17 - Examining Wireless AP Operation

Question 1

Universal APs are not country specific but need to comply with the appropriate___.

Answer 1

regulatory domain

Question 2

What are the two ways a universal AP can be primed?

Answer 2

• Manual priming

* Automatic priming

Question 3

What is manual priming?

Answer 3

o A smartphone running Cisco AirProvision application in the same WLAN as the universal AP, is connected to the APs SSID. Cisco AirProvision uses both the GPS coordinates from the smartphone GPS unit and the mobile country code that is advertised by cellular phone network towers to properly determine the location of the smartphone and prime the AP accordingly
o You only really need to manually prime one AP as this can be used to prime the rest of the APs in the RF neighbourhood

Question 4

What is automatic priming?

Answer 4

o Once an AP has been manually primed, it can used the Cisco proprietary NDP mechanism to automatically prime the other APs in the RF neighbourhood.

Question 5

A ___ must associate with a controller before it can become an active part of the network. The initial discovery process aims at discovering as many controllers as possible to maximise the chances of finding either a primary controller or the least -loaded controller.

Answer 5

controller-based AP

Question 6

Once an AP obtains an IP address either statically or through DHCP, the AP can learn the management IP addresses of multiple controllers by using the following methods:

Answer 6

• Subnetwork broadcast – AP sends a CAPWAP controller discovery request to the local subnetwork. All Cisco WLCs in the local subnetwork that receive this packet will respond with a discovery response.
• Locally stored IPv4/IPv6 – if the AP was previously associated to a controller, the IP addresses of the primary, secondary, and tertiary controllers are stored in the non-volatile memory of the AP.
• DHCP – when a Cisco AP sends a DHCP discover request, it uses the Cisco vendor option, option 43 for ipv4 and 52 for ipv6. If the DHCP server is configured to respond to these options, it will send a list of Cisco controller IP addresses to the AP in the DHCP ACK message. The AP will then use this to send a unicast discovery request to each of the controllers.
• DNS – if the DHCP server is configured to provide both 006 (DNS server address) and option 015 (domain name) information, the AP can obtain WLC addresses from the DNS server.

Question 7

Once an AP has gathered a list of __ from the __ discovery process, it selects and joins one WLC via the primary, secondary, tertiary or master configuration of controllers

Answer 7

WLC, CAPWAP

Question 8

What is the predefined method for the AP to select the controller for which it will register?

Answer 8

1. The AP will first associate with its primary controller, assuming it has been established
2. Upon failing with the primary, it will try secondary
3. Upon failing with secondary, it will try its tertiary
4. If there is no controller information established in the AP, the AP will look for a master controller. The master is an option on the WLC which is typically used to initialise a new AP for later deployment
5. Finally, if there is no established controller and no master, the AP will select the least-loaded controller, which is defined as the controller with the greatest available AP capacity

Question 9

If a __ controller is configured, all APs without an established controller will automatically join the one controller that is marked as the __. This allows administrators to prime the APs to specific controllers and be aware of which APs have been joined to the network, then re-associate to its correct final destination controller.

Answer 9

master

Question 10

If the APs do not have established controllers, and use a broadcast to find their controllers, then the APs will ultimately ___among all available management interfaces from any controller. The first AP will register to controller 1, the second to controller 2 and the process will repeat.

Answer 10

load balance

Question 11

Load balancing does not activate until there is a min number of __ APs that are associated to a WLC.

Answer 11

3

Question 12

During the discovery process, the controller answers requests with its AP ___ and __. The AP uses this information to determine the remaining space on the controller and choose the least-loaded controller.

Answer 12

capacity, occupancy

Question 13

The WLC is designed to provide __ for APs. In a WLC failure, the APs that are associated with this WLC will migrate to the other controllers, if they have capacity. The APs will fall back to their primary controller once it is back online.

Answer 13

HA

Question 14

The AP uses a __ packet, which is also known as the “heartbeat”, to communicate with the controller and verify its reachability status. The default interval for the heartbeat is __ seconds. Whenever one heartbeat ACK from the controller is missed, the AP resends the heartbeat up to _ times at _-second intervals. If an ACK is not received after the fifth retry, the AP declares the controller as unreachable and searches for a new controller.

Answer 14

hello, 30, 5, 1

Question 15

Both the retransmit __ and retransmit __ are configurable from either the GUI or CLI, allowing the administrator the capability to fine-tune the failover behaviour in the network.

Answer 15

interval, count

Question 16

The administrator may select a value between - seconds for retransmit count (default of 3) and a value between - times for the retransmit interval (default of 3), and a value of between_-_ seconds for heartbeat timeout.

Answer 16

3-8, 2-5, 1-30

Question 17

What are the two ways in which an AP migrates to another WLC if its primary is no longer available?

Answer 17

o Per AP configuration of a primary, secondary and tertiary

o A WLC configuration of a global primary and secondary controller.

Question 18

Each controller has a defined number of ___for APs. When multiple controllers with unused AP ports are deployed on the same network and one controller fails, the dropped APs automatically poll for unused controller ports and associate with them.

Answer 18

communication ports

Question 19

You can configure your wireless network so that the backup controller recognises a join request from a __-priority AP and if necessary, disassociates a __-priority AP as a means to provide an available port.

Answer 19

higer, lower

Question 20

APs can be assigned one of the following priorities:

Answer 20

o Low: level 1
o Medium: level 2
o High: level 3
o Critical: level 4

Question 21

By default, all APs are set to priority level _ which is the lowest priority.

Answer 21

1

Question 22

When the WLC AP __ option is enabled, APs will return to their primary controllers after a failover event when the primary controller comes back online. This feature is enabled by default, and many administrators choose to leave the AP __ default value in place.

Answer 22

fallback

Question 23

When an AP falls back to the primary controller, there will be a brief window of time, usually of __ to __ seconds depending on the timer configuration, during which the service to wireless clients is interrupted because the APs are re-joining the primary WLC

Answer 23

12,30

Question 24

If, for some reasons, connectivity to the primary WLC has become unstable, the AP may end up flapping back and forth between the primary and backup WLCs. For this reason, many WLAN admins prefer to disable AP __ and move the APs back to the primary controller in a controlled manner.

Answer 24

fallback

Question 25

__ allows you to reduce the downtime of the wireless networks that occurs due to the failover of controllers. Some methods are configured per AP, some globally by the WLC, and some provide stateful failover.

Answer 25

HA

Question 26

What is AP specific HA?

Answer 26

Assign primary, secondary and tertiary WLC per AP. You need to specify the name and IP if the WLCs are not in the same mobility group

Question 27

With the __ architecture, a single backup controller can be used to provide a backup for multiple primary WLCs, with consideration for appropriate compatibility in terms of AP mode.

Answer 27

N+1

Question 28

With the N+1 architecture, all WLCs are ___ of each other, do not share configuration or IP address, and are managed separately. They can run different hardware and software versions and can be deployed in different datacentres across the WAN link

Answer 28

independent

Question 29

AP __ HA is a 1:1 (active/standby-hot) stateful switchover architecture. In AP __ architecture, one controller is configured as the primary, and another as the secondary.

Answer 29

SSO

Question 30

With AP SSO, after you enable HA, the primary and secondary controllers are __. During the __ process, the role of the primary controller is negotiated as active and the role of secondary as standby-hot.

Answer 30

rebooted, boot

Question 31

During an AP SSO, all AP sessions __ switch over, and all clients are de-authenticated and re-associated with the new active controller.

Answer 31

statefully

Question 32

The __ controller continuously monitors the health of the active controller over a dedicated redundancy port. Both the controllers share the same configurations, including IP address of the mgmt. interface

Answer 32

standby-hot

Question 33

With AP SSO, there is no __ function. When the previous active WLC comes back, it will not take the role of active WLC but will negotiate its state with the current active WLC and transition to a standby state

Answer 33

pre-empt

Question 34

With AP SSO, the active/standby WLC is decided based on a HA __.

Answer 34

SKU (manufacturing-ordered UDI)

Question 35

APs that are controlled by a WLC support different ___. Each mode has its own purpose and properties. Different models of APs support different modes, and not all modes are supported by all APs

Answer 35

modes of operation

Question 36

After an AP has discovered and joined its preferred WLC, it will typically default to __ mode of operation. In __ mode, an AP tunnels both management and data traffic to the controller. This behaviour is known as “centrally switched” because all client traffic is tunnelled from the AP to the controller where the controller is responsible for tagging packets and putting them on the wired network.

Answer 36

local

Question 37

A __ AP enables you to configure and control APs in a branch or remote office from the corporate office over a WAN link, without deploying a WLC in each remote location.

Answer 37

FlexConnect

Question 38

FlexConnect APs are capable of supporting the following switching modes concurrently on a per WLAN basis:

Answer 38

o Locally switched
o Centrally switched
o Connected mode
o Standalone mode

Question 39

o __ switched – treats management and data traffic differently. All AP control and management-related traffic are sent to the centralised WLC via CAPWAP. However, __ switching keeps branch data traffic local so it does not consume WAN bandwidth.

Answer 39

local

Question 40

o __ switched – WLANs tunnel both the wireless user traffic and all control traffic via CAPWAP to the centralised WLC, where the user traffic is mapped to a dynamic interface VLAN on the WLC. This is the normal CAPWAP mode of operation, similar to local mode operation.

Answer 40

centrally switched

Question 41

• __ mode – A FlexConnect AP is said to be in the __ mode when its CAPWAP control plane back to the WLC is up and operation, in other words, the WAN link is not down and the AP and WLC have successfully negotiated a DTLS tunnel across the wan link. The following covers the different FlexConnect operation states that are possible in __ mode:
o Central Authentication-Central Switching
o Central Authentication-Local Switching
o Local authentication-local Switching

Answer 41

connected mode

Question 42

• __ mode – A FlexConnect AP is said to be in a __ mode when its CAPWAP control plane is not operation, meaning that the WAN link is down and it no longer has connectivity back to the controller. The following covers the different FlexConnect operational states in standalone mode:
o Authentication Down-Central Switching Down
o Authentication Down-local switching
o Local authentication-Local Switching

Answer 42

standalone

Question 43

The Wi-Fi network can be extended to link LANs. This link is referred to as a __. The LANs are typically in buildings that lie withing a few miles of each other. This link is the mode common use for a Wi-Fi bridge, but there are other uses as well

Answer 43

bridge

Question 44

Some bridges can be used as a __, both to communicate with wifi clients and to link two networks. Some other modes are used for bridging purposes only and do not communicate with clients. Cisco Aironet bridges operate at the MAC address layer so they have no routing capabilities

Answer 44

hybrid

Question 45

A bridge can be point-to-__ or point-to-___

Answer 45

point, multipoint

Question 46

Outdoor networks present specific challenges, such as the impact of __, or __ strikes, and specialised help is usually needed for good deployment.

Answer 46

humidity, lightening

Question 47

In a larger deployment, a network might need to provide connectivity of the spokes, not necessary with a central point but with one another. This topology is called a wireless __. __ nodes act as repeaters to transmit data from nearby nodes to peers that are to far aware for a manageable cabled connection.

Answer 47

mesh

Question 48

In a mesh deployment, the AP node that has a connection to the wired network is known as the ___, and the nodes that are non-wired are known as ___.

Answer 48

RAP (Root AP), MAPs (Mesh APs)

Question 49

___ is the protocol that determines the best path through the mesh network. ___ does not look for the shortest path but the path with the best ease, which can be considered the opposite of cost

Answer 49

AWPP

Question 50

A special type of FlexConnect for teleworkers that provides an internet connection, and establishes a secure tunnel to the corporate network so that remote employees can access application for a mobility experience that is consistent with the corporate office.

Answer 50

OEAP (Office Extended AP) mode

Question 51

Instead of forwarding client traffic, APs in ___ mode act as dedicated sensors for context-aware (location-based) services, rogue AP detection, and IDS.

Answer 51

monitor mode

Question 52

In ___ mode, the AP radio is turned off, and the AP listens to the wired traffic only. Because the radio is turned off, it can be placed in the wiring closing, if desired. The __ AP listens for ARP packets on the wire and caches them. This cache is used to determine if L2 addresses of an identified rogue client or AP are present.

Answer 52

rogue detector mode

Question 53

An AP can be placed in promiscuous mode and can capture all 802.11 transmissions it received. The packets, including information on timing and signal strength, are forwarded to a remote PC that runs a network analyser software package such as Wireshark

Answer 53

AP sniffer mode

Question 54

Also referred to a SOMM (Spectrum Only Monitor mode) allows any Cisco CleanAir AP to be configured as a network-connected sensor. As a sensor, it gathers information on the signal strength and duty cycle of all RF transmissions within the bands that are utilised by the wireless network. This raw spectrum info is then forwarded to a workstation running MetaGeek Chanalyzer with CleanAir or Cisco Spectrum Expert for analysis.

Answer 54

AP SE-connect mode