Category: Cisco wlc ha redundancy

Cisco wlc ha redundancy

High availability HA in controllers allows you to reduce the downtime of the wireless networks that occurs due to the failover of controllers.

In an HA architecture, one controller is configured as the primary controller and another controller as the secondary controller. After you enable HA, the primary and secondary controllers are rebooted.

During the boot process, the role of the primary controller is negotiated as active and the role of the secondary controller as standby-hot.

cisco wlc ha redundancy

After a switchover, the secondary controller becomes the active controller and the primary controller becomes the standby-hot controller. After subsequent switchovers, the roles are interchanged between the primary and the secondary controllers. The standby-hot controller continuously monitors the health of the active controller through its dedicated redundancy port.

Both the controllers share the same configurations, including the IP address of the management interface. Before you enable HA, ensure that both the controllers can successfully communicate with one another through their dedicated redundancy port, either through a direct cable connection or through Layer 2.

In the Release 8. One of the following statuses is displayed:. Synched —The access point joined the controller before the SSO. Connected —The access point joined the controller after the SSO. In Release 8. The values are:. Pending — Indicates that synchronization of access points and the corresponding clients details from the active to standby controller is yet to begin. In-progress — Indicates that synchronization of access points and the corresponding clients details from the active to standby controller has begun and synchronization is in progress.

Complete —Indicates that synchronization is complete and the standby controller is ready for a switchover to resume the services of the active controller. From release 8. We recommend that you do not pair two controllers of different hardware models. If they are paired, the higher controller model becomes the active controller and the other controller goes into maintenance mode.

We recommend that you do not pair two controllers on different controller software releases. If they are paired, the controller with the lower redundancy management address becomes the active controller and the other controller goes into maintenance mode.

All download file types, such as image, configuration, web-authentication bundle, and signature files— are downloaded on the active controller first and then pushed to the standby-hot controller. Certificates should be downloaded separately on each controller before they are paired. You can upload file types such as configuration files, event logs, crash files, and so on, from the standby-hot controller using the GUI or CLI of the active controller. You can also specify a suffix to the filename to identify the uploaded file.

To perform a peer upload, use the service port. If the controllers cannot reach each other through the redundant port and the RMI, the primary controller becomes active and the standby-hot controller goes into the maintenance mode. When the RMIs for two controllers that are a pair, and that are mapped to same VLAN and connected to same Layer3 switch stop working, the standby controller is restarted.

When HA is enabled, the standby controller always uses the Remote Method Invocation RMIand all the other interfaces—dynamic and management, are invalid.

You must ensure that the maximum transmission unit MTU on RMI port is bytes or higher before you enable high availability. When HA is enabled, ensure that you do not use the backup image. If this image is used, the HA feature might not work as expected:.From the primary controller, configure the backup controller on the primary to point to the secondary controller. See Figure Evaluation license does not need to be enabled for this purpose. In order to convert a permanent AP count controller to an HA-SKU secondary controller, it should have a minimum number of base AP count licenses; if that minimum is not met, an error message appears.

On the CLI, use the show redundancy summary command to view the status of the primary and secondary controllers. See Figure and Figure Note With release 7. This can be configured under the AP specific configuration.

How to Configure HA on Cisco WLC using Configuration Wizard

Skip to content Skip to footer. Book Contents Book Contents. Find Matches in This Book. PDF - Complete Book 1. Updated: January 26, A single backup controller can be used in order to provide backup for multiple primary WLCs, with consideration for appropriate compatibility in terms of AP mode. Each WLC needs to be managed separately by Cisco Prime, can run a different hardware and a different software version, and can be deployed in different datacenters across the WAN link.

APs with high priority on the primary controller always connect first to the backup controller, even if they have to push out low priority APs. When using a permanent AP count license for the backup controller, the day timer does not start when the APs join the backup controller. With Release 7. In other words, an HA-SKU controller can be used as a secondary controller for 90 days without a warning message.

They are mutually exclusive. Was this Document Helpful? Yes No Feedback. Related Cisco Community Discussions.Last Updated: July 16, The overall goal for the addition of AP SSO support to the Cisco Unified Wireless LAN is to reduce major downtime in wireless networks due to failure conditions that may occur due to box failover or network failover. To support High Availability without impacting service, there needs to be support for seamless transition of clients and APs from the active controller to the standby controller.

Release 7. Client SSO will be supported for clients which have already completed the authentication and DHCP phase and have started passing traffic. Fully authenticated clients, i. There are no specific requirements for this document. The information in this document is based on these software and hardware versions:. The information in this document was created from the devices in a specific lab environment.

All of the devices used in this document started with a cleared default configuration. If your network is live, make sure that you understand the potential impact of any command. Refer to Cisco Technical Tips Conventions for more information on document conventions. The new architecture for HA is for box-to-box redundancy. There is no preempt functionality. The Active and Standby decision is not an automated election process. For more information see High Availability in Release 7.

Note : A direct physical connection between Active and Standby Redundant Ports is highly recommended. The distance between the connections can go up to meters at per Ethernet cable standards.

It should not be spanned across networks and should not have any Layer 3 SVI interface. To prevent this from occurring, before you configure HA, we recommend that you verify—in the port channel—the details of both the active and standby Cisco WiSM2 controllers, that the ports are balanced in the same order, and the port channel hash distribution is using fixed algorithm.

You can use the command show etherchannel port-channel to verify the port channel member order and load value. You can use the config command port-channel hash-distribution fixed to make the distribution fixed. Note : To support the active and standby WLCs in different data centers, in release 7. See Redundancy Port Connectivity in 7.

The IP address on this interface should be configured in the same subnet as the management interface. This provides an additional health check of the network and Active WLC, and confirms if switchover should or should not be executed. This interface has a very important role in the new HA architecture. Before you configure HA, it is mandatory to have both the controllers' management interface in the same subnet:. HA is disabled by default.

Both the interfaces should be in the same subnet as the Management Interface. In this example, 9. It also needs to be configured so that 9. It is important to make sure that physical connections are up between both the controllers that is, both the WLCs are connected back to back via the Redundant Port using an Ethernet cable and the uplink is also connected to the infrastructure switch and the gateway is reachable from both the WLCs before SSO is enabled.

cisco wlc ha redundancy

Maintenance Mode is discussed later in this document. During the next reboot after role determination, it will validate the configuration again, report no XML mismatch, and process further in order to establish itself as the Standby WLC. Complete these steps in order to check the redundancy status:. For WLC 2, go to Console connection:. On primary controller, disable SSO using the command:.Last Updated: March 27, The overall goal for the addition of AP SSO support to the Cisco Unified Wireless LAN is to reduce major downtime in wireless networks due to failure conditions that may occur due to box failover or network failover.

To support High Availability without impacting service, there needs to be support for seamless transition of clients and APs from the active controller to the standby controller.

Release 7. Client SSO will be supported for clients which have already completed the authentication and DHCP phase and have started passing traffic. Fully authenticated clients, i. The information in this document is based on these software and hardware versions:. All of the devices used in this document started with a cleared default configuration.

If your network is live, make sure that you understand the potential impact of any command. Note :, and WiSM-2 are supported up to release 8. See release notes for complete details. Refer to Cisco Technical Tips Conventions for more information on document conventions. The new architecture for HA is for box-to-box redundancy. There is no preempt functionality. The Active and Standby decision is not an automated election process.

For more information see. Like andthe Wireless Controller has a Redundancy port on the front of the unit. It is highly recommended to have back-to-back direct connectivity between Redundant Ports. The distance between the connections can go up to meters at per Ethernet cable standards. The IP address on this interface should be configured in the same subnet as the management interface.

This provides an additional health check of the network and Active WLC, and confirms if switchover should or should not be executed. This interface has a very important role in the new HA architecture. This port in case of standalone controller will be assigned an auto generated IP Address where last 2 octets are picked from the last 2 octets of Redundancy Management Interface the first 2 octets are always Before you configure HA, it is mandatory to have both the controllers' management interface in the same subnet:.

HA is disabled by default. Both the interfaces should be in the same subnet as the Management Interface. In this example, 9.The redundancy explained on this document iswhich means that one of the box will be in Active State while the other one will be in Hot Standby. If the active box is detected to be unreachable, the Hot Standby unit will become Active and all the APs and clients will keep its service through the new active box.

Any configuration change is done on the active unit will be replicated to the standby unit via the Redundancy Port RP. Besides the synchronization of the configuration between boxes, they also synchronize the APs in UP state not APs in downloading state or APs in DTLS handshakingclients in RUN state this means that if there is a client in Web Authentication required state and a switchover occurs, that client will have to restart its association processRRM configuration along other settings.

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared default configuration.

If your network is live, make sure that you understand the potential impact of any command. There are two options to connect both WLCs to each other, choose the one that fits you more. This is because there is no verification for the gateway reachability yet in these versions. Connecting back-to-back will work but will cause higher chances of controllers being active-active when connected that way.

Both boxes should have its own IP address and both should belong to the same subnet. The chassis with the higher priority is selected as primary. If you do not choose a specific box to be active, the boxes themselves will elect Active based on lowest MAC address.

Step 1.

High Availability (SSO) Deployment Guide

Step 2. Step 3. Step 4. Step 6. Before performing any further configuration ensure that the wireless management interface from both boxes belong to the same VLAN and subnet and are reachable with each other.

Also verify that both boxes are running the same version. This interface is used to enable communication between the two boxes before IOSd boots up, transport of HA control messages such as role selection, keep-alives and so on and provide the transport for Interprocess Communication IPC between the two boxes.Last Updated: December, The overall goal for the addition of AP SSO support to the Cisco Unified Wireless LAN is to reduce major downtime in wireless networks due to failure conditions that may occur due to box failover or network failover.

To support High Availability without impacting service, there needs to be support for seamless transition of clients and APs from the active controller to the standby controller. Release 7. Client SSO will be supported for clients which have already completed the authentication and DHCP phase and have started passing traffic. Fully authenticated clients, i. There are no specific requirements for this document.

The information in this document is based on these software and hardware versions:. The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared default configuration. If your network is live, make sure that you understand the potential impact of any command.

Refer to Cisco Technical Tips Conventions for more information on document conventions. The new architecture for HA is for box-to-box redundancy. There is no preempt functionality. The Active and Standby decision is not an automated election process. For more information see High Availability in Release 7. The distance between the connections can go up to meters at per Ethernet cable standards. To prevent this from occurring, before you configure HA, we recommend that you verify—in the port channel—the details of both the active and standby Cisco WiSM2 controllers, that the ports are balanced in the same order, and the port channel hash distribution is using fixed algorithm.

You can use the command show etherchannel port-channel to verify the port channel member order and load value.

cisco wlc ha redundancy

You can use the config command port-channel hash-distribution fixed to make the distribution fixed. Note To support the active and standby WLCs in different data centers, in release 7.

See Redundancy Port Connectivity in 7. The IP address on this interface should be configured in the same subnet as the management interface. This provides an additional health check of the network and Active WLC, and confirms if switchover should or should not be executed. This interface has a very important role in the new HA architecture. Before you configure HA, it is mandatory to have both the controllers' management interface in the same subnet:.

HA is disabled by default. Both the interfaces should be in the same subnet as the Management Interface. In this example, 9. It also needs to be configured so that 9. It is important to make sure that physical connections are up between both the controllers that is, both the WLCs are connected back to back via the Redundant Port using an Ethernet cable and the uplink is also connected to the infrastructure switch and the gateway is reachable from both the WLCs before SSO is enabled.

Maintenance Mode is discussed later in this document. During the next reboot after role determination, it will validate the configuration again, report no XML mismatch, and process further in order to establish itself as the Standby WLC. Complete these steps in order to check the redundancy status:. For WLC 2, go to Console connection:.

On primary controller, disable SSO using the command:. Config redundancy mode disable. The standby controller, when it comes back after the reboot, has the same IP address on interfaces as the primary controller and all the ports disabled.I have already read these guides from other reply in this Cisco Support Community but I cannot find the exact method. Thank you for your reply. If I am wrong, please correct me. Thank you. Configure both WLC's and just make sure the hostname and ip address used for management and the dynamic interfaces are different.

The VIP should be the same along with the mobility group, rf group, etc. If you click on the AP, there is a tab called High Availability. That is all you need to do.

For failover to happen, make sure you have Fallback enabled on the main screen in the Controller tab of both WLC's. The only difference between the and the higher end models is that there is no service port, and of course the backplane and other higher end stuff:. Please rate helpful post and Cisco Support Community will donate to Kiva.

High Availability (SSO) Deployment Guide

I tried to configure wireless controller both primary and secondary HA unit as your recommendation but it is not working. When failing over, try to just unplug WLC primary from the network. Make sure that the WLC name you entered on the AP high availability tab is correct and is case sensitive.

Thank you to both of you Scott and Nash, this post solves my problem. Buy or Renew. Find A Community. We're here for you! Turn on suggestions. Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type. Showing results for. Search instead for. Did you mean:. Labels: Other Wireless-Mobility Topics.

Everyone's tags 1. Tags: Wireless Controller. Hi Kaaftab,I have already. Hi Kaaftab, I have already read these guides from other reply in this Cisco Support Community but I cannot find the exact method.

Hi Kaaftab,Thank you for your. Hi Kaaftab, Thank you for your reply. Please advise me. Hi Kaaftab,According to the. Does anyone ever configure. Scott Fella. Hall of Fame Master. With thethe method of. Hi Scotty,I tried to. Hi Scotty, I tried to configure wireless controller both primary and secondary HA unit as your recommendation but it is not working.


COMMENTS

comments user
Dutilar

Nach meiner Meinung sind Sie nicht recht. Schreiben Sie mir in PM.