Dangers of removing vlans on Cisco automous APs-Affects Multicast

Unanswered Question
Apr 23rd, 2007

This isn't really a question but a notification for those out there that might encounter this problem and have not yet found a solution yet. During some thorough testing using a Push-To-Talk application that uses multicast we experienced an outage that has resulting in this traffic no longer being transmitted across the access point. Now let me clarify a little here. This really only affects clients that are both associated to the same access point and trying to communicate with each other. This may also apply to more than just the 1232 access point that we were testing with but it was IOS none the less.

When you create Vlans on a Cisco access point the basic bridge-group configuration is moved from the default physical interface to whichever vlan you prescribe as the native vlan. Now if you were to ever delete this vlan and thus make the physical interface the native vlan again you will experience a loss of communication between clients. This is likely to be both broadcast and mulicast traffic but could potentially be unicast as well. The bridge-group commands that get transferred back to the physical interface are missing a crucial command. If you look closely at the before and after you will likely see the missing command.

When you delete the vlan the command that failed to get moved back is:

bridge-group 1 subscriber-loop-control

Now, this command is related to the use of spanning-tree on the access point but when it is applied to the radio interface this command also allows communication between clients across the RF spectrum alone. I suspect that this is a bug in the IOS that tries to rewrite the commands onto the interface with the Java script and it applies the command before the bridge-group 1 spanning-disabled command. And because of this it doesn't get applied to the configuration. The obvious fix here is to just manually apply the command back onto the interface and everything works find again.

One method is also to just default you access point back to factory defaults and reprogram it to your specifications but this isn't a very desireable method. You can also make the changes to remove the vlans from the CLI and then you won't be invoking the Java scripts that are recreating the commands on the physical interface.

Hopefully this will provide a value to anyone that has encounter this problem and not found a solution.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode