Maintenance and Monitoring
The maintenance and monitoring tasks described here all pertain to viewing and modifying settings on specific access points; not on a cluster configuration that is automatically shared by multiple access points. Therefore, it is important to ensure that you are accessing the Administration Web pages for the particular access point you want to configure. For information on this, see Navigating to Configuration Information for a Specific AP and Managing Standalone APs.
The following maintenance and monitoring topics are covered.
Interfaces
To monitor wired LAN and wireless LAN (WLAN) settings, navigate to Status > Interfaces on the access point you want to monitor.
|
Note
|
On a two-radio access point, current wireless settings for both Radio One and Radio Two are shown. On a one-radio access point, settings are shown for one radio. The Interfaces page for a two-radio AP is shown in the following figure.
|
This page displays the current settings of the Devicescape Reference AP. It displays the Ethernet (Wired) Settings and the Wireless Settings.
Ethernet (Wired) Settings
The Internal interface includes the Ethernet MAC Address, IP Address, Subnet Mask, and Associated Network Wireless Name (SSID).
The Guest interface includes the MAC Address, VLAN ID, and Associated Network Wireless Name (SSID).
If you want to change any of these settings, click the Edit link.
Wireless Settings
The Radio Interface includes the Radio Mode and Channel. Also shown here are MAC addresses (read-only) and Network Names for the internal and guest interfaces. (See Setting the Wireless Interface and Configuring Radio Settings for more information.)
If you want to change any of these settings, click the Edit link.
Event Logs
To view system events and kernel log for a particular access point, navigate to Status > Events on the Administration Web pages for the access point you want to monitor.
The Events tabbed page allows you to enable or disable Persistence. This page also gives you the option of enabling a remote "log relay host" to capture all system events and errors in a Kernel Log. (This requires setting up a remote relay host first. See Log Relay Host for Kernel Messages). The Events tabbed page also lists the most recent events generated by this access point (see Events Log).
|
Note
|
The Devicescape Reference AP acquires its date and time information using the network time protocol ( NTP). This data is reported in UTC format (also known as Greenwich Mean Time). You need to convert the reported time to your local time.
For information on setting the network time protocol, see Enabling the Network Time Protocol Server.
|
Enabling or Disabling Persistence
Persistence can be enabled or disabled from the Events tabbed page. The persistent log is saved in NVRAM. Even after a reboot, all persistent logs are still reserved in NVRAM. Non-persistent logs are only kept during the run-time period. If you reboot the access point, all non-persistent logs will be lost.
Enabling Persistence from the Events tabbed page ensures that all logs are written to NVRAM and even after a reboot, these are recoverable.
|
Note
|
It should be remembered that enabling Persistence will result in a continuous write operation. There is a risk that this will wear out the Flash element of the AP. You should decide whether enabling Persistence is right for your needs, given the elevated risk of wearing out the flash of the AP.
|
|
Field
|
Description
|
|
Persistence
|
Choose to either enable or disable Persistence.
|
|
Severity
|
You can choose a Severity level of between 0 and 7.
Severity 7 is the least severe level and Severity 0 is the most severe level.
For more details on Severity Levels, see Severity.
|
|
Depth
|
You can enter a value between 1 and 128.
For more information on Depth, see Depth.
|
Severity
The purpose of severity configuration is to filter or limit the security messages that are displayed in the Event log. It is unlikely that you will want to see a list of all messages. Those of less severity or significance can be filtered using the Severity Configuration feature.
If you set the Severity level to 7, all messages with a severity level between 7 and 0 will appear in the Event log. Alternatively, if you want to filter messages, you can set the Severity level to 4. In this instance, all messages with a severity level between 4 and 0 will appear in the Event log. Therefore, less severe messages and notices will be ignored.
|
Severity Level
|
Description
|
|
0
|
Emergency: system is unusable
|
|
1
|
Alert: action must be taken immediately
|
|
2
|
Critical: critical condition
|
|
3
|
Error: error condition
|
|
4
|
Warning: warning conditions
|
|
5
|
Notice: normal but significant condition
|
|
6
|
Informational: information messages
|
|
7
|
Debug: debug-level messages
|
Depth
The value specified in the Depth field determines the number of log entries that can be saved to NVRAM. You can save up to a maximum of 128 entries. If you rely on log messages for monitoring the performance of your AP, you should set the Depth value to the maximum of 128.
Log Relay Host for Kernel Messages
Understanding Remote Logging
The Kernel Log is a comprehensive list of system events (shown in the System Log) and kernel messages such as error conditions like dropping frames.
You cannot view Kernel Log messages directly from the Administration Web UI for an access point. You must first set up a remote server running a syslog process and acting as a syslog "log relay host" on your network. Then, you can configure the Devicescape Reference AP to send its syslog messages to the remote server.
Using a remote server to collect access point syslog messages affords you several benefits. You can:
- Aggregate syslog messages from multiple access points
- Store a longer history of messages than kept on a single access point
- Trigger scripted management operations and alerts
Setting Up the Log Relay Host
To use Kernel Log relaying, you must configure a remote server to receive the syslog messages. This procedure will vary depending on the type of machine you use as the remote log host. Following is an example of how to configure a remote Linux server using the syslog daemon.
Example of Using Linux syslogd
The following steps activate the syslog daemon on a Linux server. Make sure you have root user identity for these tasks.
- Log on as
root to the machine you want to use as your syslog relay host.
The following operations require root user permissions. If you are not already logged on as root, type su at the command line prompt to become root ("super user").
- Edit
/etc/init.d/sysklogd and add "-r" to the variable SYSLOGD near the top of the file. The line you edit will look like this:
SYSLOGD="-r"
Consult the man pages to get more information on syslogd command options. (Type man syslogd at the command line.)
- If you want to send all the messages to a file, edit
/etc/syslog.conf.
For example you can add this line to send all messages to a log file called "AP_syslog":
*.* -/tmp/AP_syslog
Consult the man pages to get more information on syslog.conf command options. (Type man syslog.conf at the command line.)
- Restart the syslog server by typing the following at the command line prompt:
/etc/init.d/sysklogd restart
|
Note
|
The syslog process will default to use port 514. We recommend keeping this default port.
However; If you choose to reconfigure the log port, make sure that the port number you assign to syslog is not being used by another process.
|
Enabling or Disabling the Log Relay Host on the Status > Events Page
To enable and configure Log Relaying on the Status > Events page, set the Log Relay options as described below and then click Update.
|
Field
|
Description
|
|
Relay Log
|
Choose to either enable of disable the use of the Log Relay Host.
If you select the Relay Log checkbox, the Log Relay Host is enabled and the Relay Host and Relay Port fields are editable.
|
|
Relay Host
|
Specify the IP Address of the Relay Host.
Note: If you are using Devicescape Wireless Operations Center, the Repository Server should receive the syslog messages from all access points. In this case, use the IP address of the Operations Venter Repository Server as the Relay Host.
|
|
Relay Port
|
Specify the Port number for the syslog process on the Relay Host.
The default port is 514.
|
Update Settings
To apply your changes, click Update.
If you enabled the Log Relay Host, clicking Update will activate remote logging. The access point will send its kernel messages real-time for display to the remote log server monitor, a specified kernel log file, or other storage, depending on how you configured the Log Relay Host.
If you disabled the Log Relay Host, clicking Update will disable remote logging.
Events Log
The Events Log shows system events on the access point such as stations associating, being authenticated, and other occurrences. The real-time Events Log is always shown on the Status > Events Administration Web UI page for the access point you are monitoring. To clear all currently listed events, click Clear All.
Transmit/Receive Statistics
To view transmit/receive statistics for a particular access point, navigate to Status > Transmit/Receive on the Administration Web pages for the access point you want to monitor.
|
Note
|
The following figure shows the Transmit / Receive page for a two-radio AP. The Administration Web page for the one-radio AP will look slightly different.
|
This page provides some basic information about the current access point and a real-time display of the transmit and receive statistics for this access point as described in the following table. All transmit and receive statistics shown are totals since the access point was last started. If the AP is rebooted, these figures indicate transmit/receive totals since the re-boot.
|
Field
|
Description
|
|
IP Address
|
IP Address for the access point.
|
|
MAC Address
|
Media Access Control ( MAC) address for the specified interface.
A MAC address is a permanent, unique hardware address for any device that represents an interface to the network. The MAC address is assigned by the manufacturer.
The Devicescape Reference AP has a unique MAC address for each interface. A two-radio access point has a different MAC address for each interface on each of its two radios.
|
|
VLAN ID
|
A VLAN is a software-based, logical grouping of devices on a network that allow them to act as if they are connected to a single physical network, even though they may not be.
VLANs can be used to establish internal and guest networks on the same access point.
|
|
Name (SSID)
|
Wireless network name. Also known as the SSID, this alphanumeric key uniquely identifies a wireless local area network.
The SSID is set on the Basic Settings tab. (See Provide Network Settings.)
|
|
Transmit and Receive Information
|
|
Total Packets
|
Indicates total packets sent (in Transmit table) or received (in Received table) by this access point.
|
|
Total Bytes
|
Indicates total bytes sent (in Transmit table) or received (in Received table) by this access point.
|
|
Errors
|
Indicates total errors related to sending and receiving data on this access point.
|
Associated Wireless Clients
To view the client stations associated with a particular access point, navigate to Status > Client Associations on the Administration Web pages for the access point you want to monitor.
The associated stations are displayed along with information about packet traffic transmitted and received for each station.
|
Note
|
The "Authenticated" and "Associated" Status shows only the underlying IEEE 802.11 authentication/association, which will be present in all Security modes. It does not refer to or show IEEE 802.1x authentication/association. Some points to keep in mind with regard to this are:
- If the AP is running in Unencrypted ("Plain-text") mode or Static WEP mode, the authentication and association status of clients showing on the Client Associations tab will be in line with what is expected; that is, if a client shows as authenticated to the AP, it will be. (This is because Static WEP uses only IEEE 802.11 authentication.)
- If the AP is running in IEEE 802.1x mode, however, it is possible for a client association to show on this tab as authenticated (via the IEEE 802.11 security) but actually not be authenticated to the AP via the second layer of IEEE 802.1x security.
|
Link Integrity Monitoring
The Devicescape Reference AP provides link integrity monitoring to continually verify its connection to each associated client (even when there is no data exchange occurring). To do this, the AP sends data packets to clients every few seconds when no other traffic is passing. This allows the access point to detect when a client goes out of range, even during periods when no normal traffic is exchanged. The client connection drops off the list of associated clients within 300 seconds of a client disappearing, even if they do not disassociate (but went out of range).
Neighboring Access Points
The status page for "neighboring access points" provides real-time statistics for all access points within range of the access point on which you are viewing the Administration Web pages.
To view information about other access points on the wireless network, navigate to Status > Neighboring Access Points.
Information provided on neighboring access points is described in the following table.
|
Field
|
Description
|
|
MAC Address
|
Shows the MAC address of the neighboring access point.
A MAC address is a hardware address that uniquely identifies each node of a network.
|
|
Radio
|
Two-Radio APs
If the access point that is "doing the detecting" of neighboring APs is a two-radio access point, the Radio field is included.
The Radio field indicates which radio the neighboring AP was detected on:
- wlan0 (Radio One)
- wlan1 (Radio Two)
One-Radio APs
This field is not included on the Neighboring Access Points pages of one-radio access points.
|
|
Beacon Interval
|
Shows the Beacon interval being used by this access point.
Beacon frames are transmitted by an access point at regular intervals to announce the existence of the wireless network. The default behavior is to send a beacon frame once every 100 milliseconds (or 10 per second).
The Beacon Interval is set on the Manage > Radio tab page.(See Configuring Radio Settings.)
|
|
Type
|
Indicates the type of device:
- Ad hoc indicates a neighboring station running in Ad hoc Mode. Stations set to ad hoc mode communicate with each other directly, without the use of a traditional access point. Ad-hoc mode is an IEEE 802.11 Wireless Networking Framework also referred to as peer-to-peer mode or an Independent Basic Service Set (IBSS).
|
|
SSID
|
The Service Set Identifier ( SSID) for the access point.
The SSID is an alphanumeric string of up to 32 characters that uniquely identifies a wireless local area network. It is also referred to as the Network Name.
The SSID is set in Basic Settings. (See Configuring Basic Settings) or in Manage > Wireless Settings (see Setting the Wireless Interface.)
A Guest network and an Internal network running on the same access point must always have two different network names.
|
|
Privacy
|
Indicates whether there is any security on the neighboring device.
- Off indicates that the Security mode on the neighboring device is set to "None" (no security).
- On indicates that the neighboring device has some security in place.
Security is configured on the AP from the Security tab page. For more information on security settings, see Configuring Security.
|
|
WPA
|
Indicates whether WPA security is "on" or "off" for this access point.
|
|
Band
|
This indicates the IEEE 802.11 mode being used on this access point. (For example, IEEE 802.11a, IEEE 802.11b, IEEE 802.11g.)
The number shown indicates the mode according to the following map:
- 2.4 indicates IEEE 802.11b mode or IEEE 802.11g mode
- 5 indicates IEEE 802.11a mode
- 5 Turbo indicates Atheros Turbo 5 GHz mode
|
|
Channel
|
Shows the channel on which the access point is currently broadcasting.
The Channel defines the portion of the radio spectrum that the radio uses for transmitting and receiving.
The channel is set in Radio Settings. (See Configuring Radio Settings.)
|
|
Rate
|
Shows the rate (in megabits per second) at which this access point is currently transmitting.
The current rate will always be one of the rates shown in Supported Rates.
|
|
Signal
|
Indicates the strength of the radio signal emitting from this access point as measured in decibels (Db).
|
|
# of Beacons
|
Shows the total number of beacons transmitted by this access point since it was last booted.
|
|
Last Beacon
|
Shows the date and time of the most recent beacon that was transmitted from the access point.
|
|
Rates
|
Shows supported and basic (advertised) rate sets for the neighboring access point. Rates are shown in megabits per second (Mbps).
All Supported Rates are listed, with Basic Rates shown in bold.
Rate sets are configured on Radio Settings. (See Configuring Radio Settings.) The rates shown for an access point will always be the rates currently specified for that AP in its Radio Settings.
|
