Compare Products
Hide
VS
Please rate this document.
Please leave your suggestions here.
200 characters leftIf Ruijie may contact you for more details, please leave your contact information here.
* I understand and agree to Terms of Use and acknowledge Ruijie's Privacy Policy.
Thank you for your feedback!
Proper channel adjustment and design helpreduce frequency interference.
l When adjusting channels, take environmental factors (such as RuijieAPs, APs from other vendors, and personal hotspot Wi-Fi networks) intoconsideration. Stagger channels to reduce frequency interference.
Case of 2.4 GHz/5.8 GHz channel adjustment inUniversity XX
Note:
Even floors use thesame channel adjustment method and odd floors use the same channel adjustmentmethod.
l When there are considerable ISP private Wi-Fi networks, the conflictbetween Channels 1, 6, and 11 and other Wi-Fi channels cannot be prevented inmost areas regardless of how Channels 1, 6, and 11 are adjusted. For the 2.4GHz band, use three non-conventional channels: Channels 3, 8, and 13, toprevent conflict with Channels 1, 6, and 11 and with ISP signals, therebyeffectively reducing co-frequency interference (adjacent-channel interferencewill be increased) and the entire interference.
Note:A few STAs do not support Channel 13. In this case,upgrade software driver for rectification.
l When there are a few private Wi-Fi networks and Ruijie devices aredensely distributed — the interference mainly comes from mutual interferencebetween Ruijie APs. Use four non-conventional channels: Channels 1, 5, 9, and13, to reduce interference. Disable the 802.11b rate set with the rate lowerthan 11 Mbps (excluding 11 Mbps) and disable the 802.11g rate set with the ratelower than 11 Mbps (including 11 Mbps), and set 9 Mbps in the 802.11g rateset as the forcible rate. In this way, the conflict among Channels 1, 5, 9,and 13 can be prevented. The configuration is as follows:
ac-controller
802.11bnetwork rate 1 disabled
802.11b network rate 2 disabled
802.11b network rate 5 disabled
802.11b network rate 11 mandatory
802.11gnetwork rate 1 disabled
802.11g network rate 2 disabled
802.11g network rate 5 disabled
802.11g network rate 6 disabled
802.11g network rate 9 mandatory
802.11g network rate 11 disabled
802.11g network rate 12 supported
802.11g network rate 18 supported
802.11g network rate 24 supported
802.11g network rate 36 supported
802.11g network rate 48 supported
802.11g network rate 54 supported
Principle analysis:
The 802.11b rate set adopts the DirectSequence Spread Spectrum (DSSS) modulation mode and 802.11b signals occupy 22Mbps bandwidth. The 802.11a and 802.11g rate sets adopt the OrthogonalFrequency Division Multiplexing (OFDM) modulation mode and the signals occupy20 Mbps bandwidth. The gap between channels of the 2.4 GHz band is 5 Mbps andthe gap between Channels 1, 5, 9, 13 is 20 Mbps.
Channels 1, 2, 5, and 11 of 802.11g alsoadopt the DSSS modulation mode, so as to be compatible with 802.11b. Therefore,disable Channels 1, 2, 5, and 11 in 802.11b and 802.11g rate sets (Channel 11in 802.11b rate set cannot be disabled due to configuration restriction but itwill not exert any effect). Disable 6 Mbps in the 802.11g rate set and set 9 Mbpsin the 802.11g rate set as the forcible rate — management packets aretransmitted at the minimum forcible rate by default. This disables low-ratenodes and reduces interference.
Note:
Management packetsare transmitted at 9 Mbps rate of the 802.11g rate set. As a result, STAs thatsupport only 802.11b cannot associate with the wireless network, but a few STAssupport only 802.11b in the market. In addition, some STAs do not supportChannel 13. In this case, upgrade the driver for rectification.
Proper RF power adjustment helps preventinterference between devices.
Disable low rate sets (see the section ofdisabling the low rate) prior topower adjustment, so as to obtain more authentic results.
l Wall AP scenario in dormitories:
Wall APs are usually deployed in scenarios ofdense dormitories. The interference between APs is very severe if the power isnot adjusted properly.
Step 1: At the outmost edge of the normal coverage area of the AP (positionthat is within the normal coverage of the AP but has the lowest RSSI), use thewirelessmon software to scan the AP RSSI in this room. Adjust the transmitpower of the AP to ensure that the RSSI at this point is about -65 dB (thereceiver sensitivity varies a lot according to STAs and iPhone is used here).
(config-ap)#power local xxx radio 1
Step 2: Telnet to the AP and run the following command to display the actualtransmit power of the AP:
show dot11wireless 1/0 | include Actual Tx Power
Actual TxPower.............. 13 dbm
Step 3: Repeat Step 1 and Step 2 to adjust the value of power localfor the APs in the upper room, lower room, left room, and right room. Properlyreduce the management packet power of the AP (the value of coverage-area-control).It is recommended that the value be 3-5 dB lower than the value of Actual TxPower displayed after the show command is executed in Step 2.Disconnect and then reconnect the STA repeatedly. The probability that the STAassociates with the AP in this room is up to 95% or higher. If this probabilitycannot be reached, properly reduce the value of coverage-area-control onthe precondition that the coverage is normal (after the APs in the upper room,lower room, left room, and right room are all shut down, the STA can associatewith the AP in this room successfully each time).
WS5708(config)#ap-configxxx
WS5708(config-ap)#coverage-area-control8 radio 1 (13-5=8dB)
Note: In RGOS10.x, the coverage-area-control functionis unavailable.
Description of the coverage-area-controlcommand: The coverage-area-control command can be executed to configurethe transmit power of management frames. Higher transmit power of managementframes (excluding 0) indicates that the distance between a wireless user who isallowed to access and the AP is longer.
Step 4: After the power is adjusted for the 2.4 GHz band, raise the powerfor the 5.8 GHz band. For detailed adjustment method, see the 5.8 GHz userguide.
l i-Share 1 and i-Share 2 solution scenario in dormitories:
The major difference between the i-Share 1solution and the i-Share 2 solution used in dormitory scenarios lies in largesignal attenuation of device feeders in the i-Share 1 solution and i-Share 2solution. Focus on the attenuation when adjusting power local (it cannotbe set to a very small value). The adjustment method is as follows:
The adjustment is the same as that in thewall AP scenario in dormitories.
Note:
When selecting aroom, select a room whose feeder is the longest and whose adjacent room is notwithin the coverage of the feeder of the radio card. In addition, the devicewith the hardware version of v2.x in the i-Share 1 solution does not supportthe coverage-area-control function, and the coverage-area-control command doesnot need to be executed to make adjustment.
l i-Share 3 solution scenario in dormitories:
The i-Share 3 solution does not support the coverage-area-controlfunction, and the coverage-area-control command does not need to beexecuted to make adjustment.
Step 1: At the outmost edge of the normal coverage area of the AP (positionthat is within the normal coverage of the AP but has the lowest RSSI), use thewirelessmon software to scan the AP RSSI in this room. Adjust the transmitpower of the AP to ensure that the RSSI at this point is about -65 dB (thereceiver sensitivity varies a lot according to STAs and iPhone is used here).
(config-ap)#power local xxx radio 1
Step 2: Slightly adjust the value of power local for the device asfollows: Disconnect and then reconnect the STA repeatedly. The probability thatthe STA associates with the AP in this room is up to 95% or higher. If thisprobability cannot be reached, properly reduce the value of power localon the precondition that the coverage is normal (after the APs in the upperroom, lower room, left room, and right room are all shut down, the STA canassociate with the AP in this room successfully each time).
Step 3: After the power is adjusted for the 2.4 GHz band, raise the powerfor the 5.8 GHz band. For detailed adjustment method, see the 5.8 GHz userguide.
l X-Sense Smart AP scenario in offices:
The adjustment method is the same as that inthe wall AP scenario in dormitories.
l Dense deployment scenario in venues:
Step 1: The maximum modulation rate needs to be reached at the coverageedge. If the transmit power is greater than the power required for maximum modulation rate,excessive power is a waste and will cause interference. Therefore, configurethe power first. Draw a line to connect two adjacent APs, find out the pointthat is 60% away from one AP in distance, and perform a test at this point.Adjust the transmit power for the 2.4 GHz band (value of power local). The RSSIat this position should be about -65 dB (the receiver sensitivity varies a lotaccording to STAs and iPhone is used here).
(config-ap)#powerlocal xxx radio 1
Step 2: Telnet to the AP and run the following command to display theactual transmit power of the AP:
show dot11wireless 1/0 | include Actual Tx Power
Actual TxPower.............. 13 dbm
Step 3: Repeat Step 1 and Step 2 to adjust the value of power localfor APs in the upper room, lower room, left room, and right room. Properlyreduce the management packet power of the AP (the value of coverage-area-control).It is recommended that the value be 3-5 dB lower than the value of Actual TxPower displayed after the show command is executed in Step 2.Disconnect and then reconnect the STA repeatedly. The STA is capable ofconnecting to the nearby AP. If the STA cannot connect to the nearby AP,properly reduce the value of coverage-area-control on the preconditionthat the coverage is normal.
WS5708(config)#ap-configxxx
WS5708(config-ap)#coverage-area-control8 radio 1 (13-5=8dB)
Note: In RGOS10.x, the coverage-area-controlfunction is unavailable.
Step 4: If APs are deployed every 5-10 m in the open space, run the mcellcommand for the 2.4 GHz band.
WS5708(config)#ap-configxxx
WS5708(config-ap)#mcellenable radio 1
Note: TheRGOS10.x does not support the mcell function.
Step 5:After the power is adjusted for the 2.4 GHz band, raise the power for the 5.8GHz band. For detailed adjustment method, see the 5.8 GHz user guide.
The following provides the empirical powerconfiguration of some APs for reference.
Case 1: In i-Share 1 solution, dual radio cards use the 2.4 GHz band, thepower of the 2.4 GHz band is set to 20%. If the 5.8 GHz band is used, its powercan be set to 100%.
Case 2: Ini-Share 2 solution, the power is set to 60% for the 2.4 GHz band and 100% forthe 5.8 GHz band.
Case 3: In i-Share 3 solution, the power is set to 15% for the 2.4 GHz bandand 100% for the 5.8 GHz band.
Case 4: The AP120-W is used in University XX. The power is set to 2% and coverage-area-controlis set to 7 dB.
Case 5: The AP130(L) is used in College XX. The power is set to 4% for the2.4 GHz band and 50% for the 5.8 GHz band.
The most direct and effective method is toenable the device to separately transmit one signal in the 5.8 GHz band and mapthe signal only to the 5.8 GHz radio card.
In addition, you can use the following methodto lead STAs to associate with the 5.8 GHz band.
The attenuation of 5.8 GHz signals is more severe than that of 2.4 GHzsignals. 5.8 GHz signals received by STAs are often weaker than 2.4 GHzsignals. As a result, STAs often connect to the 2.4 GHz band. Increase thepower of the 5.8 GHz band so that the RSSI of 5.8 GHz signals received by usersis greater than that of 2.4 GHz signals and STAs are lead to associate with the5.8GHz band. Empirical value: In dormitory scenarios, after the power of the2.4 GHz band is adjusted, increase the transmit power of the 5.8 GHz (run the showdot11 wireless 1/0 command to display the transmit power) to be 8-10 dBhigher than that of the 2.4 GHz band, so as to achieve the effect.
Alternatively, use the following method tomake adjustment:
Prerequisite: Basic channels and the power ofthe 2.4 GHz band are properly adjusted.
Operation method:
From the angle of the AP: Use the AP to coveran open space and increase the transmit power of 5.8 GHz signals. It isrecommended to set the transmit power of the 5.8 GHz band to be 7-8 dB higherthan that of the 2.4 GHz band (the AP is an X-Sense Smart AP and attenuationneeds to be considered for feeders of i-Share APs). You can run the showdot11 wireless 1/0 command on the AP (2/0 represents RF Port 2) to displaythe actual transmit power of the AP. See the following figure.
From the angle of STAs: Select two STAs thatsupport the 5 GHz band, including one laptop and one mobile phone. Find out thepoint that is within the normal coverage of the AP and is close to the edge ofthe normal coverage area. Disable and then enable the Wi-Fi network repeatedly,and wait for STAs to associate with the SSID. Run the show ac-config clientcommand on the AC to collect statistics on 2.4 GHz band association count and5.8 GHz band association count of the STAs. Increase the transmit power for the5.8 GHz band progressively and perform association tests till the STAssuccessfully associate with the 5.8 GHz band in more than 80% tests of total 20tests.
In the preceding figure, "b"indicates the 2.4 GHz band and "a" indicates the 5.8 GHz band.
