Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
A common example is to inherit the desired telemetry for all devices spanning all types, at a top level.
It remains possible to override the values shown here, perhaps to a faster interval, for the required telemetry data defined at the top level.
Create a general configuration, select Metrics as the Configuration Section.
Within the Subsections select all metrics types to be included and a weight for this template.
Available metrics:
Metric | Description |
---|---|
WiFi Frames
Select Management Frame reports to send. Values include: Probe, Auth, Assoc, DeAuth, Disassoc, Local-Deauth, Inactive-Deauth, Key-Mismatch, Beacon-Report, Radar-Detected
Statistics
Set Interval of all Statistics and types including: SSID, LLDP, Clients
DHCP Snooping
Select the DHCP & DHCPv6 frames to send in telemetry including: ACK, DISCOVER, OFFER, REQUEST, REPLY, RENEW, SOLICIT
Health
Interval to send automated health check score
Device provisioning occurs based on inventory association to configuration templates.
Creating a template begins with the Configurations tab and creating a new template.
Create Configuration dialog requires a name and one or multiple device types to apply configuration with. If device inventory within an Entity or a Venue exist with no configuration templates matching Device Types of the associated inventory, no associated provisioning will apply to those devices. This is the basic logic that enables unique Wi-Fi device type configurations to be layered through the system.
Limiting the configuration to a subset of device types is done through selection of available Device Types via pull down menu.
A possible scenario may be that at such a top level, the operator wishes to set transmit power, MIMO operation where the Wi-Fi 6 2x2 top level configuration is defined.
To include configuration parameters, select Add Subsection and choose the appropriate values.
In this example we will choose Radios and define the MIMO and Tx Power.
Begin with describing the Radio operating mode, assign a weight that may be either low enough to be overridden by further entity or venues or high enough to not be overridden, then Add Radio.
OpenWiFi supports all possible Wi-Fi radio bands. Select the desired radio(s) and continue.
General properties, the following may be configured:
Advanced Settings, the following may be configured:
When complete, Save the "Top Level Wi-Fi 6 2x2" configuration for the device types chosen that align to such a radio mode.
For purpose of demonstration, if the admin were to create another Configuration template with the same weight as the previous template defining the Advanced parameters, these could then be broken down for example by device type.
Create another template as described for only one of the Wi-Fi 6 2x2 APs we have shown thus far.
Setting specific configuration for the EAP 101 advanced radio parameters. For example, if a device in this entity is an EAP 101, it will have advanced radio properties of 12Mb/s beacon rate, 24Mb/s multicast rate, random BSS color and require HE mode.
With these settings saved, multiple configuration templates are now shown that will influence radio operating parameters equally yet separately based on device type.
Option | Description |
---|---|
Band
Frequency Band
Bandwidth
5,10,20 MHz channel narrow operation
Country
Operating Country aka Country Code
Channel-Mode
Operating Mode HT, VHT, HE
Channel-Width
Total channel bandwidth
Channel
Operating channel frequency
MIMO
Values of 1x1 - 8x8
TX-Power
Transmission power in dBm
Legacy-Rates
Allow 802.11b rates
Maximum-Clients
Total UEs Permitted
Multiple-BSSID
Multiple BSSID IE advertisment
Beacon-Rate
Value 1-54Mb/s Beacon Frame Rate
Beacon-Interval
Interval of Beacon Frames in ms
DTIM-Period
Value 1-255 Delivery Traffic Information Message
Hostapd-iface-raw
Directly configure hostapd parameters not part of OpenWiFi data model
Multicast
Multicast frame rate in Mb/s
EMA
Multi-BSSID broadcast using EMA
BSS-Color
BSS Coloring 0-disable, 1-63 manual, 64 random
Require-Mode
Minimum 802.11 UE standard permitted to associate. None - disabled, HT - a,b,g,n, VHT - a,b,g,n,ac, HE- a,b,g,n,ac,ax
Entities represent a collection of resources for which certain business logic rules apply.
Entities may hold:
Members of Entity | Description |
---|---|
Venues are an important concept in OpenWIFi Provisioning. Venues inherit access to Analytics where incoming telemetry and client events are aggregated from the message bus, transformed and correlated based on the members of the Venue resulting in Venues Dashboard, Live Client quality connection analysis, and client tracking through the venue.
Venues may not exist beneath the root entity. Create an entity prior to defining a venue
Within a non-root entity, Create a Venue.
Once the Venue exists, navigate into the Venue.
Within a Venue, the RRM and Firmware management rules may be defined. Note Analytics are now an available option within the Venue. To track device and client statistics, enable Analytics.
Choose Edit and Start Monitoring. This will enable the admin to determine the interval of analytic data aggregation, and the data retention window in days.
When Analytics are enabled, the Dashboard is populated. As devices are associated to the Venue, their telemetry data is aggregated by Analytics service and correlated for display via Dashboard, Live View and Client Lifecycle.
OpenWiFi 2.0
Release 2.0 user interfaces (UI) are designed as a Single-Page Application (SPA). The UI serves as an example user interface built using React to demonstrate several interactions using the northbound OpenAPI. Release 2.0 to 2.5 had a first generation of the UI framework. This first generation UI framework is seen for the Gateway and Firmware service. With the introduction of 2.6 and the Provisioning and Analytics services, a new UI for those specific SDK services has been introduced.
All UI interactions consume the OpenAPI of the SDK services.
The following describes the likely starting point for an Administrator. Using the Provisioning service to define how the Wi-Fi networks in Entity, Venue and device provisioning terms may optionally be defined.
Default username is: tip@ucentral.com
and password is: openwifi
On first login, the default user account will prompt to change password. This behavior is also available for all admin defined accounts added to the system.
On initial login the Provisioning service places the user on the Inventory screen.
Inventory enables the admin to visually identify OpenWiFi devices not currently assigned to an Entity, Create a new device, execute commands per device, inspect device details and view the device active state as shown in the Gateway service.
Within Device Details, found via the magnifying glass per Inventory row, association to an Entity Parent is possible. Additionally setting the device Firmware policy to inherit the rule assigned based on its membership to a Parent and to require Release Candidates or permit any nightly build upgrade to apply. Additionally the device may be enrolled within RRM should its Entity and Venue membership be part of RRM processing. Device Class determines if the device should be restricted to an Entity, Venue, and an end Subscriber.
Device-Specific Configuration will expose any overriding configuration data present for this specific device. Device specific configuration will override inherited configurations from lower priority templates.
Computed Configuration will display the enumeration of all provisioned templates the device is associated with. These templates are inherited as a result of device membership within an Entity, Child Entity, Venue and or Child Venue from which configuration templates may have been defined based on the admin deployment.
The service API could be used to bulk load record formats in a common .csv structure using JSON. For example
```
"SerialNumber",Name,Description,DeviceType,NoteText for example: d1300f7b0732,Manufacturer,Desc, edgecore_spw2ac1200,OutdoorAP
```
For each inventory record, the ```deviceType``` must match a valid OpenWiFi device type. For example:
```
"deviceTypes": [ "cig_wf160d", "cig_wf188", "cig_wf194c", "edgecore_eap101", "edgecore_eap102",
"edgecore_ecs4100-12ph", "edgecore_ecw5211",
...]
```
When inventory is assigned to a Venue, it can be allocated into a top-level parent such as the operator. Then, based on role access, operation's teams may choose to assign the device to a child entity within an operating division, or setup the device as a tenant of a managed Wi-Fi service for example.
Choosing to assign the device to a specific MDU location as an example can be done in one step from above.
The OpenWiFi solution can be applied to a diverse number of use cases from enterprise networks, service provider access, and hotspots. OpenWiFi offers a variety of managed services from small to very large venues of roaming, client shared-key management, client steering, mobile offload, QoS-based services, and Layer 2 and Layer 3 breakout and overlay options.
The Provisioning service provides a view into the network as a whole, and venues with entity-based control.
The provisioning service for OpenWiFi supports weighted order inheritance of configuration templates. These services and networks provide the greatest level of flexibility.
The system functions from a starting point of managed inventory assigned into entities, venues and optionally end subscribers. From this association, inheritance of entity, venue and subscriber configuration becomes possible where one to many configurations are processed including one to one when an inventory device such as a P2P link or Subscriber Gateway have unique operating data.
These features are present from the service over the web interface as well as via API for controller integration and OSS/BSS integration purposes.
With template inheritance, the aggregate of all inherited templates in the device association to Entity, Child, Venue, Child, Device Specific is possible. Overlapping configuration is controlled by the inherited template weight.
Initial deployment of the Provisioning service will have an empty Entities tree. The Top Entity may be used for a number of actions or simply as a description for structure below this level.
For example, an operator may choose to simply rename this Top Entity as "Operator Name" and set Firmware Upgrade and RRM policies to no actions accordingly. Creating child entities from this point defining perhaps an operational break down such as divisions within the operator, within which setting Firmware and or RRM rules may apply per division is possible.
Entity
A child entity
Venue
A logical aggregation of devices, configurations, locations with Analytics
Configuration
Provisioning templates
Inventory
Device members
Locations
Device locations
Contacts
Administrative contact information
Resources
Global common resources such as RADIUS services
Within the example Venue, creating configuration templates for SSIDs and or other configuration sections are possible. These configurations are inherited by device memberships at the Venue level.
It is therefore possible to define many Venues, Child Venues, and Inventory associations that will then inherit global templates from entities in addition to aggregation of Venue templates.
Configure WAN interface as an upstream interface role type.
OpenWiFi has the concept of a virtual dataplane where the definition of the interface role as upstream or downstream defines if the port involved will be mapped to WAN or LAN operation.
It is possible to re-map any LAN port to function as a normal WAN port in this way.
When the above Interfaces configuration section is created, respond to the dialog prompt to define an upstream WAN then select from the available configuration options to suit the local environment.
Within WAN(upstream) select the port(s) for use as WAN.
A variety of Services features may be associated to logical interfaces. For this example, enable LLDP.
IP Addressing set as IPv4 Dynamic will cause the WAN port to use DHCP for its provisioned internet access. IPv6 dual stack is also supported.
Within a Venue, devices inherit the sum of Configurations present in the Venue, and Entity structure holding the Venue matching their device type.
An SSID may be associated to any defined interface. This association ties the dataplane of the VAP together with the underlying interface services.
Most common SSID configuration parameters have been exposed via the Provisioning UI. Consult the OpenWiFi data model for the full list of available configurations.
From an interface select Add SSID.
Assigning the name of the SSID is also the name of the Wi-Fi network itself. Operating band of the SSID is configurable by radio.
OpenWiFi 2.0 SDK
Each device presents Metrics and Health check data to the Gateway. Devices view displays this information in the following organization:
Status
Configuration
Logs
Health
Commands
Statistics
Command History
Connection status reflects the Gateway to Device current communications status. Uptime and Last Contact reflect communication state. Load indicates processing load on the device. Memory Used indicates free memory on the device.
Device UUID, Serial Number, MAC Address and Device Type are displayed. Last configuration update date and timestamp reflects the last time a "configure" action completed on the device. Password may be set and device notes may be added.
Log history of the device is presented within Logs. Expand the tile selecting the down arrow.
Health score is an active tile reflecting the device health out of a score reported by the device to Gateway. Health metrics are configured on the device based on chosen data model options. When the device falls out of 100%, this tile changes to red. Expanding the tile will present all health reports. Those with less than 100% score will contain reasons for the result from this interface.
Commands tile provides a number of administrative actions for the user:
The OpenWiFi solution can be applied to a diverse number of use cases from enterprise networks, service provider access, and hotspots. OpenWiFi offers a variety of managed services from small to very large venues of roaming, client shared-key management, client steering, mobile offload, QoS-based services, and Layer 2 and Layer 3 breakout and overlay options. The Provisioning service provides a view into the network as a whole, and venues with entity-based control.
The provisioning service for OpenWiFi supports weighted order inheritance of configuration templates. These services and networks provide the greatest level of flexibility.
The system functions from a starting point of managed inventory assigned to entities, venues and optionally end subscribers. From this association, inheritance of entity, venue and subscriber configuration becomes possible where one to many configurations are processed including one to one when an inventory device such as a P2P link or Subscriber Gateway have unique operating data.
These features are present from the service over the web interface as well as via API for controller integration and OSS/BSS integration purposes.
Device provisioning is highly configurable and scalable.
You can manage device inventory for both assigned and unassigned states. As devices are added to the system, they become available to venues for association and service provisioning.
Each inventory record, regardless of assignment state can be viewed in the OpenWifi dashboard.
The TIP OpenWiFi inventory service API could be used to bulk load record formats in a common .csv structure using JSON. For example
```
"SerialNumber",Name,Description,DeviceType,NoteText for example: d1300f7b0732,Manufacturer,Desc, edgecore_spw2ac1200,OutdoorAP
```
For each inventory record, the ```deviceType``` must match a valid OpenWiFi device type. For example:
```
"deviceTypes": [ "cig_wf160d", "cig_wf188", "cig_wf194c", "edgecore_eap101", "edgecore_eap102",
"edgecore_ecs4100-12ph", "edgecore_ecw5211",
...]
```
When inventory is assigned to a venue, it can be allocated into a top-level parent such as the operator. Then, based on role access, operation's teams may choose to assign the device to a child entity within an operating division, or setup the device as a tenant of a managed Wi-Fi service for example.
Choosing to assign the device to a specific MDU location as an example can be done in one step from above.
Devices can be assigned to the MDU—which may be an actual venue such as a building or a tenant operator with child venues.
Use the Create Configuration window to create a configuration template for a specific venue or device.
For example, a configuration template for a local area network could include: address translation and local DHCP for on-premises devices, WAN interface with DHCP for IPv4/IPv6 service, and a basic Wi-Fi configuration.
Option | Description |
---|---|
Command | Action |
---|---|
{width="6.4in" height="3.0in"}Use the SDK UI to assign a device to a venue, review device configurations, update record tags or delete a device.
Name
SSID name
BSS-Mode
Operating mode of the wireless interface Options: ap, sta, mesh, wds-ap, wds-sta
WiFi-Bands
Radio selection(s) of the SSID
Authentication Protocol
Wireless encryption of the BSS Options: None, WPA-PSK, WPA2-PSK, PSK2-RADIUS, WPA-PSK/WPA2-PSK Personal Mixed, WPA-Enterprise, WPA2-Enterprise EAP-TLS, WPA-Enterprise-Mixed, SAE, WPA2/WPA3 Transitional, WPA3-Enterprise EAP-TLS, WPA3-192-Enterprise EAP-TLS
Authentication Key
Pre-Share dKey (when applicable)
Authentication IEEE80211w
Management Frame Protection Options: disabled, optional, required
Advanced
Hidden-SSID
Disable Beacon Frame Broadcast
Services
Services associated to the SSID logical interface
Maximum-Clients
Total associations permitted to the SSID
Purpose
Role the SSID performs Options: Default, Onboarding-AP, Onboarding-sta
Isolate-Clients
BSS client isolation
Power-Save
Unscheduled Automatic Power Save Delivery
Broadcast-Time
Beacon Time Broadcast
Unicast-Conversion
Convert Multicast to Unicast over BSS
Proxy-ARP
BSS respond to host ARP on behalf of another client
Disassoc-Low-Ack
Disassociate stations based on excessive transmission failures or other indications of connection loss
Vendor-Elements
This option allows embedding custom vendor specific IEs inside the beacons of a BSS in AP mode.
Multi-PSK
Per device shared key to associate with unique VLAN
Rate Limit
Ingress-rate and Egress-rate in Mb/s
RRM
Neighbor reporting LCI measurement element content Civic-Location element content FTM-Responder Fine Timing Measurement Stationary-AP
Roaming
Message-Exchange Generate PSK Domain-Identifier PMK-R0-Key-Holder PMK-R1-Key-Holder
Reboot
Warm Restart remote device
Firmware Upgrade
Initiate firmware upgrade process
WiFi Scan
Initiate remote scan of surrounding Wi-Fi
Connect
Initiate an rTTY Remote Shell session
Blink
Set LEDs to On, Off or Blinking state
Trace
Initiate a remote Packet Capture
Factory Reset
Hard Reset remote device - destroys device local config
Configure
Upload Device Configuration
OpenWiFi 2.0 SDK
Within the devices view, the Commands tile offers a number of features and administrative actions. Each of these represent API calls exposed on the OpenAPI northbound interface from the SDK.
Selecting the Reboot action will prompt the below dialog. Options presented permit an immediate reboot or a scheduled reboot based on date and time.
Multiple methods exist to execute a remote Firmware Upgrade of a device. When selecting Firmware Upgrade via the Commands tile, a simple dialog to upgrade immediately or at a scheduled time is presented. Alternatively using the Firmware Management Service provides a complete solution including managed access to all TIP firmware images.
OpenWiFi devices may perform channel scanning and return this neighbor and RF data to the SDK in an on demand or ongoing manner.
Scan operations function over all channels. If 5GHz channels do not display in the returned results ( either via the UI or over API ) this indicates the device is configured in a DFS channel for which it may not return survey scans at this time.
OpenWiFi enables remote connection to any managed device using rTTY encrypted shell session. Selecting Connect will cause a browser tab to open with the login session to current device.
To assist with remote identification of devices in the network, it is possible to turn the LED lights On, Off, of continuous blinking. This may be run on-demand or scheduled.
Trace feature enables a remote packet capture to occur on the managed device, over a specified period of time or amount of traffic, returning the "pcap" packet capture file locally to the OpenWiFi admin user.
Once complete the user is asked to open or save the packet capture file locally.
It is possible to revert a device to initial out of box state from the OpenWiFi SDK. Sending a Factory Reset will remove all configuration on the device and optionally reset the discovered cloud stored as the 'Redirector' in the device configuration.
Note: When Redirector is not kept, devices will re-contact the Certificate Authority to re-discover their OpenWiFi cloud address
Prior to the introduction of OpenWiFi 2.0 Provisioning Service, device configuration is done through creation of the JSON provisioning file and either loading that file or applying its contents using the dialog presented via Configure. The same options exist when using the API directly.
OpenWiFi 2.0 SDK
Each device page presents statistics in traffic terms per interface as a line graph of bandwidth over time.
The generated image may be downloaded for offline use.
Accessing Wi-Fi Analysis and Last Statistics may be found at the top right of Statistics tile.
Operating channels, channel width, noise floor and transmit power are the first values reported in Radios table.
Viewing associations, from the Associations table, and their use is important in terms of bandwidth and connection quality. Wi-Fi Analysis helps visualize each client association, this could be an end user device or a WDS or Mesh association.
Each association is known by their MAC address or BSSID value. The mode of connection will indicate if an end user client device entering the "ap" or if a client is associated as "wds" or "mesh.
The access point view of RSSI, Rx and Tx Rate, Modulation Coding Scheme and Number of Spatial Streams are exposed for each association.
Using the slider along the top, the last 15 to 30 minutes of performances data may be viewed.
The option to view Latest Statistics is at time of the MVP release, intended to help the Community see on a per device basis how much, or how little depending on device configuration, is being sent to the OpenWiFi Gateway in terms of telemetry.
OpenWiFi SDK 2.0
Multiple events are recorded in the Command History tile. Each line item will have a Result, Details, and Delete action.
When an rTTY session is executed, this is a displayed command history. Selecting the Result icons will display the Success or Fail of the command.
Each provisioning event is reflected as a configure command history. To see the entire JSON payload and the result, including success or error with message, simply select Details to expand the dialog below with this data. A date and time in the third column indicates when the configure command was executed successfully.
If a provisioning event has failed to complete, its command history for configure will show as pending.
Remote packet capture is shown as the trace command history. When packet captures are persisted in the OpenWiFi SDK, they may be downloaded again through the cloud download icon.
OpenWiFi 2.0 SDK
Firmware management service integrates across all OpenWiFi Gateways deployed in a cluster enabling updates to running firmware either from the latest published version, or any other released version.
Firmware dashboard provides a single view for overall health of deployed device firmware. Latest firmware charts, device firmware version distribution, distribution of device by type and current connected devices.
From the Devices table, any device with a newer firmware published by TIP OpenWiFi is indicated with a yellow icon. Selecting this icon presents the option to upgrade to latest or specify which firmware to use.
When the upgrade has been sent successfully, a green Success dialog will display in the upper right on the screen. Devices with latest firmware version will show a green firmware icon in the Devices row.
Viewing the contents of Firmware Management Service is available from the left navigation, select Firmware.
Once in Firmware, it is possible to search by device model for all known firmware revisions.
If in the Device Table reference above, instead of selecting Upgrade to Latest, the specific URI location of any available firmware is found using the Firmware table.
Selecting Details will present information for any firmware row, including the URI which may be copied into the Choose Custom Firmware dialog prompt accordingly.