In this post we will see how to configure WLC mobility config via CLI. If you prefer GUI you can refer one of my previous post (Configuring Mobility on WLC).

Here is the basic setup. In Head Quarters (Mobility Group:HQ) is having two wireless controller WLC1 & WLC2. WLC1 is used for guest traffic termination & will put it in a different mobility Group called DMZ.  There is a branch office where you have WLC3 & it is in the Mobility Group named MO.

Mobility-CLI-01

Initially we will configure Mobility without using Multicast & then will use multicast for mobility communication. Diagram shows multiple controller in each mobility group, but in my test lab I do not have that many controllers, so has to go with 3 controller. Real advantage of Multicast is if you have multiple controllers in the same mobility group.

Configuration task wise you have to configure a mobility group name & then add mobility group members (local & non-local) in to the mobility list (or sometime refer as domain). Local group members are having same group name as your configuring WLC. Non-local group members are having a different group name to the group name of your configuring WLC.

You require to have WLCs MAC address & IP address information for the mobility configuration. So better to have this ready prior to your configuration. “show sysinfo” should give you the required output. Here is the info in my example

(WLC1) >show sysinfo 
System Name...................................... WLC1
IP Address....................................... 10.10.111.10
Burned-in MAC Address............................ 00:0B:85:43:D8:60
!
(WLC2) >show sysinfo
System Name...................................... WLC2
IP Address....................................... 10.10.112.10
Burned-in MAC Address............................ 00:0B:85:40:A1:C0
!
(WLC3) >show sysinfo 
System Name...................................... WLC3
IP Address....................................... 10.10.120.140
Burned-in MAC Address............................ 00:1B:D5:CF:E6:00

config mobility ? ” is the CLI command you need to use for the configuration. Here is how I configure mobility group name for a WLC & add members to the mobility list.

(WLC1) >config mobility ?              
dscp           Configures the Mobility inter controller DSCP value.
group          Configures the Mobility group parameters.
multicast-mode Configures the Multicast Mode for mobility messages
statistics     Resets the mobility statistics.

(WLC1) >config mobility group ?                     
anchor         Configures the Mobility WLAN anchor list.
domain         Configures the Mobility domain name.
keepalive      Keepalive ping parameters to be configured
member         Configures the Mobility group members list.
multicast-address Configures the Multicast IP Address for a mobility group

(WLC1) >config mobility group domain DMZ

(WLC1) >config mobility group member add ?               
<MAC addr>     Member switch MAC address

(WLC1) >config mobility group member add 00:0B:85:40:A1:C0 ?              
<IP addr>      Member switch IP address

(WLC1) >config mobility group member add 00:0B:85:40:A1:C0 10.10.112.10 ?              
<group name>   Optional member switch group name (if different from default group name)

(WLC1) >config mobility group member add 00:0B:85:40:A1:C0 10.10.112.10 HQ              
(WLC1) >config mobility group member add 00:1B:D5:CF:E6:00 10.10.120.140 BR

In WLC2 & WLC3 you can workout these are the CLI commands required.

(WLC2) >config mobility group domain HQ
(WLC2) >config mobility group member add 00:0B:85:43:D8:60 10.10.111.10 DMZ
!
(WLC3) >config mobility group domain BR
(WLC3) >config mobility group member add 00:0B:85:43:D8:60 10.10.111.10 DMZ

Now basic mobility configuration has been done. Once you “show mobility summary” you should be able to see the status of your configuration.

(WLC1) >show mobility summary 
Symmetric Mobility Tunneling (current) .......... Enabled
Symmetric Mobility Tunneling (after reboot) ..... Enabled
Mobility Protocol Port........................... 16666
Default Mobility Domain.......................... DMZ
Multicast Mode .................................. Disabled
Mobility Domain ID for 802.11r................... 0x43cd
Mobility Keepalive Interval...................... 10
Mobility Keepalive Count......................... 3
Mobility Group Members Configured................ 3
Mobility Control Message DSCP Value.............. 0

Controllers configured in the Mobility Group
 MAC Address        IP Address       Group Name                        Multicast IP     Status
 00:0b:85:40:a1:c0  10.10.112.10     HQ                                0.0.0.0          Up
 00:0b:85:43:d8:60  10.10.111.10     DMZ                               0.0.0.0          Up
 00:1b:d5:cf:e6:00  10.10.120.140    BR                                0.0.0.0          Up

In WLC2 you should see a output like this.

(WLC2) >show mobility summary 
Symmetric Mobility Tunneling (current) .......... Enabled
Symmetric Mobility Tunneling (after reboot) ..... Enabled
Mobility Protocol Port........................... 16666
Default Mobility Domain.......................... HQ
Multicast Mode .................................. Disabled
Mobility Domain ID for 802.11r................... 0x6b2f
Mobility Keepalive Interval...................... 10
Mobility Keepalive Count......................... 3
Mobility Group Members Configured................ 2
Mobility Control Message DSCP Value.............. 0

Controllers configured in the Mobility Group
 MAC Address        IP Address       Group Name                        Multicast IP     Status
 00:0b:85:40:a1:c0  10.10.112.10     HQ                                0.0.0.0          Up
 00:0b:85:43:d8:60  10.10.111.10     DMZ                               0.0.0.0          Up

In WLC3 “show mobility summary” output should looks like this.

