Debugging client related issues on Cisco AireOS

This article is aimed to aid in the process of data collection for client related troubleshooting on Cisco AireOS.

Note: I have used a 5508 Wireless LAN controller running software version 8.0.110.0, 3702I AP, Mid 2014 Macbook Pro running 10.10.1 and Windows laptop running Windows 7

1. WLC side debugs
  • debug client
  • debug aaa detail enable —> use this if there are authentication related issues with AAA server
  • debug aaa events enable —> use this if there are authentication related issues with AAA server
  • debug aaa all enable —> use this for auth issues; this is verbose so use it only when needed (e.g.: for AAA override cases etc)
  • debug dhcp message enable —> use when issue with ip addressing
  • debug dhcp packet enable —> use when issue with ip addressing
  • debug mobility handoff —> use when roaming issues between WLCs.

2. AP side debugs
  • debug dot11 dot11Radio 0/1 monitor address —> client filtered debugs
  • debug dot11 dot11Radio 0/1 trace print mgmt —> trace management packets
  • debug dot11 dot11Radio 0/1 trace print ba —> trace block ack info
  • debug dot11 dot11Radio 0/1 trace print rcv —> trace received packets
  • debug dot11 dot11Radio 0/1 trace print keys —> trace set keys
  • debug dot11 dot11Radio 0/1 trace print rxev —> trace received events
  • debug dot11 dot11Radio 0/1 trace print txev —> trace transmit events
  • debug dot11 dot11Radio 0/1 trace print txrad —> trace transmit to radio
  • debug dot11 dot11Radio 0/1 trace print xmt —> trace transmit packets
  • debug dot11 dot11Radio 0/1 trace print txfail —> trace transmit failures
  • debug dot11 dot11Radio 0/1 trace print rates —> trace rate changes

Usually if you are not sure what debugs to use, just combine all

debug dot11 dot11Radio 0/1 trace print mgmt keys rxev rcv xmt txev txrad txfail

You can use ‘ba’ and ‘rates’ appropriately when there is suspect issue of data rates or block ack negotiation

3. Over the Air Captures:
  • For 11ac 3SS capture you can use 2014 Macbook Pro or later running 10.10.x or higher (don’t use Macbook Air for 11ac capture as Air is 2SS only currently)
  • For 11ac captures you can also use 3702 AP in sniffer mode
  • For 11n capture you can use windows 7 running netmon, Omnipeek with appropriate adapters, Macbook Pro/Air or 11n/ac AP in sniffer mode

4. WLC and AP port captures
  • For cases like AAA issues or DHCP issues sometimes its important to have captures at the WLC port channel and or AP port where the client is connecting (specially in case of multicast traffic not reaching the client, ARPs dropping on the wire etc)

Scenarios:
  • All devices should be NTP time synced
  • Mandatory info to be collect: WLC show run-config, AP show controller d0/1
  • Client having authentication issues, deauths, EAPOL key exchange issues
    • WLC client and aaa related debugs, AP side debugs and over the air capture
  • Throughput issues
    • WLC client debug, AP debugs with ‘rates’ debug, Over the air capture and WLC port channel captures
  • Client roaming issue (drops, reauths, inconsistent roams etc)
    • WLC client debugs + mobility debugs concurrent on WLC where the client is roaming from and to, Over the air captures of AP the client is roaming to and from (you will need multi-channel capture). If needed then you can get AP debugs
  • Block Ack negotiation issues
    • WLC client debugs, AP side debugs with ‘ba’ flag, Over the air captures and client side wireless nic card neutron captures along with 802.11 headers.

Note: this document gives you a general idea about what information to collect for client interop issues

comments powered by Disqus