Making Sense of Meru Decodes

Making Sense of Meru Decodes

By CWNP On 08/03/2011 - 28 Comments

Let’s face it: Meru does some creative stuff with the 802.11 protocol. By concentrating all users on the same channel, they give up some of the capacity of the available Wi-Fi frequencies. As a tradeoff, they gain some client control. Centering all WLAN operations on a single channel allows (or forces, depending on how you see it) them to do some interesting things with the protocol to make up for some of that sacrificed capacity.

For WLAN consultants and engineers that troubleshoot many different networks, they are often a bit confused when it comes to a Meru decode. Here are a few quick tips for understanding the trace.

Virtual Cell technology uses the same BSSID across all APs and all clients on the same channel. This is one type of virtualization that, in a decode, will look like a single AP across your enterprise. The single virtualized AP will broadcast beacons regularly, as with most networks.

Virtual Port technology uses a unique BSSID for each client. Yes, that’s right…for each client. So, if you have 10 APs with 10 clients each, you will see 100 beacon streams. In a decode, this will look like 100 different APs. To make sense of all those Beacons, you have to understand how Virtual Port works.

First, the APs do not beacon like other vendors. In most WLANs (from Cisco, Aruba, HP, etc.), when you configure and enable an SSID, each AP begins beaconing for that service set. Not so with virtual port. In virtual port, since beacon streams are per-client, no Beacons are sent initially (i.e. no global beacon for the service set). Instead, the Meru infrastructure waits for each client to show interest, then begins beaconing for each client dynamically, starting and stopping beacon streams as the client comes and goes. The infrastructure starts beaconing for a client when it receives a probe request. This is interesting to watch in a live capture, especially if you are able to fire up the Meru APs in a clean environment. Your sniffer can monitor a clean channel with no activity, then suddenly a client probes, the APs respond, and a Beacon stream is born.

Troubleshooting the basic connectivity process with Meru can be complex because client discovery behavior varies for each client. Some clients do not send probe requests. Thus, if they don’t send probes, no Beacon stream is present. If clients rely on passive scanning only (or use active scanning selectively), they may not discover the network.

When troubleshooting clients with active Beacon streams, you may be wondering how to know which Beacon stream is for which client. Each Beacon stream can be matched with the client by looking at the two halves of the BSSID and comparing it with the MAC of the client. Specifically, the first half of the BSSID uses Meru’s OUI. The second half of the BSSID mirrors the second half of the client’s MAC address.

For example, if my Intel client is 00:21:5C:50:16:B1, the Meru Beacon will use MeruOUI:50:16:B1. See the graphic below that shows a beacon ending in 50:16:B1 then a data exchange in which the receiver, transmitter, and BSSID all end in 50:16:B1. This is interesting!

For other vendors, each AP uses a single BSSID for each SSID. The BSSID is some iteration of the radio’s base MAC address, which makes it easy enough to correlate a BSSID with the physical AP. In a Meru network with these different virtualization techniques, how would you know what AP the client is associated to? How do you know how many physical APs there are in your environment?

The answer is to rely on a Meru vendor-specific information element (IE) in Beacons. The picture below shows a Meru Beacon, captured by AirMagnet. Thanks to AirMagnet for interpreting this Meru information element for us. That is a big help. If you have to do it manually, you’ll just have to remember the octets that contain the important information.

There are two primary pieces of information that will help us here. The first one is an AP ID. This is the ID assigned to an AP by the controller. As you can see below, this AP had an ID of 7 (the 8th octet of the Meru IE). The second piece of helpful information is the AP’s serial MAC address (not to be confused with the base radio MAC address). The 14th octet of the Meru IE is the first octet of the MAC address. As troubleshooting goes, you’ll be able to use this MAC address to identify the specific AP to which the client is associated. If you have access to the controller, a simple show AP <ap-id> (e.g. show AP 7) will tell you more about the AP, including its serial MAC. When troubleshooting Meru networks, you might consider laying out a floor plan image and charting APs by their serial MAC.

It’s all a bit interesting and a bit confusing at the same time. If you never see Meru in the field, consider this a lesson that every vendor uses the spec as a general guideline and not an absolute rulebook. If you do see Meru in the field, I hope these tips will prevent some head scratching.

A Rant: Misleading Marketing?
Meru advertises their WLAN virtualization technologies as “a wireless LAN equivalent to switched Ethernet in every way except that users are no longer tied down by wires…” I fully understand that Meru’s Virtual Port technology uses some advanced algorithms to coordinate AP transmissions; Virtual Port also provides some enhanced per-client control of wireless contention (that’s great). However, the client control is not absolute and—more importantly—virtual port does nothing to segment RF collision domains nor add bandwidth. Contrarily, by putting all clients on the same channel (same collision domain), Meru almost becomes less switch-like and more hub-like.

Many network professionals are already confused about how wireless contention differs from switched networks. Bad marketing doesn't help the problem. Equating any wireless network to switched Ethernet is just silliness, and in my opinion, flirting with deception.

Final Comments and Suggestions (FCS)
I prefer not to end on such a negative note, so let me conclude with an education suggestion: Know the protocol AND the vendor-specific behavior. Our recommended approach to WLAN education is to start with vendor-neutral training (i.e. CWNP) to learn the technology and protocols. But, we are also big supporters of vendor-specific training (yes, you read that right). Just like every other vendor, Meru has plenty of proprietary WLAN functionality that engineers should know about.  Marrying the vendor-agnostic and vendor-specific will help you understand and evaluate all of the protocols—as well as the confusing marketing. :)

28 Responses to Making Sense of Meru Decodes

Subscribe by Email
xcv xcv Says:
03/05/2018 at 02:01am

How northwest nike outlet is normally nike outlet store giving nike factory store an answer puma outlet to a new jordans week about cheap nikes traumatic events

Dark night christian louboutin shoes having beats by dre studio absent from

alice long Says:
02/06/2018 at 00:09am
On Call support: To guide users with a quick assistance through remotely accessed diagnosis, Intuit has provided expert support numbers for Sage, Payroll, and Sage +1 888 336 0774. The phone support is available only during the weekdays. Independent Support: Apart from the Intuit Sage Technical Support Phone Number Support, users have many alternatives in the form of the third party customer support companies. To entice customers, on top of attractive premium plans, round the year discount schemes are provided

alice long Says:
02/06/2018 at 00:05am
QuickBooks Statement Writer - This allows you to be able to easily customize reports to meet your specific needs and updating the information is easy. No more spending hours each month creating all these specialized reports. Create them QuickBooks Technical Support Phone Numberonce in the Statement Writer and you can use it endlessly.I could go on and on about the many things that you can do within QuickBooks. Not all of these features are brand new in 2018, but I find many do not know about them even if they had access to it in prior versions. I find that only about 40% of our clients truly use more then the checkbook feature when we are introduced. Understanding each company's needs enables us to highlight the various features and how they can save you time and money. Sign up for our Free QuickBooks +1 888 336 0774newsletter on our website to start learning more about the features in QuickBooks.

alice long Says:
02/06/2018 at 00:00am
They claim to provide prompt, 24x7 round the clock, and on Quicken Technical Support Numberdemand remotely accessed diagnosis to their subscribed customers. The author has been writing articles about Intuit customer suppor +1 888 336 0774 and about various ways of obtaining it since several years. He also publishes articles for Intuit customer service and other Intuit products from time to time

Lucy Gray Says:
02/05/2018 at 00:22am
Sage Customer Support Phone Number is considered as a present for the wholesalers and creators of medium size since it works the business more helpfully increase the precision of the stock, complete and send masterminds occasionally and diminish time in fundamental administration.

Lucy Gray Says:
02/05/2018 at 00:16am
Quicken Customer Service Number is the considerable method to discover answers to your inquiries. We offer client bolster at our Quicken Customer Service Phone Number +1-844- 454-7202, where our group will speak with the client in regards to issues. We feel happy to enable you to turn out from issues, as each client is exceptional for us.

Lucy Gray Says:
02/05/2018 at 00:08am
We can help you to learn and comprehend this product; here we got all investigation material to comprehend this product. Alongside that we likewise got help for QuickBooks accessible for you. On the off chance that you are searching for a genuine client bolster organization to deal with your records so you can focus on your standard business. Look no further and call us today. Quickbooks Customer Service Phone Number +1-844-454-7202 is the main broadly utilized bookkeeping programming with private companies and association.

anjilo smith Says:
02/03/2018 at 06:29am
Sage 50 Support Number +1-888-307-3506
Be that as it may on the off chance that you pick Peachtree Technical Support and help from Sage Accounting Solution, which will SAGE CUSTOMER SUPPORT HELP DESK Sage Tech Support Number
Sage Tech Support Phone Number Bookkeeping's are not done nowadays physically. We have Sage 50 programming, which bolsters a wide range of business budgetary prerequisites and working splendidly for us with regards to paying providers or notwithstanding invoicing clients and significantly more.

anjilo smith Says:
02/03/2018 at 06:20am
Quicken Customer Support Number +1-888-307-3506
Quicken Online Support will likewise help you to track your past demand. Quicken Tech Support Number
Quicken Tech Support Phone Number On the off chance that you are having an issue with your online Intuit id, at that point you can utilize Intuit Quicken bolster i.e. 1-888-307-3506. There are a few Quicken program accessible in the market or on the web. In any case, to discover the effective one, you can utilize Quicken help number. Revive Help group will control you which Quicken program satisfy your necessities.

anjilo smith Says:
02/03/2018 at 05:48am
QuickBooks Technical Support Number +1-888-307-3506
We offer Professional Help and Support for QuickBooks. Since, QuickBooks is a propel programming with numerous details required with it. Once in a while it is Quickbooks Support Number
Quickbooks Support Phone Number hard for clients to deal with the specialized issues that emerge with it and that is the reason we have a group of QuickBooks Experts to determine all your bookkeeping questions and issues.

Olivia Smith Says:
02/02/2018 at 05:43am
Antivirus Customer Service Phone Number is here to help. Call +1888-451-1608 Norton Antivirus Support Phone Number for all kind of technical and support queries. In terms of brands, some of the most well known antivirus programs in the world are Norton, AVG, Zone Alarm and McAfee. Norton Antivirus Technical Support Phone Number Any of these programs is a wise choice if you want to ensure that the Mcafee Antivirus Support Number best available protection is functional on your computer system.

Olivia Smith Says:
02/02/2018 at 05:17am
Microsoft Outlook Customer Support is here to help. Call +1-888-451-1608 Microsoft Outlook Support Phone Number for all kind of technical and support queries. Outlook Express still remains one of the most used software which helps people all over the world gain access to their emails. It provides them a way to quickly and easily send and receive emails on their computer without the hassle of logging onto their web mail and go to the tedious process of signing in and out. You can put your username and password to automatic and sign in quickly by just clicking on the Outlook Customer Support Number express icon on your desktop.

Olivia Smith Says:
02/02/2018 at 05:00am
Aol Customer Support Number is here to help. Call +1-888-451-1608 for Mail correction, reset, forget password, account disable and unable, send or receive mail.Go to that website, find the free download, get it and run it. It will produce a comprehensive report on everything about your computer, Aol Technical Support Number including software installed and license keys for all licensed products.

jenny singh Says:
01/20/2018 at 13:01pm
We are knowing that to get the unblocked youtube school you can generate the videos.

10/14/2012 at 19:02pm

MERU has caused me nothing but heartache and grief for me and my customers when providing and selling digital XR solutions and this seems to be consistent all over the US and abroad globally. Are they truly Dicom compliant to the latest standards within the industry? I think not when consulting with high level IT consultants. Please advise?

10/12/2011 at 09:13am
This is a large part of the problem. Even though 802.11 is somewhat of a mess and Meru's theories seem appealing, the problem is that client devices, troubleshooting tools, and most education in the industry is based mostly on the specs. Meru changes all of that, but since clients are programmed largely by the spec, their behavior on a Meru network is highly unpredictable, and difficult to troubleshoot.

10/11/2011 at 22:56pm
We too are pulling our hair out with Meru wireless - We have been told that the reason we are experiencing disconnects with Ubuntu machines is that their drivers are "immature". Utilities which show BSSIDs signal strength and last beacon are said to "not understand Meru technology".
We have many Apple devices and some windows boxes which disconnect and this is very disruptive. We are using both wpa and wpa-psk.
What I would like is a specification on how Meru is should work and some open source tools which can be used to detect what might be wrong with a Meru wireless network.

09/11/2011 at 05:23am
I provide high end technical support for a medical device vendor and ironically I have contacts with my counterparts at my competitors. The garbage spewed out of Meru Networks sales and supposed installation engineers is outrageous. They've told customers that certian devices don't work in Meru environments due to the device not having a Medical Grade wireless antenna installed. We're talked FDA approved and certified devices here and Meru makes up a "Medical Grade Antenna" load of crap.
While in the Meru corporate offices (I've been there more times than I can count) I've asked then what other devices are having issues whith vPort and I've been told that no one else is having issues. Talk to the hospital IT departments and you find out that WoVoIP phones, a large number of other medical devices of different types and of course my competitors are not working either (I've also listened in on tech support conversations while in their offices)
I've spent the last 19 months trying to resolve compatibility issues with our device and Meru Networks infrastructures running vPort. Our 802.11 wireless medical devices are sold around the world, 200,000 units to be exact and works in Aruba, Cisco, Nortel environments and even Meru in vCell or when micro-cell modes enabled. There is something more to vPort than what they are telling us otherwise so many devices wouldn't have this problem.
Heck, my company is so anxious to get these problems resoved we purchased the controllers and AP's and set them up in a test lab for me to conduct testing. We are partnered with Fluke Networks for wireless test equipment and I have the people from Fluke Networks coming to my offices to test their equipment because Meru is so strange in how they do things.
I would like to point out thought, the technicians and programmers in Sunnyvale are great people and I love working with them, I just wish they had a product that was more compatible with current industry standards and not standards that Meru chooses to interpet themsleves.

Peter Miller Says:
08/27/2011 at 08:05am
Joel. Nice comment, didn't realize you moved on.. Tell Devin I said "hello". Meru Tech certainly works and can be very valuable in certain deployment models ie 2.4Ghz. I believe all vendors still have one baseline to meet.. The PHY.. Good Radios make for better Perfromance! Crappy Radios .... $#%^

08/12/2011 at 09:42am
The basic problem is 802.11as a standard is a mess. While Meru's solution may not be as optimal as a switch; in theory and practice it works significantly better than the way we on dot 11 envisioned WLAN's to work when we created the original spec. Having been involved with wireless LANs since the early 1990's it amazes me that the current leaders in the WLAN industry are keeping there head in the sand over the basic issues. Those who think that working in a single channel with the network in control is worse than three or more channels with station anarchy just don't understand the physics of wireless and the issues with the 802.11 MAC.
So, well done Meru for managing to take the standard and come up with a better solution, shame on the rest of the vendors for not getting together and producing a new wireless LAN standard that can out do Meru. As more mobile device come into the work place, just like Steve Jobs found out, the current standard collapses very quickly.
P.S. on the over marketing - look at the claims for what can be done with three channels - nice little circles or hexagons - now who's telling lies - go look at the interference picture we put in the original 802.11 spec.

Daniel Bui Says:
08/06/2011 at 19:46pm
Really good article. I actually watched Dr Bharghavan's youtube video on virtual port but it's always nice to examine it under a sniffer decode. Virtual port is actually a great feature but it seems like you'll have to sacrifice scalability in order to make it work.

08/04/2011 at 21:38pm
It's not my job to defend Meru anymore :) but if the question is switch-like in everyway then certainly you can't say that. Early switches were designed to break up collisiOn domains. Then backplanes increased speed and allowed aggregation, etc etc etc.
Anyway, that's a blackhole of philosophical difference that would be about as effective to argue as the debate between cutting taxes or increasing taxes. :). I understand what ur saying and respectfully disagree.
Now there's WAY too much going on at Aerohive for me to do the new guy at Meru's job for him any more than this comment.

08/04/2011 at 14:35pm
You can find the MACAW paper that Joel mentioned at:
There's a lot of good information in there to get the noggin warmed up.

08/04/2011 at 14:22pm
Thanks for the insight, Joel. I certainly don't mean to discredit Dr. Bharghavan's (and the rest of the Meru team) work and the advanced contention algorithms in place. I have a lot of respect for the single channel approach. No less, Shannon's Law is Shannon's Law, and no amount of sophisticated contention algorithms can make a wireless network 'segmentable' like a switch, especially with omni antennas.
The Meru algorithms are certainly more complex than I could understand, but I maintain that the aggregate wireless performance numbers don't lie. Show me a system that can segment contention in a way as to produce multiple hundreds of Mbps per station (like a modern switched network), and I will concede my point. Finally, my problem is not that 802.11 algorithms with vendor enhancements can't be switchlike. My problem is that modern wireless networks can't be switchlike in a way that is meaningful enough, and certainly not "in every way".

08/04/2011 at 13:26pm
Thanks for this great post. I found it very interesting and informative.
I doub't anyone but the marketing department at Meru approved this advertizing line. We have the same problem (with non-technical types) at my company too.

08/04/2011 at 13:24pm
Excellent Analysis.
I like your statement "Equating any wireless network to switched Ethernet is just silliness, and in my opinion, flirting with deception."

Joel Vincent Says:
08/04/2011 at 12:48pm
Nice article guys. On the marketing front, the "switch-like" performance is only partially referring to the Virtual Port. As a lower level function, the Meru APs do a form of contention management in the time domain, i.e. they break up contention not by physical wires but by time periods creating contention windows and limiting the clients that are contending to specific windows hence creating separate collision domains, in effect. Back in 2005/6, the Airespace/Cisco guys worked feverishly to de-certify Meru from the Wi-Fi Alliance because of the contention management algorithms but failed because it doesn't actually violate the certification rules.
So they, in fact, manage contention like a switch but not on the wire. You can go back to some old Dr. Bharghavan academic papers on MACAW and other algorithms for managing access in a shared wireless medium (those papers were written in the late 1990s) to get a rudimentary idea of where the thoughts came from.
I don't work there anymore and I don't own stock (anymore) but since I was driving most of that discussion on the marketing side back when we came up with it I just wanted to assure you that its not as simple as what you're saying; it is working at a lower level than that.

<< prev - comments page 1 of 1 - next >>

Leave a Reply

Please login or sign-up to add your comment.
Success Stories

I literally just came out of the testing centre having taken the CWDP exam. The certification process opened my mind to different techniques and solutions. This knowledge can only broaden your perspective. Great job, CWNP, you have a great thing going on here.

Read More

Working through the CWNP coursework and certifications helped not only to deepen my technical knowledge and understanding, but also it boosted my confidence. The hard work it took to earn my CWNE has been rewarding in so many ways.

Read More

I want to commend you and all at CWNP for having a great organization. You really 'raise the bar' on knowing Wi-Fi well. I have learned a ton of information that is helping my job experience and personal career goals, because of my CWAP/CWDP/CWSP studies. Kudos to all at CWNP.

Read More