![]() You can check the keep-alives (both control and data): (Cisco Controller) >debug capwap dtls-keepalive enable (Cisco Controller) >*capwapsockettask: Jun 01 06:21:40.031: 08:cc:68:b4:46:c0 Data Keepalive received on IP, port 5247 *capwapsockettask: Jun 01 06:21:40.031: 08:cc:68:b4:46:c0 Data Keepalive packet reflected back to :62319 *capwapsockettask: Jun 01 06:22:01.594: 3c:ce:73:1a:09:60 Data Keepalive received on IP, port 5247 *capwapsockettask: Jun 01 06:22:01.594: 3c:ce:73:1a:09:60 Data Keepalive packet reflected back to :43147 Cisco Confidential 8ġ0 Wired Guest Access on WLC 2500 You can now create a Guest LAN interface on 2500 to support wired guest access Cisco Confidential 10ġ2 2.1: We will Send any Vendor-Specific Attributes you Want! A customer wants to add some VSAs to RADIUS Accounting messages generated by clients on a particular SSID Another customer wants to add a different set of VSAs but to both RADIUS Authentication and Accounting messages How can we scale such requests?! Easy: Allow them to define it for themselves! In 8.0, the Service Provider can teach the old WLC new VSAs This is done by importing an XML-like text file that teaches the WLC: 1. It is enabled by default and runs every 30 seconds. 8.0 is the answer to this problem! Cisco Confidential 7Ĩ CAPWAP: Data Tunnel Keep-Alive Support A workaround was to use CAPWAP DTLS (as it supports keep-alives over the data DTLS tunnel) In 8.0 CAPWAP data also has a keep-alive. ![]() Resetting the AP or the internet connection (the default end-user behavior) will temporarily resolve the issue, which makes the root cause even more illusive. ![]() The AP can remain in this limbo for an unpredictable amount of time. The AP assumes the data path is still good, while the internet FW may be dropping those packets because the original source port number is no longer valid! (Ex: Assigned to different flow with the same ephemeral source port number while the original tunnel translation was no longer in the table). (Note: Maximum AP count supported is still 200) Cisco Confidential 6ħ CAPWAP: Data Tunnel Keep-Alive Support SPs looking to provide managed wireless services often face the need to place an AP behind an internet router (or FW) doing Port Address Translation (PAT) Routers time out a UDP PAT translation from its table after 5 minutes of inactivity Presently, regular keep-alives are sent over the CAPWAP Control Tunnel, but not over the CAPWAP Data tunnel This can lead to a situation where an AP has its control connection to the WLC active and fresh on the FW, while the Data packets are being black-holed. ![]() 1 8.0 Update WLC Enhancements Jerome Henry Technical Marketing Engineer Enterprise Networking Market Strategy August 2014Ģ Agenda AP and Scale Features 1 slider vwlc: 6K clients - 1 slide CAPWAP: Data Tunnel Keep-Alive Support 1 slide PPPoE Client on FlexConnect - 1 slide Wired Guest Access on slide Security and RADIUS-Related Features Vendor Specific AVPs - simplify HTTPS Support for WebAuth 1 slide Cisco Confidential 2ģ Agenda Ease of Management Features Changes to SSID and WLAN Profile Name 1 slide Ping From Dynamic Interfaces 1 slide show run-config startup-commands 1 slide AP Telnet & SSH Enhancements 1 slide Alternate Color Scheme for the WLC GUI 1slide Cisco Confidential 3Ĥ Agenda Ease of Management Features (Cont.) Local Profiling Update OUI / Device Profiles list - cover in detail v Support Apple - cover in detail r Mixed WLAN - cover in detail DHCP Relay Sub-Options - 1 slide Cisco Confidential 4Ħ vwlc: 100% Increase in the Number of Clients!! Service Providers = Large Scale + Cost Awareness There has been an SP movement to offer managed Wi-Fi services to Hospitality and SMB Among their top challenges in this business model: Limit of SSIDs per WLC Overlapping IP address space support The vwlc is a very good fit to address those immediate SP needs today And with 8.0: The vwlc supports up to 6,000 wireless clients. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |