Table Of Contents
Disabling and Enabling the Radio Interface
Configuring the Role in Radio Network
Configuring Radio Transmit Power
Configuring Radio Channel Settings
Enabling and Disabling World Mode
Disabling and Enabling Short Radio Preambles
Configuring Transmit and Receive Antennas
Configuring the Ethernet Encapsulation Transformation Method
Enabling and Disabling Concatenation
Configuring the Radio Distance Setting
Enabling and Disabling Reliable Multicast to Workgroup Bridges
Enabling and Disabling Public Secure Packet Forwarding
Configure RTS Threshold and Retries
Configuring the Maximum Data Retries
Configuring the Fragmentation Threshold
Setting the Root Parent Timeout Value
Configuring the Root Parent MAC
Performing a Carrier Busy Test
Configuring Radio Settings
This chapter describes how to configure radio settings for your access point/bridge. This chapter includes these sections:
•Disabling and Enabling the Radio Interface
•Configuring the Role in Radio Network
•Configuring Radio Transmit Power
•Configuring Radio Channel Settings
•Enabling and Disabling World Mode
•Disabling and Enabling Short Radio Preambles
•Configuring Transmit and Receive Antennas
•Configuring the Ethernet Encapsulation Transformation Method
•Enabling and Disabling Concatenation
•Configuring the Radio Distance Setting
•Enabling and Disabling Reliable Multicast to Workgroup Bridges
•Enabling and Disabling Public Secure Packet Forwarding
•Configuring the Beacon Period
•Configure RTS Threshold and Retries
•Configuring the Maximum Data Retries
•Configuring the Fragmentation Threshold
•Setting the Root Parent Timeout Value
•Configuring the Root Parent MAC
•Performing a Carrier Busy Test
Disabling and Enabling the Radio Interface
The access point/bridge radio is enabled by default. Beginning in privileged EXEC mode, follow these steps to disable the access point/bridge radio:
Use the no form of the shutdown command to enable the radio port.
Configuring the Role in Radio Network
You can configure your access point/bridge as a root bridge, non-root bridge, access point, or workgroup bridge. Figure 6-1 shows a root bridge communicating with a non-root bridge in a point-to-point configuration.
Figure 6-1 Point-to-Point Bridge Configuration
Figure 6-2 shows a typical configuration where the bridge functions as an access point.
Figure 6-2 Access Point Configuration
Figure 6-3 shows how the bridge performs when configured as a workgroup bridge.
Figure 6-3 Workgroup Bridge Configuration
Beginning in privileged EXEC mode, follow these steps to set the access point/bridge's radio network role:
Note See Chapter 20 "Special Configurations," for more information about configuring the access point/bridge as an access point or workgroup bridge.
Configuring Radio Data Rates
You use the data rate settings to choose the data rates the access point/bridge uses for data transmission. The rates are expressed in megabits per second. The access point/bridge always attempts to transmit at the highest data rate set to Basic, also called Require on the browser-based interface. If there are obstacles or interference, the access point/bridge steps down to the highest rate that allows data transmission. You can set each data rate to one of three states:
•Basic (this is the default state for all data rates)—Allows transmission at this rate for all packets, both unicast and multicast. At least one of the access point/bridge's data rates must be set to Basic.
•Enabled—The access point/bridge transmits only unicast packets at this rate; multicast packets are sent at one of the data rates set to Basic.
•Disabled—The access point/bridge does not transmit data at this rate.
Note At least one data rate must be set to basic.
You can use the Data Rate settings to set up the access point/bridge to operate at specific data rates. For example, to configure the access point/bridge to operate at 54 megabits per second (Mbps) service only, set the 54-Mbps rate to Basic and set the other data rates to Enabled. To set up the access point/bridge to operate at 24, 48, and 54 Mbps, set 24, 48, and 54 to Basic and set the rest of the data rates to Enabled.
You can also configure the access point/bridge to set the data rates automatically to optimize either range or throughput. When you enter range for the data rate setting, the access point/bridge sets the 6-Mbps rate to basic and the other rates to enabled. When you enter throughput for the data rate setting, the access point/bridge sets all data rates to basic. Enter default to set the data rates to factory defaults
Beginning in privileged EXEC mode, follow these steps to configure the radio data rates:
Use the no form of the speed command to disable data rates. When you use the no form of the command, all data rates are disabled except the rates you name in the command. This example shows how to disable data rate 6.0:
bridge# configure terminal
bridge(config)# interface dot11radio 0
bridge(config-if)# no speed basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
bridge(config-if)# end
Data rate 6 is disabled, and the rest of the rates are set to basic.
This example shows how to set up the access point/bridge for 54-Mbps service only:
bridge# configure terminal
bridge(config)# interface dot11radio 0
bridge(config-if)# speed basic-54.0
bridge(config-if)# end
Data rate 54 is set to basic, and the rest of the data rates are set to enabled.
Configuring Radio Transmit Power
Beginning in privileged EXEC mode, follow these steps to set the transmit power on your access point/bridge radio:
Use the no form of the power command to return the power setting to maximum, the default setting.
Note Aironet extensions must be enabled to limit the power level on associated client devices. Aironet extensions are enabled by default.
Configuring Radio Channel Settings
The default channel setting for the access point/bridge radios is least congested; at startup, the access point/bridge scans for and selects the least-congested channel. For most consistent performance after a site survey, however, we recommend that you assign a static channel setting for each access point/bridge. The channel settings on your access point/bridge correspond to the frequencies available in your regulatory domain. See "Channels and Antenna Settings," for the frequencies allowed in your domain.
The radio operates on 11 channels from 2412 to 2462 MHz. Each channel covers 5 MHz, and the bandwidth for the channels overlaps slightly. For best performance, use channels that are not adjacent (such as 2412 and 2417) for access point/bridges that are close to each other.
Beginning in privileged EXEC mode, follow these steps to set the access point/bridge's radio channel:
Enabling and Disabling World Mode
You can configure the access point/bridge to support 802.11d world mode or Cisco legacy world mode. When you enable world mode, the access point/bridge adds channel carrier set information to its beacon. Client devices with world mode enabled receive the carrier set information and adjust their settings automatically. For example, a client device used primarily in Japan could rely on world mode to adjust its channel and power settings automatically when it travels to Italy and joins a network there. Cisco client devices running firmware version 5.30.17 or later detect whether the access point/bridge is using 802.11d or Cisco legacy world mode and automatically use world mode that matches the mode used by the access point/bridge. World mode is disabled by default.
Beginning in privileged EXEC mode, follow these steps to enable world mode:
Use the no form of the command to disable world mode.
Aironet extensions must be enabled for world mode operation. Aironet extensions are enabled by default.
Disabling and Enabling Short Radio Preambles
The radio preamble (sometimes called a header) is a section of data at the head of a packet that contains information that the access point and client devices need when sending and receiving packets. You can set the radio preamble to long or short:
•Short—A short preamble improves throughput performance. Cisco Aironet Wireless LAN Client Adapters support short preambles. Early models of Cisco Aironet's Wireless LAN Adapter (PC4800 and PC4800A) require long preambles.
•Long—A long preamble ensures compatibility between the access point/bridge and all early models of Cisco Aironet Wireless LAN Adapters (PC4800 and PC4800A). If these client devices do not associate to your access point/bridge, you should use short preambles.
You cannot configure short or long radio preambles on the 5-GHz radio.
Beginning in privileged EXEC mode, follow these steps to disable short radio preambles:
Short preambles are enabled by default. Use the preamble-short command to enable short preambles if they are disabled.
Configuring Transmit and Receive Antennas
You can select the antenna the access point/bridge uses to receive and transmit data. There are three options for both the receive and the transmit antenna:
•Diversity—This default setting tells the access point/bridge to use the antenna that receives the best signal. If your access point/bridge has two fixed (non-removable) antennas, you should use this setting for both receive and transmit.
•Right—If your access point/bridge has removable antennas and you install a high-gain antenna on the access point/bridge's right connector, you should use this setting for both receive and transmit. When you look at the access point/bridge's back panel, the right antenna is on the right.
•Left—If your access point/bridge has removable antennas and you install a high-gain antenna on the access point/bridge's left connector, you should use this setting for both receive and transmit. When you look at the access point/bridge's back panel, the left antenna is on the left.
Note The antenna commands are not available for access point/bridges equipped with a captive (internal) antenna.
Beginning in privileged EXEC mode, follow these steps to select the antennas the access point uses to receive and transmit data:
Note The Antenna Gain (dB) setting is disabled on the access point/bridge.
Aironet Extensions
Note Aironet extensions are required by the access point/bridge. They cannot be disabled.
By default, the access point/bridge uses Cisco Aironet 802.11 extensions to detect the capabilities of Cisco Aironet client devices and to support features that require specific interaction between the access point/bridge and associated client devices. Aironet extensions must be enabled to support these features:
•Load balancing—The access point/bridge uses Aironet extensions to direct client devices to an access point that provides the best connection to the network based on factors such as number of users, bit error rates, and signal strength.
•Message Integrity Check (MIC)—MIC is an additional WEP security feature that prevents attacks on encrypted packets called bit-flip attacks. The MIC, implemented on both the access point/bridge and all associated client devices, adds a few bytes to each packet to make the packets tamper-proof.
•Temporal Key Integrity Protocol (TKIP)—TKIP, also known as WEP key hashing, is an additional WEP security feature that defends against an attack on WEP in which the intruder uses an unencrypted segment called the initialization vector (IV) in encrypted packets to calculate the WEP key.
•Repeater mode—Aironet extensions must be enabled on repeater access points and on the root access points to which they associate.
•World mode—Client devices with world mode enabled receive carrier set information from the access point and adjust their settings automatically.
•Limiting the power level on associated client devices—When a client device associates to the access point/bridge, the access point/bridge sends the maximum allowed power level setting to the client.
Configuring the Ethernet Encapsulation Transformation Method
When the access point/bridge receives data packets that are not 802.3 packets, the access point/bridge must format the packets to 802.3 using an encapsulation transformation method. These are the two transformation methods:
•802.1H—This method provides optimum performance for Cisco Aironet wireless products. This is the default setting.
•RFC1042—Use this setting to ensure interoperability with non-Cisco Aironet wireless equipment. RFC1042 does not provide the interoperability advantages of 802.1H but is used by other manufacturers of wireless equipment.
Beginning in privileged EXEC mode, follow these steps to configure the encapsulation transformation method:
Note For best performance over your access point/bridge links, adjust the CW-min and CW-max contention window settings to depending on the number of non-root access point/bridges associated to each root access point/bridge. Refer to the "CW-min and CW-max Settings for Point-to-Point and Point-to-Multipoint Bridge Links" section for instructions on adjusting these settings.
Enabling and Disabling Concatenation
Use the concatenation command to enable packet concatenation on the access point/bridge radio. Using concatenation, the access point/bridge combines multiple packets into one packet to reduce packet overhead and overall latency, which increases transmission efficiency.
Beginning in privileged EXEC mode, follow these steps to enable concatenation and set the maximum length of concatenation.
Configuring the Radio Distance Setting
Use the distance command to specify the distance from a root access point/bridge to the non-root access point/bridges with which it communicates. The distance setting adjusts the access point/bridge's time out values to account for the time required for radio signals to travel from access point/bridge to access point/bridge. If more than one non-root access point/bridge communicates with the root access point/bridge, enter the distance from the root access point/bridge to the non-root access point/bridge that is farthest away. Enter a value from 0 to 99 km. You do not need to adjust this setting on non-root access point/bridges.
In installation mode, the default distance setting is 99 km. In other modes, the default distance setting is 0 km.
Beginning in privileged EXEC mode, follow these steps to configure the access point/bridge distance setting:
Use the no form of the distance command to set the default distance.
Enabling and Disabling Reliable Multicast to Workgroup Bridges
The Reliable multicast messages from the access point to workgroup bridges setting limits reliable delivery of multicast messages to approximately 20 Cisco Aironet Workgroup Bridges that are associated to the access point. The default setting, disabled, reduces the reliability of multicast delivery to allow more workgroup bridges to associate to the access point.
Access points and bridges normally treat workgroup bridges not as client devices but as infrastructure devices, like access points or bridges. Treating a workgroup bridge as an infrastructure device means that the access point reliably delivers multicast packets, including Address Resolution Protocol (ARP) packets, to the workgroup bridge.
The performance cost of reliable multicast delivery—duplication of each multicast packet sent to each workgroup bridge—limits the number of infrastructure devices, including workgroup bridges, that can associate to the access point. To increase beyond 20 the number of workgroup bridges that can maintain a radio link to the access point, the access point must reduce the delivery reliability of multicast packets to workgroup bridges. With reduced reliability, the access point cannot confirm whether multicast packets reach the intended workgroup bridge, so workgroup bridges at the edge of the access point's coverage area might lose IP connectivity. When you treat workgroup bridges as client devices, you increase performance but reduce reliability.
Note This feature is best suited for use with stationary workgroup bridges. Mobile workgroup bridges might encounter spots in the access point's coverage area where they do not receive multicast packets and lose communication with the access point even though they are still associated to it.
A Cisco Aironet Workgroup Bridge provides a wireless LAN connection for up to eight Ethernet-enabled devices.
Beginning in privileged EXEC mode, follow these steps to configure the encapsulation transformation method:
Use the no form of the command to disable reliable multicast messages to workgroup bridges.
Enabling and Disabling Public Secure Packet Forwarding
Public Secure Packet Forwarding (PSPF) prevents client devices associated to an access point from inadvertently sharing files or communicating with other client devices associated to the access point. It provides Internet access to client devices without providing other capabilities of a LAN. This feature is useful for public wireless networks like those installed in airports or on college campuses.
Note To prevent communication between clients associated to different access points, you must set up protected ports on the switch to which your access points are connected. See the Configuring Protected Ports for instructions on setting up protected ports.
To enable and disable PSPF using CLI commands on your access point, you use bridge groups. You can find a detailed explanation of bridge groups and instructions for implementing them in this document:
•Cisco IOS Bridging and IBM Networking Configuration Guide, Release 12.2. Click this link to browse to the Configuring Transparent Bridging chapter:
http://www.cisco.com/en/US/docs/ios/12_2/ibm/configuration/guide/bcftb_ps1835_TSD_Products_Configuration_Guide_Chapter.htmlYou can also enable and disable PSPF using the web-browser interface. The PSPF setting is on the Radio Settings pages.
PSPF is disabled by default. Beginning in privileged EXEC mode, follow these steps to enable PSPF:
Use the no form of the command to disable PSPF.
Configuring Protected Ports
To prevent communication between client devices associated to different access points on your wireless LAN, you must set up protected ports on the switch to which your access points are connected. Beginning in privileged EXEC mode, follow these steps to define a port on your switch as a protected port:
To disable protected port, use the no switchport protected interface configuration command.
For detailed information on protected ports and port blocking, refer to the "Configuring Port-Based Traffic Control" chapter in the Catalyst 3550 Multilayer Switch Software Configuration Guide, 12.1(12c)EA1. Click this link to browse to that guide:
Enabling Short Slot Time
You can increase throughput on the 802.11g radio by enabling short slot time. Reducing the slot time from the standard 20 microseconds to the 9-microsecond short slot time decreases the overall backoff time, which increases throughput. Backoff time, which is a multiple of the slot time, is the random length of time that a station waits before sending a packet on the LAN.
