Cisco WLC 9800 - HA SSO with Ether-channel

本文将记录如何配置HA SSO以及Ethernet Channel。

1.拓扑情况

本文的内容基于如下的Topo进行。

2.准备工作

• 两台WLC的型号必须一样；
• 两台WLC必须使用一样的软件版本；
• 需要准备好使用的IP地址：两个用于WLC的管理地址（WMI），两个WLC的RMI地址；

基于如上的信息，我们规划地址如下：

• Primary WLC Wireless Management Interface (WMI) IP Address = 10.10.99.10
• Secondary WLC Wireless Management Interface (WMI) IP Address = 10.10.99.11
• Primary WLC Redundancy Management Interface (RMI) IP Address = 10.10.99.12
• Secondary WLC Redundancy Management Interface (RMI) IP Address = 10.10.99.13

3.配置工作

3.1.配置Primary WLC

1.创建VLAN：这个VLAN是用作WLC的管理VLAN。

vlan 999
    name WLC-MGMT

2.创建P WLC的WMI和RMI地址。

Management Interface (RMI):

interface vlan 999
    description WLC-MGMT
    ip address 10.10.99.10 255.255.255.0
    ip address 10.10.99.12 255.255.255.0 secondary
    no shutdown

Designate VLAN as Management VLAN:

wireless management interface Vlan999

 Configure Default Route：

ip route 0.0.0.0 0.0.0.0 10.10.99.1 name DEFAULT-ROUTE

Configure physical interfaces (preferably using LACP Port-Channel):

interface range Te0/0/0-3
    description Trunk Upstream Core
    channel-group 1 mode active

interface portchannel 1
    description Trunk Upstream Core
    switchport mode trunk
    switchport trunk allowed vlan all
    no shutdown

For Primary WLC, set priority to 2 (highest priority):

Note that this command is configured in Privilege EXEC Mode (WLC# prompt)
chassis 1 priority 2

! Enable HA SSO mode:
config terminal
redundancy
    mode sso

! Designate Management VLAN as Redundancy Management Interface (RMI):
redun-management interface Vlan999 chassis 1 address 10.10.99.12 chassis 2 address 10.10.99.13

! Save configuration:
do write mem

3.2.配置Standby WLC

Standby WLC的配置大体和Primary WLC的配置相似。

! Create Management VLAN:
vlan 999
    name WLC-MGMT
! Create Wireless Management Interface (WMI) and Redundacy Management Interface (RMI):
interface vlan 999
    description WLC-MGMT
    ip address 10.10.99.11 255.255.255.0
    ip address 10.10.99.13 255.255.255.0 secondary
    no shutdown

! Designate VLAN as Management VLAN:
wireless management interface Vlan999

! Configure Default Route
ip route 0.0.0.0 0.0.0.0 10.10.99.1 name DEFAULT-ROUTE

! Configure physical interfaces (preferably using LACP Port-Channel):
interface range Te0/0/0-3
    description Trunk Upstream Core
    channel-group 1 mode active

interface portchannel 1
    description Trunk Upstream Core
    switchport mode trunk
    switchport trunk allowed vlan all
    no shutdown

! For Secondary WLC, renumber this unit ("chassis") to number 2 (but let priority stay at 1, which is default):
! Note that this command is configured in Privilege EXEC Mode (WLC# prompt)
chassis 1 renumber 2

! Enable HA SSO mode:
config terminal
redundancy
    mode sso

! Designate Management VLAN as Redundancy Management Interface (RMI):
redun-management interface Vlan999 chassis 1 address 10.10.99.12 chassis 2 address 10.10.99.13

! Save configuration:
do write mem

3.3.配置Core SW

请注意，虽然在上面的主WLC和备WLC 上都使用了port-channel 1，但在上游核心交换机上，这些port-channel编号需要不同。
例如，对将连接到主WLC的物理端口使用port-channel 1，对将连接到备WLC的物理端口使用端口port-channel 2。

Configure Port-channel to Primary WLC (WLC01):

interface range Te1/1/1-4
    description Trunk Primary WLC01
    channel-group 1 mode active
    no shutdown


interface Portchannel 1
    description Trunk Primary WLC01 Portchannel
    switchport mode trunk
    spanning-tree portfast trunk
    no shutdown

Configure Port-channel to Secondary WLC (WLC02):

interface range Te2/1/1-4
    description Trunk Secondary WLC02
    channel-group 2 mode active
    no shutdown

interface Portchannel 2
    description Trunk Secondary WLC02 Portchannel
    switchport mode trunk
    spanning-tree portfast trunk
    no shutdown

do write mem

3.4.将WLC以及网络其余部分连接

所有配置就绪后，现在可以使用冗余端口RP（直接或通过核心交换机或类似设备中的专用 VLAN）将WLC相互连接，并使用数据端口(physical ports/port channels）将WLC连接到网络的其余部分）。

确保您已保存两个 WLC 上的配置，然后发出“reload”命令，并在 WLC 重启时连接所有线路。

3.5.配置后任务

启用网关监控（Gateway Monitoring），允许 WLC 跟踪其默认网关，并在当前Active WLC 的默认网关路径发生问题时允许进行故障转移Failover。

management gateway-failover enable

也可以开启Standby WLC的console，以便需要的时候方便排障。

redundancy
    main-cpu
    standby console enable

4.验证工作

4.1.检查机框

使用show chassis命令

4.2.检查冗余情况

使用show redundancy states

4.3.Failover测试

如果您想通过强制故障转移来测试冗余，您可以拔下主 WLC（当前应该是活动 WLC），也可以使用以下命令：

redundancy force-switchover

5.参考文档

https://www.ciscolive.com/c/dam/r/ciscolive/global-event/docs/2022/pdf/BRKEWN-2846.pdf

Cisco Catalyst 9800 Series Wireless Controller Software Configuration Guide, Cisco IOS XE Cupertino 17.9.x - High Availability [Cisco Catalyst 9800 Series Wireless Controllers] - Cisco

https://www.cisco.com/c/dam/en/us/td/docs/wireless/controller/9800/17-6/deployment-guide/c9800-ha-sso-deployment-guide-rel-17-6.pdf