01-26-2021 06:10 AM - edited 07-05-2021 01:05 PM
Hi board,
one question regarding the configuration of deterministic AP join on a WLC.
So, you may set the primary/secondary/tertiary WLC per AP:
# IOS-XE config stlye ap name <AP-NAME> controller primary <WLC-HOSTNAME> [<WLC-IPv4-ADDRESS>]
Another possibility is to set a global backup WLC
# IOS-XE config stlye ap profile myProfile capwap backup primary <WLC-HOSTNAME> <WLC-IPv4-ADDRESS>
The C9800 best practice paper states:
When configuring access points, always set the primary and secondary controller names and IP addresses to control the AP selection during the CAPWAP join process. [...]
This configuration can also be done globally for a group of APs at the AP profile level. This is more flexible than defining it for all APs, as in AireOS:
First of all, the feature of a "backup WLC" is available in AireOS as well. Secondly, the functionality of defining a primary/secondary WLC on a per AP level is completely different from the global backup WLC definition.
=> If there is no per-AP setting for HA and there is a primary backup WLC, the AP does not fall back to the primary backup.
So there is no way to force an AP to a different WLC if using the global backup configuration.
At least if I don't configure any primary/secondary WLC on the AP and another WLC as the primary backup, the AP does not fall back (or actively join) the backup WLC.
Is this correct?
01-26-2021 08:12 AM
- In general you are better of by looking into High Availability SSO Deployments make this issue transparent and making the AP-failover mechanism automatically.
M.
01-26-2021 08:13 AM
Hey M.
Thank you for your answer. I have a SSO in combination with an N+1 deployment
So one SSO pair with a dedicated backup WLC.
01-26-2021 08:44 AM
- Personally and or since cisco hardware reliability I find it overkill , and as you state perhaps the added complexity may lead to configuration mistakes and or extra tasks taking business-time , I acknowledge that opinions may vary.
M.
01-26-2021 03:46 PM
@Johannes Luther wrote:
=> If there is no per-AP setting for HA and there is a primary backup WLC, the AP does not fall back to the primary backup.
The AP settings (Primary/Secondary Controller) will be followed as a first priority over global settings.
If no per-AP settings is available, global settings is followed.
01-26-2021 09:49 PM
Hi Leo,
I thought so as well, but the APs don't send a "primary discovery request" towards to the configured backup primary and standby WLCs.
So the backup WLCs may act as backup, but compared to the "primary/secondary/tertiary" configuration, "AP fallback" is not functional for the backup WLCs.
At least this is what I see in my lab.
01-26-2021 09:53 PM
... and just after I wrote my last answer, I found this note in the config guide:
The primary and secondary settings in the AP join profile are not used for AP fallback. This means that the AP will not actively probe for those controllers (which are a part of the AP join profile), when it has joined one of them.
So, there is a functional difference between per AP and global backup WLC configuration...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide