- Cisco Community
- Technology and Support
- Wireless - Mobility
- Wireless - Mobility Knowledge Base
- High availability (HA) in WLC 7.3 Release – An Introduction
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
09-05-2012 04:33 AM - edited 11-18-2020 02:59 AM
HA Overview
High availability (HA) in controllers allows you to reduce the downtime of the wireless networks, due to the failure of controllers. In 7.3 it is true High Availability is introduced. Hot standby - That is when one box fails due to hardware issues or network connectivity almost instantaneously take over by the standby box. One WLC will be active state and second WLC will be Hot standby state who monitors the health of the active WLC through a direct wired connection over a dedicated Redundancy port. Configuration on active WLC is synched to standby WLC via redundant port.
Both the WLCs share the same set of configurations including the IP address of the Management interface. AP’s CAPWAP state is also synced. APs do not go in the Discovery state when Active WLC fails. That will ensure the AP sessions are intact after switch over. With this we achieve stateful switchover(SSO) for the Access Points(AP SSO). However, in this release Client SSO is not supported, the clients de-authenticated and forced to rejoin new Active WLC when failover occurs. Off Couse, we can do that with cache credential system. Both the active and stand by WLCs are expected to be next to each other, as we achieve HA over a network cable. Both the WLCs are going to share the same configuration information.
After you enable HA, the primary and secondary controllers are rebooted. During the boot process, the primary controller role is negotiated as active and the secondary controller as standby-hot. After a switchover, the secondary controller becomes the active controller and the primary controller becomes the standby-hot controller. After subsequent switchovers, the roles are interchanged between the primary and the secondary controllers.
How it works?
The New High Availability feature i.e. AP SSO set within the Cisco Unified Wireless Network software release v7.3 allows the AP to establish CAPWAP tunnel with Active WLC and share mirror copy of AP database with Standby WLC. APs do not go in Discovery state when Active WLC fails and Standby WLC takes over the network as Active WLC. There is only one CAPWAP tunnel maintained at a time between APs and WLC that is in Active state. The overall goal for the addition of AP SSO support to the Cisco Unified Wireless LAN was to reduce major downtime in wireless network due to failure conditions that may occur due to box failover or network failover.
The HA Controller is a new manufacturing orderable controller for every controller series. The HA controller is in Standby state when it boots and pairs with a controller running a permanent count license. For controllers that have permanent count licenses, you can manually configure whether the controller is in the Active state or the Standby state.
New Features
Virtual Wireless LAN Controller (vWLC)
vWLC is a software that can run on hardware that is compliant with an industry standard virtualization infrastructure. Virtual wireless LAN controller provide flexibility for users to select the hardware based on their requirement.
High availability (HA)
HA in controllers allows users to reduce the downtime of the wireless networks, due to the failover of controllers. In this release, a 1:1 (Active:Standby-Hot) AP stateful switchover (AP SSO) is supported.
Increased scale for Cisco Flex 7500 Series Controllers
Increased scale for Cisco Flex 7500 Series Controllers to support 6000 APs, 64000 clients, 2000 FlexConnect groups, 6000 AP groups, 100 APs per FlexConnect group, and up to 4096 VLANs.
Support for 802.11u
This release extends support for 802.11u in FlexConnect mode.
Two new AP1552 models
This release introduces two new AP1552 models
- AP1552CU
- AP1552EU
Introduced Cisco 8500 Series Controllers
8500 WLCs support local mode, FlexConnect, and mesh modes. The Cisco 8500 Series Controllers support 6000 APs, 64,000 clients, 2000 FlexConnect groups, 6000 AP groups, 100 APs per FlexConnect group, and up to 4095 VLANs. A Cisco 8500 Series Controller can support up to 24,000 rogue APs and 32,000 rogue clients.
Increased scale for Cisco Flex 7500 Series Controllers
Supports 6000 APs, 64000 clients, 2000 FlexConnect groups, 6000 AP groups, 100 APs per FlexConnect group, and up to 4096 VLANs.
Number of rogue APs and rogue clients
The number of rogue APs and rogue clients that can be detected per platform is increased
Table 1-1 Number of Rogue APs and Rogue Clients that Can Be Detected | ||
Controller Platform | Number of Rogue APs | Number of Rogue Clients |
Cisco WiSM2 | 4000 | 5000 |
Cisco Flex 7500 Series Controller | 24000 | 32000 |
Cisco 8500 Series Controller | 24000 | 32000 |
Cisco Virtual Wireless LAN Controller | 800 | 1500 |
Supported RFID
This release extends the number of radio frequency identifiers (RFIDs) to be supported
Table 1-2 Number of RFIDs Supported on Controller Platforms | |
Controller Platform | Number of RFIDs Supported |
Cisco WiSM2 | 10000 |
Cisco Flex 7500 Series Controller | 50000 |
Cisco 8500 Series Controller | 50000 |
Cisco Virtual Wireless LAN Controller | 3000 |
Aironet 2600 Series AP
The Cisco Aironet 2600 Series Access Points are supported.
Controller Platforms Not Supported
The following controller platforms are not supported:
- Cisco 4400 Series Wireless LAN Controller
- Cisco 2100 Series Wireless LAN Controller
- Cisco Catalyst 3750G Integrated Wireless LAN Controller
- Cisco Catalyst 6500 Series/7600 Series Wireless Services Module (WiSM)
- Cisco Wireless LAN Controller Module (NM/NME)
Features Not Supported on Controller Platforms
Open Caveats
- If you are a registered cisco.com user, view Bug Toolkit on cisco.com at the following website- http://tools.cisco.com/Support/BugToolKit/
CSCtz07676 | Controller cannot establish SXP connection with a Cisco Nexus 7000 Series switch. Symptom: An SXP connection from the controller to the Cisco Nexus 7000 Series switch reports the On state on the controller side while the switch reports the Waiting for Response state. Conditions: Establishing SXP connection between the controller and ASA. Workaround: Add an intermediate device that supports SXPv2 between the controller and the Cisco Nexus 7000 Series switch. | Severity -2 |
CSCua45032 | Outer DSCP is 46 with client gold QoS level policy. Symptom: The outer DSCP is 46 with a gold QoS level policy for the client. Conditions: During AAA override of QoS values. Workaround: None. | Severity -2 |
CSCub42439 | An AP sends CAPWAP control frame incorrectly to the client. Symptom: AP Sends CAPWAP control frame to client incorrectly when gateway IP address of AP is assigned to the client. Conditions: The gateway IP address of the AP is assigned to the client. The client is pinging the AP for a few seconds, but the AP starts to send CAPWAP control frames to the client incorrectly. Workaround: None. | Severity -2 |
CSCtw67184 | Controller loses RAID after a power interruption. Symptom: During the boot process, the following error message appears on the attached monitor or on the serial console: "All the disks from your previous configuration are gone. If this is an unexpected message, then please power off your system and check your system and check your cables to ensure all disks are present. Press any key to continue or C to load the configuration utility." When the Spacebar key is pressed, the system could not boot from the disk. Conditions: The Cisco Flex 7500 Series Controller had an unexpected power interruption (the power plug was pulled while the system was operational). After the reboot, the RAID card could not find its configuration in the flash memory and therefore it could not boot. Workaround: Enter the WebBIOS, which is a RAID management tool. There are two versions of this tool: one that uses extensive menus and requires an attached monitor and another that is based on the command-line interface (CLI). The CLI version can be accessed from the serial console. You are prompted for this on the serial console after the error message is displayed. 1. Press Ctrl-Y to enter the CLI version of the WebBIOS tool in the following command: -CfgForeign -Import -a0 2. Reboot the server. Further Problem Description: When the Spacebar key is pressed, the system could not boot from the disk. During bootup, the LSI WebBIOS loads correctly and shows two physical disks but no virtual disks. It appears that the RAID configuration that was present in the system was lost. The controller encountered an unexpected power interruption (the power plug was pulled while the system was operational). After the reboot, the RAID card could not find its configuration in the flash memory and therefore it could not boot. The flash configuration was corrupted or deleted due to the power interruption. The RAID card keeps a backup of the configuration on the hard drives. However, when the card loses the configuration information that is present in the flash, the card does not automatically get the backup configuration information from the hard drives. The information on the hard drives is considered a foreign configuration that requires your intervention. The system waits for you to take action. Note that all the data on the hard drives are still intact. | Severity -2 |
CSCub03023 | WebAuth redirect to custom page, gets credential information, redirects to internal page. Symptom: WebAuth redirects to custom page, gets user credential information, again redirects to internal page, gets user credential information, and eventually succeeds. Conditions: HTTPs/HTTP WebAuth redirection when using custom WebAuth bundle. Workaround: Use internal WebAuth page. | Severity -2 |
CSCub13415 | AP3502 in H-REAP local switching does not forward broadcast ARP. Symptom: Wireless phones are experiencing sporadic one-way or no-way audio. Conditions: Wireless phones (7925) connected to APs in H-REAP, Local Switching, Local Authentication, WPA2/AES/PSK. Workaround: •Reboot the AP (works for a short time). •Roam away and back (works for a short time). •Use WEP instead. | Severity -2 |
CSCub24389 | AP stops working during the spamProcessCertPayload process. Symptom: Stack Trace: [0x001A1A60] crashdump(0x1a18dc)+0x184 [0x001A19B0] crashdump(0x1a18dc)+0xd4 [0x001CB2F8] get_block(0x1cb130)+0x1c8 [0x001BA118] malloc(0x1b9e9c)+0x27c [0x005AAA08] spamProcessCertPayload(0x5aa9e8)+0x20 [0x00585BAC] lwapp_client_process_q(0x5859c0)+0x1ec [0x00586BB4] lwapp_client_process(0x58679c)+0x418 [0x001A5AF0] process_execute(0x1a5964)+0x18c</B></B> Conditions: Using LSC on a Cisco 5508 Controller results in multiple APs (AP3500 and AP1131 models). Workaround: Disable LSC on the controller. | Severity -2 |
CSCub25051 | Mesh 1524SB radio0 excessive reset with code 50. Symptom: 1524SB radio0 excessive reset with code 50 causes client drops. Conditions: Not applicable. Workaround: None. | Severity -2 |
CSCub42900 | Cisco 5508 Controller stops working on the 7.0.220.0 controller software release. Symptom: Cisco 5508 Controller stops working. Conditions: Cisco 5508 Controller on the 7.0.220.0 controller software release. The controller had been operational for 100 days. Workaround: Reboot the controller. Further Problem Description: It was found that the Ethernet driver stopped working. The controller was rebooted after which it became operational. The controller stopped working again, after which it was rebooted, and the cycle continued. | Severity -2 |
CSCua76243 | SRE710 does not boot after upgrade. Symptom: SRE becomes corrupt during the image upgrade process on rare occasions, which causes the unit to be unable to boot because the flash image is corrupted on both sides. Conditions: Upgrading SRE to the 7.3 release sometimes causes the flash to be corrupted, and a manual image download needs to be performed. Workaround: If the flash is corrupted during an image download, manual image recovery must be done through the router that this device is plugged into. A manual image transfer must include the files with these extensions on the tftp server to allow software download: .aes, .install.sre, .install.sre.header, .installer, .key, ER.aes, ism_bl, and sm_bl. | Severity -1 |
CSCub46092 | H-REAP is central switched when WLAN is set for local switching. Symptom: Client sometimes is left in central switched mode even though WLAN is set for local switching. Conditions: MAC filtering Web-Auth on fail enable for local switched H-REAP. Workaround: Bounce the client wireless adapter. | Severity -2 |
CSCub52566 | HA: Active controller stops working during the rsyncmgrXferMain task. Symptom: In an HA environment, the active controller might stop working during an image and/or configuration download to the standby-hot controller with the rsyncmgrXferMain task if the standby-hot controller detects gateway and/or peer unreachability and reloads in the middle of a download. Conditions: •HA pair is up •Image download started on the active controller •Image successfully written on the active controller •Image transfer successful to the standby-hot controller •Image write in progress on the standby-hot controller •Standby-hot controller unable to reach gateway, detected gateway failure, and started rebooting •If the standby-hot controller detects peer unreachable and starts reloading during download process from the active controller Workaround: Always schedule an image download, configuration download during a scheduled maintenance window to avoid disruption in the wireless service. | Severity -2 |
CSCub52499 | In an HA environment, Cisco 8500 Series controller as the active controller stops working. Symptom: HA paired 7500 or 8500 controller might abruptly stop working. Conditions: None. Workaround: If the active controller stops working, the standby-hot controller takes over, and the wireless service is restored automatically. Then, you must manually power off/on the controller that has stopped working. If the standby-hot controller stops working, the active controller continues to operate. You must manually power off/on the controller that has stopped working. | Severity -2 |
CSCua37498 | License module stops working and the controller prompts saying another user has transfer in progress. Symptom: While trying to install a license, it was found out that the controller does not allow any transfer stating that "another user has transfer in progress." The controller could not be reset. The controller then had a "devshell crash." Conditions: None. Workaround: None. | Severity -2 |
Reference
Release Notes for Cisco Wireless LAN Controllers and Lightweight Access Points for Release 7.3.101.0
Cisco 5500 Series Wireless Controllers Release and General Information
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: