• 全部
  • 经验案例
  • 典型配置
  • 技术公告
  • FAQ
案例类型
搜索
取消
产品线
关键字
发布者
发布时间

某局点分层AC部署AP无法注册到local AC问题处理经验案例

2017-06-14发表
  • 0关注
  • 1收藏,609浏览
0

客户来电反馈,现场使用分层AC的组网部署,central AC和local AC之间通过vpn打通,其中local AC已经正常注册到central AC上,但是AP也注册到了central AC,无法注册到local AC。在了解了现场的组网和问题后,我们迅速投入力量进行分析。

现场组网如下:

 


1.首先我们查看central ac的配置:

#
    interface Vlan-interface1
    ip address 192.168.2.4 255.255.255.0
    #

#
    wlan local-ac name localac1 model WX2560H
    serial-id 219801A0WF916CQ00017
    #

#
    wlan ap dqzap2 model WA5320
    serial-id 219801A0YD816CE07520
    control-address enable
    control-address ip 192.168.4.3(指定AP到local AC IP 192.168.4.3上线)
    vlan 1
    radio 1
    service-template 1
    radio 2
    service-template 1
    gigabitethernet 1
    gigabitethernet 2
    #

central AC的相关配置没有问题

2.查看local AC配置

#
    interface Vlan-interface4
    ip address 192.168.4.3 255.255.252.0
    #

#
    wlan local-ac enable
    wlan local-ac capwap source-vlan 4
    #
    wlan central-ac ip 192.168.2.4
    #

看local AC上的配置也没有什么问题

3.在central AC上查看local AC和AP的注册状态

<CentralAC>dis wlan local-ac all
    Total number of local ACs: 1
    Total number of connected local ACs: 1

                                Local AC Information
    State : I = Idle,      J  = Join,       JA = JoinAck,    IL = ImageLoad
            C = Config,    DC = DataCheck,  R  = Run
    AC name                        ACID  State Model           Serial ID
    localac1                       2     R/M   WX2560H         219801A0WF916CQ00017

local AC WX2560H已经成功注册上。

<CentralAC>   dis wlan ap all
    Total number of APs: 3
    Total number of connected APs: 1
    Total number of connected manual APs: 1
    Total number of connected auto APs: 0
    Total number of connected common APs: 1
    Total number of connected WTUs: 0
    Total number of inside APs: 0
    Maximum supported APs: 6144
    Remaining APs: 6143
    Total AP licenses: 32
    Remaining AP licenses: 31

                                 AP information
    State : I = Idle,      J  = Join,       JA = JoinAck,    IL = ImageLoad
             C = Config,    DC = DataCheck,  R  = Run,   M = Master,  B = Backup

AP name                        APID  State Model           Serial ID
    dqzap1                         5     R/M   WA5320          219801A0YD816CE06220

ap也注册在central AC上。

4.在local AC上查看AC和AP的注册信息

[LocalAC1]dis wlan local-ac
    Local AC Information:
    Model                           : WX2560H
    Serial ID                       : 219801A0WF916CQ00017
    MAC address                     : d461-fe91-b850
    Local AC address                : 192.168.4.3
    H/W version                     : Ver.A
    S/W version                     : E5204P02
    Boot version                    : 1.05
    Static central AC IPv4 address  : 192.168.2.4
    Static central AC IPv6 address  : Not configured

Central AC Information:
    Central AC address              : 192.168.2.4
    State                           : Run
    Sent control packets            : 7703
    Received control packets        : 7699

local AC已经成功注册上,能够找到central AC的信息。

[LocalAC1]probe

[LocalAC1-probe]dis system internal wlan ctrl-ap

local AC上看不到AP的注册信息。

5.从以上信息看,AP没有注册到local AC上而是注册到了central AC上,那么为什么会出现这个现象呢?为了进一步定位,我们在两个AC上debugging capwap all进行分析:

local AC debugging信息:

[LocalAC1-GigabitEthernet1/0/3]%Mar 24 14:53:41:075 2017 LocalAC1 IFNET/3/PHY_UPDOWN: Physical   state on the interface GigabitEthernet1/0/3 changed to up.
%Mar 24 14:53:41:079 2017 LocalAC1 IFNET/5/LINK_UPDOWN: Line protocol state on the interface GigabitEthernet1/0/3 changed to up.
%Mar 24 14:54:11:337 2017 LocalAC1 STP/6/STP_DETECTED_TC: Instance 0&#39;s port GigabitEthernet1/0/3 detected a topology change.
*Mar 24 14:54:26:002 2017 LocalAC1 CWS/7/RCV_PKT: Received discovery request with SeqNum 0 from AP at 192.168.4.108:40642.
*Mar 24 14:54:26:003 2017 LocalAC1 CWS/7/RCV_PKT: Received discovery request from AP at 192.168.4.108:40642, Length=157.
 00 10 02 00 00 00 00 00 00 00 00 01 00 00 90 00
 00 14 00 01 02 00 26 00 39 00 00 63 A2 00 00 00
 06 57 41 35 33 32 30 00 01 00 14 32 31 39 38 30
 31 41 30 59 44 38 31 36 43 45 30 36 32 32 30 00
 03 00 05 56 65 72 2E 41 00 04 00 06 D4 61 FE 9D
 17 E0 00 27 00 2B 04 04 01 01 00 00 00 00 63 A2
 00 00 00 01 42 00 00 63 A2 00 01 00 08 45 32 32
 30 34 50 30 32 00 00 63 A2 00 02 00 04 37 2E 30
 34 00 29 00 01 0E 00 2C 00 01 02 04 18 00 05 01
 00 00 00 0A 04 18 00 05 02 00 00 00 6D
.
*Mar 24 14:54:26:003 2017 LocalAC1 CWS/7/RCV_PKT: Received discovery request from AP: IP address=192.168.4.108, MAC address=d461-fe9d-17e0, serial ID=219801A0YD816CE06220.
%Mar 24 14:54:26:003 2017 LocalAC1 APMGR/6/APMGR_LOG_NOLICENSE: AP failed to come online, Reason: No license for the Common AP.
%Mar 24 14:54:26:003 2017 LocalAC1 APMGR/6/APMGR_LOG_NOLICENSE: AP failed to come online in discovery, Reason: No license.
*Mar 24 14:54:26:003 2017 LocalAC1 CWS/7/ERROR: Failed to process discovery request from AP with serial ID 219801A0YD816CE06220: The feature apmgr has no available license..(提示AP上线失败,local AC上没有可用的license)
*Mar 24 14:54:26:004 2017 LocalAC1 CWS/7/ERROR: Failed to proc pkt msg from AP at 192.168.4.108:40642. MsgType = 1.

central AC的debugging信息:

*Mar 24 14:54:24:788 2017 CentralAC CWS/7/RCV_PKT: Received discovery request from AP: IP address=192.168.4.108, MAC address=d461-fe9d-17e0, serial ID=219801A0YD816CE06220, AP name=dqzap1, model=WA5320, last IP=192.168.4.108.(收到发现请求报文)
*Mar 24 14:54:24:789 2017 CentralAC CWS/7/EVENT: Filling AC Descriptor TLV. LicenseType[1] MaxSupportNum[6144] JoinCount[0].
*Mar 24 14:54:24:789 2017 CentralAC CWS/7/SND_PKT: Sent discovery response with SeqNum 0 to AP at 192.168.4.108:40642.
*Mar 24 14:54:24:789 2017 CentralAC CWS/7/SND_PKT: Sent discovery response to AP at 192.168.4.108:40642, Length=138.(响应发现请求报文)

*Mar 24 14:54:29:816 2017 CentralAC CWS/7/RCV_PKT: Received join request with SeqNum 1 from AP at 192.168.4.108:40642.
*Mar 24 14:54:29:816 2017 CentralAC CWS/7/RCV_PKT: Received join request from AP at 192.168.4.108:40642, Length=213.(收到加入请求报文)
*Mar 24 14:54:29:817 2017 CentralAC CWS/7/EVENT: Filling AC Descriptor TLV. LicenseType[1] MaxSupportNum[6144] JoinCount[0].
*Mar 24 14:54:29:818 2017 CentralAC CWS/7/SND_PKT: Sent join response with SeqNum 1 to AP at 192.168.4.108:40642.
*Mar 24 14:54:29:818 2017 CentralAC CWS/7/SND_PKT: Sent join response to AP at 192.168.4.108:40642, Length=145.(响应加入请求报文)
*Mar 24 14:54:29:818 2017 CentralAC CWS/7/FSM: Enter Join state.(AP进入加入状态)
*Mar 24 14:54:29:844 2017 CentralAC CWS/7/RCV_PKT: Received configuration request with SeqNum 2 from AP at 192.168.4.108:40642.
*Mar 24 14:54:29:844 2017 CentralAC CWS/7/RCV_PKT: Received configuration request from AP at 192.168.4.108:40642, Length=506.(收到注册请求报文)
*Mar 24 14:54:29:845 2017 CentralAC CWS/7/SND_PKT: Sent fragment1 of configuration response with SeqNum 2 to AP at 192.168.4.108:40642.
*Mar 24 14:54:29:845 2017 CentralAC CWS/7/SND_PKT: Sent fragment1 of configuration response to AP at 192.168.4.108:40642, Length=1448.
*Mar 24 14:54:29:846 2017 CentralAC CWS/7/SND_PKT: Sent fragment2 of configuration response with SeqNum 2 to AP at 192.168.4.108:40642.
*Mar 24 14:54:29:846 2017 CentralAC CWS/7/SND_PKT: Sent fragment2 of configuration response to AP at 192.168.4.108:40642, Length=1448.
*Mar 24 14:54:29:847 2017 CentralAC CWS/7/SND_PKT: Sent fragment3 of configuration response with SeqNum 2 to AP at 192.168.4.108:40642.
*Mar 24 14:54:29:847 2017 CentralAC CWS/7/SND_PKT: Sent fragment3 of configuration response to AP at 192.168.4.108:40642, Length=700.
*Mar 24 14:54:29:847 2017 CentralAC CWS/7/SND_PKT: Sent all fragments of configuration response with SeqNum 2 to AP at 192.168.4.108:40642.(响应注册请求报文)
*Mar 24 14:54:29:847 2017 CentralAC CWS/7/FSM: Enter Config state.(进入注册状态)
*Mar 24 14:54:30:636 2017 CentralAC CWS/7/RCV_PKT: Received change state event request with SeqNum 3 from AP at 192.168.4.108:40642.
*Mar 24 14:54:30:636 2017 CentralAC CWS/7/RCV_PKT: Received change state event request from AP at 192.168.4.108:40642, Length=38.(收到AP状态改变报文)
*Mar 24 14:54:30:636 2017 CentralAC CWS/7/SND_PKT: Sent change state event response with SeqNum 3 to AP at 192.168.4.108:40642.
*Mar 24 14:54:30:636 2017 CentralAC CWS/7/SND_PKT: Sent change state event response to AP at 192.168.4.108:40642, Length=16.(响应AP状态改变报文)
*Mar 24 14:54:30:636 2017 CentralAC CWS/7/FSM: Enter Data Check state.(AP进入数据校验状态)
*Mar 24 14:54:30:660 2017 CentralAC CWS/7/DATA: Received data channel keep-alive message from AP at 192.168.4.108:40642.(收到数据信道保活报文)
*Mar 24 14:54:30:661 2017 CentralAC CWS/7/DATA: Sent data channel keep-alive message to AP at 192.168.4.108:40642.(响应数据信道保活报文)
%Mar 24 14:54:30:662 2017 CentralAC APMGR/6/APMGR_AP_ONLINE: AP dqzap1 came online. State changed to Run.(AP正常上线)

从debugging信息分析,因为local AC上没有license,AP在local AC上注册失败所以注册到了central AC上,但是我们分层AC的部署模式下,central AC的license信息和local AC是共享的,也就是说local AC上是不需要license的,AP先向central AC发送discover Request报文,central AC根据 control-address enable control-address ip 192.168.4.3响应discover Request,将local AC的地址反馈给AP,AP再向local AC发送discover Request开始注册。根据debugging信息我们猜想,是否是local AC上的某些配置影响了AP注册的过程导致AP无法在local AC上上线。


我们仔细检查local AC的配置,发现上面有这样一条命令:wlan auto-ap enable。local AC上开启了AP自动注册的功能,这种情况下AP连接后会直接向local AC上注册而由于local AC上没有license,AP无法上线,AP认为在local AC上不可上线的情况下就会注册到central AC上,这与之前的故障现象相符,也印证了我们之前的猜想。

让现场删除wlan auto-ap enable这条命令后,AP就可以正常在local AC上线。


1.在分层AC的部署情况下,local AC不需要license,由central AC共享license进行AP的注册管理。

2.在配置local AC时,我们不要配置任何AP注册的相关命令,完全由central AC上指定AP注册的local AC即可。


0 个评论

该案例暂时没有网友评论

编辑评论

举报

×

侵犯我的权益 >
对根叔知了社区有害的内容 >
辱骂、歧视、挑衅等(不友善)

侵犯我的权益

×

泄露了我的隐私 >
侵犯了我企业的权益 >
抄袭了我的内容 >
诽谤我 >
辱骂、歧视、挑衅等(不友善)
骚扰我

泄露了我的隐私

×

您好,当您发现根叔知了上有泄漏您隐私的内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到zhiliao@h3c.com 邮箱,我们会尽快处理。
  • 1. 您认为哪些内容泄露了您的隐私?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)

侵犯了我企业的权益

×

您好,当您发现根叔知了上有关于您企业的造谣与诽谤、商业侵权等内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到 zhiliao@h3c.com 邮箱,我们会在审核后尽快给您答复。
  • 1. 您举报的内容是什么?(请在邮件中列出您举报的内容和链接地址)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
  • 3. 是哪家企业?(营业执照,单位登记证明等证件)
  • 4. 您与该企业的关系是?(您是企业法人或被授权人,需提供企业委托授权书)
我们认为知名企业应该坦然接受公众讨论,对于答案中不准确的部分,我们欢迎您以正式或非正式身份在根叔知了上进行澄清。

抄袭了我的内容

×

原文链接或出处

诽谤我

×

您好,当您发现根叔知了上有诽谤您的内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到zhiliao@h3c.com 邮箱,我们会尽快处理。
  • 1. 您举报的内容以及侵犯了您什么权益?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
我们认为知名企业应该坦然接受公众讨论,对于答案中不准确的部分,我们欢迎您以正式或非正式身份在根叔知了上进行澄清。

对根叔知了社区有害的内容

×

垃圾广告信息
色情、暴力、血腥等违反法律法规的内容
政治敏感
不规范转载 >
辱骂、歧视、挑衅等(不友善)
骚扰我
诱导投票

不规范转载

×

举报说明

分享扩散:

提出建议

    +

亲~登录后才可以操作哦!

确定

你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作