Mohit Paul is a Testing Engineer in Wireless Engineering Team. In this Video Series Mohit explains about "How to configure and pair-up two different controllers in High Availability mode using CLI", "AP-SSO configuration using initial CLI configuration wizard" and "AP-SSO configuration using GUI".
The new High Availability (HA) feature (that is, AP SSO) set within the Cisco Unified Wireless Network software release version 7.3 allows the access point (AP) to establish a CAPWAP tunnel with the Active WLC and share a mirror copy of the AP database with the Standby WLC. The APs do not go into the Discovery state when the Active WLC fails and the Standby WLC takes over the network as the Active WLC.
There is only one CAPWAP tunnel maintained at a time between the APs and the WLC that is in an Active state. The overall goal for the addition of AP SSO support to the Cisco Unified Wireless LAN was to reduce major downtime in wireless networks due to failure conditions that may occur due to box failover or network failover.
So in 7.3, it is true High Availability i.e. Hot standby. That is when one box fails due to hardware issues or network connectivity almost instantaneously the standby box takes over. This reduces the failover time. The downtime between failver is reduced to 5 – 996 Milliseconds in case of WLC hardware failure and upto 3 seconds in case of Network issues. One WLC will be active state and second WLC will be Hot standby state which monitors the health of the active WLC.
High Availability in Release 7.3 and 7.4
The new architecture for HA is for box-to-box redundancy. In other words, 1:1 where one WLC will be in an Active state and the second WLC will be in a Hot Standby state continuously monitoring the health of the Active WLC via a Redundant Port. Both the WLCs will share the same set of configurations including the IP address of the Management interface. The WLC in the Standby state does not need to be configured independently as the entire configuration (Bulk Configuration while boot up and Incremental Configuration in runtime) will be synched from the Active WLC to the Standby WLC via a Redundant Port. The AP's CAPWAP State (only APs which are in a run state) is also synched, and a mirror copy of the AP database is maintained on the Standby WLC. The APs do not go into the Discovery state when the Active WLC fails and the Standby WLC takes over the network's Active WLC.
There is no preempt functionality. When the previous Active WLC comes back, it will not take the role of the Active WLC, but will negotiate its state with the current Active WLC and transition to a Standby state. The Active and Standby decision is not an automated election process. The Active/Standby WLC is decided based on HA SKU (Manufacturing Ordered UDI) from release 7.3 onwards. A WLC with HA SKU UDI will always be the Standby WLC for the first time when it boots and pairs up with a WLC running a permanent count license. For existing WLCs having a permanent count license, the Active/Standby decision can be made based on manual configuration.
AP SSO is supported on 5500/7500/8500 and WiSM-2 WLCs. Release 7.3 only supports AP SSO that will ensure that the AP sessions are intact after switchover. MAPs, which are treated as mesh clients on RAP, are not de-authenticated with AP SSO.
Client SSO is supported on 5500/7500/8500 and WiSM2 WLCs from release 7.5 onwards.
High Availability in Release 7.5
To support High Availability without impacting service, there needs to be support for seamless transition of clients and APs from the active controller to the standby controller. Release 7.5 supports Client Stateful Switch Over (Client SSO) in Wireless LAN controllers. Client SSO will be supported for clients which have already completed the authentication and DHCP phase and have started passing traffic. With Client SSO, a client's information is synced to the Standby WLC when the client associates to the WLC or the client’s parameters change. Fully authenticated clients, i.e. the ones in Run state, are synced to the Standby and thus, client re-association is avoided on switchover making the failover seamless for the APs as well as for the clients, resulting in zero client service downtime and no SSID outage.
Hello everyone, I just got a monitor AIR-AP1800S-Z-K9 and it has no ethernet port, only USB. Wrondering if it is possible to deploy it using some kind of deployment SSID, just like Mobility Express does or if I´ll need to buy and Ethernet...
Hello If APs are deployed with only a primary controller assigned. By default, which mobility group member controller do the orphaned APs join in the event of a failed controller. There are multiple WLC in HA configuration in a mobil...
Hi expert I convert my Cat 9120 AP to EWC.Then I try to provision it using iPad by Over-the-Air Provisioning (OTAP).But the configured SSID doesn't appear in my laptop, iPad, smartphone. But in CLI, I can see the SSID already up.Does anyone...
I have two WLC 5520 on HA SOO with flex connect APs 702i, and I have configured SSID corporate flexconnect local switching with 802.1x authentication using ISE server 2.3 as AAA server. so when we tested the network, we have faced a problem of loss ...