Wireless Access

Hi, all,

   We would like to know what will the effect on APs when connection betweeen Master and Backup Master Failed:

We have two sites,

Site A;

1 master and 1 local controller, and some APs connected to local controller.

Site B:

1 Master backup and 1 local controller, and some APs connected to local controller.

Site A are connected Site B via one Metro E.

So if the connection between Site A and Site B are broken,i.e. both site becomes isolated,  the master controllers will come active, and the Site B local controller will failover to Master Backup on Site-B.

We would like to know what will happen when the connections resumed subsequently? Will it cause issues for local controller and AP on site-B?

Thank you for the help!

Failover only happens when the connection between an access point and the controller it is on currently on is broken.  Controllers losing contact with each other does not trigger a failover.

I think you have mis-understand my question. I should state the question as follow.

If you siteA - SiteB connection is broken, the backup-master become active, and the local controller on site-B will contact backup-master as it cannot access to the active-master in Site-A.

So my quesiton is what will be happens when the connection between the two sites resumed again?

regards,

Wilson

The requirement for the backup master is that it needs to be on the same layer 2 vlan as the master.  Are you saying that two different sites have the same VLAN?

Yes, a commond VLAN is been set across the sites.

A Master and Backup Master need to be in the same subnet to work.  Are you saying you have the same subnet at two sites?

Yes, both in sam subnet and same VLAN.

This may not be part of your question, but if you have a connectivity issue between the two sites and the master and backup master cannot see each other, they will both think that they are the master.  Typically a master and backup master are at the same site to avoid that situation.

Colin, understand what you are saying! My question is what will happen after the connection were resumed? Will the local on siteB fallback to mater in SiteA?

Do you have the locals pointed to the VRRP between the master/backup pair?

Yes, Locals are pointed to VRR between the master/backup pari.

It is possible to configure your controllers the way you have it, but it is bad for day-to-day troubleshooting.  You should not run a VRRP between devices that are phyisically in two different sites, because if there are any connectivity issues between them, they will both think that they are the master.  When the outage is restored, they will have to try to negotiate who is the master and who is not and that will create a potential issue.  Instead of a solution, it introduces a problem.  It is better to have a single master/backup master cluster at each site and have the access point at each site point to a VRRP local to that site.  In your existing configuration, it will be difficult to support, because the connection between the local controller and the master, and then the connection between the access points and the controllers, and then the connection between the clients and the access points will need to be troubleshot if there is an issue.

To answer your beginning question, if there is problem with a local controller connecting to a master, two things could stop happening:

- ARM calculations will not be completed, because only the master makes ARM calculations

- If you have a guest database that is on the master, guests will no longer be able to authenticate.

Typically if you are authenticating using Radius, the radius authentication comes directly from the local controller that the access point is connected to, so that authentication will continue to function if the local is no longer connected to the master controller.

I hope that helps.

Colin,

   Thank you for the insight! So what is your suggestions in this configuration? Should we use Master Cluster architecture? If using the master cluster architecture, what information will be synchronized between masters in the cluster? The configuration in the masters will also be synchronized?

Can I ask why you want to have a master at each location?

If I was worrying about reduncancy in the event of a severed link between location, the Local in location B will happily continue to serve clients until the link is restored (excepting possible guest DB connects etc.)

The only potential value for site B I can see for having a master present would be for configuration changes needed during the outage - do you have that many changes required?

Matt,

The reason that we are looking at the master cluster solutions is we have total 4 controller, each sites can have 2 controller.

Each site can operate independly without having aps in siteB contact the master controller in siteA,  in case of local controller failure.

So my question will be, in a master cluster setting, what configuration will be sychronized among the masters?

Whichever elects as the master and takes over the VRRP IP, that is where the locals will direct to upon recovery. The risk you have then, in that scenario, is if the master VRRP is broken and changes are made on one master and not the other, you could have config sync issues. As such, you have to make sure that when you make changes that said link is not down (ala run a 'show switches' before making changes).