Posts

Showing posts from April, 2012

Decoding Cisco CAPWAP With Wireshark

Image
Here's an interesting little gotcha I wasted a few hours on recently...

I have been looking at QOS on a Cisco WLC and was looking at DSCP markings in CAPWAP packets between a Cisco WLC and access point. I did this by spanning the switch port that the AP is connected to and then using a copy of Wireshark on another switch port to capture the traffic so that I could have a look through it.

However, when I looked at the CAPWAP frames, Wireshark was reporting most of the CAPWAP packets as being "Association Requests" and that they were "[Malformed Packets]".

After testing this in quite a number of versions of Wireshark (assuming a Wireshark decode bug), I finally gave up and reported a bug to the guys at Wireshark. They were incredibly quick to respond and diagnosed the issue very quickly!

It turns out that Cisco have not implemented the final draft of CAPWAP (according the guys at Wireshark), and that there is an option in Wireshark for Cisco CAPWAP support. You c…

Fast SSID Change - Out Of The Shadows

There are many configuration settings on a piece of networking kit that are just 'there'.

They sit there year after year just minding their own business being a quiet little chunk of configuration sitting in their default state not doing anyone any particular harm. Then, occaisionally, you come across some obscure case that causes you to actually pay attention to what exactly that particular setting is 'bringing to the party'.

One particular instance I came across recently is the 'Fast SSID Change' setting on a Cisco WLC.

From memory, it's been sat there for quite a while on many of the controllers I've installed, sitting dutifully in its default state of 'Disabled'. I've never really paid it much attention as it doesn't (on the face of it) seem to cause anyone any particular problems.

However, I recently ran in to a situation where a customer had some Apple iPads that he wanted to connect to an SSID that was mapped to an internal corpo…

Cisco NCS 1.0/1.1 - Internet Explorer Chrome Plugin Gotcha

If you're like me, then when it's time to use or install a new release of software, you quickly scan through the release notes trying to make sense of the reams and reams of 'new features', 'caveats', 'bugs fixed' etc. without falling to sleep and smashing your nose on the desk in front of you. (Why can't technical writers give those things a plot, a love interest and a gripping ending..?)

The main purpose of this exercise is often to pick up the 'headlines' so that you can fairly comfortably install or implement the new software, armed with a reasonable amount of knowledge to allow you to not fall down any particularly large holes during the process.

One area I'm particularly guilty of 'glossing over' in this release-note-scanning activity is the section that describes the versions of browser support that are provided for web-GUI based products (e.g. network management software).

Sure, I give the browser support section a qui…