Hence, an 802.11n access point in Monitor mode can still be working to listen to 11n and non-11n clients for context awareness. Nevertheless, as 802.11ac is going to have much fewer bonded channels than 11a/n, the 2.4GHz location advantage over 5GHz will be diminishing over time because, an 11ac deployment will use much less number of channels to listen to in order to do location tracking. Therefore, to combine 802.11ac and context awareness, it is a very good idea to use the 3600 with its 802.11ac module already, not as a Monitor mode AP, but as a normal servicing AP with clients and also do the Location tracking function at the same time.
Hope this answers your questions,
Thanks Sir. Appreciate the insight. Can you elaborate on the Coverage Hole Detection. Is it using RSSI or SNR as the means to adjust AP power?
There are conflicting documents that reference SNR , then RSSI values. Which is right ?
Since WLC version 5.0, the CHD (Coverage Hole Detection) algorithm has solely been using Client RSSI values.
Prior to that (3.x, 4.x), it used to be based on a calculation between the local noise and the client RSSI, creating a metric that could be assimilated to an SNR value.
Bottom line is: only RSSI for quite some time now...
-Fast Reconnect / Fast Transition
Is Fast Reconnect generally recommended for customers that use PEAP?
Does it work w/ both L2 & L3 roaming?
Ditto for Fast Transition.
Is there caveat w/ Fast Reconnect that we should watch out for?
Why does this Cisco doc suggest to disable Fast Reconnect as a troubleshooting step?
What is the expected behavior for L2 & L3 roaming in a FlexConnect deployment?
Are both supported, or only L2?
The main issue we see with Fast Reconnect is that it has to be BOTH on the client and on the Radius server (IAS, ACS, etc.) to work properly. If both are the same, there should be no issue, for L2 and L3 roaming, as long as the WLAN/SSID points out to the same Radius server in both the originating WLC and the destination WLC.
Please see this TechNet note for more info and the vulnerabilities to check out for: http://technet.microsoft.com/en-us/library/cc757996(v=WS.10).aspx
Regarding Fast Transition (802.11r), please have a look at this description and the "restrictions" section:
Eventually, regarding your question on FlexConnect roaming, indeed, and by design, the Fast Secure roaming can only happen at layer 2 between Access Points in local switching mode. A Layer 3 roam would mean that the client has to re-DHCP with local switching, which is not possible without a full reauthentication of the client, hence the only way of doing Fast Secure Roaming within the same subnet in FlexConnect local switching.
PS: In FlexConnect Central switching, as you cannot spread the same FlexConnect group in multiple controllers who would not be sharing the same subnet attached to the SSID, you cannot have a L3 roaming happening anyhow, so I restricted your question to FlexConnect local switching.
What are your recommendations for spacing the Access Points in an indoor environment? thanks in advance for your help on this.
If you are planning for regular coverage of 802.11n APs in an office environment (laptops, tablets, phones for data) and use omnidirectional antennas, the rule of thumb is to place the Access Points about 25 meters apart from each other.
If you need to do location tracking, Voice over Wireless LAN coverage, or high-density deployments, we are recommending to place Access Points 17 meters apart from each other, in general, with omnidirectional antennas.
Nevertheless, even though RRM is very powerful and should be used 99% of the time, a proper Site Survey of the building has to be conducted prior to the deployment of the Network, in order to determine the best coverage for a given facility, based on materials used for instance.
Flavien, in reference to RRM and making using RF Profiles adjusting the TPC thresholds . This question may seem all over the map ;but I think you will get the gist of my train of thought.
What is your recommendation of using RF profiles in multifloor buildings or do you just recommend it per entire building ? Have to consider data rates, roaming, etc. I know a proper physical site survey is key and alway recommended. However, from past and present experiences many make use of the WCS/NCS/Prime planning tools and base the AP layout on that model or through some other professional survey planning tool that recommends the layout.
Granted, not all buildings attenuate RF well, but with the better radios in the 3600s and the next 802.11ac capable AP from Cisco, I see more clients becoming sticky and gravitating to these radios because of the "better ears" per say.
I do see there is a means to limit the number of clients per AP and do recommend using that feature after dealing with the default of 200. Not sure if that is a realistic number to allow on an AP between the two bands, but again it depends on the application support.
Hence my concern with interfloor RF. Location tracking requires more ears (APs) to listen to the probe request of clients and report that back to the WLC so that the MSE can make sense of it then it can be mapped on the floor plans.
Is there such thing as" too many" APs in Monitor Mode for location tracking ? I do understand you can place the APs in local mode and "admin disable the 2.4 GHz radio for less CCI- that is common and you did mention that in a previous response.
Lastly: Since location tracking relies on client probes...if clients are not constantly probing /in sleep mode. Location accuracy can suffer significantly ?
Thanks in advance.
I think that this document should be a very good read for you if you haven't read it already:
This is the High Density Design Guide.
Most of the people who I am working with wouldn't take the time and effort to define all parameters differently for each floor of a building using AP Groups and RF profiles. What I usually see is the definition of special areas for high density, or with high ceilings with the specific TPC thresholds for this environment, and the standard RRM for the rest of the network.
Nevertheless, if you have the possibility and the willingness to go the extra mile and deploy it that way, this can be done, and you can even create a one-to-one AP to AP Group relationship in most of the WLCs (500 in the 5508, 1000 in the 5760 and WiSM-2, 6000 in the 7500 and 8500) except the 2504.
Regarding the rest of your questions:
- Is there such thing as" too many" APs in Monitor Mode for location tracking? --> No.
- [...] Location accuracy can suffer significantly ? --> Yes, absolutely, and this is why some Apps writers are forcing, on certain platforms, the device to send probes much more often, in order to improve network location visibility, and, therefore, accuracy.
Thanks Sir will reread the guide. This does clarify things . Mastering RRM should be a class all by itself : especially when it comes to deploying for high density or even location.
Sent from Cisco Technical Support iPad App
What is the best practice around new 3850 switches wireless management interface ? Is it good idea to have seperate mgt interface for wireless management different to switch management SVI ?
The wireless management interface and the switch management can be set independently in the same or in different vlans, as you know. There is no correlation between them. Nevertheless, one needs to take into account that the "wireless management interface" vlan has to be locally served on the switch as it needs to be the same as the directly attached access points to the 3850 switchports. If you have a deployment with numerous access points and use the same switch management and wireless management vlans in your entire network, you have to consider that each switch and each AP take an IP address in this spread management vlan, and then, it could make sense to separate wireless management interfaces' vlans geographically (one per wiring closet, or one per building), for instance, and not spread accross the network like your management vlan.
PS: it may seem obvious to many, but it may be worth mentioning to some that, like for the wired clients, wireless client access vlans should be set totally different from the AP vlan, especially if you use the same switch and wireless management vlan...
Thanks for the explaination & it helps. If this is the case I prefer to have seperate wireless mgt interface to sw mgt in order to better capacity planning (for wired sw & APs) & reporting perspective.
At the moment in my campus we are having L2-Access model (100s of 3750x/G stacks) with vlan span across multiple buildings with aggregation to dual 6506-E (no VSS yet). Therefore having two seperate /23 for SW-Mgt & WAP-Mgt for a given distribution block. We are in the process of moving to 3850 as standard access switch model & later on enable WLC functionality in each of the stacks.
Will this be problematic when moving to 3850 ? ie having 3850 wireless management vlan span on to multiple buildings. Is there any implications to mobility or any other aspects of this CA deployment.