cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2942
Views
0
Helpful
12
Replies

Requirements for VLAN select feature in 5508 WLC

Lovro Lazarin
Level 1
Level 1

Hello,

We implemented WLC 5508 software version 7.3, with 8 Aironet devices, most of them are AIR-LAP1131AG-E-K9, and two AIR-LAP1242AG-E-K9.

I could really have benefits of VLAN select feature, but I noticed that it's not working like it should. Two interfaces are in Interface group, but from 45 clients only few of them has IP address from one subnet, others have from second sub.

I see requirements for this to work is 32 MB of flash on LWAP devices..I only have 16 MB..

Is there a way to work this thing out? upgrade of flash on devices or something ?

Thank you in advance and kind regards..

Lovro

1 Accepted Solution

Accepted Solutions

I guess I was assuming you were doing AAA override.  So if the AP's are in local mode, will not work in FlexConnect, and the interface group is defined in the WLAN or in the AP Group, it should work. 

So since the WLC knows of the clients, your best bet is to bounce the WLC before you do your testing so the algorithm starts over.  Then look at the clients ip address and also look at what AP's they are connected to and see if you see a pattern.  See if the clients on the 1131 are working and not the 1242 or vice vesa.  I doubt that your interface is marked dirty unless you are using small subnet's.  To check that, in the CLI you would issue:

show interface group detailed 

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

View solution in original post

12 Replies 12

Scott Fella
Hall of Fame
Hall of Fame

Platforms Supported

This feature is supported on all Lightweight APs (LAPs) with 16MB or more flash space.

LAPs Supported: 1120, 1230, 1130, 1140, 1240, 1250, 1260, 3500 and 1522/1524

Controllers Supported: 7500, 5508, 4402, 4404, WISM, WiSM-2, 2500, 2106, 2112, 2125

Note: Controllers will support these number of Interface groups/Interfaces:

WiSM-2, 5508, 7500, 2500 -- 64/64
WiSM, 4400, 4200 –- 32/32
2100 and NM6 series -- 4/4
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Tnx for reply,

I saw that, but that is for 7.0, newest article has different specs ??

http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080bb4900.shtml?referring_site=smartnavRD

Platforms Supported

This feature is supported on all Lightweight APs with 32MB or more flash space:

  • LAPs supported: 1130, 1140, 1240, 1250, 1260, 3500, 3600, 1260, and 1522/1524
  • Controllers supported: 7500, 5508, WiSM-2, and 2500

Note: Controllers will support this number of interface groups/interfaces:

  • WiSM-2, 5508, 7500, 2500 -- 64/64

Also that doesn't explain why is that not working for me..like I said there is ratio 95:5 in favor of one VLAN against other, that feature should not work like that I suppose?

How can I debug is that feature works or not? logs?

Regards,

L

Well on the 7.3, they changed the requirements so that could of been an issue in the past and Cisco found out that 32MB had less issues.... How do you troubleshoot why the AAA override is not working... look at the radius logs and see if it changed the vlan ID and then look at the client log on the monitor tab and see what interface the WLC put that client on.  The issue you will have is that since this is docuemnted, TAC will not support any AP's that only have 16MB when using this feature.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

Who mentioned AAA override, and radius based VLAN assigment??

I'm not sure about the memory requirements and the affects of not meeting them; however, I would assume that by defining and using interface groups, the interface/VLAN assignments should be handled in a round robin fasion.  That's my understanding so I'm not sure why you would see such a strange ratio.  Please update with more information as it becomes available.  Thx! //art

Hi, tnx for joining the discussion.

It's not exactly r-r fashion, you can check link that I posted previously, but anyway it's not working like it should that's obvious.

Now I'm testing AP groups solution, to manually optimize VLAN address assignment, but that is also not working for me.

I'll test and check my configuration, to try to figure out what I'm doing wrong, and get back with results.

Tnx
L

Thx L - as usual, I need to read before speaking

Interesting topic though.  I would assume that the MAC hashing algorithm used would be similar to how etherchannel maintaines load balancing (src-dst) etc..  What I don't quite understand is the definition of "dirty".  What makes an interface "dirty"?  Given the flow chart depicted in the link you sent, I'm wondering how the interface assignments are kept in te switch.  I'm assuming you create the interfaces, create the interface group, assign the interfaces to the group and finally assign the interface group to the WLAN.  During all this time, how are the stations using that WLAN being handled?  Almost should clear everything out, create the group tied to the wlan, THEN join the stations one at a time and see what interface they get assigned to.  At that point it should be balanced.  Also, it's my understanding that those stations should keep their assigned interface the next time they connect unless there is a "dirty" condition which I don't quite understand yet.

Anyway - rambling now.  Loking forward to your test results.  Thx again! //art

I guess I was assuming you were doing AAA override.  So if the AP's are in local mode, will not work in FlexConnect, and the interface group is defined in the WLAN or in the AP Group, it should work. 

So since the WLC knows of the clients, your best bet is to bounce the WLC before you do your testing so the algorithm starts over.  Then look at the clients ip address and also look at what AP's they are connected to and see if you see a pattern.  See if the clients on the 1131 are working and not the 1242 or vice vesa.  I doubt that your interface is marked dirty unless you are using small subnet's.  To check that, in the CLI you would issue:

show interface group detailed 

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

Hi,

Great suggestion Scott, resetting WLC did the work! I guess it's best practice after setting up everything reset it so that algorithm can start over..

One more question, how can I debug Radius authentication a bit more in detail than what I have in GUI?

Something like what I had when LAP was in autonomous mode ?

@Art, you are right with your assumption, interfaces into groups, groups to WLAN.

My problem was, I guess, that I started my configuration with plain Interface, one subnet, assigned that to WLAN and start testing. After I moved to interface groups, algorithm remembered Interface assignment from previous conf and assigned same interface to the same clients. That is my understanding of the problem.

Interface is dirty if for some reason IP address could not be assigned from that pool (unreachable, dhcp scope exhausted, etc..)

Thank you all and kind regards,

L

Scott Fella
Hall of Fame
Hall of Fame

Glad you got it working... And yes the WLC remembers the original interface and after the new interface was added to the group, then any new devices would be placed on that interface but following the round robin sort of way using the algorithm.

Here is a good doc to debug clients

http://www.cisco.com/en/US/products/hw/wireless/ps430/products_tech_note09186a008091b08b.shtml

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Thanks Scott, you've been very helpful.

Regards,

Lovro

No problem

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: