Virtual Interface - Cisco SD2008T-NA Configuration Manual

Chapter 3 Configuring Ports and Interfaces
If LAG is enabled, there can be only one AP-manager interface. But when LAG is disabled, you must
Note
assign an AP-manager interface to each port on the controller.
If only one distribution system port can be used, you should use distribution system port 1.
Note
The AP-manager interface communicates through any distribution system port by listening across the
Layer 3 or Layer 2 network for lightweight access point (LWAPP) join messages to associate and
communicate with as many lightweight access points as possible.
Note •
•

Virtual Interface

The virtual interface is used to support mobility management, Dynamic Host Configuration Protocol
(DHCP) relay, and embedded Layer 3 security such as guest web authentication. It also maintains the
DNS gateway host name used by Layer 3 security and mobility managers to verify the source of
certificates when Layer 3 web authorization is enabled.
Specifically, the virtual interface plays these two primary roles:
•
•
The virtual interface IP address is used only in communications between the controller and wireless
clients. It never appears as the source or destination address of a packet that goes out a distribution
system port and onto the switched network. For the system to operate correctly, the virtual interface IP
address must be set (it cannot be 0.0.0.0), and no other device on the network can have the same address
as the virtual interface. Therefore, the virtual interface must be configured with an unassigned and
unused gateway IP address, such as 1.1.1.1. The virtual interface IP address is not pingable and should
not exist in any routing table in your network. In addition, the virtual interface cannot be mapped to a
backup port.
All controllers within a mobility group must be configured with the same virtual interface IP address.
Note
Otherwise, inter-controller roaming may appear to work, but the hand-off does not complete, and the
client loses connectivity for a period of time.
OL-9141-03
Port redundancy for the AP-manager interface is not supported. You cannot map the AP-manager
interface to a backup port. If the AP-manager interface fails, all of the access points connected to
the controller through that interface are evenly distributed among the other configured AP-manager
interfaces.
Refer to the "Using Multiple AP-Manager Interfaces" section on page 3-36
creating and using multiple AP-manager interfaces.
Acts as the DHCP server placeholder for wireless clients that obtain their IP address from a DHCP
server.
Serves as the redirect address for the web authentication login window.
See Chapter 5 for additional information on web authentication.
Note
Overview of Ports and Interfaces
Cisco Wireless LAN Controller Configuration Guide
for information on
3-7