Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2366
Views
5
Helpful
5
Replies

HA for 5508 controllers with different management subnets

Go to solution
mhawas
Level 1
Level 1

‎04-09-2018 10:40 AM - edited ‎07-05-2021 08:29 AM

Hi all,

 

As i know, to configure HA for 5508 WLCs:

"It is mandatory to configure the IP addresses of the Redundancy Management Interface and the Management Interface in the same subnet on both the primary and secondary controllers."

i did that , but it seems that peer redundancy management interface also has to be  in the same subnet right (i got an error from while configuring the peer redundant management if)?

so as a conclusion management interface for both controllers has to be in the same subnet ? right? 

What if management interfaces for both controllers are in different subnets (different data centers)?do i have to stretch this VLAN on both DCs?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jon.ellis
Level 1
Level 1
In response to mhawas

‎04-10-2018 04:01 AM

Hi Mohamed,

                  Yes it will sync the active and standby once SSO is established so they become one and so will the config including the WLAN's.

 

Refer to this link for more details and configuration

https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/7-5/High_Availability_DG.html#pgfId-57448

 

Please rate the post if helpful

 

Regards Jon

View solution in original post

5 Replies 5

Go to solution
jon.ellis
Level 1
Level 1

‎04-09-2018 02:01 PM

Hi Mohamed,

                I understand that you are trying to achieve SSO?, please see below.

HA Connectivity Using Redundant Port on the 5500/7500/8500 WLC

  • 5500/7500/8500 WLCs have a dedicated Redundancy Port which should be connected back to back in order to synchronize the configuration from the Active to the Standby WLC.
  • Keep-alive packets are sent on the Redundancy Port from the Standby to the Active WLC every 100 msec (default timer) in order to check the health of the Active WLC.
  • Both the WLCs in HA setup keep track of gateway reachability. The Active WLC sends an Internet Control Message Protocol (ICMP) ping to the gateway using the Management IP address as the source, and the Standby WLC sends an ICMP ping to the gateway using the Redundancy Management IP address. Both the WLCs send an ICMP ping to the gateway at a one-second interval.
  • It is highly recommended to have back-to-back direct connectivity between Redundant Ports.

Redundancy Management Interface

The IP address on this interface should be configured in the same subnet as the management interface. This interface will check the health of the Active WLC via network infrastructure once the Active WLC does not respond to Keepalive messages on the Redundant Port. This provides an additional health check of the network and Active WLC, and confirms if switchover should or should not be executed. Also, the Standby WLC uses this interface in order to source ICMP ping packets to check gateway reachability. This interface is also used in order to send notifications from the Active WLC to the Standby WLC in the event of Box failure or Manual Reset. The Standby WLC will use this interface in order to communicate to Syslog, the NTP server, and the TFTP server for any configuration upload.

Redundancy Port

This interface has a very important role in the new HA architecture. Bulk configuration during boot up and incremental configuration are synced from the Active WLC to the Standby WLC using the Redundant Port. WLCs in a HA setup will use this port to perform HA role negotiation. The Redundancy Port is also used in order to check peer reachability sending UDP keep-alive messages every 100 msec (default timer) from the Standby WLC to the Active WLC. Also, in the event of a box failure, the Active WLC will send notification to the Standby WLC via the Redundant Port. If the NTP server is not configured, a manual time sync is performed from the Active WLC to the Standby WLC on the Redundant Port. This port in case of standalone controller and redundancy VLAN in case of WISM-2 will be assigned an auto generated IP Address where last 2 octets are picked from the last 2 octets of Redundancy Management Interface (the first 2 octets are always 169.254).

 

The redundancy ports can connect over an L2 switch. Ensure that the redundancy port round-trip time is less than 80 milliseconds if the keepalive timer is set to default, that is, 100 milliseconds, or 80 percent of the keepalive timer if you have configured the keepalive timer in the range of 100 milliseconds to 400 milliseconds. The failure detection time is calculated, for example, if the keepalive timer is set to 100 milliseconds, as follows: 3 * 100 = 300 + 60 = 360 + jitter (12 milliseconds) = ~400 milliseconds. Also, ensure that the bandwidth between redundancy ports is 60 Mbps or higher. Ensure that the maximum transmission unit (MTU) is 1500 bytes or higher

 

If it's N+1 then the below link should help?

 

https://www.cisco.com/c/en/us/td/docs/wireless/technology/hi_avail/N1_High_Availability_Deployment_Guide/N1_HA_Overview.html

 

Regards Jon

0 Helpful

Go to solution
mhawas
Level 1
Level 1
In response to jon.ellis

‎04-10-2018 01:54 AM

Hi Jon,
Thanks for your feedback.
I have two controllers in different locations (redundancy link is connected via OTV connection between DCs), i try to configure HA with SSO setup :
WLC1:
management interface 10.10.10.10/25- Redundancy management interface 10.10.10.11-> peer Redundancy management 10.10.10.151"get error hier"
WLC2:
management interface 10.10.10.150/25- Redundancy management interface 10.10.10.151-> peer Redundancy management 10.10.10.11"get an error"
- I want to configure them in SSO setup, but i get error from the controller while configuring peer Redundancy management on each controller
Does the management interface ip address for both controller has to be in same subnet?


0 Helpful

Go to solution
jon.ellis
Level 1
Level 1
In response to mhawas

‎04-10-2018 02:39 AM

Hi Mohamed,

             Yes both management interfaces in the same subnet, so maybe change the subnet to /24.

Of if you needed to keep it a /25 use.

 

WLC1:
management interface 10.10.10.10/25- Redundancy management interface 10.10.10.12-> peer Redundancy management 10.10.10.13"
WLC2:
management interface 10.10.10.11/25- Redundancy management interface 10.10.10.13-> peer Redundancy management 10.10.10.12"

 

Regards Jon

0 Helpful

Go to solution
mhawas
Level 1
Level 1
In response to jon.ellis

‎04-10-2018 03:42 AM

Thanks alot Jon, i will go ahead with this configuration and adjust the management subnet.
One more question, i will have to configure WLANs (SSIDs) only on the primary controller (configuration will be pushed automatically to secondary one) right ?
0 Helpful

Go to solution
jon.ellis
Level 1
Level 1
In response to mhawas

‎04-10-2018 04:01 AM

Hi Mohamed,

                  Yes it will sync the active and standby once SSO is established so they become one and so will the config including the WLAN's.

 

Refer to this link for more details and configuration

https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/7-5/High_Availability_DG.html#pgfId-57448

 

Please rate the post if helpful

 

Regards Jon

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card