11-06-2013 03:31 PM - edited 07-04-2021 01:13 AM
Hi all,
I'm preparing to enable HA SSO on a pair of 5508's; one with an HA SKU and one with a 50 AP license. I noticed that the bootloader's and FRIV's are different, even though the firmware versions are the same.
Should I apply the AIR-CT5500-K9-1-7-0-0-FUS.aes to the HA WLC before enabling AP SSO, or will the peering process take care of this for me? Thanks!
APSSO) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.5.102.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
Build Type....................................... DATA + WPS
System Name...................................... Cisco_5f:a3:44
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
Redundancy Mode.................................. Disabled
IP Address....................................... 10.192.252.21
Last Reset....................................... Software reset
System Up Time................................... 0 days 0 hrs 18 mins 42 secs
System Timezone Location......................... (GMT -7:00) Mountain Time (US and Canada)
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180
Configured Country............................... US - United States
Operating Environment............................ Commercial (0 to 40 C)
WLC1) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.5.102.0
Bootloader Version............................... 1.0.16
Field Recovery Image Version..................... 7.0.112.21
Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
Build Type....................................... DATA + WPS
System Name...................................... MHP-5508-WLC1
System Location.................................. SMDC G-13
System Contact................................... 0117
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
Redundancy Mode.................................. Disabled
IP Address....................................... 10.192.252.11
Last Reset....................................... Software reset
System Up Time................................... 38 days 13 hrs 14 mins 0 secs
System Timezone Location......................... (GMT -7:00) Mountain Time (US and Canada)
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180
Configured Country............................... US - United States
Solved! Go to Solution.
03-03-2014 12:09 PM
I was told the same thing. But honestly it did not work for me. I actually escalated it to a Lead and then the Manager to get the answer that I posted in here. I think when dealing with TAC depending on who you get first level, your mileage will vary.
03-03-2014 12:12 PM
I can't argue with that There are a lot of TAC engineers that are great that's out there... not saying that there are bad one's, but some have more experience than others, which makes them great.
Thanks,
Scott
*****Help out other by using the rating system and marking answered questions as "Answered"*****
03-03-2014 06:24 PM
Last week, I upgraded four WiSM-2 AP SSO pairs from FUS 1.7.0 to 1.9.0 using GUI.
The same method to upgrade the firmware is the same "reaction" you'll get, i. e. you GUI into the active use and use TFTP (didn't try FTP) to transfer the FUS code across. The active unit will push the FUS down to the hot standby unit. It sort of give you an indication where the process is and at the end, it gives you the link to reboot (or save and reboot) the WLC.
It will take about 25 minutes (I timed it) to boot up both pairs.
03-05-2014 06:11 AM
Did you boot them one at a time (so that the APs remain operational) or both at once?
03-05-2014 06:45 AM
Leo mentioned to me that he rebooted one at a time.
Sent from Cisco Technical Support iPhone App
03-05-2014 06:54 AM
Since Leo’s post - I just tried upgrading two 5508s in HA AP-SSO configuration. In a nutshell it did work from the GUI with them left in HA pair.
The steps and results are below.
---------------------------------------------------------
***Left them in HA –AP-SSO pair, running code version 7.4.121.0
***On the primary (active controller) I logged into the CLI to see the versions status
***Using this graph from Cisco I verified that I was running an older version
Table 1 Cisco WLC Platforms and Upgraded Components | |
Cisco WLC Platform | Upgraded Components |
Cisco 5500 Series Wireless LAN Controllers | •Field Recovery Image is upgraded from 7.0.112.21 to 7.6.101.1 •Bootloader is upgraded to 1.0.20 •Offline Field Diagnostics is upgraded from 0.9.28 to 0.9.35 •FPGA Revision version is upgraded to 1.7 •Environment Controller (MCU) Image version is upgraded to 1.8 •USB Console Revision version is upgraded to 2.2 |
(Cisco Controller) >show sysinfo
Product Version.................................. 7.4.121.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
Redundancy Mode.................................. AP SSO
Truncated....
***Then I logged into the standby to see the versions on that controller.
(Cisco Controller-Standby) >show sysinfo
Product Version.................................. 7.4.121.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
Redundancy Mode.................................. AP SSO
Truncated....
***As you can see both are running the same older version of FUS code, in this case it was version 1.7.
*** I began the FUS upgrade process by using the GUI.
*** 1. Using the “download file to controller” I TFTPd the file AIR-CT5500-K9-1-9-0-0-FUS.aes to the ACTIVE controller.
*** 2. The upgrade went just like a code upgrade in that it unpacked and verified the file contents on the active and then to transfer the file to standby.
*** 3. The code was installed probably in less than 5 minutes and then the download page redirected me to the reboot page.
*** 4. I rebooted and the reboot command was issued to both active and standby controllers.
*** In about 25 minutes both controllers were back up and the FUS was upgraded. Here’s a mobility message from my controller showing I started at 10:56 and then it was back and in the mobility group by 11:21.
Tue Mar 4 11:21:02 2014 | Control path to mobility member 10.244.2.237 is up. |
Tue Mar 4 11:20:52 2014 | Data path to mobility member 10.244.2.237 is up. |
Tue Mar 4 10:57:12 2014 | Control path to mobility member 10.244.2.237 is down. |
Tue Mar 4 10:56:02 2014 | Data path to mobility member 10.244.2.237 is down. |
*** Here’s the after version numbers on my controllers using the show sysinfo command
(Cisco Controller) >show sysinfo
Product Version.................................. 7.4.121.0
Bootloader Version............................... 1.0.20
Field Recovery Image Version..................... 7.6.101.1
Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
Redundancy Mode.................................. AP SSO
(Cisco Controller-Standby) >show sysinfo
Product Version.................................. 7.4.121.0
Bootloader Version............................... 1.0.20
Field Recovery Image Version..................... 7.6.101.1
Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
Redundancy Mode.................................. AP SSO
I noticed that I saw subtle changes in the versions because I was upgrading from FUS1.7 to FUS1.9. I suppose if you have FUS1.3 the changes in the show sysinfo command would be more in line with the chart from Cisco.
All in all thanks to everyone for contributing to this thread and I hope this might help somebody in the future when upgrading in a AP-SSO pair.
Regards
03-05-2014 07:01 AM
Thanks for posting your findings
+5
Sent from Cisco Technical Support iPhone App
01-22-2015 06:47 AM
My wlc 5508 active and standy wlc have identical bootloaders, only field recovery images are differ, but they works in HA SSO
01-22-2015 06:54 AM
Kamran,
The code will allow SSO to happen, but the issue is when there is a failover. During that time, the controller that has the older FUS, might experience odd things and that is why its important to be on the latest FUS 1.9.0.0. I have seen very odd issues when the FUS has not been updated that caused client experience issues, so just keep that in mind. What you can do is failover to the other controller and let that run for a while and see if users have any complaints.
-Scott
01-22-2015 11:17 PM
I made a failover test, at this moment no compliance from users, we are monitoring at this moment
03-18-2014 01:44 AM
I had the time to try out the FUS upgrade with SSO config and it did not work out so non-disruptive.
(vapwlc02) >redundancy force-switchover
This will reload the active unit and force a switch of activity. Are you sure? (y/N) y
System will now restart!
Image download/Lag config/Clear config/HA disable/database/virtual/web-auth/secureweb config was done previously, reloading standby WLC.
Image download was done
Restarting system.
This is the moment where you have an outage of course. Small bonus is that one of the boxes already did the FUS upgrade and reloads into the regular image again, so the downtime is smaller. Unfortunatly I lost some config changes I did last week, even though I saved the config before starting the process.
I think pushing the FUS and reloading the cluster should work - I don't see a reason to disable SSO, but it does not seem possible to do the update without disruption.
05-15-2014 11:54 PM
We were running 7.4.100.0 on our 5508's in HA. Upgraded to 7.4.121.0. We were also running FUS 1.7.0.0 and upgraded to 1.9.0.0. The software upgrade went fine, didn't predownload images to the AP's as we have a mixed AP environment and was afraid that our 1142's didn't have enough memory. Downtime was planned so no issue there. We upgraded the FUS with SSO enabled, it went fine. Both controllers were down ca 30 minutes after reboot. Really appreciate people sharing their experiences so I'm sharing mine.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide