Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
703
Views
0
Helpful
2
Replies

Catalyst 9800 timers for devices information

JPavonM
VIP
VIP

‎01-14-2021 11:08 AM - edited ‎07-05-2021 01:00 PM

Anybody from Cisco to share some detail about timers for internal information about devices (client devices and APs) to appear as disconnected in Catalyst 9800?

What I mean is that when a client disconnect from the LAP and join to another infrastructure, C9800 shows that client connected in the output for "show wireless client summary" and "show wireless client mac <MAC> detail". This information is there until few minutes, maybe waiting for the client to roam or reconnect. The same happen to APs when the CAPWAP tunnel goes down or the AP is off.

The thing is that showing cached information harden any troubleshooting efford for the operators and administrators, as we need to wait for that information timer to expire for the devices to appear actually not connected.

The only way to verify that information is to go to the latest AP where the client was connected to. For the APs is to look into the switch where the AP is connected to.

The main question is why? The AP could send that information in real time once it happen, or even some seconds after waiting for the EAP timer if the client has disconnected.

Is that something that could be customized?

0 Helpful
2 Replies 2

Grendizer
Cisco Employee
Cisco Employee

‎01-21-2021 10:38 AM

This is to avoid denial of service, meaning, from the config guide https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/17-3/config-guide/b_wl_17_3_cg/m_vewlc_802_11w.html

The controller will ignore disassociation or deauthentication frames sent by the clients if they are not using 802.11w PMF. The client entry will only get deleted immediately upon reception of such a frame if the client uses PMF. This is to avoid denial of service by malicious device since there is no security on those frames without PMF.

This is the same for AireOS too.

There is another case, if client move between two WLCs that don’t share mobility between them you will see the same thing (the client will be reported as connected from the old WLC up to 5 minutes “default” before the WLC will delete it.

Another case when client move between two WLCs that have mobility between them but the APs in Flex Local switching (don’t know why anyone would configure such deployment but it is a case) in this scenario, there will be no mobility packets between the two WLCs to inform the other WLC to delete the client from the old WLC.

0 Helpful

JPavonM
VIP
VIP
In response to Grendizer

‎01-21-2021 11:09 PM

Sorry Grendizer but maybe I have explained myself badly. I'm looking for "device information timeout" from "show" commands.

If you invoke "show wireless clien summary" or "show ap summary" you can see devices that are not currently there for a certain ammount of time, because they've left of they have connectivity problems. This way you cannot do a real troubleshooting, you actually need to go to the AP to have real-time information.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card