N+1 Redundancy
The optional N+1 redundancy software feature, when implemented, allows a standby N+1 slave controller in the same subnet to monitor and seamlessly failover more than one master controller.
A set of master controllers and a standby slave controller are configured via static IP addressing to reside in the same subnet, and are considered to be an N+1 cluster. The standby slave monitors the availability of the master controllers in the cluster by receiving advertisement messages sent by the masters over a well known UDP port at expected intervals. If four successive advertisements are not received, the standby slave changes state to an active slave, assumes the IP address of the failed master, and takes over operations for the failed master. Because the standby slave already has a copy of the master’s latest saved configuration, all configured services continue with a short pause while the slave switches from standby to active state.
N+1 Fallback
While in the active slave role, the slave controller’s cluster monitoring activities are put on hold until the failed master rejoins the cluster. An active Slave detects the restart of a master through ARP. When the active slave is aware of the master’s return (via the advertisement message) it will continue to remain as active slave and the original master moves to passive state. The now passive master is assigned with original slave’s IP address. To move passive master to active master status, use the nplus1 revert command in active slave.
NP‐MC4200‐master(15)(config)# nplus1 revert
NP‐MC4200‐master(15)(config)# end
NP‐MC4200‐master(15)# sh nplus1
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
Current State : Active‐>Passive Slave
Heartbeat Period : 1000 milliseconds
Heartbeat Threshold : 4 threshold
Master IP : 172.19.215.31
Master Hostname : NP‐MC4200‐master Slave IP : 172.19.215.32
Slave Hostname : NP1‐MC4200‐slave License Type : Demo
License Usage (Used/Tot) : 1/1
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
Master Controllers
Hostname IP Address Admin Status
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
NP‐MC4200‐master 172.19.215.31 Enable Passive‐>Active
If it is necessary for the failed master to be off-line for a lengthy interval, the administrator can manually set the active slave back to the standby slave, thereby ensuring the standby slave is able to failover for another master.
Auto Fallback
After a failover, the passive master listens to advertisements (at time intervals specified using the nplus1 period command) from active slave. If the passive master does not receive advertisements from active slave within the time period the passive master initiates auto-fallback.
Auto Revert
When the master controller goes down, the slave controller takes over as active slave controller. When the master controller that was down became active, it continues to stay as passive controller till the nplus1 revert command is executed on the active slave controller. You can enable auto revert so that after the master controller come online, it takes over as the original master controller.
By default this option is disabled. To enable auto-revert, use the nplus1 autorevert enable command. By enabling auto revert; the active slave controller triggers a fallback by itself.
Failover Scenarios
Scenario |
Description |
Power outage |
Failover is initiated on power outage on the master controller. |
Switch Port Failure |
Failover is initiated during a port failure in the switch. |
Ethernet cable unplugged |
If the Ethernet cable in the master controller is unplugged, the slave controller takes over and becomes active slave. |
Manual Failover |
You can execute the nplus1 takeover command in the master controller to force a failover. |
np1adv process kill |
Failover is initiated if the np1 process in the master is killed. |
Auto Failover |
Auto failover is initiated if heartbeats from a controller is not received within the time specified in the nplus1 period command. |
Failover on “no reload” |
no reload commands trigger a failover. In such scenario, the master must be manually enabled. Reload commands sends a notification to slave about force enabling master and hence the master status becomes disable on the slave. |
In most cases with a cluster of N+1 Masters, the APs all have to be in L3 Connectivity mode, but if you only have one Master and one Slave unit (N=1) the APs can be in L3 only connectivity mode. However, if the APs are in L2 mode, then they will move to reboot after failover.
Heartbeat Period and Heartbeat Timeout Recommendations
Various factors in your network environment including latency can impact the N+1 failover. In networks with high latency, missing heartbeats between master and slave controller can trigger N+1 failover. We recommend that if your network experiences high latency, you should set the heartbeat period and heartbeat timeout to higher values.
The default heartbeat period is 1000ms and heartbeat timeout is 4 timeouts. Use the following commands to set high values:
# nplus1 timeout 40 # nplus1 period 100
The failure detection time (to initiate failover) is calculated as Heartbeat Period x Heartbeat Timeout.
Default timeout and period:
- Heartbeat Period (HP): Default 1000 ms, Range 100 – 30,000 (ms)
- Heartbeat Timeout (HT): The lost heartbeat threshold is the number of consecutive heartbeat packets. Default 4 timeouts, Range 4 – 60 (timeouts)
- Actual Failure Detection Time (AFDT) = HP (1000 ms) x HT (4) = 4000 ms = 4 Seconds
Preparing the Network
The N+1 cluster must be configured within a set of guidelines to operate as described in the previous section. While configuring your network for N+1 redundancy, the following guidelines must be followed:
- The following table lists the supported pairing (master and slave) of controller models in an N+1 cluster, with the MC series as the master.
Slave |
|
|
Master |
|
|
|
MC1550 |
MC1550VE |
MC3200 |
MC3200VE |
MC4200 |
MC4200VE |
MC6000 |
MC1550 |
✓ |
x |
X |
x |
x |
x |
x |
MC3200 |
x |
x |
✓ |
x |
x |
x |
x |
MC4200 |
x |
x |
X |
x |
✓ |
x |
x |
MC6000 |
x |
x |
X |
x |
x |
x |
✓ |
MC1550-VE |
✓ |
✓ |
X |
x |
x |
x |
x |
MC3200-VE |
✓ |
✓ |
✓ |
✓ |
x |
x |
x |
MC4200-VE |
✓ |
✓ |
✓ |
✓ |
✓ |
✓ |
x |
FWC-50D |
x |
x |
X |
x |
x |
x |
x |
FWC-VM-50 |
x |
x |
X |
x |
x |
x |
x |
FWC-200D |
x |
x |
✓ |
x |
x |
x |
x |
FWC-VM-200 |
x |
x |
X |
x |
x |
x |
x |
FWC-500D |
x |
x |
X |
x |
✓ |
x |
x |
FWC-VM-500 |
x |
x |
X |
x |
x |
x |
x |
FWC-1000D |
x |
x |
X |
x |
x |
x |
x |
FWC-VM1000 |
x |
x |
X |
x |
x |
x |
x |
FWC-3000D |
x |
x |
X |
x |
x |
x |
x |
FWC-VM3000 |
x |
x |
x |
x |
x |
x |
x |
- The following table lists the supported pairing (master and slave) of controller models in an N+1 cluster, with the FWC series as the master.
Slave |
|
|
Master |
|
|
|
|
FWC50D |
FWC-
VM-
50 |
FWC200D |
FWC-
VM-
200 |
FWC500D |
FWC-
VM-
500 |
FWC-
1000
D |
FWC-
VM1000 |
FWC-
3000
D |
FWC-
VM3000 |
MC1550 |
x |
x |
x |
x |
x |
x |
x |
X |
x |
X |
MC3200 |
x |
x |
✓ |
x |
x |
x |
x |
x |
x |
x |
MC4200 |
x |
x |
x |
x |
✓ |
x |
x |
x |
x |
x |
MC6000 |
x |
x |
x |
x |
x |
x |
x |
x |
x |
x |
MC1550-VE |
x |
x |
x |
x |
x |
x |
x |
x |
x |
x |
MC3200-VE |
✓ |
x |
✓ |
x |
x |
x |
x |
x |
x |
x |
MC4200-VE |
✓ |
x |
✓ |
x |
✓ |
x |
x |
x |
x |
x |
FWC-50D |
✓ |
x |
x |
X |
x |
x |
x |
x |
x |
x |
FWC-VM-50 |
x |
✓ |
x |
X |
x |
x |
x |
x |
x |
x |
FWC-200D |
x |
x |
✓ |
X |
x |
x |
x |
x |
x |
x |
FWC-VM200 |
x |
x |
x |
✓ |
x |
x |
x |
x |
x |
x |
FWC-500D |
x |
x |
x |
X |
✓ |
x |
x |
x |
x |
x |
FWC-VM500 |
x |
x |
x |
X |
x |
✓ |
x |
x |
x |
x |
FWC-1000D |
x |
x |
x |
X |
x |
x |
✓ |
x |
x |
x |
FWC-VM1000 |
x |
x |
x |
X |
x |
x |
x |
✓ |
x |
x |
FWC-3000D |
x |
x |
x |
X |
x |
x |
x |
x |
✓ |
x |
FWC-VM3000 |
x |
x |
x |
X |
x |
x |
x |
x |
x |
✓ |
- All master and slave controllers must use static IP addressing to ensure consistency and control of N+1 clustering. (DHCP addresses are not supported for controllers participating in the N+1 cluster).
- Master and slave controllers must be on the same IP subnet.
- All APs in the network should be configured for Layer 3 connectivity with the controller.
- Spanning tree should be disabled on the switch port to which the controllers are connected. To disable spanning tree on the port, refer to your switch configuration documentation.
- Set same date and time on the master and slave controller. Mismatch in date and time between master and slave will result in incorrect AP uptime information after a failover. You can also configure NTP on the master to avoid incorrect AP uptime information.
Configuring the N+1 Clusters shows a simplified network diagram of a recommended N+1 deployment.
Figure 37: Example N+1 Redundancy Network Deployment
Configuring the N+1 Clusters
This can only be configured using the CLI and up to five masters and one slave. You will need passwords for all controllers involved in the N+1 configuration. A summary of the steps to configure and start N+1 follows:
Step |
Command |
Description |
1. |
nplus1 start master |
On each master, start N+1 redundancy. |
2. |
nplus1 start slave |
Start N+1on the slave controller. |
3. |
nplus1 add master_hostname master_IP_address |
Add the master controller’s hostname and IP address to the slave’s cluster list. |
Starting N+1 on Master Controllers
N+1 must first be started on the Master Controllers.
To configure a master controller:
- On each master controller, enter configuration mode and start the N+1 software:
NP‐MC4200‐master(15)# configure terminal
NP‐MC4200‐master(15)(config)# nplus1 start master
- Exit configuration mode and check that the N+1 software has been started on that controller:
NP‐MC4200‐master(15)(config)# exit
NP‐MC4200‐master(15)# sh nplus1
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐Master controller
Master IP : 172.19.215.31
Master Hostname : NP‐MC4200‐master
Master Status : Active
Slave IP : 172.19.215.32 <– This is not displayed if Slave is not started
Slave Status : Passive <– This is displayed as Unknown if slave is not started
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
Configuring N+1 on the Slave Controller
After starting N+1 on each of the Master Controllers, start N+1 on the Slave Controller, and then add each Master Controller to the Slave Controller.
The Slave Controller must be the last controller in the cluster to start N+1. All Master Controllers must be added to the cluster before starting N+1 on the Slave Controller.
To configure N+1 on the slave controller, follow these steps:
- Enter configuration mode and start the N+1 software:
NP1‐MC4200‐slave(15)# configure terminal
NP1‐MC4200‐slave(15)(config)# nplus1 start slave
Setting up this controller as a Passive Slave controller
- Check that the software has started on the slave with the show nplus1 command (note that no masters display in the Master Controllers list):
NP1‐MC4200‐slave(15)(config)# show nplus1
Current State : Passive
Heartbeat Period : 1000 milliseconds
Heartbeat Threshold : 4 threshold Slave IP : 172.19.215.32
Slave Hostname : NP1‐MC4200‐slave
License Type : Demo
License Usage (Used/Tot) : 0/1
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐ Master Controllers
Hostname IP Address Admin Status Switch Reason Missed Adverts SW Version ‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
- Supply the hostname and IP address of each master controller in the cluster. You will be prompted for the controller’s password to complete the addition:
NP1‐MC4200‐slave(15)# configure terminal
NP1‐MC4200‐slave(15)(config)# nplus1 add NP‐MC4200‐master 172.19.215.31 admin@172.19.215.31 Password:
- Exit configuration mode and check that the master controller has been enabled (the Admin status is now Enable):
NP1‐MC4200‐slave(15)#sh nplus1
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
Current State : Passive
Heartbeat Period : 1000 milliseconds
Heartbeat Threshold : 4 threshold
Slave IP : 172.19.215.32
Slave Hostname : NP1‐MC4200‐slave
License Type : Demo
License Usage (Used/Tot) : 1/1
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐ Master Controllers
Hostname IP Address Admin Status Switch Reason MissedAdverts SW Version
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
NP‐MC4200‐master 172.19.215.31 Enable Active Yes ‐ 0 6.1‐2‐15
Monitoring the N+1 Installation
The show nplus1 command allows you to check the current controller configuration and show the status of the controller. Some sample output displays are included to show the information displayed in the various controller states.
