WLC 9800 - Mobility-SSO

Wireless
1

Would someone kindly confirm how the “mobility-mac-address” is configured on the WLCs in a HA set up.

My understanding is that the mobility mac address is automatically populated when SSO is turned on for the WLC. However, the mobility mac address must be the same on each participating WLC.
The question is which common mac address should be used - I suspect it is the mobility mac address of the currently active WLC in the HA group - correct?

Here are the commands I have at my disposal:

show wireless mobility summary 
(config) wireless mobility mac-address aaaa:bbbb:cccc

PS. This requirement apparently stems from the need to preserve the integrity of the AP-2-WLC communications via CAPWAP during an SSO transition. If the mobility mac address is not common to both WLCs, then the CAPWAP tunnel will fail. At least this is my understanding from the Cisco docu and the WLC 9800 TSHOOT book.

Screenshot (5929)
Screenshot (5929)1920×1080 132 KB

Screenshot (5926)
Screenshot (5926)1920×1080 92 KB

Screenshot (5927)
Screenshot (5927)1920×1080 144 KB

2

Hello Sandro

Indeed, your understanding of the issue is quite good. Documentation is not clear as to which address should be used, but some users’ experience and some Cisco community forums seem to indicate that the MAC of the active WLC in the HA group should be used. Essentially, the wireless mobility mac-address command just ensures that the mobility MAC address will not change during failover and remains hardwired.

And yes, the address should be the same on both controllers to ensure CAPWAP tunnels don’t break during a failover. If left unconfigured, auto-generated addresses may change after failover, causing issues. Manual configuration ensures stability.

I hope this has been helpful!

Laz

1 Like
3

Thanks Lazarus - very helpful as always.:+1:

1 Like