Solved: I have 4 WiSM-2s and we do

naslanidis · ‎10-15-2014

Hey,

We have a pair of 5508 WLC's configured in HA (primary/standby). We have a single SSID that we're broadcasting across each floor of our head office. The AP's are in flexconnect mode so users pickup an IP address from the DHCP range for that building level and that's all working well.

The problem I have is that users cannot roam between floors without losing access to the network. They roam to the AP's on the different floors, and maintain wireless connection throughout the building, but they cannot connect to anything on the network when outside of the floor that contains an IP range that matches the client's IP. I was told by a number of technical consultants that this sort of layer 3 roaming should work in this configuration. When users go to a different floor, they retain their original IP and the traffic is tunneled (EOIP) back to the controller to maintain network connectivity, however this does not appear to be happening.

Firstly I'm wondering if this is possible with a HA pair configured in active/standby. All of the documentation around layer 3 roaming seems to involve at least 2 controllers, the foreign and the anchor. In this case as they're a HA pair their is technically only a single controller.

If it is possible to do layer 3 roaming on a single controller (intra-controller), if anyone can provide some guidance on things I should be checking or looking out for that would be appreciated.

Thanks.

Leo Laohoo · ‎10-16-2014

I have 4 WiSM-2s and we do roaming but we DO NOT HAVE an anchor controller.

One thing, though, when you roam to different floors, are all the APs on the same WLC?

Splitting wireless IP address by floor is a pretty bad idea. Why? Because wireless clients do not guarantee they will associate to the AP on the same floor as they are. I have seen wireless laptops associate to APs two floors DOWN. I've seen a wireless robot (granted, the Ubuntu codes would make a grown man cry) would associate to an AP with the WORST wireless signal.

View solution in original post

Leo Laohoo · ‎10-16-2014

I have 4 WiSM-2s and we do roaming but we DO NOT HAVE an anchor controller.

One thing, though, when you roam to different floors, are all the APs on the same WLC?

Splitting wireless IP address by floor is a pretty bad idea. Why? Because wireless clients do not guarantee they will associate to the AP on the same floor as they are. I have seen wireless laptops associate to APs two floors DOWN. I've seen a wireless robot (granted, the Ubuntu codes would make a grown man cry) would associate to an AP with the WORST wireless signal.

naslanidis · ‎10-16-2014

Hi,

Thanks for your response. Yes it's a pretty small setup with about 50 AP's at present. All of them join the single 5508 HA pair, but because it's active standby it's a single controller that's highly available.

As a work around I'm investigating putting all wireless clients in the building on a single separate VLAN. We have 2 other sites that will have wireless soon but they are a long way from each other so roaming between them would be no issue.

So I guess I'm agreeing with you that trying to keep the regular floor VLAN's for wireless clients is not the best idea. We could easily have a class b network for wireless clients and use one network per site instead of one per floor. With no possibility of roaming between sites that should resolve the problem.

Still though, I had a number of technical consultants from a very large system integrator design this setup and despite my asking a number of times how this roaming could work I was simply told it would.

Leo Laohoo · ‎10-16-2014

Still though, I had a number of technical consultants from a very large system integrator design this setup and despite my asking a number of times how this roaming could work I was simply told it would.

ROFL!

We contracted a consulting company/implementors to do a wireless job (back in 2011) for a particular project (politics dictate I keep stay away from it). They had one "wireless expert".

Then one day, I got a call from the "wireless expert" and the phone conversation went like this, "It's me. I am doing another wireless project for another agency. But I would like to know how do you convert an autonomous AP to controller-based IOS". <FACEPALM>

Long story short: They won't know. Not all of them know. Their main concern is YOUR MONEY in their hands. That's all. But I can tell you this: I am the end user. I configure stuff. Roaming works if you get the basics correct. Roaming works if you know what you want and you get it done right. Scott Fella and Steve Rodriguez, two regular in this forum, (and works for CDW) and they are good. There's another "mad Texan" by the name of George Stefanick is another one. An Aussie by the name of Rasika is also around.

The most basic item is roaming is how you space your APs. Unless you've got wireless antennas coming out of your ears, you need to organize a wireless site survey. And when you want to do the a "good" wireless site survey, you "future proof" your requirements. Right now, my wireless site survey is aimed at "wireless VoIP" requirement.

naslanidis · ‎10-26-2014

I decided to create a separate VLAN for each wireless site rather than using the regular floor VLANs and we are now roaming fine between floors (as one would expect).

After doing some more research into it there's really no way to ensure that a user is going to associate with an AP on the current floor anyway as there is simply too much leakage between floors.

So now in head office we have a class B private subnet for corporate wireless clients, and /24 class C's for each of the smaller sites. This makes for a simpler way of managing wireless clients IMO and has the added benefit of making wireless clients instantly recognizable on the network.

Thanks for your assistance.

Leo Laohoo · ‎10-27-2014

Happy to hear it's working fine. :)

5508 WLC HA pair and layer 3 roaming