Note:
It is notrecommended to run the band-select enable command because the bandselection function will cause slow association of STAs that support only the2.4 GHz band and some 5.8 GHz NICs may fail to associate with the wirelessnetwork because of incompatibility. Even if an STA associates with the 5.8 GHzband successfully, the STA switches between two RF ports because the transmitpower of the 2.4 GHz band is stronger, affecting user experience. According toexperience, the method of leading STAs to associate with the 5.8 GHz band is toraise the transmit power for the 5.8 GHz band so that the power of 5.8 GHzsignals received by STAs is higher than that of 2.4 GHz signals. Even if theband-select enable command is executed to enable the band selectionfunction, the power of the 5.8 GHz band should also be adjusted and optimized.
Note: In RGOS10.x, the coverage-area-controlfunction is unavailable, and therefore, response-rssi needs to beconfigured.
Description of the response-rssicommand: After the minimum RSSI is set for wireless STAs, if the RSSI ofrequest frames from a wireless STA is lower than the minimum RSSI, the wirelessSTA is not allowed to access the wireless network.
Proper configuration of response-rssican prevent STAs from associating with a remote AP and prevent poor experience.Configure response-rssi by referring to the following case:
Refer to the following data:
RSSI of the STA in the corner of this room toassociate with the AP in the room: for example, the actual test value is 35dBm.
RSSI of the STA to associate with the APs inthe upper room, lower room, left room, and right room after the AP in this roomis disabled: for example, the actual test value is 30 dBm.
Note: You can run the showdot11 a a command to check the RSSI of the STA.
In conclusion, set response-rssi to 31or 32 for STAs in the dormitory area, to effectively prevent remoteassociation and ensure user experience.
The RSSI varies with STAs. Therefore, selectmore types of STAs for the test.
Note: If response-rssi is set to asmall value, remote association cannot be prevented effectively. If it is setto a large value, the STA association will be rejected when the STA associateswith the AP, because the upstream RSSI is smaller than the configured value.Therefore, when adjusting the value of response-rssi, use multiplemobile phones from different mainstream manufacturers for the test.
For networks that do not have Layer-2 mutual access requirements, theLayer-2 isolation must be enabled to reduce network packets and multicastpackets that are to be transmitted to all APs in the same VLAN and preventconsumption of wired and wireless air interface resources.
WS5708(config)#wids
WS5708(config-wids)#user-isolationac enable
WS5708(config-wids)#user-isolationap enable
or
WS5708(config)#wids
WS5708(config-wids)#user-isolationssid-ac enable
WS5708(config-wids)#user-isolationssid-ap enable
In addition, the function needs to be enabledin simplified network scenarios.
The STA VLAN must be manually created on theAC. Otherwise, severe issues such as authentication failures and failures toobtain IP addresses may occur.
As shown in the preceding figure, the VLANs displayedby the show running | include interface-mapping command must be createdon the AC.
There are many low-rate nodes in the actualnetwork. Packets from low-rate nodes are transmitted at a low rate and occupymany air interface resources, reducing the experience of users served by theAP. In the environment where private Wi-Fi interference is not severe, rateslower than 11 Mbps can be disabled.
802.11gnetwork rate 1 disabled
802.11gnetwork rate 2 disabled
802.11gnetwork rate 5 disabled
802.11gnetwork rate 6 disabled
802.11gnetwork rate 9 disabled
802.11bnetwork rate 1 disabled
802.11bnetwork rate 2 disabled
802.11bnetwork rate 5 disabled
Note:
In the environment where the private Wi-Fiinterference is severe or the coverage is insufficient, disabling rates lowerthan 11 Mbps may degrade network experience. There is a high probability thatpacket loss or packet error occurs in high-rate packets because of interferenceor long transmission distance. In this case, properly retaining some low ratesets (for example, 5 Mbps, 6 Mbps, and even 2 Mbps) can improve user experienceto a certain extent.
For example, the coverage of some areas isinsufficient in College XX. The rate sets with the rate lower than 11 Mbps aredisabled at first. Remote STAs send packets at a high rate and packets areretransmitted due to packet loss or CRC error, resulting in poor userexperience. After some low rate sets are enabled, user experience is improvedsubstantially.
Conduct QoS rate limit on STAs to preventSTAs with good NIC performance from preempting channels all the time andcausing poor user experience to STAs with poor NIC performance.
wlan-config 3 xynu_dx
wlan-based per-user-limit up-streams average-data-rate 300burst-data-rate 350
wlan-based per-user-limit down-streamsaverage-data-rate 400 burst-data-rate 500
In the configuration, the unit is 8 kbps. Itis recommended that the burst rate be set to 1.2 to 1.5 times the averagevalue.
In addition, if a WLAN associates with onlythe 5.8 GHz band, the rate limit of the WLAN can be higher than the averagerate limit of transmitted signals in the 2.4 GHz band.
Note: The heavy traffic of the AP5280 caneasily cause high CPU usage, AP restart, or tunnel disconnection. Therefore,the performance of the AP5280 needs to be limited to 60 Mbps.
ap-config ap5280
ap-based total-user-limitup-streams average-data-rate 6000 burst-data-rate 6000
ap-based total-user-limitdown-streams average-data-rate 6000 burst-data-rate 6000
Restrict the number of STAs served by an AP so as to prevent pooruser experience when excessive STAs connect to one AP. The following tableprovides the recommended number of STAs served by an AP.
Model | Recommended Number of Users | Description |
AP120 (dormitory and office) | 12 | There are four users in each room and each user has two STAs. |
AP130 (dormitory and office) | 24 | There are eight users in each room and each user has two STAs. |
i-Share 1 solution (dormitory and office) | 32 | The single-band single-stream mode (dual 2.4 GHz radio cards) is adopted. In 1-to-4 scenarios, there are four users in each room and each user has two STAs. |
i-Share 2 solution (dormitory and office) | 32 | The dual-band dual-stream mode is adopted. In 1-to-4 scenarios, there are four users in each room and each user has two STAs. |
i-Share 3 solution (dormitory and office) | 48 | In 1-to-6 scenarios, there are four users in each room and each user has two STAs. |
X-Sense Smart AP | 64 |
|
Outdoor AP | 96 |
|
The recommended values are an adjustment todefault values. Recommended values are more proper than default values innormal cases. Adjust the values as required in actual application. For example,if the 2.4 GHz band is mainly used, adjust the STA-limit of the 2.4 GHz radiocard properly; if the 5.8 GHz band is mainly used, adjust the STA-limit of the5.8 GHz radio card properly. The common proportion of 2.4 GHz users to 5.8 GHzusers is 2:1.
Configuration example:
sta-limit 64
Feeder detection can be configured to findout the rooms where the feeder installation is incorrect according to thedeployment table.
Note: The i-Share 1solution does not support feeder detection, all versions of the i-Share 2solution support feeder detection, and the i-Share 3 solution of B8 or a laterversion supports feeder detection.
ap-config xxx
antdetect enable
The following figure provides an example ofthe feeder detection results.
l "R" indicates a radio card, for example, R1 indicates radiocard 1 and R2 indicates radio card 2.
l "N" indicates that no feeder is connected, or a feeder isconnected but the feeder malfunctions.
l "Y" indicates that a feeder is connected and the feederworks properly.
l "-" indicates that the radio card does not exist, orfeeder detection is disabled.
Note: For the RGOS10.X, only APs used in i-share 2 solution support feederdetection.
When the STA gateway is not deployed on theAC in the case of centralized forwarding, the source MAC address of ARP packetstransmitted/responded by the gateway is the address of the STA gateway. Inaddition, packets need to pass through the AC and therefore, the thresholdrestricted by NFPP can be easily reached on the AC. As a result, ARP packetstransmitted/responded by the gateway are discarded, and STAs are slow inlearning ARP entries of the gateway and even fail to learn the ARP entries.Therefore, all STA gateways need to be added to trust entries to prevent thisissue.
nfpp
arp-guard trusted-host 172.110.16.1 1414.4b81.3dba
arp-guard trusted-host 172.110.32.1 1414.4b81.3dba
arp-guard trusted-host 172.110.48.1 1414.4b81.3dba
arp-guard trusted-host 172.110.64.1 1414.4b81.3dba
The DHCP server of the STA is deployed on acore device in the case of centralized forwarding. The source MAC address ofDHCP packets responded by the DHCP server is the MAC address of the coredevice, the packets need to pass through the AC, and therefore, the thresholdrestricted by NFPP can be easily reached on the AC. As a result, the STA isslow in obtaining an IP address. Therefore, the MAC addresses of all DHCPservers need to be added to trust entries to prevent this issue.
nfpp
dhcp-guard trusted-host 1414.4b81.3dba
When the STA gateway is deployed on the AC inthe case of centralized forwarding, traffic only from the interconnection VLANis allowed to pass; when the STA gateway is not deployed on the AC in the caseof centralized forwarding, traffic only from the STA and interconnection VLANis allowed to pass; traffic only from the interconnection VLAN is allowed topass in the case of local forwarding.
WS5708(config)#interface XX
WS5708 (config-if-XX)#switchport trunk allowed vlan remove xx-xx
In the Web authentication, if multiple usersrequire redirection simultaneously, the default threshold of cpu-protecttype tcp80 may be exceeded, resulting in loss of redirection packets. TheWeb authentication page is displayed slowly on the STA. In this case, increasethe threshold as required.
Judgment method: Run the show commandevery 20 seconds in peak hours and check whether the value in the Dropcolumn increases. If yes, redirection packets are discarded.
WS18K#show cpu-protect type tcp80
Type Pps Total Drop
------------------- ----------- ------------ ------------
tcp80 1200 78904545 578110
Command for Threshold adjustment:
WS18K(config)#cpu-protect type tcp80 pps 3000
The threshold does not need to be changed forthe WS5308 and WS5302 and the default threshold is used. For the WS5708,the threshold can be adjusted to the maximum value 4000; for the WS18000and WS6816, the threshold can be adjusted to the maximum value 6000; ifthe threshold is very large, the CPU usage may be high during redirection inthe Web authentication and other adverse effects may be incurred.
Note: The RGOS10.x does not support the threshold adjustment.
An AP that is not added to an AP-group mayfail to send signals. Even if WLAN VLAN mapping is configured for the defaultgroup and an AP in the default group can transmit signals, it is notrecommended to use the default group because the default group cannot facilitatemanagement.
The countermeasure function severely affectsuser experience. If necessary, enable the countermeasure function on a specificAP.
WS5708(config)#wids
WS5708(config-wids)#no countermeasures enable
If dot1x re-authentication is enabled indot1x authentication, users who pass dot1x authentication go offline easily.Therefore, do not enable the dot1x scheduled re-authentication function inactual wireless dot1x authentication deployment scenarios.
The command for disabling dot1x scheduledre-authentication function is as follows:
WS5708(config)#no dot1x re-authentication
HTTPS uses a complex encryption technologyand therefore, it is poor in performance. If HTTPS (disabled by default) isenabled in actual scenarios, the Web authentication redirection may be slow andeven the redirection page is not displayed, severely affecting user experience.
The command for disabling HTTPS redirectionis as follows:
WS5708(config)#no http redirect port 443
WS5708(config)#no http redirect port 8443
The promiscuous mode affects experience ofwireless users in actual deployment and therefore must be changed to the normalmode. If the promiscuous mode is required indeed, enable it only on a specificAP.
WS5708(config-ap)#device mode normal
The data-plane wireless-broadcast enablefunction enables the device to forward all broadcast packets to the airinterface, which occupies a large number of wireless air interface resourcesand severely affects user experience. Therefore, disable the data-planewireless-broadcast enable function (disabled by default).
WS5708(config)#data-plane wireless-broadcast disable
Different positions of STAs results in alarge difference in the upstream power (the difference is especiallysignificant for Samsung STAs). STAs may go offline frequently after thisfunction is enabled.
Note: The RGOS10.x does not support this function.
When ARP-check is enabled in Webauthentication, if ARP packets from the gateway are not allowed to pass,wireless STAs fail to learn the ARP entries of the gateway. As a result, userscannot be authenticated or access the Internet.
http redirect direct-arp 51.1.1.1
http redirect direct-arp 52.1.1.1
http redirect direct-arp 53.1.1.1
Case: Webauthentication is configured and ARP-check is enabled on the AC in auniversity. A wireless user network segment of a new dormitory building isadded. ARP bypass is not configured for the gateway of the new network segmenton the AC. As a result, users cannot be authenticated or access the Internet,affecting student registration at the beginning of a new term.
The performance of the ip verifysource function is poor, and it may cause high CPU usage of the AC, andeven cause the random discarding of user packets. If required, replace ipverify source with ip verify source port-security command to achievethe same effect.
