Header Only - DO NOT REMOVE - Extreme Networks
Question

Roaming issue

  • 29 May 2020
  • 5 replies
  • 250 views

Hi.

I deploy the AP7532 in the warehouse. We are using totally 52 Access Point.

Sometimes the roaming is not working properly, specially when the operators with Zebra MC9190 terminal in telnet is moving from one AP to another when the AP’s are connected to different switches (Dell N2048P) the telnet is delayed for some 3-4 seconds.

I have no Idea what is going on. Could you help me?

 

!

! Configuration of AP7532 version 5.9.8.0-002R

!

!

version 2.7

!

!

ip access-list BROADCAST-MULTICAST-CONTROL

 permit tcp any any rule-precedence 10 rule-description "permit all TCP traffic"

 permit udp any eq 67 any eq dhcpc rule-precedence 11 rule-description "permit DHCP replies"

 deny udp any range 137 138 any range 137 138 rule-precedence 20 rule-description "deny windows netbios"

 deny ip any 224.0.0.0/4 rule-precedence 21 rule-description "deny IP multicast"

 deny ip any host 255.255.255.255 rule-precedence 22 rule-description "deny IP local broadcast"

 permit ip any any rule-precedence 100 rule-description "permit all IP traffic"

!

ip snmp-access-list default

 permit any

!

firewall-policy default

 no ip dos smurf

 no ip dos twinge

 no ip dos invalid-protocol

 no ip dos router-advt

 no ip dos router-solicit

 no ip dos option-route

 no ip dos ascend

 no ip dos chargen

 no ip dos fraggle

 no ip dos snork

 no ip dos ftp-bounce

 no ip dos tcp-intercept

 no ip dos broadcast-multicast-icmp

 no ip dos land

 no ip dos tcp-xmas-scan

 no ip dos tcp-null-scan

 no ip dos winnuke

 no ip dos tcp-fin-scan

 no ip dos udp-short-hdr

 no ip dos tcp-post-syn

 no ip dos tcphdrfrag

 no ip dos ip-ttl-zero

 no ip dos ipspoof

 no ip dos tcp-bad-sequence

 no ip dos tcp-sequence-past-window

 no ip-mac conflict

 no ip-mac routing conflict

 no ipv6 strict-ext-hdr-check

 no ipv6 unknown-options

 no ipv6 duplicate-options

 no ipv6 option strict-hao-opt-check

 no ipv6 option strict-padding

 no ipv6 dos multicast-icmpv6

 no ipv6 dos hop-limit-zero

 no ipv6 dos tcp-intercept-mobility

 no stateful-packet-inspection-l2

 no ipv6-mac conflict

 no ipv6-mac routing conflict

!

!

mint-policy global-default

!

wlan-qos-policy default

 qos trust dscp

 qos trust wmm

!

radio-qos-policy default

!

wlan Stampanti

 ssid MAGAZZINO2

 vlan 524

 bridging-mode local

 encryption-type tkip-ccmp

 authentication-type none

 no broadcast-ssid

 no answer-broadcast-probes

 wpa-wpa2 psk 0 xxxxxxxxx

 wpa-wpa2 exclude-wpa2-tkip

 wpa-wpa2 tkip-countermeasures hold-time 0

 no service wpa-wpa2 group-replay

 data-rates 2.4GHz custom basic-2 1 5.5 6 9 11 12 18 24 36 48 54

 wireless-client count-per-radio 200

 use ip-access-list out BROADCAST-MULTICAST-CONTROL

!

wlan "Terminali nuovi"

 ssid MAGAZZINO

 vlan 523

 bridging-mode local

 encryption-type ccmp

 authentication-type none

 fast-bss-transition

 no fast-bss-transition over-ds

 wpa-wpa2 psk 0 xxxxxxxx

 wpa-wpa2 exclude-wpa2-tkip

 wpa-wpa2 tkip-countermeasures hold-time 0

 no service wpa-wpa2 group-replay

 wireless-client count-per-radio 200

 use ip-access-list out BROADCAST-MULTICAST-CONTROL

!

smart-rf-policy Noventa

 group-by area

 assignable-power 5GHz max 20

 assignable-power 5GHz min 10

 assignable-power 2.4GHz max 20

 assignable-power 2.4GHz min 14

 channel-list 5GHz 36,40,44,48

 no select-shutdown

 no coverage-hole-recovery

 neighbor-recovery dynamic-sampling

!

!

management-policy default

 no telnet

 no http server

 https server

 rest-server

 no ftp

 ssh

 user admin password 1 xxxxxxxxxx role superuser access all

  snmp-server community 0 private rw

 snmp-server community 0 public ro

 snmp-server user snmptrap v3 encrypted des auth md5 0 admin123

 snmp-server user snmpmanager v3 encrypted des auth md5 0 admin123

 idle-session-timeout 4320

!