(WLC3) >show mobility summary 
Symmetric Mobility Tunneling (current) .......... Enabled
Symmetric Mobility Tunneling (after reboot) ..... Enabled
Mobility Protocol Port........................... 16666
Default Mobility Domain.......................... BR
Multicast Mode .................................. Disabled
Mobility Domain ID for 802.11r................... 0xad23
Mobility Keepalive Interval...................... 10
Mobility Keepalive Count......................... 3
Mobility Group Members Configured................ 2
Mobility Control Message DSCP Value.............. 0

Controllers configured in the Mobility Group
 MAC Address        IP Address       Group Name                        Multicast IP     Status
 00:0b:85:43:d8:60  10.10.111.10     DMZ                               0.0.0.0          Up
 00:1b:d5:cf:e6:00  10.10.120.140    BR                                0.0.0.0          Up

You can change the Keepalive count, interval & DSCP value of mobility packets as follows. I leave it to default values shown it to the above output.

(WLC3) >config mobility group keepalive ?              
count          No of keep alive retries before a member status is termed DOWN              
interval       Interval between two keep alives sent to a mobility member

(WLC3) >config mobility group keepalive count ?            
<number>       Number in range of 3-20

(WLC3) >config mobility group keepalive interval ?               
<number>       Number in range of <1 - 30 seconds>, interval between two ping tries 
!
(WLC3) >config mobility dscp ?               
<dscp_value>   <0-63>

In the above method, each WLC will use unicast messages to communicate with each local group members & configured non-local group members. Since this mobility information needs to update each other very frequently this would become a processor intensive as each controller has to send multiple copies of the same message to different controller configured in mobility list.

Multicast communication would help in this regards as a given controller send only one copy of the mobility messages to configured multicast group address and all the controllers in same mobility group receive that message. You can configure multicast address for non-local group members as well. In my example WLC1 has two non-local group members & you can configure another multicast group address for this communication.

As per the diagram we will configure 239.11.11.11 for DMZ local group member communication in WLC1. We will use 239.12.12.12 for DMZ & HQ inter group mobility communication. Similar to that we will use 239.22.22.22 for WLC2 local-group mobility (ie members in HQ mobility group) communication & 239.33.33.33 for WLC3 local-group mobility communication (ie Members in mobility group MO). Also 239.13.13.13 for the mobility group MO & DMZ communication. Here how you configure this via CLI.

You can configure local group multicast communication using “config mobility multicast-mode {enable|disable} <local-multicast-address> ” CLI command.

(WLC3) >config mobility multicast-mode enable ?               
<local-multicast-address> Configures the Multicast IP Address for the local group.

(WLC3) >config mobility multicast-mode enable 239.33.33.33
(WLC2) >config mobility multicast-mode enable 239.22.22.22
(WLC1) >config mobility multicast-mode enable 239.11.11.11

You can configure multicast group for  non-local member communication as follows.

(WLC1) >config mobility group multicast-address ?              
<group_name>   Specify the Mobility Group whose Multicast IP Address is to be set

(WLC1) >config mobility group multicast-address HQ ?              
<ip_address>   Configures the Multicast IP Address for a mobility group

(WLC1) >config mobility group multicast-address HQ 239.12.12.12
(WLC1) >config mobility group multicast-address BR 239.13.13.13

(WLC2) >config mobility group multicast-address DMZ 239.12.12.12

(WLC3) >config mobility group multicast-address DMZ 239.13.13.13

It is important to remember that multicast mode to work you have to properly configure your L3 infrastructure to support multicast. Once you check show mobility summary you should see somthing like this.

(WLC1) >show mobility summary 

Symmetric Mobility Tunneling (current) .......... Enabled
Symmetric Mobility Tunneling (after reboot) ..... Enabled
Mobility Protocol Port........................... 16666
Default Mobility Domain.......................... DMZ
Multicast Mode .................................. Enabled
Mobility Domain ID for 802.11r................... 0x43cd
Mobility Keepalive Interval...................... 10
Mobility Keepalive Count......................... 3
Mobility Group Members Configured................ 3
Mobility Control Message DSCP Value.............. 0

Controllers configured in the Mobility Group
 MAC Address        IP Address       Group Name                        Multicast IP     Status
 00:0b:85:40:a1:c0  10.10.112.10     HQ                                239.12.12.12     Up
 00:0b:85:43:d8:60  10.10.111.10     DMZ                               239.11.11.11     Up
 00:1b:d5:cf:e6:00  10.10.120.140    BR                                239.13.13.13     Up

If you require to configure Auto Anchoring (for wired or wireless Guest traffic) you can do this via “config mobility group anchor {wlan|guest-lan} {wlan-id|guest-lan-id} {anchor-wlc-ip}” CLI command.

(WLC1) >config mobility group anchor add wlan ?              
<WLAN Id>      WLAN identifier between 1 and 512.

(WLC1) >config mobility group anchor add wlan 17 ?               
<IP addr>      Member switch IP address to anchor WLAN

(WLC1) >config mobility group anchor add guest-lan ?          
<Guest LAN Id> Guest LAN identifier between 1 and 5

(WLC1) >config mobility group anchor add guest-lan 1 ?              
<IP addr>      Member switch IP address to anchor WLAN

See “WLAN config via CLI- Part6” for Wireless Guest WLAN configuration via CLI.

You can refer complete list of 7.0.116.0 CLI commands via the below link.
Configure Mobility Commands

Related Posts

1. Configuring Mobility on WLC
2. Auto Anchor Mobility
3. WLAN config via CLI – Part6