03-08-2013 04:23 PM - edited 07-03-2021 11:42 PM
With Madhuri C.
Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions of Cisco expert Madhuri C.about the new High Availability (HA) feature (that is, AP SSO) set within the Cisco Unified Wireless Network software release version 7.3 This feature allows the access point (AP) to establish a CAPWAP tunnel with the Active WLC and share a mirror copy of the AP database with the Standby WLC. The APs do not go into the Discovery state when the Active WLC fails and the Standby WLC takes over the network as the Active WLC.
Madhuri C. is a customer support engineer at the Cisco Technical Assistance Center in Bangalore, India. During her four years of experience she has worked on a wide range of Cisco wireless products and technology such as autonomous IOS (aIOS) access points, wireless routers, wireless LAN controllers, wireless VoIP phones, wireless control systems, network control systems, prime infrastructure, and mobility services engines. She has also worked in LAN switching technology.
Remember to use the rating system to let Madhuri know if you have received an adequate response.
Madhuri might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Wireless Mobility sub community discussion forum shortly after the event. This event lasts through March,22 2013. Visit this forum often to view responses to your questions and the questions of other community members.
More Information : http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080bd3504.shtml
03-19-2013 11:40 AM
Hi Robin,
WLC1 - Initially configured as Primary and is active currently.
WLC2 - Initially configured as Secondary and in standby mode.
1. When you disabled switchport going to primary WLC1, gateway would not be reachable from primary. Thus the secondary wlc2 will come up as active wlc.
Scenario :
Network Issues | |||||
---|---|---|---|---|---|
RP Port Status | Peer Reachable via Redundant Management | Gateway Reachable from Active | Gateway Reachable from Standby | Switchover | Results |
Up | Yes | No | Yes | Yes | Switchover happens |
2.After above step, WLC2 is still active.
Now when you enabled ports going to WLC1, WLC1 will negotiate and become standby on its own. There is no preempt functionality. That is when the previous Active WLC1 comes back, it will not take the role of the Active WLC, but will negotiate its state with the current Active WLC - WLC2 and transition to a Standby state.
Scenario now would be :
Network Issues | |||||
---|---|---|---|---|---|
RP Port Status | Peer Reachable via Redundant Management | Gateway Reachable from Active | Gateway Reachable from Standby | Switchover | Results |
Up | Yes | Yes | Yes | No | No Action |
3. After above step, WLC2 is still active, and WLC 1 is standby. Now ports to WLC2 which is current active is brought down.
Scenario would be :
Network Issues | |||||
---|---|---|---|---|---|
RP Port Status | Peer Reachable via Redundant Management | Gateway Reachable from Active | Gateway Reachable from Standby | Switchover | Results |
Up | Yes | No | Yes | Yes | Switchover happens |
so now WLC1 is back as active and WLC2 would be standby for which there is no network connectivity.
4. As WLC2 has switchport down, last scenario would be :
Network Issues | |||||
---|---|---|---|---|---|
RP Port Status | Peer Reachable via Redundant Management | Gateway Reachable from Active | Gateway Reachable from Standby | Switchover | Results |
Up | Yes | Yes | No | No | Standby will reboot and check for gateway reachability. Will go in to maintenance mode if still not reachable. |
Thus everything you have noticed is working as per design and is not a bug
We can get more clarity on this by issuing 'show redundancy summary' on both WLCs at every step to see current active, currnet standby and maintenance mode reason.
Let me know if this answered all your questions.
Regards,
Madhuri
03-19-2013 03:20 PM
Thanks a lot!
03-21-2013 08:29 AM
Hello Madhuri,
I have a question regarding license.
We have two 5508 in our datacenter running 7.2, which I plan to upgrade to either 7.3 or 7.4. All our APs are in flex-connect mode. Each WLC has license for 200 APs (permanent). So I actually 'could' connect 400 AP (while give up redundancy).
Once I enable HA SSO, will I have 200 licence in total..or?
If I understand correct, the standby need to have minimum 50 license. Means I could move 150 from the secondary to my primary, which would give me a total of 350?
And in the future, if we need add APs, we just purchase add lic for the primary?
Appreciate your feedback.
Thanks,
Stefan
03-21-2013 10:26 AM
Hi Stefan,
You can certainly transfer 150 license to primary wlc. This would make it 350 on one and 50 on standby to facilitate the HA pairing.
Please refer to rehost license section in below link :
Alternatively you could also raise a case with Cisco TAC licensing team and they will be able to assist in moving 150 license from secondary to your primary.
