RE: high density wireless improvement features

2016-01-13 Thread Lee H Badman 
We've had problems with load balancing and band select in the past, significant 
enough that we're not running them now and generally do OK without. Absolutely 
override RRM in these scenarios. Would be curious to hear your approach to 
RX-SOP, as I've seen fairly conflicting info on it.

-Lee Badman
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Tariq Adnan
Sent: Wednesday, January 13, 2016 12:01 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] high density wireless improvement features


Hello everyone,



I am working on improving wireless performance in high density areas (lecture 
theaters, auditoriums etc) and doing research on some features. I would like to 
know if you people have made below changes and how was your experience with it 
? We're using cisco gear (3702i/e APs, WiSM2 controllers, Prime 3.0).



1-set channel and power manually (not use RRM) : reduce power to limit coverage 
and disable 2.4GHz radios on every 3rd/4th AP.

2-load-balancing

3-band-select

4-RX-SOP (already deployed and happy with it, channel utilization is dropped)

5-optimized roaming

6-please suggest if i am missing something



In our setup, same controller is handling APs from HD and non-HD (high density) 
environments. My concern is if i make change which is controller wide, for 
instance optimized roaming, it could improve performance in HD areas but what 
could it do to non-HD areas (APs far away from each other).



I am using airmagnet PRO and Prime planning tool for survey and planning 
purposes.



Thanks everyone for your precious time []



Cheers,

--



Tariq Adnan

Network Engineer

NSW, Australia
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] high density wireless improvement features

2016-01-13 Thread Jerry Bucklaew 

To ALL:

We have done a couple things to cover lecture halls.  The biggest 
is small beam width directional antennas.   The better you can carve up 
the airsppace, the better you are.  The other trick is RF-groups to play 
with min/max tx power.   I do not like manually setting anything but you 
do need to control min and max tx power in lecture halls.   Creating a 
rf-group for those spaces is perfect. We do load balancing and band 
select everywhere and I recommend both.  I have not played with rx-sop 
yet so have no comment.




On 01/13/2016 12:00 AM, Tariq Adnan wrote:


Hello everyone,


I am working on improving wireless performance in high density areas 
(lecture theaters, auditoriums etc) and doing research on some 
features. I would like to know if you people have made below changes 
and how was your experience with it ? We're using cisco gear (3702i/e 
APs, WiSM2 controllers, Prime 3.0).



1-set channel and power manually (not use RRM) : reduce power to limit 
coverage and disable 2.4GHz radios on every 3rd/4th AP.


2-load-balancing

3-band-select

4-RX-SOP (already deployed and happy with it, channel utilization is 
dropped)


5-optimized roaming

6-please suggest if i am missing something


In our setup, same controller is handling APs from HD and non-HD (high 
density) environments. My concern is if i make change which is 
controller wide, for instance optimized roaming, it could improve 
performance in HD areas but what could it do to non-HD areas (APs far 
away from each other).



I am using airmagnet PRO and Prime planning tool for survey and 
planning purposes.






**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] high density wireless improvement features

2016-01-13 Thread Robert Harris 

There were 2 aruba guides written that covered this topic very well, I 
recommend you read them. 



http://community.arubanetworks.com/t5/Validated-Reference-Design/Very-High-Density-802-11ac-Networks-Validated-Reference-Design/ta-p/230891



Also, if you're able to group the vhd APs into their own profiles, that would 
help a lot. You're correct in that the vhd changes would not be beneficial for 
non vhd areas.



Good luck!







Robert Harris
Manager of Network Services

Culinary Institute of America

1946 Campus Drive

Hyde Park, NY
845-451-1681

www.ciachef.edu 



Food is Life

Create and Savor Yours.™

 

Please consider the environment before printing this e-mail.



  
>>> Tariq Adnan  1/13/2016 12:00 AM >>>

 

Hello everyone,




I am working on improving wireless performance in high density areas (lecture 
theaters, auditoriums etc) and doing research on some features. I would like to 
know if you people have made below changes and how was your experience with it 
? We're using cisco gear (3702i/e APs, WiSM2 controllers, Prime 3.0).




1-set channel and power manually (not use RRM) : reduce power to limit coverage 
and disable 2.4GHz radios on every 3rd/4th AP.

2-load-balancing

3-band-select

4-RX-SOP (already deployed and happy with it, channel utilization is dropped)

5-optimized roaming

6-please suggest if i am missing something




In our setup, same controller is handling APs from HD and non-HD (high density) 
environments. My concern is if i make change which is controller wide, for 
instance optimized roaming, it could improve performance in HD areas but what 
could it do to non-HD areas (APs far away from each other).




I am using airmagnet PRO and Prime planning tool for survey and planning 
purposes.




