Controller connectivity

susim · ‎06-20-2023

Hi,

In the below design guide explains only layer 2 connectivity ( wlc to the upstream switch )

https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-campus-lan-wlan-design-guide.html

Please guide layer 3 implementation for the same

Thanks

Gaurav Kansal · ‎06-21-2023

Dear Susim,

Please go through this link. Hope you found some information needed.
https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/16-12/config-guide/b_wl_16_12_cg/m_config-wmi.html

GoodLuck..

jagan.chowdam · ‎06-21-2023

Refer the Wireless management IP addressing section from the following c9800 best practices guide.

https://www.cisco.com/c/en/us/products/collateral/wireless/catalyst-9800-series-wireless-controllers/guide-c07-743627.html#WirelessmanagementIPaddressing

CJ

Rasika Nayanajith · ‎06-21-2023

WLC act as a L2 device, in that way you should have SVI for wireless management on a upstream switch and WLC need to trunk back to upstream switch.

HTH
Rasika
*** Pls rate all useful responses ***

susim · ‎06-21-2023

Hi @Rasika Nayanajith

The above solution given by consultant . So far my implementation was like you said .

Previously, my implementation consisted of a distribution switch and core switch configuration. However, it has now transitioned to a collapsed core architecture based on your recommendation. The consultant's suggestion aligns with this approach, advocating for routing functionality to be centralized solely in the collapsed core.

Can you please advise on the above topology

Thanks

Rasika Nayanajith · ‎06-22-2023

It is not possible to have /30 L3 links for WLC connectivity. It must be Trunk link which connect WLC & upstream switch. Here are the supported setup for SSO. That upstream switches should support VSS/vPC or HSRP in order to make it work.(red links are trunk links in below diagram)

Here is the good Ciscolive presentation if you like to go through WLC high availability configurations. You can watch recorded session from ciscolive.com (can create free account if you don't have one yet)
https://www.ciscolive.com/c/dam/r/ciscolive/global-event/docs/2022/pdf/BRKEWN-2846.pdf

HTH
Rasika
*** Pls rate all useful responses ***

susim · ‎06-24-2023

Hi,

Thank you for your valuable suggestions.I know that I can trust and rely on the advice of Mr. @Rasika Nayanajith . There is no need for hesitation or doubt when considering his guidance.
Although I have conducted some experiments, such as implementing an L3 link between the WLC and the core, as per the earlier posted topology..."
All the ssid gateway's are on the wlc
static route made from core to vlans(ssid) to the wlc

So far accesspoints are registering (AP's are in local mode ) and ssid's are working as expected
It would be a great help if you can brief about the pros and cons for this approach
I would have a better understanding .

Thanks a million

Rasika Nayanajith · ‎06-25-2023

I believe you got a 9800 as WLC, is that really SSO pair ? Which interface is the WMI, typically that is the only SVI interface recommend to have on 9800. Refer following best practices

https://www.cisco.com/c/en/us/products/collateral/wireless/catalyst-9800-series-wireless-controllers/guide-c07-743627.html#Generalcontrollersettings

Even though you can configure 9800 like a normal L3 switch, in the WLC context it is not acting as a L3 switch. You may encounter ARP/Asymmetric path routing/etc.

Since I have not tested what you are doing, cannot comment what are all pro/cons

HTH
Rasika
*** Pls rate all useful responses ***

Leo Laohoo · ‎06-25-2023

@susim wrote:
Although I have conducted some experiments

Configuring the 9800 as a Layer 3 - That is a very dangerous precedence. Please share why (or what) is the business case to allow the 9800 to participate in the routing process because the machine may not have enough memory &/or CPU.
This may work in a lab (or experiments), demo or in really small network sizes but it may have difficulties scaling in large to enterprise sized networks.