IEEE 802.11k-2008 defines Radio Resource Management (RRM) mechanism that enable 802.11k capable client’s radio to better understand the RF environment that they exist which will help clients to have better roaming. In this post we will enable this 802.11k support on a wlan configured on Cisco 3850 WLC (IOS-XE 3.6E) & see how it works. Here is the topology for this post where I have 3 APs registered to my WLC. I have used iPhone5 as client since it support 802.11k (refer this doc for detail)
I have set the CH of these AP & set the power level to lower value as this is a lab setup. I have shown how to do this using CLI for LAP4 as an example.
3850-1#ap name LAP4 dot11 5ghz shutdown 3850-1#ap name LAP4 dot11 5ghz txpower 6 3850-1#ap name LAP4 dot11 5ghz channel 44 3850-1#ap name LAP4 dot11 5ghz channel width 20 3850-1#ap name LAP4 no dot11 5ghz shutdown 3850-1#show ap dot11 5ghz summary AP Name MAC Address Slot Admin State Oper State Channel Width TxPwr --------------------------------------------------------------------------------------------------- LAP4 0024.9788.48e0 1 Enabled Up 44 20 6( ) LAP2 2c3f.382a.b120 1 Enabled Up 40 20 7( ) LAP1 64a0.e7af.4740 1 Enabled Up 36 20 7( )
Here is the SSID configuration on my 3850. It is simple 802.1X/EAP SSID. I have not shown all other configuration like AAA, etc.
wlan MRN-EAP 22 MRN-EAP client vlan 22 security dot1x authentication-list MRN-DOT1X no shutdown
When you configure an SSID like above, there are certain default settings applied to it. You can view all these using “show run all” command as shown below. As you can see below 802.11k or AP assisted roaming is disabled by default.
3850-1#sh run all | sec wlan MRN-EAP wlan MRN-EAP 22 MRN-EAP accounting-list no assisted-roaming dual-list no assisted-roaming neighbor-list broadcast-ssid ccx aironet-iesupport channel-scan defer-priority 4 channel-scan defer-priority 5 channel-scan defer-priority 6 channel-scan defer-time 100 chd client association limit ap 0 client association limit radio 0 client association limit 0 client vlan 22 no device-classification dtim dot11 24ghz 1 dtim dot11 5ghz 1 exclusionlist exclusionlist timeout 60 ip access-group web ip access-group ip dhcp server 0.0.0.0 ipv6 traffic-filter web none ipv6 traffic-filter none mac-filtering mfp client mfp infrastructure-protection mobility anchor sticky no profiling local http no profiling radius http radio all security wpa security wpa akm dot1x no security wpa wpa1 security wpa wpa2 security wpa wpa2 ciphers aes security dot1x authentication-list MRN-DOT1X security dot1x encryption 104 security ft over-the-ds security ft reassociation-timeout 20 security pmf association-comeback 1 security pmf saquery-retry-time 200 security static-wep-key authentication open security tkip hold-down 60 security web-auth authentication-list security web-auth parameter-map service-policy client input unknown service-policy client output unknown service-policy input unknown service-policy output unknown service-policy type control subscriber session-timeout 1800 wmm allowed shutdown
Let’s enable assisted roaming & see how it works. I have simply enable this for 802.11k compliant clients. You can configure cisco WLC to provide some predictive neighbor report even clients are not 802.11k capable. You can refer this config guide for more detail.
3850-1(config)#wlan MRN-EAP 3850-1(config-wlan)#shut 3850-1(config-wlan)#assisted-roaming ? dual-list Configures dual band 802.11k neighbor list a WLAN neighbor-list Configures 802.11k neighbor list support on the WLAN prediction Configures assisted-roaming Prediction optimization on the WLAN 3850-1(config-wlan)#assisted-roaming neighbor-list 3850-1(config-wlan)#no shut
In my case client associated to LAP4 & here is the wireless frame capture on CH44. (Beacon & ACK frame filtered for simplistic view). As you can see below you can see additonal “Action” frames compare to normal 802.1X/EAP frame exchange.
Here is a Beacon Frame send by AP. As you can see it has “Radio Measurement or RM” capability enabled.
If client is 802.11k compliant, then it will include its RM capability in Association Request frame. In Association Response frames coming from AP also included this RM capability.
802.11k capable client will dynamically request Neighbor Report from the current AP. This will help to find a potential target AP to roam. As you can see below iPhone5 (04:f7:e4:ea:5b:66) send below Neighbor Report Request to currently connected LAP4 (BSSID-0024.9788.48ee)
So current AP respond with the Neighbor Report Response. As you can see below it included both LAP1(64a0.e7af.474e) & LAP2 (2c3f.382a.b12e) AP information like channel they operate, BSSID capability. In this way client is already aware the potential neighbor AP where it can roam.
Still client station will make the roaming decision, but definetely neighbor report provided by AP assisting client to make that decision, hence called “AP Assisted Roaming”
References
1. iphone5-80211k (packet capture used for this post)
2. CWSP-Official Study Guide -Chapter 7
3. 802.11r, 802.11k, and 802.11w Deployment Guide, Cisco IOS-XE Release3.3
mrn-cciew 
Thanks for sharing, i’ve been following your blog now for what seems like ages and only just got round to having a go at my CCIE Wireless written today. It wasn’t quite my day today missing out by 133 points however for my first attempt i’m happy that the time devoted isn’t a total waste. You’re an inspiration to myself and others, keep up the quality work.
Hi Mike,
I am really glad to see my blog inspire you to start your journey…
Do not worry about little drawback like “could not make it in the first attempt”. That failure should give you more strength.
Keep us posted & keep motivated. I am sure you will get this done.
Rasika
This is a great write-up on the technology but I was wondering if you had any advice about how to tune it? Looking at my WLC I can decide to provide single-band or dual-band reports, I can configure a floor bias, and I can configure the minimum number of APs required to provide the list, etc.
I look at those options and I have no idea how I would go about knowing the factors I should consider
If you have any advice I’d really appreciate it!
Hi David,
My idea here is just use WLC to understand the technology.
So even I do not want to enable these features in production unless I am sure what’s are the implication. This will influence client roaming decisions, so carefully deploy in each environment.
HTH
Rasika
Hi,
I see Cisco APs advertising Beacon Reports(Active and Passive), how do I trigger the 802.11k beacon active/passive report request.
Aruba has a configuration which send periodically Beacon report request.
Motorola also has a command to send the Beacon Report request.
It would be appreciated if you let me know how to trigger 802.11k beacon report request from Cisco.
Regards,
-Sathwik
Hi Sathwik,
Please follow the below steps for enabling beacon report with ccx in cisco.
Enable CCX location measurement under wireless–>Network–>802.11a/an or 802.11b/g/n
And issue the following commands using cli
test ccx rm unicast beacon disable
test ccx rm unicast send 5 1
debug disable-all
debug ccxrm all enable
test ccx rm unicast beacon enable
Hi
Thank you very much for your posts they were of great use for me because I’m studying the 802.11k and 802.11r packets.
I wonder if you have other packet captures including 802.11k packets that you can provide me with; this would be of great help to me since i don’t have the means to make such captures for the moment and i need them badly.
Thanks in advance.
Regards
Dareen
Hi Dareen,
I will see what captures I have on this & attached it to the post any available.
Rasika
Thanks
in which packet i will see the nearby aps list
i am not able to simulate the Iphone to send neighbor report request for my AP which is supporting 802.11k, i configured 2 of my APs to transmit the same SSID with RM enabled, but Iphone is not asking for neighbor report request, can you please help me to understand under what conditions Iphone is triggering the neighbor report request.
Hi, nayarasi ,
do you have a packet sample for 11K Beacon report ?
Pingback: Wireshark: How to check if a Wi-Fi network supports 802.11k – My WordPress