Jaroslav Čížek, CiscoDuben 2019
Přehled, způsob nasazení, konfigurace, troubleshooting
Bezdrátové kontrolery Cisco C9800
Cisco TechClubWebináře
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Agenda – Cisco C9800
• Představení bezdrátových kontrolerůřady Cisco C9800
• HW/SW modely a způsob jejich nasazení
• Vlastnosti, konfigurace a dohled
• Licenční model, jak otestovat a nasadit do stávající nebo nové sítě
• C9800 Troubleshooting
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Value Beyond the Network
IT Efficiency | Business Intent | Service Assurance
Managed Services Application Development Integrators
Business
Agility
Open
Platform
Automation Security Policy And Behavior Analytics And Assurance
Network Value Beyond Connectivity
MNetwork
Efficiency
Integrated
Systems
Security Availability Performance
The Network is the Foundation
Network
ConnectivityBest of Breed
Products
Networking ReinventedKde je dnes hodnota sítě?
Intent Based Networking
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Principles of Intent-Based Networking
Powered by IOS-XE
Physical and VirtualInfrastructure
ASIC
Applications
APIs
Domain Controllers
Cisco DNA Center
Automation, built-in security, streaming telemetry, rich analytics, programmability
Custom ASICs, Virtualization
Modular, scalable, highly available OS
4
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Introducing the next chapter in our strategy IBN across the whole Access Network
Access SwitchesAccess Points Aggregation Switches
9200/9300/9400 Series
Catalyst Catalyst9500 Series
Catalyst9800 Series
Automation Security AnalyticsBuilt for intent-
based networking
The Full Experience End to End
Wireless Controller
5
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Catalyst 9800Next Generation Wireless Controller
Cisco Catalyst Next Gen Wireless Architecture
The Most Deployed Controller
RF excellence │ Device ecosystem │ Wireless assurance High Availability │ Programmability │ Scale
A Modern Modular OS
Bringing together network leadership with RF innovation
ENCS
Built for Intent-based Networking | Powered by IOS XE | Deploy Anywhere
6
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
QFPQuantumFlow Processor
UADPUnified Access Data Plane
▪ Advanced, Multi-Core, Feature-Rich
▪ Fully Programmable
▪ Scalable
▪ Advanced on-chip QoS
▪ Secure
▪ Extensible Architecture
▪ Flexible, Programmable, High-Performance
▪ Fully Programmable
▪ Scalable
▪ Advanced on-chip QoS
▪ Secure
▪ Extensible Architecture
100% Cisco-developed Flexible Silicon – Unlocking the Power of DNA at Hardware Speeds
Cisco Catalyst 9800 – Next Gen Wireless ArchitectureBuilding on a Strong Hardware Foundation
Powered by IOS-XE
C9800 applianceC9800 embedded in Catalyst 9300
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Multi-process software architecture▪ Processes are single threaded, non-blocking, ▪ New Wireless Network Controller process (WNCd). ▪ Multiple WNCd for horizontal scale▪ No single fault domain (e.g. memory separation)▪ Data model driven & data externalization▪ Process patchability & restartability*▪ Independent boot*
Cisco Catalyst 9800 – Next Gen Wireless Architecture
* System capable, roadmap item
WLAN
AP
Client
Thread
Thread
Thread
Thread
Single process software architecture▪ Wireless Controller Manager (WCM)▪ 30+ threads▪ Data contention cross threads▪ Single memory space▪ Single fault domain
WCM
Previous software architecture vs. Catalyst Wireless Controller
WNCd
WNCd Ops data
WNCd
WNCd Ops data
...
... RRM
RRM Ops data
...
IOSd
Mobility
Mobility Ops data
Config DBDB
managers Ops DB
High level view
High level view
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 9800 – Wireless benefits
Always-on
• Software updates with no disruption
• Rolling AP upgrades
• Seamlessly add new AP models
Deploy Anywhere
• On-Prem, Private/Public cloud, Embed wireless on a 9k switch
• AWS GovCloud ready
• Scale as you grow
Secure
• Detect encrypted threats with Encrypted Traffic Analytics (ETA)
• Integration with StealthWatch
• Automated macro/micro segmentation with SDA
• WPA3 Support**Future
Powered by IOS XEOpen and Programmable
Trustworthy SolutionsModular operating system
9
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
CMX 10.5.1 /Cisco DNA Space
- Connect / Detect / Engage- Hyperlocation- BLE
Cisco Catalyst 9800 Wireless as a solution!
Prime Infrastructure 3.5
- Configuration- Monitoring
ISE 2.2/2.3/2.4
- BYOD- Guest Access
Cisco DNA Center 1.2.10
- Automation- Assurance- Maps & topology
What Wireless controllers are
supported ?
- Physical: Cisco Catalyst C9800 Series Appliances
- Cloud: Private and Public Offering- Catalyst 9800 SD-Access
Embedded Wireless
What modes are supported?
- Local, Flex, Fabric, Cisco Catalyst 9800 on ME (Future)
What are the Differentiating features?
- High Availability, Patching, ETA Programmability, Telemetry
Cisco Catalyst 9800Wireless Controller 16.10
Access Points Supported
- 11ac Wave2- 11ac Wave1- 11ax (Future)
10
Catalyst 9800 software fact checkWith Confidence
Catalyst 9800 Series
Wireless Controller
WebUI
DNA-C
8000+Test
Cases
1500+ Hours
Testing Per DayLast 4 Months
1.5 MillionNew Lines of
Code
400+Engineers
20,000+Switchovers
Tested
Software Architecture
Centralized Control-Plane
Modular Software
Multiple EFTIn Production
Catalyst 9800 Series: Built with confidence
ENCS
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 9800 @ work!
C9800-40 HA pair
Alpha network in Cisco Software Development Building
VSL
Sup Sup
RP link
Cisco Corporate
network
4500 VSS pair
ISE / AD
Cisco DNA CenterCMX
…
Catalyst 9300
Blizzard SSID
420+ APs Local mode
Cisco DNA Center Automation & Assurance
2 Gbps peak traffic
10 GE links
1,900 client peak
SSO HA AVC enabled
12
Cisco Catalyst 9800HW/SW Appliances,Deployment Models
G loba l
Sa les T ra in ing
Translate business intent into network policy andcapture actionable insights with DNA Center
Aironet Access Points
Works with Cisco Aironet 802.11ac Wave 1 and Wave 2 Access Points
DNA Center
C9800-40C9800-80
C9800 for Cloud C9800 on Cat 9k Switch (SDA only)
Catalyst 9800 Series Wireless Controllers
* GCP EFT Only
All deployment modes:
Centralized, SDA,
FlexConnect, Mesh
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
C9800-40: Industry’s first fixed wireless controller with seamless software updates
4 x 1GE/10GE PortsSP/RP Port Fiber RP PortUSB 3.0Console
Up to 2,000 APs Up to 32,000 Clients 40 Gbps
Fully programmable multi-core network processor Support for Netflow, AVC and ETA
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Evolution of Wireless Controllers Enterprise Campus and Full-Service Branch
16
•1500 APs, 20000 Clients•20 Gbps Throughput
THEN 5520
NOW C9800-40-K9
•1500 AP Groups•1500 FlexConnect Groups,• 100 Flex APs/FCG
•4096 VLANs, 512 Interface Groups•40000 PMK Cache•512 WLANs
•25000 RFIDs•3000 APs/RRM Group•320000 AVC Flows
• 2000 APs, 32000 Clients
• 40 Gbps Throughput
• 4096 VLANs, 100 VLAN Groups
• 64000 PMK Cache
• 4096 WLANs
• 32000 RFIDs
• 4000 APs/RRM Group
• 400000 AVC Flows
• 2000 Policy Tags
• 2000 Site Tags,
• 100 Flex APs/Site
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
C9800-80: Industry’s first modular wireless controller with 100GE modular uplink and seamless software updates
Redundant
Power Supply
AC or DC
SP/RP Port
Fiber RP Port8 X 10 GE
Uplinks
Modular Uplinks -
GE, 10GE, 40GE, 100GEUSB 3.0
Up to 6,000 APs Up to 64,000 Clients 80 Gbps
Fully programmable multi-core network processor Support for Netflow, AVC and ETA
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Evolution of Wireless Controllers Enterprise Campus and Full-Service Branch
18
•6000 APs, 64000 Clients•40 Gbps Throughput
THEN 8540
NOW C9800-80-K9
•6000 AP Groups•2000 FlexConnect Groups,• 100 Flex APs/FCG
•4096 VLANs, 512 Interface Groups•64000 PMK Cache•512 WLANs
•50000 RFIDs•6000 APs/RRM Group•320000 AVC Flows
• 6000 APs, 64000 Clients
• 80 Gbps Throughput
• 4096 VLANs, 4096 Interface Groups
• 128000 PMK Cache
• 4096 WLANs
• 64000 RFIDs
• 12000 APs/RRM Group
• 800000 AVC Flows
• 6000 Policy Tags
• 6000 Site Tags,
• 100 Flex APs/Site
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Catalyst 9800 Wireless Controller for Cloud
ISE / AD Cisco DNA Center
ASSURANCE
AUTOMATION
Cisco DNA Center 1.2.10 W1 & W2 802.11ac APs
Internet
Public Cloud
AD
Managed VPN
Enterprise network
NFVIS
ENCS
Hypervisors: ESXi, KVM, NFVIS on ENCS
All deployments mode: Centralized, SDA, FlexConnect, Mesh
ESXi
1,000 APs / 10,000 Clients
Amazon AWS with Managed VPN
FlexConnect local switching only
ISE/AAA
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Campus
Private Cloud overview▪ Customer value prop:
o “Deploy wireless controller where you want it, how you want it”
o No AP mode or feature limitation vs. appliance
▪ Supporto VMware ESXi , KVM and ENCSo Wave 2 and Wave 1 APs onlyo All deployments and all AP modeso Centrally switched traffic <= 2.5 Gbpso VM Large: 6k APs, 64k clients at FCS is Flex local
switching and SDA. Limited scale with Local mode: 3K APs, 32K clients
o ESXi vCenter or KVM Virt-Mgr for VM provisioningo Automated VM bootstrap flow (ESXi vCenter only)
▪ Migration: o Migration tool (standalone and 9800 WebUI)o Prime & Cisco DNA Center automation and migration
flows
Corporate WAN
(MPLS /SD-WAN)
BranchFlex
APs
Flex AP
OnPrem DC
Branch
ESXi / KVM/
CAPWAP
ISP owned device
Customer owned device
Local mode AP
20
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
VMware specifications
• Supported hypervisor: VMware ESXi 6.0 and higher
Model Configuration Small (16.10) Medium(16.10) Large(16.10)*
Maximum Access Points 1,000 3,000 6,000
Maximum Clients Support 6,000 32,000 64,000
Minimum Number of vCPUs 4 6 10
Minimum Memory (GB) 8 16 32
Required Storage (GB) 8 8 8
Virtual NICs (vNIC) -3nd NIC is for High Availability
2 /(3) 2 /(3) 2 /(3)
vNIC driverVMXNET3, E1000E,
E1000VMXNET3, E1000E,
E1000VMXNET3, E1000E,
E1000
Virtual bridge Vswitch Vswitch Vswitch
vMotion, vNIC teaming, L2 LAG, SRIOV Planned for 16.11 Planned for 16.11 Planned for 16.11
*Limited scale with Local Mode and Flex Central switching : 3K APs, 32K clients
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Internet
Public Cloud deployment
VPC
Enterprise network
Flex AP
CAPWAP VPN tunnel
ISE
Cloud VPN router
Branch
Branch
Flex AP
▪ Customer value prop: o Wireless as IaaS with Cloud flexibility
▪ Supported Public Cloud providerso Amazon AWS
▪ Supported Cloud deploymento Managed VPN (need a router at remote site)
o VPC is “just” an extension on on Prem DC theo VM can be provisioned via AWS o AWS CloudFormation template to ease the initial setupo Only N+1 HA supported in public cloudo AP deployment: Flex central auth and local switchingo ISE and AD typically on Premo Max scale is 1k APs and 10k clients @ FCS
▪ Migration: o Migration tool (standalone and WebUI)
VPN (e.g. IPSEC)
CAPWAP Control
AD/LDAP
C900-CL
22
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
On ApplianceOn Private CloudOn Switch
• Cisco IOS® XE Software
• C9800-CL• 1k AP, 10k Clients• 3k AP, 32k Clients• 6k AP, 64k Clients^
• Scale on demand
• Optimized for mobility
• Designed for IoT
• Always on Fabric with robust HA
• Cisco IOS® XE Software
• C9800-40-K9• 2k APs, 32k Clients
• C9800-80-K9• 6k APs, 64k Clients
• Optimized for mobility
• Designed for IoT
• Always on Fabric with robust HA
• Cisco IOS® XE Software
• Cat 9300• 200 AP, 4k Clients
• SD-Access wireless with Cat9800 Software Package
• Indirect AP Support
• Optimized for Mobility
• Centralize Control Plane
• Always on Fabric with robust HA
Small and Medium Campus Medium and Large CampusOptimized for Distributed Braches
SD-Access Everywhere
23
^Future
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco PublicHighly Secure and Optimized Solution for Branch and Small Campus
Embedded Wireless“Cat 9k Switch”
Support 400 APs and 8000 Clients per Site
Policy stays with user
Seamless Mobility Cat9800 Wireless Controller Software on CAT9300
• Extend policy based segmentation to wireless• Extend rich C9K services like ETA to wireless• Seamless shared services and WAN integration
• Wireless scale for 802.11ax / Wave-2• Seamless Mobility (No VLAN spans)• No WAN Link dependency
• Lower TCO• Robust HA• Simple/Intuitive multi-site workflows with Cisco
DNA-C
Cisco DNA Center
AnalyticsPolicy Automation
Catalyst 9800 SD-Access Embedded Wireless
*Support 200 AP and 4000 clients per WLC
Cisco Catalyst 9800Features, Config
Catalyst 9800: Powered by IOS XE
Deploy AnywhereAlways-on
• Software updates with no disruption
• Rolling AP upgrades
• Seamlessly add new AP models
Secure
• Detect encrypted threats with ETA
• Automated macro/micro segmentation with SDA
• WPA3 Support*
• On-Prem, Private/Public cloud, Embed wireless on a Switch
• GovCloud ready
• Scale as you grow
*Future
Powered by IOS XEOpen and Programmable
Trustworthy SolutionsModular operating system
Custom DevelopmentDNA CenterStandards Based Interoperability
Flexible management options with Cisco Catalyst 9800 Series Wireless Controllers
AnalyticsPolicy AutomationZero Touch Provisioning
Guest Shell (On Box Python)
Model Driven Programmability
YANG Data Models
App HostingSDN Controllers
CI/CD Tools
NMS Systems
Intent-basedNetwork Infrastructure
Catalyst 9800 SeriesWireless Controllers
Complete control of your Day 0-N operations with open and programmable APIs
Day 0 Day 1 Day 2 Day N
Onboarding
Zero touch provisioning
Plug and Play
Configuration
YANG data modelsConfiguration protocols,NETCONF, RESTCONF*,
..
Monitoring
Streaming telemetry
Optimization
Guest shell*(on-box Python)
EEM Scripts
Provisioning Automation^
Model drivenprogrammability
Model driventelemetry
Software imagemanagement
^FutureIOS XE Programmability Book: http://cs.co/programmabilitybookAutomated Backup SSID with EEM on C9800 Wireless Controllers: https://community.cisco.com/t5/wireless-mobility-documents/automated-backup-
ssid-with-eem-on-catalyst-9800-wireless/ta-p/3743838
YANG Models Example
YANG Models
XML Payload
YANG Models Data Models defined using the YANG language
Data
Gig 1/0/1
“CL rocks!”
enabled
https://github.com/YangModels/yang
https://github.com/openconfig
Network Subscription
A subscription is a contract between the network device and a subscriber that specifies the type of data, the frequency, and
CollectorSubscribe to ietf-yangpush.yang
Specify xpath/KPI (defined within data model)
Instruction on:
• What data to collect
• Where and how to send
• How often and how much
sh telemetry ietf subscription 100 receiver
Subscription ID: 100
Address: 10.10.105.10
Port: 47870
Protocol: netconf
Profile:
State: Connected
Explanation:
<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id=”id" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<establish-subscription xmlns="urn:ietf:params:xml:ns:yang:ietf-event-notifications"
xmlns:yp="urn:ietf:params:xml:ns:yang:ietf-yang-push">
<stream>yp:yang-push</stream>
<yp:xpath-filter>/wireless-location-oper:location-oper-data/location-rssi-measurements</yp:xpath-filter>
<yp:period>1000</yp:period>
</establish-subscription>
</rpc>
Trustworthy Systems make the Catalyst 9800, the most secure wireless controllers
Runtime Defenses64 bit ASLR
Secure BootBoot sequence check
Image SigningAuthentic OS
Integrity VerificationsMalware protection
PnP SUDI SupportTwo way trust
Hardware AuthenticityGenuine hardware
Catalyst 9800: Always-on
Deploy AnywhereAlways-on
• Software updates with no disruption
• Rolling AP upgrades
• Seamlessly add new AP models
Secure
• Detect encrypted threats with ETA
• Automated macro/micro segmentation with SDA
• WPA3 Support*
• On-Prem, Private/Public cloud, Embed wireless on a Switch
• GovCloud ready
• Scale as you grow
*Future
Powered by IOS XEOpen and Programmable
Trustworthy SolutionsModular operating system
Always-on in planned and unplanned scenarios
Contain impact within releaseFixes for defects and security issues without need to requalify a new release
Faster resolution to critical issuesProvide fixes to critical issues found in network devices that are time-sensitive
Unplanned EventsDevice and network interruptions
✓ Stateful Switch Over with an active standby
✓ N+1 redundancy for always-on network, services and clients
Infrastructure UpdatesSoftware maintenance & AP updates
✓ Seamless software updates for wireless controllers and APs
✓ AP device pack and flexible per-site updates contain impact area
Software Image UpgradesWireless controller image upgrades
✓ N+1 rolling AP upgrades ensure seamless client connectivity
✓ Radio resource management automates group creation
Catalyst 9800: Secure
Deploy AnywhereAlways-on
• Software updates with no disruption
• Rolling AP upgrades
• Seamlessly add new AP models
Secure
• Detect encrypted threats with ETA
• Automated macro/micro segmentation with SDA
• WPA3 Support*
• On-Prem, Private/Public cloud, Embed wireless on a Switch
• GovCloud ready
• Scale as you grow
*Future
Powered by IOS XEOpen and Programmable
Trustworthy SolutionsModular operating system
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Intent-based wireless networks to secure the Air, Devices and Users with Catalyst 9800
Air UsersDevices
Rogue detection & Mitigation
Enhanced threat detection with ETA
Seamless BYOD onboarding with ISE
Standards compliance with WPA3*
Identity based segmentation with SDA
Secure device management with iPSK
- Enhanced security on open Wi-Fi- Robust password protection - Superior data protection- Seamless customer migration
*Future
35
101010100010101010100000101010101010101010101
111101010101010111100010101001010001001001001
010100100100101000100100011001001001001001001
001001010010010100100101010100010101010100000
101010101010101010101111101010101010111100010
101001010001001001001010100100100101000100100
011001001001001001001001001010010010100100
101010100010101010100000101010101010101010101
111101010101010111100010101001010001001001001
010100100100101000100100011001001001001001001
001001010010010100100010100001010101111010101
Introducing ETA on Cisco Catalyst 9800 Series Wireless Controllers
Enhance Visibility Promote ComplianceShorten Time to Response Save Time & Money
Malware detection and
cryptographic compliance
on Cisco Stealthwatch
Cisco Stealthwatch®
Netflow
Telemetry
Encrypted
Wireless Traffic
Supported on Catalyst 9800 Series Wireless
Controller in Centralized Wireless Deployment
Catalyst 9800: Deploy Anywhere
Deploy AnywhereAlways-on
• Software updates with no disruption
• Rolling AP upgrades
• Seamlessly add new AP models
Secure
• Detect encrypted threats with ETA
• Automated macro/micro segmentation with SDA
• WPA3 Support*
• On-Prem, Private/Public cloud, Embed wireless on a Switch
• GovCloud ready
• Scale as you grow
*Future
Powered by IOS XEOpen and Programmable
Trustworthy SolutionsModular operating system
Deploy Cisco Wireless Controllers in any form factor for campuses and distributed branches
Branch / Small HQ
Campus
Large Campus
Mobility Express
3504 Wireless Controller
C9800 embedded*
for Cat9k Switch
200 to 3000 APs**
3000 to 6000 APs** *SD-Access only**Refer to Datasheet for more information
^Centralized support for 6000 APs in Future+Catalyst 9800 for Public cloud FlexConnect only
Up to 200 APs**
C9800-80Catalyst 9800 on-prem
C9800-40Catalyst 9800 on-prem
newnew
newnew new
new new
new
C9800-CLC9800 for Public Cloud+
C9800-CLC9800 for Private Cloud^
C9800-CLC9800 for Private Cloud
C9800-CLC9800 for Public Cloud+
C9800-CLC9800 for Private Cloud
AireOS
Catalyst 9800 Configuration – GUI, CLI and API
Cat 9800 Wireless - New Configuration Model
Reusability
Config modularized
as objects
Simplicity
No inheritance or
containers
Easy Provisioning
With AP attribute
Tagging
Rule-based Tagging
For easy Day 1
configuration
Change Management
Site based filtering
Catalyst 9800 Higher Management transition
Intent based Best Practices driven
Highly CustomizedCustomer
Configuration
Intent BasedDNA Center
Prime or Wireless Controller UI
Config. Migration
(one time)
Flex, Centralized and SD-Access
Flex and Centralized
Mode Supported
DNA Center PrimeAutomation
DNA CenterAssurance DNA Center
DNA Center
Cisco Catalyst 9800Licensing Model,How to Test and DeployLinks to Guides
Catalyst 9800 Licensing
DNA Center Appliance
Catalyst 9800 Series Wireless Controllers
Aironet Access Points
DNA licenses
Smart License Management
DNA License consumption & tracking with Smart Licensing and mandatory
Smart Accounts
DNA LicensingSeamless portability & investment
protectionwith DNA Licensing
Mandatory DNA license for every AP joining the Catalyst 9800 controller
All AP’s joining the controller will be at the same DNA level
Cisco DNA Advantage
Prime
Cisco DNA Advantage
3/5/7 Year SubscriptionsSingle SKU
AP License
Cisco DNA Essentials
Automation and Assurance
Enterprise Agreement Eligible
Base Automation
Cisco DNA Essentials
Prime
Cisco DNA Essentials
AP License
3/5/7 Year SubscriptionsSingle SKU
3/5/7 Year SubscriptionsSingle SKU
Prime
AP License
CMX Base
ISE Base + ISE Plus
Cisco DNA Advantage
Cisco DNA Essentials
Automation, Assurance, SDA, Security and Location
Enterprise Agreement Eligible
11AX, Wave 2 APs and Controllers - CAT 9800-40, CAT 9800-80, C9800-CL, Embedded Wireless
Wireless Subscription Offer StructureCisco DNA Premier
Software Support Service (SWSS) included in all subscriptions
*Customers can also get Cisco DNA software on 3504/5520/8540
Cisco DNA Spaces SEECisco DNA Space SEE
Catalyst 9800 Wireless Controller – Advantage vs. Essentials
▪ Cat 9800 controller includes the Perpetual Network Stack - Network Essentials or Network Advantage
▪ Mandatory to attach DNA License for every AP joining the Catalyst Wireless controller
▪ DNA License includes Wireless and DNA Center Features
Flexible Network Segmentation▪ VXLAN
Advanced Automation▪ SD-Access
▪ Location Plug and Play
▪ Automated ISE integration for guest
▪ 3rd party API integration
Policy Based Workflows▪ EasyQos configuration
▪ EasyQos monitoring
▪ Policy-based Automation
Network Advantage (Inclusive of Network Essentials)
DNA Advantage (Inclusive of DNA Essentials)
Assurance & Analytics▪ Guided Remediation
▪ Apple iOS Insights
▪ Proactive issue Detection
▪ Aironet Active Sensor Tests
▪ Intelligent capture
▪ Client Location Heatmaps
▪ Spectrum Analyzer
▪ Application performance (Packet Loss, Latency and
Jitter),
▪ App 360, AP 360, Client 360 and WLC 360
▪ Custom Reports*,
3,5,7 Year Terms
Advantage
High Availability & Resiliency▪ ISSU, Process Restart,
▪ Rolling AP Upgrades,
▪ Patching (CLI)
▪ AP service pack/AP device pack
Element Management▪ Patch Lifecycle Management
Perpetual Network Essentials
DNA Essentials 3,5,7 Year Terms
Essentials
Perpetual
Essential Wireless Capabilities▪ 802.1x authentications, Guest access, device
onboarding, Infra and client IPv6, ACLs, QoS,
Video stream, Smart defaults, RRM, Spectrum
intelligence, BLE, Zigbee, USB, TrustSec
SXP,SSO, Dynamic QoS, Analytics, ADP,
OpenDNS, mDNS, IPSec, AP and client SSO
Rogue Management and Detection, Mobility
DevOps Integration▪ PnP Agent
▪ NETCONF, RESTCONF*, gNMI*,
▪ Yang Data Models
▪ GuestShell (On-Box Python)*
Telemetry & Visibility▪ Model-driven Telemetry
▪ NETCONF dial-in, gRPC dial out*
Basic Automation▪ PnP Application
▪ Network Site Design and Device Provisioning
Element Management▪ Software Image Management
▪ Discovery, Network Topology
▪ AVC
Telemetry▪ Flexible NetFlow
Basic Assurance▪ Health dashboard (Network, Client and Application)
▪ AP Floor map and Coverage map
▪ Pre-defined Reports
C9800-80/C9800-40/C9800-CL/Embedded Wireless
*Future
Enhanced Security & IoT▪ Encrypted Traffic Analytics
▪ Advanced WIPS*Base Security▪ Basic WIPS*
IoT Optimized▪ Identity PSK, Enhanced Device profilers
Federal Certifications*▪ FIPS, CC,UCAPL,USGV6
Optimized RF▪ FRA, Client link, ClearAir Advanced,
▪ NG-HDX, Predictive/Proactive RRM
C9800 for Private Cloud
C9800 for Public Cloud
Navigate to the C9800 Wireless downloads section in software.cisco.com
Download appropriate package and install in Hypervisor
Go to the AWS Marketplace
Search for “Cisco Catalyst Wireless” or “C9800-CL”
Choose Image and deploy following the instructions
ZERO PRICE
ZERO PRICE
How to test Cat9800 in Your lab
https://www.cisco.com/c/en/us/td/docs/wireless/controller/tech
notes/8-8/b_c9800_wireless_controller_virtual_dg.html
https://www.cisco.com/c/en/us/td/docs/wireless/controll
er/technotes/8-
8/b_cisco_catalyst_9800_wireless_controller_aws.html
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Seamless roaming b/w Catalyst 9800 and AireOS 8.8 MR2 (3504/5520/8540)
Catalyst 9800
IRCM : AireOS and Cisco Catalyst 9800
Catalyst 9800Deployment
AireOS WLC
AireOSDeployment
Secure Mobility(CAPWAP)
Secure Mobility(CAPWAP)
Seamless roaming, L3 only
Also supported on AireOS 8.5MR4 Special
AireOS8.8 MR2
Catalyst 9800
Brownfield scenario – Common RF plan
AireOS WLC
common RF Group
name
AP group = Floor1RF tag = Floor2
Policy tag = Floor 2
Adding C9800 to a AireOS network. RRM works in a mixed controller environment:
• C9800 and AireOS controllers can create one RF domain and share a common RF plan
• The RF group name on both AireOS and C9800 controllers needs to match
• 8.8 is required on AireOS (8.8MR1 recommended)
• A RF leader is elected (based on controller capacity) and common channel and power plan will be used for all APs
• APs will be not show up as rogue on the other controller
• NOTE: in a scenario where you want to have custom RF profiles or enable FRA, then the leader ( e.g. C9800 controller) needs to have Policy and RF tags matching the names of the AP Group names on AireOS WLC. Of course the settings of RF profiles on both controllers need to match as well.
CAPWAP tunnel
RF tag = Floor2Policy tag = Floor2
RF tag = Floor1Policy tag = Floor1
RF Leader
AP Group = Floor1
Catalyst 9800
Brownfield – Guest Anchor
Catalyst 9800Deployment
Secure Mobility(CAPWAP)
Guest Anchor
AireOS WLC
AireOS Deployment
EOIP-basedMobility
AireOS Guest Anchor
Guest Anchor
AireOS8.8 MR1
Upgrade the AireOS Guest Anchor to 8.8 MR2(on 3504/5520/8540)and manage both Catalyst 9800 and AireOS Foreign
Also supported on AireOS
8.5MR4 Special
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Catalyst 9800 Wireless Controller Documentation
Technical Notes
Configuration Guides
Technical References
https://www.cisco.com/c/en/us/support/wireless/catalyst-9800-series-wireless-controllers/products-technical-reference-list.htmlhttps://www.cisco.com/c/en/us/support/wireless/catalyst-9800-series-wireless-controllers/products-installation-and-configuration-guides-list.htmlhttps://www.cisco.com/c/en/us/support/wireless/catalyst-9800-series-wireless-controllers/products-configuration-examples-list.html
51
IOS XE Programmability Book
http://cs.co/programmabilitybook
Automated Backup SSID with EEM on C9800 Wireless Controllershttps://community.cisco.com/t5/wireless-mobility-
documents/automated-backup-ssid-with-eem-on-catalyst-
9800-wireless/ta-p/3743838
Cisco Catalyst 9800Troubleshooting
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco C9800 IOS-XE Troubleshooting Platform objectives
54
• A single way to enable debugs, not having to remember and enable dozens of debug commands
• Capacity to trace the path and time of a packet through the platform, including all the features it hits on the way
• Obtaining debug logs of past event in their context even without having enabled any debug manually
• Being able to verify things at every layer of the platform (control or data plane)
• Always on tracing, no need to turn on anything…
• AP not joining? > show log profile wireless filter mac <AP radio-mac> to-file <output-file>”
• Client issues? > show log profile wireless filter mac <client-mac> to-file <output-file>
show logging profile wireless internal reverse | inc Association received – to get the MAC of the client
• Explicit debug “debug wireless mac”
• This runs for 30 mins by default but you can set it or do “no debug” to stop it
• Automatically creates a file that you can view (name of the file is ra_trace_MAC_aaaabbbbcccc_HHMMSS.XXX_timezone_DayWeek_Month_Day_year.log)
• If you can’t fix it, then open a TAC case and provide these output:
• Show tech wireless and show tech
• Show tech licensing >> for licensing issues
• Show tech memory >> for memory related issues.
• In case of crash, get the system report which can be downloaded from GU > Troubleshooting
Having AP/client issues? Quick tips…
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
IOS-XE Logging Architecture
• General concepts
• Always-on tracing
• Trace-on-failure
• Conditional debugging : Radioactive tracing
• Non-conditional debugging :
Specific component debugging
56
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
C9800 IOS-XE Logging architecture
57
L2 Authentication Key Exchange Start. EAP type: PEAP, Resolved VLAN: 185, Audit Session id:ABCD
EAP Key management successful. AKM:FT-DOT1X Cipher:CCMP WPA2
Mobility discovery triggered. Client mode: Local
ADD MOBILE sent. Client state flags: 0x72 BSSID: MAC: abcd.abcd.cdef capwap IFID: 0x1234
Client IP learn successful. Method: IP Snooping IP: 10.0.0.1
Client state transition: S_CO_IP_LEARN_IN_PROGRESS -> S_CO_RUN
Oct 9 09:12:15.363 UTC: %CLIENT_ORCH_LOG-6-CLIENT_ADDED_TO_RUN_STATE: Chassis 2 R0/0:
wncd: Username entry (bob) joined with ssid (foo) for device with MAC: 1234.1234.5678
WNCd-0
IOSd
Btrace Library
IOS Logger
WNCd-0 tracelog (wncd_x_R0-0.2280_41.20181009080530.bin)
IOSd traceIog (IOSRP_R0-0.14671_21.20181009041228.bin)
Btrace Library
Client join messages
Final RUN state message
Oct 9 09:12:15.363 UTC: %CLIENT_ORCH_LOG-6-CLIENT_ADDED_TO_RUN_STATE: Chassis 2 R0/0:
wncd: Username entry (bob) joined with ssid (foo) for device with MAC: 1234.1234.5678
Syslog, VTY (term mon), console, …
• All binOS (i.e. non IOSd) processes log to files in flash/disk
• When a log file reaches its maximum size, it rotates and creates a new one
• Logs are written in binary and then compressed for archiving
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
IOS-XE logging architectureHow do we consult logs ?
58
#show logging continues to give us the log history of IOSd events
#show logging profile wireless to-file <filename> collates (and decodes) to the destination filename in flash all the wireless-relevant logs from ALL the log files on disk
Since there is a lot of logging, we have options like :
#show logging profile wireless level <severity> to-file <filename>
#show logging profile wireless level info filter mac <mac add>
to-file <filename>
#show logging profile wireless start timestamp “MM/DD/YYYY HH:MM:SS”
level info filter mac <mac addr> to-file <filename>
2-Critical3-Error4-Warning5-Notice6-Info7-Debug8-Verbose
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Introducing always-on tracingLogs even without enabling debugs
59
• Each process constantly writes logs down to NOTICE level to give some context about normal but significant events happening
• We are tracking client connections (even successful) and their state machine changes
• Target : each process can log for at least 48 hours (on a fully loaded box)
• You can debug what happened to a client AFTER it happened and without having enabled anything beforehand ! 2-Critical
3-Error4-Warning5-Notice6-Info7-Debug8-Verbose
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Always-on logging : client connection failure
[client-orch-sm] [32269]: (note): MAC: 0000.0a34.0001 Association received. BSSID 000b.cd00.060f, old BSSID 0000.0000.0000, WLAN 1, Slot 1 AP
000b.cd00.0600, EWLC-AK-SIM-AP-5
2018/09/18 08:58:40.149 {wncd_x_R0-1}{1}: [client-orch-state] [32269]: (note): MAC: 0000.0a34.0001 Client state transition:
client_orch_sm_state___none -> S_CO_ASSOCIATING
[dot11] [32269]: (note): MAC: 0000.0a34.0001 Association success. AID 1, Roaming = 0, WGB = 0, 11r = 0, 11w = 0
[client-orch-state] [32269]: (note): MAC: 0000.0a34.0001 Client state transition: S_CO_ASSOCIATING -> S_CO_ASSOCIATED_TR
[client-orch-state] [32269]: (note): MAC: 0000.0a34.0001 Client state transition: S_CO_ASSOCIATED_TR -> S_CO_L2_AUTH_IN_PROGRESS
[client-auth] [32269]: (note): MAC: 0000.0a34.0001 ADD MOBILE sent. Client state flags: 0x71 BSSID: MAC: 000b.cd00.060f capwap IFID:
0xf90400003
[client-auth] [32269]: (note): MAC: 0000.0a34.0001 L2 Authentication initiated. method DOT1X, Policy VLAN 1,AAA override = 1
[ewlc-infra-evq] [32269]: (note): Authentication Success. Resolved Policy bitmap:11 for client 0000.0a34.0001
[ewlc-infra-evq] [32269]: (ERR): SANET_AUTHC_FAILURE - Cred Fail username wpa2eapfast, audit session id 22100A09000002C8EBE72A99,
[client-orch-sm] [32269]: (note): MAC: 0000.0a34.0001 Client delete initiated. Reason:
CO_CLIENT_DELETE_REASON_CLIENT_CREDENTIAL_FAILURE
[client-orch-state] [32269]: (note): MAC: 0000.0a34.0001 Client state transition: S_CO_L2_AUTH_IN_PROGRESS -> S_CO_DELETE_IN_PROGRESS
[client-orch-state] [32269]: (note): MAC: 0000.0a34.0001 Client state transition: S_CO_DELETE_IN_PROGRESS -> S_CO_DELETED
60
show log profile wir filter mac 0000.0a34.0001 to-file output.txt
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Always-on logging : AP join failures
Unsupported AP[apmgr-capwap-join] [1263]: UUID: 0, ra: 0, TID: 0 (ERR): d824.bde8.3690 Join request not accepted: Unsupported AP Model AIR-LAP1142N-A-K9
Reg Domain failure[apmgr-capwap-config] [1394]: UUID: 10000000002ed, (ERR): f44e.0597.fb50 Failed to verify reg domain slot. validation of country code(UX) to
regulatory domain(-A) error:1
[apmgr-capwap-config] [1394]: UUID: 10000000002ed, (ERR): f44e.0597.fb50 Failed to get ap default country code. Get default country code for AP error.