profile ap7532 AP7532-Noventa

 use enterprise-ui

 ip default-gateway 10.10.22.254

 no autoinstall configuration

 no autoinstall firmware

 crypto ikev1 policy ikev1-default

  isakmp-proposal default encryption aes-256 group 2 hash sha

 crypto ikev2 policy ikev2-default

  isakmp-proposal default encryption aes-256 group 2 hash sha

 crypto ipsec transform-set default esp-aes-256 esp-sha-hmac

 crypto ikev1 remote-vpn

 crypto ikev2 remote-vpn

 crypto auto-ipsec-secure

 crypto load-management

 crypto remote-vpn-client

 interface radio1

  data-rates custom basic-2 5.5 6 9 11 12 18 24 36 48 54

  wlan "Terminali nuovi" bss 1 primary

  wlan Stampanti bss 2 primary

  antenna-gain 3.0

  aggregation ampdu max-aggr-size tx 2000

  probe-response rssi-threshold -70

  no adaptivity recovery

 interface radio2

  shutdown

  no dfs-rehome

  no adaptivity recovery

 interface ge1

  switchport mode trunk

  switchport trunk allowed vlan 522-524

  switchport trunk native vlan 522

 interface vlan522

  description Management

  ip address dhcp

 interface pppoe1

 use firewall-policy default

 ntp server 10.10.10.100

 rf-domain-manager capable

 logging on

 logging buffered debugging

 logging forward debugging

 service pm sys-restart

 router ospf

 adoption-mode controller

!

rf-domain default

 timezone Europe/Rome

 country-code it

 use smart-rf-policy Noventa

 control-vlan 522

!

ap7532 74-67-F7-A4-F6-18

 use profile AP7532-Noventa

 use rf-domain default

 hostname AP41

 area Gelo

 interface radio1

  shutdown

 interface vlan522

  ip address 10.10.22.41/24

 interface vlan523

  ip address 10.10.23.190/24

!

!

end


5 replies

Userlevel 6
Badge

Hi,

 

Is it mainly when originating and destination APs are connected to different switches?

For roaming, APs talk to each other over user’s data VLAN with WNMP messages (L2 multicast frames) to exchange session information. I’m not sure, but I’d check how “far” on the wired side it is for such two APs to exchange WNMP frames?

You could also try to run:

remote-debug wireless rf-domain default clients A0-B0-C0-D0-E0-F0 events all (or maybe ‘events management wpa-wpa2’)

And see how events occur on the APs as the client decides to move and moves.

Is it possible to be a cell overlap (design, TxP) or roaming agressiveness (client settings) issue? Does it happen with only particular client devices among entire group of them of one kind? Does it happen only with particular APs-on-a-different-switch pair?

 

Hope that helps,

Tomasz

Hi Tomasz,

my answers:

Is it mainly when originating and destination APs are connected to different switches? Yes

Does it happen with only particular client devices among entire group of them of one kind?

I try several type of devices: Android phones (3-4 types of them) with telnet emulation like Mocha or Velocity – everything ok, WT6000 Zebra with Velocity everything ok, MC3300 Zebra with Velocity everything ok, and instead all this terminals have a problem : Zebra TC8000, Zebra MC92N0 or Motorola 9090 or 9190 – emulation is lagging for 2/3 seconds (sometimes 5/6 seconds) on every ap-switch change (ap’s on on same switch with this devices have no problem).

Does it happen only with particular APs-on-a-different-switch pair? Yes

Best regards.

Gulic

Userlevel 6

As Tomas mentioned, take one of the problematic clients and run the remote-debug and watch it while it roams.

#remote-debug wireless rf-domain <rfd> clients <MAC> max-events 1000 duration 600 events management

 

It unsure, also run the remote-debug against one of the clients that is NOT having this issue and compare the two.

 

Something odd about the config you posted though.

In the main Profile, radio-1 is operating and radio-2 is shutdown.  But...in the override section, radio-1 is shutdown.  For this particular AP41, both radios are shutdown. 

Does the config you posted here reflect how all of the APs are operating?

 

Also, as a test, try removing this configuration from radio-1 configuration:

probe-response rssi-threshold -70

Without this configuration, have the problematic client roam again and see if there’s any difference.

Also, I see that you have FT (11r/fast roaming) enabled on one of the WLANs.  Some older client drivers don’t behave well with FT.   If the clients you are having a problem with are using this WLAN (  ssid MAGAZZINO), I would try disabling FT temporarily and check the roam time again.

 

Hi, sorry for delay but i do more tests with extreme tech support and with dell tech support, no good news.

Our headquarters consists of the part of the warehouse, about 20k square meters and of an office building which is 100/150 meters far away. The peripheral switches are the same, N2048P, the core switches are S4048-ON. For the AP world in stock we have chosen the Extreme AP7532 devices with which we encounter already known problems.  Switch core is using vlt config with vrrp and peer routing activated.

 

For curiosity, I connected and I did the same operations done in the warehouse also in the office building which as wireless has the Aerohive AP230 and AP250 devices. These devices are in no way linked to the warehouse equipment, they have their own management, their radio profile, dedicated vlan, etc ...

 

Moving between the three floors of the building and then simply roaming between the various floors with the use of the telnet protocol I am experiencing the same problems also present in the warehouse. I experience a kind of lag of 3 - 4 seconds each time when the AP and the switch change. Between the AP of the same switch no prb. I tried several devices: two different win10 PCs, the phones - Android, the warehouse terminals. The result is the same, lag is present.

So in my opinionthere is something anomalous that does not turn correctly and that at least on the warehouse side has been simply mitigated with very strong config while in the case of Aerohives where the config are the basic ones the problem is noticed and how.

  
Userlevel 6

gulic,

 

So it sounds like from your description that you are experiencing this problem on two completely different wireless infrastructures.  But it seems that the backend network is common between these two wireless networks? (same core switches, etc)

 

I’d advise going back into the warehouse and and running this remote-debug command and watch the traffic flow during the roam.  If this is happening on both wireless systems, It would seem that there is something happening upstream of the APs that is causing the delay you are seeing.

#remote-debug wireless rf-domain <rfd> clients <MAC> max-events 1000 duration 600 events all

Reply