- Introduction to Administering Cisco Prime Infrastructure
- Administrator Setup Tasks
- Prime Infrastructure Server Settings
- Maintaining Prime Infrastructure Server Health
- Backing Up and Restoring Prime Infrastructure
- Maintaining Network Health
- Managing Data and Collection Retention
- Configuring Controller and AP Settings
- Configuring High Availability
- Configuring Wireless Redundancy
- Controlling User Access
- Advanced Monitoring
- Managing Licenses
- Managing Traffic Metrics
- Planning Network Capacity Changes
- Appendix A: Prime Infrastructure Internal SNMP Trap Generation
- Appendix B: Best Practices: Server Security Hardening
- Appendix C: Configuring the Plug and Play High Availability Feature
Cisco Prime Infrastructure 3.0 Administrator Guide
- Updated:
- January 31, 2018
Chapter: Configuring Wireless Redundancy
- About Wireless Controller Redundancy
- Prerequisites and Limitations for Redundancy
- Configuring Redundancy Interfaces
- Configuring Redundancy on Primary Controllers
- Configuring Redundancy on Secondary Controllers
- Monitoring Redundancy States
- Running the Redundancy Status Background Task
- Configuring Peer Service Port IPs and Subnet Mask
- Adding Peer Network Routes
- Resetting and Uploading Files from the Secondary Server
- Disabling Redundancy on Controllers
Configuring Wireless Redundancy
Setting up controller redundancy in a wireless network allows you to reduce network downtime. The following related topics explain wireless controller redundancy and how to configure it properly for management using Cisco Prime Infrastructure.
- About Wireless Controller Redundancy
- Prerequisites and Limitations for Redundancy
- Configuring Redundancy Interfaces
- Configuring Redundancy on Primary Controllers
- Configuring Redundancy on Secondary Controllers
- Monitoring Redundancy States
- Running the Redundancy Status Background Task
- Configuring Peer Service Port IPs and Subnet Mask
- Adding Peer Network Routes
- Resetting and Uploading Files from the Secondary Server
- Disabling Redundancy on Controllers
About Wireless Controller Redundancy
In a redundancy architecture, one wireless controller is in the Active state and a second controller is in the Standby state. The Standby controller continuously monitors the health of the Active controller via a redundant port. Both controllers share the same configurations, including the IP address of the management interface.
The Standby or Active state of a controller is based on the redundancy Stock Keeping Unit (SKU), which is a manufacturing ordered unique device identification (UDI). A controller with redundancy SKU UDI is in the Standby state for the first time when it boots and pairs with a controller that runs a permanent count license. For controllers that have permanent count licenses, you can manually configure whether the controller is in the Active state or the Standby state.
In this release, a stateful switchover of access points (AP SSO) is supported. An AP SSO ensures that the AP sessions are intact even after a switchover.
Stateful switchover of clients is not supported. This means that nearly all clients are deauthenticated and forced to re-associate with the new controller in the Active state. The only exceptions to this rule are clients on locally switched WLANs on access points in FlexConnect mode.
Prerequisites and Limitations for Redundancy
Before configuring wireless controller redundancy, you must consider the following prerequisites and limitations:
- Wireless controller redundancy is supported only on the 5500, 7500, 8500, and Wism2 controllers.
- The primary and secondary controllers must be of the same hardware model.
- The primary and secondary controllers must be running the same Controller software release.
- The IP addresses of the management, redundancy management, and peer redundancy management interfaces must be in the same subnet.
- The service port IP address and route information is maintained for each device.
- If the redundancy is enabled on a controller, the Prime Infrastructure or any other device cannot manage the standby controller.
- You cannot enable the redundancy on a controller if the controller is added to the Prime Infrastructure through the service port. You must delete the controller and add it through the management interface to enable the redundancy on that controller.
- When there is an audit mismatch between a controller and the Prime Infrastructure, you must not restore the redundancy parameters from the Prime Infrastructure on to the controller. However, you can refresh the redundancy parameters in the Prime Infrastructure.
- Before you enable the redundancy, you must download the certificates for each device.
- Configuration is downloaded from the network to the active controller, and then the details are transferred to the standby controller through the redundancy interface.
- When an old active controller pairs up with the new active controller, the control is not transferred back to the old active controller and it becomes the standby controller for the new active controller.
Configuring Redundancy Interfaces
There are two redundancy interfaces: redundancy-management interface and redundancy-port interface. The redundancy-management interface is a local physical management interface that shares the subnet mask, gateway, and VLAN ID from the management interface. You must configure only the IP address for the redundancy-management interface to enable redundancy on the primary and secondary controllers. The IP address for the redundancy-port interface is auto-generated and it is used internally.
Step 1 Choose Configuration > Network > Network Devices .
Step 2 In the Device Groups area, expand Device Type , then expand Wireless Controller .
Step 3 Select the group of wireless controllers that match the device you have chosen as the primary controller (for example: Cisco 5500 Series Wireless LAN Controllers). Members of this device group are displayed on the right.
Step 4 Click on the Device Name of the primary controller.
Step 5 Click the Configuration tab.
Step 6 From the left sidebar menu, choose Redundancy > Global Configuration . The Global Configuration page appears.
Step 7 In the Redundancy - Management IP text box, enter an IP address that belongs to the management interface subnet.
Configuring Redundancy on Primary Controllers
Step 1 Choose Configuration > Network > Network Devices .
Step 2 In the Device Groups area, expand Device Type , then expand Wireless Controller .
Step 3 Select the group of wireless controllers that match the device for which you have configured the redundancy-management interface IP address (for example: Cisco 5500 Series Wireless LAN Controllers). Members of this device group are displayed on the right.
Step 4 Click on the Device Name of the controller for which you have configured the redundancy-management interface IP address..
Step 5 Click the Configuration tab.
Step 6 From the left sidebar menu, choose Redundancy > Global Configuration . The Global Configuration page appears.
Step 7 You must configure the following parameters before you enable the redundancy mode for the primary controller:
- Redundancy-Management IP—The IP address of the local physical management interface, which you had configured in the redundancy-management interface details page is displayed. You can also modify the IP address.
- Peer Redundancy-Management IP—Enter the IP address of the peer redundancy-management interface.
- Redundant Unit—Choose Primary .
- Mobility MAC Address—Enter the virtual MAC address for the redundancy pair. Ensure that the mobility MAC address that you enter is the same for both primary and secondary controllers.
Step 8 Click Save . The Enabled check box for the redundancy mode becomes available.
Step 9 Select the Enabled check box for the redundancy mode to enable the redundancy on the primary controller.
After you enable the redundancy, you cannot modify the Redundancy-Management IP, Peer Redundancy-Management IP, Redundant Unit, and Mobility MAC Address parameters.
You cannot configure this controller during the redundancy pair-up process.
Step 10 Click Save . The configuration is saved and the system reboots.
Configuring Redundancy on Secondary Controllers
Step 1 Choose Configuration > Network > Network Devices .
Step 2 In the Device Groups area, expand Device Type , then expand Wireless Controller .
Step 3 Select the group of wireless controllers that match the device you have selected to act as the secondary controller (for example: Cisco 5500 Series Wireless LAN Controllers). Members of this device group are displayed on the right.
Step 4 Click on the Device Name of the secondary controller.
Step 5 Click the Configuration tab.
Step 6 From the left sidebar menu, choose Redundancy > Global Configuration . The Global Configuration page appears.
Step 7 You must configure the following parameters before you enable the redundancy mode for the secondary controller:
- Redundancy-Management IP—Enter the IP address of the local physical management interface. This IP address must be the same as the IP address of the peer redundancy-management interface of the primary controller.
- Peer Redundancy-Management IP—Enter the IP address of the peer physical management interface. This IP address must be the same as the IP address of the local physical management interface of the primary controller.
- Redundant Unit—Choose Secondary .
- Mobility MAC Address—Enter the virtual MAC address of the redundancy pair. Ensure that the mobility MAC address that you enter is the same for both primary and secondary controllers.
Step 8 Click Save . The Enabled check box for the redundancy mode becomes available for editing.
Step 9 Select the Enabled check box for the redundancy mode to enable the redundancy on the secondary controller.
After you enable the redundancy, you cannot modify the Redundancy-Management IP, Peer Redundancy-Management IP, Redundant Unit, and Mobility MAC Address parameters.
You cannot configure the primary controller during the redundancy pair-up process.
Step 10 Click Save . The configuration is saved and the system reboots.
Monitoring Redundancy States
After redundancy mode is enabled on the primary and secondary controllers, the system reboots. The redundancy state for both the controllers becomes Enabled in the Wireless Controller Members list page. The following traps are triggered:
- RF_SWITCHOVER_ACTIVITY—This trap is triggered when the standby controller becomes the new active controller.
- RF_PROGRESSION_NOTIFY—This trap is triggered by the primary or active controller when the peer state changes from Disabled to StandbyCold, and then to StandbyHot.
- RF_HA_SUP_FAILURE_EVENT—This trap is triggered when the redundancy fails because of a discrepancy between the active and the standby controllers.
For more information about these traps, see “Cisco Prime Infrastructure Alarms and Events” in Related Topics.
You can view the redundancy state details, including the local and peer state, unit, IP addresses of the redundancy management, peer redundancy management, redundancy port, peer redundancy port, and peer service port of the paired controller.
To view these details, choose Monitor > Managed Elements > Network Devices > Device Type > Wireless Controller > Controller Group > Controller > Device Details > Redundancy > Redundancy States .
Running the Redundancy Status Background Task
When the peer state changes from StandbyCold to StandbyHot, Prime Infrastructure sometimes misses redundancy traps. As a result, the redundancy pair-up process cannot be completed.
To fix this issue, you must run the Redundancy Status background task manually. Running this task:
- Removes the standby controller from Prime Infrastructure.
- Swaps the network route table entries with the peer network route table entries.
- Updates the redundancy state information and system inventory information.
Once the redundancy pair-up process is completed, the redundancy state for the active controller becomes Paired and the standby controller is removed from Prime Infrastructure.
Step 1 Log in to Prime Infrastructure with a user ID that has administrator privileges.
Step 2 Choose Administration > Settings > Background Tasks .
Step 3 Select the Redundancy Status background task.
Step 4 Choose Select a command >Execute Now > Go .
Configuring Peer Service Port IPs and Subnet Mask
You can configure a peer service port IP address and a subnet mask only when the state of the peer controller is in StandbyHot. Ensure that DHCP is disabled on the local service port before you configure the peer service port IP address.
Step 1 Choose Configuration > Network > Network Devices .
Step 2 In the Device Groups area, expand Device Type , then expand Wireless Controller .
Step 3 Select the group of wireless controllers that contains the primary or active controller. Members of this device group are displayed on the right.
Step 4 Click on the Device Name of the primary or active controller.
Step 5 Click the Configuration tab.
Step 6 From the left sidebar menu, choose Redundancy > Global Configuration . The Global Configuration page appears.
Step 7 Complete the following fields:
Adding Peer Network Routes
You can add a peer network route on an active controller only when the state of the peer controller is in StandbyHot. A new network route table is maintained. When the standby controller becomes active, the entries of the network route table swaps with the entries of the peer network route table.
Step 1 Choose Configuration > Network > Network Devices .
Step 2 In the Device Groups area, expand Device Type , then expand Wireless Controller .
Step 3 Select the group of wireless controllers that contains the controller for which you have configured the redundancy-management interface IP address. Members of this device group are displayed on the right.
Step 4 Click on the Device Name of the controller for which you have configured the redundancy-management interface IP addressr.
Step 5 Click the Configuration tab.
Step 6 From the left sidebar menu, choose Redundancy > Peer Network Route .
Step 7 Choose Select a command > Add Peer Network Route > Go . The Peer Network Route Details page appears.
Step 8 Complete the following fields:
Step 9 Click Save . The peer network route is added.
Resetting and Uploading Files from the Secondary Server
You can reset the secondary server when the secondary server is in the StandbyHot state and the high-availability pairing process is complete. You can also upload the files from the secondary server to the primary server.
Step 1 Choose Configuration > Network > Network Devices .
Step 2 In the Device Groups area, expand Device Type , then expand Wireless Controller .
Step 3 Select the group of wireless controllers that contains the controller for which you have configured the redundancy-management interface IP address. Members of this device group are displayed on the right.
Step 4 Click on the Device Name of the controller for which you have configured the redundancy-management interface IP addressr.
Step 5 Click the Configuration tab.
Step 6 From the left sidebar menu, choose Redundancy > Redundancy Commands .
Step 7 Under Administrative Commands , choose S elect a command > Reset Standby > Go to reset the secondary server.
Step 8 Under Upload/Download Commands:
a. Choose the transport protocol you want to use when uploading files from the secondary to the primary server ( TFTP is the default).
b. Choose Select a command > Upload File from Standby Controller > Go to upload files from the secondary to the primary server.
Disabling Redundancy on Controllers
When you disable redundancy on the controller, both active and standby controllers reboot. You must refresh the configuration from the device to remove any audit mismatches in the redundancy parameters. The active controller becomes a standalone controller and the standby controller reboots with all the ports disabled.
Step 1 Choose Configuration > Network > Network Devices .
Step 2 In the Device Groups area, expand Device Type , then expand Wireless Controller .
Step 3 Select the group of wireless controllers that contains the controller on which you want to disable redundancy. Members of this device group are displayed on the right.
Step 4 Click on the Device Name of the controller on which you want to disable redundancy.
Step 5 Click the Configuration tab.
Step 6 From the left sidebar menu, choose Redundancy > Global Configuration . The Global Configuration details page appears.
Step 7 Unselect the Enabled check box for the Redundancy Mode on the selected controller.
Step 8 Click Save . The configuration is saved and the system reboots.
Feedback