Tuesday, May 18, 2010

CCNA Wireless Official Exam Certification Guide IUWNE 640-721 [Brandon Carroll]

I received this book a couple of months ago, and couldn't devote much time to reading through it when I originally received it, but I sat down with it this evening & made some notes..


First off, I wish I'd had a book like this back in 2005 when I was first implementing Cisco's controller based unified wireless architecture.  I had to read deployment guides and release notes and piece together the information that is neatly contained in this book.


Chapers 1- 9 [Wireless LAN Fundamentals]

  • This section covers everything from the basic WLAN concepts, principles of RF, antennas, 802.11 protocols, AP discovery methods, and how packets are delivered from the wireless to the wired networks
    • The graphics used to show influences on wireless transmissions are very helpful to visualize the affect that different sources of 'interference' have on the RF signals
    • The antenna types section is very thorough and gives good examples of common antennas chosen for wireless deployments, as well as all the extra antenna connectors and hardware that might be required for outdoor deployments.
    • The diagrams of client communications [Fig 7-9 through Fig 7-18] are extremely helpful to visualize the flow of information from a client station through the WLAN and back again.
    • The section covering other wireless technologies is also very thorough in describing how a ZigBee WPAN operates.  ZigBee technology is often overlooked in discussions of wireless LANs, as are DECT phones and WiMAX, and it is good to see these technologies represented even if they are not a major part of the IUWNE exam.
Chapters 10 - 16 [Cisco Wireless LANs]

  • This section covers Cisco WLAN Architecture, controller discovery and association methods, client roaming, SNMP, migrating aIOS {autonomous APs} to LWAPP, the Cisco Mobility Express line of APs/controllers and wireless clients.
    • As Cisco's WLAN Architecture line is always evolving - the best place to read about Cisco's offerings is of course Cisco's website, but this section covers the basics of the access points and controllers that were available when this book was initially published (2009).  Since then Cisco has released the 1140, 3500, and 1520 series access points, along with the 5500 series controllers
    • The step by step process (Ch. 11) of how an AP joins a controller is always helpful when trying to pinpoint where in the join process the communication is breaking down between an AP and a controller.
    • Layer 2/Layer 3 Roaming is described in detail in Chapter 12, along with helpful visual aides to further diagram the roaming characteristics of each type of client roam method.
    • Migrating APs from IOS to LWAPP - this is something that we all do again and again - either the wrong AP SKU was ordered, you're performing a network migration - or are just testing/troubleshooting either IOS or LWAPP functionality - the upgrade process is defined in simple terms with visuals from the upgrade tools.
    • The only time I've personally seen the Cisco Mobility Express line of hardware was when I was assisting with beta testing back in '07 - but they serve a purpose for business cases where the scalability of the other lines of Cisco hardware is not necessary.  It is good to see this hardware covered in depth in this section, as most of us won't see this gear in person.
    • Wireless Clients - great screen captures of configuring Windows, Mac and Linux wireless clients with common wireless NICs, including how to configure the Cisco ADU, ACAU, and the Secure Services Client.
Chapters 17 - 20 (WLAN Maintenance and Administration)

  • These chapters cover securing the WLAN, enterprise management, maintaining & troubleshooting WLANs
    • This first chapter (Ch 17) is a good primer on WLAN attacks, WLAN security methods, and has nice diagrams showing the authentication/authorization information flow between the client, authenticator and authentication servers.
    • WCS is covered in depth in chapter 18, and this section is very helpful in describing the uses for WCS - management, reporting, auditing configurations, simulating wireless coverage and generating proposals based on RF simulations.
    • The troubleshooting section will be a good reference section for any wireless engineer - the most common debug commands are listed along with descriptions of the data generated by each of them, as well as defining common client-side issues.
Now although I have not used this book to study for or take the IUWNE exam 640-721, this book still serves as a reference guide for anyone just beginning to learn about the world of Cisco wireless LANs and Cisco wireless hardware (APs/controllers/WCS).  The information is presented in clear terms along with helpful visuals to reinforce the topics covered.  Brandon Carroll has done a wonderful job of covering a lot of very technical information without taking a deep-dive into the nuts and bolts of each of the topics covered.   This book is a primer for the next stage of reading materials (yet to be published) for the CCNP wireless track.  It is easier to begin to understand wireless networking through repeated layers of information.  This book is an excellent starting place for Cisco network engineers new to the line of Cisco wireless hardware, or the fundamentals behind the technology from Cisco's perspective.

Sunday, May 9, 2010

Power Injector States

as seen in Release Notes for Cisco Wireless LAN Controllers and Lightweight Access Points for Release 3.2.210.0 (very old, but explains the power states better than other versions' release notes do)
Power-over-Ethernet Parameters

Controller software supports power-over-Ethernet (PoE), also known as inline power, parameters for the AP1131 and the AP1242 in the controller GUI. To access these parameters, click Wireless and then the Detail link of the desired access point. The new parameters appear on the All APs > Details page under Power Over Ethernet Settings.
These parameters enable you to configure inline power and power injector settings for an AP1131 or AP1242:
Pre-Standard State—Check this check box if the access point is being powered by a high-power Cisco switch. These switches provide more than the traditional 6 Watts of power but do not support the intelligent power management (IPM) feature. These switches include:
WS-C3550, WS-C3560, WS-C3750,
C1880,
2600, 2610, 2611, 2621, 2650, 2651,
2610XM, 2611XM, 2621XM, 2650XM, 2651XM, 2691,
2811, 2821, 2851,
3620, 3631-telco, 3640, 3660,
3725, 3745,
3825, and 3845.
Do not check this check box if power is being provided by a power injector or by a switch not on this list.
Power Injector State—Check this check box to enable the power injector state for an access point. This parameter is required if the attached switch does not support IPM and a power injector is being used. This parameter is not required if the attached switch supports IPM.
Power Injector Selection—This parameter enables you to protect your switch port from an accidental overload if the power injector is inadvertently bypassed. It appears if you check the Power Injector State check box above. Choose one of these options from the drop-down box to specify the desired level of protection:
Installed—This option examines and remembers the MAC address of the currently connected switch port and assumes that a power injector is connected. Choose this option if your network contains older Cisco 6-Watt switches and you want to avoid possible overloads by forcing a double-check of any relocated access points.

