Setting up Cisco 3504 series wireless controller redundancy

The new Cisco AIR-CT3504 wireless controller support High Availability with SSO (Stateful Switchover). In this setup one WLC acts as primary unit, the other as secondary unit (so-called Active/Hot Standby). The wireless controllers have a dedicated redundancy port which must be connected with a standard Cat.6 patch cord.

First the primary unit must configured with a management, redundancy-management and its peer-redundancy-management (i.e. the second WLC) IP address.


(Cisco Controller) >config interface address management (IP-WLC#1) (SUBNET) (GATEWAY)
(Cisco Controller) >config interface address redundancy-management (RED-IP-WLC#1) peer-redundancy-management (RED-IP-WLC#2)
Set up management IP and redundancy management IP on WLC#1

Then the primary unit must be configured as primary and the redundancy mode must be set to sso. Note: This will reboot the wireless controller.


(Cisco Controller) >config redundancy unit primary
(Cisco Controller) >config redundancy mode sso

WARNING: 1. If peer unit's management and/or redundancy management entries are present as mobility members please remove them before enabling redundancy.
All unsaved configuration will be saved.
And the system will be reset. Are you sure? (y/n)y

Configuration Saved!
System will now reboot!
Set up primary unit and mode SSO on WLC#1

The next step is to setup the secondary wireless controller with a management, redundancy-management and its peer-redundancy-management (this time the primary WLC) IP address.


(Cisco Controller) >config interface address management (IP-WLC#2) (SUBNET) (GATEWAY)
(Cisco Controller) >config interface address redundancy-management (RED-IP-WLC#2) peer-redundancy-management (RED-IP-WLC#1)
Set up management IP and redundancy management IP on WLC#2

Similar to the primary unit the secondary unit must be configured as secondary and the redundancy mode must be set to sso. Note: This will reboot the wireless controller.


(Cisco Controller) >config redundancy unit secondary
(Cisco Controller) >config redundancy mode sso

WARNING: 1. If peer unit's management and/or redundancy management entries are present as mobility members please remove them before enabling redundancy.
All unsaved configuration will be saved.
And the system will be reset. Are you sure? (y/n)y

Configuration Saved!
System will now reboot!
Set up primary unit and mode SSO on WLC#1

After a restart the wireless controllers will look for each others peer and sync the configuration, Access Point license count, etc. The status of can be verified with:


(Cisco Controller) >show redundancy summary
            Redundancy Mode = SSO ENABLED
                Local State = ACTIVE
                 Peer State = STANDBY HOT
                       Unit = Primary
                    Unit ID = DC:F7:19:hh:hh:hh
           Redundancy State = SSO
               Mobility MAC = DC:F7:19:hh:hh:hh
               Redundancy Port  = UP
            BulkSync Status = Complete
Average Redundancy Peer Reachability Latency = 173 Micro Seconds
Average Management Gateway Reachability Latency = 2914 Micro Seconds
Verify SSO, Local and peer state on WLC#1

On the second wireless controller the status should be verified as well:


(Cisco Controller-Standby) >show redundancy summary
            Redundancy Mode = SSO ENABLED
                Local State = STANDBY HOT
                 Peer State = ACTIVE
                       Unit = Secondary (Inherited AP License Count = 13)
                    Unit ID = DC:F7:19:hh:hh:hh
           Redundancy State = SSO
               Mobility MAC = DC:F7:19:hh:hh:hh
               Redundancy Port  = UP
Average Redundancy Peer Reachability Latency = 160 Micro Seconds
Average Management Gateway Reachability Latency = 3516 Micro Seconds
Verify SSO, Local and peer state and AP license count on WLC#2

The configuration should be verified by powering the primary unit off. The secondary unit should recognize that the primary unit failed and should do a so-called WLC switch over as shown below:


(Cisco Controller-Standby) >

HA completed successfully, WLC switch over detection time : ~360 msec and APs switch over time : ~0 msec

(Cisco Controller) >
Verify HA by powering the primary WLC off

Note: the CLI prompt changed from (Cisco Controller-Standby) into (Cisco Controller) after a successful switch over.

Search my web site