Configure Wireless Redundancy

About Wireless Controller Redundancy

In a redundancy architecture, one wireless controller is in the Active state and a second controller is in the Standby state. The Standby controller continuously monitors the health of the Active controller via a redundant port. Both controllers share the same configurations, including the IP address of the management interface.

The Standby or Active state of a controller is based on the redundancy Stock Keeping Unit (SKU), which is a manufacturing ordered unique device identification (UDI). A controller with redundancy SKU UDI is in the Standby state for the first time when it boots and pairs with a controller that runs a permanent count license. For controllers that have permanent count licenses, you can manually configure whether the controller is in the Active state or the Standby state.

In this release, a stateful switchover of access points (AP SSO) is supported. An AP SSO ensures that the AP sessions are intact even after a switchover.

Stateful switchover of clients is not supported. This means that nearly all clients are deauthenticated and forced to re-associate with the new controller in the Active state. The only exceptions to this rule are clients on locally switched WLANs on access points in FlexConnect mode.

Prerequisites and Limitations for Redundancy

Before configuring wireless controller redundancy, you must consider the following prerequisites and limitations:

  • Wireless controller redundancy is supported only on the 3500, 5500, 7500, 8500, and Wism2 controllers.
  • The primary and secondary controllers must be of the same hardware model.
  • The primary and secondary controllers must be running the same Controller software release.
  • The IP addresses of the management, redundancy management, and peer redundancy management interfaces must be in the same subnet.
  • The service port IP address and route information is maintained for each device.
  • If the redundancy is enabled on a controller, the Prime Infrastructure or any other device cannot manage the standby controller.
  • You cannot enable the redundancy on a controller if the controller is added to the Prime Infrastructure through the service port. You must delete the controller and add it through the management interface to enable the redundancy on that controller.
  • When there is an audit mismatch between a controller and the Prime Infrastructure, you must not restore the redundancy parameters from the Prime Infrastructure on to the controller. However, you can refresh the redundancy parameters in the Prime Infrastructure.
  • Before you enable the redundancy, you must download the certificates for each device.
  • Configuration is downloaded from the network to the active controller, and then the details are transferred to the standby controller through the redundancy interface.
  • When an old active controller pairs up with the new active controller, the control is not transferred back to the old active controller and it becomes the standby controller for the new active controller.

Configure Redundancy Interfaces

There are two redundancy interfaces: redundancy-management interface and redundancy-port interface. The redundancy-management interface is a local physical management interface that shares the subnet mask, gateway, and VLAN ID from the management interface. You must configure only the IP address for the redundancy-management interface to enable redundancy on the primary and secondary controllers. The IP address for the redundancy-port interface is auto-generated and it is used internally.

Procedure

Step 1

Choose Configuration > Network > Network Devices.

Step 2

In the Device Groups area, expand Device Type, then expand Wireless Controller.

Step 3

Select the group of wireless controllers that match the device you have chosen as the primary controller (for example: Cisco 5500 Series Wireless LAN Controllers). Members of this device group are displayed on the right.

Step 4

Click on the Device Name of the primary controller.

Step 5

Click the Configuration tab.

Step 6

From the left sidebar menu, choose Redundancy > Global Configuration. The Global Configuration page appears.

Step 7

In the Redundancy-Management IP text box, enter an IP address that belongs to the management interface subnet.

Step 8

Click Save.

Configure Redundancy on Primary Controllers

Procedure

Step 1

Choose Configuration > Network > Network Devices.

Step 2

In the Device Groups area, expand Device Type, then expand Wireless Controller.

Step 3

Select the group of wireless controllers that match the device for which you have configured the redundancy-management interface IP address (for example: Cisco 5500 Series Wireless LAN Controllers). Members of this device group are displayed on the right.

Step 4

Click on the Device Name of the controller for which you have configured the redundancy-management interface IP address.

Step 5

Click the Configuration tab.

Step 6

From the left sidebar menu, choose Redundancy > Global Configuration. The Global Configuration page appears.

Step 7

You must configure the following parameters before you enable the redundancy mode for the primary controller:

  1. Redundancy-Management IP—The IP address of the local physical management interface, which you had configured in the redundancy-management interface details page is displayed. You can also modify the IP address.

  2. Peer Redundancy-Management IP—Enter the IP address of the peer redundancy-management interface.

  3. Redundant Unit—Choose Primary.

  4. Mobility MAC Address—Enter the virtual MAC address for the redundancy pair. Ensure that the mobility MAC address that you enter is the same for both primary and secondary controllers.

Step 8

Click Save. The Enabled check box for the redundancy mode becomes available.

Step 9

Select the Enabled check box for the redundancy mode to enable the redundancy on the primary controller.

After you enable the redundancy, you cannot modify the Redundancy-Management IP, Peer Redundancy-Management IP, Redundant Unit, and Mobility MAC Address parameters.

You cannot configure this controller during the redundancy pair-up process.

Step 10

Click Save. The configuration is saved and the system reboots.

Configure Redundancy on Secondary Controllers

Procedure

Step 1

Choose Configuration > Network > Network Devices.

Step 2

In the Device Groups area, expand Device Type, then expand Wireless Controller.

Step 3

Select the group of wireless controllers that match the device you have selected to act as the secondary controller (for example: Cisco 5500 Series Wireless LAN Controllers). Members of this device group are displayed on the right.

Step 4

Click on the Device Name of the secondary controller.

Step 5

Click the Configuration tab.

Step 6

From the left sidebar menu, choose Redundancy > Global Configuration. The Global Configuration page appears.

Step 7

You must configure the following parameters before you enable the redundancy mode for the secondary controller:

  1. Redundancy-Management IP—Enter the IP address of the local physical management interface. This IP address must be the same as the IP address of the peer redundancy-management interface of the primary controller.

  2. Peer Redundancy-Management IP—Enter the IP address of the peer physical management interface. This IP address must be the same as the IP address of the local physical management interface of the primary controller.

  3. Redundant Unit—Choose Secondary.

  4. Mobility MAC Address—Enter the virtual MAC address of the redundancy pair. Ensure that the mobility MAC address that you enter is the same for both primary and secondary controllers.

Step 8

Click Save. The Enabled check box for the redundancy mode becomes available for editing.

Step 9

Select the Enabled check box for the redundancy mode to enable the redundancy on the secondary controller.

After you enable the redundancy, you cannot modify the Redundancy-Management IP, Peer Redundancy-Management IP, Redundant Unit, and Mobility MAC Address parameters.

You cannot configure the primary controller during the redundancy pair-up process.

Step 10

Click Save. The configuration is saved and the system reboots.

Monitor Redundancy States

After redundancy mode is enabled on the primary and secondary controllers, the system reboots. The redundancy state for both the controllers becomes Enabled in the Wireless Controller Members list page. The following traps are triggered:

  • RF_SWITCHOVER_ACTIVITY—This trap is triggered when the standby controller becomes the new active controller.
  • RF_PROGRESSION_NOTIFY—This trap is triggered by the primary or active controller when the peer state changes from Disabled to StandbyCold, and then to StandbyHot.
  • RF_HA_SUP_FAILURE_EVENT—This trap is triggered when the redundancy fails because of a discrepancy between the active and the standby controllers.

For more information about these traps, see Cisco Prime Infrastructure Alarms and Events.

You can view the redundancy state details, including the local and peer state, unit, IP addresses of the redundancy management, peer redundancy management, redundancy port, peer redundancy port, and peer service port of the paired controller.

To view these details, choose Monitor > Managed Elements > Network Devices > Device Type > Wireless Controller > Controller Group > Controller > Device Details > Redundancy > Redundancy States.

