Cat 6500 - WiSM Practice V1.0

Cat 6500 & WiSM – questions Iw
CC an
IE H
4 oo
#1 ge
30 nd
8 4 oo
rn
1. Upgrade IOS of Cat6500 in order to support the WiSM blade 2. Configure the Service Interfaces of both controllers of the WiSM blade (use VLAN 11 = 10.11.11.x/24) Use the following methods to achieve your goal and eventually configure the interfaces statically: Ø Dynamic (it does not matter what IP address WLC1 and WLC2 will get) Ø Dynamic with exclusions (WLC1 = 10.11.11.10, WLC2 = 10.11.11.11) Ø Dynamic with MAC reservations (WLC1 = 10.11.11.20, WLC2 = 10.11.11.21) Ø Static (WLC1 = 10.11.11.30, WLC2 = 10.11.11.31) 3. Access WLC1 and WLC2 without using telnet, SSH or a console connection. 4. Configure AutoLAG and explain why we cannot use normal LAG between Cat6500 and the WiSM blade. Make sure Layer 3 traffic is trusted. Also explain how we can trust Layer 2 traffic. 5. Configure load balancing for load balancing based on best practices 6. Create a Management VLAN for the WiSM blade on the Cat 6500 (VLAN 21 = 10.11.21.x/24) and do an initial configuration on WLC1 & WLC2. Use the following IP addresses: SVI interface = 10.11.21.254/24 WLC1 management interface = 10.11.21.10/24 WLC1 AP-­‐manager interface = 10.11.21.11/24 WLC1 management interface = 10.11.21.20/24 WLC1 AP-­‐manager interface = 10.11.21.21/24 Configure these IP addresses with the initial config setup on both WLC’s. Make sure how to change this IP address after the initial config is done 7. Make sure that the traffic that is coming from WLC1 and WLC2 is arriving in a untagged form but stills travels trough the Management VLAN (21) 8. Reset the WiSM blade independently from the Cat6500 switch Cat 6500 & WiSM – solutions CC an
IE H
4 oo
#1 ge
30 nd
8 4 oo
rn
1. Upgrade IOS of Cat6500 in order to support the WiSM blade Configuration: First we check what the current IOS version is on the Cat 65XX: Router#sh ver
Cisco Internetwork Operating System Software
IOS (tm) s72033_rp Software (s72033_rp-PK9SV-M), Version 12.2(17d)SXB11a, RELEASE
SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2006 by cisco Systems, Inc.
Compiled Thu 13-Apr-06 04:50 by kehsiao
Image text-base: 0x40020FBC, data-base: 0x41F18000
ROM: System Bootstrap, Version 12.2(17r)SX5, RELEASE SOFTWARE (fc1)
BOOTLDR: s72033_rp Software (s72033_rp-PK9SV-M), Version 12.2(17d)SXB11a, RELEASE
SOFTWARE (fc1)
Router uptime is 1 day, 10 hours, 53 minutes
Time since Router switched to active is 1 day, 10 hours, 52 minutes
System returned to ROM by reload at 21:40:23 UTC Thu Feb 24 2011 (SP by reload)
System image file is "sup-bootflash:s72033-pk9sv-mz.122-17d.SXB11a.bin"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
Iw
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
cisco WS-C6506-E (R7000) processor (revision 1.1) with 458752K/65536K bytes of memory.
Processor board ID SAL1052CJQA
SR71000 CPU at 600Mhz, Implementation 0x504, Rev 1.2, 512KB L2 Cache
Last reset from power-on
X.25 software, Version 3.0.0.
Bridging software.
1 Virtual Ethernet/IEEE 802.3 interface(s)
48 FastEthernet/IEEE 802.3 interface(s)
2 Gigabit Ethernet/IEEE 802.3 interface(s)
1917K bytes of non-volatile configuration memory.
8192K bytes of packet buffer memory.
65536K bytes of Flash internal SIMM (Sector size 512K).
Configuration register is 0x2102 We see that the IOS version is currently on the Catalyst 6506 is “Version 12.2(17d)SXB11a” This version is not supporting the WiSM blade at all. We can verify that with checking the status of the WiSM blade. Model
-----------------WS-SVC-WISM-1-K9
WS-X6348-RJ-45
WS-SUP720-3B
Serial No.
----------SAD1335006F
SAD04160M5C
SAL134959DR
CC an
IE H
4 oo
#1 ge
30 nd
8 4 oo
rn
Router#show module all
Mod Ports Card Type
--- ----- -------------------------------------1
10 unknown FRU type (major = 0x6003, mino
3
48 48 port 10/100 mb RJ45
6
2 Supervisor Engine 720 (Active)
Mod MAC addresses
Hw
Fw
--- ---------------------------------- ------ -----------1 0025.8438.23bc to 0025.8438.23cb
2.3
Unknown
3 00b0.8e82.26a4 to 00b0.8e82.26d3
2.3
5.4(2)
6 0024.1499.80a8 to 0024.1499.80ab
5.9
8.5(3)
Mod
--1
6
6
Sub-Module
--------------------------Centralized Forwarding Card
Policy Feature Card 3
MSFC3 Daughterboard
Model
-----------------WS-SVC-WISM-1-K9-D
WS-F6K-PFC3B
WS-SUP720
Sw
-----------Unknown
8.3(0.110)TE
12.2(17d)SXB
Status
------PwrDown
Ok
Ok
Serial
Hw
Status
------------ ------- ------SAD133500DJ
2.1
PwrDown
SAL13495HZM
2.6
Ok
SAL13495F89
4.0
Ok
Mod Online Diag Status
--- ------------------1 Unknown
3 Pass
6 Pass
Router#
Router#show module 1
Mod Ports Card Type
Model
Serial No.
--- ----- -------------------------------------- ------------------ ----------1
10 unknown FRU type (major = 0x6003, mino WS-SVC-WISM-1-K9
SAD1335006F
Mod MAC addresses
Hw
Fw
Sw
Status
--- ---------------------------------- ------ ------------ ------------ ------1 0025.8438.23bc to 0025.8438.23cb
2.3
Unknown
Unknown
PwrDown
Mod Sub-Module
Model
Serial
Hw
Status
--- --------------------------- ------------------ ------------ ------- ------1 Centralized Forwarding Card WS-SVC-WISM-1-K9-D SAD133500DJ
2.1
PwrDown
Iw
Mod Online Diag Status
--- ------------------1 Unknown
Router#
As you can see the WiSM module is located in the first slot and is currently Powered Down. Let’s see what happens if we try to power it up: Router(config)#power enable module 1
1d10h: %C6KPWR-SP-4-UNSUPPORTED: unsupported module in slot 1, power not allowed:
Unknown Card Type.
When the IOS is not the correct IOS it will generate this message when trying to power the module up. So the only thing that is left is that we need to download a new version IOS from CCO. To save some time there was a newer version on Disk0: on the Catalyst 6500. Router#show file systems
File Systems:
Free(b)
796688384
23403936
0
222362496
127908
1960900
65536000
-
Type
disk
disk
flash
opaque
opaque
nvram
nvram
opaque
opaque
network
flash
network
network
Flags
rw
rw
rw
ro
wo
rw
rw
rw
rw
rw
rw
rw
rw
Prefixes
disk0:
disk1:
sup-bootflash:
sup-microcode:
sup-image:
const_nvram:
nvram:
null:
system:
tftp:
bootflash:
rcp:
ftp:
CC an
IE H
4 oo
#1 ge
30 nd
8 4 oo
rn
Size(b)
* 1024409600
65536000
41931210
0
129004
1964024
65536000
-
Router#dir disk0:
Directory of disk0:/
1 -rw6562
2 -rw7322
3 -rw3599
4 -rw128322284
vz.122-33.SXH6.bin
May 4
May 5
Oct 18
Jan 28
2010
2010
2010
2010
20:29:58
19:10:20
20:50:08
15:41:50
+00:00
+00:00
+00:00
+00:00
start.cfg
runcfg.txt
wismconfig
s72033-adventerprisek9_wan-
1024409600 bytes total (796688384 bytes free)
Router#
The IOS version we need is “s72033-­‐adventerprisek9_wan-­‐vz.122-­‐33.SXH6.bin” Make sure the Catalyst 6500 will boot next time with the new IOS: Router(config)#boot system disk0:s72033-adventerprisek9_wan-vz.122-33.SXH6.bin
Iw
Router#sh run | i boot
boot system disk0:s72033-adventerprisek9_wan-vz.122-33.SXH6.bin
Router#
Router#reload
Proceed with reload? [confirm]
1d11h: %SYS-5-RELOAD: Reload requested by console.
1d11h: %OIR-SP-6-CONSOLE: Changing console ownership to switch processor
***
*** --- SHUTDOWN NOW --***
1d11h: %SYS-SP-5-RELOAD: Reload requested
1d11h: %OIR-SP-6-CONSOLE: Changing console ownership to switch processor
System Bootstrap, Version 8.5(3)
Copyright (c) 1994-2008 by cisco Systems, Inc.
Cat6k-Sup720/SP processor with 524288 Kbytes of main memory
Autoboot executing command: "boot disk0:s72033-adventerprisek9_wan-vz.122-33.SXH6.bin"
Loading image, please wait ...
Self extracting the image... [OK]
Self decompressing the image :
######################################################################################
######################################################################################
######################################################################################
########################################### [OK]
running startup....
Restricted Rights Legend
CC an
IE H
4 oo
#1 ge
30 nd
8 4 oo
rn
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco IOS Software, s72033_sp Software (s72033_sp-ADVENTERPRISEK9_WAN-VM), Version
12.2(33)SXH6, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Thu 15-Oct-09 01:54 by prod_rel_team
Image text-base: 0x01020150, data-base: 0x01021000
00:00:32: %SYS-3-LOGGER_FLUSHING: System pausing to ensure console debugging output.
00:00:32: %PFREDUN-6-ACTIVE: Initializing as ACTIVE processor for this switch
00:00:33: %SYS-3-LOGGER_FLUSHING: System pausing to ensure console debugging output.
00:00:32: %SYS-3-LOGGER_FLUSHED: System was paused for 00:00:00 to ensure console
debugging output.
Firmware compiled 12-Oct-09 11:00 by integ Build [100]
00:00:33: %OIR-6-CONSOLE: Changing console ownership to route processor
System Bootstrap, Version 12.2(17r)SX5, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 2006 by cisco Systems, Inc.
Cat6k-Sup720/RP platform with 524288 Kbytes of main memory
Iw
Download Start
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Download Completed! Booting the image.
Self decompressing the image :
######################################################################################
######################################################################################
######################################################################################
######################################################################################
######################################################################################
######################################################################################
################################################################################# [OK]
running startup....
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
CC an
IE H
4 oo
#1 ge
30 nd
8 4 oo
rn
Cisco IOS Software, s72033_rp Software (s72033_rp-ADVENTERPRISEK9_WAN-VM), Version
12.2(33)SXH6, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Thu 15-Oct-09 01:01 by prod_rel_team
Image text-base: 0x01020150, data-base: 0x01021000
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
cisco WS-C6506-E (R7000) processor (revision 1.1) with 516096K/8192K bytes of memory.
Processor board ID SAL1052CJQA
SR71000 CPU at 600Mhz, Implementation 1284, Rev 1.2, 512KB L2 Cache
Last reset from s/w reset
1 Virtual Ethernet interface
48 FastEthernet interfaces
12 Gigabit Ethernet interfaces
1917K bytes of non-volatile configuration memory.
bytes of Flash internal SIMM (Sector size 512K).
new interface GigabitEthernet1/1 placed in "shutdown"
new interface GigabitEthernet1/2 placed in "shutdown"
new interface GigabitEthernet1/3 placed in "shutdown"
new interface GigabitEthernet1/4 placed in "shutdown"
new interface GigabitEthernet1/5 placed in "shutdown"
new interface GigabitEthernet1/6 placed in "shutdown"
new interface GigabitEthernet1/7 placed in "shutdown"
new interface GigabitEthernet1/8 placed in "shutdown"
Iw
65536K
SETUP:
SETUP:
SETUP:
SETUP:
SETUP:
SETUP:
SETUP:
SETUP:
state
state
state
state
state
state
state
state
Press RETURN to get started!
00:00:50: curr is 0x0
00:00:50: RP: Currently running ROMMON from S (Gold) region
00:00:58: %SYS-5-CONFIG_I: Configured from memory by console
00:01:02: %SYS-5-RESTART: System restarted -Cisco IOS Software, s72033_rp Software (s72033_rp-ADVENTERPRISEK9_WAN-VM), Version
12.2(33)SXH6, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Thu 15-Oct-09 01:01 by prod_rel_team
00:00:33: %SYS-3-LOGGER_FLUSHED: System was paused for 00:00:00 to ensure console
debugging output.
00:02:19: SP: SP: Currently running ROMMON from S (Gold) region
00:02:29: %SW_VLAN-SP-6-VTP_DOMAIN_NAME_CHG: VTP domain name changed to wism.
00:02:32: %OIR-SP-6-INSPS: Power supply inserted in slot 1
00:02:32: %C6KPWR-SP-4-PSOK: power supply 1 turned on.
00:02:32: %SYS-SP-5-RESTART: System restarted -Cisco IOS Software, s72033_sp Software (s72033_sp-ADVENTERPRISEK9_WAN-VM), Version
12.2(33)SXH6, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Thu 15-Oct-09 01:54 by prod_rel_team
00:02:33: %SYS-SP-6-BOOTTIME: Time taken to reboot after reload =
280 seconds
00:02:40: %FABRIC-SP-5-CLEAR_BLOCK: Clear block option is off for the fabric in slot
6.
00:02:40: %FABRIC-SP-5-FABRIC_MODULE_ACTIVE: The Switch Fabric Module in slot 6 became
active.
CC an
IE H
4 oo
#1 ge
30 nd
8 4 oo
rn
00:02:42: %DIAG-SP-6-RUN_MINIMUM: Module 6: Running Minimal Diagnostics...
00:02:53: %DIAG-SP-6-DIAG_OK: Module 6: Passed Online Diagnostics
00:02:53: %OIR-SP-6-INSCARD: Card inserted in slot 6, interfaces are now online
00:03:28: %DIAG-SP-6-RUN_MINIMUM: Module 3: Running Minimal Diagnostics...
00:02:08: %MFIB_CONST_RP-6-REPLICATION_MODE_CHANGE: Replication Mode Change Detected.
Current system replication mode is Ingress
00:03:39: %DIAG-SP-6-DIAG_OK: Module 3: Passed Online Diagnostics
00:03:40: %OIR-SP-6-INSCARD: Card inserted in slot 3, interfaces are now online
00:00:09: DaughterBoard (Centralized Forwarding Card)
Firmware compiled 12-Oct-09 11:00 by integ Build [100]
00:00:12: %SYS-CFC1-5-RESTART: System restarted -Cisco IOS Software, c6lc2 Software (c6lc2-SP-VM), Version 12.2(33)SXH6, RELEASE
SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Thu 15-Oct-09 01:38 by prod_rel_team
Feb 26 08:51:34.689: CFC1: Currently running ROMMON from S (Gold) region
00:03:55:
00:02:28:
Disabling
00:04:00:
00:04:00:
%DIAG-SP-6-RUN_MINIMUM: Module 1: Running Minimal Diagnostics...
%MLS_RATE-4-DISABLING: The global switching mode is now 'truncated'.
the Layer2 Rate Limiters.
%DIAG-SP-6-DIAG_OK: Module 1: Passed Online Diagnostics
%OIR-SP-6-INSCARD: Card inserted in slot 1, interfaces are now online
Now that the Catalyst 6500 is rebooted and slot 1 is online we can do some additional checks: Model
-----------------WS-SVC-WISM-1-K9
WS-X6348-RJ-45
WS-SUP720-3B
Iw
Router#show module
Mod Ports Card Type
--- ----- -------------------------------------1
10 WiSM WLAN Service Module
3
48 48 port 10/100 mb RJ45
6
2 Supervisor Engine 720 (Active)
Mod MAC addresses
Hw
Fw
--- ---------------------------------- ------ -----------1 0025.8438.23bc to 0025.8438.23cb
2.3
12.2(14r)S5
3 00b0.8e82.26a4 to 00b0.8e82.26d3
2.3
5.4(2)
6 0024.1499.80a8 to 0024.1499.80ab
5.9
8.5(3)
Mod
---1
6
6
Sub-Module
--------------------------Centralized Forwarding Card
Policy Feature Card 3
MSFC3 Daughterboard
Mod Online Diag Status
---- ------------------1 Pass
3 Pass
6 Pass
Router#
Model
-----------------WS-SVC-WISM-1-K9-D
WS-F6K-PFC3B
WS-SUP720
Serial No.
----------SAD1335006F
SAD04160M5C
SAL134959DR
Sw
-----------12.2(33)SXH6
8.7(0.22)BUB
12.2(33)SXH6
Status
------Ok
Ok
Ok
Serial
Hw
Status
----------- ------- ------SAD133500DJ 2.1
Ok
SAL13495HZM 2.6
Ok
SAL13495F89 4.0
Ok
CC an
IE H
4 oo
#1 ge
30 nd
8 4 oo
rn
2. Configure the Service Interfaces of both controllers of the WiSM blade (use VLAN 11 = 10.11.11.x/24) Use the following methods to achieve your goal and eventually configure the interfaces statically: Ø 1) Dynamic (it does not matter what IP address WLC1 and WLC2 will get) Ø 2) Dynamic with exclusions (WLC1 = 10.11.11.10, WLC2 = 10.11.11.11) Ø 3) Dynamic with MAC reservations (WLC1 = 10.11.11.20, WLC2 = 10.11.11.21) Ø 4) Static (WLC1 = 10.11.11.30, WLC2 = 10.11.11.31) First we need to create the service interface VLAN. We check what VLANS are there at the moment: CAT6500#show vlan
VLAN Name
Status
Ports
---- -------------------------------- --------- ------------------------------1
default
active
Gi1/1, Gi1/2, Gi1/3, Gi1/4
Gi1/5, Gi1/6, Gi1/7, Gi1/8
Gi1/9, Gi1/10
1002 fddi-default
act/unsup
1003 token-ring-default
act/unsup
1004 fddinet-default
act/unsup
1005 trnet-default
act/unsup
VLAN
---1
1002
1003
1004
1005
Type
----enet
fddi
tr
fdnet
trnet
SAID
---------100001
101002
101003
101004
101005
MTU
----1500
1500
1500
1500
1500
Parent
------
RingNo
------
BridgeNo
--------
Stp
---ieee
ibm
BrdgMode
--------
Trans1
-----0
0
0
0
0
Trans2
-----0
0
0
0
0
Now we create the service VLAN: Iw
CAT6500#conf t
Enter configuration commands, one per line. End with CNTL/Z.
CAT6500(config)#vlan 11
CAT6500(config-vlan)#name WISMSERVICE
CAT6500(config-vlan)#exit
% Applying VLAN changes may take few minutes. Please wait...
CAT6500(config)#exit
00:04:44: %SYS-5-CONFIG_I: Configured from console by console
And verify it it’s created: CAT6500#sh vlan
VLAN Name
Status
Ports
---- -------------------------------- --------- ------------------------------1
default
active
Gi1/1, Gi1/2, Gi1/3, Gi1/4
Gi1/5, Gi1/6, Gi1/7, Gi1/8
Gi1/9, Gi1/10
11
WISMSERVICE
active
1002 fddi-default
act/unsup
1003 token-ring-default
act/unsup
1004 fddinet-default
act/unsup
1005 trnet-default
act/unsup
VLAN
---1
11
1002
1003
Type
----enet
enet
fddi
tr
SAID
---------100001
100011
101002
101003
MTU
----1500
1500
1500
1500
Parent
------
RingNo
------
BridgeNo
--------
Stp
----
BrdgMode
--------
Trans1
-----0
0
0
0
Trans2
-----0
0
0
0
1004 fdnet 101004
1005 trnet 101005
1500
1500
-
-
-
ieee ibm -
0
0
0
0
Enable the service interface on the WiSM: CAT6500#conf t
Enter configuration commands, one per line.
CAT6500(config)#wism service-vlan 11
End with CNTL/Z.
CC an
IE H
4 oo
#1 ge
30 nd
8 4 oo
rn
Check the IP addresses on the service VLAN and the port status: CAT6500#show wism status
Service Vlan : 11, Service IP Subnet : Not Configured
WLAN
Slot Controller Service IP
Management IP
SW Version Status
----+-----------+----------------+----------------+-----------+--------------1
1
0.0.0.0
0.0.0.0
Service Port Down
1
2
0.0.0.0
0.0.0.0
Service Port Down
Create SVI for the service interfaces on the Cat 6500: CAT6500(config)#int vlan 11
CAT6500(config-if)#ip address 10.11.11.254 255.255.255.0
CAT6500(config-if)#no shut
Verify if the service interfaces are up: CAT6500#show wism status
Service Vlan : 11, Service IP Subnet : 10.11.11.254/255.255.255.0
WLAN
Slot Controller Service IP
Management IP
SW Version Status
----+-----------+----------------+----------------+-----------+--------------1
1
0.0.0.0
0.0.0.0
Service Port Up
1
2
0.0.0.0
0.0.0.0
Service Port Up
Iw
1) Dynamic (it does not matter what IP address WLC1 and WLC2 will get) First we create a DHCP pool: CAT6500(config)#ip dhcp pool WiSM
CAT6500(config-dhcp)#name WISMSERVICE
CAT6500(config-dhcp)#network 10.11.11.0 /24
CAT6500(config-dhcp)#default-router 10.11.11.254
Check the IP addresses of the service interfaces again: CAT6500#show wism status
Service Vlan : 11, Service IP Subnet : 10.11.11.254/255.255.255.0
WLAN
Slot Controller Service IP
Management IP
SW Version Status
----+-----------+----------------+----------------+-----------+--------------1
1
10.11.11.1
169.254.1.1
4.2.207.0
Oper-Up
1
2
10.11.11.2
169.254.1.1
4.2.207.0
Oper-Up
CAT6500#
00:19:23: %WiSM-5-STATE: Controller 1 in slot 1 is Oper-Up
00:19:23: %WiSM-5-STATE: Controller 2 in slot 1 is Oper-Up
CAT6500#
2) Dynamic with exclusions (WLC1 = 10.11.11.10, WLC2 = 10.11.11.11) The DHCP scope is already created so we only include exclusions: CAT6500(config)#ip dhcp excluded-address 10.11.11.1 10.11.11.9
CAT6500(config)#ip dhcp excluded-address 10.11.11.12 10.11.11.254
CC an
IE H
4 oo
#1 ge
30 nd
8 4 oo
rn
CAT6500#hw-module module 1 reset
Proceed with reload of module?[confirm]
% reset issued for module 1
CAT6500#
00:24:58: %C6KPWR-SP-4-DISABLED: power to module in slot 1 set off (Reset)
Check the IP addresses again after the reload: CAT6500#show wism status
Service Vlan : 11, Service IP Subnet : 10.11.11.254/255.255.255.0
WLAN
Slot Controller Service IP
Management IP
SW Version Status
----+-----------+----------------+----------------+-----------+--------------1
1
10.11.11.10
169.254.1.1
4.2.207.0
Oper-Up
1
2
10.11.11.11
169.254.1.1
4.2.207.0
Oper-Up
3) Dynamic with MAC reservations (WLC1 = 10.11.11.20, WLC2 = 10.11.11.21) In order to know what the MAC addresses are of the WLC service interfaces. So we do the initial config of the WLC’s first: Welcome to the Cisco Wizard Configuration Tool
Use the '-' character to backup
System Name [Cisco_0a:45:ab]: WLC1
Enter Administrative User Name (24 characters max): admin
Enter Administrative Password (24 characters max): *****
Re-enter Administrative Password
: *****
Iw
Service Interface IP Address Configuration [none][DHCP]:
Management
Management
Management
Management
Management
Interface
Interface
Interface
Interface
Interface
IP Address: 10.11.21.10
Netmask: 255.255.255.0
Default Router: 10.11.21.254
VLAN Identifier (0 = untagged): 21
DHCP Server IP Address: 10.11.21.254
AP Transport Mode [layer2][LAYER3]:
AP Manager Interface IP Address: 10.11.21.11
AP-Manager is on Management subnet, using same values
AP Manager Interface DHCP Server (10.11.21.254):
Virtual Gateway IP Address: 1.1.1.1
Mobility/RF Group Name: WiSM-WLC1
Enable Symmetric Mobility Tunneling [yes][NO]:
Network Name (SSID): WiSM-WLC1
Allow Static IP Addresses [YES][no]:
Configure a RADIUS Server now? [YES][no]: no
Warning! The default WLAN security policy requires a RADIUS server.
Please see documentation for more details.
Enter Country Code list (enter 'help' for a list of countries) [US]:
Enable 802.11b Network [YES][no]:
Enable 802.11a Network [YES][no]:
Enable 802.11g Network [YES][no]:
Enable Auto-RF [YES][no]:
Configure a NTP server now? [YES][no]: no
Configure the system time now? [YES][no]: no
Warning! No AP will come up unless the time is set.
Please see documentation for more details.
Configuration correct? If yes, system will save it and reset. [yes][NO]: yes
CC an
IE H
4 oo
#1 ge
30 nd
8 4 oo
rn
Configuration saved!
Resetting system with new configuration...
Configuration saved!
Resetting system with new configuration...
Bootloader 3.2.202.0 (Nov 13 2007 - 19:35:12)
Motorola PowerPC ProcessorID=00000000 Rev. PVR=80200020
CPU: 999 MHz
CCB: 333 MHz
DDR: 166 MHz
LBC: 41 MHz
L1 D-cache 32KB, L1 I-cache 32KB enabled.
I2C:
ready
DTT:
1 is 44 C
DRAM: DDR module detected, total size:512MB.
512 MB
8540 in PCI Host Mode.
8540 is the PCI Arbiter.
Memory Test PASS
Iw
FLASH:
Flash Bank 0: portsize = 2, size = 8 MB in 142 Sectors
8 MB
L2 cache enabled: 256KB
Card Id: 1537
Card Revision Id: 1
Card CPU Id: 1287
Number of MAC Addresses: 32
Number of Slots Supported: 4
Serial Number: FAM133500DJ
Manufacturers ID: 30464
Board Maintenance Level: 00
In:
serial
Out:
serial
Err:
serial
.o88b. d888888b .d8888. .o88b.
d8P Y8
`88'
88' YP d8P Y8
8P
88
`8bo.
8P
8b
88
`Y8b. 8b
Y8b d8
.88.
db
8D Y8b d8
`Y88P' Y888888P `8888Y' `Y88P'
Model SVC-WiSM
S/N: FAM133500DJ
.d88b.
.8P Y8.
88
88
88
88
`8b d8'
`Y88P'
Net:
TSEC ETHERNET
IDE:
Bus 0: OK
Device 0: Model: STI Flash 8.0.0 Firm: 01/17/07 Ser#: STI1MN5609222094102
Type: Removable Hard Disk
Capacity: 488.7 MB = 0.4 GB (1000944 x 512)
Device 1: not available
Booting Primary Image...
Press <ESC> now for additional boot options...
Detecting Hardware . . .
XML config selected
Cisco is a trademark of Cisco Systems, Inc.
Software Copyright Cisco Systems, Inc. All rights reserved.
Iw
CC an
IE H
4 oo
#1 ge
30 nd
8 4 oo
rn
Cisco AireOS Version 4.2.207.0
Initializing OS Services: ok
Initializing Serial Services: ok
Initializing Internal Interfaces: ok
Initializing Network Services: ok
Starting ARP Services: ok
Starting Trap Manager: ok
Starting Network Interface Management Services: ok
Starting System Services: ok
Starting FIPS Features: Not enabled
Starting Fast Path Hardware Acceleration: ok
Starting Switching Services: ok
Starting QoS Services: ok
Starting Policy Manager: ok
Starting Data Transport Link Layer: ok
Starting Access Control List Services: ok
Starting System Interfaces: ok
Starting Client Troubleshooting Service: ok
Starting Management Frame Protection: ok
Starting LWAPP: ok
Starting Certificate Database: ok
Starting VPN Services: ok
Starting Security Services: ok
Starting Policy Manager: ok
Starting Authentication Engine: ok
Starting Mobility Management: ok
Starting Virtual AP Services: ok
Starting AireWave Director: ok
Starting Network Time Services: ok
Starting Cisco Discovery Protocol: ok
Starting Broadcast Services: ok
Starting Logging Services: ok
Starting DHCP Server: ok
Starting IDS Signature Manager: ok
Starting RFID Tag Tracking: ok
Starting WLAN Control Protocol (WCP): ok
Starting Mesh Services: ok
Starting TSM: ok
Starting LOCP: ok
Starting CIDS Services: ok
Starting Ethernet-over-IP: ok
Starting Management Services:
Web Server: ok
CLI: ok
Secure Web: ok
(WiSM-slot1-1)
Enter User Name (or 'Recover-Config' this one-time only to reset configuration to
factory defaults)
User:
Check out the MAC address of WLC1: (WiSM-slot1-1) show interface
detailed
service-port
Interface Name...................................
MAC Address......................................
IP Address.......................................
DHCP Option 82...................................
DHCP Protocol....................................
AP Manager.......................................
Guest Interface..................................
service-port
00:26:cb:0a:45:a2
0.0.0.0
Disabled
Enabled
No
No
Initial config of WLC2: Welcome to the Cisco Wizard Configuration Tool
Use the '-' character to backup
System Name [Cisco_0b:77:eb]: WLC2
Enter Administrative User Name (24 characters max): admin
Enter Administrative Password (24 characters max): *****
Re-enter Administrative Password
: *****
CC an
IE H
4 oo
#1 ge
30 nd
8 4 oo
rn
Service Interface IP Address Configuration [none][DHCP]:
Management
Management
Management
Management
Management
Interface
Interface
Interface
Interface
Interface
IP Address: 10.11.21.20
Netmask: 255.255.255.0
Default Router: 10.11.21.254
VLAN Identifier (0 = untagged): 21
DHCP Server IP Address: 10.11.21.254
AP Transport Mode [layer2][LAYER3]:
AP Manager Interface IP Address: 10.11.21.21
AP-Manager is on Management subnet, using same values
AP Manager Interface DHCP Server (10.11.21.254):
Virtual Gateway IP Address: 1.1.1.1
Mobility/RF Group Name: WiSM-WLC2
Enable Symmetric Mobility Tunneling [yes][NO]:
Network Name (SSID): WiSM-WLC2
Allow Static IP Addresses [YES][no]:
Configure a RADIUS Server now? [YES][no]: no
Warning! The default WLAN security policy requires a RADIUS server.
Please see documentation for more details.
Enter Country Code list (enter 'help' for a list of countries) [US]:
Enable
Enable
Enable
Enable
802.11b
802.11a
802.11g
Auto-RF
Network [YES][no]:
Network [YES][no]:
Network [YES][no]:
[YES][no]:
Iw
Configure a NTP server now? [YES][no]: no
Configure the system time now? [YES][no]: no
Warning! No AP will come up unless the time is set.
Please see documentation for more details.
Configuration correct? If yes, system will save it and reset. [yes][NO]: yes
Configuration saved!
Resetting system with new configuration...
Configuration saved!
Resetting system with new configuration...
Bootloader 3.2.202.0 (Nov 13 2007 - 19:35:12)
Motorola PowerPC ProcessorID=00000000 Rev. PVR=80200020
CPU: 999 MHz
CCB: 333 MHz
DDR: 166 MHz
LBC: 41 MHz
L1 D-cache 32KB, L1 I-cache 32KB enabled.
I2C:
ready
DTT:
1 is 39 C
DRAM: DDR module detected, total size:512MB.
512 MB
8540 in PCI Host Mode.
8540 is the PCI Arbiter.
Memory Test PASS
CC an
IE H
4 oo
#1 ge
30 nd
8 4 oo
rn
FLASH:
Flash Bank 0: portsize = 2, size = 8 MB in 142 Sectors
8 MB
L2 cache enabled: 256KB
Card Id: 1537
Card Revision Id: 1
Card CPU Id: 1287
Number of MAC Addresses: 32
Number of Slots Supported: 4
Serial Number: FAS133500DJ
Manufacturers ID: 30464
Board Maintenance Level: 00
In:
serial
Out:
serial
Err:
serial
.o88b. d888888b .d8888. .o88b.
d8P Y8
`88'
88' YP d8P Y8
8P
88
`8bo.
8P
8b
88
`Y8b. 8b
Y8b d8
.88.
db
8D Y8b d8
`Y88P' Y888888P `8888Y' `Y88P'
Model SVC-WiSM
S/N: FAS133500DJ
.d88b.
.8P Y8.
88
88
88
88
`8b d8'
`Y88P'
Net:
TSEC ETHERNET
IDE:
Bus 0: OK
Device 0: Model: STI Flash 8.0.0 Firm: 01/17/07 Ser#: STI1Mm7309222093820
Type: Removable Hard Disk
Capacity: 488.7 MB = 0.4 GB (1000944 x 512)
Device 1: not available
Booting Primary Image...
Press <ESC> now for additional boot options...
Detecting Hardware . . .
XML config selected
Cisco is a trademark of Cisco Systems, Inc.
Software Copyright Cisco Systems, Inc. All rights reserved.
Iw
Cisco AireOS Version 4.2.207.0
Initializing OS Services: ok
Initializing Serial Services: ok
Initializing Internal Interfaces: ok
Initializing Network Services: ok
Starting ARP Services: ok
Starting Trap Manager: ok
Starting Network Interface Management Services: ok
Starting System Services: ok
Starting FIPS Features: Not enabled
Starting Fast Path Hardware Acceleration: ok
Starting Switching Services: ok
Starting QoS Services: ok
Starting Policy Manager: ok
Starting Data Transport Link Layer: ok
Starting Access Control List Services: ok
Starting System Interfaces: ok
Starting Client Troubleshooting Service: ok
Starting Management Frame Protection: ok
Starting LWAPP: ok
Starting Certificate Database: ok
Starting VPN Services: ok
Starting Security Services: ok
Starting Policy Manager: ok
Starting Authentication Engine: ok
Starting Mobility Management: ok
Starting Virtual AP Services: ok
Starting AireWave Director: ok
Starting Network Time Services: ok
Starting Cisco Discovery Protocol: ok
Starting Broadcast Services: ok
Starting Logging Services: ok
CC an
IE H
4 oo
#1 ge
30 nd
8 4 oo
rn
Starting DHCP Server: ok
Starting IDS Signature Manager: ok
Starting RFID Tag Tracking: ok
Starting WLAN Control Protocol (WCP): ok
Starting Mesh Services: ok
Starting TSM: ok
Starting LOCP: ok
Starting CIDS Services: ok
Starting Ethernet-over-IP: ok
Starting Management Services:
Web Server: ok
CLI: ok
Secure Web: ok
(WiSM-slot1-2)
Enter User Name (or 'Recover-Config' this one-time only to reset configuration to
factory defaults)
User: admin
Password:*****
Check out the MAC address of WLC2: (WiSM-slot1-2) >show interface detailed
service-port
Interface Name...................................
MAC Address......................................
IP Address.......................................
DHCP Option 82...................................
DHCP Protocol....................................
AP Manager.......................................
Guest Interface..................................
service-port
00:26:cb:0b:77:e2
0.0.0.0
Disabled
Enabled
No
No
Delete the DHCP scope we just created and create 2 new scopes (for each WLC): Iw
CAT6500(config)#ip dhcp pool WLC1
CAT6500(dhcp-config)#host 10.11.11.20
CAT6500(dhcp-config)#hardware-address
CAT6500(dhcp-config)#exit
CAT6500(config)#ip dhcp pool WLC2
CAT6500(dhcp-config)#host 10.11.11.21
CAT6500(dhcp-config)#hardware-address
255.255.255.0
0026.cb0a.45a2
255.255.255.0
0026.cb0b.77e2
00:44:06: %WiSM-5-STATE: Controller 1 in slot 1 is Oper-Up
00:44:21: %WiSM-5-STATE: Controller 2 in slot 1 is Oper-Up
Check the IP addresses again of the service interfaces: CAT6500#show wism status
Service Vlan : 11, Service IP Subnet : 10.11.11.254/255.255.255.0
WLAN
Slot Controller Service IP
Management IP
SW Version Status
----+-----------+----------------+----------------+-----------+--------------1
1
10.11.11.20
10.11.21.10
4.2.207.0
Oper-Up
1
2
10.11.11.21
10.11.21.20
4.2.207.0
Oper-Up
4) Static (WLC1 = 10.11.11.30, WLC2 = 10.11.11.31 Disable all the DHCP pools: CAT6500(config)#no ip dhcp pool WLC1
CAT6500(config)#no ip dhcp pool WLC2
Set the interfaces in the controller to static and set the IP address manual: CC an
IE H
4 oo
#1 ge
30 nd
8 4 oo
rn
(WiSM-slot1-1) >config interface address service-port 10.11.11.30 255.255.255.0
The DHCP protocol for the service port must be disabled before configuring the IP addr
(WiSM-slot1-1) >config interface dhcp service-port disable
(WiSM-slot1-1) >config interface address service-port
10.11.11.30 255.255.255.0
Verify it: (WiSM-slot1-1) >show interface summary
Interface Name
-------------------------------ap-manager
management
service-port
virtual
Port
---LAG
LAG
N/A
N/A
Vlan Id
-------21
21
N/A
N/A
IP Address
--------------10.11.21.11
10.11.21.10
10.11.11.30
1.1.1.1
Type
------Static
Static
Static
Static
Ap Mgr
-----Yes
No
No
No
Guest
----No
No
No
No
Do the same for WLC2: (WiSM-slot1-2) >config interface address service-port 10.11.11.31 255.255.255.0
The DHCP protocol for the service port must be disabled before configuring the IP addr
(WiSM-slot1-2) >config interface
dhcp service-port disable
(WiSM-slot1-2) >config interface address
service-port
10.11.11.31 255.255.255.0
(WiSM-slot1-2) >show interface summary
Iw
Interface Name
-------------------------------ap-manager
management
service-port
virtual
Port
---LAG
LAG
N/A
N/A
Vlan Id
-------21
21
N/A
N/A
IP Address
--------------10.11.21.21
10.11.21.20
10.11.11.31
1.1.1.1
Type
------Static
Static
Static
Static
Ap Mgr
-----Yes
No
No
No
3. Access WLC1 and WLC2 without using telnet, SSH or a console connection. CAT6500#session slot 1 processor 1
The default escape character is Ctrl-^, then x.
You can also type 'exit' at the remote prompt to end the session
Trying 10.11.11.30 ... Open
(WiSM-slot1-1)
User:
CAT6500#session slot 1 processor 2
The default escape character is Ctrl-^, then x.
You can also type 'exit' at the remote prompt to end the session
Trying 10.11.11.31 ... Open
Guest
----No
No
No
No
(WiSM-slot1-2)
User:
CAT6500#show session
Conn Host
1 10.11.11.30
* 2 10.11.11.31
Address
10.11.11.30
10.11.11.31
Byte
0
0
Idle Conn Name
0 10.11.11.30
0 10.11.11.31
CC an
IE H
4 oo
#1 ge
30 nd
8 4 oo
rn
CAT6500#
CAT6500#disc 1
Closing connection to 10.11.11.30 [confirm]
CAT6500#disc 2
Closing connection to 10.11.11.31 [confirm]
CAT6500#show sessions
% No connections open
CAT6500#
4. Configure AutoLAG and explain why we cannot use normal LAG between Cat6500 and the WiSM blade. Make sure Layer 3 traffic is trusted. Also explain how we can trust Layer 2 traffic. Create the management VLAN: CAT6500#conf t
Enter configuration commands, one per line. End with CNTL/Z.
CAT6500(config)#vlan 21
CAT6500(config-vlan)#name WISMMANAGEMENT
CAT6500(config-vlan)#exit
% Applying VLAN changes may take few minutes. Please wait...
Verify if the VLAN is created: CAT6500#sh vl
00:53:56: %SYS-5-CONFIG_I: Configured from console by consolean
Iw
VLAN Name
Status
Ports
---- -------------------------------- --------- ------------------------------1
default
active
Gi1/1, Gi1/2, Gi1/3, Gi1/4
Gi1/5, Gi1/6, Gi1/7, Gi1/8
11
WISMSERVICE
active
Gi1/9, Gi1/10
21
WISMMANAGEMENT
active
1002 fddi-default
act/unsup
1003 token-ring-default
act/unsup
1004 fddinet-default
act/unsup
1005 trnet-default
act/unsup
VLAN
---1
11
21
1002
1003
1004
1005
Type
----enet
enet
enet
fddi
tr
fdnet
trnet
SAID
---------100001
100011
100021
101002
101003
101004
101005
MTU
----1500
1500
1500
1500
1500
1500
1500
Parent
------
RingNo
------
BridgeNo
--------
Stp
---ieee
ibm
BrdgMode
--------
Trans1
-----0
0
0
0
0
0
0
Trans2
-----0
0
0
0
0
0
0
Remote SPAN VLANs
-----------------------------------------------------------------------------Primary Secondary Type
Ports
------- --------- ----------------- ------------------------------------------
Create the SVI on the Catalyst 6500: CAT6500#
CAT6500(config)#int vlan 21
CAT6500(config-if)#ip add
CAT6500(config-if)#ip address 10.11.21.254 255.255.255.0
CAT6500(config-if)#no shut
Do a quick ping test and see if you can ping the WLC IP addresses: CC an
IE H
4 oo
#1 ge
30 nd
8 4 oo
rn
CAT6500#ping 10.11.21.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.11.21.10, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
CAT6500#
Check how the interfaces look like before we configure AutoLAG: CAT6500#show int status
Port
Gi1/1
Gi1/2
Gi1/3
Gi1/4
Gi1/5
Gi1/6
Gi1/7
Gi1/8
Gi1/9
Gi1/10
Name
Iw
CAT6500#sh ip int brie
Interface
GigabitEthernet1/1
GigabitEthernet1/2
GigabitEthernet1/3
GigabitEthernet1/4
GigabitEthernet1/5
GigabitEthernet1/6
GigabitEthernet1/7
GigabitEthernet1/8
GigabitEthernet1/9
GigabitEthernet1/10
Status
connected
connected
connected
connected
connected
connected
connected
connected
connected
connected
IP-Address
unassigned
unassigned
unassigned
unassigned
unassigned
unassigned
unassigned
unassigned
unassigned
unassigned
OK?
YES
YES
YES
YES
YES
YES
YES
YES
YES
YES
Vlan
1
1
1
1
1
1
1
1
11
11
Method
unset
unset
unset
unset
unset
unset
unset
unset
unset
unset
Duplex
full
full
full
full
full
full
full
full
full
full
Speed
1000
1000
1000
1000
1000
1000
1000
1000
1000
1000
Type
unknown
unknown
unknown
unknown
unknown
unknown
unknown
unknown
unknown
unknown
Status
up
up
up
up
up
up
up
up
up
up
(4)
(4)
(4)
(4)
(4)
(4)
(4)
(4)
(4)
(4)
Protocol
up
up
up
up
up
up
up
up
up
up
CAT6500#show etherchannel summary
Flags: D - down
P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3
S - Layer2
U - in use
N - not in use, no aggregation
f - failed to allocate aggregator
M
m
u
d
-
not in use, no aggregation due to minimum links not met
not in use, port not aggregated due to minimum links not met
unsuitable for bundling
default port
w - waiting to be aggregated
Number of channel-groups in use: 2
Number of aggregators:
2
Group Port-channel Protocol
Ports
------+-------------+-----------+----------------------------------------------401
Po401(SD)
402
Po402(SD)
-
Configure AutoLag: CAT6500#
CAT6500(config)#wism
module 1 controller
1
allowed-vlan 11,21
CAT6500(config)#wism module 1 controller 1 qos-trust
CAT6500(config)#port-channel load-balance src-dst-ip
dscp
CAT6500(config)#wism module 1 controller 2 allowed-vlan 11,21
CAT6500(config)#wism module 1 controller 2 qos-trust dscp
Check the interface status again: CC an
IE H
4 oo
#1 ge
30 nd
8 4 oo
rn
CAT6500#show int status
Port
Gi1/1
Gi1/2
Gi1/3
Gi1/4
Gi1/5
Gi1/6
Gi1/7
Gi1/8
Gi1/9
Gi1/10
Name
Status
connected
connected
connected
connected
connected
connected
connected
connected
connected
connected
CAT6500#show ip int brief
Interface
IP-Address
GigabitEthernet1/1
unassigned
GigabitEthernet1/2
unassigned
GigabitEthernet1/3
unassigned
GigabitEthernet1/4
unassigned
GigabitEthernet1/5
unassigned
GigabitEthernet1/6
unassigned
GigabitEthernet1/7
unassigned
GigabitEthernet1/8
unassigned
GigabitEthernet1/9
unassigned
GigabitEthernet1/10
unassigned
OK?
YES
YES
YES
YES
YES
YES
YES
YES
YES
YES
Vlan
trunk
trunk
trunk
trunk
trunk
trunk
trunk
trunk
11
11
Method
unset
unset
unset
unset
unset
unset
unset
unset
unset
unset
Duplex
full
full
full
full
full
full
full
full
full
full
Speed
1000
1000
1000
1000
1000
1000
1000
1000
1000
1000
Type
unknown
unknown
unknown
unknown
unknown
unknown
unknown
unknown
unknown
unknown
Status
up
up
up
up
up
up
up
up
up
up
(4)
(4)
(4)
(4)
(4)
(4)
(4)
(4)
(4)
(4)
Protocol
up
up
up
up
up
up
up
up
up
up
CAT6500#show etherchannel summary
Flags: D - down
P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3
S - Layer2
U - in use
N - not in use, no aggregation
f - failed to allocate aggregator
-
not in use, no aggregation due to minimum links not met
not in use, port not aggregated due to minimum links not met
unsuitable for bundling
default port
Iw
M
m
u
d
w - waiting to be aggregated
Number of channel-groups in use: 2
Number of aggregators:
2
Group Port-channel Protocol
Ports
------+-------------+-----------+----------------------------------------------401
Po401(SU)
Gi1/1(P)
Gi1/2(P)
Gi1/3(P)
Gi1/4(P)
402
Po402(SU)
Gi1/5(P)
Gi1/6(P)
Gi1/7(P)
Gi1/8(P)
Check if ping is now working: CAT6500#ping 10.11.21.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.11.21.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/8 ms
5. Configure load balancing for load balancing based on best practices CAT6500(config)#port-channel load-balance
src-dst-ip
CC an
IE H
4 oo
#1 ge
30 nd
8 4 oo
rn
6. Create a Management VLAN for the WiSM blade on the Cat 6500 (VLAN 21 = 10.11.21.x/24) and do an initial configuration on WLC1 & WLC2. Use the following IP addresses: SVI interface = 10.11.21.254/24 WLC1 management interface = 10.11.21.10/24 WLC1 AP-­‐manager interface = 10.11.21.11/24 WLC1 management interface = 10.11.21.20/24 WLC1 AP-­‐manager interface = 10.11.21.21/24 Configure these IP addresses with the initial config setup on both WLC’s. Make sure how to change this IP address after the initial config is done Initial configure the WLC1: Welcome to the Cisco Wizard Configuration Tool
Use the '-' character to backup
System Name [Cisco_0a:45:ab]: WLC1
Enter Administrative User Name (24 characters max): admin
Enter Administrative Password (24 characters max): *****
Re-enter Administrative Password
: *****
Service Interface IP Address Configuration [none][DHCP]:
Management
Management
Management
Management
Management
Interface
Interface
Interface
Interface
Interface
IP Address: 10.11.21.10
Netmask: 255.255.255.0
Default Router: 10.11.21.254
VLAN Identifier (0 = untagged): 21
DHCP Server IP Address: 10.11.21.254
AP Transport Mode [layer2][LAYER3]:
AP Manager Interface IP Address: 10.11.21.11
AP-Manager is on Management subnet, using same values
AP Manager Interface DHCP Server (10.11.21.254):
Virtual Gateway IP Address: 1.1.1.1
Mobility/RF Group Name: WiSM-WLC1
Iw
Enable Symmetric Mobility Tunneling [yes][NO]:
Network Name (SSID): WiSM-WLC1
Allow Static IP Addresses [YES][no]:
Configure a RADIUS Server now? [YES][no]: no
Warning! The default WLAN security policy requires a RADIUS server.
Please see documentation for more details.
Enter Country Code list (enter 'help' for a list of countries) [US]:
Enable
Enable
Enable
Enable
802.11b
802.11a
802.11g
Auto-RF
Network [YES][no]:
Network [YES][no]:
Network [YES][no]:
[YES][no]:
Configure a NTP server now? [YES][no]: no
Configure the system time now? [YES][no]: no
Warning! No AP will come up unless the time is set.
Please see documentation for more details.
Configuration correct? If yes, system will save it and reset. [yes][NO]: yes
Configuration saved!
Resetting system with new configuration...
Initial configure the WLC2: Welcome to the Cisco Wizard Configuration Tool
Use the '-' character to backup
System Name [Cisco_0b:77:eb]: WLC2
Enter Administrative User Name (24 characters max): admin
Enter Administrative Password (24 characters max): *****
Re-enter Administrative Password
: *****
Service Interface IP Address Configuration [none][DHCP]:
Interface
Interface
Interface
Interface
Interface
IP Address: 10.11.21.20
Netmask: 255.255.255.0
Default Router: 10.11.21.254
VLAN Identifier (0 = untagged): 21
DHCP Server IP Address: 10.11.21.254
CC an
IE H
4 oo
#1 ge
30 nd
8 4 oo
rn
Management
Management
Management
Management
Management
AP Transport Mode [layer2][LAYER3]:
AP Manager Interface IP Address: 10.11.21.21
AP-Manager is on Management subnet, using same values
AP Manager Interface DHCP Server (10.11.21.254):
Virtual Gateway IP Address: 1.1.1.1
Mobility/RF Group Name: WiSM-WLC2
Enable Symmetric Mobility Tunneling [yes][NO]:
Network Name (SSID): WiSM-WLC2
Allow Static IP Addresses [YES][no]:
Configure a RADIUS Server now? [YES][no]: no
Warning! The default WLAN security policy requires a RADIUS server.
Please see documentation for more details.
Enter Country Code list (enter 'help' for a list of countries) [US]:
Enable
Enable
Enable
Enable
802.11b
802.11a
802.11g
Auto-RF
Network [YES][no]:
Network [YES][no]:
Network [YES][no]:
[YES][no]:
Configure a NTP server now? [YES][no]: no
Configure the system time now? [YES][no]: no
Iw
Warning! No AP will come up unless the time is set.
Please see documentation for more details.
Configuration correct? If yes, system will save it and reset. [yes][NO]: yes
Configuration saved!
Resetting system with new configuration...
7. Make sure that the traffic that is coming from WLC1 and WLC2 is arriving in a untagged form but stills travels trough the Management VLAN (21) CAT6500(config)#wism
CAT6500(config)#wism
module 1 controller 1 native-vlan 21
module 1 controller 2 native-vlan 21
8. Reset the WiSM blade independently from the Cat6500 switch We can reset an independent blade with the following command: Router#hw-module module 1 reset
Proceed with reload of module?[confirm]
% reset issued for module 1
00:18:00: %C6KPWR-SP-4-DISABLED: power to module in slot 1 set off (Reset)
00:00:09: DaughterBoard (Centralized Forwarding Card)
Iw
CC an
IE H
4 oo
#1 ge
30 nd
8 4 oo
rn
Firmware compiled 12-Oct-09 11:00 by integ Build [100]
00:00:12: %SYS-CFC1-5-RESTART: System restarted -Cisco IOS Software, c6lc2 Software (c6lc2-SP-VM), Version 12.2(33)SXH6, RELEASE
SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Thu 15-Oct-09 01:38 by prod_rel_team
Feb 26 09:07:08.681: CFC1: Currently running ROMMON from S (Gold) region
00:19:30: %DIAG-SP-6-RUN_MINIMUM: Module 1: Running Minimal Diagnostics...
00:18:04: %MLS_RATE-4-DISABLING: The global switching mode is now 'truncated'.
Disabling the Layer2 Rate Limiters.
00:19:35: %DIAG-SP-6-DIAG_OK: Module 1: Passed Online Diagnostics
00:19:36: %OIR-SP-6-INSCARD: Card inserted in slot 1, interfaces are now online
Router#