- N+1 on master—displays both basic master and slave controller identification information
NP‐MC4200‐master(15)# sh nplus1
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐Master controller
Master IP : 172.19.215.31
Master Hostname : NP‐MC4200‐master
Master Status : Active
Slave IP : 172.19.215.32
Slave Status : Passive
- N+1 on a standby slave—basic slave controller identification information plus the status for the master control-lers in the cluster (accompanying table describes status fields)
NP1‐MC4200‐slave(15)#sh nplus1
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
Current State : Passive
Heartbeat Period : 1000 milliseconds
Heartbeat Threshold : 4 threshold
Slave IP : 172.19.215.32
Slave Hostname : NP1‐MC4200‐slave
License Type : Demo
License Usage (Used/Tot) : 1/1
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐ Master Controllers
Hostname IP Address Admin Status Switch Reason MissedAdverts SW Version
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
NP‐MC4200‐master 172.19.215.31 Enable Active Yes ‐ 0 6.1‐2‐15 The descriptions of the display fields are provided in the following table:
Field |
Description |
Hostname |
Hostname of the master controller |
IP Address |
Static IP address assigned to the master controller |
Admin |
Status of N+1 redundancy on the master:
• Enable—N+1 redundancy has been enabled on the master
• Disable—N+1 redundancy has been disabled |
Switch |
Ability of the slave to assume active slave for the master:
• Yes—Slave and master model/FortiWLC (SD) version number are compatible
• No—Slave and master model/sFortiWLC (SD) version number are incompatible or the administrator has disabled N+1 on the master |
Field |
Description |
Reason |
If Switch is No, describes why switch cannot be made:
• Down: Master has been disabled by the user
• SW Mismatch: The FortiWLC (SD) software is out of sync (update the Master Controller).
• No Access: The Passive Slave was not able to access the Master because it did not receive a copy of the configuration. This is a rare message that occurs if show nplus1 is executed almost immediately after adding a controller. |
Missed Adverts |
Number of consecutively missed (not received) advertisements (a maximum of 4 triggers a failover if the Switch field is Yes). |
SW Version |
The software version of FortiWLC (SD) on the controller. |
- N+1 on an active slave—the master IP address, hostname, and status are added to the display. Passive status indicates the original master is UP, Down status indicates the original master is not reachable.
NP‐MC4200‐master(15)# sh nplus1
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
Current State : Active Slave
Heartbeat Period : 1000 milliseconds
Heartbeat Threshold : 4 threshold
Master IP : 172.19.215.31
Master Hostname : NP‐MC4200‐master Slave IP : 172.19.215.32
Slave Hostname : NP1‐MC4200‐slave
License Type : Demo
License Usage (Used/Tot) : 1/1
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
Master Controllers
Hostname IP Address Admin Status
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
NP‐MC4200‐master 172.19.215.31 Enable Passive
Managing the N+1 Installation
The tasks to manage an N+1 installation include:
- Syncing Running Configuration
- Disabling and Deleting N+1 Master Controllers
- Stopping N+1 Installations
- Replacing a Master Controller
- Working with N+1 Syslog
Syncing Running Configuration
Running configuration between master and slave are automatically synced every 30 minute.
Disabling and Deleting N+1 Master Controllers
To disable N+1 operation on a master controller, but still maintain its configuration in the cluster, from the slave controller, use the nplus1 disable command, with the IP address of the controller you are deleting:
NP1‐MC4200‐slave# configure terminal
NP1‐MC4200‐slave(config)# nplus1 disable 10.1.1.10 NP1‐MC4200‐slave(config)# end
To remove an N+1 master controller from the cluster, from the slave controller, use the nplus1 delete command, with the IP address of the controller you are deleting:
NP1‐MC4200‐slave# configure terminal
NP1‐MC4200‐slave(config)# nplus1 delete 10.1.1.10
NP1‐MC4200‐slave(config)# end
Stopping N+1 Installations
N+1 Slave and N+1 Master Controllers must be stopped separately.
Stopping N+1 Slave Controllers
To stop N+1 on a Slave Controller:
NP1‐MC4200‐slave# configure terminal
NP1‐MC4200‐slave(config)# nplus1 stop
Making this a normal controller.
NP1‐MC4200‐slave(config)# exit NP1‐MC4200‐slave#
Stopping N+1 Master Controllers To stop N+1 on a Master Controller:
3000‐1# configure terminal
3000‐1(config)# nplus1 stop
3000‐1(config)# exit
The following commands cannot be executed in an active slave controller and if executed on an active master, these commands will not trigger failover.
- poweroff controller
- reload
- reload default
- reload default factory
Replacing a Master Controller
To replace a a new master controller, do the following:
- Power off the original master controller. The slave controller becomes the active controller.
- Replace the new controller. Ensure that the new controller contains the same configuration for bonding, interface mode, and IP address(es) as the original master controller.
- Run “nplus1 start master” command on the new controller in order to make this new controller the master controller.
- Run “nplus1 slave <slave’s IP address>” command on the the new master controller in order to detect slave controller. The new master controller takes passive role.
- Run “nplus1 access <slave’s IP address>” command on active slave controller in order to generate authorized key on the new passive master controller.
- Then, copy the latest running configuration to the new passive master controller after executing the “nplus1 revert” command on the active slave controller
The the new active master controller automatically runs with the latest running configuration.
Working with N+1 Syslog
The show nplus1 debugloglevel command shows the level of verboseness set for the N+1 log messages.
NP1‐MC4200‐slave# sh nplus1 debugloglevel nplus1 Debug Logging Level: 0 NP1‐MC4200‐slave#
Setting the syslog Debug Level
The nplus1set debugloglevel command sets the level of verboseness for the N+1 log messages. The level can be set from 0 to 3, where 1 is the least verbose. The default 0 setting disables syslog messaging.
NP1‐MC4200‐slave(config)# nplus1 setdebugloglevel 1
N+1 Syslog Messages
Syslog messages are generated and sent to a log file on the syslog server configured with the syslog-host command. These message are sent by a standalone N+1 slave controller when an error condition occurs. A sample syslog message follows:
Oct 26 14:02:45 slave nplus1_Slave: <error message> The list of syslog messages are as follows:
Error Message |
Description/Remedy |
IP address not assigned. Please run setup before using nplus1 |
The command nplus1 start slave executed, but no IP address exists for the controller. Run the setup command on that controller and assign the controller a static IP address. |
ERROR: Could not get software version from file: meru_sw_version_file |
Couldn’t determine the FortiWLC (SD) software version. |
Rejecting record number due to parsing issues |
Error reading the persistent record of configured masters. Manually add the Master Controllers again. |
Could not open socket for CLI server |
Problem initializing the N+1 CLI. |
CLI server: Bind error for server ip: ip port: port |
Issues in initializing N+1 CLI. |
ALERT: Software Mismatch: Master (master_ip): software_version Slave (slave_ip): software_version |
The Master Controller advertisement revealed a software mismatch. While the version mismatch occurs, the Master Controller cannot provide redundancy. Install on the Master Controller the same software version as the Slave Controller (or vice versa). |
Copyback failed for master controller: master_ip |
Configuration of Master Controller changed while the Slave was active, and the copyback failed. Remove the new Master Controller configuration changes, failback the Master Controller, and then perform the needed configuration changes. |
For MC: master_ip State: SW
Mismatch -> No Access – Saved Config does not exist |
Software mismatch was resolved, but the Master Controller is not accessible from the Slave Controller and cannot provide redundancy. Ensure that the Master Controller is accessible using the command nplus1 access master_ip. |
Could not access host: master_ip. Setting No Access Count to: count |
Could not access the Master Controller. The Master Controller cannot provide redundancy until it is accessible. Access will be rechecked after count (default is 60 seconds). The problem may be caused by a gateway failure. Ensure that the Master Controller is accessible, and verify by using the command nplus1 access master_ip. |
Upgrading
Controllers in a N+1 network can be upgraded like any controller in a standalone deployment. However, only active master and standby slave controllers can be upgraded. Controllers in failover mode cannot be upgraded.
Recovering From N+1 Failover
When an N+1 master controller goes down, the slave controller transitions from passive slave to active slave (failover) and starts acting as the master controller. When the original master comes back up, the active slave continues to be active slave and the original master becomes passive master. The APs (if in L2 mode) will now reboot.
Recovering From N+1 with Dual Ethernet Failover
On the Master controller, when the first Ethernet interface goes down, the controller fails over to second interface of the same controller. If the second interface goes down, Nplus1 failover takes place and the N+1 passive slave becomes an active slave with Dual Ethernet redundant configuration.
The active slave is now in control. If the first active slave Ethernet interface goes down, the slave controller fails over to the second Ethernet interface.
To revert the failover, verify that the first interface on the Slave controller is up and running. Then, bring up the first interface of the original Master controller. The N+1 active slave continues to be active slave and the original N+1 master becomes passive.