×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Two WLC 5508 Anchor High Availability

Answered Question
Jan 28th, 2014
User Badges:
  • Participante Destacado,

    Mejor Publicación, Octubre del 2015

Hello.


It's possible use 2 WLC 5508 en ANCHOR MODE in a Active-Active scenario?.


For example, if one WLC get down of service, the other one keep provide service to the anchor clients?.


In this moment we have just one WLC 5508 in Anchor Mode. What i need to configure a ANCHOR high Availability.


Thanks A lot!!!

Correct Answer by Scott Fella about 3 years 6 months ago

ah okay... then you should be fine:)


Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

Correct Answer by Scott Fella about 3 years 6 months ago

If you implement two guest anchors, then you need to split the dhcp scopes between the two.  If you don't, then you will get duplicate ip address.  There is no failover option when you implement two guest anchors as the foreign wlc will load balance between the two guest anchors.  Unless the second guest anchor is not connected and you will connect it when the first one fails, but I would just put both in place and split the dhcp scope.


Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

Correct Answer by Scott Fella about 3 years 6 months ago

Well... the anchor WLC should have a mobility to the foreign WLC(s) not really to each other.  The foreign WLC(s) will have mobility to each of your guest anchors... hope that makes sense:)  The mobility group for the anchors should be different than the foreign..... this is best practice.


To build redundancy for anchors, its the mobility anchor you configure and the auto anchor on the WLC to point to each guest anchor.  You would configure the anchors separately.


Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

Correct Answer by Scott Fella about 3 years 6 months ago

You can have redundant WLC as anchors but if an anchor fails, the user will need to log back in.

There is an HA feature on the WLC but it's mainly for foreign WLC redundancy not anchor redundancy. With multiple guest anchors the foreign WLC will load balance between the two. You will not be able to set a primary or backup.

Sent from Cisco Technical Support iPhone App

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (4 ratings)
Loading.
Correct Answer
Scott Fella Tue, 01/28/2014 - 07:42
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

You can have redundant WLC as anchors but if an anchor fails, the user will need to log back in.

There is an HA feature on the WLC but it's mainly for foreign WLC redundancy not anchor redundancy. With multiple guest anchors the foreign WLC will load balance between the two. You will not be able to set a primary or backup.

Sent from Cisco Technical Support iPhone App

Jorge Plata Vivanco Tue, 01/28/2014 - 08:00
User Badges:
  • Participante Destacado,

    Mejor Publicación, Octubre del 2015

Thanks Scott Fella!.


I understood clearly the Anchor redundancy.


I just need to reply the configuration of the first WLC ANCHOR to the new WLC ANCHOR to apply this redundancy?


Thanks Again.

Correct Answer
Scott Fella Tue, 01/28/2014 - 08:07
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Well... the anchor WLC should have a mobility to the foreign WLC(s) not really to each other.  The foreign WLC(s) will have mobility to each of your guest anchors... hope that makes sense:)  The mobility group for the anchors should be different than the foreign..... this is best practice.


To build redundancy for anchors, its the mobility anchor you configure and the auto anchor on the WLC to point to each guest anchor.  You would configure the anchors separately.


Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

Jorge Plata Vivanco Wed, 01/29/2014 - 07:48
User Badges:
  • Participante Destacado,

    Mejor Publicación, Octubre del 2015

Thanks a lot for your help.


i have a doubt about the DHCP.


The Anchor WLC is the DHCP server of one WLAN for guest.


If we install a second Anchor WLC, what you recommend about the DHCP server in a failover event, because this second ANCHOR WLC will have the same configuration of the firts anchor wlc.


Thanks!!

Correct Answer
Scott Fella Wed, 01/29/2014 - 07:54
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

If you implement two guest anchors, then you need to split the dhcp scopes between the two.  If you don't, then you will get duplicate ip address.  There is no failover option when you implement two guest anchors as the foreign wlc will load balance between the two guest anchors.  Unless the second guest anchor is not connected and you will connect it when the first one fails, but I would just put both in place and split the dhcp scope.


Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

Jorge Plata Vivanco Wed, 01/29/2014 - 07:56
User Badges:
  • Participante Destacado,

    Mejor Publicación, Octubre del 2015

Thanks a lot for your help!!!

