Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1419
Views
5
Helpful
4
Replies

WLC 5508 with HSRP and Bandwidth limitation of non LAG implementation

Go to solution
fperez001111
Level 1
Level 1

‎02-24-2019 12:17 PM - edited ‎07-05-2021 09:55 AM

Dear Cisco community,

I am a newbbie on Wireless controller implementations and I require to implement a WLC 5508 in a HSRP core switch configuration. I want to implement certain level of redundancy by connecting the WLC 5508 to both core switches.
Given this redundancy requirement, I cannot activate LAG on the WLC. In addition, all my wireless clients login to a Captive Portal (hosted on my firewall, each dinamically asigned ip address is associated with the corresponding username through this captive portal).

So I have to configure an AP management-port on each port. However I cannot configure multiple dynamic interfaces in the same vlan, as the controller only allows one dynamic interface per vlan. The problem with this is the limitation of bandwidth that this configuration imposes on each vlan. For example, If I configure an SSID associated with the corresponding vlan, the maximun amount of bandwidth for all those users in that SSID (and the corresponding vlan) will be less than 1 Gbps, given that I can only have one dynamic interface on that vlan associated to a single port.

Due the captive portal implementation, I cannot split the ip pool of the wifi clients given the possible re-login efect when the clients change form one access point to another, changing randomly from one vlan (and ip subnet) to another on the same SSID. I don't know if it is possible to map each client to a certain vlan on the same SSID. However, giving the quantity of clients (3000 in the worst case scenario), static mapping becomes a huge and almost unbeareable task.

Is there any possible scenario where I can combine redundancy that provides the multiple non-LAG port configuration and avoid the bandwidth limitation of using only one port of 1 Gbps per vlan? Am I asking too much?

(As far as I know, Yes just buy another WLC for HA deployment!!!......Of course Mr. money bags, as you wish!!!! hehehe)

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Haydn Andrews
VIP Alumni
VIP Alumni

‎02-24-2019 01:28 PM

The WLC HA deployment guide is located here:

https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/7-5/High_Availability_DG.html#pgfId-43215

 

There are a few ways you can achieve the HA you are looking for:

 

  • As you mentioned a second WLC would work configured as either:
    • N+1 
    • SSO
  • You could convert the core switches to use VSS then you could use LAG and then split the ports across the 2 core switches
    • You still do not get any WLC failure redundancy with this though.

 

The other option would be to define a backup port for each of the ports on the WLC and have them going to the second switch.

Unfortunately without LAG you will not get around the bandwidth limitation of 1 Gbps of the 5508 ports.

Therefore the only options to get the HA (for switch failure) with a single WLC and gain more bandwidth, is VSS on the core switch.

 

 

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***

View solution in original post

4 Replies 4

Go to solution
Haydn Andrews
VIP Alumni
VIP Alumni

‎02-24-2019 01:28 PM

The WLC HA deployment guide is located here:

https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/7-5/High_Availability_DG.html#pgfId-43215

 

There are a few ways you can achieve the HA you are looking for:

 

  • As you mentioned a second WLC would work configured as either:
    • N+1 
    • SSO
  • You could convert the core switches to use VSS then you could use LAG and then split the ports across the 2 core switches
    • You still do not get any WLC failure redundancy with this though.

 

The other option would be to define a backup port for each of the ports on the WLC and have them going to the second switch.

Unfortunately without LAG you will not get around the bandwidth limitation of 1 Gbps of the 5508 ports.

Therefore the only options to get the HA (for switch failure) with a single WLC and gain more bandwidth, is VSS on the core switch.

 

 

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***

Go to solution
fperez001111
Level 1
Level 1
In response to Haydn Andrews

‎02-27-2019 08:41 AM

I guess VSS is the path I should follow.

 

Thanks for your help

0 Helpful

Go to solution
patoberli
VIP Alumni
VIP Alumni

‎02-25-2019 08:48 AM

1 Gbps is usually enough bandwidth for ~1000 clients (more or less) for mixed traffic. Of course this number can vary wildly, but you'd be surprised how far this reaches.
But have a look at the N+1 variant, this might work for your deployment.
0 Helpful

Go to solution
superego
Level 1
Level 1

‎02-25-2019 12:19 PM

Hi,

 

Can you not configure LAG in WLC then Port-channel on the switch and use different VLANs for captive portal and non-captive portal?

 

In my previous implementations either N+1 or SSO, I just use LAG for everything and use different VLANs.  You can extend the VLAN to the firewall or firewall can bridge the 2 VLANs, etc.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card