Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Virtual Interface (WLC)

Hello,

are there any background information about the virtual Interface and his IP-address: 

[Config Guide]

..... 

A virtual interface must be configured with an unassigned and unused gateway IP address. (no question !!)

A virtual interface IP address is not pingable and should not exist in any routing table in your network. (why? The controller have this IP address and no other systems, what ist the problem?)

Regards

Sven

1 ACCEPTED SOLUTION

Accepted Solutions
VIP Purple

Re: Virtual Interface (WLC)

It says it will not appear as source or destination address of a packet goes out a distribution system port (in other words packets goes to wired network). Still this can be used for within the controlller and encapsulated capwap tunnel for client traffic in certain scenarios(in mobility management).

If your wired network know about this virtual IP (ie routable IP), then it will be problematic to do this segregation. On top of that how can you configure the same IP address available in multiple places of your network & do routing for that.

HTH

Rasika

7 REPLIES
VIP Purple

Re: Virtual Interface (WLC)

Because virtual IP address has to be same on your controllers, if you configured it as routable IP, routing table will get confused (as same IP coming from multiple places of your network).

Normally we configure 192.0.2.1 as virtual IP (old days it was 1.1.1.1) now a days

HTH

Rasika

**** Please rate all useful responses ***

New Member

Virtual Interface (WLC)

Hello Rasika,

I thougt the virtual IP is used internal or for Wireless clients only?

Are there any IP packets go out from the controller to LAN?

What about L2 networks and more than 1 controller?

Sven

VIP Purple

Re: Virtual Interface (WLC)

Yes, you are correct, virtual IP address is used for communication for wireless client & controller itself, Assume you configure it as a routable IP, then WLC will forward that traffic to Network & cannot do its intended function.

Also if you have more than 1 controller & you need to have mobility between them then you need to configure same virtual IP address all of those controllers.

Here are the some of useful points about this interface from config guide.

http://www.cisco.com/en/US/docs/wireless/controller/7.0MR1/configuration/guide/cg_ports_interfaces.html#wp1194487

* The virtual interface is used to support mobility management, Dynamic Host Configuration Protocol (DHCP) relay, and embedded Layer 3 security such as guest web authentication and VPN termination. It also maintains the DNS gateway host name used by Layer 3 security and mobility managers to verify the source of certificates when Layer 3 web authorization is enabled.

Specifically, the virtual interface plays these two primary roles:  

     1.  Acts as the DHCP server placeholder for wireless clients that obtain their IP address from a DHCP server.        

      2.  Serves as the redirect address for the web authentication login page.

* The virtual interface IP address is used only in communications between the controller and wireless clients. It never appears as the source or destination address of a packet that goes out a distribution system port and onto the switched network. For the system to operate correctly, the virtual interface IP address must be set (it cannot be 0.0.0.0), and no other device on the network can have the same address as the virtual interface. Therefore, the virtual interface must be configured with an unassigned and unused gateway IP address. The virtual interface IP address is not pingable and should not exist in any routing table in your network. In addition, the virtual interface cannot be mapped to a backup port.

* All controllers within a mobility group must be configured with the same virtual interface IP address. Otherwise, inter-controller roaming may appear to work, but the handoff does not complete, and the client loses connectivity for a period of time.

HTH

Rasika

**** Please rate all useful responses  ****

New Member

Re: Virtual Interface (WLC)

It never appears as the source or destination address of a  packet that goes out a distribution system port and onto the switched  networ

Thats the reason why I ask

If it never used, where is the problem with any routing tables?

VIP Purple

Re: Virtual Interface (WLC)

It says it will not appear as source or destination address of a packet goes out a distribution system port (in other words packets goes to wired network). Still this can be used for within the controlller and encapsulated capwap tunnel for client traffic in certain scenarios(in mobility management).

If your wired network know about this virtual IP (ie routable IP), then it will be problematic to do this segregation. On top of that how can you configure the same IP address available in multiple places of your network & do routing for that.

HTH

Rasika

New Member

Re: Virtual Interface (WLC)

Thanks for your support

Sven

VIP Purple

Virtual Interface (WLC)

No prob... Thanks for rating the responses...

Rasika

532
Views
8
Helpful
7
Replies