WLC Mobility Groups and Internal DHCP

da.newman · ‎05-07-2012

How do Mobility Groups work with internal DHCP scopes on a WLC 5508?

We have a WLC 5508 with two internal DHCP scopes which redirect to captive portals for authentication. I am looking at putting in a second WLC in a mobility group setup to provide some WLC redundancy. The LWAPs will be setup so that every second AP is on the has the second WLC as its primary controller. If the primary WLC fails we want the secondary to be able to take over and issue IP's from the internal scope. How do you set this up with a Mobility group so the second WLC does not act as a rouge DHCP server while the primary WLC is still active?

blakekrone · ‎05-07-2012

When you setup the interfaces or the WLANs you will specify which DHCP server to use. By specifying the local WLC the local WLC will respond to DHCP requests for requests from clients residing on the WLC only. DHCP requests are not passed via mobility group membership messages. Think of each WLC has their own server, no idea what is going on elsewhere.

da.newman · ‎05-16-2012

Thanks Blakekrone for the clarification regarding this.

As each WLC eachs as there own "server" is there a way to force all traffic from a centrally switch SSID over two controllers to only exit out of a single controller?

To clarify this we have a centrally switched SSID which terminates on the WLC1 in the image below which send that traffic to the firewall connected to a port on the WLC for filtering. We have a second WLC in another data centre which will in future be connected to a backup firewall however for the moment is there anyway to utilise this controller for AP management but force the traffic from a centrally switched SSID's subnet out of the interface on the WLC1?

Would a mobility anchor on the first controller allow this?

maldehne · ‎05-16-2012

You can define mobility anchor as WLC1 on the ssid defined on WLC2 but make sure that you have the same ssid defined

on WLC1 with the same exact config except the WLAN id and interface.

IP address will be assigned to the clients throught the Anchor controller ( WLC1 ).

In genreal when you have moility anchor defined on certain WLAN on foreign and anchor controller, All L2 stuff is done on Foreign and L3 is handled on Anchor.

I hope this has been infromative for you.

Regrads

-----------------------------------------------

Pleaes make sure to rate ( flag ) correct answers

alois.heilmaier · ‎08-04-2012

I do have a similar question on dhcp server scope but with redundant anchor controllers, I think it is nearly the same like with 2 internal controllers in the same local mobility group.

Do you know what happens if I divide one IP subnet to 2 scopes and a failover, e.g. controller reboot, happens ?

E.g. subnet 10.1.1.0/24, controller 1 dhcp-server-scope 10.1.1.3 - 10.1.1.127, controller 2 dhcp-server-scope 10.1.1.128 - 10.1.1.254 ?

Will the failover client hold it's ip address until lease expires ?

Will the failover client get a new ip address of the other scope on failover ?

Regards

Alois

Scott Fella · ‎08-04-2012

The failover client will have to do a dhcp request and get a new ip and then log back on.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Saravanan Lakshmanan · ‎08-26-2012

when internal dhcp server used, same rule applicable as when using two different dhcp server, be sure to have non overlapping dhcp scope on both the dhcp servers to avoid duplicate IPs getting assinged.

As each WLC eachs as there own "server" is there a way to force all traffic from a centrally switch SSID over two controllers to only exit out of a single controller?

Yes, through static anchoring the WLAN. however this wouldn't give WLC redundancy.