Controller Based WLANs

 View Only
last person joined: one year ago 

APs, Controllers, VIA
Back to Library

How to configure VIA pools when MDs are in cluster or when multiple MDs are used? 

Aug 09, 2020 05:27 AM

Requirement:

 

VIA clients need to terminate on multiple MDs in a cluster.

With VIA deployment, clients will terminate on a particular MD and the MD will act as the gateway for the VIA client. 
Client traffic will be routed from the MD to the uplink core switch/Datacenter. 
For the return traffic towards the VIA clients/subnet, there needs to be a route pointing to the MD on the core switch. 



Solution:

 

When MDs are in a cluster or when multiple MDs are in use, the VIA pool on the MDs and return route on the uplink switch for VIA subnets need to be configured appropriately. 

Clustering is supported only for wireless clients and tunneled-node clients. 
Clustering is not supported for VIA clients. Hence the VIA clients will not get load balanced and there will be no session sync for VIA clients between the MDs. 

Configure separate networks for VIA clients for both the MDs by configuring separate VIA pool and configuring the return route on the core switch accordingly pointing to the proper MDs.

For example, if 10.1.1.0/24 is the network to be used for VIA clients, split the network and configure the VIA pool accordingly on both the MDs. 

On MD1: 

  • VIA pool: 10.1.1.1 to 10.1.1.126

On MD2:

  • VIA pool: 10.1.1.129 to 10.1.1.254

On Core Switch: 

  • 10.1.1.0/25 to MD1
  • 10.1.1.128/25 to MD2


Configuration:

On MD1:

ip local pool via 10.1.1.1 10.1.1.126

On MD2: 

ip local pool via 10.1.1.129 10.1.1.254

Note: This via pool will be mapped to the VIA user-role. 

For example: 

user-role default-via-role 
    via <via connection profile> 
    pool l2tp via

On the core/uplink switch of the MDs: 

ip route 10.1.1.0 255.255.255.128 <nexthop-MD1-IP address>

ip route 10.1.1.128 255.255.255.128 <nexthop-MD2-IP addresss>

Note: Alternatively OSPF can also be enabled on the MDs to advertise the VIA subnets to the uplink devices.



Verification

        
On MD1:    

(MD-1)#show vpdn l2tp configuration 

Enabled
Hello timeout: 30 seconds
DNS primary server: 1.1.1.1
DNS secondary server: 0.0.0.0
WINS primary server: 0.0.0.0
WINS secondary server: 0.0.0.0
PPP client authentication methods:
     PAP
     MSCHAP
     MSCHAPv2
IP LOCAL POOLS:
     via: 10.1.1.1 - 10.1.1.126

On MD2:

(MD-2)#show vpdn l2tp configuration 

Enabled
Hello timeout: 30 seconds
DNS primary server: 1.1.1.1
DNS secondary server: 0.0.0.0
WINS primary server: 0.0.0.0
WINS secondary server: 0.0.0.0
PPP client authentication methods:
     PAP
     MSCHAP
     MSCHAPv2
IP LOCAL POOLS:
     via: 10.1.1.129 - 10.1.1.254

Statistics
0 Favorited
7 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.