Over the weekend we have upgraded our WLC software from 220.127.116.11 to 18.104.22.168 code which was released in late Dec 2012. Main features you will get through this 22.214.171.124 code are,
1. Application Visibility & Control (AVC)
2. Netflow support for WLC
3. WLC act as Bounjour Gateway(mDNS feature)
You can find Release notes for this software version from here.
When we conducted, post implementation testing with multiple type of BYOD devices, came across a wired issue of not playing youtube video on iPad3 & iPhone5 devices. Spent a lot of time checking proxy configs, firewall rules, etc & then opened a TAC case as no public information is not available of a similar issue.
Guest what, we got confirmation that we are hitting a bug (due to proprietary information below information is not available to public, but if you hit with this bug cisco will provide below information). Workaround is to either disable 802.11n support or disable “Video Call Admission control”. We go ahead with disabling Video Call Admission Control (CAC) & get impacted devices working.
Also notices SSH related issues when accessing the controller CLI. I think it is another bug which is listed in release notes for this software version. Work around is “Retry SSH connection” 🙂 yes you will get there eventually.
Apart from those two issues we did not experience any other major issues with this software code upgrade (time will let us know).Here are the few cool things you would get this 7.4 codes.
You can export netflow stats from WLC (do not expect same netflowv9.0 information you getting from routers, it is a cutdown verion), but keep in mind “something is better than nothing”. Again most of the netflow tools not yet supporting this cisco’s newer flow export from WLC. I have tested this with Solarwinds, Scrutinizer & Fluke & I can confirm Scrutinizer guys are well ahead . That was the only tool (at the time of writing this post) decode the flow format coming from cisco WLC (other two vendors products are not supporting this yet, even though Cisco claiming it is). Below shows few sample reports types available from this product ( I will write a separate post about how to configure netflow on WLC).
Here are few different type of standard reports available from this tool. It’s really cool & never had this visibility to Cisco wireless controllers earlier.
Next cool thing is “Application Visibility & Control” . If you go to the controller main monitor page you will notice some stats like this. You will see what are the application running by wireless client. Cisco has implemented NBAR2 on this WLC code & it gives around 1039 different application categories. Beauty of this is through AVC, you can decide what to do with these application (Allow, Markdown, Drop)
So it’s both positive & negatives (due to described bugs in Day 0). Next few days will tell us how good this software code, when all users come with all those different type of BYOD.
In my personal opinion, this code gives greater capability of controlling & monitoring wireless traffic & everyone loves that. But keep in mind Cisco is talking about WLC 8.0 release by Q2 2013.
Update as at 10th April 2013
We were hit by another bug 😦 of this code where 1142 AP disassociate from the controller intermittently with no reason. Log a case with Cisco & straightawy response came it as a known bug (CSCud97983). This has fixed in 126.96.36.199 & it is time to go for this latest release.
Also Cisco publicly announce of the previous bug (iPad/iPhone 6.x with Video CAC) I mentioned in this post. Here is the bug number for your reference CSCud67358
Update as at 19th June 2013
To fix certain bugs mentioned above we have gone to 188.8.131.52 recently. Again hit by few other bugs & wondering whether what next. Here are few bugs we encounter in this latest code. Except the first bug (fixed on 184.108.40.206) all others fixed in 7.5.x which is not yet released to public
CSCug46718:(fixed in 220.127.116.11)
|New client 802.11 auth fails 3600 or 2600 AP on 2.4GHz band after time.|
Most 802.11 client 2.4GHz authentications will stop after a period of time causing clients to roam to further AP’s, or possibly no longer see the SSID from the AP. However, connectivity to certain clients may remain unaffected.To verify if AP is in this state, run the following AP command:
show int d0 loc 8000a240 4
Value returned should be: 8000A240: 00756414. If the value is 00d03000, AP may be in this state.
Update as of 27th June
To fix the above mentioned bugs, Cisco TAC has provided us 18.104.22.168 Engineering Release of WLC software code. So we have upgraded the WLC software for 3rd time during last 4 months… Do not know when is the next ????