Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
1509
Views
120
Helpful
10
Replies

Roaming between controllers without mobility group config

Go to solution
Kris83
Level 1
Level 1

ā€Ž02-25-2022 03:16 AM - edited ā€Ž02-25-2022 04:00 AM

Hi,

I have 2 x 8450 controllers. IOS verion of both is 8.5.151.0 and they are on a different subnets. One in Europe and one in US with no mobility group created between them.

I'm on site A where a few APs are associated with WLC in US and few APs are associated with EU controller. This is just a temp solution to test roaming. All APs are configured with the same flexconnect group and using the same WLANs. Fast transition is set to 'Adaptive'.

I'm able to roam seamlessly between APs. I was sure the mobility group must be created so the clients can roam between 2 different controllers but this is not the case. Can someone please explain how roaming is working without mobility groups?

Thank you.

 

 

Labels:
4 Accepted Solutions

Accepted Solutions

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

ā€Ž02-25-2022 04:11 AM

You should read up in mobility groups. That would reference what mobility groups does when controllers are added to the same group.  Make sure you are using 802.1x and then run a debug on the client while also looking at the logs on the radius server. See if you see a difference between when mobility group is enabled and disabled. That can help you see if there is a difference or not. Also keep in mind that RF groups help with RRM when there are multiple controllers in an environment. 

-Scott
*** Please rate helpful posts ***

View solution in original post

Go to solution
Flavio Miranda
VIP
VIP

ā€Ž02-25-2022 04:31 AM - edited ā€Ž02-25-2022 04:32 AM

Hi

 Are they roaming or are they fastly disconnecting and re-connecting on the other WLC?  If you run a ping command and walk through the area, how many packets does it loss?

You are correct.  If WLC is not added to the other Mobility group, they will not exchange clients information, therefore, roaming should not occour.

 

 

View solution in original post

Go to solution
Flavio Miranda
VIP
VIP
In response to Kris83

ā€Ž02-25-2022 06:09 AM

Thats correct.  To make sense to me, according to cisco docs, without Mobility Group, there should be no Roaming .

But, with 802.1x or even PSK and network profile saved on the client, it is perfect possible to move realy smoothly.

If you have Prime, it is easy to see where clients has been. 

 

On the wireless wlc, you can run:

show client roam-history client_mac

View solution in original post

Go to solution
Kris83
Level 1
Level 1

ā€Ž03-04-2022 02:52 AM - edited ā€Ž03-04-2022 02:57 AM

Hi,

after doing some more investigation I wasn't roaming between 2 controllers and as Flavio and Scott mentioned I was re-authenticating really quickly. After adding mobility group between two controllers I didn't see any re-authenticating in radius server anymore and I could see 'Mobility move count' for my client increasing. Thank you all for your input. I appreciate your help.

View solution in original post

10 Replies 10

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

ā€Ž02-25-2022 04:11 AM

You should read up in mobility groups. That would reference what mobility groups does when controllers are added to the same group.  Make sure you are using 802.1x and then run a debug on the client while also looking at the logs on the radius server. See if you see a difference between when mobility group is enabled and disabled. That can help you see if there is a difference or not. Also keep in mind that RF groups help with RRM when there are multiple controllers in an environment. 

-Scott
*** Please rate helpful posts ***

Go to solution
Kris83
Level 1
Level 1
In response to Scott Fella

ā€Ž02-25-2022 09:19 AM

Thank you Scott. I'll do another test Monday and I'll keep an eye on a radius server to see if I'm re-authenticating. Cheers

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to Kris83

ā€Ž02-25-2022 09:37 AM

Keep in mind also, if you plan to keep your implementation like how you have it, you are better off defining the primary and secondary controllers on each ap high availability section.  How you have it now, is not ideal at all.  Open and PSK would be seamless in a way if you are just doing ping, but 802.1x would cause you issues, or should at least.  

-Scott
*** Please rate helpful posts ***

Go to solution
Kris83
Level 1
Level 1
In response to Scott Fella

ā€Ž02-25-2022 09:52 AM

Sure Scott, this is just a temporary solution. Down the road I'm going to have all APs in Europe on EU controller.

Thanks for your input and help. Appreciate it.

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to Kris83

ā€Ž02-25-2022 12:04 PM

Okay sounds good.  As far as roaming between controller that are not in the same mobility group, it would be like roaming between two different systems with the same SSID and authentication.

-Scott
*** Please rate helpful posts ***

Go to solution
Flavio Miranda
VIP
VIP

ā€Ž02-25-2022 04:31 AM - edited ā€Ž02-25-2022 04:32 AM

Hi

 Are they roaming or are they fastly disconnecting and re-connecting on the other WLC?  If you run a ping command and walk through the area, how many packets does it loss?

You are correct.  If WLC is not added to the other Mobility group, they will not exchange clients information, therefore, roaming should not occour.

 

 

Go to solution
Kris83
Level 1
Level 1
In response to Flavio Miranda

ā€Ž02-25-2022 05:34 AM

Hi Flavio,

First of all thank you for your reply. When I walk around with a continuous ping running I'm loosing 1 ping. Perhaps you're right. Maybe i'm not roaming but quickly disconnecting and re-connecting on the other WLC.

I'm going to do some packet capture so hopefully I'll be able to see what's going on.

Go to solution
Flavio Miranda
VIP
VIP
In response to Kris83

ā€Ž02-25-2022 06:09 AM

Thats correct.  To make sense to me, according to cisco docs, without Mobility Group, there should be no Roaming .

But, with 802.1x or even PSK and network profile saved on the client, it is perfect possible to move realy smoothly.

If you have Prime, it is easy to see where clients has been. 

 

On the wireless wlc, you can run:

show client roam-history client_mac

Go to solution
Kris83
Level 1
Level 1

ā€Ž03-04-2022 02:52 AM - edited ā€Ž03-04-2022 02:57 AM

Hi,

after doing some more investigation I wasn't roaming between 2 controllers and as Flavio and Scott mentioned I was re-authenticating really quickly. After adding mobility group between two controllers I didn't see any re-authenticating in radius server anymore and I could see 'Mobility move count' for my client increasing. Thank you all for your input. I appreciate your help.

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to Kris83

ā€Ž03-04-2022 08:01 AM

Glad you ironed all that out.

-Scott
*** Please rate helpful posts ***
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card