客户来电反馈,现场使用分层AC的组网部署,central AC和local AC之间通过vpn打通,其中local AC已经正常注册到central AC上,但是AP也注册到了central AC,无法注册到local AC。在了解了现场的组网和问题后,我们迅速投入力量进行分析。
现场组网如下:
1.首先我们查看central ac的配置:
#
interface Vlan-interface1
ip address 192.168.2.4 255.255.255.0
#
#
wlan local-ac name localac1 model WX2560H
serial-id 219801A0WF916CQ00017
#
#
wlan ap dqzap2 model WA5320
serial-id 219801A0YD816CE07520
control-address enable
control-address ip 192.168.4.3(指定AP到local AC IP 192.168.4.3上线)
vlan 1
radio 1
service-template 1
radio 2
service-template 1
gigabitethernet 1
gigabitethernet 2
#
central AC的相关配置没有问题
2.查看local AC配置
#
interface Vlan-interface4
ip address 192.168.4.3 255.255.252.0
#
#
wlan local-ac enable
wlan local-ac capwap source-vlan 4
#
wlan central-ac ip 192.168.2.4
#
看local AC上的配置也没有什么问题
3.在central AC上查看local AC和AP的注册状态
<CentralAC>dis wlan local-ac all
Total number of local ACs: 1
Total number of connected local ACs: 1
Local AC Information
State : I = Idle, J = Join, JA = JoinAck, IL = ImageLoad
C = Config, DC = DataCheck, R = Run
AC name ACID State Model Serial ID
localac1 2 R/M WX2560H 219801A0WF916CQ00017
local AC WX2560H已经成功注册上。
<CentralAC> dis wlan ap all
Total number of APs: 3
Total number of connected APs: 1
Total number of connected manual APs: 1
Total number of connected auto APs: 0
Total number of connected common APs: 1
Total number of connected WTUs: 0
Total number of inside APs: 0
Maximum supported APs: 6144
Remaining APs: 6143
Total AP licenses: 32
Remaining AP licenses: 31
AP information
State : I = Idle, J = Join, JA = JoinAck, IL = ImageLoad
C = Config, DC = DataCheck, R = Run, M = Master, B = Backup
AP name APID State Model Serial ID
dqzap1 5 R/M WA5320 219801A0YD816CE06220
ap也注册在central AC上。
4.在local AC上查看AC和AP的注册信息
[LocalAC1]dis wlan local-ac
Local AC Information:
Model : WX2560H
Serial ID : 219801A0WF916CQ00017
MAC address : d461-fe91-b850
Local AC address : 192.168.4.3
H/W version : Ver.A
S/W version : E5204P02
Boot version : 1.05
Static central AC IPv4 address : 192.168.2.4
Static central AC IPv6 address : Not configured
Central AC Information:
Central AC address : 192.168.2.4
State : Run
Sent control packets : 7703
Received control packets : 7699
local AC已经成功注册上,能够找到central AC的信息。
[LocalAC1]probe
[LocalAC1-probe]dis system internal wlan ctrl-ap
local AC上看不到AP的注册信息。
5.从以上信息看,AP没有注册到local AC上而是注册到了central AC上,那么为什么会出现这个现象呢?为了进一步定位,我们在两个AC上debugging capwap all进行分析:
local AC debugging信息:
[LocalAC1-GigabitEthernet1/0/3]%Mar 24 14:53:41:075 2017 LocalAC1 IFNET/3/PHY_UPDOWN: Physical state on the interface GigabitEthernet1/0/3 changed to up.
%Mar 24 14:53:41:079 2017 LocalAC1 IFNET/5/LINK_UPDOWN: Line protocol state on the interface GigabitEthernet1/0/3 changed to up.
%Mar 24 14:54:11:337 2017 LocalAC1 STP/6/STP_DETECTED_TC: Instance 0&#39;s port GigabitEthernet1/0/3 detected a topology change.
*Mar 24 14:54:26:002 2017 LocalAC1 CWS/7/RCV_PKT: Received discovery request with SeqNum 0 from AP at 192.168.4.108:40642.
*Mar 24 14:54:26:003 2017 LocalAC1 CWS/7/RCV_PKT: Received discovery request from AP at 192.168.4.108:40642, Length=157.
00 10 02 00 00 00 00 00 00 00 00 01 00 00 90 00
00 14 00 01 02 00 26 00 39 00 00 63 A2 00 00 00
06 57 41 35 33 32 30 00 01 00 14 32 31 39 38 30
31 41 30 59 44 38 31 36 43 45 30 36 32 32 30 00
03 00 05 56 65 72 2E 41 00 04 00 06 D4 61 FE 9D
17 E0 00 27 00 2B 04 04 01 01 00 00 00 00 63 A2
00 00 00 01 42 00 00 63 A2 00 01 00 08 45 32 32
30 34 50 30 32 00 00 63 A2 00 02 00 04 37 2E 30
34 00 29 00 01 0E 00 2C 00 01 02 04 18 00 05 01
00 00 00 0A 04 18 00 05 02 00 00 00 6D
.
*Mar 24 14:54:26:003 2017 LocalAC1 CWS/7/RCV_PKT: Received discovery request from AP: IP address=192.168.4.108, MAC address=d461-fe9d-17e0, serial ID=219801A0YD816CE06220.
%Mar 24 14:54:26:003 2017 LocalAC1 APMGR/6/APMGR_LOG_NOLICENSE: AP failed to come online, Reason: No license for the Common AP.
%Mar 24 14:54:26:003 2017 LocalAC1 APMGR/6/APMGR_LOG_NOLICENSE: AP failed to come online in discovery, Reason: No license.
*Mar 24 14:54:26:003 2017 LocalAC1 CWS/7/ERROR: Failed to process discovery request from AP with serial ID 219801A0YD816CE06220: The feature apmgr has no available license..(提示AP上线失败,local AC上没有可用的license)
*Mar 24 14:54:26:004 2017 LocalAC1 CWS/7/ERROR: Failed to proc pkt msg from AP at 192.168.4.108:40642. MsgType = 1.
central AC的debugging信息:
*Mar 24 14:54:24:788 2017 CentralAC CWS/7/RCV_PKT: Received discovery request from AP: IP address=192.168.4.108, MAC address=d461-fe9d-17e0, serial ID=219801A0YD816CE06220, AP name=dqzap1, model=WA5320, last IP=192.168.4.108.(收到发现请求报文)
*Mar 24 14:54:24:789 2017 CentralAC CWS/7/EVENT: Filling AC Descriptor TLV. LicenseType[1] MaxSupportNum[6144] JoinCount[0].
*Mar 24 14:54:24:789 2017 CentralAC CWS/7/SND_PKT: Sent discovery response with SeqNum 0 to AP at 192.168.4.108:40642.
*Mar 24 14:54:24:789 2017 CentralAC CWS/7/SND_PKT: Sent discovery response to AP at 192.168.4.108:40642, Length=138.(响应发现请求报文)
*Mar 24 14:54:29:816 2017 CentralAC CWS/7/RCV_PKT: Received join request with SeqNum 1 from AP at 192.168.4.108:40642.
*Mar 24 14:54:29:816 2017 CentralAC CWS/7/RCV_PKT: Received join request from AP at 192.168.4.108:40642, Length=213.(收到加入请求报文)
*Mar 24 14:54:29:817 2017 CentralAC CWS/7/EVENT: Filling AC Descriptor TLV. LicenseType[1] MaxSupportNum[6144] JoinCount[0].
*Mar 24 14:54:29:818 2017 CentralAC CWS/7/SND_PKT: Sent join response with SeqNum 1 to AP at 192.168.4.108:40642.
*Mar 24 14:54:29:818 2017 CentralAC CWS/7/SND_PKT: Sent join response to AP at 192.168.4.108:40642, Length=145.(响应加入请求报文)
*Mar 24 14:54:29:818 2017 CentralAC CWS/7/FSM: Enter Join state.(AP进入加入状态)
*Mar 24 14:54:29:844 2017 CentralAC CWS/7/RCV_PKT: Received configuration request with SeqNum 2 from AP at 192.168.4.108:40642.
*Mar 24 14:54:29:844 2017 CentralAC CWS/7/RCV_PKT: Received configuration request from AP at 192.168.4.108:40642, Length=506.(收到注册请求报文)
*Mar 24 14:54:29:845 2017 CentralAC CWS/7/SND_PKT: Sent fragment1 of configuration response with SeqNum 2 to AP at 192.168.4.108:40642.
*Mar 24 14:54:29:845 2017 CentralAC CWS/7/SND_PKT: Sent fragment1 of configuration response to AP at 192.168.4.108:40642, Length=1448.
*Mar 24 14:54:29:846 2017 CentralAC CWS/7/SND_PKT: Sent fragment2 of configuration response with SeqNum 2 to AP at 192.168.4.108:40642.
*Mar 24 14:54:29:846 2017 CentralAC CWS/7/SND_PKT: Sent fragment2 of configuration response to AP at 192.168.4.108:40642, Length=1448.
*Mar 24 14:54:29:847 2017 CentralAC CWS/7/SND_PKT: Sent fragment3 of configuration response with SeqNum 2 to AP at 192.168.4.108:40642.
*Mar 24 14:54:29:847 2017 CentralAC CWS/7/SND_PKT: Sent fragment3 of configuration response to AP at 192.168.4.108:40642, Length=700.
*Mar 24 14:54:29:847 2017 CentralAC CWS/7/SND_PKT: Sent all fragments of configuration response with SeqNum 2 to AP at 192.168.4.108:40642.(响应注册请求报文)
*Mar 24 14:54:29:847 2017 CentralAC CWS/7/FSM: Enter Config state.(进入注册状态)
*Mar 24 14:54:30:636 2017 CentralAC CWS/7/RCV_PKT: Received change state event request with SeqNum 3 from AP at 192.168.4.108:40642.
*Mar 24 14:54:30:636 2017 CentralAC CWS/7/RCV_PKT: Received change state event request from AP at 192.168.4.108:40642, Length=38.(收到AP状态改变报文)
*Mar 24 14:54:30:636 2017 CentralAC CWS/7/SND_PKT: Sent change state event response with SeqNum 3 to AP at 192.168.4.108:40642.
*Mar 24 14:54:30:636 2017 CentralAC CWS/7/SND_PKT: Sent change state event response to AP at 192.168.4.108:40642, Length=16.(响应AP状态改变报文)
*Mar 24 14:54:30:636 2017 CentralAC CWS/7/FSM: Enter Data Check state.(AP进入数据校验状态)
*Mar 24 14:54:30:660 2017 CentralAC CWS/7/DATA: Received data channel keep-alive message from AP at 192.168.4.108:40642.(收到数据信道保活报文)
*Mar 24 14:54:30:661 2017 CentralAC CWS/7/DATA: Sent data channel keep-alive message to AP at 192.168.4.108:40642.(响应数据信道保活报文)
%Mar 24 14:54:30:662 2017 CentralAC APMGR/6/APMGR_AP_ONLINE: AP dqzap1 came online. State changed to Run.(AP正常上线)
从debugging信息分析,因为local AC上没有license,AP在local AC上注册失败所以注册到了central AC上,但是我们分层AC的部署模式下,central AC的license信息和local AC是共享的,也就是说local AC上是不需要license的,AP先向central AC发送discover Request报文,central AC根据 control-address enable control-address ip 192.168.4.3响应discover Request,将local AC的地址反馈给AP,AP再向local AC发送discover Request开始注册。根据debugging信息我们猜想,是否是local AC上的某些配置影响了AP注册的过程导致AP无法在local AC上上线。
我们仔细检查local AC的配置,发现上面有这样一条命令:wlan auto-ap enable。local AC上开启了AP自动注册的功能,这种情况下AP连接后会直接向local AC上注册而由于local AC上没有license,AP无法上线,AP认为在local AC上不可上线的情况下就会注册到central AC上,这与之前的故障现象相符,也印证了我们之前的猜想。
让现场删除wlan auto-ap enable这条命令后,AP就可以正常在local AC上线。
1.在分层AC的部署情况下,local AC不需要license,由central AC共享license进行AP的注册管理。
2.在配置local AC时,我们不要配置任何AP注册的相关命令,完全由central AC上指定AP注册的local AC即可。
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作