Thanks everyone for your precious time 









Cheers,

--




Tariq Adnan

Network Engineer

NSW, Australia

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: Cisco Wireless LAN Controller Unauthorized Access Vulnerability

2016-01-13 Thread trent . hurt 
Also couple notices for cisco 1800 series ap

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-aironet


http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-air

-Original Message-
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Trent Hurt
Sent: Wednesday, January 13, 2016 11:55 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] FW: Cisco Wireless LAN Controller Unauthorized Access 
Vulnerability

FYI



-Original Message-
From: Wireless Issues in the JANET community 
[mailto:wireless-ad...@jiscmail.ac.uk] On Behalf Of Paul Hill (phill)
Sent: Wednesday, January 13, 2016 11:14 AM
To: wireless-ad...@jiscmail.ac.uk
Subject: Cisco Wireless LAN Controller Unauthorized Access Vulnerability

Hi folks,

For relevant Cisco-using colleagues, I'd like to draw your attention to a newly 
published Cisco PSIRT Advisory 
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-wlc

The advisory relates to a newly discovered, high severity vulnerability in the 
Cisco Wireless LAN Controller software that could result in a remote attacker 
being able to modify the configuration of the controller or causing a denial of 
service condition.

Free software updates are available to all affected customers and can be 
obtained directly from Cisco.com (for those with service contracts) or via the 
Cisco TAC (for those without service contracts).

Cisco Wireless LAN controllers running 7.6, 8.0 and 8.1 software versions 
before interim (escalation) builds 7.6.130.33, 8.0.120.7 and 8.1.120.5 are 
impacted. Current latest public builds 8.0.121.0 and 8.1.131.0 already include 
the fix. A fixed build of 7.6 is available via TAC request only as there are no 
further public rebuilds planned for 7.6. If you are currently running an 
escalation build other than a publicly downloadable build, please check via 
your support partner or with TAC before upgrading to ensure that your intended 
upgrade version still integrates the fixes your escalation image provides. If 
it doesn't, TAC will recommend the next available escalation release that 
includes everything.

If you're running a guest wireless SSID that uses WebAuth then you are most at 
risk and should plan to upgrade your wireless controller software as soon as 
possible.

Please review the full advisory details via the link above and if you have any 
questions or concerns, please don't hesitate to contact me or your support 
partner.

This is a wireless mailer, but of side relevance is a different PSIRT 
announcement that affects Identity Services Engine (ISE) here: 
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-ise

Regards,
Paul

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at 
https://urldefense.proofpoint.com/v2/url?u=http-3A__www.educause.edu_groups_=AwIFAg=SgMrq23dbjbGX6e0ZsSHgEZX6A4IAf1SO3AJ2bNrHlk=rtlMYUF4nwLIYnoG0qXTf9aFc5RLK7DMyf8lTMu__vs=q3L8JFNZQLLdbxJWeUOtZHekWMGvs1VI5VLTdJ7Vc9w=nd59EuGzTH06FueVNhEkLQXFHt21P3DjRt2smNfOhi8=
 .

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] high density wireless improvement features

2016-01-13 Thread Bruce Curtis 
Thanks.  Another thing I haven’t found is what is the default for radios.  Is 
the default Low or Medium for 2600s and 3600s?


> On Jan 13, 2016, at 6:47 PM, Samuel Clements  wrote:
> 
> "Also Optimized Roaming allows us to set a numerical value, we are not 
> limited to just High, Medium and Low."
> 
> For the record, RX-SOP also allows a numeric value - but that's not a reason 
> to prefer it over OR. Two entirely different functions.
> 
> RX-SOP numeric values can be set using the following:
> config 802.11b rx-sop threshold -79
> 
> as confirmed by the relevant show command:
> (Cisco Controller) >show 802.11b extended  
> 
> Default 802.11bg band Radio Extended Configurations:
> Beacon period: 100, range: 0 (AUTO);
> Multicast buffer: 0 (AUTO), rate: 0 (AUTO);
> RX SOP threshold: -79; CCA threshold: 0 (AUTO);
> 
> -Sam
> 
> 
> On Wed, Jan 13, 2016 at 5:24 PM, Bruce Curtis  wrote:
> 
> 
> > On Jan 13, 2016, at 7:55 AM, Lee H Badman  wrote:
> >
> > We’ve had problems with load balancing and band select in the past, 
> > significant enough that we’re not running them now and generally do OK 
> > without. Absolutely override RRM in these scenarios.
> 
>   We used Band Select for several years and were overall satisfied with the 
> improvement in percentage of clients connected to 5 GHz.  However last 
> semester that could have been related to Band Select.  We were seeing some 
> clients that were far from an AP have trouble connecting at 2.4 GHz because 
> we had the Band Select threshold high enough to cause Band Select to delay 
> the clients from connecting.  We lowered the threshold but then other 2.4 GHz 
> only clients that could reach two APs were connecting to the further away AP.
> 
>   We didn’t see an easy way to a Goldilocks setting and were not even sure 
> there was a Goldilocks setting.
> 
>   Our percentage of clients on 5 GHz was between 50 % and 60%.  We disabled 
> Band Select and the percentage only dropped slightly to a bit above 50 %.  So 
> since the clients were doing such a better job of preferring 5 GHz compared 
> to when we enable Band Select originally we just left it off.  While useful 
> originally it now seems like just an extra complication when troubleshooting.
> 
> 
> 
> 
> > Would be curious to hear your approach to RX-SOP, as I’ve seen fairly 
> > conflicting info on it.
> 
>   Here at NDSU we just exchanged some email internally about RX-SOP.
> 
> After reading about both I actually prefer the Optimized Roaming but 
> unfortunately that is only a Global setting and can’t be set in an RF profile.
> 
> Also Optimized Roaming allows us to set a numerical value, we are not limited 
> to just High, Medium and Low.
> 
> My one concern with Rx SoP is that we would be changing traffic from known 
> 802.11 traffic to noise.  It’s sort of like having traffic on channel 3 
> rather than channel 1,6 or 11.  If two APs are close on the same channel they 
> listen to each other and don’t step on each other’s traffic.  It’s not good 
> because then all clients on both APs are sharing a single channel.  But on 
> the other hand noise is unpredictable and will cause packet loss and 
> retransmissions, that is why it is better to use non-overlapping channels on 
> 2.4GHz.
> 
>  This link has some more info about Rx SoP.
> 
> http://www.revolutionwifi.net/revolutionwifi/2014/08/optimized-roaming-rssi-low-check-rx-sop.html
> 
> One thing it mentions is that Rx SoP has been around since version 7.2 or so. 
>  That should mean that Cisco has had time to shake out some of the bugs.  It 
> also has a nice example at the bottom with a diagram.  Looking at the diagram 
> I think we need to consider how beam steering affects the situation also.  
> Beam steering should make it less likely that traffic from AP 1 to Client 1 
> will be strong enough to interfere with Client 2 hearing traffic from AP 2.  
> But on the other hand if Client 1 were directly left of AP 1 and Client 2 
> were directly right of AP 2 then beam steering would make it more likely that 
> traffic from AP 1 to Client 1 would interfere with traffic from AP 2 to 
> Client 2.  So it could increase the variability of service clients see and 
> make it more difficult to troubleshoot.  Can’t be sure until we test it 
> though.
> 
> The link also mentions that Optimized Roaming can be set in an RF Profile.  
> That is not what I saw in the GUI but I have not checked the command line yet.
> 
> >  -Lee Badman
> > From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
> > [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU]On Behalf Of Tariq Adnan
> > Sent: Wednesday, January 13, 2016 12:01 AM
> > To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> > Subject: [WIRELESS-LAN] high density wireless improvement features
> >
> > Hello everyone,
> >
> > I am working on improving wireless performance in high density areas 
> > (lecture theaters, auditoriums etc) and

