What do i need to consider before adding my HA controller in a working wireless network?

  • 0
  • 1
  • Question
  • Updated 2 years ago
  • Answered
I have working wireless network now. And i need to include a second controller to increase the number of APs supported. I have 2 C35 and one of them is working as a primary now.
Photo of Carlo Alviar

Carlo Alviar

  • 680 Points 500 badge 2x thumb

Posted 2 years ago

  • 0
  • 1
Photo of Bharathiraja, Suresh

Bharathiraja, Suresh, Employee

  • 3,536 Points 3k badge 2x thumb
Photo of Carlo Alviar

Carlo Alviar

  • 680 Points 500 badge 2x thumb
Thank you for providing me the KB links. I already configured both the controllers for HA. My concern are:
- How could i integrate the two controllers in one network?
- Do i need to put them together in one switch via a tagged or untagged VLAN?
- What port of the EWC to be integrated in the network?
- Is it the management or L2 ports?
- Will there be a down time in the EWLAN due to the restarting of controllers? If there is any how long will it take?
Photo of Nathiya Munuswamy

Nathiya Munuswamy, Employee

  • 1,706 Points 1k badge 2x thumb
Answering the questions below,
How could i integrate the two controllers in one network? 
- You can configure both the controllers in same VLAN. 

Do i need to put them together in one switch via a tagged or untagged VLAN? 
- It depends on your network design. You can put them on a tagged or untagged VLAN. Most of the time it will be a Tagged VLAN.

What port of the EWC to be integrated in the network? 
- Any port from 1 to 4 can be used to connect to the network

Is it the management or L2 ports? 
- The port used to connect to the controller will be a management port. Using L2 port we will not be able to manage the controller. 

Will there be a down time in the EWLAN due to the restarting of controllers? If there is any how long will it take?
- Controller reload will be suggested in maintenance window. The reload will take only couple of minutes. However, after controller reload we need to wait for the Ap's to come back on the controller. 
(Edited)
Photo of FES

FES

  • 1,360 Points 1k badge 2x thumb
Nathiya,
We have to specify the ip address to do the HA.
Its recomended to use the Admin interface to do the HA?
or..
we must create a new physical Admin interface at the esa0 or esa1 interface.
Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 50,114 Points 50k badge 2x thumb
It's NOT recommended to use the Admin interface at all - the interface should only be used for initial configuration and so a support engineer could connect directly to the device in case of troubleshooting.

You should use the same interface for HA that is used to connect the APs to the controller (= the one that has AP registration enabled).
Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 50,114 Points 50k badge 2x thumb
Yes and no, if the Admin interface is up and has a IP in the same subnet as the RADIUS server it could result that requests are send out via the interface.

To avoid that you'd do different things.
- disable the interface in the VM
- don't use a IP in the customers network (leave it on the default 192.168.10.1 address) & don't set a default gateway in the host settings of the controller

If it's a VM controller I prefer to disable the interface in the VM.
For a hardware controller just don't plug a cable into the port.
Photo of FES

FES

  • 1,360 Points 1k badge 2x thumb
Thanks for the repplys,
I am going to shrare with you an unussual behaviour of the V2110 controller. When we restart de controller the web doestn works. 
We have to disable esa0 interface (when is physical 'newadmin' l3 interface) and enable in vmware de interface for Admin.
Then we have to access to the web using Admin ip. Then we activate esa0 interface and then physical works ok....
I dont know why...
(in this momment we can disable admin interface at vmware)
Photo of Gareth Mitchell

Gareth Mitchell, Extreme Escalation Support Engineer

  • 5,690 Points 5k badge 2x thumb
Fes

I would open a case for that issue, in a failed state, if you can open the console in esxi and then go into the "ip" section of the cli and type "show" just to make sure the route table is correct, that would help.

ewc1.test.com# ip
ewc1.test.com:ip# show
                                                                                
RouteID    Dest Addr    Netmask    Next Hop       Topology      OverrideDynamic 
                                                                                
1          0.0.0.0      0.0.0.0    aaa.bbb.ccc.ddd    physical 1    on     

-Gareth
Photo of FES

FES

  • 1,360 Points 1k badge 2x thumb
yes the route is in the list

6          0.0.0.0       0.0.0.0          x.x.x.1    Administracion    on 

we use x.x.x.1 for the gateway.
its a strange behaviour
we dont have much time to open the case because the 802.1x valitation uses this interface, even so we will try to contact whith supprot stuff.

thanks