Resolved:APs repeatedly join and disjoin controller with traceback

Release Notes for Cisco Catalyst 9800 Series Wireless Controller, Cisco IOS XE 17.15.2

What's New in Cisco IOS XE 17.15.2

Feature Name: Cisco Network Subscription
Description and Documentation Link:
Cisco Wireless licenses, a part of the Cisco Networking Subscription licensing model, is a software license that helps you to deploy your Wi-Fi 7 Access Points in an on-premise, hybrid, or a cloud managed network. From Cisco IOS XE 17.15.2, Cisco Wireless licenses are supported on Wi-Fi 7 Access Points (APs) and later models of APs.

The Cisco Wireless licenses consist of the following tiers:

• Cisco Wireless Essentials (LIC-CW-E): The tier that provides fundamental features and functionalities that are essential to manage a network.
• Cisco Wireless Advantage (LIC-CW-A): The tier that supports additional features and capabilities, and includes all the essential capabilities in addition to the advanced capabilities to manage a network.

Feature Name:
Support for the following Wi-Fi 7 APs:

• Cisco Wireless 9178I Series Wi-Fi 7 Access Points (CW9178I)
• Cisco Wireless 9176I Series Wi-Fi 7 Access Points (CW9176I)
• Cisco Wireless 9176D1 Series Wi-Fi 7 Access Points (CW9176D)
  Description and Documentation Link:
  The CW9178I APs, CW9176I APs, and CW9176D APs, are enterprise-class tri-band (2.4 GHz, 5 GHz, 6 GHz) APs. The APs support full interoperability with leading 802.11be, 802.11ax, and legacy clients, and a hybrid deployment with other APs and controllers. For a full listing of the APs' features and specifications, see:
• Cisco Wireless 9178I Series Wi-Fi 7 Access Point Data Sheet
• Cisco Wireless 9176 Series Wi-Fi 7 Access Point Data Sheet

Note
Support for Wi-Fi 7 APs (CW9176, CW9176I, and CW9178D) in availabe for Singapore, Thailand, and Hong Kong. For more information about all the supported countries for the APs, see https://www.cisco.com/c/dam/assets/prod/wireless/wireless-compliance-tool/index.html.

Feature Name:AP AnyLocate
Description and Documentation Link:
In this release, Ultra Wide Band Ranging technology is introduced, which provides superior location accuracy and enhanced network reliability in high-density and multipath-prone environments, resulting in precise and improved wireless performance.

UWB radio is used by APs to perform AP-to-AP ranging that improves the accuracy of AP AnyLocate.

The following commands are introduced:

• geolocation uwb initiator burst-size
• geolocation uwb initiator burst-duration

Feature Name:Third-Party Antenna Support for Cisco Catalyst 9163E Outdoor Access Point (CW9163E-x).
Description and Documentation Link:From this release, third-party antennas are supported on the CW9163E-x APs .

Feature Name**:Dynamic Band Switching in Cisco Catalyst 9166 Series APs (CW9166)
Description and Documentation Link:The CW9166I and CW9166D APs include dynamic XOR 5-GHz or 6-GHz radio band switching that optimizes performance and ensuring regulatory compliance. The APs actively adjust and communicate channel power settings, offering full 5-GHz channels when configured for 6-GHz and restricted channels when in 5-GHz mode.

The following commands are introduced:

• ap name dot11 dual-band slot radio role manual client-serving
• ap name dot11 dual-band slot shutdown
• ap name dot11 dual-band slot band 6ghz

Feature Name:Enhanced Security Group Access Control List (SG-ACL) Logging
Description and Documentation Link:The Enhanced SG-ACL Logging feature uses High-Speed Logging (HSL) to forward the SG-ACL IPv4 and IPv6 permit or deny logging messages in HSL v9 format to the syslog server.

The following commands are introduced:Fast Switching on RLAN Ports in Cisco Catalyst 9105 Series APs

Fast switching for RLAN client traffic is supported on Cisco Catalyst 9105 Series APs.
Description and Documentation Link:The following command is introduced:
rlan fast-switching

Note
If you enable RLAN fast switching for FlexConnect AP using local switching or local DHCP WLAN, which is assigned a non-native VLAN, it is not possible to get a DHCP address from the local DHCP server.
As a workaround, add the wireless client VLAN to the RLAN profile.