WS5708(config)#wlansec 1
WS5708(config-wlansec)#no ip verify source
WS5708(config-wlansec)#ip verify source port-security
The 40 MHz and 80 MHz bands can cause severefrequency interference in actual deployment scenarios. Therefore, do not usethe 40 MHz and 80 MHz bands in actual scenarios. Use the default 20 MHz bandinstead.
The following configuration is incorrect:
WS5708(config-ap)#chan-width 40 radio 1
WS5708(config-ap)#chan-width 40 radio 2
WS5708(config-ap)#chan-width 80 radio 2
Change it to the following configuration:
WS5708(config-ap)#no chan-width radio 1
WS5708(config-ap)#no chan-width radio 2
Note: The actual deployment scenarios here exclude pre-sales, centralizedprocurement, and shortlisted test.
The Dynamic Channel Allocation (DCA) andTransmit Power Control (TPC) in the Radio Resource Management (RRM) function ofwireless devices occupy a large amount of CPU and memory. Frequent running ofthe DCA and TPC may cause wireless network instability. In some scenarios, theTPC function may reduce the power to a very low value, resulting in poor userexperience. Therefore, disable the DCA and TPC.
Disable the RRM TPC (disabled by default).The TPC function may reduce the power to a very low value, affecting userexperience. Therefore, disable the RRM TPC in actual deployment scenarios.
advanced 802.11b txpower dtpc disable
advanced 802.11a txpower dtpc disable
Use the DCA (enabled by default) as follows:
1. Disable the RRM DCA and manually adjustchannels.
advanced 802.11b channel global off
advanced 802.11a channel global off
2. Enable RRM and set the RRM channeladjustment time to the default value (the adjustment starts from 02:00 a.m. andlasts for 2 hours by default).(This method is not recommended because it isstill in the effect verification and revision phase.)
Check RRM DCA-relevant information. Seethe preceding figure.
The command for restoring the defaultrunning time is as follows:
no advanced 802.11b channel dca anchor-time
no advanced 802.11a channel dca anchor-time
In addition, if a non-conventional channel isused and RRM is required for channel adjustment, adjust the available channelsused in the RRM channel algorithm. For example, use the 3, 8, and 13 non-conventionalchannels. The configuration is as follows:
Add Channels 3, 8, and 13 first.
WS5708(config)#advanced 802.11b channel add 3
WS5708(config)#advanced 802.11b channel add 8
WS5708(config)#advanced 802.11b channel add 13
Delete the default Channels 1, 6, and 11.
WS5708(config)#advanced 802.11b channel delete 11
The result is as shown in the followingfigure.
Two ACs working in hot backup mode need touse consistent configuration except specific configuration such as the ACnames, IP addresses, and hot backup priority. Use a comparison tool to comparethe configuration. Information to be compared includes the outputs of the showrun,show ap-config running, and show ap-group aps summarycommands; alternatively, directly export the config.text and ap-config.textto the local device and use a tool to compare the configuration.
If authentication is conducted on the AC,configure VRRP, use the VRRP address as the NAS IP address for authentication(run the ip radius source-interface xxx/ ip portalsource-interface xxx command), and add the VRRP address to the hotbackup configuration. Otherwise, an authentication exception will occur afterhot backup switching.
a. If the STA gateway is deployed on the ACin the case of centralized forwarding, use the VRRP address as the STA gatewayaddress and add the VRRP address to the hot backup configuration. Otherwise,users fail to access the network after hot backup switching.
b. The DHCP pool, AP-group, and VRRP need tobe added to the hot backup configuration. If DHCP pool is not added to hotbackup configuration, allocation entries of the address pool are notsynchronized. If the AP-group is inconsistent, users cannot connect to thenetwork or an association exception occurs after hot backup switching.
The following figure shows the typical hotbackup configuration.
AA hot backup can cause an authenticationexception and a roaming exception after users switch to another AP. Inaddition, the resource usage (for example, CPU usage) in AA mode is higher thanthat in AS mode. Therefore, AA mode must be changed to the AS mode.
The following issues arise in AA mode:
= Dual NAS IP address problem in A/A hot backupmode cannot be solved.
You can run the ip radius source-interfacevlan command to set the NAS IP address. You can configure two VRRP groupsin a VLAN, which map to two contexts. The actual verification shows that if twoNAS IP addresses are specified on one device, an authentication error willoccur and it cannot be ensured that the correct NAS IP address is selected forauthentication each time.
l In AA hot backup mode, the intra-context roaming is normal but theinter-context roaming fails.
Layer-2 roaming is normal. In actualdeployment, different contexts map to different VLANs. Therefore, Layer-2roaming does not occur basically.
l Layer-3 roaming fails:
Based on whether the WLAN/IP address ischanged:
1. If the WLAN/IP address keeps unchanged in theinter-context roaming, authentication entries are not deleted and STAs cannotaccess the wireless network.
2. If the WLAN/IP address is changed in theinter-context roaming, authentication entries are deleted and re-authenticationis required, indicating that the roaming fails.
l In AA+Web+MAB authentication, when a user moves from Context 1 toContext 2, a problem also occurs even if the user does not roam.
The problem occurs due to MAB authentication(and also in dot1x authentication). An STA goes online in AC1. Theauthentication entry is synchronized to AC2. When the STA moves to the coveragearea of AC2, AC2 rejects the STA to go online after checking that the entryexists. The root cause is that only the MAC address is indexed when the AC2searches for the entry. If the MAC address + WLAN + VLAN are indexed, the STAcan be authenticated successfully. For example, when a user moves from the dormitoryto the canteen, the user fails to go online after applying for Webauthentication repeatedly. The user can pass Web authentication till the entryages.
The default transmission interval of beaconpackets is 100 ms and beacon packets are transmitted at the lowest forciblerate. When the private Wi-Fi interference is low and Ruijie APs sendconsiderable signals (for example, one AP transmits 4-8 signals), the beaconpackets will occupy a large number of air interface resources, causing pooruser experience. In this case, increase the transmission interval of beaconpackets to 150-300 ms. Note: If the transmission interval of beacon packets isset to a very large value, the signals received by STAs are unstable, resultingin poor user experience.
WS5708(config-ap)#beacon period 200 radio 1
The band-select enable function causesslow association of STAs that support only the 2.4 GHz band and some 5 GHz NICsmay fail to access the wireless network because of incompatibility. Even if anSTA associates with the 5.8 GHz band successfully, the STA switches between twoRF ports because the transmit power of the 2.4 GHz band is stronger, affectinguser experience.
According to experience, the method ofleading STAs to associate with the 5.8 GHz band is to increase the transmitpower for the 5.8 GHz to ensure that the power of 5.8 GHz signals received bySTAs is higher than that of 2.4 GHz signals. For detailed adjustment method,see the section of leading STAs to associate with the 5.8 GHz band.
Even if the band-select enable commandis executed to enable the band selection function, the power of the 5.8 GHzband also should be adjusted and optimized.
The A-MPDU transmission protection can reducebandwidth loss caused by collision of hidden nodes but will increase the airinterface overhead. It is recommended that the A-MPDU transmission protectionbe disabled by default. In i-Share 1 and i-Share 2 scenarios in dormitories,the same radio signal can be transmitted to APs in different rooms, which willgreatly increase hidden nodes. Therefore, enable the function in this case.
WS5708(config-ap)# ampdu-rts radio 1
Ruijie Networks websites use cookies to deliver and improve the website experience.
See our cookie policy for further details on how we use cookies and how to change your cookie settings.
Cookie Manager
When you visit any website, the website will store or retrieve the information on your browser. This process is mostly in the form of cookies. Such information may involve your personal information, preferences or equipment, and is mainly used to enable the website to provide services in accordance with your expectations. Such information usually does not directly identify your personal information, but it can provide you with a more personalized network experience. We fully respect your privacy, so you can choose not to allow certain types of cookies. You only need to click on the names of different cookie categories to learn more and change the default settings. However, blocking certain types of cookies may affect your website experience and the services we can provide you.
Through this type of cookie, we can count website visits and traffic sources in order to evaluate and improve the performance of our website. This type of cookie can also help us understand the popularity of the page and the activity of visitors on the site. All information collected by such cookies will be aggregated to ensure the anonymity of the information. If you do not allow such cookies, we will have no way of knowing when you visited our website, and we will not be able to monitor website performance.
This type of cookie is necessary for the normal operation of the website and cannot be turned off in our system. Usually, they are only set for the actions you do, which are equivalent to service requests, such as setting your privacy preferences, logging in, or filling out forms. You can set your browser to block or remind you of such cookies, but certain functions of the website will not be available. Such cookies do not store any personally identifiable information.
Contact Us
How can we help you?