Symptom
The controller reports 330 rogue aps while on the CMX which added only him reports 11507 rogue ap. The mismatched number were detected both on GUI and on the CLI through show commands.
From the show tech, wlc shows ~300 real rogue APs, but it also tracks ~9100 LRAD rogues.These are not real rogues, rather they are managed APs that are detected as rogues by other managed APs
------------------ show wireless wps rogue stats internal ------------------
Rogue socket opened : No
Rogue APs
Total/Max Scale : 9444/24000 <<<< Total 9444 rogue APs
Regular : 316
Ad-Hoc : 1
Detected on wire : 0
Classification
Friendly : 1
Malicious : 0
Custom : 0
Unclassified : 315
Unknown : 0
States
Alert : 316
Internal : 0
External : 1
Contained : 0
Containment-pending : 0
LRAD : 9127 <<<< 9127 LRAD rogue APs (not real rogues)
Threat : 0
Pending : 0
Rogue Clients
Total/Max Scale : 120/32000
Contained : 0
Containment-pending : 0
Conditions
WLC: 9800-80 WLC in HA SSO running 17.3.1
CMX: 3365 MSE in HA running 10.6.2.-89
Workaround
No workaround solution yet.
Further Problem Description
Reproduce the issue:
Remove WLC out of CMX then all rogue AP count reset to 0 after restart services.
Turn on nmsp debug on 9800
Re-add wlc back on cmx
The rouge number counted on CMX continue reach to ~11000 after few mins.
on WLC: verify nmsp status is ok
on CMX: verify nmsp ok, cmxctl status return all service is running.
This error happens very consistently