Scott Fella Wed, 01/29/2014 - 07:59
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

This is confusing to me:


If we install a second Anchor WLC, what you recommend about the DHCP server in a failover event, because this second ANCHOR WLC will have the same configuration of the firts anchor wlc.


What do you mean the two will have the same configuration?  The hostname and ip should be different.... or are you just stating that the WLAN and DHCP will be the same?  I don't want to tell you something and break your environment, so just trying to clear things up.


Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

Jorge Plata Vivanco Wed, 01/29/2014 - 08:06
User Badges:
  • Participante Destacado,

    Mejor Publicación, Octubre del 2015

I mean about the WLAN and DHCP, this new ANCHOR WLC have other IP address and hostname.


The ssid will be the same in both anchor wlc, just the only difference is the dinamic interface right? Because each anchor controllers needs a different interface for the ssid anchored ( example  Anchor1 192.168.1.2  Anchor2 192.168.1.3) in the same subnet if i use the splitted DHCP.

Correct Answer
Scott Fella Wed, 01/29/2014 - 08:09
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

ah okay... then you should be fine:)


Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

aleopoldie Sat, 11/28/2015 - 16:17
User Badges:
Hello Scott,

I am doing this kind of configuration with 2 WLCs 5520 on the LAN infrastructure (they will be in HA) and 2 WLCs 5520 in the DMZ as anchor and we would like to have some redundancy with the anchor WLCs also. I read your discussion with Jorge and i still have some points that are not clear for me...

- Why the mobility group for the anchor and foreign should be different ?
- What do you mean by if the anchor WLC fails the user will need to log back in ?

Thanks,

-Alex-

Scott Fella Sat, 11/28/2015 - 17:00
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

The reason for the mobility group to be different is best practice. It is so that the AP's will not know about the WLC in the DMZ. Now you can keep everything in the same mobility group if you want, but I do not do it that way.  The state of the device is tied to one of the controllers so if you have an actor controller go down, then the tunnel breaks and the foreign controller needs to now anchor the device to the other anchor controller.  Same situation with two foreign controllers in an N+1 design. 

Hope this helps.

-Scott

aleopoldie Tue, 12/08/2015 - 00:07
User Badges:

Ok thank you Scott,

What would you do if you would have 2 WLC's in the LAN and 2 WLC's in the DMZ ? Would you configure HA for the DMZ WLC's ?

When you have a HA between 2 WLC's in the DMZ, there will be downtime if 1 of the DMZ WLC  go down , right ?


Also , i read a document where it's mentionned the guest anchor priority : http://www.cisco.com/c/en/us/td/docs/wireless/controller/8-1/configurati...

Is it related to the ha anchor WLC's ?


regards,


-Alex-

Scott Fella Tue, 12/08/2015 - 05:59
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

I personally would keep two guest anchors separate to allow the foreign controllers to load balance anchored traffic to either guest anchors.  If one of the guest anchors goes down, yes your guest users would have to login again, but it's guest users. This really shouldn't be an issue to be honest. 

-Scott

*** Please rate helpful post ***

rick505d3 Thu, 02/11/2016 - 01:07
User Badges:

Hi Scott, 


I am in a similar situation where I can either HA two anchor controllers in the DMZ or have them run as N+1. Your personal preference is two guest anchors (N+1). My question is whether the HA anchor controller design is supported ? It will have the advantage that a wireless user (guest, byod, other termination in the dmz) will not need to re-auth which he will be forced to do in the N+1 anchor wlc design. Client SSO works on foreign wlc, does it work on anchor wlc too ?

Thanks, 

Rick.

George Stefanick Thu, 02/11/2016 - 09:40
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, October 2015

We average about 15,000 guest on our network a day. We have them hanging off two 5520s. We just upgrade from 5508 because of the 7,000 client limitation. The 5520 support 20,000 each.


We have 30 or so foreign controllers. 15 / 15 split to each anchor. We did this because we found troubleshooting round robin was problematic. Also its rare we lose an anchor and if we did we would have to manually anchor the WLAN to the new anchor controller. A process that takes just a minute to do. Also if you have anchors in the same mobility group especially with thousands of clients thats a LOT of mobility message updates so we change the mobility names two. 


That just my 2 cents ..

Actions

This Discussion

Related Content