02-05-2021 12:03 AM - edited 07-05-2021 01:11 PM
Hello everybody,
I have an educational environment with a Cisco WLC 2504 (8.5.140.00) and 55 access points of the type 1602I-E-K9 and 1832I-E-K9. The environment was planned beforehand with the help of an Ekahau site survey and checked with a site survey after the installation. The signal strength and interference values look good everywhere. There is a good connection via ping and test tools everywhere. A Palo Alto firewall is used as gateway to the Internet (50 Mbit / s symmetrical). The access points are supplied with PoE by 4 Cisco 3850 switches and the 4 WLANs are connected directly via FlexConnect.
Now to the problem: Due to the Corona crisis, Microsoft Teams has been used more and more for a few weeks and the employees notice every day that the connection via WiFi is jerky and hardly any video conference is possible. Often the picture stands for 4-5 seconds, so that lessons are hardly possible. The whole thing happens understandably even if there is only one device in the entire network and you are almost directly under an access point. If you then switch to a wired connection in the same Vlan, everything is great and the conference is stable. So the problem has to be related to the WiFi. I have already tried to adjust various parameters in the WLC but would like to have experiences from the community. Are QoS settings basically necessary and recommended? And what should they look like?
02-05-2021 12:32 AM
Likely some QoS settings which are critical for delivering realtime video services over Wi-Fi. Wireless QoS is different to wired due to it being a shared medium so you can't guarantee delivery, just provide the best possible chance of it transmitted first.
02-05-2021 01:50 AM - edited 02-05-2021 01:56 AM
Hello Ric,
thank you for the great help. I´m not very experienced with qos, so your explanations are very valuable.
As you wrote correctly, WMM is already configured. But QoS is silver on all WLANs. I will change it to platinum or is gold better because gold is described for video and platinum for voice?
Can I ignore the menu Wireless->Advanced->Qos with Preferred Calls, SIP Snooping and Fastlane?
and the menu Media under "802.11a/n/ac" and 802.11b/g/n?
Is this setting correct?
More questions will follow in a few minutes.
02-05-2021 02:05 AM
You wrote:
Enable trust-dscp-upstream globally - this is critical because Microsoft Skype (I'm not 100% sure if this carried over to teams) is known to not map the QoS UP Value correctly upstream (from client to AP) and so it ends up in the best effort queue. If you trust DSCP upstream, it marks correctly and the AP will honour that marking (EF) all the way through
So I have to choose the QoS Map default or enable? And then mark "Trust DSCP Upstream"?
02-05-2021 03:30 AM
Quick disclaimer: This is advice only! Hopefully it helps but please have a read through some Cisco Live presentations or other documentation to assist you before making changes :-).
The precious metal queues on WLANs can be misleading, setting platinum allows traffic to go up to EF or highest priority but doesn't mean it will all be set to that so unless you have voice specific networks I would enable platinum. Gold will work but remember you also have audio part of MS Teams / Webex, etc which will be marked as EF (platinum) by the application. That's why some calls will drop the video but you still get audio. Therefore by setting a ceiling of gold, you encourage both audio and video transmissions to drop out during times of congestion rather than audio getting that extra chance to transmit.
For QoS maps, set to enable and then trust dscp upstream (so both enabled).
Keep your platinum settings as they are above. The minor risk with default unicast being set to voice is applications that do not mark themselves as anything will get platinum upstream. To help control this it is vital to configure your wired policies are correctly classifying traffic at the L3 boundaries (or wherever you're marking DSCP) so that whenever it enters the Wireless domain (at WLC or AP level), it is correctly prioritised by the APs. Upstream is not as much of a problem because at the end of the day, you can't control what the clients mark the traffic at when they go to send it. Just to add another layer to this, you could set the default unicast to besteffort but then use AVC to mark MS Teams (if it can categorise it) as platinum. That will ensure Teams gets prio'd and 'anything else' that isn't marking gets put into best effort.
I wouldn't apply any EDCA profile without knowing its full impact so best to leave it as default.
02-08-2021 05:40 AM
Hello Ric,
I absolutely understand that your statements are only recommendations. Fortunately, I have an environment in which an emerging problem can be dealt with. In the last few days I have read many hours on the subject, with great information. Especially the https://mrncciew.com/ page is extremely good, but the topic is as of 2013/2014.
In summary, I have now configured the following:
-I have used Platinum QoS settings on WLC WLANS using MS Teams & WMM settings as “Allowed”
-Enable trust-dscp-upstream globally and enable QoS map
-Configured “mls qos trust dscp” on AP connected switch ports
-Configured “mls qos trust cos” on WLC connected trunk port (I'm not sure if I need that with FlexConnect)
My open questions:
-So, If wireless client device is WMM capable it will classify its application traffic into the user priorities(UP) & Access Categories (Voice-VO, Video-VI, Best Effort-BE, Background-BK) the Qos configuration should work?
-Is it really the case that if you set WMM on a WLAN to required, clients that do not support WMM they can´t connect? Then that would be an excellent method to find out whether a client supports WMM?
-Do I need a Qos trust configuration on the switch port to the Palo Alto firewall?
-Do I need a Qos trust configuration on the uplink port between switches when traffic goes from AP to switch - to switch - to switch - to firewall ?
My findings on AVC (Please correct if I'm wrong): I don't necessarily need AVC. I only need AVC if the wireless client does not mark the packets correctly. Teams are not yet included in the AVC packages in my version 8.5. This is only possible with 3504 or other WLCs.
Where I'm not sure yet is the question of whether using AVC Lync applications helps, see this thread:
https://community.cisco.com/t5/wireless/ms-team-and-wlc-best-practise-qos-avc-etc/td-p/4121744
02-05-2021 08:45 AM
Just curious, do you notice a difference when connected to a 1602 vs an 1832? The reason I ask is that the 1602 is 802.11n and the 1832 is ac, thus clients will prefer connecting to the 1832 vs connecting to the 1602. Have you also looked at the client devices and verified that the device has the latest nic firmware? This can help especially if its very old. I have never had to tinker with the QoS setting to be honest. Maybe making those changes are making things worse, I don't know, just guessing. Just to also let you know, I have a 2504 at home with around 6 access points. I work from home and have no issues with Teams or any other collaboration tools. I migrated to the 9800's and still no issue. My two kids have to use Teams for school and I also use Teams and have no issue at all. I run a Macbook Pro, my son uses my Surface Book and my daughter uses an HP or Dell that the school provided. Have you opened a TAC case for them to review your configuration also? Might be a WLAN setting that might be causing this issue.
02-08-2021 11:44 PM
-> The whole thing happens understandably even if there is only one device in the entire network and you are almost directly under an access point.
This sounds like some basic configuration issue, maybe not tied to the wireless. Do you have the same issues if a client is connected to the LAN instead of WLAN, but in the same VLAN?
If one of the WLAN clients has dropouts, do the dropouts also happen when sending a continuous ping to the gateway? And how is the latency, always around < 10 ms or way higher?
02-09-2021 12:41 AM
Hello patoberli,
if the same client is connected via RJ45 to the same vlan on the same switch like the AP the problem does not occur.
So it is demonstrably a problem that only occurs in WLAN. The ping time to the Internet is ~ 20-30 ms.
Ping time to the local gateway ist 1-3ms and there are nearly no ping drops.
02-09-2021 01:16 AM
Ok, this sounds intriguing. There are also no ping drops even if the video is freezing?
What is the output of a client (Windows) for the following command (entered in a cmd window):
netsh wlan show interface
02-09-2021 01:22 AM
Sorry, I´m not able to get this output for the next week from the location because we have holidays now .
02-10-2021 12:49 AM
@patoberli What information do you hope to get from the Windows client with this command?
02-10-2021 01:14 AM
Adapter name, Radio type, Authentication and Cipher, Receive and transmit rate and signal strength.
07-18-2022 11:16 AM
Hello. Curious if you were able to resolve the issues you experienced with Teams video for your wireless clients by making any QoS adjustments. Thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide