Cisco 2504 Wireless Controller and HA SSO Mode

Cisco wireless has several types of high availability. The most interesting to me, and the newest is the HA SSO mode. This mode bonds a WLC with a special HA Sku unit. The two units share their config and synchronize certain information tables to aid in seamless Access Point and Client Station transition in the event of a hardware failure of the primary unit. In addition to the seamless transition, the HA Sku unit is highly discounted price (since it doesn’t provide any services unless there is a switchover).

The capabilities of the HA SSO mode are dependent on the WLC Code you are running in your WLC. In my last post, I showed that the Internal DHCP Server Service had to be disabled before HA could be enabled. This impacted my deployment (for the time being) of HA at several hospitals.

According to Cisco Tac this limitation is resolved in WLC 8.0 code. So on to the testing!!!

I configured my home lab which is made up of two 2504 WLCs and upgraded them both to 8.0.100.0 code. After upgrading I proceeded to scratch my head and drag my knuckles because HA SSO didn’t seem possible!!! I could have sworn I had seen and heard that the 2504 WLCs could do the HA SSO and HA Sku in many Cisco Webinars! I read the release notes of 8.0 and searched the google machine. Nothing. Eventually with the help of V.N. from Cisco Tac, I discovered the truth!

The WLC 2504 is not capable of HA SSO mode! IT IS capable of using an HA Sku option giving the ability for small site deployments to have hardware redundancy at a low cost. BUT NOT the seamless transition of the AP and Client Station tables and association which allow a seamless transition in the event of a hardware failure.

This is how you enable it.

Screen Shot 2014-12-04 at 1.52.37 PM

First navigate to the Wireless Tab – Global Configuration Page. Add the IP and Host Names for the Primary and Secondary WLC. This is done on both the Primary and Secondary WLC. The settings are the same in both.

Screen Shot 2014-12-04 at 1.59.12 PM

Second enable the HA Sku on the Secondary WLC. This doesn’t cause an reboot like it does with the 5508s. It is a different process altogether.

Screen Shot 2014-12-04 at 1.59.26 PM

Here is the Secondary WLC AP License before the HA Sku is enabled. Notice it is 15 AP License.

WLC2504HAVerification

After the HA Sku is enabled the AP License count increases to 75 AP License. In the event of the Primary unit failing, the Secondary unit will take over all the AP(s). This is designed to be temporary and the Primary unit should be replaced or repaired.

Screen Shot 2014-12-05 at 12.48.10 PM

Since the HA Method is not HA SSO but rather N+1, you have to configure the Primary and Secondary Controllers in the High Availability Section of the AP Configuration. Note: Thank you V.N. at Cisco Tac for this Image. I will replace it with my own image at my next editing session.

Screen Shot 2014-12-05 at 12.44.37 PM

The Chart is from Cisco and it shows that the 2504 WLC can’t do the HA SSO mode. Disappointing.

So the bottom line? What do you get if you configure the WLC 2504 with this? You get to use the HA Sku Hardware. The AP(s) will go to their configured Secondary Controller as normal with N+1 redundancy in the event of a failure. Client Stations will still have to re-associate. It is not the seamless fail over that you can achieve with the HA SSO mode. Cisco provided a low cost means for local site hardware redundancy for the SOHO and Small Business deployments.

I will be testing this in the future with a client station to see what it might look like from an client association perspective.

If you wish to read more about HA from Cisco here is a link:

http://www.cisco.com/en/US/prod/collateral/wireless/ps6302/ps8322/ps10315/qa_c67-714540_ps2706_Products_Q_and_A_Item.html


Todd Smith
Wireless Network Engineer


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s