cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
652
Views
5
Helpful
8
Replies

Deployment of C9800L WLC on DC and DR as N+1 HA

Kyaw Zin Latt
Level 1
Level 1

Dear Experts..

Quite a new here.

So I'm looking for a possible deisgn and solution for having two sets of 9800L WLC on both DC and DR site as they serve primary from DC unit and if that one fails, DR unit as secondary fallback for all APs.

I got deployed one SSO pair (two 9800L WLCs) at DC and running smooth. But when we do DC-DR exercises drill, DC site will be shutdown and all APs from all sites (except DC site APs) need to registered to another WLC at DR site.

So, the local vendor told me one SSO at DC and one SSO at DR or one SSO at DC and one standalone WLC at DR will not work the way I want it. Said I have to break my SSO pair at DC and move one unit to DR site as N+1 design.

Is that really true ?!
Is there any better options or design that I can go. I just don't want to break the current deisgn (SSO pair at DC site).

Please help me out.

 

Thank you all in advanced.

1 Accepted Solution

Accepted Solutions

 

   >...So, basically SSO at DC and another SSO at DR nor SSO at DC and standalone WLC at DR is not recommended or supported.
    There is no problem having 2 SSO's at each site , the DR-SSO playing an N+1 role.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

View solution in original post

8 Replies 8

balaji.bandi
Hall of Fame
Hall of Fame

If the Layer 2 extended and the latency in limit you can extend the WLC to other site :

SSO Pre-requisites

https://www.cisco.com/c/dam/en/us/td/docs/wireless/controller/9800/17-6/deployment-guide/c9800-ha-sso-deployment-guide-rel-17-6.pdf

But the question you mentioned DR So if the whole site failure, then there is no connectivity between DR right ?

You can also break HA and deploy N+1 same above guide give you direction.

Correct SSO HA (should be same place 2 Units) - if you looking DR kind then N+1 is the best options (there are some Limitation you can find in the document).

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Kyaw Zin Latt
Level 1
Level 1

Dear @balaji.bandi ..

Thank you so much for the answer.

The DC and DR sites are connected by Layer3 only. During DC-DR drill exercises whole DC site will be shutodwn and no need to think about APs in DC site. But in other scenario, let's say WLC at DC site fails.. all APs at DC and remotes sites shall connect and registere to WLC at DR site. (This is what we want..)

So, basically SSO at DC and another SSO at DR nor SSO at DC and standalone WLC at DR is not recommended or supported. Then I should go with the option to break current SSO pair at DC site and go with N+1 (standalone unit at DC and standalone unit at DR site) as a best option ?!

Thanks again.

Oh.. Sorry I also found this one in the SSO pair guide.

N+1 with SSO Hybrid.jpg

 

   >...So, basically SSO at DC and another SSO at DR nor SSO at DC and standalone WLC at DR is not recommended or supported.
    There is no problem having 2 SSO's at each site , the DR-SSO playing an N+1 role.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Dear @marce1000 

Thank you so much for the answer.

BR.

 

                             >....Thank you so much for the answer.
   - No problem ; note that when configuring or making configuration changes to 9800 controllers it is always
     very useful to validate the (new) configuration with the CLI command show tech wireless and feed the output from
     that into  Wireless Config Analyzer
                      (Use the full command as mentioned in green , it does not work with show tech)

    M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

yes correct your understanding here.

So make a wise decsion to deploying modes.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Rich R
VIP
VIP

Agreed with Marce - no problem at all with keeping your SSO pair at DC and have either SSO pair or single WLC at your DR site as N+1 backup to the DC.  That's exactly what we do to achieve 99.999% availability.  We have SSO pair in DC1 and SSO pair in DC2 which are N+1 backup for each other.  We put half the APs on each DC so in case of a DC failure only half the APs would have to fail across to the other DC.  That also means under normal operation each SSO pair only runs up to 50% capacity which also avoids the problems with 9800 WLCs not performing well under full load as per https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/technical-reference/c9800-best-practices.html#designforlargescaledeployments and mentioned on various other posts here.

Remember that you need to keep the N+1 WLC configs in sync manually.

 

Review Cisco Networking for a $25 gift card