Configuring Client Roaming

Finding Feature Information

Your software release may not support all of the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

Restrictions for Configuring Client Roaming

The following are the restrictions that you should be aware while configuring client roaming:

  • Cisco Compatible Extensions (CCX) support is enabled automatically for every WLAN on the device and cannot be disabled. The device stores the CCX version of the client in its client database and uses it to generate and respond to CCX frames appropriately. Clients must support CCXv4 or v5 (or CCXv2 for access point assisted roaming) to utilize these roaming enhancements.

  • Client roaming between 600 Series Access points is not supported.

Information About Client Roaming

The controllers deliver high-end wireless services to the clients roaming across wireless network. Now, the wireless services are integrated with the switches, thus delivering a value-added Cisco unified new mobility architecture. This unified architecture enables client-roaming services to both wireless and wired clients with seamless, fast- roaming services.

The new mobility architecture supports fast client roaming services using logical categorization of network into Mobility Domains (MDs), Mobility Groups (MGs), Mobility Subdomains (MSDs), and Switch Peer Groups (SPGs) using systems such as Mobility Oracle (MO), Mobility Controller (MC), and Mobility Agent (MA).
  • A Mobility Domain is the entire domain across which client roaming is supported. It is a collection of mobility groups. For example, a campus network can be considered as a mobility domain.

  • A Mobility Group is a collection of mobility subdomains across which fast roaming is supported. The mobility group can be one or more buildings within a campus across which frequent roaming is supported.

  • A Mobility Subdomain is an autonomous portion of the mobility domain network. Each mobility subdomain contains one mobility controller (MC) and a collection of SPGs. A subdomain is equivalent to an 802.11r key domain.

  • A Switch Peer Group is a collection of mobility agents.

  • The Mobility Oracle acts as the point of contact for mobility events that occur across mobility subdomains. The mobility oracle also maintains a local database of each client in the entire mobility domain, their home and current subdomain. There is only one MO for an entire mobility domain. The Cisco WLC 5700 Series Controllers or Cisco Unified Wireless Networking Solution controller can act as MO.

  • The Mobility Controller provides mobility management services for inter-SPG roaming events. The MC sends the configuration like SPG name and SPG peer member list to all of the mobility agents under its subdomain. The Cisco WLC 5700 Series Controllers, Cisco Catalyst 3850 Switch, or Cisco Unified Wireless Networking Solution controller can act as MC. The MC has MC functionality and MA functionality that is running internally into it.

  • The Mobility Agent is the component that maintains client mobility state machine for a mobile client. All APs are connected to the mobility agent.

The New mobility architecture supports seamless roaming in the following scenarios:
  • Intra-switch roaming—The client roaming between APs managed by same mobility agent.

  • Intra-SPG roaming—The client roaming between mobility agents in the same SPG.

  • Inter-SPG, Intra-subdomain roaming—The client roaming between mobility agents in different SPGs within the same subdomain.

  • Inter-subdomain roaming—The client roaming between mobility agents across a subdomain.

Fast Roaming

New mobility architecture supports fast roaming when clients roam within a mobility group by eliminating the need for full authentication. Security polices should be same across the switches for fast roaming.

Local, anchor, foreign MAs and MCs

When a client joins an MA initially and its point of attachment has not changed, that MA is referred as local or associated MA. The MC to which this MA is associated is referred as local or associated MC.

When a client roams between two MAs, the MA to which the client was previously associated is the anchor MA (point of attachment) and the MA to which the client is currently associated is the foreign or associated MA (point of presence). The MCs to which these MAs are associated are referred as anchor, foreign, or associated MCs, respectively.

Inter-Subnet Roaming

Multiple-controller deployments support client roaming across access points managed by controllers in the same mobility group on different subnets. This roaming is transparent to the client because the session is sustained and a tunnel between the controllers allows the client to continue using the same DHCP-assigned or client-assigned IP address as long as the session remains active. The tunnel is torn down, and the client must reauthenticate when the client sends a DHCP Discover with a 0.0.0.0 client IP address or a 169.254.*.* client auto-IP address or when the operator-set user timeout is exceeded.

Voice-over-IP Telephone Roaming

802.11 voice-over-IP (VoIP) telephones actively seek out associations with the strongest RF signal to ensure the best quality of service (QoS) and the maximum throughput. The minimum VoIP telephone requirement of 20-millisecond or shorter latency time for the roaming handover is easily met by the Cisco Wireless solution, which has an average handover latency of 5 or fewer milliseconds when open authentication is used. This short latency period is controlled by controllers rather than allowing independent access points to negotiate roaming handovers.

