Campus 7240 Master/Local deployment with AP225's.
We use portable video cameras to monitor patient safety. These cameras send UDP video streams to a cluster of servers and at any given time I have 35-45 of them deployed in a 600-AP network. Generally they work well but occasionally I get complaints of brief video feed outages or freezing and the times don't correspond to a dissassociation or SNR-related event (or any event that I've been able to find, for that matter). WMM is enabled with DSCP mappings of 34,40 and the cameras support WMM, but I need to investigate further whether this traffic is actually being prioritized. One thing I'm interested in is pausing ARM scanning on AP's that the cameras happen to be connected to. Is this as simple as:
1) Create firewall destination group that includes all of the video server
2) Create a policy with the source "any" and dest of the above-created
alias, set as permit and "Pause ARM scanning"
3) Apply policy the the user role that the cameras are assigned
Thanks in advance.
You should take a wireless packet capture of the channel that the camera is on and filter the traffic from the camera to the AP to see if the priority bit is being set (wlan.qos.priority in wireshark) is being set. You will also want to take a sample and what percentage of those packets are retries (wlan.fc.retry eq 1).
In addition, if those cameras are on 2.4ghz, it is quite possible that plain old interference is causing your issues.
To answer your question, the most important prioritization should occur from the camera to the AP and if this is not happening, the video will be poor. The AP discovers what traffic is coming from a device after the traffic is decrypted on the controller, so it is too late to prioritize, by then. The Camera must support prioritization over the air, and that packet capture would demonstrate if this is occurring.
I plan to take a capture next time I'm at that hospital. The cameras actually use VHT/ac/WiFi-5 (grrr) and overall they work very well, I'm just trying to eliminate those occasional gripes. Being that it's UDP at a steady 800K or so, I don't think it will ever be 100% faultless, but I want to make sure that from a network perspective we're doing all we can.
So you don't thing there's any benefit in pausing ARM scans on AP's that are supporting these video streams?
You can certainly try that, but in general scans are only 100 to 110 miliseconds. I would think that it would be disrupted every time if that was the case (it runs every 10 seconds, on average). It is much more interesting to see if the prioritization is working or if a client on the same AP pushing traffic can disrupt the stream. If the client can do that, it is possible the prioritization needs to be looked at.
IN addition you might want to type "show datapath session table <ip address of camera>" on the controller to see if the "Prio" or "tos" column has anything in it, to determine if there is prioritization going on.
According to show datapath session table, communication from the camera to the server is being marked as Pri 4 and ToS 34. I'm not sure where that 34 is coming from, as I'm using default WMM AC to DSCP mappings?
Source IP Destination IP Prot SPort DPort Cntr Prio ToS Age Destination TAge Packets Bytes Flags --------------- --------------- ---- ----- ----- -------- ---- --- --- ----------- ---- --------- --------- --------------- 10.140.193.125 10.144.127.31 17 50001 14029 0/0 4 34 0 local d91d 11352 1226016 FC
Do you have an ACL mapping it?
Negative. Not uness there's a default ACL that affects UDP high ports.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.