Wireless Access

Hi folks,

I'm interested to hear how people have implemented failover in environments where the client IP ranges differ between the two controllers.

For example:

We have two buildings - Building 1 and Building 2. There is no layer 2 link between the buildings and all traffic is routed.

Building 1's wireless client VLAN is 192.168.1.0/24

Building 2's wireless client VLAN is 192.168.2.0/24

Client A is connected to the wireless in Building 1 with IP address 192.168.1.12 when all APs fail over to their backup controller. Now client A is sitting in Building 2's client VLAN with an invalid IP address.

The obvious solution I can think of is to configure named VLANs and source NAT the foreign client VLAN on each controller. However my customer is not too happy about using NAT.

Have any of you good people come up with inventive solutions to this problem?

During a HA failover, a deauth is sent to all of the clients on the AP, so that should make them renew their ip address...

My solution isn't as simple as I'd like, but my users don't notice when failovers occur, so it's worth mentioning:

We tunnel all client traffic from the local controller at each warehouse to the datacenter controller-pair and drop them off in a VLAN at the datacenter. When the AP in Warehouse A fails to the controller in the datacenter, the client VLAN is still available and the client just keeps working.

Troubleshooting or isolating a user's traffic for analysis is at least ten-times harder this way, but the failover doesn't break the telnet sessions my users depend on.

msabin,

Could you please submit a rough topology so that the op understands?

You had to ask...

My design drawing was way out of date, so here's a quick re-draw: