When an AP has completed the staging process and joined a wireless LAN controller, it needs to maintain the connection to the wireless LAN controller to remain functional.
If the wireless LAN controller fails, it could mean dozens of access points may drop off the the network, likewise if a group of access points lose connectivity to the wireless LAN controller it will mean no wireless clients can be served by those access points.
A Cisco access point can discover multiple controllers. If the joined wireless LAN controller becomes unavailable for any reason, it can switch and join the next least loaded controller by sending a CAPSMAN Join request to it.
It can be important to preconfigure wireless access points with primary, secondary, and tertiary controllers so it is predictable where they will switch to in the event of a connectivity failure to a wireless LAN controller. If not, there may be lots of controllers all attempting to join the next-discovered wireless LAN controller after a failover, and may cause disruption in the network if it fills the capacities of those wireless LAN controllers with unplanned join requests.
When an access point joins a controller, it will send keep alive requests every 30 seconds to the wireless LAN controller. It is expected that the wireless LAN controller will respond to these keep alive requests.
If the wireless LAN controller does not respond to the request, it will send more keep alive requests in quick succession, four more at 3 second intervals.
If none of those keep-alive queries are answered, the access point will assume that the wireless LAN controller has failed and will try find an alternative controller to join.
With these default values, an access point can detect a failure in around 35 seconds. The keep-alive timers can be modified to between 10 and 30 seconds, or in ‘fast’ mode with a timer between 1 and 10 seconds. Using the fast mode can mean a failure is picked up in as little as six seconds.
The fail over process can be made more efficient with the use of high availability technologies and stateful switchover redundancy (SSO). A stateful switchover redundancy groups a set of controllers into high availability pairs, one controller takes on an active role and the other is in a hot-standby mode.
The access points only need to take note of the active role controller, as if the primary controller fails there is already another controller in a hot-standby position to take over.
Each access point will learn of the high availability pair during the CASPWAP discovery phase and will build a CAPWAP tunnel to the active controller.
The active unit will keep CAPWAP tunnels, AP states, client states, configuration and image files in synchronisation with the hot standby unit.
The active controller will also synchronise the state of each access point that is in the RUN state with the hot standby controller.
With this information synchronised, if the main controller fails the hot standby controller already has all the information it needs to onboard the access points quickly.