[apmgr-capwap-config] [1394]: UUID: 10000000002ed, (ERR): f44e.0597.fb50 Failed to set reg domain check status. country code US is not configured on
WLC
Cert Failure[apmgr-capwap-config] [1394]: UUID: 10000000002ed, (ERR), %PKI-3-CERTIFICATE_INVALID_NOT_YET_VALID: Certificate chain validation has
failed. The certificate (SN: 6B4F09560000001763DF) is not yet valid Validity period starts on 22:48:43 IST Sep 9 2014
Discovery to non wireless mgmt interface2017/09/22 01:51:02.168 {wncmgrd_R0-0}{2}: [capwapac-srvr] [16320]: UUID: 0, ra::0, TID: 0 (ERR): IP:3.3.3.1[5246], Discovery to non wireless mgmt
interface
61
show log profile wir filter mac <ap radio mac> to-file output.txt
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Trace-on-Failure (TOF)
62
• Predefined failure codes are tracked
• You can pull statistics … ===>
• Or see indexed recent failures. It allows you to quickly see the latest issue on the box and have a precise timestamp + UUID pointer to the exact logs !
sh wireless stats trace-on-failure
001. AP radio reset......................................: 0
002. AP reset............................................: 0
003. Client disjoin due to AP radio reset................: 0
004. Client disjoin due to AP reset......................: 0
005. Export client MMIF..................................: 0
006. Export client MM....................................: 0
007. Export client generic...............................: 0
011. AP join failure.....................................: 0
012. AP initial configuration failure....................: 44335
…..
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Time UUID Log--------------------------------------------------------------------------------------------2018/09/21 04:43:52.773 0x1000000004c93 2048.2000.0300 AP_CFG_STATUS_FAIL : Apmgr failure reason : Regulatory2018/09/21 04:43:52.990 0x1000000004cbf 2048.2000.0500 AP_CFG_STATUS_FAIL : Apmgr failure reason : Regulatory2018/09/21 04:43:53.030 0x1000000004ccc 2048.2000.0400 AP_CFG_STATUS_FAIL : Apmgr failure reason : Regulatory2018/09/21 04:43:53.068 0x1000000004ce5 2048.2000.0200 AP_CFG_STATUS_FAIL : Apmgr failure reason : Regulatory2018/09/21 04:43:53.226 0x1000000004d05 2048.2000.0700 AP_CFG_STATUS_FAIL : Apmgr failure reason : Regulatory2018/09/21 04:43:53.270 0x1000000004d17 2048.2000.0600 AP_CFG_STATUS_FAIL : Apmgr failure reason : Regulatory2018/09/21 04:43:55.626 0x1000000004e61 2048.2000.1200 AP_CFG_STATUS_FAIL : Apmgr failure reason : Regulatory2018/12/12 12:26:35.406 0x10000000cd09b 8875.56c6.f000 AP_JOIN_FAIL : Apmgr failure reason : Unsupported ap,2018/12/17 13:18:32.097 0x10000002c7428 08cc.68b4.4660 CAPWAPAC_HEARTBEAT_EXPIRY
IOS-XE Logging architectureShow logging trace-on-failure summary
63
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
more bootflash:<filename>
2018/12/12 12:26:35.406 {wncd_x_R0-3}{1}: [ewlc-infra-evq] [3862]: (note): Data type : Message handle2018/12/12 12:26:35.406 {wncd_x_R0-3}{1}: [apmgr-capwap-join] [3862]: (ERR): 8875.56c6.f000 Join request not accepted: Unsupported AP Model AIR-CAP3602I-E-K92018/12/12 12:26:35.406 {wncd_x_R0-3}{1}: [apmgr-capwap-join] [3862]: (ERR): 8875.56c6.f000 Failed to process join request. Unable to decode apmgr join response2018/12/12 12:26:35.406 {wncd_x_R0-3}{1}: [apmgr-ap-global] [3862]: (ERR): 8875.56c6.f000 Failed to handle ap sm join request. Unable to process apmgr join request2018/12/12 12:26:35.406 {wncd_x_R0-3}{1}: [ewlc-infra-evq] [3862]: (ERR): 8875.56c6.f000 AP_JOIN_FAIL : Apmgr failure reason : Unsupported ap, Policy tag : , Site tag : , Rf tag : default-rf-tag2018/12/12 12:26:35.406 {wncd_x_R0-3}{1}: [apmgr-db] [3862]: (ERR): Failed to get ap name mac map record for delete. Name: AP3602I-E-K9. Reason: No such file or directory2018/12/12 12:26:35.406 {wncd_x_R0-3}{1}: [apmgr-db] [3862]: (ERR): 8875.56c6.f000 Delete ap name map record from the apmgr failed: 22018/12/12 12:26:35.406 {wncd_x_R0-3}{1}: [capwapac-smgr-sess-fsm] [3862]: (ERR): Session-IP: 192.168.17.146[57187] Mac: 8875.56c6.f000 Unmapped previous state in transition S_JOIN_PROCESS to S_END on E_AP_INTERFACE_DOWN2018/12/12 12:26:35.406 {wncd_x_R0-3}{1}: [apmgr-db] [3862]: (ERR): 8875.56c6.f000 Mismatch in session handles. Record already deleted and recreated
IOS-XE Logging architectureShow log profile wir filter uuid 0x10000000cd09b to-file <filename>
64
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Radioactive tracingBuilding on existing conditional debugging CLI
65
• Debug platform condition start/stop
• Debug platform condition interface/mac/ipv4/ipv6
• Debug platform software cond-debug verbose
• Show platform conditions
• Clear platform condition all.Drawbacks : • every independent
process in the flow must evaluate the condition separately
• Some process do not have access to the data required to evaluate the condition
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
RA tracing conditional debuggingsame commands for AP or client troubleshooting
66
• debug platform condition feature wireless mac <client mac>
• debug platform condition start
(reproduce issue)
• debug platform condition stop
• show logging profile wireless (start timestamp “Date&time”) level debug filter mac <client mac> to-file
<filename>
• more flash:<filename>
• debug platform condition feature wireless mac <AP mac>
• debug platform condition start
(reproduce issue)
• debug platform condition stop
• show logging profile wireless (start timestamp “Date&time”) level debug filter mac <AP mac> to-file
<filename>
• more flash:<filename>
AP troubleshooting
Client troubleshooting
”Clear platform condition all” when done
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Too many commands ? We make it simple
67
WLC# debug wireless mac aaaa.bbbb.cccc ?
ftp-server Move log file to FTP server, default storage: "flash:/"
monitor-time Max time to trace the condition, Default: 30min
internal Collect all logs.(Default: only customer curated logs)
<cr> <cr>
This is a macro that runs the commands from the previous slides in a single command.
Can be run for a certain <monitor-time> or stopped with the “no” version of the command.
Automatically stops !
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Non-conditional active debugging
• set platform software trace wireless chassis active r0 rrm all debug
(reproduce issue)
• show logging process rrm to-file <filename>
• more flash:<filename>
• set platform software trace nginx chassis active r0 all debug
(reproduce issue)
• show logging process nginx to-file <filename>
• more flash:<filename>
RRM (for all APs)
Web UI
68
Set back to “NOTICE” level when done !
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Embedded Packet Capture web interfaceEmbedded Packet Capture web interface
• Web interface to the existing EPC CLI “monitor capture …”
• One click start/stop/download
• Physical and VLAN interfaces can be selected
69
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Useful commands and toolsAdministration -> Command line interface page
70
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Useful commands and toolsTroubleshooting page
71
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Useful commands and toolsCollecting outputs with the debug bundle (UI)
72
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
AP COS troubleshooting
• AP COS can take a wired pcap of their gig interface with vlan tags
• LabAP#debug traffic wired ip capture% Writing packets to "/tmp/pcap/LabAP_capture.pcap0"reading from file /dev/click_wired_log, link-type EN10MB (Ethernet)##tcpdump: pcap_loop: error reading dump file: Interrupted system call 100.0%LabAP#undeb allAll possible debugging has been turned offLabAP#copy pcap LabAP_capture.pcap0 tftp: 192.168.68.52/LabAP_capture.pcap0######################################################################## 100.0%LabAP#debug traffic wired filter "port 5246" 13:20:26.960439 IP 192.168.68.134.5264 > 10.48.39.212.5246: UDP, length 641 13:20:26.960868 IP 10.48.39.212.5246 > 192.168.68.134.5264: UDP, length 81 13:20:47.288822 IP 192.168.68.134.5264 > 10.48.39.212.5246: UDP, length 97 13:20:47.289394 IP 10.48.39.212.5246 > 192.168.68.134.5264: UDP, length 81
73
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
AP COS troubleshooting
• AP COS can take a radio capture (of the control plane) and print it locally or remotely
• [*08/20/2018 09:12:01.834504] [LabAP] [00:ae:fa:78:36:89] <apr0v9> [D:W] DOT11_PROBE_RESPONSE : (.) [*08/20/2018 09:12:01.915985] [LabAP] [00:ae:fa:78:36:89] <apr1v9> [U:W] DOT11_AUTHENTICATION : (.) [*08/20/2018 09:12:01.916759] [LabAP] [00:ae:fa:78:36:89] <apr1v9> [D:W] DOT11_AUTHENTICATION : (.) [*08/20/2018 09:12:01.917507] [LabAP] [00:ae:fa:78:36:89] <apr1v9> [U:W] DOT11_ASSOC_REQUEST : (.) [*08/20/2018 09:12:01.919013] [LabAP] [00:ae:fa:78:36:89] <apr1v9> [D:W] DOT11_ASSOC_RESPONSE : (.) [*08/20/2018 09:12:01.924963] [LabAP] [00:ae:fa:78:36:89] <wired0> [D:E] EAPOL_KEY.M1
• LabAP#config ap client-trace output remote enable 192.168.68.68 5000
74
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
AP COS client troubleshooting
• LabAP#debug dot11 client rate address 00:AE:FA:78:36:89
• [*08/20/2018 14:17:28.0928] MAC Tx-Pkts Rx-Pkts Tx-Rate Rx-Rate RSSI SNR Tx-Retries• [*08/20/2018 14:17:28.0928] 00:AE:FA:78:36:89 0 0 12 a8.2-2s -45 53 0 • [*08/20/2018 14:17:29.0931] 00:AE:FA:78:36:89 7 18 12 a8.2-2s -45 53 0• [*08/20/2018 14:17:30.0934] 00:AE:FA:78:36:89 3 18 12 a8.2-2s -45 53 0 • [*08/20/2018 14:17:31.0937] 00:AE:FA:78:36:89 2 20 12 a8.2-2s -45 53 0• [*08/20/2018 14:17:32.0939] 00:AE:FA:78:36:89 2 20 12 a8.2-2s -45 53 0 • [*08/20/2018 14:17:33.0942] 00:AE:FA:78:36:89 2 21 12 a8.2-2s -46 52 0 • [*08/20/2018 14:17:34.0988] 00:AE:FA:78:36:89 1 4 12 a8.2-2s -46 52 0 • [*08/20/2018 14:17:35.0990] 00:AE:FA:78:36:89 9 23 12 a8.2-2s -46 52 0 • [*08/20/2018 14:17:36.0993] 00:AE:FA:78:36:89 3 7 12 a8.2-2s -46 52 0 • [*08/20/2018 14:17:37.0996] 00:AE:FA:78:36:89 2 6 12 a8.2-2s -46 52 0 • [*08/20/2018 14:17:38.0999] 00:AE:FA:78:36:89 2 14 12 a8.2-2s -46 52 0 • [*08/20/2018 14:17:39.1002] 00:AE:FA:78:36:89 2 10 12 a8.2-2s -46 52 0 • [*08/20/2018 14:17:40.1004] 00:AE:FA:78:36:89 1 6 12 a8.2-2s -46 52 0
75
Shrnutí a Q&A
G loba l
Sa les T ra in ing
Translate business intent into network policy andcapture actionable insights with DNA Center
Aironet Access Points
Works with Cisco Aironet 802.11ac Wave 1 and Wave 2 Access Points
DNA Center
C9800-40C9800-80
C9800 for Cloud C9800 on Cat 9k Switch (SDA only)
Catalyst 9800 Series Wireless Controllers
* GCP EFT Only
All deployment modes:
Centralized, SDA,
FlexConnect, Mesh
Best Enterprise Wireless Solution - DNA, Catalyst 9800 and AP4800
Intelligent Capture
24x7 dedicated monitoring radio
<3m median Hyperlocation accuracy
Design, Provision, Automate
360◦ Context Graph
Apple iOS WiFi Analytics
Always-on
Secure
Deploy Anywhere
Catalyst 9800 Series Wireless Controllers
Aironet 4800 Access Point
AssurancePolicy Automation
DNA Center
Automate provisioning and policy on an infrastructure designed for IBN
Streaming telemetry and insights to take the right action at the right time
Digitize people, spaces and things with DNA Spaces
new
new
Registrace: https://www.eventtouch.eu/czech_republic/techclubdays/?locale=cs_CZ#nav4221=26841