Solved: Anchor Controller (primary & backup)

mcaoile · ‎01-14-2014

Hi Experts,

I have a customer that has an existing 4402 WLC as an anchor controller. Now the customer will replace the 4402 with 2504 (qty=2; primary and backup). To my understanding, in the foreign controller, under wlans > mobility anchor, I will add the IP address and mac address of the new 2504 WLC. it does not show which is primary and backup. Is there a way to configure which 2504 controller will be primary and backup?

Regards,

Rasika Nayanajith · ‎01-15-2014

As per my knowledge you cannot configure a backup anchor controller when configuring mobility-anchor for a WLAN.

HTH

Rasika

**** Pls rate all useful responses ***

View solution in original post

Scott Fella · ‎01-15-2014

You can have multiple anchors but the foreign WLC will load balance between the two. Like Rasika mentioned, you can't configure a primary or backup as I'm a mobility anchor, the traffic is load balanced and decided by the foreign controller.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

View solution in original post

Scott Fella · ‎01-15-2014

I think the OP wanted to decide what anchor WLC the traffic would be tunneled to and what the backup would be. Like if you had two data centers and one anchor in each data center and you wanted all guest traffic to be tunneled to the primary DC. You can't define which anchor the traffic will be tunneled to as it will be load balanced.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

View solution in original post

Rasika Nayanajith · ‎01-15-2014

2504 supports LAG from 7.4.x onwards. So use that feature.

http://www.cisco.com/en/US/prod/collateral/wireless/ps6302/ps8322/ps10315/product_bulletin_c25-722724.html

Also if you are going ahead with 7.4, go with 7.4.121.0 code which is the code I can recommend.

Yes, you can use those two IP for the two 2504 since 2504 only required a management IP (no ap manager required). But you have to decide which foreign controllers talk to which 2504 when guest tunnel termination.(let say if you have 4x foreign WLC, then 2 can talk to one 2504 & the other 2 can talk to 2nd 2504)

Below may help you (though it is not specific to 2504) when configuring this

1.http://mrncciew.com/2013/03/22/auto-anchor-mobility/

2.http://mrncciew.com/2013/03/24/auto-anchor-foreign-mapping/

HTH

Rasika

**** Pls rate all useful responses ****

View solution in original post

Scott Fella · ‎01-20-2014

You can split an ether channel with different WLC's. Basically WLC 1 has a port channel 100, WLC 2 has a port channel 101. That's the only way it will work.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

View solution in original post

Rasika Nayanajith · ‎01-20-2014

Yes, as long as both links from a WLC go to a single physical switch (can be different stack members) you can do the LAG.

You can have both WLCs connect to same DMZ switch & configure LAG as you described.(ie two port channels)

HTH

Rasika

**** Pls rate all useful responses ****

View solution in original post

Rasika Nayanajith · ‎01-21-2014

use 239.168.20.68 (any 239.x.x.x should be fine) is private multicast group range you can use without any issues. The one you are trying is reserved & not allow to use

HTH

Rasika

**** Pls rate all useful responses *****

View solution in original post

Rasika Nayanajith · ‎01-21-2014

No, this is only used for Multicast communication between your WLC & AP, It has no impact on any other unicast traffic or any other settings of your controller.

Refer these post for more information

1. http://mrncciew.com/2012/11/17/configuring-multicast-on-wlc/

2. http://mrncciew.com/2012/12/25/multicast-address-allocation/

3. http://mrncciew.com/2012/11/08/test-yourself-basic-multicast/

4. http://mrncciew.com/2012/12/20/why-wireless-multicast-is-not-working/

HTH

Rasika

**** Pls rate all useful responses *****

View solution in original post

Sandeep Choudhary · ‎01-21-2014

add to rasika...

If you dont want to use Multicast:

then:

disable multicast:

CLI:

config network multicast global disable

GUI:

Limitation: https://supportforums.cisco.com/docs/DOC-32337

regards

View solution in original post

Rasika Nayanajith · ‎01-15-2014

As per my knowledge you cannot configure a backup anchor controller when configuring mobility-anchor for a WLAN.

HTH

Rasika

**** Pls rate all useful responses ***

Scott Fella · ‎01-15-2014

You can have multiple anchors but the foreign WLC will load balance between the two. Like Rasika mentioned, you can't configure a primary or backup as I'm a mobility anchor, the traffic is load balanced and decided by the foreign controller.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

mcaoile · ‎01-15-2014

Hi Scott/Rasika,

Thanks Scott/Rasika for the reply.

When I replace the old anchor wlc (4402) with the new anchor wlc (2504), is there anything that the customer will do in the firewall? As far I know, in the foreign controler, I will add the IP address and mac address of the new anchor wlc. Is there anything else I have to configure in the foreugn controller and new anchor controllers?

Regards,

Rasika Nayanajith · ‎01-15-2014

Are you are using the same management IP of 4402 to your 2504 or does 2504 will have new management IP ? If IP get changed then you need to modify your FW rules accordingly.

Depending on how 4402 configured, you need to make sure all the configuration get migrated across to 2504 (LAG, dyanamic interfaces, mobility group, RRM, etc)

HTH

Rasika

**** Pls rate all useful responses ****

mcaoile · ‎01-15-2014

Hi Rasika,

The 4402 has 2 IPs allocated (management and AP manager). I am planning to use these 2 same IPs for the 2504s. The 4402 is configured for LAG but 2504 does not support LAG so, I plan to use only 1 link for each 2504 connected to the FW switch (stack). As for the anchors WLCs, under WLAN > Mobility anchor > I will select 'local', is that correct?

Regards,

Rasika Nayanajith · ‎01-15-2014

2504 supports LAG from 7.4.x onwards. So use that feature.

http://www.cisco.com/en/US/prod/collateral/wireless/ps6302/ps8322/ps10315/product_bulletin_c25-722724.html

Also if you are going ahead with 7.4, go with 7.4.121.0 code which is the code I can recommend.

Yes, you can use those two IP for the two 2504 since 2504 only required a management IP (no ap manager required). But you have to decide which foreign controllers talk to which 2504 when guest tunnel termination.(let say if you have 4x foreign WLC, then 2 can talk to one 2504 & the other 2 can talk to 2nd 2504)

Below may help you (though it is not specific to 2504) when configuring this

1.http://mrncciew.com/2013/03/22/auto-anchor-mobility/

2.http://mrncciew.com/2013/03/24/auto-anchor-foreign-mapping/

HTH

Rasika

**** Pls rate all useful responses ****

mcaoile · ‎01-15-2014

Hi Rasika,

The customer has 2 foreign controllers, so in the 1st foreign controller, under WLAN > mobility anchor, I will select the 1st anchor controller and in the 2nd foreign controller, I will select the 2nd anchor controller. Am I right?

Regards,

Rasika Nayanajith · ‎01-15-2014

Yes, that's right

mcaoile · ‎01-20-2014

Hi Rasika,

Another question regarding LAG. DMZ switch has 2 switch stacked. The 2 anchor WLCs will have 2 links each WLC. 1st anchor WLC will have 1 link to the upper stack switch and 1 link to the lower stack switch. 2nd anchor WLC will have 1 link to the upper stack switch and 1 link to the lower stack switch. The 2 links on 1st anchor WLC will have port channel 100 in DMZ switch and 2 links on 2nd anchor WLC will have port channel 101 in DMZ switch. Can this scenario work?

Regards,

Scott Fella · ‎01-20-2014

You can split an ether channel with different WLC's. Basically WLC 1 has a port channel 100, WLC 2 has a port channel 101. That's the only way it will work.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Rasika Nayanajith · ‎01-20-2014

Yes, as long as both links from a WLC go to a single physical switch (can be different stack members) you can do the LAG.

You can have both WLCs connect to same DMZ switch & configure LAG as you described.(ie two port channels)

HTH

Rasika

**** Pls rate all useful responses ****

mcaoile · ‎01-21-2014

Hi Rasika,

I am currently configuring the 2504 (configuration wizard) and it is asking for multicast IP address. The code is 7.4.100.0. Please see capture below.

Would you like to terminate autoinstall? [yes]:
AUTO-INSTALL: starting now...
rc = 0

System Name [Cisco_27:cc:44] (31 characters max):
AUTO-INSTALL: no interfaces registered.

AUTO-INSTALL: process terminated -- no configuration loaded
-
Invalid response

System Name [Cisco_27:cc:44] (31 characters max): RHWLC03
Enter Administrative User Name (24 characters max): admin
Enter Administrative Password (3 to 24 characters): ********
Re-enter Administrative Password : ********

Enable Link Aggregation (LAG) [yes][NO]: no

Management Interface IP Address: 192.168.20.68
Management Interface Netmask: 255.255.255.0
Management Interface Default Router: 192.168.20.1
Management Interface VLAN Identifier (0 = untagged): 0
Management Interface Port Num [1 to 4]: 1
Management Interface DHCP Server IP Address: 192.168.192.1

Virtual Gateway IP Address: 1.1.1.1

Multicast IP Address:
Invalid response

Multicast IP Address: 2.2.2.2
Err: Invalid multicast address.

Multicast IP Address: 224.0.0.251
Err: Reserved multicast address is Invalid

Multicast IP Address: 224.0.0.224
Err: Reserved multicast address is Invalid

Regards,

Rasika Nayanajith · ‎01-21-2014

use 239.168.20.68 (any 239.x.x.x should be fine) is private multicast group range you can use without any issues. The one you are trying is reserved & not allow to use

HTH

Rasika

**** Pls rate all useful responses *****

mcaoile · ‎01-21-2014

Hi Rasika,

Thanks. Will there be any impact on the controller configuration if I enter the multicast IP address during the initial startup config?

Regards,