When you enable short slot time, the access point/bridge uses the short slot time only when all clients associated to the 802.11g radio support short slot time. Short slot time is disabled by default.
In radio interface mode, enter this command to enable short slot time:
ap(config-if)# slot-time-short
Enter no slot-time-short to disable short slot time.
Configuring the Beacon Period
The beacon period is the amount of time between access point/bridge beacons in kilomicroseconds. One Kusec equals 1,024 microseconds. The default beacon period is 100. Beginning in privileged EXEC mode, follow these steps to configure the beacon period:
Configure RTS Threshold and Retries
The RTS threshold determines the packet size at which the access point/bridge issues a request to send (RTS) before sending the packet. A low RTS Threshold setting can be useful in areas where many client devices are associating with the access point/bridge, or in areas where the clients are far apart and can detect only the access point/bridge and not each other. You can enter a setting ranging from 0 to 2339 bytes.
Note When concatenation is enabled, the RTS and fragment thresholds are set to 4000. Changing them to a lower value may degrade access point/bridge performance.
Maximum RTS Retries is the maximum number of times the access point/bridge issues an RTS before stopping the attempt to send the packet over the radio. Enter a value from 1 to 128.
The default RTS threshold is 2312, and the default maximum RTS retries setting is 32. Beginning in privileged EXEC mode, follow these steps to configure the RTS threshold and maximum RTS retries:
Use the no form of the command to reset the RTS settings to defaults.
Configuring the Maximum Data Retries
The maximum data retries setting determines the number of attempts the access point/bridge makes to send a packet before giving up and dropping the packet.
The default setting is 32. Beginning in privileged EXEC mode, follow these steps to configure the maximum data retries:
Use the no form of the command to reset the setting to defaults.
Configuring the Fragmentation Threshold
The fragmentation threshold determines the size at which packets are fragmented (sent as several pieces instead of as one block). Use a low setting in areas where communication is poor or where there is a great deal of radio interference.
Note When concatenation is enabled, the RTS and fragment thresholds are set to 4000. Changing them to a lower value may degrade access point/bridge performance.
The default setting is 2338 bytes. Beginning in privileged EXEC mode, follow these steps to configure the fragmentation threshold:
Use the no form of the command to reset the setting to defaults.
Setting the Root Parent Timeout Value
Use the parent timeout command to define the amount of time that a non-root access point/bridge or workgroup bridge tries to associate with a parent access point. The command defines how long the access point/bridge or workgroup bridge attempts to associate with a parent in the parent list. If an association is not made within the timeout value, another acceptable parent is used. You set up the parent list using the parent command. With the timeout disabled, the parent must come from the parent list.
Beginning in privileged EXEC mode, follow these steps to configure the root parent timeout value:
Use the no form of the command to reset the setting to defaults.
Configuring the Root Parent MAC
Use the parent command to add a parent to a list of valid parent access points. The command adds a parent to the list of valid parent access points. You can use this command multiple times to define up to four valid parents. A repeater access point operates best when it is configured to associate with specific root access points that are connected to the wired LAN.
Beginning in privileged EXEC mode, follow these steps to configure the fragmentation threshold:
Use the no form of the command to reset the setting to defaults.
Performing a Carrier Busy Test
You can perform a carrier busy test to check the radio activity on access point/bridge channels. During the carrier busy test, the access point/bridge drops all associations with wireless networking devices for around 4 seconds while it conducts the carrier test and then displays the test results.
In privileged EXEC mode, enter this command to perform a carrier busy test:
dot11 interface-number carrier busy
For interface-number, enter dot11radio 0 to run the test on the 2.4-GHz radio, or enter dot11radio 1 to run the test on the 5-GHz radio.
Use the show dot11 carrier busy command to re-display the carrier busy test results.