When Cisco's Wireless Unified Architecture is deployed, the Cisco Aironet Lightweight Access Points (LAPs) can discover wireless LAN controllers (WLCs) using the DNS server when the WLC is in a different subnet than the LAP.
This document describes how to configure the Microsoft Windows 2016 DNS server for WLC discovery.
Cisco recommends that you have knowledge of these topics:
Basic knowledge of DNS servers
Basic knowledge of the Control and Provisioning of Wireless Access Points (CAPWAP) protocol
This document is not restricted to specific software and hardware versions.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
The Lightweight AP (LAP) can discover controllers through your domain name server (DNS). For the access point (AP) to do so, you must configure your DNS to return controller IP addresses in response to CISCO-LWAPP-CONTROLLER.localdomain, where localdomain is the AP domain name. When an AP receives an IP address and DNS information from a DHCP server, it contacts the DNS to resolve CISCO-CAPWAP-CONTROLLER.localdomain. When the DNS sends a list of controller IP addresses, the AP sends discovery requests to the controllers.
The AP will attempt to resolve the DNS name CISCO-CAPWAP-CONTROLLER.localdomain. When the AP is able to resolve this name to one or more IP addresses, the AP sends a unicast CAPWAP Discovery Message to the resolved IP address(es). Each WLC that receives the CAPWAP Discovery Request Message replies with a unicast CAPWAP Discovery Response to the AP.
The next section describes how to configure the Microsoft Windows 2016 server for WLC discovery.
Run 'mmc' command from Windows start menu. The Microsoft Management Console window appears.
From the File menu, choose Add-Remove Snap-in.
From the left panel choose DNS and click Add, to move it to "Selected snap-ins" section. Then presss "OK".
DNS now appears in the MMC window.
We need to create "A" record type for WLC managment IP address in respective zone.
At this point we can verify if DNS is configured properly to resolve 'CISCO-CAPWAP-CONTROLLER.localdomain' to WLC management address.
Now when the LAP boots and performs the controller discovery, the AP will attempt to resolve the DNS name CISCO-CAPWAP-CONTROLLER.localdomain. Once it knows the management IP address of the WLC, it sends a unicast CAPWAP Discovery Request Message to the controller and the controller responds with a discovery response.
If everything is configured properly you should see in AP console that it's able to resolve WLC IP address and will proceed with registration.
[*01/10/2019 14:07:07.1735] IP DNS 10.48.39.129, 10.48.39.130; Domain wlaaan.com
[*01/10/2019 14:07:07.1735] [*01/10/2019 14:07:07.1735] CAPWAP State: Discovery
[*01/10/2019 14:07:07.1742] IP DNS query for CISCO-CAPWAP-CONTROLLER.wlaaan.com
[*01/10/2019 14:07:07.1776] DNS resolved CISCO-CAPWAP-CONTROLLER.wlaaan.com
[*01/10/2019 14:07:07.1776] DNS discover IP addr: 10.48.71.20
[*01/10/2019 14:07:07.1804] Discovery Request sent to 10.48.71.20, discovery type DNS(3) ...
Discovery may fail for different reasons, most common arelisted below:
AP hasn't got an IP address from DHCP server and hence can't do DNS lookups
DNS server IP address and/or domain information is not properly configured in DHCP pool [or statically on AP in case of static configuration]
DNS server is not reachable from AP subnet due to routing issues or firewall rules.
DNS server forward zone is not properly configured.