The Cisco Wireless solution supports 802.11 VoIP telephone roaming across lightweight access points managed by controllers on different subnets, as long as the controllers are in the same mobility group. This roaming is transparent to the VoIP telephone because the session is sustained and a tunnel between controllers allows the VoIP telephone to continue using the same DHCP-assigned IP address as long as the session remains active. The tunnel is torn down, and the VoIP client must reauthenticate when the VoIP telephone sends a DHCP Discover with a 0.0.0.0 VoIP telephone IP address or a 169.254.*.* VoIP telephone auto-IP address or when the operator-set user timeout is exceeded.

CCX Layer 2 Client Roaming

The controller supports five CCX Layer 2 client roaming enhancements:

  • Access point assisted roaming—This feature helps clients save scanning time. When a CCXv2 client associates to an access point, it sends an information packet to the new access point listing the characteristics of its previous access point. Roaming time decreases when the client recognizes and uses an access point list built by compiling all previous access points to which each client was associated and sent (unicast) to the client immediately after association. The access point list contains the channels, BSSIDs of neighbor access points that support the client’s current SSID(s), and time elapsed since disassociation.

  • Enhanced neighbor list—This feature focuses on improving a CCXv4 client’s roam experience and network edge performance, especially when servicing voice applications. The access point provides its associated client information about its neighbors using a neighbor-list update unicast message.

  • Enhanced neighbor list request (E2E)—The End-2-End specification is a Cisco and Intel joint program that defines new protocols and interfaces to improve the overall voice and roaming experience. It applies only to Intel clients in a CCX environment. Specifically, it enables Intel clients to request a neighbor list at will. When this occurs, the access point forwards the request to the controller. The controller receives the request and replies with the current CCX roaming sublist of neighbors for the access point to which the client is associated.


    Note

    To see whether a particular client supports E2E, choose Wireless > Clients on the controller GUI, click the Detail link for the desired client, and look at the E2E Version text box in the Client Properties area.


  • Roam reason report—This feature enables CCXv4 clients to report the reason why they roamed to a new access point. It also allows network administrators to build and monitor a roam history.

  • Directed roam request—This feature enables the controller to send directed roam requests to the client in situations when the controller can better service the client on an access point different from the one to which it is associated. In this case, the controller sends the client a list of the best access points that it can join. The client can either honor or ignore the directed roam request. Non-CCX clients and clients running CCXv3 or below must not take any action. No configuration is required for this feature.

How to Configure Layer 2 or Layer 3 Roaming

Configuring Layer 2 or Layer 3 Roaming

Before you begin

To configure the mobility agent for Layer 2 or Layer 3 roaming, the following requisites should be considered:
  • SSID and security polices should be same across MAs for Layer 2 and Layer 3 roaming.

  • Client VLAN ID should be same for Layer 2 roaming and different for Layer 3 roaming.

  • Bridge domain ID and client VLAN IDs should be same for Layer 2 roaming. Either one or both of the bridge domain ID and client VLAN ID should be different for Layer 3 roaming.

Procedure

  Command or Action Purpose
Step 1

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 2

wlan wlan_profile_name wlan_ID SSID_network_name

Example:

Device(config)#wlan wlan1

Enters WLAN configuration mode.

Step 3

no mobility anchor sticky

Example:

Device(config-wlan)#no mobility anchor sticky

(Optional) Disables Layer 2 anchoring.

Step 4

end

Example:

Device(config)# end

Returns to privileged EXEC mode. Alternatively, you can also press Ctrl-Z to exit global configuration mode.

Configuring CCX Client Roaming Parameters (CLI)

Procedure

  Command or Action Purpose
Step 1

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 2

ap dot11 {5ghz | 24ghz} l2roam rf-params { default | custom min-rssi roam-hyst scan-thresh trans-time}

Example:

Device#ap dot11 5ghz l2roam rf-params custom -80

Configures CCX Layer 2 client roaming parameters.

To choose the default RF parameters, enter the default option.

To fine-tune the RF parameters that affect client roaming, enter the custom option and then enter any one of the following options:
  • Minimum RSSI—Indicates minimum Received Signal Strength Indicator (RSSI) required for the client to associate to an access point.

    If the client’s average received signal power dips below this threshold, reliable communication is usually impossible. Therefore, clients must already have found and roamed to another access point with a stronger signal before the minimum RSSI value is reached.

    You can configure the minimum RSSI range from –50 through –90 dBm and the default value is –85 dBm.

  • Hysteresis—Indicates how much greater the signal strength of a neighboring access point must be for the client to roam to it.

    This parameter is intended to reduce the amount of roaming between access points if the client is physically located on or near the border between two access points.

    You can configure the hysteresis range from 3 through 20 dB and the default is 3 dB.

  • Scan Threshold—Indicates a minimum RSSI that is allowed before the client should roam to a better access point.

    When the RSSI drops below the specified value, the client must be able to roam to a better access point within the specified transition time. This parameter also provides a power-save method to minimize the time that the client spends in active or passive scanning. For example, the client can scan slowly when the RSSI is above the threshold and scan more rapidly when the RSSI is below the threshold.

    You can configure the RSSI range from –50 through –90 dBm and the default value is –72 dBm.

  • Transition Time—Indicates the maximum time allowed for the client to detect a suitable neighboring access point to roam to and to complete the roam, whenever the RSSI from the client’s associated access point is below the scan threshold.

    The Scan Threshold and Transition Time parameters guarantee a minimum level of client roaming performance. Together with the highest expected client speed and roaming hysteresis, these parameters make it possible to design a wireless LAN network that supports roaming simply by ensuring a certain minimum overlap distance between access points.

    You can configure the time period in the range from 1 through 5 seconds and the default time is 5 seconds.

Step 3

end

Example:

Device(config)# end

Returns to privileged EXEC mode. Alternatively, you can also press Ctrl-Z to exit global configuration mode.

Example

Configuring Mobility Oracle

Procedure

  Command or Action Purpose
Step 1

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 2

wireless mobility oracle

Example:

Device(config)# wireless mobility oracle

Enables mobility oracle on the controller.

Step 3

end

Example:

Device(config)# end

Returns to privileged EXEC mode. Alternatively, you can also press Ctrl-Z to exit global configuration mode.

Example

Configuring Mobility Controller

Procedure

  Command or Action Purpose
Step 1

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 2

wireless mobility controller

Example:

Device(config)# wireless mobility controller

Enables wireless mobility controller.

Step 3

wireless mobility controller peer-group switch-peer-group-name

Example:

Device(config)# wireless mobility controller peer-group SPG1

Configures a switch peer group name. You can enter up to 31 case-sensitive ASCII printable characters for the group name. Spaces are not allowed in mobility group.

Note 

The No form of the command deletes the switch peer group.

Step 4

wireless mobility controller peer-group switch-peer-group-name member ip ip-address {public-ip public-ip-address}

Example:


Device(config)# wireless mobility controller peer-group SPG1 member ip 10.0.0.1 


Adds a mobility group member to a switch peer group.

Note 

The No form of the command deletes the member from the switch peer group.

Step 5

wireless mobility controller peer-group switch-peer-group-name multicast

Example:

Device(config)# wireless mobility controller peer-group SPG1 multicast

Configures the multicast mode within a switch peer group.

Step 6

wireless mobility controller peer-group switch-peer-group-name multicast ip peer-group-multicast-ip-addr

Example:

Device(config)# wireless mobility controller peer-group SPG1 multicast ip 10.0.0.4

Configures the multicast IP address for a switch peer group.

Note 

The No form of the command deletes the multicast IP for the switch peer group.

Step 7

wireless mobility controller peer-groupswitch-peer-group-name bridge-domain-id id

Example:

Device(config)# wireless mobility controller peer-group SPG bridge-domain-id 10.0.0.5

Configures the bridge domain ID for a switch peer group. The default is zero.

Note 

The No form of command sets the bridge domain ID to the default value.

Step 8

wireless mobility group member ip ip-address [public-ip public-ip-address] [group group-name]

Example:


Device(config)# wireless mobility group member ip 10.0.0.1 

Adds a mobility group member.

Note 

The No form of the command removes the member from the group. The default group name is the group name of MC.

Step 9

wireless mobility dscp value

Example:

Device(config)# wireless mobility dscp 46

Sets the DSCP value for mobility control packet.

You can configure the DSCP value in a range from 0 through 63. The default value is 46.

Step 10

wireless mobility group keepalive {count | interval}

Example:

Device(config)# wireless mobility group keepalive count

Configures the wireless mobility group keepalive count which is the number of keepalive retries before a member status is termed DOWN and keepalive interval which is interval between two keepalives.

Step 11

wireless mobility group name name

Example:

Device(config)# wireless mobility group name group1

Specifies the case sensitive wireless mobility group name which can be ASCII printable string up to 31 characters.

Step 12

wireless mobility oracle ipmo-ip-address

Example:

Device(config)# wireless mobility oracle ip 10.0.0.5

Configures the mobility oracle IP address.

Step 13

wireless management interface interface-name

Example:

Device(config)# wireless management interface Vlan21

Configures the wireless management interface.

Step 14

end

Example:

Device(config)# end

Returns to privileged EXEC mode. Alternatively, you can also press Ctrl-Z to exit global configuration mode.

Example

Configuring Mobility Agent

Procedure

  Command or Action Purpose
Step 1

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 2

wireless mobility controller ip ip-address

Example:

Device(config)# wireless mobility controller ip 10.10.10.20

Sets the IP address of the mobility controller.

Step 3

wireless mobility load-balance

Example:

Device(config)# wireless mobility load-balance

Configures wireless mobility load balancing.

Step 4

wireless mobility load-balance threshold threshold -value

Example:

Device(config)# wireless mobility load-balance threshold 100

Configures the number of clients that can be local or anchored on the MA. You can configure the threshold value in a range from 100 to 2000. The default value is 1000.

Step 5

wireless management interface interface-name

Example:

Device(config)# wireless management interface Vlan21

Configures wireless management interface for the mobility agent.

Step 6

end

Example:

Device(config)# end

Returns to privileged EXEC mode. Alternatively, you can also press Ctrl-Z to exit global configuration mode.

Monitoring Client Roaming Parameters

This section describes the new commands for the client parameters.

The following commands can be used to monitor the client roaming parameters on the .

Table 1. Monitoring Client Roaming Parameters Commands

Command

Purpose

show ap dot11 {5ghz | 24ghz} l2roam rf-param

Displays the current RF parameters configured for client roaming for the 802.11a or 802.11b/g network.

show ap dot11 {5ghz | 24ghz} l2roam statistics

Displays the CCX Layer 2 client roaming statistics for the 802.11a or 802.11b/g network.

show ap dot11 {5ghz | 24ghz} l2roam mac-address mac-address statistics

Displays the CCX Layer 2 client roaming statistics for a particular access point.

Monitoring Mobility Configurations

This section describes the new commands for monitoring mobility configurations.

The following command can be used to monitor mobility configurations on the Mobility Oracle, Mobility Controller, and Mobility Agent.

Table 2. Monitoring Mobility Configuration Commands on the Mobility Controller and Mobility Agent

Command

Purpose

show wireless mobility summary

Displays the summary information for the Mobility Controller and Mobility Agent.

show wireless mobility statistics

Displays mobility statistics.

show wireless mobility dtls connections

Displays established DTLS connections.

Table 3. Monitoring Mobility Configuration Commands on the Mobility Oracle

Command

Purpose

show wireless mobility oracle summary

Displays the status of the Mobility Controllers known to the Mobility Oracle.

show wireless mobility oracle client summary

Displays the information of a list of clients in the Mobility Oracle database.

show wireless mobility oracle client detail client -mac-address

Displays the detailed information of a particular client in the Mobility Oracle database.

show wireless mobility oracle mc-ip

Displays the information of a list of clients in the Mobility Oracle database that are anchored or associated to a specified Mobility Controller.

Table 4. Monitoring Mobility Configuration Commands on the Mobility Controller

Command

Purpose

show wireless mobility controller client summary

Displays a list of clients in the subdomain.

show wireless mobility controller client mac-address detail

Displays detailed information for a client in a subdomain.

show wireless mobility agent ma-ip client summary

Displays a list of clients anchored or associated to a specified Mobility Agent.

show wireless mobility ap-list

Displays the list of Cisco APs known to the mobility group.

Table 5. Monitoring Mobility Configuration Commands on the Mobility Agent

Command

Purpose

show wireless mobility load-balance summary

Displays the summary of mobility load-balance properties.

Additional References for Configuring Client Roaming

Related Documents

Related Topic Document Title
Mobility configuration

Mobility Configuration Guide, Cisco IOS XE Release 3SE (Cisco WLC 5700 Series)

Mobility-related commands

Mobility Command Reference Guide, Cisco IOS XE Release 3SE (Cisco WLC 5700 Series)

Standards and RFCs

Standard/RFC Title
None

MIBs

MIB MIBs Link
All supported MIBs for this release.

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs

Technical Assistance

Description Link

The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies.

To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds.

Access to most tools on the Cisco Support website requires a Cisco.com user ID and password.

http://www.cisco.com/support

Feature History and Information For Performing Client Roaming Configuration

Release Feature Information
Cisco IOS XE 3.3SECisco IOS XE 3.3SE This feature was introduced.