do I need mobility with bridge@ap

  • 0
  • 1
  • Question
  • Updated 7 months ago
  • Answered
Hi, do I need mobility if my 4 controllers in the domain only have bridge@AP topologies ?!

I can't remeber whether that is required.

Thanks,
Ron
Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 44,200 Points 20k badge 2x thumb

Posted 7 months ago

  • 0
  • 1
Photo of Umut Aydin

Umut Aydin, Escalation Support Engineer

  • 2,030 Points 2k badge 2x thumb
Hi Ron,

no you don't need it.

Inter-AC domain was initially designed to address L3 persistence for Routed Topologes, as such, sessions are ‘sticky’ to the initial controller on which the user device first associates. The association is distributed to domain members, which will then tunnel user control and traffic back to the original controller

Rgds
Umut
Photo of Ostrovsky, Yury

Ostrovsky, Yury, Employee

  • 2,670 Points 2k badge 2x thumb
Hi Ron, you have four controllers in the setup. I usually recommend to design the deployment in a such way that one geographical area (e.g one building) is covered only by one controller, or controllers in HA/FF pair. In this case you don’t need to enable mobility . Although if you have one area with APs homed to different non-paired controllers, you better enable mobility since the controller from other pair does not have a session information from the first controller , and potentially it is a roaming issues.

If you have only a pair of controller covering the same area, make sure that FastFailover checkbox is also enabled (along with HA) - thats how controllers exchanging session information.
(Edited)
Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 44,200 Points 20k badge 2x thumb
Hey Yury,

we just replace the existing old controller/AP infrastructure that is the reason I've 2 controller pairs.
The old one running v9 for the AP26xx and the new pair has v10 installed to support the newer AP models.

I've enabled mobilty on all 4 and as soon as the customer is finished replacing all APs we've only one v10 pair with an active controller and the 2nd one as the standby.

Everthing looks fine now after I've enabled mobility on all of them - FF is disabled because I don't like the feature :-)

Thanks,
Ron
Photo of Ostrovsky, Yury

Ostrovsky, Yury, Employee

  • 2,670 Points 2k badge 2x thumb
Ron, thats the perfect approach for the transition between v9 and v10 and we are using the same for some of our large customers. While it will not really help with dot1X fast transition , it will help to maintain the authenticated role status to the client, so they will not end up with some portal again asked to provide credentials.