Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1291
Views
5
Helpful
2
Replies

WLC in HA SSO Guest Achor to a pair in HA SSO

Go to solution
JPavonM
VIP
VIP

‎03-01-2018 09:13 AM - edited ‎07-05-2021 08:19 AM

Hi guys,

 

We are deploying an environmet with two 5520's in one site in HA SSO, and two 5508's in HA SSO in the datacenter. Do we have to add every controller (MAC-IP and Mobility group) as an Anchor in the 5520's? Do we have to add every foreign controller (MAC-IP and Mobility group) as peers in the Mobility Group?

 

My concern is that in the worst scenario, with both HA pairs as ACTIVE and the primary failing, the Mobility tunnel won't be up as the MAC address of every HA part is different from the primary unit, but the IP would be the same.

 

There is no clear doumentation from Cisco about this scenario and all the previous threads in this forum does not hacve a clear answer and all of them ends talkings about client connectivity.

 

Regards.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Flavio Miranda
VIP
VIP

‎03-01-2018 09:59 AM

Hi @JPavonM

 

"Do we have to add every controller (MAC-IP and Mobility group) as an Anchor in the 5520's? Do we have to add every foreign controller (MAC-IP and Mobility group) as peers in the Mobility Group?"

 

 If you are deploying SSO don´t make sense talk about "every WLC". If you have a pair of WLC in SSO then you have one WLC. You have on IP address and both WLC will be like one. Theoretically you shouldn´t even notice if they switchover.

 

"My concern is that in the worst scenario, with both HA pairs as ACTIVE and the primary failing, the Mobility tunnel won't be up as the MAC address of every HA part is different from the primary unit, but the IP would be the same."

 

If you have a HA SSO and the primary WLC fail, the secondary will take over and nothing should be changed on the topology. If a mobility tunnel exist on the environment, they should keep up after switchover.

  The mac address for any kind of HA won´t be the physical Mac address but a virtual one, or at least, the mac address shouldn´t be changed  otherwise, would be impossible to have HA.  The same for IP address. 

 Let´s see what Cisco says:

"In order to keep the mobility network stable without any manual intervention and in the event of failure or switchover, the back-and-forth concept of Mobility MAC has been introduced. When the HA pair is set up, by default, the Primary WLC's MAC address is synced as the Mobility MAC address on the Standby WLC which can be seen via the show redundancy summary command on both the controllers."

But before this feature, it was possible to achive the same level with the configuration of "redundancy mobilitymac <custom mac address>"

 

 "There is no clear doumentation from Cisco about this scenario and all the previous threads in this forum does not hacve a clear answer and all of them ends talkings about client connectivity."

 

You can follow this doc:

https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-1/HA_SSO_DG/High_Availability_DG.html

 

-If I helped you somehow, please, rate it as useful.-

 

 

 

 

View solution in original post

2 Replies 2

Go to solution
Flavio Miranda
VIP
VIP

‎03-01-2018 09:59 AM

Hi @JPavonM

 

"Do we have to add every controller (MAC-IP and Mobility group) as an Anchor in the 5520's? Do we have to add every foreign controller (MAC-IP and Mobility group) as peers in the Mobility Group?"

 

 If you are deploying SSO don´t make sense talk about "every WLC". If you have a pair of WLC in SSO then you have one WLC. You have on IP address and both WLC will be like one. Theoretically you shouldn´t even notice if they switchover.

 

"My concern is that in the worst scenario, with both HA pairs as ACTIVE and the primary failing, the Mobility tunnel won't be up as the MAC address of every HA part is different from the primary unit, but the IP would be the same."

 

If you have a HA SSO and the primary WLC fail, the secondary will take over and nothing should be changed on the topology. If a mobility tunnel exist on the environment, they should keep up after switchover.

  The mac address for any kind of HA won´t be the physical Mac address but a virtual one, or at least, the mac address shouldn´t be changed  otherwise, would be impossible to have HA.  The same for IP address. 

 Let´s see what Cisco says:

"In order to keep the mobility network stable without any manual intervention and in the event of failure or switchover, the back-and-forth concept of Mobility MAC has been introduced. When the HA pair is set up, by default, the Primary WLC's MAC address is synced as the Mobility MAC address on the Standby WLC which can be seen via the show redundancy summary command on both the controllers."

But before this feature, it was possible to achive the same level with the configuration of "redundancy mobilitymac <custom mac address>"

 

 "There is no clear doumentation from Cisco about this scenario and all the previous threads in this forum does not hacve a clear answer and all of them ends talkings about client connectivity."

 

You can follow this doc:

https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-1/HA_SSO_DG/High_Availability_DG.html

 

-If I helped you somehow, please, rate it as useful.-

 

 

 

 

Go to solution
JPavonM
VIP
VIP
In response to Flavio Miranda

‎03-01-2018 11:51 AM

thanks a lot
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card