Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1020
Views
20
Helpful
6
Replies

NON-LAG multihoming WLC 5520 options in VxLAN EVPN environment?

j.hammel
Level 1
Level 1

‎12-21-2022 07:56 AM

Good day-

WLC 5520 is currently (LAG) multihomed to a pair of VSS Catalyst 6807 switches via a port channel.  We are migrating off the 6807 to a VxLAN EVPN overlay on a pair of standalone Catalyst 9606 switches both connected via a Layer 3 /30 link.  I understand LAG (and LACP) is not support in VxLAN EVPN environment.  I think the official wording from Cisco is "cross-linking between VTEPs is not supported". 

I'm wondering what our options are to have some kind of redundancy utilizing both interfaces of the 5520 WLC?  There will be a time that we need to update/patch a C9606 and, when that reboots, we lose the WLC if it is single-homed to that 9606.

I welcome any suggestions if someone has already crossed this bridge. 

PS - We have successfully used the recommendations in the URL below for multi-homing a single switch to two different VTEPs but I don't think this applies to WLC LAG group. 

 https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/17-6/configuration_guide/vxlan/b_176_bgp_evpn_vxlan_9300_cg/m9-176-bgp-evpn-vxlan-multi-homing.html

Thanks in advance for any guidance or suggestions.

0 Helpful
6 Replies 6

Arshad Safrulla
VIP Alumni
VIP Alumni

‎12-21-2022 10:32 AM

First I would have considered stacking 9606 (stack wise virtual) then configuring it as a VTEP. In fact, this is what cisco ps team recommended for one of the deployments I was part of. This will enable you to have MCLAG natively. 

Options you have is very limited, I would suggest that if you have WLCs in SSO then connect the active WLC to one VTEP and the other to another VTEP. If not, you have to think of complex usage of IP SLA or track bundled with an EEM script.

___________________________________________
TAC recommended codes for AireOS WLC's
Best Practices for AireOS WLC's
TAC recommended codes for 9800 WLC's
Best Practices for 9800 WLC's
Cisco Wireless compatibility matrix
___________________________________________
Arshad Safrulla

j.hammel
Level 1
Level 1
In response to Arshad Safrulla

‎12-22-2022 04:16 PM - edited ‎12-22-2022 04:17 PM

Thank you for the reply.  The challenge with having a stacked VTEP is that when we need to patch/upgrade the IOS when the stack reboots, all downstream VTEPs are offline.  I'm aware of ISSU but have heard nightmares associated with that ISSU not going well.  

Regardless of what Cisco recommends, we are in this place - two spine VTEPs that I'd like to each have connectivity to the (SINGLE) WLC, even if it is an active/standby configuration.  It appears this is not possible but I'm still looking.  This challenge might push us forward at a faster pace to migrate off WLC to cloud-based controller.  I appreciate your response above!

0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to j.hammel

‎12-22-2022 05:19 PM

After reading this, my thought would be to disable LAG and set an interface as primary and another as secondary backup port. That would allow you to connect to each switch.

When LAG is disabled, each interface is mapped to at least one primary port, and some interfaces (management and dynamic) can be mapped to an optional secondary (or backup) port. If the primary port for an interface fails, the interface automatically moves to the backup port. In addition, multiple interfaces can be mapped to a single controller port.
-Scott
*** Please rate helpful posts ***

j.hammel
Level 1
Level 1
In response to Scott Fella

‎01-03-2023 01:31 PM

Thanks Scott!  Awesome thoughts and this sounds exactly like what I'm looking for.  Since I haven't done this, even in a lab environment, I'm guessing I need to configure (in GUI) Controller > General > 'LAG Mode on next reboot' to <DISABLED> and then save and reboot.  Not sure of what else is needed and I'm somewhat concerned that, if doing this, I lock myself out of the WLC once it's rebooted.  I have this URL below as a 'go-by' for general reference and, for certain, will have multiple backups of the WLC saved to my laptop and will verify I can access via console BEFORE making changes away from LAG. 

Thanks again Scott and to the rest for your input.  I appreciate your posts!  (URL I'm using as a reference:  Yes.  We're on 8.5 because of legacy APs still registered to controller  https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/config-guide/b_cg85/ports_and_interfaces.html

0 Helpful

Haydn Andrews
VIP Alumni
VIP Alumni

‎12-21-2022 01:27 PM

couple of topologies in here:

https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-1/HA_SSO_DG/High_Availability_DG.html#pgfId-78132

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***

j.hammel
Level 1
Level 1
In response to Haydn Andrews

‎12-22-2022 04:20 PM

I appreciate the reply.  I don't think I was clear in my original post that I only have a single WLC in this environment so HA / WLC failover doesn't really apply here as we only have one WLC. 

I appreciate the reply, nonetheless.  Cheers and Be Well...

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card