Configure Peer Service Port IPs and Subnet Mask

You can configure a peer service port IP address and a subnet mask only when the state of the peer controller is in StandbyHot. Ensure that DHCP is disabled on the local service port before you configure the peer service port IP address.

Procedure

Step 1

Choose Configuration > Network > Network Devices.

Step 2

In the Device Groups area, expand Device Type, then expand Wireless Controller.

Step 3

Select the group of wireless controllers that contains the primary or active controller. Members of this device group are displayed on the right.

Step 4

Click on the Device Name of the primary or active controller.

Step 5

Click the Configuration tab.

Step 6

From the left sidebar menu, choose me Redundancy > Global Configuration. The Global Configuration page appears.

Step 7

Complete the following fields:

  1. Peer Service Port IP—Enter the IP address of the peer service port.

  2. Peer Service Netmask IP—Enter the IP address of the peer service subnet mask.

Step 8

Click Save.

Add Peer Network Routes

You can add a peer network route on an active controller only when the state of the peer controller is in StandbyHot. A new network route table is maintained. When the standby controller becomes active, the entries of the network route table swaps with the entries of the peer network route table.

Procedure

Step 1

Choose Configuration > Network > Network Devices.

Step 2

In the Device Groups area, expand Device Type, then expand Wireless Controller.

Step 3

Select the group of wireless controllers that contains the controller for which you have configured the redundancy-management interface IP address. Members of this device group are displayed on the right.

Step 4

Click the Device Name of the controller for which you have configured the redundancy-management interface IP address.

Step 5

Click the Configuration tab.

Step 6

From the left sidebar menu, choose Redundancy > Peer Network Route > .

Step 7

Choose Select a command > Add Peer Network Route > Go. The Peer Network Route Details page appears.

Step 8

Complete the following fields:

  1. IP Address—Enter the IP address of the peer network route.

  2. P Netmask—Enter the subnet mask of the peer network route.

  3. Gateway IP Address—Enter the IP address of the peer network route gateway

Step 9

Click Save. The peer network route is added.

Reset and Upload Files from the Secondary Server

You can reset the secondary server when the secondary server is in the StandbyHot state and the high-availability pairing process is complete. You can also upload the files from the secondary server to the primary server.

Procedure

Step 1

Choose Configuration > Network > Network Devices.

Step 2

In the Device Groups area, expand Device Type, then expand Wireless Controller.

Step 3

Select the group of wireless controllers that contains the controller for which you have configured the redundancy-management interface IP address. Members of this device group are displayed on the right.

Step 4

Click on the Device Name of the controller for which you have configured the redundancy-management interface IP address.

Step 5

Click the Configuration tab.

Step 6

From the left sidebar menu, choose Redundancy > Redundancy Commands.

Step 7

Under Administrative Commands, choose Select a command > Reset Standby > Go to reset the secondary server.

Step 8

Under Upload/Download Commands:

  1. Choose the transport protocol you want to use when uploading files from the secondary to the primary server (TFTP is the default).

  2. ChooseSelect a command > Upload File from Standby Controller > Go to upload files from the secondary to the primary server.

Disable Redundancy on Controllers

When you disable redundancy on the controller, both active and standby controllers reboot. You must refresh the configuration from the device to remove any audit mismatches in the redundancy parameters. The active controller becomes a standalone controller and the standby controller reboots with all the ports disabled.

Procedure

Step 1

Choose Configuration > Network > Network Devices.

Step 2

In the Device Groups area, expand Device Type, then expand Wireless Controller.

Step 3

Select the group of wireless controllers that contains the controller on which you want to disable redundancy. Members of this device group are displayed on the right.

Step 4

Click on the Device Name of the controller on which you want to disable redundancy.

Step 5

Click the Configuration tab.

Step 6

From the left sidebar menu, choose Redundancy > Global Configuration. The Global Configuration details page appears.

Step 7

Unselect the Enabled check box for the Redundancy Mode on the selected controller.

Step 8

Click Save. The configuration is saved and the system reboots.