New SFP support, AP power save, and other important features

Improvements

New SFP Support on Cisco Catalyst 9800-80 Wireless Controllers -

Cisco Catalyst 9800-80 Wireless Controllers The following SFPs are supported from this release:

• COLORCHIP-C040-Q020-CWDM4-03B

• FINISAR-FTL4C1QL2L

• FINISAR-FTL4C1QE1C

• QSFP-40G-CSR-S

• QSFP-40G-SR-BD

• QSFP-H40G-ACU7M

• QSFP-H40G-ACU10M

AP Power Save - The AP Power Save feature has been enhanced to support the following:

• Radio spatial streams

• Flexible PoE profiles

Application Performance Monitoring (Includes FlexConnect and Fabric Modes)

• This feature collects and exports assurance-related metrics (per application) of the flows forwarded through the corresponding AP to the Cisco DNA Centre Assurance application.

Cisco DNA Center Client Event and SSID Telemetry Filter

• This feature filters out telemetry data for a configured SSID on the controller and the corresponding AP.

CleanAir Support for 6 GHz

• From this release, CleanAir is supported in the 6-GHz band radio of the corresponding AP.

Device Classifier Dynamic XML Support

• This feature enables better device classification without upgrading the device to a new release.

Device Telemetry

• This functionality enables collection of anonymous usage telemetry data for Cisco products, which helps in continuous product improvements. This functionality is enabled by default and can be disabled using the no form of the pae command.

DNS or DHCP or AAA Server Reachability Through IPSLA and Failure Reasons for DHCP

• This feature introduces additional parameters to capture the DHCP server failures in client events and send them to Cisco DNA Center for meaningful insights into the network and to take proactive actions on network issues to improve reliability, high availability, and performance.

Downloadable ACL (Central Switching Only)

• The Downloadable ACL (dACL) feature defines and updates ACLs in one place (Cisco ISE) and allows ACL download to all the applicable controllers.

Factory Reset (with Data Wipe)

• Factory reset will not only erase the configuration but also removes all the customer-specific data that has been added to the device since the time of its shipping. The erased data covers configurations, log files, boot variables, core files, and credentials such as FIPS-related keys.

Site Load Balancing

• The Load Balancing feature is enhanced to specify a site load for better load balancing.

Support for 4 FNF Monitors

• From Cisco IOS XE Dublin 17.10.1, you can configure up to four flow monitors (from the earlier limit of two flow monitors) in a policy profile per direction (input and output) in local mode. The additional flow monitors help to collect DNS traffic statistics and send them to Cisco DNA Center to analyse and take corrective actions.

Device Ecosystem Data

• This feature sends the device analytics data that is present in the RADIUS accounting request to Cisco ISE in order to profile endpoints.

Bug fixes

• CSCwa79968 - SNMP MIB is not fetching all that data or no data at all for SNMP walk with high client count.

• CSCwb37457 - Standby controller crashes when it is configured in RMI+RP HA mode with wired guest feature.

• CSCwb43548 - Disable ip proxy-arp by default.

• CSCwb47040 - Controller is not updating RFID location properly.

• CSCwb52755 - Apple and Android fast transition capable client is unable to authenticate with Identity Preshared Key (iPSK) profile.

• CSCwb58100 - Unable to map SSID with spaces in it on an attribute list.

• CSCwb64761 - Controller is discarding location updates from RFID tags.

• CSCwb67450 - Add show process cpu platform sorted command is needed in show tech wireless command group.

• CSCwb69531 - Controller initiates Extensible Authentication Protocol over LAN (EAPOL) retries for the client in RUN state.

• CSCwb73461 - Radio Resource Management (RRM) core generated @ group_dpc_compute_6GHz.

• CSCwb78191 - AAA VLAN override is not working in iPSK authentication + anchor WLAN configuration.

• CSCwb87440 - Open Virtualization Format (OVF) template allows to change serial number to any value.

• CSCwb93067 - Cisco Catalyst 9800-CL Controller: WNCd crash is observed during switch integrated security features (SISF) routines.

• CSCwb93513 - Stale client entries are not deleted and is stuck on device-tracking database.

• CSCwc01644 - CoS AP is using native VLAN instead of VLAN used in the policy profile.

• CSCwc04197 - Secondary controller crashes during redundancy switchover.

• CSCwc05366 - Wireless AAA dynamic VLAN assignment: Wireless clients cannot reach each other.

• CSCwc14629 - Web UI is taking long time to show initial page.

• CSCwc15533 - Continuous wncmgrd CPU HOG traceback is observed with scale Flexible NetFlow (FNF) mapping to policy profile.

• CSCwc15944 - Multicast data is not sent to clients; some APs are unable to join.

• CSCwc17774 - Few Object identifiers (OIDs) under CISCO-ENHANCED-MEMPOOL-MIB shows no instance after switchover.

• CSCwc22468 - Client traffic fails when client roams between APs with dot11r to dot11i transition.

• CSCwc26105 - Controller HA split brain due to multiple secondary addresses on the interface.

• CSCwc26819 - Controller is not sending Logical Link Control (LLC) or eXchange IDentifier (XID) spoofed frames after a mobility event.

• CSCwc28408 - WNCD crash on co_fetch_mbssid_from_rbssid.

• CSCwc32226 - Zebra RF guns gets deleted from controller randomly due to reason: CO_CLIENT_DELETE_REASON_ZONE_CHANGE.

• CSCwc36910 - cEdge device pushes wrong config syntax (config wlan broadcase-ssid disable 2).

• CSCwc38828 - Invalid TDL pointers caused WNCd crash.

• CSCwc41358 - MAC filtering: WLAN profile column displays the WLAN name + description.

• CSCwc41903 - Syslog needs to be enhanced.

• CSCwc42784 - Client fails to connect when protocol based QoS is configured.

• CSCwc55982 - Stale entry is observed in the show wireless device tracking database ip command output after client deletion.

• CSCwc57227 - Wireless Network Control Daemon (WNCd) crash is observed.

• CSCwc57312 - Layer2 VXLAN network identifier (VNID) number in CLI and GUI are different.

• CSCwc57836 - Restore configuration by HTTP mode does not work on Cisco Embedded Wireless Controller.

• CSCwc59518 - Cisco Catalyst 9800-80 controller crashes with the reason: Critical process wncd fault on rp_0_3 (rc=134).

• CSCwc72047 - APs are operating on disabled RF profile channels.

• CSCwc75247 - Packets destined for Layer 2 socket application gets delivered to Layer 3 socket application.

• CSCwc76905 - SISF crash is observed when handling DHCP messages.

• CSCwc79394 - WNCd is going high upto 99% on tbl(WNCD_DB/tbl_client_wsa_info).

• CSCwd00711 - When Wi-Fi Protected Access (WPA) 3 and Opportunistic Wireless Encryption (OWE) transition are enabled, non-WPA3 clients are getting network access in webauth-pending state.

• CSCwd17349 - Active chassis get stuck during SSO failover.

Open issues

• CSCwb51757 - High channel utilization is observed on 5GHz radio with 40MHz.

• CSCwc54370 - A controller in HA is not sending gratuitous ARPs (GARPs) after it rejojns HA pair from standalone due to no RP or uplink.

• CSCwc74020 - Allow more than eight IPv6 addresses, per wireless client.

• CSCwc89183 - Controller crash is observed (on libewlc_client_dpath_svc.so).

• CSCwc97199 - Re-association request processing is delayed between the driver and wcp.

• CSCwc99359 - Rogue rule delete classification configuration is not working.

• CSCwd04025 - APs associated with the controller are showing interface "Half duplex".

• CSCwd04571 - Memory leak is observed (in wncd process) when under load.

• CSCwd06018 - 802.11r reauthentication failed due to 'Invalid PMKID' while doing inter-WNCD roaming.

• CSCwd06122 - AP join issues are observed due to stale client entries.

• CSCwd12120 - Inject path crash on controller switch on IPv6 QoS.

• CSCwd12754 - CAPWAP wireless traffic is getting the same Security Group Tag (SGT) tag as the corresponding incoming wired traffic.

• CSCwd23681 - Controller fails to update AP config with error "% Error: no ap_name exists".

• CSCwd25931 - Wireless client is not receiving IPv6 RA from wired - FlexConnect Local DHCP.

• CSCwd26693 - N+1 HA for FlexConnect is not working as expected.

• CSCwd32900 - AP is dropping Extensible Authentication Protocol over LAN (EAPOL) message 4 during 4-way handshake.

• CSCwd33981 - Kernel panic crash with PC (at cpuidle_not_available).

• CSCwd34890 - Clients are getting deauthenticated imediately after getting IP address in LWA + Local Switching + Central Authentication scenario.

• CSCwd35577 - Redundancy fails due to double bit error correction code (ECC).

• CSCwd40731 - AP reloads due to kernel panic.

• CSCwd45079 - FlexConnect AP performs Extensible Authentication Protocol (EAP) identity request after completing 4-way handshake.

• CSCwd45536 - AP is sending ARP broadcast to wireless clients when P2P blocking action is enabled.

• CSCwd46252 - Controller shows AP as having no neighbors. This issue is caused when power level is set to maximum.

• CSCwd46721 - IP theft is observed due to client stale entry in Object Document Mapping (ODM) database.

• CSCwd47286 - Capability annotation is missing for some xpaths in yaml files.

• CSCwd47741 - Controller is failing to update Dynamic Channel Assignment (DCA) channels.

• CSCwd49686 - AP doesnt not save syslog message before crash.

• CSCwd49861 - AIRESPACE-WIRELESS-MIB: bsnAPIfType OID documentation is incomplete.

• CSCwd52938 - Wired clients behind a workgroup bridge (WGB) are not getting IP address in anchor WLAN.

• CSCwd53025 - Cisco Catalyst 9800-CL controller Self-signed Certificate (SSC) configuration command fails.