CCIE Wireless Written Exam: Cisco 400-351 - Failover Event and HA AP SSO

Failover Event and HA AP SSO

Prev Question Next Question

Question

You are a network administrator at ACME corporation where you have a pair of Cisco 5760 Wireless LAN Controllers deployed for HA AP SSO mode.

A failover event occurs and the secondary Cisco 5760 controller moves into the active role.

Which three statements about the failover event are true? (Choose three.)

Answers

A. Rogue Aps and clients are not synced to the standby and are relearned upon switchover.

B. NetFlow records are already exported upon switchover and collection starts resuming in the new active controller.

C. Switchover during AP preimage download causes the Aps start image download all over again from the new active controller.

D. With SSO, wIPS information is already synced with the standby unit and this information need not be relearned upon switchover.

E. The new active controller does not need to relearn the shun list from IPS and other MCs, which eliminates the need to redistribute it to the MAs.

F. Upon guest anchor controller switchover, mobility tunnels stay active, Aps remain connected, clients rejoin at MA or MC, and clients are anchored on the new active controller.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E. F.

ACD.

The correct answers are A, D, and F. Here's an explanation of each:

A. Rogue APs and clients are not synced to the standby and are relearned upon switchover: When a failover event occurs, rogue APs and clients are not synced to the standby controller, and they need to be relearned upon switchover. This is because rogue APs and clients are not part of the configuration sync process between the primary and standby controllers.

D. With SSO, wIPS information is already synced with the standby unit and this information need not be relearned upon switchover: When using SSO (Stateful Switchover), the wIPS (wireless Intrusion Prevention System) information is already synced between the primary and standby controllers, so it doesn't need to be relearned upon switchover. This ensures that the wireless network is protected against security threats even during a failover event.

F. Upon guest anchor controller switchover, mobility tunnels stay active, APs remain connected, clients rejoin at MA or MC, and clients are anchored on the new active controller: When a guest anchor controller switchover occurs, the mobility tunnels between the anchor and foreign controllers stay active, APs remain connected, and clients rejoin at the MA (Mobility Anchor) or MC (Mobility Controller). Clients are then anchored on the new active controller, ensuring that their wireless sessions are maintained.

B, C, and E are not correct:

B. NetFlow records are already exported upon switchover and collection starts resuming in the new active controller: NetFlow records are not automatically exported upon switchover. They need to be reconfigured on the new active controller to ensure that they are properly collected and analyzed.

C. Switchover during AP preimage download causes the APs to start image download all over again from the new active controller: When an AP preimage download is in progress and a switchover occurs, the download process starts all over again on the new active controller. This can cause delays in the network and affect the user experience.

E. The new active controller does not need to relearn the shun list from IPS and other MCs, which eliminates the need to redistribute it to the MAs: The shun list, which is used to block rogue clients and APs from accessing the wireless network, needs to be relearned by the new active controller upon switchover. This ensures that the network remains secure and protected against security threats.

Prev Question Next Question