Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
854
Views
10
Helpful
2
Replies

HSRP and other settings in HA SSO recommended design

Go to solution
Andrey128
Level 1
Level 1

‎10-07-2018 08:16 PM - edited ‎07-05-2021 09:16 AM

Hi,

for HA SSO following topology is being used:

wifi design question.png

 

Core 1 is primary for spanning tree and HSRP VLANs used for SSIDs offered by WLC1(primary) & WLC2(stanby).

WLC1 & WLC2 configured in HA SSO mode and connected via etherchannel to core switches.

 

 

My concern is: should VLAN for management interface have HSRP enabled?

If slot on core1 get faulty and WLC1 physically lost connection to network, then WLC2 become active but for HSRP management interface VLAN still hosted on core1. Can this bring total wifi outage?! 

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎10-07-2018 09:01 PM

I would be careful and understand SSO. You have two checks, one is from the RP port and the other is if the gateway is not reachable. If one of the checks fails, then the device goes into maintenance mode to prevent a split brain. You should test prior to making any changes in production.
-Scott
*** Please rate helpful posts ***

View solution in original post

Go to solution
Deepak Kumar
VIP Alumni
VIP Alumni

‎10-07-2018 10:26 PM

Hi,

Is it possible for MLAG? If yes then your issue will resolve with MLAG, but as a reply to your question:

Yes, you required as HSRP Virtual IP address for management interface as well. Otherwise, Gateway will unreachable and the device will be gone in maintenance mode.

 

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

View solution in original post

2 Replies 2

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎10-07-2018 09:01 PM

I would be careful and understand SSO. You have two checks, one is from the RP port and the other is if the gateway is not reachable. If one of the checks fails, then the device goes into maintenance mode to prevent a split brain. You should test prior to making any changes in production.
-Scott
*** Please rate helpful posts ***

Go to solution
Deepak Kumar
VIP Alumni
VIP Alumni

‎10-07-2018 10:26 PM

Hi,

Is it possible for MLAG? If yes then your issue will resolve with MLAG, but as a reply to your question:

Yes, you required as HSRP Virtual IP address for management interface as well. Otherwise, Gateway will unreachable and the device will be gone in maintenance mode.

 

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card