Solved: Re: Wireless Lan Controller 5508 multiple AP-manager interfaces

akisbouza · ‎02-22-2011

VSS port 1/1/1 --> WLC Port 1 Mgmt

VSS port 2/1/1 --> WLC Port 2 AP-Manager 2

VSS port configuration 1/1/1-2

switchport
switchport trunk encapsulation dot1q
switchport trunk native vlan 114
switchport trunk allowed vlan 114-116
switchport mode trunk
speed 1000
duplex full

Controller Port 1

Interface Address	Mgmt

VLAN Identifier
IP Address
Netmask
Gateway

Physical Information

Port Number
Backup Port
Active Port
Enable Dynamic AP Management

Controller Port 2

Physical Information	AP-Manager2

Port Number
Backup Port
Active Port
Enable Dynamic AP Management
Interface Address

VLAN Identifier
IP Address
Netmask
Gateway

Thats my configuration

When i shut down VSS port 1/1/1 all traffic failover to VSS port 2/1/1.However when i open again port 1/1/1 WLC loses all access points.

Is my configuration ok?

The Mgmt and AP-Manager interfaces should be in the same vlan?

Dynamic AP Management is enabled in both interfaces

I would appreciate any suggestion

Thank you

bbxie · ‎02-23-2011

Don't know where you got the message from Cisco that they may or may not in the same vlan, however In the page 3-7 of WLC configuration guide 7.0, it clearly says that:

For Cisco 5500 Series Controllers in a non-link-aggregation (non-LAG) configuration, the management interface must be on a different VLAN than any dynamic AP-manager interface. Otherwise, the management interface cannot fail over to the port that the AP-manager is on.

So give it a try and see what happened.

View solution in original post

George Stefanick · ‎02-22-2011

is there a reason why you arent using LAG?

So 1/1/1 is your WLC managment interface and NOT your AP MANAGER 1?

Also AP MANAGER 2 only shows port 2 and no back up ...if port 2 on your WLC goes down i would have reason to believe you will lose your APs.

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

Leo Laohoo · ‎02-22-2011

You don't need to configre AP Manager on a 5508.

bbxie · ‎02-22-2011

For Cisco 5500 Series Controllers in a non-link-aggregation (non-LAG) configuration, the management interface must be on a different VLAN than any dynamic AP-manager interface. Otherwise, the management interface cannot fail over to the port that the AP-manager is on.

weterry · ‎02-22-2011

So you have a 5508 with a Management Interface on Port 1 (backup Port2).

This Management Interface is marked as Dynamic AP-Manager.

You have an AP-Manager2 on Port 2 in the same subnet (you cannot have a backup for AP-Manager).

I don't see any problem with this configuration, but I think LAG should function across the VSS pair. LAG would give you a little more functionality.

Anyhow, back to your problem.

With both ports up, you should see APs split between Port 1 and Port 2. Right? Do you see that?

When you disconnect Port 1, all the APs connected to Port 2 should stay connected. Do you see that?

All the APs connected to Port 1 will likely re-discover the WLC and join Port 2 (AP-Manager2). Do you see that?

I believe the Management Interface will cease AP-Manager role on Port 2, since there is already an AP-Manager.

My expectation would then be that when Port 1 is connected again, the Management interface will move back to Port 1 and will start being an AP-Manager again.

I would not expect any APs to disconnect from Port 2, which sounds like is what you are seeing.

So... if APs are disconnecting from Port 2 when Port 1 is put back in, then you'd want to track down exactly what the AP was talking to at that time, and why it can't talk to it anymore......

akisbouza · ‎02-23-2011

Thank you for your replies

@George Stefanick

We are not using LAG as we have to change the load balancing method in our VSS which is

EtherChannel Load-Balancing Configuration:
src-dst-ip vlan included

I read that we have to use src-dst-ip vlan excluded and we are afraid that we may face problems with that in our VSL Links

@bbxie

a non-link-aggregation (non-LAG) configuration, the management interface must be on a different VLAN than any dynamic AP-manager interface.

Cisco says that it may or may not be in the same Vlan.

@Weterry

With both ports up, you should see APs split between Port 1 and Port 2. Right? Do you see that?

With both ports up they are not splitted. All AP are binded to Port 1 as its the first AP-Manager created.

When you disconnect Port 1, all the APs connected to Port 2 should stay connected. Do you see that?

Yes all APs connect to Port 2

When Port 1 is up again i lose some access points. I have to shut down Port 2 in order all APs to bind to Port 1 again.

I went a bit further yesterday as i read in a thread https://supportforums.cisco.com/message/1276736#1276736

that failover is not working well due to a bug CSCta09996 so i decided to change my APs from static ip to DHCP.I have to say that at first my AP's got ip from Internal DHCP which i made it static from the controller. Yesterday i removed the static ip option from every AP.

The result is that i lost almost all my APs. APs are now not related to the WLC.

I removed the second link but still the same.

What i see from the Internal DHCP Server is that AP's get an ip address but after a minute the lease remaining time refreshes to 1 day again and again.

Should i try to use an external DHCP Server?

Also its difficult to console to the APs as they are mounted in the roof

akisbouza · ‎02-23-2011

I finally managed to get back my Access Points.

With the configuration shown above when i reboot my Controller half of my access point join the controller at Port 1

The other half never join the controller unless i shut down Port 2 of the Controller.Its like they are trying to join the AP-Manager2 but never get to.

So i guess that my above configuration is not right.

Should i use a differnet IP and Vlan for the AP-Manager 2 interface?

However i wonder how the AP will find the second controller..

Cisco's example http://www.cisco.com/en/US/docs/wireless/controller/7.0/configuration/guide/c70mint.html

is very confusing they are using 209.165.200.225 ip for AP-Manager2 with gateway 10.10.99.1 in VLAN 99

Could anyone explain?

Thank you

bbxie · ‎02-23-2011

Don't know where you got the message from Cisco that they may or may not in the same vlan, however In the page 3-7 of WLC configuration guide 7.0, it clearly says that:

For Cisco 5500 Series Controllers in a non-link-aggregation (non-LAG) configuration, the management interface must be on a different VLAN than any dynamic AP-manager interface. Otherwise, the management interface cannot fail over to the port that the AP-manager is on.

So give it a try and see what happened.

akisbouza · ‎02-23-2011

Dear bbxie

In the same configuration guide in page 3-40 it says

Note

AP-manager interfaces do not need to be on the same VLAN or IP subnet, and they may or may not be on the same VLAN or IP subnet as the management interface. However, we recommend that you configure all AP-manager interfaces on the same VLAN or IP subnet.

However i will give it a try today with a different ip and will see.Hope it works.

Thank you

akisbouza · ‎02-24-2011

Yep now it is working!

I changed AP-Manager 2 Ip address and Vlan and now when i boot my controller my access points are load balanced between ports 1 & 2 of the controller.

Thank you all very much for help!

bbxie you were right

bbxie · ‎02-24-2011

Glad to hear the problem had been resolved.

Cisco's documents sometimes are bit confusing, it's better to have a try. So the "maybe not" refers to the 5500+Non-LAG situation.