636| Increasing Network Uptime Through Redundancy and VRRP AOS-W 6.5.3.x| User Guide
Figure 82 Redundancy with a Active-Backup Master Switch Pair
When a VRRP instance is configured on the switch vlan, there is no change in the VRRP state if the failover scenario
was tested by shutting down the port or bringing down the vlan. The switch remains in the Master state and sends
VRRP advertisements, which do not reach the peer switch. When the port is down, the peer switch becomes the
Master. However, when the port on the previous master is enabled, it takes over the Master state. The peer switch
moves out of the master state when the original master sends a higher priority advertisement, even when
preemption is not enabled. The peer switch will not be preempted if the master switch crashes or reboots.
AP Communication with Switches
The High Availability features work across Layer-3 networks, so there is no need for a direct Layer-2 connection
between switches in a high availability group.
When the AP first connects to its active switch, the active switch provides the IP address of a standby switch,
and the AP attempts to establish a tunnel to the standby switch. If an AP fails to connect to the first standby
switch, the active switch selects a new standby switch for that AP, and the AP attempts to connect to that
standby switch.
An AP will failover to its backup switch if it fails to contact its active switch through regular heartbeats and
keepalive messages, or if the user triggers a failover manually using the WebUI or CLI.
High Availability for bridge mode is supported on Campus APs. In this mode, the switch sends ACL Names to
the APs instead of the ACL IDs. These APs generate and maintain the mapping between the ACL Name and ACL
Id. In the event of a failover the ACL Name is sent to the AP from the stand-by switch. Since AP maintains the
mapping, the ACL Ids remain intact during a failover.
Client State Synchronization
Client state synchronization allows faster client reauthentication in the event of a switch failure by
synchronizing PMK and Key cache entries between active and standby switches. When this feature is enabled,
clients only need to perform a four-way key exchange to reconnect to the network (instead of performing a full
authentication to the RADIUS server), dramatically shortening the time required for the client to reconnect.
The following section of this document describes topologies, guidelines, and limitations for this feature. To view the
procedure for enabling the client state synchronization feature, see Configuring High Availability.
To Next Page
Loading...