For high-availability controllers when you enable HA, the controllers synchronize with the enabled license count of the primary controller and support high availability for up to the license count enabled on the primary controller.
Thus in future, you just need to add license on primary.
Regards,
Madhuri
03-21-2013 05:38 PM
Thank you, all clear now.
Sent from Cisco Technical Support iPad App
03-22-2013 02:21 AM
Hi Madhuri.
I have been led to believe that the rehosting was limited to adder licenses only.
Quote:
"Revoking a license from one controller and installing it on another is called rehosting. You might want to rehost a license in order to change the purpose of a controller. For example, if you want to move your OfficeExtend or indoor mesh access points to a different controller, you could transfer the adder license from one controller to another controller of the same model, say from one 5500 series controller to another 5500 series controller (intramodel transfer). This can be done in the case of RMA or a network rearchitecture that requires you to transfer licenses from one appliance to another. It is not possible to rehost base licenses in normal scenarios of network rearchitecture. The only exception where the transfer of base licenses is allowed is for RMA when you get a replacement hardware when your existing appliance has a failure."
Has this been changed?
Sincere Regards
03-22-2013 07:38 AM
Hi Mats,
Using RMA portal when you move licenses from a bad box to the RMA device AIR-CT5508-CA-K9, all licenses [including base-ap-count, wplus, wplus-ap-count] except for the base license and evaluation
will be moved over to the new device. Old device would still have permanent base AP license on it even after rehost.
The RMA WLC is by default shipped with base license thus there is no need to move base license to new one.
To transfer license to RMA box, you can refer to :
Under special cases, if there is issue with base license, Cisco TAC licensing team can send you the base license. Also they can check base-ap-count of old box and they send you one .lic file with base and base-ap-count feature set included to reflect the right AP count on new WLC.
In that case you would see one base license as permanent-active and other one as permanent-inactive. We would not have option to delete or modify priority of base license.
Regards,
Madhuri
03-22-2013 09:12 AM
Thanks Madhuri.
I need to be more specific.
If we have two AIR-CT5508-250-K9 with each 250 base licenses, and we want to implement HA-SSO. Then we would normally loose 200 AP licenses unless the base licenses could be reenginered and reshosted:
initial state prefered outcome
AIR-CT5508-250-K9 AIR-CT5508-250-K9 + L-LIC-CT5508-100A x 2
AIR-CT5508-250-K9 AIR-CT5508-HA-K9
Would this be possible, and how?
Since the old licenses are "hard" base licenses, customers are locked with the old AP redundancy scheme since just enabling HA on a WLC pair with the base license above 50 AP will loose these licenses.
If possible this would mean that the threshold for existing Cisco customers to upgrade to HA-SSO is drastically reduced.
Sincere Regards
Mats
03-21-2013 08:48 AM
Hi Madhuri,
I am upgrading from WISM to 5508. I was just configuring HA between two 5508 but after enabling SSO and reboot, The HA is not working. My secondary box went into maintence mode and primary controller stuck in l2 mode. It seems the redundant commands are missing in the primary controller as well. I checked the network reachablity to gateway is available from the controller and the redundancy ports are wired as well. Could you thro some light ? Couldn't find any good troubleshooting doc.
03-21-2013 10:45 AM
Hi,
There are few scenarios where the Standby WLC may go into Maintenance Mode and not be able to communicate with the network and peer:
The WLC should be rebooted in order to bring it out of Maintenance Mode. Only the Console and Service Port is active in Maintenance Mode.
You can collect 'show redundancy summary' and 'show redundancy statistics' from both WLCs. This will show state of wlc, perr wlc state and reason for maintenance mode. We can take it up further based on the reason of maintenance mode.
Console logs saved will also help in identifying as to which step is failing.
If the redundancy commands are missing on primary, you need to reconfigure them. Else pairing will fail.
Please make sure you have following conditions met :
- Minimum 50 AP count license on secondary WLC. 'Show license summary' output from WLCs.
- Both WLCs running same version.
- WLCs in same subnet.
- Enable admin mode of ports. Show port summary will show the state.
Feel free to log a ticket with Cisco TAC. We can setup WebEx and assist you in troubleshooting the issue.
Regards,
Madhuri
03-21-2013 03:39 PM
Hi Madhuri,
You have helped me numerous times on my WLC adventures and I wanted to thank you, thank you, thank you! You always go above and beyond the call of duty!
Regards,
Amir
03-21-2013 06:11 PM
I'm really happy to hear that. Thanks for all the appreciation Amir
Regards,
Madhuri