Wireless Access

I need to connect 4 active local M3 controllers to a backup controller all on the same switch.  I would like to use VRRP such that the backup controller is the standby unit for 4 VRRP instances.  I am doing this so I can have hitless failover when any one active controller fails.  Can an M3 controller scale to be the VRRP standby for 4 other controllers?  Can it maintain all the state information assuming the other 4 controllers are loaded to 75%?  Any insights would be appreciated.

 

Thanks.

You would have better results making that controller the backup lms for all those other controllers. Vrrp is good but backup lms requires much less configuration and similar fail over.

In general, I agree.  However, in my case I need to provide hitless failover, that is affected users do not have to reassociate.   If I can provide a hitless failover using backup lms only, then I would do it. Is it possible?

 

Thanks

Yes, as long as the backup controller puts the users on the same layer2 vlan you can accomplish this.

 

I can extend the VLANs to the backup controller and use the same VLAN assignment rules.  But  if I use backup lms, are the Pairwise Master Keys for user encryption and other required state information shared with the backup controller?  Would this be done via the Master Controller?

 

Thanks.

For well-behaved applications like web browsing and email, this works very well.  I have never tested this with voice, but I don't expect it to work well  or even at all during a call.

 

802.1x clients perform the best and they take between 7 and 30 seconds to fail over, depending.

 

With regards to the PMK, it is not much different than having a client roam to another access point, so it works fairly well.  If you bridge clients to the same VLAN, the ARP table does not have to change, etc.

 

 

This is very good news for me.  Thank-you.