08-18-2023 01:28 AM
Hello,
I am testing for one of our clients the vWLC with AIREOS 8.10 as a secondary controller to do a progressive firmware upgrade.
I installed the KVM version and it's working fine with flexconnect locally switched. I also have some centrally switched vlans and they have this strange problem:
When i connect a client in 5Ghz 802.11ac to an 1800 AP connected to the vWLC I get 0.5 Mbit/s max in download, and 300Mbit/s in upload.
If I transfer the AP in the client's physical 5520 configured identically to the vWLC on the same vlan, the I get around 300Mbit/s symmetrical download/upload.
I tried also with AIREOS version 8.5 for the vWLC and it's the same. The physical 5520 is at 8.3.
I read in the documentation the vWLC supports only 500Mbit/s max Centrally switched WLANs, so I thought to get something more than 0.5Mbit/s.
I'm kinda sure this is not a wireless problem. I also read about QoS interfering somehow, but don't know how to disable this: i just left it default.
Is anyone using KVM vWLC? I followed Cisco guide for KVM deploy, but any hint is appreciated.
Solved! Go to Solution.
08-28-2023 03:01 AM - edited 08-28-2023 03:01 AM
> This will require a reboot and cause reduced downtime, but maybe the client will accept that.
I disagree - simply unplug the backup WLC - primary keeps running as normal with redundancy down (no SSO backup) - same as if the backup had simply failed.
Then while the old backup is disconnected default the config and then rebuild it as your new WLC. No need to make any change or reboot on the active WLC.
> We are also going to buy support and try to open a TAC.
That could be tricky. Both 5520 and vWLC have already passed the "End of New Service Attachment Date: OS SW" milestone on 31 Jan 2023!
https://www.cisco.com/c/en/us/products/collateral/wireless/virtual-wireless-controller/eos-eol-notice-c51-744428.html
https://www.cisco.com/c/en/us/products/collateral/wireless/5520-wireless-controller/eos-eol-notice-c51-744430.html
If you get support on 9800 then that could be your way in to getting a TAC case open for migration advice.
08-18-2023 03:43 PM
As AireOS is EoL, not worth trying vWLC in that platform.
I would suggest C9800-CL (which support local mode AP as well) and do your testing.
HTH
Rasika
*** Pls rate all useful responses ***
08-19-2023 03:58 AM - edited 08-19-2023 03:58 AM
As I've said on other threads, and echoing what Rasika said, vWLC is almost end of life so you should not be starting new deployments with that now. If you insist then make sure you're using 8.10.185.3 to get the latest available bug fixes (link below). But like Rasika said 9800-CL is your best bet for a virtual WLC.
08-22-2023 12:34 AM - edited 08-22-2023 12:35 AM
Thanks for the answers. I just need the vWLC briefly to do a progressive firmware upgrade of all the APs. I could just upgrade the 5520, but then I will KO all wifi networks for 2 reboots (if the upgrade is a success), and can't do that at the moment.
Can I connect the WLC 5520 with 8.3 with the 9800-CL running catalyst OS? I thought that works only with 8.10.
I will try version 8.10.185.3 as you suggest, but I fear the issue is more KVM platform related. I tried also with VMWare version, but there I get no traffic at all even with vswitch in promiscuous mode. That's why I switched to KVM, that works, but it's just very very slow in download.
08-22-2023 02:32 AM
> Can I connect the WLC 5520 with 8.3 with the 9800-CL running catalyst OS? I thought that works only with 8.10.
No, 8.3 does not support IRCM with 9800. You can use 8.10.185.3 or 8.5.182.108 (link below) AireOS for IRCM with 9800.
> to do a progressive firmware upgrade of all the APs
What are you actually trying to achieve?
08-24-2023 02:02 AM - edited 08-24-2023 02:04 AM
I tried with version 8.10.185.3 on the vWLC as you suggested but the behavior is the same.
I want to do an update of the 5520 from 8.3 to 8.5 and then to 8.10. To be ready then to migrate to a 9800, that we have to buy yet.
Our client business is H24/7 and I don't want to interrupt it twice for half an hour for the 2 reboots. Having the virtual WLC, I can pass and update half of the AP at a time so the clients roam from the adiacent APs without downtime. I already tested this procedure to migrate all the AP in other scenarios with flexconnect WLANs and it worked very well. The vWLC at the end of the procedure is decommisioned, I just need it to work for few weeks or less.
What would you do?
08-24-2023 10:29 AM
Sorry I haven't used vWLC myself so can't talk from experience. Presume you saw in the release notes:
https://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/crn85mr8.html#wlc-vwlc
"FlexConnect central switching is supported in only small-scale deployments, wherein the total traffic on controller ports is not more than 500 Mbps"
If you were getting 300Mbps download you could have already been reaching >500Mbps aggregate traffic on the vWLC?
Presume you already have promiscuous mode enabled on vNIC otherwise it wouldn't be working at all?
Cisco actually discontinued support for central switching altogether on vWLC for a while between 8.0 and 8.2 but it's supposed to work in 8.5, but with no performance guarantees. I guess you could try TAC.
Other options: If you've already replaced some of the other WLCs as you mention, can't you use one of those old ones? Or don't you have a spare you could use? If you don't have any then you might have to take the hit on disrupting service for a short while. If the customer really wanted HA then they would have purchased dual WLC in HA-SSO. Then you could split the SSO pair and use the 2 single controllers for your migration. Since they only purchased a single WLC there's an implicit acceptance of the need for downtime - what was the plan if that one failed?
08-28-2023 01:31 AM
Hello,
yes I read about 500Mbit/s max, and that's would be ok for me. But kvm is going 0,5Mbit/s max in download, and 300Mbit/s in upload. This is my problem.
In vmware I have promiscuos mode enable, but vmare vWLC is not working at all in my environment: I get 0 MBit/s in download (but the client get the ip from the dhcp, with dhcp proxy disabled on the vWLC, so it's not an L2 network problem).
As you also suggested, since I have 2 5520, my plan B is to break the HA of the 2 pysical wlcs and use one to do the trick. This will require a reboot and cause reduced downtime, but maybe the client will accept that.
We are also going to buy support and try to open a TAC.
08-28-2023 03:01 AM - edited 08-28-2023 03:01 AM
> This will require a reboot and cause reduced downtime, but maybe the client will accept that.
I disagree - simply unplug the backup WLC - primary keeps running as normal with redundancy down (no SSO backup) - same as if the backup had simply failed.
Then while the old backup is disconnected default the config and then rebuild it as your new WLC. No need to make any change or reboot on the active WLC.
> We are also going to buy support and try to open a TAC.
That could be tricky. Both 5520 and vWLC have already passed the "End of New Service Attachment Date: OS SW" milestone on 31 Jan 2023!
https://www.cisco.com/c/en/us/products/collateral/wireless/virtual-wireless-controller/eos-eol-notice-c51-744428.html
https://www.cisco.com/c/en/us/products/collateral/wireless/5520-wireless-controller/eos-eol-notice-c51-744430.html
If you get support on 9800 then that could be your way in to getting a TAC case open for migration advice.
08-28-2023 03:40 AM
>I disagree - simply unplug the backup WLC - primary keeps running as normal with redundancy down (no SSO backup) - same as if the backup had simply failed.
>Then while the old backup is disconnected default the config and then rebuild it as your new WLC. No need to make any change or reboot on the active WLC.
OK, I will try this way and let you know how it goes.
I never done this and I was afraid that when the primary WLC sees the mac-address of the secondary UP, it will reboot or go into service mode (drop all on all interfaces but the service one). I guess we'll see how it goes
>That could be tricky. Both 5520 and vWLC have already passed the "End of New Service Attachment Date: OS SW" milestone on 31 Jan 2023!
Thanks for this too.
09-11-2023 02:50 AM
Hello,
I managed to split the two wlc 5520 without downtime:
I unplugged power cord and all interfaces on secondary controller, then rebooted and disabled SSO using console. I changed the management IP to a new one and kept SP and RP disconnected to avoid any strange behavior with the primary controller. Then I reconnected management, joined the secondary controller to mobility group and updated the secondary controller to 8.10.185.3. I'm moving some ap at a time and it seems the wifi users did not perceive any downtime.
The client is not very pleased that now the HA is not instant, but they think it's acceptable. If one controller goes down then al the APs will go down for 5-15 minutes to dowload firmware and reboot. We tested upgrade and downgrade of AP firmware and it works even with 8.3 to 8.10 and vice versa: they don't loose AP group or AP name.
Thanks again for your answers.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide