Redundancy Management Interface (RMI)

Information About Redundancy Management Interface

The Redundancy Management Interface (RMI) is used as a secondary link between the active and standby Cisco Catalyst 9800 Series Wireless Controllers. This interface is the same as the wireless management interface, and the IP address on this interface is configured in the same subnet as the Wireless Management Interface. The RMI is used for the following purposes:

  • Dual Active Detection

  • Exchange resource health between controllers, for instance, gateway reachability status from either controller.

  • Gateway Reachability detection: Gateway reachability is checked on the active and the standby controller through the RMI interface when the feature is enabled. It takes approximately 8 seconds to detect that a controller has lost gateway reachability.


Note

The RMI might trigger a switchover based on the gateway status on the controllers.

Active Controller

The primary address on the active controller is the management IP. The secondary IPv4 address on the management VLAN is the RMI IP for the active controller. Do not configure the secondary IPv4 addresses explicitly because a single secondary IPv4 address is configured automatically by RMI under the RMI interface.


Note

RMI supports only IPv4 addresses.

Standby Controller

The standby controller does not have the wireless management IP configured; it has the RMI IP address configured as the primary IP address. When the standby controller becomes active, the management IP becomes the primary IP and the RMI IP becomes the secondary IP. If the interface on the active controller is administratively down, the same state is reflected on standby controller.

Dual Stack Support on Management VLAN with RMI

Dual stack refers to the fact that the wireless management interface can be configured with IPv4 and IPv6 addresses. If RMI IPv4 address is configured along with an IPv4 management IP, you can additionally configure an IPv6 management address on the wireless management interface. This IPv6 management IP will not be visible on the standby controller.


Note

The RMI feature supports only RMI IPv4 addresses.

RMI-Based High-Availability Pairing

You should consider the following scenarios for High-Availability (HA) pairing:

  • Fresh Installation

  • Already Paired Controllers

  • Upgrade Scenario

  • Downgrade Scenario

Dynamic HA pairing requires both active controller and the standby controller to reload. However, dynamic HA pairing occurs on Cisco Catalyst 9800-40 Wireless Controller and Cisco Catalyst 9800-80 Wireless Controller when one of them reloads and becomes standby.

HA Pairing Without Previous Configuration

When HA pairing is done for the first time, no ROMMON variables are found for the RP IPs. You can choose from the existing privileged EXEC-mode RP-based CLIs or the RMI IP based mechanisms. However, the exec-mode RP-based CLIs will be deprecated soon. If you use the Cisco DNA Centre, you can choose the exec-mode RP-based CLI mechanism till the Cisco DNA Centre migrates to support the RMI method.

The RP IPs are derived from the RMI IPs after an HA pair is formed. Also, the privileged EXEC-mode RP-based CLI method of clearing and forming an HA pair is not allowed.


Note

Though you can choose RP or RMI for a fresh installation, we recommended that you use RMI install method.

Note

To view the ROMMON variables, use the following command:

show romvars

If you choose the exec-mode RP-based CLI mechanism, the RP IPs will be configured similar to the 16.12 release.

The following occurs when the RMI configuration is done:

  • The RP IPs derived from the RMI IPs are overwritten, and used for HA pairing.

  • If the active and standby already exists due to prior HA pairing through the exec-mode RP-based CLI mechanism, the pair will not be interrupted.

  • Whenever the pair reloads later, the new RP IPs are used.

  • Exec-mode RP-based CLIs are blocked.

Already Paired Controllers

If the controllers are already in an HA pair, the existing exec-mode RP-based CLIs will continue to be used. You can enable RMI to migrate to the RMI based HA pairing.

If the controllers are already paired and RMI is configured, it will overwrite the RP IPs with the RMI derived IPs. The HA pair will not be disturbed immediately but the controllers will pick up the new IP when the next reload happens. RMI feature mandates a reload for the feature to be effective. When both controllers reload, they would come up as a pair with the new RMI derived RP IPs.

Upgrading from Cisco IOS XE 16.1.x to a Later Release

A system that is being upgraded can choose to:

  • Migrate with the existing RP IP configuration intact—In this case, the existing RP IP configuration will continue to be used. The exec-mode RP-based CLIs are used for future modifications.

  • Migrate after clearing the HA configuration—In this case, you can choose between the old (exec-mode RP-based CLIs) and new RMI based RP configuration methods.


Note

In case the older configuration is retained, the RMI configuration updates the RP IPs with the IPs derived from the RMI IPs.

Downgrade Scenario

The downgrade scenario will have only the exec-mode RP-based CLIs. The following are the two possibilities:

  • If the upgraded system used the RMI based RP configuration.

  • If the upgraded system continued to use the exec-mode RP-based CLIs.


Note

In the above cases, the downgraded system uses the exec-mode RP-based CLIs to modify the configuration. However, the downgraded system will continue to use the new derived RP IPs.

Prerequisite for RMI

It is mandatory to configure the Redundancy Management IP address and Peer Redundancy Management address before HA pairing. Both the interfaces must be in the same subnet as the Wireless Management Interface. If controller1 is configured with 9.10.90.147 as the Redundancy Management IP and controller2 with 9.10.90.149, you need to execute the following command in controller1 for redundancy mode:

redun-management interface Vlan vlan-interface-no chassis chassis-number address ip-address chassis chassis-number address ip-address


Note

The redun-management command needs to be configured on both the controllers prior to HA pairing. Here, the IP addresses 9.10.90.147 and 9.10.90.149 refer to the RMI IPs. 


Device# conf t
Device(config)# redun-management interface Vlan Vlan90 chassis 1 address 9.10.90.147 chassis 2 9.10.90.149

Configuring Redundancy Management Interface (GUI)

Procedure

Step 1

In the Administration > Device > Redundancy window, perform the following:

  1. Set the Redundancy Configuration toggle button to Enabled to activate redundancy configuration.

  2. In the Redundancy Pairing Type field, select RMI+RP to perform RMI+RP redundancy pairing as follows:

    • In the RMI IP for Chassis 1 field, enter RMI IP address for chassis 1.

    • In the RMI IP for Chassis 2 field, enter RMI IP address for chassis 2.

  3. In the Redundancy Pairing Type field, select RP to perform RP redundancy pairing as follows:

    • In the Local IP field, enter an IP address for Local IP.

    • In the Netmask field, enter the subnet mask assigned to all wireless clients.

    • From the HA Interface drop-down list, choose one of the HA interface.

      Note 

      You can select the HA interface only for Cisco Catalyst 9800 Series Wireless Controllers.

    • In the Remote IP field, enter an IP address for Remote IP.

  4. In the Keep Alive Timer field, enter an appropriate timer value. The valid range is between 1 and 10 (x100 milliseconds).

  5. In the Keep Alive Retries field, enter an appropriate retry value. The valid range is between 3 and 10 seconds.

  6. In the Active Chassis Priority field, enter a value.

Step 2

Click Apply.

Configuring a Redundancy Management Interface IP Address (CLI)

Procedure

  Command or Action Purpose
Step 1

chassis redundancy ha-interface GigabitEthernet interface-number

Example:

Device# chassis redundancy ha-interface GigabitEthernet 3

Creates an HA interface for your controller.

interface-number : GigabitEthernet interface number. The range is from 1 to 32.

Note 

This step is applicable only for Cisco Catalyst 9800-CL Series Wireless Controllers. The chosen interface is used as the dedicated interface for HA communication between the 2 controllers.

Step 2

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.
Step 3

redun-management interface vlan vlan-interface-number chassis chassis-number address ip-address chassis chassis-number address ip-address

Example:

Device(config)# redun-management interface Vlan 200 
chassis 1 address 9.10.90.147 chassis 2 address 9.10.90.149

Configures Redundancy Management Interface.

  • vlan-interface-number : VLAN interface number. The valid range is from 1 to 4094.

    Note 

    Here, the vlan-interface-number is the same VLAN as the Management VLAN. That is, both must be on the same subnet.

  • chassis-number : Chassis number. The valid range is from 1 to 2.

  • ip-address : Redundancy Management Interface IP address.

Note 

Each controller must have a unique chassis number for RMI to form the HA pair. The chassis number can be observed as SWITCH_NUMBER in the output of show romvar command. Modification of SWITCH_NUMBER is currently not available through the web UI.

Step 4

end

Example:

Device(config)# end

Returns to privileged EXEC mode.

Note 

To save the configuration, use the write memory command.

Configuring Gateway Monitoring (CLI)

Procedure

  Command or Action Purpose
Step 1

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.
Step 2

[no] management gateway-failover enable

Example:

Device(config)# management gateway-failover enable

Enables gateway monitoring. (Use the no form of this command to disable gateway monitoring.)

Step 3

ip default-gateway gateway-ip

Example:

Device(config)# ip default-gateway 1.1.1.1

Configures the gateway IP. The gateway-ip should be in the same subnet as the wireless management subnet.

Step 4

end

Example:

Device(config)# end

Returns to privileged EXEC mode.

Note 

To save the configuration, use the write memory command.

Verifying the Gateway-Monitoring Configuration

To verify the status of the gateway-monitoring configuration on an active controller, use the following command:

Device# show redundancy states

my state = 13 -ACTIVE
peer state = 8 -STANDBY HOT
Mode = Duplex
Unit = Primary
Unit ID = 1
Redundancy Mode (Operational) = sso
Redundancy Mode (Configured) = sso
Redundancy State = sso
Maintenance Mode = Disabled
Manual Swact = enabled
Communications = Up
client count = 127
client_notification_TMR = 30000 milliseconds
RF debug mask = 0x0
Gateway Monitoring = Enabled

To verify the status of the gateway-monitoring configuration on a standby controller, use the following command:

Device-stby# show redundancy states

my state = 8 -STANDBY HOT
peer state = 13 -ACTIVE
Mode = Duplex
Unit = Primary
Unit ID = 2
Redundancy Mode (Operational) = sso
Redundancy Mode (Configured) = sso
Redundancy State = sso
Maintenance Mode = Disabled
Manual Swact = cannot be initiated from this the standby unit
Communications = Up
client count = 127
client_notification_TMR = 30000 milliseconds
RF debug mask = 0x0
Gateway Monitoring = Enabled

Verifying the Redundancy Management Interface Configuration

To verify the interface configuration for an active controller, use the following command:

Device# show running-config interface vlan management-vlan

Building configuration...

Current configuration : 109 bytes
!
interface Vlan90
ip address 9.10.90.147 255.255.255.0 secondary
ip address 9.10.90.41 255.255.255.0
end

To verify the interface configuration for a standby controller, use the following command:

Device-stby# show running-config interface vlan 90

Building configuration...
 
Current configuration : 62 bytes
!
interface Vlan90
ip address 9.10.90.149 255.255.255.0
end

To verify the chassis redundancy management interface configuration for an active controller, use the following command:

Device# show chassis rmi

Chassis/Stack Mac Address : 000c.2964.1eb6 - Local Mac Address
Mac persistency wait time: Indefinite
			H/W Current
Chassis# Role      Mac Address     Priority  Version  State  IP             RMI-IP
--------------------------------------------------------------------------------------------------------
*1       Active    000c.2964.1eb6  1         V02      Ready  169.254.90.147 9.10.90.147
2        Standby   000c.2975.3aa6  1         V02      Ready  169.254.90.149 9.10.90.149

To verify the chassis redundancy management interface configuration for a standby controller, use the following command:

Device-stby# show chassis rmi

Chassis/Stack Mac Address : 000c.2964.1eb6 - Local Mac Address
Mac persistency wait time: Indefinite
                                             H/W   Current
Chassis#   Role    Mac Address     Priority Version  State  IP              RMI-IP
------------------------------------------------------------------------------------------------
1         Active   000c.2964.1eb6     1      V02     Ready  169.254.90.147  9.10.90.147
*2        Standby  000c.2975.3aa6     1      V02     Ready  169.254.90.149  9.10.90.149

To verify the ROMMON variables on an active controller, use the following command:

Device# show romvar | include RMI

RMI_INTERFACE_NAME = Vlan90
RMI_CHASSIS_LOCAL_IP = 9.10.90.147
RMI_CHASSIS_REMOTE_IP = 9.10.90.149

To verify the ROMMON variables on a standby controller, use the following command:

Device-stby# show romvar | include RMI

RMI_INTERFACE_NAME = Vlan90
RMI_CHASSIS_LOCAL_IP = 9.10.90.149
RMI_CHASSIS_REMOTE_IP = 9.10.90.147

To verify the switchover reason, use the following command:

Device# show redundancy switchover history

Index  Previous  Current  Switchover             Switchover
       active    active   reason                 time
-----  --------  -------  ----------             ----------
   1       2        1     Active lost GW         17:02:29 UTC Mon Feb 3 2020