IEEE 802.11k-2008 defines Radio Resource Management (RRM) mechanism that enable 802.11k capable client’s radio to better understand the RF environment that they exist which will help clients to have better roaming. In this post we will enable this 802.11k support on a wlan configured on Cisco 3850 WLC (IOS-XE 3.6E) & see how it works. Here is the topology for this post where I have 3 APs registered to my WLC. I have used iPhone5 as client since it support 802.11k (refer this doc for detail)
3850-1#ap name LAP4 dot11 5ghz shutdown 3850-1#ap name LAP4 dot11 5ghz txpower 6 3850-1#ap name LAP4 dot11 5ghz channel 44 3850-1#ap name LAP4 dot11 5ghz channel width 20 3850-1#ap name LAP4 no dot11 5ghz shutdown 3850-1#show ap dot11 5ghz summary AP Name MAC Address Slot Admin State Oper State Channel Width TxPwr --------------------------------------------------------------------------------------------------- LAP4 0024.9788.48e0 1 Enabled Up 44 20 6( ) LAP2 2c3f.382a.b120 1 Enabled Up 40 20 7( ) LAP1 64a0.e7af.4740 1 Enabled Up 36 20 7( )
Here is the SSID configuration on my 3850. It is simple 802.1X/EAP SSID. I have not shown all other configuration like AAA, etc.
wlan MRN-EAP 22 MRN-EAP client vlan 22 security dot1x authentication-list MRN-DOT1X no shutdown
When you configure an SSID like above, there are certain default settings applied to it. You can view all these using “show run all” command as shown below. As you can see below 802.11k or AP assisted roaming is disabled by default.
3850-1#sh run all | sec wlan MRN-EAP wlan MRN-EAP 22 MRN-EAP accounting-list no assisted-roaming dual-list no assisted-roaming neighbor-list broadcast-ssid ccx aironet-iesupport channel-scan defer-priority 4 channel-scan defer-priority 5 channel-scan defer-priority 6 channel-scan defer-time 100 chd client association limit ap 0 client association limit radio 0 client association limit 0 client vlan 22 no device-classification dtim dot11 24ghz 1 dtim dot11 5ghz 1 exclusionlist exclusionlist timeout 60 ip access-group web ip access-group ip dhcp server 0.0.0.0 ipv6 traffic-filter web none ipv6 traffic-filter none mac-filtering mfp client mfp infrastructure-protection mobility anchor sticky no profiling local http no profiling radius http radio all security wpa security wpa akm dot1x no security wpa wpa1 security wpa wpa2 security wpa wpa2 ciphers aes security dot1x authentication-list MRN-DOT1X security dot1x encryption 104 security ft over-the-ds security ft reassociation-timeout 20 security pmf association-comeback 1 security pmf saquery-retry-time 200 security static-wep-key authentication open security tkip hold-down 60 security web-auth authentication-list security web-auth parameter-map service-policy client input unknown service-policy client output unknown service-policy input unknown service-policy output unknown service-policy type control subscriber session-timeout 1800 wmm allowed shutdown
Let’s enable assisted roaming & see how it works. I have simply enable this for 802.11k compliant clients. You can configure cisco WLC to provide some predictive neighbor report even clients are not 802.11k capable. You can refer this config guide for more detail.
3850-1(config)#wlan MRN-EAP 3850-1(config-wlan)#shut 3850-1(config-wlan)#assisted-roaming ? dual-list Configures dual band 802.11k neighbor list a WLAN neighbor-list Configures 802.11k neighbor list support on the WLAN prediction Configures assisted-roaming Prediction optimization on the WLAN 3850-1(config-wlan)#assisted-roaming neighbor-list 3850-1(config-wlan)#no shut
In my case client associated to LAP4 & here is the wireless frame capture on CH44. (Beacon & ACK frame filtered for simplistic view). As you can see below you can see additonal “Action” frames compare to normal 802.1X/EAP frame exchange.Here is a Beacon Frame send by AP. As you can see it has “Radio Measurement or RM” capability enabled.If client is 802.11k compliant, then it will include its RM capability in Association Request frame. In Association Response frames coming from AP also included this RM capability.802.11k capable client will dynamically request Neighbor Report from the current AP. This will help to find a potential target AP to roam. As you can see below iPhone5 (04:f7:e4:ea:5b:66) send below Neighbor Report Request to currently connected LAP4 (BSSID-0024.9788.48ee)So current AP respond with the Neighbor Report Response. As you can see below it included both LAP1(64a0.e7af.474e) & LAP2 (2c3f.382a.b12e) AP information like channel they operate, BSSID capability. In this way client is already aware the potential neighbor AP where it can roam.Still client station will make the roaming decision, but definetely neighbor report provided by AP assisting client to make that decision, hence called “AP Assisted Roaming”
1. iphone5-80211k (packet capture used for this post)
2. CWSP-Official Study Guide -Chapter 7
3. 802.11r, 802.11k, and 802.11w Deployment Guide, Cisco IOS-XE Release3.3