Note Each time an access point is relocated, the MAC address of the new switch port will fail to match the remembered MAC address, and the access point will remain in low-power mode. You must then physically verify the existence of a power injector and reselect this option to cause the new MAC address to be remembered.

Override—This option allows the access point to operate in high-power mode without first verifying a matching MAC address. It is acceptable to use this option if your network does not contain any older Cisco 6-Watt switches that could be overloaded if connected directly to a 12-Watt access point. The advantage of this option is that if you relocate the access point, it continues to operate in high-power mode without any further configuration. The disadvantage of this option is that if the access point is connected directly to a 6-Watt switch, an overload will occur.
Foreign—This option causes the Injector Switch MAC Address parameter to appear. The Injector Switch MAC Address parameter allows the remembered MAC address to be modified by hand. Choose this option if you know the MAC address of the connected switch port and do not wish to automatically detect it using the Installed option.

Configuring an Access Point's Prestandard Power Setting

An access point can be powered by a Cisco prestandard 15-watt switch with Power over Ethernet (PoE) by entering this command:
config ap power pre-standard {enable | disable} {all | Cisco_AP}
A Cisco prestandard 15-watt switch does not support intelligent power management (IPM) but does have sufficient power for a standard access point. The following Cisco prestandard 15-watt switches are available:
AIR-WLC2106-K9
WS-C3550, WS-C3560, WS-C3750
C1880
2600, 2610, 2611, 2621, 2650, 2651
2610XM, 2611XM, 2621XM, 2650XM, 2651XM, 2691
2811, 2821, 2851
3631-telco, 3620, 3640, 3660
3725, 3745
3825, 3845
The enable version of this command is required for full functionality when the access point is powered by a Cisco prestandard 15-watt switch. It is safe to use if the access point is powered by either an IPM switch or a power injector or if the access point is not using one of the 15-watt switches listed above.
You might need this command if your radio operational status is "Down" when you expect it to be "Up." Enter the show msglog command to look for this error message, which indicates a PoE problem:
Apr 13 09:08:24.986 spam_lrad.c:2262 LWAPP-3-MSGTAG041: AP 00:14:f1:af:f3:40 is unable to verify sufficient in-line power. Radio slot 0 disabled.
When this command is enabled via the CLI - the output shown in the WLC GUI is this:
From ccie(w)

Sunday, May 2, 2010

srr-queue bandwidth shape/share

I found a good NetPro discussion regarding whether to shape or share with the srr-queue bandwidth command.  The last post in the discussion links to the 3750 configuration guide - the configuring QoS section where the default settings are shown, and more information about which queue is for what is clearly presented.


Excerpt from the Catalyst 3750 Switch Software Configuration Guide, 12.2(50)SE:
SRR Shaping and Sharing
Both the ingress and egress queues are serviced by SRR, which controls the rate at which packets are sent. On the ingress queues, SRR sends packets to the stack ring. On the egress queues, SRR sends packets to the egress port.
You can configure SRR on egress queues for sharing or for shaping. However, for ingress queues, sharing is the default mode, and it is the only mode supported.
In shaped mode, the egress queues are guaranteed a percentage of the bandwidth, and they are rate-limited to that amount. Shaped traffic does not use more than the allocated bandwidth even if the link is idle. Shaping provides a more even flow of traffic over time and reduces the peaks and valleys of bursty traffic. With shaping, the absolute value of each weight is used to compute the bandwidth available for the queues.
In shared mode, the queues share the bandwidth among them according to the configured weights. The bandwidth is guaranteed at this level but not limited to it. For example, if a queue is empty and no longer requires a share of the link, the remaining queues can expand into the unused bandwidth and share it among them. With sharing, the ratio of the weights controls the frequency of dequeuing; the absolute values are meaningless. Shaping and sharing is configured per interface. Each interface can be uniquely configured.
Shaped or Shared Mode
SRR services each queue-set in shared or shaped mode. You assign shared or shaped weights to the port by using the srr-queue bandwidth share weight1 weight2 weight3 weight4 or the srr-queue bandwidth shape weight1 weight2 weight3 weight4interface configuration commands. For an explanation of the differences between shaping and sharing, see the "SRR Shaping and Sharing" section.

Note You cannot assign shaped weights on 10-Gigabit interfaces.

The buffer allocation together with the SRR weight ratios control how much data can be buffered and sent before packets are dropped. The weight ratio is the ratio of the frequency in which the SRR scheduler sends packets from each queue.
All four queues participate in the SRR unless the expedite queue is enabled, in which case the first bandwidth weight is ignored and is not used in the ratio calculation. The expedite queue is a priority queue, and it is serviced until empty before the other queues are serviced. You enable the expedite queue by using the priority-queue out interface configuration command.
You can combine the commands described in this section to prioritize traffic by placing packets with particular DSCPs or CoSs into certain queues, by allocating a large queue size or by servicing the queue more frequently, and by adjusting queue thresholds so that packets with lower priorities are dropped. For configuration information, see the "Configuring Egress Queue Characteristics" section.

Note The egress queue default settings are suitable for most situations. You should change them only when you have a thorough understanding of the egress queues and if these settings do not meet your QoS solution.