Re: [WIRELESS-LAN] high density wireless improvement features

2016-01-13 Thread Bruce Curtis 


> On Jan 13, 2016, at 7:55 AM, Lee H Badman  wrote:
> 
> We’ve had problems with load balancing and band select in the past, 
> significant enough that we’re not running them now and generally do OK 
> without. Absolutely override RRM in these scenarios.

  We used Band Select for several years and were overall satisfied with the 
improvement in percentage of clients connected to 5 GHz.  However last semester 
that could have been related to Band Select.  We were seeing some clients that 
were far from an AP have trouble connecting at 2.4 GHz because we had the Band 
Select threshold high enough to cause Band Select to delay the clients from 
connecting.  We lowered the threshold but then other 2.4 GHz only clients that 
could reach two APs were connecting to the further away AP.

  We didn’t see an easy way to a Goldilocks setting and were not even sure 
there was a Goldilocks setting.

  Our percentage of clients on 5 GHz was between 50 % and 60%.  We disabled 
Band Select and the percentage only dropped slightly to a bit above 50 %.  So 
since the clients were doing such a better job of preferring 5 GHz compared to 
when we enable Band Select originally we just left it off.  While useful 
originally it now seems like just an extra complication when troubleshooting.

  


> Would be curious to hear your approach to RX-SOP, as I’ve seen fairly 
> conflicting info on it.

  Here at NDSU we just exchanged some email internally about RX-SOP.

After reading about both I actually prefer the Optimized Roaming but 
unfortunately that is only a Global setting and can’t be set in an RF profile.

Also Optimized Roaming allows us to set a numerical value, we are not limited 
to just High, Medium and Low.

My one concern with Rx SoP is that we would be changing traffic from known 
802.11 traffic to noise.  It’s sort of like having traffic on channel 3 rather 
than channel 1,6 or 11.  If two APs are close on the same channel they listen 
to each other and don’t step on each other’s traffic.  It’s not good because 
then all clients on both APs are sharing a single channel.  But on the other 
hand noise is unpredictable and will cause packet loss and retransmissions, 
that is why it is better to use non-overlapping channels on 2.4GHz.

 This link has some more info about Rx SoP.  

http://www.revolutionwifi.net/revolutionwifi/2014/08/optimized-roaming-rssi-low-check-rx-sop.html

One thing it mentions is that Rx SoP has been around since version 7.2 or so.  
That should mean that Cisco has had time to shake out some of the bugs.  It 
also has a nice example at the bottom with a diagram.  Looking at the diagram I 
think we need to consider how beam steering affects the situation also.  Beam 
steering should make it less likely that traffic from AP 1 to Client 1 will be 
strong enough to interfere with Client 2 hearing traffic from AP 2.  But on the 
other hand if Client 1 were directly left of AP 1 and Client 2 were directly 
right of AP 2 then beam steering would make it more likely that traffic from AP 
1 to Client 1 would interfere with traffic from AP 2 to Client 2.  So it could 
increase the variability of service clients see and make it more difficult to 
troubleshoot.  Can’t be sure until we test it though.

The link also mentions that Optimized Roaming can be set in an RF Profile.  
That is not what I saw in the GUI but I have not checked the command line yet.

>  -Lee Badman
> From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
> [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU]On Behalf Of Tariq Adnan
> Sent: Wednesday, January 13, 2016 12:01 AM
> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> Subject: [WIRELESS-LAN] high density wireless improvement features
>  
> Hello everyone,
>  
> I am working on improving wireless performance in high density areas (lecture 
> theaters, auditoriums etc) and doing research on some features. I would like 
> to know if you people have made below changes and how was your experience 
> with it ? We're using cisco gear (3702i/e APs, WiSM2 controllers, Prime 3.0).
>  
> 1-set channel and power manually (not use RRM) : reduce power to limit 
> coverage and disable 2.4GHz radios on every 3rd/4th AP.
> 2-load-balancing
> 3-band-select
> 4-RX-SOP (already deployed and happy with it, channel utilization is dropped)
> 5-optimized roaming
> 6-please suggest if i am missing something
>  
> In our setup, same controller is handling APs from HD and non-HD (high 
> density) environments. My concern is if i make change which is controller 
> wide, for instance optimized roaming, it could improve performance in HD 
> areas but what could it do to non-HD areas (APs far away from each other).
>  
> I am using airmagnet PRO and Prime planning tool for survey and planning 
> purposes.
>  
> Thanks everyone for your precious time 
>  
> Cheers,
> --
>  
> Tariq Adnan
> Network Engineer
> NSW, Australia
> ** Participation and subscription information for this EDUCAUSE 
>

Re: [WIRELESS-LAN] high density wireless improvement features

2016-01-13 Thread Samuel Clements 
"Also Optimized Roaming allows us to set a numerical value, we are not
limited to just High, Medium and Low."

For the record, RX-SOP also allows a numeric value - but that's not a
reason to prefer it over OR. Two entirely different functions.

RX-SOP numeric values can be set using the following:
*config 802.11b rx-sop threshold -79*

as confirmed by the relevant show command:
(Cisco Controller) >show 802.11b extended

Default 802.11bg band Radio Extended Configurations:
Beacon period: 100, range: 0 (AUTO);
Multicast buffer: 0 (AUTO), rate: 0 (AUTO);
*RX SOP threshold: -79; CCA threshold: 0 (AUTO);*

-Sam


On Wed, Jan 13, 2016 at 5:24 PM, Bruce Curtis  wrote:

>
>
> > On Jan 13, 2016, at 7:55 AM, Lee H Badman  wrote:
> >
> > We’ve had problems with load balancing and band select in the past,
> significant enough that we’re not running them now and generally do OK
> without. Absolutely override RRM in these scenarios.
>
>   We used Band Select for several years and were overall satisfied with
> the improvement in percentage of clients connected to 5 GHz.  However last
> semester that could have been related to Band Select.  We were seeing some
> clients that were far from an AP have trouble connecting at 2.4 GHz because
> we had the Band Select threshold high enough to cause Band Select to delay
> the clients from connecting.  We lowered the threshold but then other 2.4
> GHz only clients that could reach two APs were connecting to the further
> away AP.
>
>   We didn’t see an easy way to a Goldilocks setting and were not even sure
> there was a Goldilocks setting.
>
>   Our percentage of clients on 5 GHz was between 50 % and 60%.  We
> disabled Band Select and the percentage only dropped slightly to a bit
> above 50 %.  So since the clients were doing such a better job of
> preferring 5 GHz compared to when we enable Band Select originally we just
> left it off.  While useful originally it now seems like just an extra
> complication when troubleshooting.
>
>
>
>
> > Would be curious to hear your approach to RX-SOP, as I’ve seen fairly
> conflicting info on it.
>
>   Here at NDSU we just exchanged some email internally about RX-SOP.
>
> After reading about both I actually prefer the Optimized Roaming but
> unfortunately that is only a Global setting and can’t be set in an RF
> profile.
>
> Also Optimized Roaming allows us to set a numerical value, we are not
> limited to just High, Medium and Low.
>
> My one concern with Rx SoP is that we would be changing traffic from known
> 802.11 traffic to noise.  It’s sort of like having traffic on channel 3
> rather than channel 1,6 or 11.  If two APs are close on the same channel
> they listen to each other and don’t step on each other’s traffic.  It’s not
> good because then all clients on both APs are sharing a single channel.
> But on the other hand noise is unpredictable and will cause packet loss and
> retransmissions, that is why it is better to use non-overlapping channels
> on 2.4GHz.
>
>  This link has some more info about Rx SoP.
>
>
> http://www.revolutionwifi.net/revolutionwifi/2014/08/optimized-roaming-rssi-low-check-rx-sop.html
>
> One thing it mentions is that Rx SoP has been around since version 7.2 or
> so.  That should mean that Cisco has had time to shake out some of the
> bugs.  It also has a nice example at the bottom with a diagram.  Looking at
> the diagram I think we need to consider how beam steering affects the
> situation also.  Beam steering should make it less likely that traffic from
> AP 1 to Client 1 will be strong enough to interfere with Client 2 hearing
> traffic from AP 2.  But on the other hand if Client 1 were directly left of
> AP 1 and Client 2 were directly right of AP 2 then beam steering would make
> it more likely that traffic from AP 1 to Client 1 would interfere with
> traffic from AP 2 to Client 2.  So it could increase the variability of
> service clients see and make it more difficult to troubleshoot.  Can’t be
> sure until we test it though.
>
> The link also mentions that Optimized Roaming can be set in an RF
> Profile.  That is not what I saw in the GUI but I have not checked the
> command line yet.
>
> >  -Lee Badman
> > From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:
> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU]On Behalf Of Tariq Adnan
> > Sent: Wednesday, January 13, 2016 12:01 AM
> > To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> > Subject: [WIRELESS-LAN] high density wireless improvement features
> >
> > Hello everyone,
> >
> > I am working on improving wireless performance in high density areas
> (lecture theaters, auditoriums etc) and doing research on some features. I
> would like to know if you people have made below changes and how was your
> experience with it ? We're using cisco gear (3702i/e APs, WiSM2
> controllers, Prime 3.0).
> >
> > 1-set channel and power manually (not use RRM) : reduce power to limit
> coverage and disable 2.4GHz

