Re: AMA: Catalyst 9800 Upgrade & High Availability

Brooke Hammer · ‎10-08-2024

Ask Me Anything Event

Welcome to the Cisco Community Ask Me Anything conversation. Submit your questions from Monday, October 14, 2024 through Friday, October 28, 2024. Our colleagues Saikat Nandy, Parithosh Vema and Naveen Kumar will be waiting to assist you and resolve any questions that have not been clarified, or answer any new questions that you may have. We are waiting for you!

More about this event:

Join us for an Ask Me Anything (AMA) event where you can dive deep into Cisco Catalyst 9800 Upgrade and High Availability!

What is it?

The Cisco Catalyst 9800 Series (C9800) is the next-generation wireless LAN controller from Cisco. It has been built from the ground up to support today's most demanding wireless networking requirements. They are designed with an open and programmable operating system to provide flexibility of management and automation. The platform is having built-in class features which can reduce your maintenance window downtime and at the same time it can provide the required resiliency and redundancy to your mission-critical wireless network.

N+1 Hitless Upgrade: Hitless upgrade leverages the concept of N+1 high availability with a spare WLC (already upgraded to the target version) to upgrade the CAPWAP infrastructure. The APs are then upgraded in a staggered fashion using the Rolling AP upgrade feature, which avoids network disruption and does not allow all the APs upgrade at once. This ensures that the clients are serviced by the neighbour APs while one of the APs undergoes the upgrade process.
ISSU Upgrade: In-Service Software Upgrade (ISSU) is a procedure to upgrade a wireless controller image to a later release while the network continues to forward packets. ISSU helps network administrators avoid a network outage in a critical environment (Ex - Hospital) while performing a software upgrade.
HA-SSO: High availability has been a requirement on wireless controllers to minimize downtime in live networks. High Availability - Stateful Switchover (HA-SSO) capability of a wireless controller allows the access point to establish a CAPWAP tunnel with the Active wireless controller and the Active wireless controller to share a mirror copy of the AP and client database with the Standby wireless controller. The APs do not go into the Discovery state and clients do not disconnect when the Active wireless controller fails and the Standby wireless controller takes over the network as the Active wireless controller. There is only one CAPWAP tunnel maintained at a time between the APs and the wireless controller that is in an Active state.
AP Image Predownload: To minimize network outages, download an upgrade image to an access point from the WLC(already having the upgrade image) without resetting the access point or losing network connectivity. If followed, this step significantly decreases the MW timeline while performing regular upgrade. In a flex environment, the same mechanism can be performed through efficient image upgrade in a slightly different way.

Official Resources:

Regular Upgrade - https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/17-12/config-guide/b_wl_17_12_cg/m_upgrade_9800cl.html

N+1 Hitless Upgrade - https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/215550-hitless-software-upgrade-on-catalyst-980.html

ISSU Upgrade - https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/17-12/config-guide/b_wl_17_12_cg/m_issu.html

High Availability - https://www.cisco.com/c/dam/en/us/td/docs/wireless/controller/9800/17-6/deployment-guide/c9800-ha-sso-deployment-guide-rel-17-6.pdf

AP Image Predownload - https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/17-12/config-guide/b_wl_17_12_cg/m_predwnld_image_ap_ewlc.html

Efficient Image Upgrade - https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/17-12/config guide/b_wl_17_12_cg/m_eff_image_upgrade_ewlc.html

Note: Please post your post as a comment below no later than October 28, 2024.

Post your question below by clicking "Reply"

(Answers will be processed depending on the availability of the experts)
Don't forget to thank the expert by giving it a helpful vote!

Our experts

Saikat Nandy

Technical Consulting Engineer

Parithosh Verna

Technical Consulting Engineer

Naveen Kumar

Technical Consulting Engineer

For more information, visit the Cisco Wireless- Mobility discussion forums . If you have questions or are experiencing technical problems with any of the Cisco products, post your question, request information or use the Cisco Community before opening a case with the TAC.

nikolas-pereira · ‎10-15-2024

How can i upgrade from 17.9.4a to 17.12.3 without corrupted images in remote access points with mtu lower than 1500?

marce1000 · ‎10-15-2024

@nikolas-pereira - How do you define => 'access points with mtu lower than 1500' ?

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

nikolas-pereira · ‎10-15-2024

Cisco have a official document talking about the Access Points 9120 (wave 2) and the risk of corruption in image download.

One of the topics talks about Access Points that pass in a wan link have more chance to corrupt if had the MTU lower than 1500 bytes.

take a look at this link ans search for: low CAPWAP MTU (less than 1485 bytes) - the lower the MTU, the higher the risk

https://www.cisco.com/c/en/us/support/docs/wireless/wireless-lan-controller-software/221869-safely-upgrade-access-points-avoiding-i.html

marce1000 · ‎10-15-2024

@nikolas-pereira >...that pass in a wan link have more chance to corrupt if had the MTU lower than 1500
- That is a more correct phrasing then 'access points with mtu lower than 1500'

Currently not applicable to your situation but also note that from 17.13.x and onwards more resiliency
has been built in to avoid AP image corruption when downloading over WAN links.

++ 17.13 has a complete corruption verification and prevention system

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

sanandy@cisco.com · ‎10-15-2024

If you are performing upgrade on a flex deployment with remote access points, it is always better to setup a syslog server under the AP Join profile and perform AP image predownload. In the syslog, you should looks for the logs "Image signature verification failure: -3". If you see something like this, it is confirmed that the AP has downloaded a corrupted image. You can push AP specific lightweight image to those failed APs through archive command. Refer - https://www.cisco.com/c/en/us/support/docs/wireless/wireless-lan-controller-software/221869-safely-upgrade-access-points-avoiding-i.html. It talks about the AP join profile and the related configuration.

-- Saikat

govardhan443 · ‎10-15-2024

9800 in HA ,my standby controller ports are showing down ,if they are showing down how will standby controller check the gateway reachability?

marce1000 · ‎10-16-2024

@govardhan443 : - I think the question comes down to ; do I currently have a valid (hot) standby controller ?
You may use these commands to validate :

WLC (primary) # test wireless redundancy rping

show chassis
show chassis detail
show chassis ha-status local
show chassis ha-status active
show chassis ha-status standby
show chassis rmi
show redundancy
show redundancy history
show redundancy switchover history
show tech wireless redundancy
show redundancy states
show redundancy | i ptime|Location|Current Software state|Switchovers

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

pvema · ‎10-16-2024

In the 9800 HA, the Active and Standby unit operates as a single unit so the Standby unit is expected to have its physical interfaces in the down state while the Active is running the network. GW(gateway) Reachability is done independently from both Active & Standby via the RMI (Redundancy Management Interface), so although the physical interfaces of the Standby WLC will be DOWN(on the switch connecting to the standby will be UP), the SVI with the RMI IP address will stay up and that is used as the source when the gateway check is done.

If you see the working of the Default Gateway Check:

Default Gateway check is done by periodically sending Internet Control Message Protocol (ICMP) ping to the gateway. Both the active and the standby controllers use the RMI IP as the source IP. These messages are sent at 1 second interval. If there are 8 consecutive failures in reaching the gateway, the controller will declare the gateway as non-reachable.

Refer page 27 in the HA deployment guide for more context: https://www.cisco.com/c/dam/en/us/td/docs/wireless/controller/9800/17-1/deployment-guide/c9800-ha-sso-deployment-guide-rel-17-1.pdf

ashissah · ‎10-27-2024

In the recent (17.12) version 9800 upgrades, we don't see the option to predownload the APs as one-shot. I think it does the iterative predownload automatically.
Is there any way to go for a one-shot AP image predownload both CLI and GUI ?

sanandy@cisco.com · ‎10-27-2024

If I have understood your question correctly, I believe you are talking about the AP image predownload option 5/15/25/one shot options.
You don't get these options in regular upgrade. However if you are doing -
1. ISSU
2. N+1 hitless upgrade
3. Install APSP

You will get the option to choose the percentage.

Likewise if you are trying to do the predownload in one shot from CLI the command is "ap image predownload". You can customize it with site tag option if needed.

All the above mentioned details are valid in 17.12.x.