Tags
In this post we will see how to configure “new mobility” feature on a legacy controller to communicate with a NGWC (like 5760/3850/3650). As shown in the below topology there are two WLCs (5760 & 5508) used in my test setup.
If you are familiar with the mobility between legacy controllers they use UDP port 16666 for Mobility Control messages & EoIP for Mobility Data Messages between controllers. Here is two packet captures between two 5508 within a mobility group.
Here is a data Mobility data packet
If you want to add a Next Gen Wireless Controller (eg 5760/3850/3650) into existing CUWN environment, you have to enable a feature called “New Mobility” on your legacy controllers (5508,2504, WiSM2) if you want client to roam between these controllers. This feature will simply change EoIP mobility tunnel to UDP 16667 mobility tunnel for inter-controller data plane traffic. Since a single controller cannot have both EoIP & UDP16667 tunnels you have to choose one method.
1. Flat Mobility (EoIP for Inter controller Data plane traffic ) : NGWC is not understand this protocol, So you cannot integrate NGWC to your exising CUWN environment (Roaming won’t work between these controllers)
2. Hierarchical Mobility or New Mobility (UDP 16667 for Inter controller Data plane traffic ) : You could have NGWC & Legacy controllers in same mobility domain & roaming working between those controllers.
We will use a 5508 controller to enable this feature.This feature available only on 7.3.112.0, 7.5.102.0 or anything above 7.6.x Releases. Here is the “show mobility summary” output of 5508 prior to configuring this new mobility feature. 5508 is configured with mobility domain “BUN-1”
(5508-1) >show mobility summary Mobility Protocol Port........................... 16666 Default Mobility Domain.......................... BUN-1 Multicast Mode .................................. Disabled Mobility Domain ID for 802.11r................... 0xd3ca Mobility Keepalive Interval...................... 10 Mobility Keepalive Count......................... 3 Mobility Group Members Configured................ 1 Mobility Control Message DSCP Value.............. 0 Controllers configured in the Mobility Group MAC Address IP Address Group Name Multicast IP Status 50:57:a8:bb:bd:60 10.160.33.1 BUN-1 0.0.0.0
Now let’s change the mobility architecture to First of all you need to enable this new mobility feature on 5508.
(5508-1) >config mobility ? dscp Configures the Mobility inter controller DSCP value. group Configures the Mobility group parameters. multicast-mode Configures the Multicast Mode for mobility messages new-architecture Configure the controller to switch between old and new mobility architecture. statistics Resets the mobility statistics. (5508-1) >config mobility new-architecture ? enable Configure the controller to switch to new mobility architecture. disable Configure the controller to switch to old mobility architecture. (5508-1) >config mobility new-architecture enable Enabling new-mobility would change mobility architecture from old to new(Converged Access) !!! Configuration changes will be saved and System will be rebooted. !!! Are you sure you want to continue? (y/n) y The system has unsaved changes. Configuration saved! System will now restart!
Once it rebooted you can verify the “New Mobility” Feature is enabled on 5508.
(5508-1) >show mobility summary New Mobility (Converged Access).................. Enabled Mobility Protocol Port........................... 16666 Default Mobility Domain.......................... BUN-1 Multicast Mode .................................. Disabled DTLS Mode ....................................... Enabled Mobility Domain ID for 802.11r................... 0xd3ca Mobility Keepalive Interval...................... 10 Mobility Keepalive Count......................... 3 Mobility Group Members Configured................ 1 Mobility Control Message DSCP Value.............. 0 Mobility Oracle.................................. Disabled Mobility MC public IP ........................... 10.160.33.1 Mobility Oracle IP address ...................... 0.0.0.0 Controllers configured in the Mobility Group IP Address Public IP Address Group Name Multicast IP MAC Address Status 10.160.33.1 10.160.33.1 BUN-1 0.0.0.0 50:57:a8:bb:bd:60 Up
Now you can add 5760 as mobility member of 5508.
(5508-1) >config mobility group member add 10.160.49.1 ?
group-name Optional member switch group name (if different from default group name)
mac-address It is recommended to add mac for old-new compatibility, however Optional member switch MAC address.
public-ip-address Optional member switch public IP address
(5508-1) >config mobility group member add 10.160.49.1 group-name ?
<group-name> Optional member switch group name (if different from default group name)
(5508-1) >config mobility group member add 10.160.49.1 group-name BUN-1 ?
public-ip-address Optional member switch public IP address
mac-address It is recommended to add mac for old-new compatibility, however Optional member switch MAC address.
(5508-1) >config mobility group member add 10.160.49.1 group-name BUN-1
You have to add 5508-1 as a mobility member for 5760 as well
5760-1(config)#wireless mobility group member ip 10.160.33.1 group BUN-1
Once you do this you will see mobility is established between 5760 & 5508
5760-1#show wireless mobility summary Mobility Controller Summary: Mobility Role : Mobility Controller Mobility Protocol Port : 16666 Mobility Group Name : BUN-1 Mobility Oracle : Disabled Mobility Oracle IP Address : 0.0.0.0 DTLS Mode : Enabled Mobility Domain ID for 802.11r : 0xd3ca Mobility Keepalive Interval : 10 Mobility Keepalive Count : 3 Mobility Control Message DSCP Value : 48 Mobility Domain Member Count : 2 Link Status is Control Link Status : Data Link Status Controllers configured in the Mobility Domain: IP Public IP Group Name Multicast IP Link Status ------------------------------------------------------------------------------- 10.160.49.1 - BUN-1 0.0.0.0 UP : UP 10.160.33.1 10.160.33.1 BUN-1 0.0.0.0 UP : UP
Now if you look at a packet capture of 5508 connected switch port you would see something like below. Still inter-controller mobility CONTROL packet use UDP 16666 where as inter-controller mobility DATA packet using UDP 16667.
As you can see below, now 5508 using UDP 16667 instead of EoIP.
If you configure Mobility oracle (MO) feature, then that use UDP 16668 port for its mobility communication.In a future post we will see how a client roam work between these two controller setup.
Here is the reference white paper I found very useful in this converged access deployments.
Converged Access- Wired/Wireless System Architecture, Design & Operation.
mrn-cciew 
Dear Nayarasi,
are the two WLCs in your example providing separate AP licenses to their atached APs, or do all the AP licenses have to reside on the 5760 MC ?
Thank you.
best regards
Andreas
Yes, AP license on these two model (5508 vs 5760) is different. If AP register to 5508 then you have to have license on 5508. If AP register to MA/MC-5760 then 5760 should hold license.
HTH
Rasika
Hi Nayarasi,
Quick question, I understand a 5508 can run new mobility, but I cannot figure out how to add the MA to the controller. I know the 5760 is the new platform, but can the 5508 run as an MC to a MA on New mobility withough the 5760??? Trying to implement Converged access at a client’s that only has 5508s.
I would not suggest move in that path. MC functionality on AireOS controller will no longer supported in 8.1.x or 8.2.x, so customer will face problem in future.
I would suggest use a 3850 stack as MC rather than 5508.
Here is a good Ciscolive presentation to go through on this topic
Click to access BRKEWN-2022.pdf
In case you need to do this with 5508, first you have to enable new mobility feature on your 5508 and then add MAs. This post can give some guideline on enabling new mobility on 5508
https://mrncciew.com/2014/05/06/configuring-new-mobility/
HTH
Rasika
Hi Tank you for this good information !
I have cisco 4402 wireless controller and 5760 wireless controller. If i upgrade cisco 4402 to version 7.0.252.0 can i configure it for mobility group with cisco 5760.
No, “new mobility” will not support on 7.0.x codes.
Since Cisco also not going to invest integration between AireOS and IOS-XE based controllers, best is not to mix these two platform types in your network.
HTH
Rasika
Excellent post
Thank you David, You may aware, that converged access is dead now. So “new mobility” is no longer provide much value.
Rasika
Hi Sir Nayarasi,
Could you please tell me how can we check mobility mac on Cisco WLC 5760 controller? I am creating mobility between Cisco WLC 5520 and 5760. But unable to get mobility mac on cisco wlc 5760.
Thank You.
“show wireless mobilty summary” is the CLI command.