Wireless Controller Failure Detection

If a wireless controller fails, how does an AP detect that it’s no longer reachable? In this lesson, we’ll be taking controller failure detection, a mechanism used by APs to detect controller failure.

4.0 WLAN High Availability
 4.2 Design high availability for APs

First of all, let’s take a look at our topology above. Here, we’ve got two WLCs; MN-WLC01 and MN-WLC02. We then have a single AP; MN-AP01.

MN-AP01 is primed with MN-WLC01 as its primary controller and MN-WLC02 as its secondary.

In order for MN-AP01 to failover to MN-WLC02, it needs a mechanism of deciding when MN-WLC01 is no longer active. This is achieved using keepalive messages sent to the controller from the AP.

MN-AP01 will send keepalives to MN-WLC01 every 30 seconds by default. If the controller is online, it will respond to each keepalive.

If MN-AP01 doesn’t receive a response to a keepalive, its behaviour changes. Instead of waiting another 30 seconds to send another, the AP will escalate the test. This time, it will send an additional 4 keepalive messages at 3 second intervals. 

If the WLC responds to one of the additional keepalive messages, the AP will stay associated to the controller.

If there is still no response received from MN-WLC01, MN-AP01 will assume the controller has failed and look to associate to another controller.

Using the default timers, an AP can detect a WLC failure within 35 seconds. In certain environments, this still might be too slow. As such, the timers can be configured manually which we’ll look at in the next section. 

Now that we’ve got an understanding of how an AP uses keepalive messages, let’s look at how we can configure the timers. For this example I’ll be using AireOS.

The keepalive timers are configured globally and cannot be configured on a per AP basis.

1. Log into WLC

2. Navigate to Access Point Global Configuration

The global configuration can be modified by navigating to:

WIRELESS > Access Points > Global Configuration

The AP keepalive timer can then be amended by changing the AP Heartbeat Timeout setting under High Availability.

We can amend the timer to be anything between 10 and 30 seconds.