A while back I was assigned to work on a project which requires, among other things, to deploy wireless in 4 offices.
I decided to interconnect the office in a hub and spoke fashion. For wireless I decided to use Cisco 9130AXI Wireless Access Points and a Cisco Catalyst 9800-CL Wireless Controller.
The Cisco Catalyst 9800-CL Wireless Controller can be deployed in cloud or in your local infrastructure (KVM, ESXI) as VM.
Since you don’t have to spend money on a physical controller, it is recommended to think about High Availability. I had plenty of hardware resources available so I went for the SSO HA.
Though it might sound like a very complex setup, it isn’t. Not sure about other people but myself, I would rather look at the CLI config rather than reading the release notes.
You can download the Cisco Catalyst 9800-CL Wireless Controller image from here.
If you want to read the Cisco Quick Start guide on how to Configure High Availability SSO on Catalyst 9800 go here.
It was the first time for me when I configured an SSO HA pair and I used the CLI as it makes more sense to me rather than using the GUI.
What to chose RP or RMI + RP ?
Have you ever configured a pair of Nexus switches? You know what the DAD link is? Than you already have the answer.
RMI – refers to the Redundancy Management Interface – this translates to a secondary IP address, you will understand later on.
RP – Redundancy Port – this will be a dedicate vNIC.
Basically if you chose RMI + RP you will monitor the status of the standby unit through two links instead of one.
Configuration
The Cisco Catalyst 9800-CL Wireless Controller HA SSO configuration is really easy through CLI. When you use the GUI you might not know what’s going on in the “backend”.
- “console” both vWLCs;
- Make sure that both vWLCs run the same:
- Software version;
- 80 ms RTT latency
- 1500+ MTU
- 60MB/s bw.
- Make sure you know which vWLC will be active and which one standby.
- Enable redundancy on both controllers with the next commands:
redundnancy
mode sso - Update the chassis priority on the primary unit to 5. Default is 1. If both controllers have the same priority the MAC address will break the tie. Lower value is the primary.
chassis 1 priority 2 - Update the chassis number on the backup controller to 2. .On the standby controller:
chassis 1 renumber 2 - Issue the redundancy management interface command on both controllers. The same command can be used on both controllers.
redun-management interface Vlan100 chassis 1 address 172.16.1.253 chassis 2 address 172.16.1.251 - Enable Gateway Check (Gateway Reachability Detection)
management gateway-failover enable - write memory
- Reload both vWLCs.