cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
8716
Views
20
Helpful
6
Replies

5508 WLC HA pair - change management interface settings

naslanidis
Level 1
Level 1

Hi,

We have a pair of 5508 WLC's in a HA configuration that is working well at the moment, however I have noticed that the management interface is configured as untagged. I would like to change this to tagged and change the attached switch to trunk for these devices but if I try and edit the management interface through the GUI the VLAN and IP address section is greyed out and cannot be changed. While I could attempt it through the CLI and am comfortable doing that, the fact that it cannot be changed through the GUI implies that this should not be changed and so I am after further information. I don't have any lab equipment other than the HA pair in production so I cannot try changing it through the CLI at the moment. 

The WLC's are in LAG mode if that makes any difference. I realise there may be downtime required for making this change but I am trying to work out the steps to get this done without having to drastically reconfigure things. 

Any assistance would be appreciated. 

1 Accepted Solution

Accepted Solutions

Abhishek Abhishek
Cisco Employee
Cisco Employee

Introduction of New Interfaces for HA Interaction

Redundancy Management Interface

The IP address on this interface should be configured in the same subnet as the management interface. This interface will check the health of the Active WLC via network infrastructure once the Active WLC does not respond to Keepalive messages on the Redundant Port. This provides an additional health check of the network and Active WLC, and confirms if switchover should or should not be executed. Also, the Standby WLC uses this interface in order to source ICMP ping packets to check gateway reachability. This interface is also used in order to send notifications from the Active WLC to the Standby WLC in the event of Box failure or Manual Reset. The Standby WLC will use this interface in order to communicate to Syslog, the NTP server, and the TFTP server for any configuration upload.

Redundancy Port

This interface has a very important role in the new HA architecture. Bulk configuration during boot up and incremental configuration are synced from the Active WLC to the Standby WLC using the Redundant Port. WLCs in a HA setup will use this port to perform HA role negotiation. The Redundancy Port is also used in order to check peer reachability sending UDP keep-alive messages every 100 msec (default timer) from the Standby WLC to the Active WLC. Also, in the event of a box failure, the Active WLC will send notification to the Standby WLC via the Redundant Port. If the NTP server is not configured, a manual time sync is performed from the Active WLC to the Standby WLC on the Redundant Port. This port in case of standalone controller and redundancy VLAN in case of WISM-2 will be assigned an auto generated IP Address where last 2 octets are picked from the last 2 octets of Redundancy Management Interface (the first 2 octets are always 169.254).

View solution in original post

6 Replies 6

Leo Laohoo
Hall of Fame
Hall of Fame

Here's the deal.  This is one instance where I'm going to have to say "if it ain't broke, don't fix it".  

 

If you want to change the settings, you'll need to break the SSO and cause an outage to your wireless network.  

Thanks for the reply.

I don't mind making changes during a maintenance window, what I don't want to if it can be avoided is have to reconfigure things from scratch.

The main reason I'd like to change it is that we'll be looking to add some access control in future using 802.1x and so we'll need to be able to trunk different vlans to/from the controllers. A little bit of pain now to get it setup correctly is better than having to make the change later when more people are using it. 

 

Ok, so you'll need to break HA and make the necessary changes and enable HA back.  

So if I can disable HA the management interface settings will no longer be greyed out and can be changed? 

I've been searching through the Cisco doco and haven't found how to disable redundancy. If you can point me in the right direction that would be appreciated. 

UPDATE:

A previous post said to do the below. Does that sound right to you? 

1. On the Controller issue the following command:
   Controller>config redundancy mode disable

2. After this command the WLCs will reboot.

3. After it reboots, make the changes you want to make. They will reboot again.

4.  Once the WLCs are back up then go ahead and reconfigure the HA AP-SSO on the Controller by issuing the following     command:
   Controller>config redundancy mode sso

5. After this the WLC will reboot and come back as Primary and Standby WLC again.

3. After it reboots, make the changes you want to make. They will reboot again.

The 5508 has a Service Port.  If you configure your Service Port properly, you can go in through here.  When you change the settings for the Management Interface, you won't get "disconnected" since you're going through the Service Port anyway.  

 

The change to the settings of the Management Interface does not mean a reboot (I think) and you should be able to set up HA SSO.  

Abhishek Abhishek
Cisco Employee
Cisco Employee

Introduction of New Interfaces for HA Interaction

Redundancy Management Interface

The IP address on this interface should be configured in the same subnet as the management interface. This interface will check the health of the Active WLC via network infrastructure once the Active WLC does not respond to Keepalive messages on the Redundant Port. This provides an additional health check of the network and Active WLC, and confirms if switchover should or should not be executed. Also, the Standby WLC uses this interface in order to source ICMP ping packets to check gateway reachability. This interface is also used in order to send notifications from the Active WLC to the Standby WLC in the event of Box failure or Manual Reset. The Standby WLC will use this interface in order to communicate to Syslog, the NTP server, and the TFTP server for any configuration upload.

Redundancy Port

This interface has a very important role in the new HA architecture. Bulk configuration during boot up and incremental configuration are synced from the Active WLC to the Standby WLC using the Redundant Port. WLCs in a HA setup will use this port to perform HA role negotiation. The Redundancy Port is also used in order to check peer reachability sending UDP keep-alive messages every 100 msec (default timer) from the Standby WLC to the Active WLC. Also, in the event of a box failure, the Active WLC will send notification to the Standby WLC via the Redundant Port. If the NTP server is not configured, a manual time sync is performed from the Active WLC to the Standby WLC on the Redundant Port. This port in case of standalone controller and redundancy VLAN in case of WISM-2 will be assigned an auto generated IP Address where last 2 octets are picked from the last 2 octets of Redundancy Management Interface (the first 2 octets are always 169.254).

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: