Cisco 9800 Wireless 2025 – High Availability with Nexus 9K


Nexus-Core-1
feature vrrp
cfs eth distribute
feature interface-vlan
feature lacp
feature vpc

vlan 1,7-8
vlan 7
  name MGMT
vlan 8
  name WLC_MGMT

vrf context management
vpc domain 777
  role priority 10
  peer-keepalive destination 169.1.1.2 source 169.1.1.1

interface Vlan8
  no shutdown
  ip address 192.168.8.2/26
  vrrp 8
    priority 254
    address 192.168.8.1
    no shutdown

interface port-channel11
  switchport mode trunk
  switchport trunk native vlan 8
  vpc 11

interface port-channel12
  switchport mode trunk
  switchport trunk allowed vlan 1,7-10
  spanning-tree port type network
  vpc peer-link

interface port-channel13
  switchport mode trunk
  switchport trunk native vlan 8
  vpc 13

interface Ethernet1/1
  description ***VPC-PEER-LINK***
  switchport mode trunk
  switchport trunk allowed vlan 1,7-10
  channel-group 12 mode active

interface Ethernet1/2
  description ***VPC-PEER-LINK***
  switchport mode trunk
  switchport trunk allowed vlan 1,7-10
  channel-group 12 mode active

interface Ethernet1/3
  description ***VPC-PEER-LINK***
  switchport mode trunk
  switchport trunk allowed vlan 1,7-10
  channel-group 12 mode active

interface Ethernet1/4
  switchport mode trunk
  switchport trunk native vlan 8
  channel-group 11 mode active

interface Ethernet1/5
  switchport mode trunk
  switchport trunk native vlan 8
  channel-group 13 mode active

interface mgmt0
  vrf member management
  ip address 169.1.1.1/30

Nexus-Core-2
feature vrrp
cfs eth distribute
feature interface-vlan
feature lacp
feature vpc

vlan 1,7-8
vlan 7
  name MGMT
vlan 8
  name WLC_MGMT

vrf context management
vpc domain 777
  role priority 20
  peer-keepalive destination 169.1.1.1 source 169.1.1.2

interface Vlan8
  no shutdown
  ip address 192.168.8.3/26
  vrrp 8
    priority 150
    address 192.168.8.1
    no shutdown

interface port-channel11
  switchport mode trunk
  switchport trunk native vlan 8
  vpc 11

interface port-channel12
  switchport mode trunk
  switchport trunk allowed vlan 1,7-10
  spanning-tree port type network
  vpc peer-link

interface port-channel13
  switchport mode trunk
  switchport trunk native vlan 8
  vpc 13

interface Ethernet1/1
  description ***VPC-PEER-LINK***
  switchport mode trunk
  switchport trunk allowed vlan 1,7-10
  channel-group 12 mode active

interface Ethernet1/2
  description ***VPC-PEER-LINK***
  switchport mode trunk
  switchport trunk allowed vlan 1,7-10
  channel-group 12 mode active

interface Ethernet1/3
  description ***VPC-PEER-LINK***
  switchport mode trunk
  switchport trunk allowed vlan 1,7-10
  channel-group 12 mode active

interface Ethernet1/4
  switchport mode trunk
  switchport trunk native vlan 8
  channel-group 13 mode active

interface Ethernet1/5
  switchport mode trunk
  switchport trunk native vlan 8
  channel-group 11 mode active

interface mgmt0
  vrf member management
  ip address 169.1.1.2/30

Verify the configuration
Nexus-Core-1# show vpc
Legend:
                (*) - local vPC is down, forwarding via vPC peer-link

vPC domain id                     : 777
Peer status                       : peer adjacency formed ok
vPC keep-alive status             : peer is alive
Configuration consistency status  : success
Per-vlan consistency status       : success
Type-2 consistency status         : success
vPC role                          : primary
Number of vPCs configured         : 2
Peer Gateway                      : Disabled
Dual-active excluded VLANs        : -
Graceful Consistency Check        : Enabled
Auto-recovery status              : Disabled
Delay-restore status              : Timer is off.(timeout = 30s)
Delay-restore SVI status          : Timer is off.(timeout = 10s)
Operational Layer3 Peer-router    : Disabled
Virtual-peerlink mode             : Disabled

vPC Peer-link status
---------------------------------------------------------------------
id    Port   Status Active vlans
--    ----   ------ -------------------------------------------------
1     Po12   up     1,7-8

vPC status
----------------------------------------------------------------------------
Id    Port          Status Consistency Reason                Active vlans
--    ------------  ------ ----------- ------                ---------------
11    Po11          up     success     success               1,7-8
13    Po13          up     success     success               1,7-8

Nexus-Core-2# sho vpc
Legend:
                (*) - local vPC is down, forwarding via vPC peer-link

vPC domain id                     : 777
Peer status                       : peer adjacency formed ok
vPC keep-alive status             : peer is alive
Configuration consistency status  : success
Per-vlan consistency status       : success
Type-2 consistency status         : success
vPC role                          : secondary
Number of vPCs configured         : 2
Peer Gateway                      : Disabled
Dual-active excluded VLANs        : -
Graceful Consistency Check        : Enabled
Auto-recovery status              : Disabled
Delay-restore status              : Timer is off.(timeout = 30s)
Delay-restore SVI status          : Timer is off.(timeout = 10s)
Operational Layer3 Peer-router    : Disabled
Virtual-peerlink mode             : Disabled

vPC Peer-link status
---------------------------------------------------------------------
id    Port   Status Active vlans
--    ----   ------ -------------------------------------------------
1     Po12   up     1,7-8

vPC status
----------------------------------------------------------------------------
Id    Port          Status Consistency Reason                Active vlans
--    ------------  ------ ----------- ------                ---------------
11    Po11          up     success     success               1,7-8
13    Po13          up     success     success               1,7-8

Verify the WLC config

9800CL-1#

vlan 8
 name WLAN_MGMT
!
interface Port-channel11
 switchport trunk native vlan 8
 switchport trunk allowed vlan 8
 switchport mode trunk
 no mop enabled
 no mop sysid
!
interface GigabitEthernet1
 description **VPC LINK***
 switchport trunk native vlan 8
 switchport trunk allowed vlan 8
 switchport mode trunk
 negotiation auto
 no mop enabled
 no mop sysid
 channel-group 11 mode active
!
interface GigabitEthernet2
 description **VPC LINK***
 switchport trunk native vlan 8
 switchport trunk allowed vlan 8
 switchport mode trunk
 negotiation auto
 no mop enabled
 no mop sysid
 channel-group 11 mode active
!
interface Vlan8
 ip address 192.168.8.10 255.255.255.192
 no mop enabled
 no mop sysid
!
ip route 0.0.0.0 0.0.0.0 192.168.8.1

9800CL-2#

vlan 8
name WLAN_MGMT
!
interface Port-channel13
switchport trunk native vlan 8
switchport mode trunk
no mop enabled
no mop sysid
!
interface GigabitEthernet1
switchport trunk native vlan 8
switchport mode trunk
negotiation auto
no mop enabled
no mop sysid
channel-group 13 mode active
!
interface GigabitEthernet2
switchport trunk native vlan 8
switchport mode trunk
negotiation auto
no mop enabled
no mop sysid
channel-group 13 mode active
!
interface Vlan8
ip address 192.168.8.20 255.255.255.192
no mop enabled
no mop sysid
!
ip route 0.0.0.0 0.0.0.0 192.168.8.1
!

Test IP connectivity between the WLCs and VRRP IP 192.168.8.1


Configure high availability between the 9800 WLC

Verify the chassis status. By default the Cisco 9800 chassis number is 1 and the priority is 1.

9800CL-1#

9800CL-2#


On the Cisco 9800-CL Interface GigabitEthernet3 is used as the RP port.

9800CL-1#

9800CL-2#

Reload the controllers

Change the device priority and renumber on the 9800 WLCs
  1. Change the priority on 9800CL-1 to 2. The highest priority will be come the primary WLC.

2. Renumber 9800CL-2 to chassis 2.

3. Reload both devices.

As the device boots you’ll easily identify that the second 9800 is chassis #2

4. Once the devices are online verify that the changes were made.


Configure HA

9800CL-1

conf t
redun-management interface Vlan8 chassis 1 address 192.168.8.12 chassis 2 address 192.168.8.11

9800CL-2

conf t
redun-management interface Vlan8 chassis 1 address 192.168.8.12 chassis 2 address 192.168.8.11

On controller reboot

9800CL-2

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.