Example for Configuring N+1 Backup

WLAN V200R019C00 Typical Configuration Examples

Rate and give feedback:

Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).

Service Requirements

A large enterprise has branches in different areas. ACs are deployed in the branches to manage APs, providing WLAN access and email services. These services require low network reliability and allow temporary service interruption. An AC is required to be a backup of all ACs to save costs. In this scenario, the enterprise can deploy a high-performance AC at the headquarters as a standby AC to provide backup services for active ACs in the branches.

Networking Requirements

AC networking mode: Layer 3 bypass mode
DHCP deployment mode: Router_3 functions as a DHCP server to assign IP addresses to APs and STAs.
Service data forwarding mode: direct forwarding

Figure 5-49 Networking for configuring N+1 backup

Data Planning

Table 5-51 AC data planning

Item	Data
Management VLAN for APs	AC_1 (primary AC): VLAN 99
Management VLAN for APs	AC_2 (primary AC): VLAN 100
Service VLAN for STAs	AC_1: VLAN 101
Service VLAN for STAs	AC_2: VLAN 102
DHCP server	Router_3 functions as a DHCP server to assign IP addresses to APs and STAs. STAs' gateway: STA_1: 10.23.101.1/24 STA_2: 10.23.102.1/24 APs' gateway: AP_1: 10.23.99.1/24 AP_2: 10.23.100.1/24
IP address pool for APs	AP_1: 10.23.99.2-10.23.99.254/24 AP_2: 10.23.100.2-10.23.100.254/24
IP address pool for STAs	STA1: 10.23.101.2-10.23.101.254/24 STA2: 10.23.102.2-10.23.102.254/24
AC's source interface	AC_1: VLANIF 201 AC_2: VLANIF 202 AC_3: VLANIF 203
AC_1's management IP address	VLANIF 201: 10.23.201.1/24
AC_2's management IP address	VLANIF 202: 10.23.202.1/24
AC_3's management IP address	VLANIF 203: 10.23.203.1/24
AP group	On AC_1 (primary AC): Name: ap-group1 Referenced profiles: AP system profile ap-system, VAP profile wlan-net, and regulatory domain profile default
	On AC_2 (primary AC): Name: ap-group2 Referenced profiles: AP system profile ap-system, VAP profile wlan-net1, and regulatory domain profile default
	On AC_3 (backup AC): Name: ap-group1 Referenced profiles: AP system profile ap-system, VAP profile wlan-net, and regulatory domain profile default Name: ap-group2 Referenced profiles: AP system profile ap-system, VAP profile wlan-net1, and regulatory domain profile default
Regulatory domain profile	Name: default Country code: China
SSID profile	AC_1: Name: wlan-net SSID name: wlan-net
	AC_2: Name: wlan-net1 SSID name: wlan-net1
	AC_3: Name: wlan-net SSID name: wlan-net Name: wlan-net1 SSID name: wlan-net1
Security profile	AC_1, AC_3: Name: wlan-net Security policy: WPA-WPA2+PSK+AES Password: a1234567 AC_2, AC_3: Name: wlan-net1 Security policy: WPA-WPA2+PSK+AES Password: a1234567
VAP profile	AC_1: Name: wlan-net Forwarding mode: direct forwarding Service VLAN: VLAN 101 Referenced profiles: SSID profile wlan-net and security profile wlan-net
	AC_2: Name: wlan-net1 Forwarding mode: direct forwarding Service VLAN: VLAN 102 Referenced profiles: SSID profile wlan-net1 and security profile wlan-net1
	AC_3: Name: wlan-net Forwarding mode: direct forwarding Service VLAN: VLAN 101 Referenced profiles: SSID profile wlan-net and security profile wlan-net Name: wlan-net1 Forwarding mode: direct forwarding Service VLAN: VLAN 102 Referenced profiles: SSID profile wlan-net1 and security profile wlan-net1
AP system profile	On AC_1: Name: ap-system Primary AC IP address: 10.23.201.1 Backup AC IP address: 10.23.203.1
	On AC_2: Name: ap-system1 Primary AC IP address: 10.23.202.1 Backup AC IP address: 10.23.203.1
	On AC_3: Name: ap-system Primary AC IP address: 10.23.201.1 Backup AC IP address: 10.23.203.1 Name: ap-system1 Primary AC IP address: 10.23.202.1 Backup AC IP address: 10.23.203.1

Configuration Roadmap

Configure network connectivity between ACs and other network devices. Configure Router_3 as a DHCP server to assign IP addresses to APs and STAs.
Configure AC_1 and AC_2 as the active ACs of AP_1 and AP_2, respectively, and configure basic WLAN services on AC_1 and AC_2.
Configure AC_3 as the standby AC of AP_1 and AP_2, and configure basic WLAN services on AC_3. Ensure that service configurations on AC_3 are the same as those on AC_1 and AC_2.
Configure N+1 backup on the active ACs first and then on the standby AC. After the configuration, restart all the APs.

Configuration Notes

No ACK mechanism is provided for multicast packet transmission on air interfaces. In addition, wireless links are unstable. To ensure stable transmission of multicast packets, they are usually sent at low rates. If a large number of such multicast packets are sent from the network side, the air interfaces may be congested. You are advised to configure multicast packet suppression to reduce impact of a large number of low-rate multicast packets on the wireless network. Exercise caution when configuring the rate limit; otherwise, the multicast services may be affected.
- In direct forwarding mode, you are advised to configure multicast packet suppression on switch interfaces connected to APs.
- In tunnel forwarding mode, you are advised to configure multicast packet suppression in traffic profiles of the AC.
For details on how to configure traffic suppression, see How Do I Configure Multicast Packet Suppression to Reduce Impact of a Large Number of Low-Rate Multicast Packets on the Wireless Network?.
Configure port isolation on the interfaces of the device directly connected to APs. If port isolation is not configured and direct forwarding is used, a large number of unnecessary broadcast packets may be generated in the VLAN, blocking the network and degrading user experience.
In tunnel forwarding mode, the management VLAN and service VLAN cannot be the same. Only packets from the management VLAN are transmitted between the AC and APs. Packets from the service VLAN are not allowed between the AC and APs.

Procedure

Configure the routers and switches to communicate with each other.
# On Router_1, create VLAN 99, VLAN 101, and VLAN 201. VLAN 99 is used as the management VLAN and VLAN 101 is used as the service VLAN. Add Eth2/0/0 connected to Switch_1 to VLAN 99 and VLAN 101, and Eth2/0/1 connected to AC_1 to VLAN 201. Configure the IP address 10.23.99.1/24 for VLANIF 99, 10.23.101.1/24 for VLANIF 101, and 10.23.201.2/24 for VLANIF 201.
```
<Huawei> system-view
[Huawei] sysname Router_1
[Router_1] vlan batch 99 101 201
[Router_1] interface ethernet 2/0/0
[Router_1-Ethernet2/0/0] port link-type trunk
[Router_1-Ethernet2/0/0] port trunk allow-pass vlan 99 101
[Router_1-Ethernet2/0/0] quit
[Router_1] interface ethernet 2/0/1
[Router_1-Ethernet2/0/1] port link-type trunk
[Router_1-Ethernet2/0/1] port trunk allow-pass vlan 201
[Router_1-Ethernet2/0/1] quit
[Router_1] interface vlanif 99
[Router_1-Vlanif99] ip address 10.23.99.1 255.255.255.0
[Router_1-Vlanif99] quit
[Router_1] interface vlanif 101
[Router_1-Vlanif101] ip address 10.23.101.1 255.255.255.0
[Router_1-Vlanif101] quit
[Router_1] interface vlanif 201
[Router_1-Vlanif201] ip address 10.23.201.2 255.255.255.0
[Router_1-Vlanif201] quit
```
# On Router_2, create VLAN 100, VLAN 102, and VLAN 202. VLAN 100 is used as the management VLAN and VLAN 102 is used as the service VLAN. Add Eth2/0/0 connected to Switch_2 to VLAN 100 and VLAN 102, and Eth2/0/1 connected to AC_2 to VLAN 202. Configure the IP address 10.23.100.1/24 for VLANIF 100, 10.23.102.1/24 for VLANIF 102, and 10.23.202.2/24 for VLANIF 202. The configuration procedure is the same as that on Router_1.

# On Router_3, create VLAN 200 and VLAN 203. Add Eth2/0/0 connected to the Internet to VLAN 200, and Eth2/0/1 connected to AC_3 to VLAN 203. Configure the IP address 10.23.200.1/24 for VLANIF 200 and 10.23.203.2/24 for VLANIF 203. The configuration procedure is the same as that on Router_1.

# On Switch_1, create VLAN 99 and VLAN 101. Add GE0/0/2 connected to Router_1 and GE0/0/1 connected to AP_1 to VLAN 99 and VLAN 101. Set the PVID of the interfaces to VLAN 99.
```
<HUAWEI> system-view
[HUAWEI] sysname Switch_1
[Switch_1] vlan batch 99 101
[Switch_1] interface gigabitethernet 0/0/1
[Switch_1-GigabitEthernet0/0/1] port link-type trunk
[Switch_1-GigabitEthernet0/0/1] port trunk pvid vlan 99
[Switch_1-GigabitEthernet0/0/1] port trunk allow-pass vlan 99 101
[Switch_1-GigabitEthernet0/0/1] port-isolate enable
[Switch_1-GigabitEthernet0/0/1] quit
[Switch_1] interface gigabitethernet 0/0/2
[Switch_1-GigabitEthernet0/0/2] port link-type trunk
[Switch_1-GigabitEthernet0/0/2] port trunk allow-pass vlan 99 101
[Switch_1-GigabitEthernet0/0/2] quit
```
# On Switch_2, create VLAN 100 and VLAN 102. Add GE0/0/2 connected to Router_2 and GE0/0/1 connected to AP_2 to VLAN 100 and VLAN 102. Set the PVID of the interfaces to VLAN 100. The configuration procedure is the same as that on Switch_1.

Configure a DHCP server to assign IP addresses to APs and STAs.

# Configure Router_1 as a DHCP relay agent.

[Router_1] dhcp enable
[Router_1] interface vlanif 99
[Router_1-Vlanif99] dhcp select relay
[Router_1-Vlanif99] dhcp relay server-ip 10.23.200.1
[Router_1-Vlanif99] quit
[Router_1] interface vlanif 101
[Router_1-Vlanif101] dhcp select relay
[Router_1-Vlanif101] dhcp relay server-ip 10.23.200.1
[Router_1-Vlanif101] quit

# Configure Router_2 as a DHCP relay agent.

[Router_2] dhcp enable
[Router_2] interface vlanif 100
[Router_2-Vlanif100] dhcp select relay
[Router_2-Vlanif100] dhcp relay server-ip 10.23.200.1
[Router_2-Vlanif100] quit
[Router_2] interface vlanif 102
[Router_2-Vlanif102] dhcp select relay
[Router_2-Vlanif102] dhcp relay server-ip 10.23.200.1
[Router_2-Vlanif102] quit

# Configure Router_3 as the DHCP server to assign IP addresses to APs and STAs, and configure the Option 43 field to advertise the IP addresses of AC_1 and AC_3 to AP_1, and to advertise the IP addresses of AC_2 and AC_3 to AP_2. Configure the DHCP server to assign IP addresses to AP_1 from the IP address pool ap_1_pool, to AP_2 from ap_2_pool, to STA_1 from sta_1_pool, and to STA_2 from sta_2_pool.

In this example, AP_1 and AP_2 cannot share an IP address pool; otherwise, AP_1 can discover AC_2 and AP_2 can discover AC_1, which will cause APs unable to connect to the correct AC based on the AC priority.

Configure the DNS server as required. The common methods are as follows:

In the interface address pool scenario, run the dhcp server dns-list ip-address &<1-8> command in the VLANIF interface view.
In the global address pool scenario, run the dns-list ip-address &<1-8> command in the IP address pool view.

[Router_3] dhcp enable
[Router_3] ip pool ap_1_pool
[Router_3-ip-pool-ap_1_pool] network 10.23.99.0 mask 24
[Router_3-ip-pool-ap_1_pool] gateway-list 10.23.99.1
[Router_3-ip-pool-ap_1_pool] option 43 sub-option 2 ip-address 10.23.201.1 10.23.203.1
[Router_3-ip-pool-ap_1_pool] quit
[Router_3] ip pool ap_2_pool
[Router_3-ip-pool-ap_2_pool] network 10.23.100.0 mask 24
[Router_3-ip-pool-ap_2_pool] gateway-list 10.23.100.1
[Router_3-ip-pool-ap_2_pool] option 43 sub-option 2 ip-address 10.23.202.1 10.23.203.1
[Router_3-ip-pool-ap_2_pool] quit
[Router_3] ip pool sta_1_pool
[Router_3-ip-pool-sta_1_pool] network 10.23.101.0 mask 24
[Router_3-ip-pool-sta_1_pool] gateway-list 10.23.101.1
[Router_3-ip-pool-sta_1_pool] quit
[Router_3] ip pool sta_2_pool
[Router_3-ip-pool-sta_2_pool] network 10.23.102.0 mask 24
[Router_3-ip-pool-sta_2_pool] gateway-list 10.23.102.1
[Router_3-ip-pool-sta_2_pool] quit
[Router_3] interface Vlanif200
[Router_3-Vlanif200] dhcp select global
[Router_3-Vlanif200] quit

Configure AC_1.
1. Perform basic AC configurations.
  # Choose Configuration > Config Wizard > AC. The Basic AC Configuration page is displayed.
  
  # Set Country/Region based on actual situations. For example, set Country/Region to China. Set System time to Manual and Date and time to PC.
  
  # Click Next. The Port Configuration page is displayed.
2. Configure interfaces.
  # Select GigabitEthernet0/0/1 and expand Batch Modify. Set Interface type to Trunk and add GigabitEthernet0/0/1 to VLAN 201.
  
  If the AC and APs are directly connected, set the default VLAN of the interfaces connected to the APs to management VLAN 100.
  
  # Click Apply.
  
  # Click Next. The Network Interconnection Configuration page is displayed.
3. Configure network interconnections.
  # Click Create under Interface Configuration. The Create Interface Configuration page is displayed.
  
  # Set the IP address of VLANIF 201 to 10.23.201.1/24.
  
  # Click OK. An address for VLANIF 201 is configured.
  
  # Under Static Route Table, click Create. The Create Static Route Table page is displayed.
  
  # Set Destination IP to 10.23.99.0, Subnet Mask to 24(255.255.255.0), and Next hop address to 10.23.201.2.
  
  # Click OK.
  
  # Click Next.
  
  # Click Next. The AC Source Address page is displayed.
4. Configure the source address for AC.
  # Set AC source address to VLANIF. Click the browse button and select Vlanif201.
  
  # Click Next. The Confirm Settings page is displayed.
5. Confirm the configuration.
  # Confirm the configuration and click Continue With AP Online.
Configure APs to go online.
1. Configure APs to go online.
  # Click Batch Import. The Batch Import page is displayed. Click to download an AP template file to your local computer.
  # Fill in the AP template file with AP information according to the following example. To add multiple APs, fill in the file with information of the APs.
  - AP MAC: 60de-4476-e360
  - AP SN: 210235419610CB002287
  - AP Name: area_1
  - AP Group: ap-group1
  If you set AP authentication mode to MAC address authentication, the AP's MAC address is mandatory and the AP's SN is optional.
  If you set AP authentication mode to SN authentication, the AP's SN is mandatory and the AP's MAC address is optional.
  
  You are advised to export the radio ID, AP channel, frequency bandwidth, and power planned on WLAN Planner to a .csv file, and then enter them in the AP template file. Set the longitude and latitude as required.
  # Click next to Import AP File, select the AP template file, and click Import.
  
  # On the page that displays the template import result, click OK.
  
  # Click Next. The Group APs page is displayed.
  
  # AP group information has been added in the AP template file. Click Next. The Confirm Configurations page is displayed.
2. Confirm the configuration.
  # Confirm the configuration and click Continue With Wireless Service Configuration.
Configure WLAN services on AC_1.
# Click Create. The Basic Information page is displayed.

# Set the SSID name, forwarding mode, and service VLAN.

# Click Next. The Security Authentication page is displayed.

# Set Security settings to Key (applicable to personnel networks) and set the key.

# Click Next. The Access Control page is displayed.

# Set Binding the AP group to ap-group1.

# Click Finish.
Configure IP addresses for primary ACs and the backup AC on AC_1.
1. # Choose Configuration > AP Config > AP Group > AP Group.
2. # In the AP group list, click ap-group1. Choose AP > AP System Profile. The AP System Profile page is displayed.
3. # Click Create. On the page that is displayed, set Profile name to ap-system and click OK.
4. # On the Advanced Configuration page of the AP system profile, expand Dual-Link/N+1 Backup. Set Configuration mode to IP address-based, Primary AC IP address to 10.23.201.1, and Backup AC IP address to 10.23.203.1.
5. # Click Apply. In the dialog box that is displayed, click OK.
Configure AC_2.
The configuration is similar to that on AC_1. The following parameters are different:
- Add GigabitEthernet0/0/1 to VLAN 202.
- Create VLANIF 202 and set its IP address to 10.23.202.1/24. Configure 10.23.202.2 as the next hop of the route to the 10.23.100.0/24 network segment.
- Add APs to ap-group2.
- When configuring WLAN services, set the SSID name to wlan-net1 and service VLAN to 102.
- Set the AP system profile name to ap-system1 and Primary AC IP address to 10.23.202.1.
Configure AC_3.
The configuration is similar to that on AC_1. The following parameters are different:
- Add GigabitEthernet0/0/1 to VLAN 203.
- Create VLANIF 203 and set its IP address to 10.23.203.1/24. Configure 10.23.203.2 as the next hop of the routes to the 10.23.99.0/24 and 10.23.100.0/24 network segments.
- Import APs on AC_1 and AC_2 to AC_3, and add the APs to ap-group1 and ap-group2, respectively.
- When configuring WLAN services on AC_3, choose Configuration > Config Wizard > Wireless Service and create SSIDs wlan-net and wlan-net1. Set parameters on wlan-net to the same as those on AC_1 and parameters on wlan-net1 to the same as those on AC_2.
- Creates AP system profiles ap-system and ap-system1 in AP groups ap-group1 and ap-group2, respectively. Set parameters on ap-system to the same as those on AC_1 and parameters on ap-system1 to the same as those on AC_2.
Enable N+1 backup on AC_1, AC_2, and AC_3.
1. Enable N+1 backup on AC_1.
  # On AC_1, choose Configuration > Reliability > Reliability. The Reliability page is displayed.
  
  # Set Backup mode to N+1 backup, AC dual-link switchover status to ON.
  
  # Click Apply. In the dialog box that is displayed, click OK.
  
  # Choose Maintenance > AP Maintenance > AP Restart > Restart All to restart all APs, so that the N+1 backup function can take effect.
  
  By default, N+1 backup is enabled. You need to restart all APs on the primary AC. After the APs are restarted, N+1 backup takes effect.
2. Enable N+1 backup on AC_2 and AC_3. The configuration is similar to that on AC_1.
Verify the configuration.
# The WLAN with SSIDs wlan-net and wlan-net1 is available for STAs connected to the APs, and these STAs can connect to the WLAN and go online properly.

# Simulate a master AC fault by restarting the master AC to verify the backup configuration. Restart AC_1. When the AP_1 detects a fault on the link connected to AC_1, AC_3 takes the active role, ensuring service stability.

Before restarting the AC, click Save in the upper right corner of the web page to save the configuration file on the AC to prevent configuration loss after the restart.

# During the restart of AC_1, the AP_1 goes online on AC_3. On AC_3, choose Monitoring > AP > AP Statistics Collection. It is found that the AP status changes from fault to normal.

# After AC_1 recovers from the restart, an active/standby switchback is triggered. The AP_1 automatically goes online on AC_1.