- Integrated Systems
- About Us
- Integrated Systems
- About Us
10-18-2012 07:17 AM - edited 10-18-2012 07:18 AM
I am trying to figure out if I should team my MSM765 controllers or use one as hot or cold standby.
My network configuration is fairly simple compared to what the units are really capable of, which - when I read the docs - may be cause for my confusion.
I have an overall admin VLAN (1) which I use for PCM to access all switches on the network, including the MSM765 through the internet port on the 765.
Then I have a "wireless control" VLAN (207) which extends from the LAN port on the MSM765 to a bunch of MSM410s, i.e. VLAN 207 is untagged on the APs, so that discovery and AP DHCP happens in this VLAN.
My VSCs tells the AP to direct user traffic to VLAN 107, which is tagged on the AP. At the other end is a firewall to the internet. At some locations I employ WPA2 and at other locations the network is open. Either way, you just get access to the internet. I don't use radius servers or any other advanced authentication.
Until recently I have had only one MSM765 controller, but when it suddenly - after months of silent operation - started being unreachable in PCM (warnings only - it's still there), I got myself a spare MSM765 just in case the first one should crash.
At first I figured I'd simply place the two 765s in different 5406zl racks and team them up, but this would disable DHCP on my VLAN 207, so I would need a separate DHCP server for the APs. Doable, sure, but not so pretty.
Right now I am considering making the second MSM765 a carbon copy of the operating one, and simply store it for replacement, should the first one crash. But of course, I could also "hot store" the identical 765 in the 5406zl rack, ready to be enabled.
So the question really boils down to the matter of downtime. If my MSM765 crashes, will the MSM410 still operate, given that I only use (worst case) WPA2 as described above?
If the MSM410s will still operate and the users will not be affected by a temporarily missing controller, I could in fact justify cold storing the spare MSM765.
Solved! Go to Solution.
10-20-2012 02:12 AMSolution
When in controlled mode (like yours are), the MSM APs will continue to operate idependently of the controller. The AP doesn't care if the controller is there or not - it will continue operating with whatever settings it currently has, until it is powered off.
- Any function that has the controller in the pathway will obviously not work: eg controller is proxy for 802.1x, AD auth
- captive portal/access control is tunnelled to the controller - this can't work if the controller is not available
- Mobility traffic manager (MTM) needs to tunnel to the controller and can't work if the controller is not available
- can't update or change AP configs untith the controller is contactable again,
Note that teaming is probably more about scalability rather than availability. There are a few features that disappear or have reduced fuctionality when teaming - eg DHCP. Teaming does licensing better than active/standby.