Mobility Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3850 Switches)
Configuring Mobility
Downloads: This chapterpdf (PDF - 1.34MB) The complete bookPDF (PDF - 2.91MB) | The complete bookePub (ePub - 609.0KB) | Feedback

Configuring Mobility

Contents

Configuring Mobility

Configuring Mobility Controller

Configuring Converged Access Controllers

Creating Peer Groups, Peer Group Member, and Bridge Domain ID (CLI)

Before You Begin
  • On the mobility agent, you can only configure the IP address of the mobility controller.
  • On the mobility controller, you can define the peer group and the IP address of each peer group member.
SUMMARY STEPS

    1.    wireless mobility controller

    2.    wireless mobility controller peer-group SPG1

    3.    wireless mobility controller peer-group SPG1 member ip member-ip-addr public-ip public-ip-addr

    4.    wireless mobility controller peer-group SPG1 member ip member-ip-addr public-ip public-ip-addr

    5.    wireless mobility controller peer-group SPG2

    6.    wireless mobility controller peer-group SPG2 member ip member-ip-addr public-ip public-ip-addr

    7.    wireless mobility controller peer-group SPG1 bridge-domain-id id


DETAILED STEPS
      Command or Action Purpose
    Step 1 wireless mobility controller


    Example:
    Switch(config)# wireless mobility controller
     

    Enables the mobility controller functionality on the device. This command is applicable only to the switch. The controller is by default a mobility controller.

     
    Step 2 wireless mobility controller peer-group SPG1


    Example:
    Switch(config)# wireless mobility controller peer-group SPG1
     

    Creates a peer group named SPG1.

     
    Step 3 wireless mobility controller peer-group SPG1 member ip member-ip-addr public-ip public-ip-addr


    Example:
    Switch(config)# wireless mobility controller peer-group SPG1 member ip 10.10.20.2 public-ip 10.10.20.2
     
    Adds a mobility agent to the peer group.
    Note    The 10.10.20.2 is the mobility agent's direct IP address. When NAT is used, use the optional public IP address to enter the mobility agent's NATed address. When NAT is not used, the public IP address is not used and the device displays the mobility agent's direct IP address.
     
    Step 4 wireless mobility controller peer-group SPG1 member ip member-ip-addr public-ip public-ip-addr


    Example:
    Switch(config)# wireless mobility controller peer-group SPG1 member ip 10.10.20.6 public-ip 10.10.20.6
     

    Adds another member to the peer group SPG1.

     
    Step 5 wireless mobility controller peer-group SPG2


    Example:
    Switch(config)# wireless mobility controller peer-group SPG2
     

    Creates another peer group SPG2.

     
    Step 6 wireless mobility controller peer-group SPG2 member ip member-ip-addr public-ip public-ip-addr


    Example:
    Switch(config)# wireless mobility controller peer-group SPG2 member ip 10.10.10.20 public-ip 10.10.10.20
     

    Adds a member to peer group SPG2.

     
    Step 7 wireless mobility controller peer-group SPG1 bridge-domain-id id


    Example:
    Switch(config)# wireless mobility controller peer-group SPG1 bridge-domain-id 54
     

    (Optional) Adds a bridge domain to SPG1 used for defining the subnet-VLAN mapping with other SPGs.

     

    This example shows how to create peer group and add members to it:

    Switch(config)# wireless mobility controller 
    Switch(config)# wireless mobility controller peer-group SPG1
    Switch(config)# wireless mobility controller peer-group SPG1
    Switch(config)# wireless mobility controller peer-group SPG1 member ip 10.10.20.2 public-ip 10.10.20.2
    Switch(config)# wireless mobility controller peer-group SPG1 member ip 10.10.20.6 public-ip 10.10.20.6
    Switch(config)# wireless mobility controller peer-group SPG2
    Switch(config)# wireless mobility controller peer-group SPG2 member ip 10.10.10.20 public-ip 10.10.10.20
    Switch(config)# wireless mobility controller peer-group SPG1 bridge-domain-id 54
    

    Creating Peer Groups, Peer Group Member, and Bridge Domain ID (GUI)

    Before You Begin
    • Ensure that the device is in mobility controller state.
    • On the mobility agent, you can only configure the IP address of the mobility controller.
    • On the mobility controller, you can define the peer group and the IP address of each peer group member.

      Step 1   Choose Controller > Mobility Management > Switch Peer Group.

      The Mobility Switch Peer Groups page is displayed.

      Step 2   Click New.
      Step 3   Enter the following details:
      1. Switch Peer Group Name
      2. Bridge Domain ID
      3. Multicast IP Address
      Step 4   Click Apply.
      Step 5   Click Save Configuration.

      Configuring Local Mobility Group (CLI)

      Configuration for wireless mobility groups and mobility group members where the mobility group is a group of MCs.

      Before You Begin

      MCs can belong only to one mobility group, and can know MCs in several mobility groups.

      SUMMARY STEPS

        1.    wireless mobility group name group-name

        2.    wireless mobility group member ip member-ip-addr public-ip public-ip-addr

        3.    wireless mobility group keepalive interval time-in-seconds

        4.    wireless mobility group keepalive count count


      DETAILED STEPS
          Command or Action Purpose
        Step 1 wireless mobility group name group-name


        Example:
        Switch(config)# wireless mobility group name Mygroup
         

        Creates a mobility group named Mygroup.

         
        Step 2 wireless mobility group member ip member-ip-addr public-ip public-ip-addr


        Example:
        Switch(config)# wireless mobility group member ip 10.10.34.10 public-ip 10.10.34.28
         

        Adds a mobility controller to the Mygroup mobility group.

        Note    When NAT is used, use the optional public IP address to enter the NATed IP address of the mobility controller.
         
        Step 3 wireless mobility group keepalive interval time-in-seconds


        Example:
        Switch(config)# wireless mobility group keepalive interval 5
         

        Configures the interval between two keepalives sent to a mobility member.

         
        Step 4 wireless mobility group keepalive count count


        Example:
        Switch(config)# wireless mobility group keepalive count 3
         

        Configures the keep alive retries before a member status is termed DOWN.

         

        Switch(config)# wireless mobility group name Mygroup
        Switch(config)# wireless mobility group member ip 10.10.34.10 public-ip 10.10.34.28
        Switch(config)# wireless mobility group keepalive interval 5
        Switch(config)# wireless mobility group keepalive count 3
        

        Configuring Local Mobility Group (GUI)

        Before You Begin

        Mobility controllers can belong to only one mobility group and can know mobility controllers in several mobility groups.


          Step 1   Choose Controller > Mobility Management > Mobility Global Config.

          The Mobility Controller Configuration page is displayed.

          Step 2   Enter the following details:
          1. Mobility Group Name
          2. Mobility Keepalive Interval
          3. Mobility Keepalive Count
          4. Multicast IP Address if you want to enable multicast mode to send mobile announce messages to the mobility members.
            Note    If you do not enable multicast IP address, the device uses unicast mode to send mobile announce messages.
          Step 3   Click Apply.
          Step 4   Click Save Configuration.

          Adding a Peer Mobility Group (CLI)

          Before You Begin

          MCs belong to only one group, and can know MCs in several groups.

          SUMMARY STEPS

            1.    wireless mobility group member ip member-ip-addr public-ip public-ip-addr group group-name


          DETAILED STEPS
              Command or Action Purpose
            Step 1 wireless mobility group member ip member-ip-addr public-ip public-ip-addr group group-name


            Example:
            Switch(config)# wireless mobility group member ip 10.10.10.24 public-ip 10.10.10.25 group Group2
             

            Adds the member as a peer MC in a different group than the Mygroup.

             

            Adding a Peer Mobility Group (GUI)

            Before You Begin

            Mobility controllers belong to only one group, and can know several mobility groups.


              Step 1   Choose Controller > Mobility Management > Mobility Peer.

              The Mobility Peer page is displayed.

              Step 2   Click New.
              Step 3   Enter the following details:
              1. Mobility Member IP
              2. Mobility Member Public IP
              3. Mobility Member Group Name
              4. Multicast IP Address
              Step 4   Click Apply.
              Step 5   Click Save Configuration.

              Configuring Optional Parameters for Roaming Behavior

              Use this configuration to disable the sticky anchor. This command can also be used, if required, between all MA's and MC's where roaming is expected for the target SSID.

              SUMMARY STEPS

                1.    wlan open21

                2.    no mobility anchor sticky


              DETAILED STEPS
                  Command or Action Purpose
                Step 1 wlan open21


                Example:
                Switch(config)# wlan open20
                
                 

                Configures a WLAN.

                 
                Step 2 no mobility anchor sticky


                Example:
                Switch(config-wlan)# no mobility anchor sticky 
                
                 

                Disables the default sticky mobility anchor.

                 
                Switch(config)# wlan open20
                Switch(config-wlan)# no mobility anchor sticky 

                Pointing the Mobility Controller to a Mobility Oracle (CLI)

                Before You Begin

                You can configure a mobility oracle on a known mobility controller.

                SUMMARY STEPS

                  1.    wireless mobility group member ip member-ip-addr group group-name

                  2.    wireless mobility oracle ip oracle-ip-addr


                DETAILED STEPS
                    Command or Action Purpose
                  Step 1 wireless mobility group member ip member-ip-addr group group-name


                  Example:
                  Switch(config)# wireless mobility group member ip 10.10.10.10 group Group3
                  
                   

                  Creates and adds a MC to a mobility group.

                   
                  Step 2 wireless mobility oracle ip oracle-ip-addr


                  Example:
                  Switch(config)# wireless mobility oracle ip 10.10.10.10
                  
                   

                  Configures the mobility controller as mobility oracle.

                   
                  Switch(config)# wireless mobility group member ip 10.10.10.10 group Group3
                  Switch(config)# wireless mobility oracle ip 10.10.10.10
                  

                  Pointing the Mobility Controller to a Mobility Oracle (GUI)

                  Before You Begin

                  You can configure a mobility oracle on a known mobility controller.


                    Step 1   Choose Controller > Mobility Management > Mobility Global Config.

                    The Mobility Controller Configuration page is displayed.

                    Step 2   Enter the Mobility Oracle IP Address.
                    Note    To make the mobility controller itself a mobility oracle, select the Mobility Oracle Enabled check box.
                    Step 3   Click Apply.
                    Step 4   Click Save Configuration.

                    Configuring Guest Controller

                    A guest controller is used when the client traffic is tunneled to a guest anchor controller in the demilitarized zone (DMZ). The guest client goes through a web authentication process. The web authentication process is optional, and the guest is allowed to pass traffic without authentication too.

                    Enable the WLAN on the mobility agent on which the guest client connects with the mobility anchor address of the guest controller.

                    On the guest controller WLAN, which can be Cisco 5500 Series WLC, Cisco WiSM2, or Cisco 5700 Series WLC, configure the IP address of the mobility anchor as its own IP address. This allows the traffic to be tunneled to the guest controller from the mobility agent.

                    SUMMARY STEPS

                      1.    wlan wlan-id

                      2.    mobility anchor guest-anchor-ip-addr

                      3.    client vlan vlan-name

                      4.    security open


                    DETAILED STEPS
                        Command or Action Purpose
                      Step 1 wlan wlan-id


                      Example:
                      Switch(config)# wlan Mywlan1
                       

                      Creates a WLAN for the client.

                       
                      Step 2 mobility anchor guest-anchor-ip-addr


                      Example:
                      Switch(config-wlan)# mobility anchor 10.10.10.2
                       
                      Enables the guest anchors (GA) IP address on the MA.
                      Note    To enable guest anchor on the mobility controller, you need not enter the IP address. Enter the mobility anchor command in the WLAN configuration mode to enable GA on the mobility controller.
                       
                      Step 3 client vlan vlan-name


                      Example:
                      Switch(config-wlan)# client vlan gc_ga_vlan1
                       

                      Assigns a VLAN to the client's WLAN.

                       
                      Step 4 security open


                      Example:
                      Switch(config-wlan)# security open
                       

                      Assigns a security type to the WLAN.

                       
                      Switch(config)# wlan Mywlan1
                      Switch(config-wlan)# mobility anchor 10.10.10.2
                      Switch(config-wlan)# client vlan gc_ga_vlan1
                      Switch(config-wlan)# security open
                      

                      Configuring Guest Anchor

                      SUMMARY STEPS

                        1.    wlan Mywlan1

                        2.    mobility anchor <guest-anchors-own-ip-address>

                        3.    client vlan<vlan-name>

                        4.    security open


                      DETAILED STEPS
                          Command or Action Purpose
                        Step 1 wlan Mywlan1


                        Example:
                        Switch(config)# wlan Mywlan1 
                         

                        Creates a wlan for the client.

                         
                        Step 2 mobility anchor <guest-anchors-own-ip-address>


                        Example:
                        Switch(config-wlan)# mobility anchor 10.10.10.2  
                         

                        Enables the guest anchors IP address on the guest anchor (GA). The GA assigns its own address on itself.

                         
                        Step 3 client vlan<vlan-name>


                        Example:
                        Switch(config-wlan)# client vlan gc_ga_vlan1  
                         

                        Assigns a vlan to the clients wlan.

                         
                        Step 4 security open


                        Example:
                        Switch(config-wlan)# security open 
                         

                        Assigns a security type to the wlan.

                         
                        Switch(config)# wlan Mywlan1
                        Switch(config-wlan)# mobility anchor 10.10.10.2
                        Switch(config-wlan)# client vlan gc_ga_vlan1
                        Switch(config-wlan)# security open 
                        

                        Configuring Mobility Agent

                        Configuring Mobility Agent by Pointing to Mobility Controller (CLI)

                        Before You Begin
                        • By default, the switches are configured as mobility agents.
                        • Your network must have at least one mobility controller and the network connectivity with the mobility controller must be operational.
                        • You cannot configure mobility from the mobility agent. On the mobility agent, you can configure only the IP address of the mobility controller to download the SPG configuration.
                        • On the mobility agent, you can either configure the mobility controller address to point to an external mobility agent, or enable the mobility controller function.
                        SUMMARY STEPS

                          1.    configure terminal

                          2.    wireless management interface vlan 21


                        DETAILED STEPS
                            Command or Action Purpose
                          Step 1 configure terminal


                          Example:
                          Switch# configure terminal
                           

                          Enters global configuration mode.

                           
                          Step 2 wireless management interface vlan 21


                          Example:
                          Switch (config)# wireless management interface vlan 21
                           
                           

                          Enables the wireless functionality on the device and activates the mobility agent function. This ensures the APs have a place to terminate the CAPWAP tunnel.

                           

                          This example shows how to add a mobility agent into the mobility group by pointing it to a mobility controller:

                          Switch(config)# wireless management interface vlan 21
                          
                          

                          Configuring Mobility Agent by Pointing to Mobility Controller (GUI)

                          Before You Begin
                          • By default, the switches are configured as mobility agents.
                          • Your network must have at least one mobility controller and the network connectivity with the mobility controller must be operational.
                          • You cannot configure mobility from the mobility agent. On the mobility agent, you can configure only the IP address of the mobility controller to download the SPG configuration.
                          • On the mobility agent, you can either configure the mobility controller address to point to an external mobility agent, or enable the mobility controller function.

                            Step 1   Choose Configuration > Controller > Mobility Management > Mobility Global Config

                            The Mobility Controller Configuration page is displayed.

                            Step 2   From the Mobility Role drop-down list, choose Mobility Agent.
                            Step 3   In the Mobility Controller IP Address, enter the IP address of the mobility controller.
                            Step 4   Click Apply.
                            Step 5   Click Save Configuration.
                            Step 6   Reboot the device.

                            Configuring the Mobility Controller for the Mobility Agent (CLI)

                            SUMMARY STEPS

                              1.    wireless mobility controller

                              2.    wireless mobility controller ip ip-addr


                            DETAILED STEPS
                                Command or Action Purpose
                              Step 1 wireless mobility controller


                              Example:
                              Switch (config)# wireless mobility controller 
                              Mobility role changed to Mobility Controller.
                              Please save config and reboot the whole stack.
                               
                               

                              Enables the mobility function on the switch.

                              Note    After you enter this command, save the configuration and reboot the switch for the mobility controller function to take effect.
                               
                              Step 2 wireless mobility controller ip ip-addr


                              Example:
                              Switch (config)# wireless mobility controller ip 10.10.21.3
                               
                               

                              Specifies the mobility controller to which the mobility agent relates.

                              Note    If a mobility agent is configured and the mobility controller exists on a different device, configure the SPG on the mobility controller to ensure the mobility agent functions properly.
                               
                              What to Do Next

                              After you add a mobility controller role to the mobility agent, you can configure optional parameters on the mobility agent.

                              Configuring Optional Parameters on a Mobility Agent (CLI)

                              This section shows how to configure load-balancing on a switch.
                              • By default, the load-balancing is enabled and it cannot be disabled.
                              • The switch supports a maximum of 2000 clients and the default threshold value is fifty percent of client max load.
                              • When the switch reaches its threshold, it redistributes the new clients load to other mobility agents in the same SPG, if their client load is lower.
                              SUMMARY STEPS

                                1.    wireless mobility load-balance threshold threshold-value


                              DETAILED STEPS
                                  Command or Action Purpose
                                Step 1 wireless mobility load-balance threshold threshold-value


                                Example:
                                Switch(config)# wireless mobility load-balance threshold 150
                                 
                                 

                                Configures the threshold that triggers load-balancing.