RE: [WIRELESS-LAN] high density wireless improvement features

2016-01-13 Thread Rick . Decaro 
We are struggling a bit with our HD areas on campus as well.How many AP’s 
is everyone using in their auditorium/lecture halls related to the amount of 
seats they have?

We use Cisco Meraki gear here at Logan University so I’d be interested if 
anyone with experience with the product has any suggestions for configuration 
changes we can make to improve performance in high density areas like 
classrooms.

Thanks,

Rick DeCaro
(636)230-1911
rick.dec...@logan.edu

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Becker, Jason
Sent: Wednesday, January 13, 2016 9:20 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] high density wireless improvement features

I’m curious the size/seating capacity of your auditoriums/lecture halls?  I 
believe our larger rooms hold around 300-400 and have a very similar setup.


Jason

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
> 
on behalf of Lee H Badman >
Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv 
>
Date: Wednesday, January 13, 2016 at 7:55 AM
To: 
"WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU" 
>
Subject: Re: [WIRELESS-LAN] high density wireless improvement features

We’ve had problems with load balancing and band select in the past, significant 
enough that we’re not running them now and generally do OK without. Absolutely 
override RRM in these scenarios. Would be curious to hear your approach to 
RX-SOP, as I’ve seen fairly conflicting info on it.

-Lee Badman
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Tariq Adnan
Sent: Wednesday, January 13, 2016 12:01 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] high density wireless improvement features


Hello everyone,



I am working on improving wireless performance in high density areas (lecture 
theaters, auditoriums etc) and doing research on some features. I would like to 
know if you people have made below changes and how was your experience with it 
? We're using cisco gear (3702i/e APs, WiSM2 controllers, Prime 3.0).



1-set channel and power manually (not use RRM) : reduce power to limit coverage 
and disable 2.4GHz radios on every 3rd/4th AP.

2-load-balancing

3-band-select

4-RX-SOP (already deployed and happy with it, channel utilization is dropped)

5-optimized roaming

6-please suggest if i am missing something



In our setup, same controller is handling APs from HD and non-HD (high density) 
environments. My concern is if i make change which is controller wide, for 
instance optimized roaming, it could improve performance in HD areas but what 
could it do to non-HD areas (APs far away from each other).



I am using airmagnet PRO and Prime planning tool for survey and planning 
purposes.



Thanks everyone for your precious time []



Cheers,

--



Tariq Adnan

Network Engineer

NSW, Australia
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] high density wireless improvement features

2016-01-13 Thread Samuel Clements 
Hi all! I'm new to the list (well, I've been lurking for a while), but this
seems to be a good time to say hi! High Density being near and dear to my
heart - I'd give the following guidance:

1) Don't underestimate your gear if you have good equipment. It's not a
stretch for a Cisco 2700/3700 to support 100+ active association (shameless
self-plug: http://nsashow.com/AP2700/).
2) There is such a thing as too much RF. If you're not disabling all but 3
2.4GHz radios in a single room, you're not disabling enough of them. If you
see two APs on the same channel (as a general rule) and they're both above
-80dBm, you're not adding any capacity to your RF. In fact, you're hurting
yourself.
3) Use narrow channels in 5GHz (20MHz), always. There is an overwhelming
need for density of users (aggregate throughput), not individual
throughput. This is one of the best ways to leverage the finite amount of
air we have to use.
4) Use all channels in 5GHz including 2e/DFS channels. The more channels
the better. If you're using a sane RRM product (Cisco does this for sure),
RRM will try to avoid stacking 2e channels next to each other. In the event
you have a client that doesn't support a channel you're using, this
improves the likely hood that they can still function on a further AP.
5) Once you hit a number of APs that matches the number of 5GHz channels
you have deployed, be very cautious about channel overlap (this is the same
as rule 2, just in 5GHz and further away).
6) Design for RRM and enable RRM (sorry Lee!). If you know how RRM works
(there are many and numerous white papers and Cisco Live sessions on the
specifics of how AP layout impacts RRM), you can safely run it without
shooting yourself in the foot. I can't speak to ARM since there doesn't
seem to be a good guide on how it actually works. 99% of the time, RRM
works every time. The great thing about Cisco RRM is that you can watch the
CLI of the process and it will tell you exactly what it's doing and why
it's doing it. Use min and max thresholds if you can't get it to do what
you'd like.
7) Use RF Groups to segregate your high density areas from other areas of
your campus. This allows you to tweak and tune your HD area without
impacting other users.
8) Use RX-SOP only when you've violated rules 2 and 5 and use it sparingly.
RX-SOP is like a brick wall. Once you hit it, your clients fall off into
never never land.

I hope that helps! There is a ton of guidance that can be given for
designing cells (using directional antennas, stadium antennas with narrow
beams from far away, APs under seats, in walls, etc) but those are covered
in great detail elsewhere and all of the above advice can be taken
regardless of antenna or location of installation.
  -Sam


On Tue, Jan 12, 2016 at 11:00 PM, Tariq Adnan  wrote:

> Hello everyone,
>
>
> I am working on improving wireless performance in high density areas
> (lecture theaters, auditoriums etc) and doing research on some features. I
> would like to know if you people have made below changes and how was your
> experience with it ? We're using cisco gear (3702i/e APs, WiSM2
> controllers, Prime 3.0).
>
>
> 1-set channel and power manually (not use RRM) : reduce power to limit
> coverage and disable 2.4GHz radios on every 3rd/4th AP.
>
> 2-load-balancing
>
> 3-band-select
>
> 4-RX-SOP (already deployed and happy with it, channel utilization is
> dropped)
>
> 5-optimized roaming
>
> 6-please suggest if i am missing something
>
>
> In our setup, same controller is handling APs from HD and non-HD (high
> density) environments. My concern is if i make change which is controller
> wide, for instance optimized roaming, it could improve performance in HD
> areas but what could it do to non-HD areas (APs far away from each other).
>
>
> I am using airmagnet PRO and Prime planning tool for survey and planning
> purposes.
>
>
> Thanks everyone for your precious time [image: ]
>
>
> Cheers,
>
> --
>
>
> Tariq Adnan
>
> Network Engineer
>
> NSW, Australia
>
> ** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

Re: [WIRELESS-LAN] high density wireless improvement features

2016-01-13 Thread Becker, Jason 
I’m curious the size/seating capacity of your auditoriums/lecture halls?  I 
believe our larger rooms hold around 300-400 and have a very similar setup.


Jason

From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
> 
on behalf of Lee H Badman >
Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv 
>
Date: Wednesday, January 13, 2016 at 7:55 AM
To: 
"WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU" 
>
Subject: Re: [WIRELESS-LAN] high density wireless improvement features

We’ve had problems with load balancing and band select in the past, significant 
enough that we’re not running them now and generally do OK without. Absolutely 
override RRM in these scenarios. Would be curious to hear your approach to 
RX-SOP, as I’ve seen fairly conflicting info on it.

-Lee Badman
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Tariq Adnan
Sent: Wednesday, January 13, 2016 12:01 AM
To: 
WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] high density wireless improvement features


Hello everyone,



I am working on improving wireless performance in high density areas (lecture 
theaters, auditoriums etc) and doing research on some features. I would like to 
know if you people have made below changes and how was your experience with it 
? We're using cisco gear (3702i/e APs, WiSM2 controllers, Prime 3.0).



1-set channel and power manually (not use RRM) : reduce power to limit coverage 
and disable 2.4GHz radios on every 3rd/4th AP.

2-load-balancing

3-band-select

4-RX-SOP (already deployed and happy with it, channel utilization is dropped)

5-optimized roaming

6-please suggest if i am missing something



In our setup, same controller is handling APs from HD and non-HD (high density) 
environments. My concern is if i make change which is controller wide, for 
instance optimized roaming, it could improve performance in HD areas but what 
could it do to non-HD areas (APs far away from each other).



I am using airmagnet PRO and Prime planning tool for survey and planning 
purposes.



Thanks everyone for your precious time []



Cheers,

--



Tariq Adnan

Network Engineer

NSW, Australia
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.
** Participation and subscription information for this EDUCAUSE 
Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

FW: Cisco Wireless LAN Controller Unauthorized Access Vulnerability

2016-01-13 Thread trent . hurt 
FYI



-Original Message-
From: Wireless Issues in the JANET community 
[mailto:wireless-ad...@jiscmail.ac.uk] On Behalf Of Paul Hill (phill)
Sent: Wednesday, January 13, 2016 11:14 AM
To: wireless-ad...@jiscmail.ac.uk
Subject: Cisco Wireless LAN Controller Unauthorized Access Vulnerability

Hi folks,

For relevant Cisco-using colleagues, I'd like to draw your attention to a newly 
published Cisco PSIRT Advisory 
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-wlc

The advisory relates to a newly discovered, high severity vulnerability in the 
Cisco Wireless LAN Controller software that could result in a remote attacker 
being able to modify the configuration of the controller or causing a denial of 
service condition.

Free software updates are available to all affected customers and can be 
obtained directly from Cisco.com (for those with service contracts) or via the 
Cisco TAC (for those without service contracts).

Cisco Wireless LAN controllers running 7.6, 8.0 and 8.1 software versions 
before interim (escalation) builds 7.6.130.33, 8.0.120.7 and 8.1.120.5 are 
impacted. Current latest public builds 8.0.121.0 and 8.1.131.0 already include 
the fix. A fixed build of 7.6 is available via TAC request only as there are no 
further public rebuilds planned for 7.6. If you are currently running an 
escalation build other than a publicly downloadable build, please check via 
your support partner or with TAC before upgrading to ensure that your intended 
upgrade version still integrates the fixes your escalation image provides. If 
it doesn't, TAC will recommend the next available escalation release that 
includes everything.

If you're running a guest wireless SSID that uses WebAuth then you are most at 
risk and should plan to upgrade your wireless controller software as soon as 
possible.

Please review the full advisory details via the link above and if you have any 
questions or concerns, please don't hesitate to contact me or your support 
partner.

This is a wireless mailer, but of side relevance is a different PSIRT 
announcement that affects Identity Services Engine (ISE) here: 
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-ise

Regards,
Paul

**
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.

RE: [WIRELESS-LAN] high density wireless improvement features

2016-01-13 Thread Lee H Badman 
Hi Sam-

Great stuff. Point of clarification: I’m not trouncing RRM wholesale, not at 
all. We use it and generally it is a force multiplier and quite good. But… 
there are scenarios where it doesn’t do so well and that’s where it can’t read 
your mind. Like RRM doesn’t know in spots that you were stuck doing down the 
hallway builds, and so can be too aggressive in lowering power. I’ve found in 
some single-room dense environments it can be wonky as well, especially if your 
“OK, now change yourself as you see fit” interval is too short. For critical 
auditoriums, bypassing RRM has been a gain for me… But I also get why people 
use it end to end and say if it works for you, rock on.

Nice to see you on the list, Old Man.

-Lee


From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
[mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Samuel Clements
Sent: Wednesday, January 13, 2016 11:14 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] high density wireless improvement features

Hi all! I'm new to the list (well, I've been lurking for a while), but this 
seems to be a good time to say hi! High Density being near and dear to my heart 
- I'd give the following guidance:

1) Don't underestimate your gear if you have good equipment. It's not a stretch 
for a Cisco 2700/3700 to support 100+ active association (shameless self-plug: 
http://nsashow.com/AP2700/).
2) There is such a thing as too much RF. If you're not disabling all but 3 
2.4GHz radios in a single room, you're not disabling enough of them. If you see 
two APs on the same channel (as a general rule) and they're both above -80dBm, 
you're not adding any capacity to your RF. In fact, you're hurting yourself.
3) Use narrow channels in 5GHz (20MHz), always. There is an overwhelming need 
for density of users (aggregate throughput), not individual throughput. This is 
one of the best ways to leverage the finite amount of air we have to use.
4) Use all channels in 5GHz including 2e/DFS channels. The more channels the 
better. If you're using a sane RRM product (Cisco does this for sure), RRM will 
try to avoid stacking 2e channels next to each other. In the event you have a 
client that doesn't support a channel you're using, this improves the likely 
hood that they can still function on a further AP.
5) Once you hit a number of APs that matches the number of 5GHz channels you 
have deployed, be very cautious about channel overlap (this is the same as rule 
2, just in 5GHz and further away).
6) Design for RRM and enable RRM (sorry Lee!). If you know how RRM works (there 
are many and numerous white papers and Cisco Live sessions on the specifics of 
how AP layout impacts RRM), you can safely run it without shooting yourself in 
the foot. I can't speak to ARM since there doesn't seem to be a good guide on 
how it actually works. 99% of the time, RRM works every time. The great thing 
about Cisco RRM is that you can watch the CLI of the process and it will tell 
you exactly what it's doing and why it's doing it. Use min and max thresholds 
if you can't get it to do what you'd like.
7) Use RF Groups to segregate your high density areas from other areas of your 
campus. This allows you to tweak and tune your HD area without impacting other 
users.
8) Use RX-SOP only when you've violated rules 2 and 5 and use it sparingly. 
RX-SOP is like a brick wall. Once you hit it, your clients fall off into never 
never land.

I hope that helps! There is a ton of guidance that can be given for designing 
cells (using directional antennas, stadium antennas with narrow beams from far 
away, APs under seats, in walls, etc) but those are covered in great detail 
elsewhere and all of the above advice can be taken regardless of antenna or 
location of installation.
  -Sam


On Tue, Jan 12, 2016 at 11:00 PM, Tariq Adnan 
> wrote:

Hello everyone,



I am working on improving wireless performance in high density areas (lecture 
theaters, auditoriums etc) and doing research on some features. I would like to 
know if you people have made below changes and how was your experience with it 
? We're using cisco gear (3702i/e APs, WiSM2 controllers, Prime 3.0).



1-set channel and power manually (not use RRM) : reduce power to limit coverage 
and disable 2.4GHz radios on every 3rd/4th AP.