Feature Name: Global Use APs
Description and Documentation Link:With the new Wi-Fi 7 APs, Cisco now has one AP portfolio that can be used either with the Meraki cloud native network or Catalyst on-premise controller-based deployments. With the introduction of the one AP portfolio, it is essential to have a single product ID (PID) at manufacturing, to simplify logistics or operations.

The Global Use AP simplifies the Cisco Wireless AP portfolio, by

Decoupling the AP PID/SKU from the regulatory domain (geography) that they can be used.

Decoupling the AP PID/SKU from the boot mode, that is, Catalyst controller-based or Meraki based.

The two key aspects that are addressed by Global Use AP for Catalyst and Meraki Cloud deployments are — AP Mode of Operation and Cisco Regulatory Domain.

The following commands are introduced:

• ap regulatory activation apply
• ap regulatory activation clear
• ap regulatory activation file
• show ap regulatory activation

Feature Name:Global Navigation Satellite System (GNSS) Raw Data Streaming from Cisco AP to Cisco Spaces Connector
Description and Documentation Link:
In this release, the Global Navigation Satellite System (GNSS) raw data streaming through Google Remote Procedure Call (gRPC) feature allows data to be streamed from the APs directly to Cisco Spaces Connector using the gRPC protocol.

Feature Name: Support for Cisco Catalyst 9124AX Series Outdoor Access Points in Morocco
Description and Documentation Link:
Morocco allows indoor channels and power for units attached outside buildings. In this release, the Catalyst 9124AXI and 9124AXD Outdoor APs are supported in Morocco. The outdoor designation is 2.4 GHz.

For more information, see the Detailed Channels and Maximum Power Settings document at https://www.cisco.com/c/en/us/support/ios-nx-os-software/ios-xe-17/products-technical-reference-list.html.

Feature Name: Support for Multi-link Statistics Table
Description and Documentation Link:The multilink statistics table tracks performance for multilink clients, keyed by their MAC address. It stores both per-link and aggregated statistics. For Multicast Listener Discovery (MLD) stations, the system generates and updates these statistics automatically as new links are added. Non-MLD stations initially record only aggregated stats, which are later transferred to the per-link stats table if they connect to an MLD access point.

The following commands are introduced:

• show wireless client mac-address mobility history
• show wireless client mac-address
• show wireless client summary
• show wireless summary

Feature Name:Support for Multi-link Operation (MLO) in Wi-Fi 7 APs
Description and Documentation Link:In this release, Wi-Fi 7 APs allow client devices to operate multiple links with APs as part of the 802.11be standard. The system automatically enables Multi-link Operation (MLO) with 802.11be, requiring no separate configuration.

The following AP commands are introduced:

• copy logs driver radio
• debug aid
• debug client
• debug dot11 dot11Radio
• show controller dot11Radio <radio> aid-list
• show dot11 clients
• show dot11 ml clients
• show dot11 mlo configuration
• show dot11 mlo driver
• show dot11 mlo status
• show flash logs driver radio
• test crash radiofw recovery-mode

Feature Name:
Description and Documentation Link:

Feature Name:Wi-Fi 7 WPA3 Security Constraints
Description and Documentation Link:In this release, the Wi-Fi 7 standard dictates the following security constraints, which are applicable for Wi-Fi 7 compliant APs:

The security standards mentioned below are beaconed as Wi-Fi 7 clients. This is a deviation from the actual security constraint.

• Open authentication as Wi-Fi 7 is not permitted to associate.
• WPA1 as Wi-Fi 7 is not permitted to associate.
• WPA2 as Wi-Fi 7 is not permitted to associate.
• WPA3 is permitted with certain restrictions:
• SAE(24/25) is permitted with GCMP-256.
• SAE(8/9) is permitted. (This is a deviation from the actual security constraint.)
• WPA2 PSK/802.1x with PMF is permitted. (This is a deviation from the actual security constraint.)
• 802.1x-SHA256 with PMF is permitted.
• Suite-B-192 with PMF is permitted.

Open Issues for Cisco IOS XE 17.15.2
CSCwm99449
Kernel panic is observed in CW9176 and CW9178 APs at pc: stile_mpe_conv_set_signatures+0xb8/0x720 [ntdp]
CSCwm95758
Kernel panic is observed in CW9176 at pc: dp_tx_mon_process_tlv_2_0+0xb18/0x18d0
CSCwn27951
Cisco Catalyst 9105W AP: RLAN fast switching breaks DHCP for non-native VLAN wireless
CSCwj16930
Cisco Catalyst 9800-M controller does not connect the 25G port to the Nexus 9K Switch
CSCwj80614
Clients are unable to connect due to assignment of IP address that is in use by stale client entry in device-tracking database in FlexConnect local switching
CSCwk26966
Cisco Aironet 3802 AP displays false radar detection only on UNI-II after upgrading the software
CSCwk55656
AP shadow record support in standby
CSCwk58326
Controller sends multicast packets with previous WMI
CSCwk64840
Controller unexpectedly reboots due to memory depletion due to mobilityd process
CSCwk79990
Controller encounters kernel unresponsiveness due to IntelResetRequest
CSCwk81946
Controller experiences kernel unresponsiveness due to tdl memory corruption
CSCwm58430
Cisco Catalyst 9115 AP experiences kernel unresposiveness due to: Beacon Stuck Reset Radio
CSCwm65537
Clients encounter slow speeds after connecting to the Cisco Catalyst 9166AX AP's slot 2
CSCwm86679
Cisco Catalyst 9800-40 controllers encounter kernel unresponsiveness and reboot unexpectedly at rogue_start_containers
CSCwm97615
Cisco Aironet 1562 MAP does not form mesh with Cisco Catalyst 9124 RAP running 17.9
CSCwm99135
802.11ax client faces latency in AP.
CSCwn03468
Clients encounter slow speeds while connecting to slot 2 operating in the 5-GHz band on CM66
CSCwn10992
DTLS timeout because of improper client load balancing
CSCwn11160
Controller running in High Availability in guest anchor sends traffic to the wrong tunnel after switchover for already connected clients
CSCwk53741
Anchor controller drops mobility tunnel even when keepalive timers aren't hit
CSCwk78480
Controller's WNCd experiences kernel unresponsiveness due to SISF
CSCwm09484
Controller encounters kernel unresponsiveness for WNCd in SSL Code
CSCwm37410
Cisco Catalyst 9120 AP does not forward large packets when MTU=1500
CSCwm57534
Controller experiences kernel unresponsiveness due to Critical process WNCd fault
CSCwm73020
Controller relays unicast DHCP requests
CSCwm74173
Cisco Catalyst 9500 experiences kernel unresponsiveness when loading the controller package to enable EWC
CSCwm80845
OEAP LAN Ports 2 and 3 become non-functional on RLAN Profile after the controller code is upgraded
CSCwm88338
Displaying Standby Chassis STANDBY HOT stopped when the default gateway is unreachable
CSCwm89379
Controller should permit duplicate IPv6 while IP Theft is disabled
CSCwm93080
IP address of the TACACS server disappears when the GUI timeout is changed
CSCwm95682
Controller does not use the latest APSP after failover, causing AP to download new image after rejoining
CSCwm97684
AP gets removed from the controller due to an intermittent SW kernel unresponsiveness on the CAPWAPd process
CSCwm98000
Cisco Catalyst 9105 AP displays Short Preamble "Allowed" but then rejects association with SP "Not Allowed"
CSCwn00375
Controller does not generate AP disjoin event message syslog after the AP is disconnected
CSCwn03574
Cisco Catalyst 9800-80 contoller reloads unexpectedly and experiences kernel unresponsiveness
CSCwn06317
Controller does not send RADIUS request for web admin user
CSCwn08464
Cisco Catalyst 9120 AP experiences kernel unresponsiveness due to ktime_get_update_offsets_now+0x6c/0xb8
CSCwn08479
Cisco Catalyst 9120 Wi_Fi 6 AP experiences kernel unresponsiveness due to wlc_bsscfg_find_by_target_bssid+0xb8/0xe0
CSCwn11697
Controller experiences unexpected kernel unresponsiveness while client association with key-wrap is enabled
CSCwn12549
Controller unexpectedly reloads with CPUHOGS writing /tmp/rp/tdldb/0/NMSPD_DB on NMSPd process

Resolved Issues for Cisco IOS XE 17.15.2

CSCwm12544
Controller unexpectedly reloads with cpp-ucode exception due to a rbuf out-of-handle

CSCwi04855
APs repeatedly join and disjoin controller with traceback

CSCwi78109
Controller GUI displays error messages: %CLI_AGENT-1-NVGEN_ERR while processing NVGEN command

CSCwj39057
Cisco Catalyst 9130 AP experiences traffic loss and delays due to perceived channel utilization and interference

CSCwj85091
Controller unexpectedly stops working while running the show wireless client mac-address detail command

CSCwj88071
Controller sends an invalid XML character (Unicode: 0x4) found in RPC response for ap-model

CSCwj93876

Controller unexpectedly reloads with reason "Critical process wncmgrd fault on rp_0_0 (rc=134)"

CSCwk05809
%EVENTLIB-3-CPUHOG message observed on Cisco IOS XE 17.12

CSCwk12169
Cisco Catalyst 9105/9115/9120 AP fails for clients connected in 5G slot

CSCwk17102
Client experiences unexpected disconnect due to missing M1 packet

CSCwk24352
Wireless clients are unable to receive the splash page and gets stuck due to webauth requirement

CSCwk37983
Client VLAN is retained after changing SSIDs if \\"vlan-persistent\\" is enabled

CSCwk39263
Cisco Catalyst 9115 and 9120 APs loses its port 802.1X configuration on upgrade

CSCwk39866
Client page is stuck in loading state

CSCwk52996
Cisco Catalyst 9120 AP unexpectedly reloads along with radio abnormalities on wlc_bmac_suspend_mac

CSCwk54291
Controller voice CAC BW is not cleared

CSCwk63163
Controller does not respond to CoA

CSCwk70277
FRA sets slot 2 to 6 GHz in Cisco Catalyst 9166 AP even when 6-GHz network is disabled

CSCwk76746
Controller stops responding constantly when running specific UDN related commands

CSCwk82371
Cisco Catalyst 9120AXI-S AP does not detect the RFIDs in Monitor mode

CSCwk84121
Local switching clients are assigned to Zone ID 0 when IP overlap is configured and FlexConnect VLAN central switching

CSCwk97948
Controller ends abnormally during an ISSU upgrade from Cisco IOS XE 17.3 to 17.12

CSCwk98117
Cisco Catalyst 9166D APs are unable to transmit NDP packets over the air

CSCwm03016
Controller experiences kernel unresponsiveness abnormally pointing to client_orch

CSCwm07499
Cisco Catalyst 91xx AP does not rotate awipsd.log causing an upgrade issue "tar: write error: No space left on device"

CSCwm08044
APs do not upgrade without a power cycle displaying error: unlzma: write: No space left on device

CSCwm09148
EWC rogue syslogs are missing

CSCwm29051
Controller experiences kernel unresponsiveness two times due to Critical process WNCd fault on rp_0_0 (rc=139)

CSCwm29437
Controller reboots handling AP radio payloads due to Critical process wncd fault on rp_0_0 (rc=139)

CSCwm30964
EWC does not start on RAP after factory reset

CSCwm31864
Cisco Wave APs experience kernel unresponsiveness due to memory leak reason OOM

CSCwm36607
Controller displays fman_rp memory leak in FMAN_RP_DB at /tmp/rp/tdldb

CSCwm40646
Clients stuck in IP learning state as DHCP option 82 field is left empty with EoGRE tunnel enabled

CSCwm49453
Controller upgrading to 17.9.5 removes the NAS Port-ID in Access-Request

CSCwm49467
FlexConnect APs disable u-APSD in the assoc request if clients don't have it enabled

CSCwm52551
Cisco Catalyst 9124 AP in FlexConnect mode with the FlexConnect EoGRE tunnel enabled leaves the Option 82 field unfilled

CSCwm66129
Cisco Wave 2 APs 2800, 3800, and 4800 display duplicate entries for stale clients in the Wi-Fi driver

CSCwm67710
Cisco Catalyst 9800-80 controller encounters critical process WNCd failure (rc 0)

CSCwm74071
Controller encounters kernel unresponsiveness due to client being stuck in 802.11r preauth and BSSID/AP going down at the same time

CSCwn06627
Controller encounters kernel unresponsiveness with geolocation config pointing towards geo_cloudm_graph_shortest_path

CSCwi83037
Cisco Aironet 4800 AP: Radio Core data files generated Radio 1 during longevity testing

CSCwj03060
Cisco Aironet 1815w AP encounters kernel unresponsiveness on image version 17.9.4.205

CSCwj66264
Cisco Catalyst 9300 and 9400 switches' mGig port displays half-duplex mismatch messages

CSCwj69312
Loadbalancer feature does not work when AP sends negative SNR value

CSCwj69642
Cisco Catalyst 9166 APs stop forwarding traffic for some seconds.

CSCwj82407
Controller's Web UI enhancement shows login banner while using TACACS/RADIUS

CSCwj85339
Controller displays no effect on disabling DCA Aggressive on startup

CSCwk11417
ewlc_cert_mgr, SafeC Validation: strncpy_s: does not have enough space after assigning new WebAdmin cert

CSCwk52242
Clients using Cisco IW3702 AP in FlexConnect mode cannot obtain IP addresses while behind third-party WGB

CSCwk52366
Controller encounters fix flow control display issue

CSCwk59342
Controller using channels 1, 5, 6, 9, 11, and 13 on 2.4GHz RF profiles causes discrepancies

CSCwk66729
FlexConnect AP with Client QoS policy changes WLAN-VLAN mapping without manual configuration change

CSCwk70785
AP does not update the MTU value for PMTU probe causing disconnection

CSCwk74269
SNMP query with bsnAPIfTable OID fails for Cisco Catalyst 9166D APs

CSCwk74699
Controller GUI does not change AP tags displaying "System Busy! Please retry after sometime"

CSCwk77222
Cisco Aironet 2802 AP encounters kernel unresponsiveness after upgrading to 17.9.5.47

CSCwk77766
Cisco Catalyst 9800-80 encounters kernel unresponsiveness due to incorrect delete reason code in the AP delete mobile payload

CSCwk77862
AP does not disjoin automatically when the AP-name is changed in the Regex filter

CSCwk80486
APs mark own BSSID as rogue in 2.4 GHz and in 5 GHz

CSCwk85707
SSH access remains unrestricted for EWC-capable APs connecting to the Cisco Embedded Wireless Controller

CSCwk93880
Cisco IW-6300H-AC-E-K9 APs encounter kernel unresponsiveness due to FIQ/NMI reset

CSCwm00078
Cisco Catalyst 9136 AP sends M5 with incorrect index 0, resulting in Apple Macbooks not responding

CSCwm04379
Cisco Catalyst 9115AX displays BcmRadioStats error : Failed to add multicast MAC address for RRM as dot11_client entry

CSCwm08261
Controller RADSEC fix using a Samsung device displays wrong Acct-Terminate-Code when manually disabling Wi-Fi

CSCwm14401
Controller experiences an unexpected reset of WNCd

CSCwm28542
OKC roam fails after a brief WAN drop

CSCwm34600
AAA override VLAN does not apply upon roaming in FlexConnect local authentication

CSCwm36501
Controller encounters kernel unresponsiveness due to TLB miss

CSCwm49168
Cisco Catalyst 9164I-ROW AP VAP driver drops EAP identity requests packet intermittently

CSCwm50811
AP displays BSSID as rogue intermittently, causing the control packet to be considered for impersonation detection

CSCwm52604
Controller experiences unexpected reload while parsing null password on '? password encryption aes?' command

CSCwm56700
Controller does not answer to A/AAAA queries for wired devices (mDNS gateway)

CSCwm56949
Removing 'tls match-server-identity hostname <url>' doesn't work

CSCwm61128
AAA override VLAN is not used for FT 11R roam-in local authentication

CSCwm65107
Cisco Catalyst 9130 AP encounters kernel unresponsiveness due to OOM

CSCwm73271
Cisco Wave 2 AP does not send syslog messages if the receiver is using an IPv6 address

CSCwm80472
Controller's UI and CLI fail to delete a mobility peer due to 'invalid transversal ctx for walker next rec'

CSCwn04950
Cisco Embedded Wireless Controller in the Site Survey mode does not connect with the internal AP

CSCwn05795
Cisco Catalyst 9120AXI-I AP's 2.4-GHz band does not activate due to a 'Regulatory domain check failed' error

CSCwk26007
Controller RP undergoes unexpected reload while displaying OPSSL Handshake Errors

CSCwk81268
IPv6 buffer overrun encounters kernel unresponsiveness when client IPv6 address removal happens in a larger number

CSCwm08255
Controller RADSEC's accounting stop messages are missing when user disconnects from Wi-Fi

CSCwm42613
Clients are unable to join due to high memory usage: AAA_CHUNK_ATTR_SUBLIST

CSCwj97570
Controller running 17.9.4a code encounters kernel unresponsiveness when configuring "ip http server"

CSCwk77301
Controller RADSEC's accounting does not stop while accounting starts including framed-IP

CSCwm04614
WNCd logs display a CPU hog during association request processing