Cisco Catalyst 9800-CL – High Availability

Everyone wants high availability with their infrastructure. With Catalyst 9800 wireless LAN controller capable of being installed as a virtual machine, do you really need high availability?

I’d be nervous to have all my virtual machines on a single host. If that host failed, you lose everything. In regards to the Catalyst 9800-CL wireless LAN controller, we have the ability to configure two instances in high availability with stateful switchover.

High availability (HA) will provide minimal downtime for the wireless controllers. In this configuration, there will be an Active and Standby wireless controller.

Stateful switchover allows access points to establish a CAPWAP tunnel to the Active controller. The Active controller will copy a database of joined access points to the Standby wireless controller. Additionally, a client database is copied to the Standby wireless controller.

In summary, when the Active wireless controller fails, the Standby takes over with the access points and clients still connected seamlessly. The access points will not go into a Discovery state and clients will not get disconnected.

When deploying the Catalyst 9800-CL, there are three interfaces binded in the configuration. The third interface, GigabitEthernet3, is used as the dedicated Redundancy Port (RP).

This post describes configuring High Availability for the Catalyst 9800-CL in VMware ESXi 6.7.

Restrictions

There are some restrictions to keep in mind before configuring High Availability:

• Keep the VMs on the same platform (ESXi, KVM, AWS, etc)
• Both VMs are running the same version of software
• Both VMs are running in the same installation mode
• The IP addresses of the Redundant Port should be on the same subnet
• Both devices have their own wireless management interface
• Wireless management interface of both VMs must be in the same subnet
• Both VMs should have the same CPU, memory, and hard disk

Connecting the Redundancy Port to a vSwitch

The RP on each Catalyst 9800-CL should be connected to their own vSwitch.

I’m running VMware ESXi 6.7. The first thing we need to do is create a vSwitch for the purposes of connecting the Redundancy Ports. For this demo, I’ll be configuring High Availability on a single host.

INSERT DIAGRAM ON VSWITCH AND REDUNDANT PORT NETWORK

Go to Networking -> Virtual switches -> and click on Add standard virtual switch

Give the vSwitch a name and click Add.

Edit the settings for each 9800-CL virtual machine and change the network interface for the RP to use the newly created vSwitch.

Redundancy and stateful switchover is already enabled in the configuration by default. We just need to set up the communications between the two wireless controllers.

I’m assuming you already have two 9800-CL configured and all you need to do is set up High Availability.

CLI

On wireless controller that will be your primary Active controller we configure the HA interface. The syntax is as follows:

Chassis redundancy ha-interface <rp-port> local-ip <local-ip-of-vm> <subnet-mask> remote-ip <ip-of-standby-vm>

chassis redundancy ha-interface GigabitEthernet2 local-ip 192.168.1.1 255.255.255.0 remote-ip 192.168.1.2

<rp-port> – The interface that is the Redundancy Port
<local-ip-of-vm> – The redundancy IP address of the VM you’re currently configuring.
<subnet-mask> – The subnet mask for the IP above
– The redundancy IP address of the Standby VM

Save the configuration and reboot the wireless controller.

Once the reboot process is complete, head over to your standby wireless controller.

We’ll run the same chassis redundancy command but swap the IP addresses.