2-load-balancing

3-band-select

4-RX-SOP (already deployed and happy with it, channel utilization is dropped)

5-optimized roaming

6-please suggest if i am missing something



In our setup, same controller is handling APs from HD and non-HD (high density) 
environments. My concern is if i make change which is controller wide, for 
instance optimized roaming, it could improve performance in HD areas but what 
could it do to non-HD areas (APs far away from each other).



I am using airmagnet PRO and Prime planning tool for survey and planning 
purposes.



Thanks everyone for your precious time []



Cheers,

--

Re: [WIRELESS-LAN] high density wireless improvement features

2016-01-13 Thread Frans Panken 
In addition to what Sam shared (thanks!), I think Aruba did a very good
job with their very detailed description of very high density design
that is well applicable for other vendors:
http://community.arubanetworks.com/t5/Validated-Reference-Design/Very-High-Density-802-11ac-Networks-Validated-Reference-Design/ta-p/230891
-Frans

Op 13/01/16 om 17:14 schreef Samuel Clements:
> Hi all! I'm new to the list (well, I've been lurking for a while), but
> this seems to be a good time to say hi! High Density being near and
> dear to my heart - I'd give the following guidance:
>
> 1) Don't underestimate your gear if you have good equipment. It's not
> a stretch for a Cisco 2700/3700 to support 100+ active association
> (shameless self-plug: http://nsashow.com/AP2700/).
> 2) There is such a thing as too much RF. If you're not disabling all
> but 3 2.4GHz radios in a single room, you're not disabling enough of
> them. If you see two APs on the same channel (as a general rule) and
> they're both above -80dBm, you're not adding any capacity to your RF.
> In fact, you're hurting yourself.
> 3) Use narrow channels in 5GHz (20MHz), always. There is an
> overwhelming need for density of users (aggregate throughput), not
> individual throughput. This is one of the best ways to leverage the
> finite amount of air we have to use.
> 4) Use all channels in 5GHz including 2e/DFS channels. The more
> channels the better. If you're using a sane RRM product (Cisco does
> this for sure), RRM will try to avoid stacking 2e channels next to
> each other. In the event you have a client that doesn't support a
> channel you're using, this improves the likely hood that they can
> still function on a further AP.
> 5) Once you hit a number of APs that matches the number of 5GHz
> channels you have deployed, be very cautious about channel overlap
> (this is the same as rule 2, just in 5GHz and further away).
> 6) Design for RRM and enable RRM (sorry Lee!). If you know how RRM
> works (there are many and numerous white papers and Cisco Live
> sessions on the specifics of how AP layout impacts RRM), you can
> safely run it without shooting yourself in the foot. I can't speak to
> ARM since there doesn't seem to be a good guide on how it actually
> works. 99% of the time, RRM works every time. The great thing about
> Cisco RRM is that you can watch the CLI of the process and it will
> tell you exactly what it's doing and why it's doing it. Use min and
> max thresholds if you can't get it to do what you'd like.
> 7) Use RF Groups to segregate your high density areas from other areas
> of your campus. This allows you to tweak and tune your HD area without
> impacting other users.
> 8) Use RX-SOP only when you've violated rules 2 and 5 and use it
> sparingly. RX-SOP is like a brick wall. Once you hit it, your clients
> fall off into never never land.
>
> I hope that helps! There is a ton of guidance that can be given for
> designing cells (using directional antennas, stadium antennas with
> narrow beams from far away, APs under seats, in walls, etc) but those
> are covered in great detail elsewhere and all of the above advice can
> be taken regardless of antenna or location of installation.
>   -Sam
>
>
> On Tue, Jan 12, 2016 at 11:00 PM, Tariq Adnan  > wrote:
>
> Hello everyone,
>
>
> I am working on improving wireless performance in high density
> areas (lecture theaters, auditoriums etc) and doing research on
> some features. I would like to know if you people have made below
> changes and how was your experience with it ? We're using cisco
> gear (3702i/e APs, WiSM2 controllers, Prime 3.0).
>
>
> 1-set channel and power manually (not use RRM) : reduce power to
> limit coverage and disable 2.4GHz radios on every 3rd/4th AP.
>
> 2-load-balancing
>
> 3-band-select
>
> 4-RX-SOP (already deployed and happy with it, channel utilization
> is dropped)
>
> 5-optimized roaming
>
> 6-please suggest if i am missing something
>
>
> In our setup, same controller is handling APs from HD and non-HD
> (high density) environments. My concern is if i make change which
> is controller wide, for instance optimized roaming, it could
> improve performance in HD areas but what could it do to non-HD
> areas (APs far away from each other).
>
>
> I am using airmagnet PRO and Prime planning tool for survey and
> planning purposes.
>
>
> Thanks everyone for your precious time 
>
>
> Cheers,
>
> --
>
>
> Tariq Adnan
>
> Network Engineer
>
> NSW, Australia
>
> ** Participation and subscription information for this
> EDUCAUSE Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>
>
> ** Participation and subscription information for this
> EDUCAUSE Constituent Group discussion list can be found at
> http://www.educause.edu/groups/.
>


**
Participation