之前做的文档,作为参考分享给大家,新版本记住一点就是 redundancy-management port需要打vlan TAG
____________________________________________________________
WLC软件从7.3版本后支持 AP SSO;从7.5版本后支持Client SSO;
AP SSO允许AP与Active的WLC建立CAPWAP隧道,并与热备WLC共享AP的数据库镜像副本,WLC机箱或者网络故障的时候,减少主控制器的停机时间。
Client SSO功能,在当客户端与WLC关联或者是客户端参数变化的时候,热备控制器的客户端的信息就会被同步实现了无服务中断以及无SSID中断。
参考连接:
http://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-1/HA_SSO_DG/High_Availability_DG.html
http://www.cisco.com/web/CN/products/products_netsol/wireless/pdf/cco_lan_10_v7.pdf
————————————————————
redundancy-managment 接口
redundancy port
——————————————————————
使用GUI配置HA(AP/Client SSO)
- 配置“managment”与“redundancy-management”接口在同一网段;
WLC1
WLC2 与WLC1的mannagment 同一个IP
②配置HA角色;
③启用AP/Client SSO功能;
④进入Monitor > Redundancy >Summary页面。检查冗余状态
###使用CLI配置HA(AP/Client SSO)
命令show inteface summary <<<<查看WLC接口信息;
命令config interface address redundancy-management 10.0.61.21peer-redundancy-management 10.0.61.23 <<<<配置冗余管理接口;
命令config redundancy unit primary/secondary <<<<配置HA角色;
命令config redundancy mode sso <<<<启用SSO功能,协商角色;
命令show redundancy summary <<<<确认HA状态;
冗余管理接口(redundance-management interface):逻辑接口。
必须与管理接口在同一网段。此接口用来监控主用WLC状态、作为源PING网关(网络可达行)、和Syslog&NTP&TFTP服务器通信进行配置上传。
冗余端口(redundance port):物理端口。该端口将被分配一个最后2字节是冗余管理接口IP最后2字节(前2个字节总是169.254)的自动生成的IP地址。
---------------------------------------技术小细节:
两台WLC,Virtual-IP应该一致;建议RP直连;SP设置DHCP;
AP SSO,不支持内部DHCP; 启用AP/Client SSO将会重启无线控制器。
启用了SSO功能,备用WLC上管理接口的GUI/TELNET/SSH将无法正常访问,可以通过console、Service Port的SSH/Telnet连接和冗余管理接口上的SSH进行连接。
下面是两台已经配置好AP SSO的 WCL CT5508的配置
______________________________________________________________________________________
(Cisco Controller) >show interface summary
Number of Interfaces.......................... 8
Interface Name Port Vlan Id IP Address Type Ap MgrGuest
-------------------------------- ---- ----------------------- ------- ------ -----
management LAG 32 172.16.32.161 Static Yes No
redundancy-management LAG 32 172.16.32.163 Static NoNo
redundancy-port - untagged 169.254.32.163 Static No No
service-port N/A N/A 10.1.1.1 Static No No
virtual N/A N/A 1.1.1.1 Static No No
vlan_30_office LAG 30 172.16.30.253 Dynamic No No
vlan_31_pda LAG 31 172.16.31.253 Dynamic No No
vlan_33_guest LAG 33 172.16.33.243 Dynamic No No
(Cisco Controller) >show redundancy summary
Redundancy Mode = SSO ENABLED
Local State = ACTIVE
Peer State = STANDBY HOT
Unit = Primary
Unit ID = C0:8C:60:35:8C:60
Redundancy State = SSO
Mobility MAC = C0:8C:60:35:8C:60
BulkSync Status = Complete
Average Redundancy Peer Reachability Latency = 422Micro Seconds
Average Management Gateway Reachability Latency = 5979Micro Seconds
(Cisco Controller) >show interface detailedmanagement
Interface Name...................................management
MAC Address......................................c0:8c:60:35:8c:6f
IP Address.......................................172.16.32.161
IP Netmask.......................................255.255.255.128
IP Gateway.......................................172.16.32.129
External NAT IP State............................Disabled
External NAT IP Address..........................0.0.0.0
Link Local IPv6 Address..........................fe80::c28c:60ff:fe35:8c6f/64
STATE ...........................................REACHABLE
Primary IPv6 Address.............................::/128
STATE ........................................... NONE
Primary IPv6 Gateway............................. ::
Primary IPv6 Gateway Mac Address.................00:00:00:00:00:00
STATE ...........................................INCOMPLETE
VLAN............................................. 32
Quarantine-vlan.................................. 0
Active Physical Port............................. LAG(13)
Primary Physical Port............................ LAG(13)
Backup Physical Port.............................Unconfigured
DHCP Proxy Mode..................................Global
Primary DHCP Server..............................172.16.32.129
Secondary DHCP Server............................Unconfigured
DHCP Option 82...................................Disabled
DHCP Option 82 bridge mode insertion.............Disabled
IPv4 ACL.........................................Unconfigured
IPv6 ACL.........................................Unconfigured
mDNS Profile Name................................Unconfigured
AP Manager....................................... Yes
Guest Interface.................................. No
L2 Multicast.....................................Enabled
备机:
(Cisco Controller-Standby) >show interface summary
Number of Interfaces.......................... 8
Interface Name Port Vlan Id IP Address Type Ap MgrGuest
-------------------------------- ---- ----------------------- ------- ------ -----
management LAG 32 172.16.32.161 Static Yes No
redundancy-management LAG 32 172.16.32.164 Static NoNo
redundancy-port - untagged 169.254.32.164 Static No No
service-port N/A N/A 10.1.1.1 Static No No
virtual N/A N/A 1.1.1.1 Static No No
vlan_30_office LAG 30 172.16.30.253 Dynamic No No
vlan_31_pda LAG 31 172.16.31.253 Dynamic No No
vlan_33_guest LAG 33 172.16.33.243 Dynamic No No
(Cisco Controller-Standby) >show redundancy summary
Redundancy Mode = SSO ENABLED
Local State = STANDBY HOT
Peer State = ACTIVE
Unit = Secondary (Inherited AP License Count = 50)
Unit ID = 4C:00:82:71:BB:80
Redundancy State = SSO
Mobility MAC = C0:8C:60:35:8C:60
Average Redundancy Peer Reachability Latency = 457Micro Seconds
Average Management Gateway Reachability Latency = 2066Micro Seconds