In previous posts we looked at 3850 is acting as MC/MA without having centralized controller for MC functionality. But if your environment is large, then from scalability point of view it is advisable to have a Centralized controller for MC & all your 3850/3650 switches will act as MA.
Here is a complete test setup I will be using for future posts, but in this post we will see how to get start with 5760 basic configuration.
So here is physical looks like of this product.
Since this is pretty much work as a L3 switch, it is best practice to connect this to network as VTP transparent switch. Also note that it can handle up to 128 vlans.
5760-1#sh vtp status VTP Version capable : 1 to 3 VTP version running : 2 VTP Domain Name : LTU-CA VTP Pruning Mode : Disabled VTP Traps Generation : Disabled Device ID : 44ad.d903.9d00 Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00 Feature VLAN: -------------- VTP Operating Mode : Transparent Maximum VLANs supported locally : 1005 Number of existing VLANs : 6 Configuration Revision : 0 MD5 digest : 0x36 0xFF 0xF8 0xDF 0x53 0x18 0xF6 0x52 0xE5 0x36 0xC0 0xF9 0xDF 0xA1 0xE6 0x83
If you not set it to transparent mode & connect this to a network having larger number of vlans you may see msg like below
5760-1(config-if)#
*Mar 31 23:59:34.583: %NGWC_PLATFORM_FEP-1-FRU_PS_ACCESS: Switch 1: power supply A is not responding
*Apr 1 00:02:23.112: *simSvcRcvTask: 1 wcm: %SIM-3-ADD_SIM_L2INTF_FAILED: Adding of the vlan failed: tree insertion failure.
*Apr 1 00:02:23.115: *simSvcRcvTask: 1 wcm: %LOG-3-Q_IND: Adding of the vlan failed: tree insertion failure
*Apr 1 00:02:23.131: %SPANTREE_VLAN_SW-2-MAX_INSTANCE: Platform limit of 128 STP instances exceeded. No instance created for VLAN99
Management port of 5760, you have to configure as a host. It is by default in a VRF called “Mgmt-vrf”. So you have to configure a default gateway for this VRF to reach your rest of network.
If the service port is in use, the management interface must be on a different supernet from the service-port interface
interface GigabitEthernet0/0 vrf forwarding Mgmt-vrf ip address 10.13.5.254 255.255.254.0 no ip route-cache negotiation auto ! ip route vrf Mgmt-vrf 0.0.0.0 0.0.0.0 10.13.5.250
I have connected this Mgmt port to G6/1 of my 6506-E. Mgmt port of 5760 should be connected to a switchport configured as Access vlan.
interface GigabitEthernet6/1 description 5760-MGMT-VL999 switchport switchport access vlan 999 ! interface Vlan999 description SW-MGMT ip address 10.13.5.252 255.255.254.0 no ip redirects no ip unreachables ip pim sparse-mode standby 99 ip 10.13.5.250
Once you do this port configuration you can accessible this from your network. If you want to use this port for TFTP/FTP file transfers, then you can configure it like below
5760-1(config)#ip ftp ? passive Connect using passive mode password Specify password for FTP connections source-interface Specify interface for source address in FTP connections username Specify username for FTP connections ! 5760-1(config)#ip ftp username networks 5760-1(config)#ip ftp password xxxxxx 5760-1(config)#ip ftp source-interface g0/0 5760-1(config)#ip tftp ? blocksize Specify TFTP client blocksize boot-interface Force interface to use for TFTP booting min-timeout Set minimum timeout period for retransmission source-interface Specify interface for source address in TFTP connections 5760-1(config)#ip tftp source-interface g0/0
Then you have to define a wireless management interface. I have used vlan 1600 as management interface. Also created two additional vlan for WLAN testing in future. You need to configure a default route to the gateway address of your management interface. Also you need to ensure vlan 1600 used as wireless management interface.
interface Vlan1600 ip address 10.160.49.1 255.255.254.0 ! wireless management interface vlan 1600 ! ip route 0.0.0.0 0.0.0.0 10.160.49.250 5760-1#sh vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Te1/0/1, Te1/0/2, Te1/0/3, Te1/0/4 1410 WLN-STD-6 active 1420 WLN-STF-1 active 1600 NET-MGT-1 active
Then you can configure the 10G interfaces, depend on how many you want to activate. I have used 2x 10G as single Port Channel for this. You can bundle all 6 ports to make 60Gbps throughput. Since this is IOS based controller it is supporting LACP, PAgP or Manual (“ON” mode) . I have used mode on for simplicity.
**** HERE IS 5760 CONFIGURATION ***** interface TenGigabitEthernet1/0/5 switchport trunk native vlan 800 switchport trunk allowed vlan 1410,1420,1600 switchport mode trunk channel-group 16 mode on ! interface TenGigabitEthernet1/0/6 switchport trunk native vlan 800 switchport trunk allowed vlan 1410,1420,1600 switchport mode trunk channel-group 16 mode on ! interface Port-channel16 switchport trunk native vlan 800 switchport trunk allowed vlan 1410,1420,1600 switchport mode trunk ****** HERE IS THE CONFIG ON 6506-E ****** interface TenGigabitEthernet4/15 description 5760WLC-20G ETH-CH switchport switchport trunk native vlan 800 switchport trunk allowed vlan 1410,1420,1600 switchport mode trunk channel-group 16 mode on ! interface TenGigabitEthernet4/16 description 5760WLC-20G ETH-CH switchport switchport trunk native vlan 800 switchport trunk allowed vlan 1410,1420,1600 switchport mode trunk channel-group 16 mode on ! interface Port-channel16 description WLC5760-20G switchport switchport trunk native vlan 800 switchport trunk allowed vlan 1410,1420,1600 switchport mode trunk
You can configure Port-Channel load balancing as “src-dst-ip” instead of default “src-mac” method. 6506-E, by default doing “src-dst-ip” load balancing.
5760-1(config)#port-channel load-balance ? dst-ip Dst IP Addr dst-mac Dst Mac Addr dst-mixed-ip-port Dst IP Addr and TCP/UDP Port dst-port Dst TCP/UDP Port extended Extended Load Balance Methods src-dst-ip Src XOR Dst IP Addr src-dst-mac Src XOR Dst Mac Addr src-dst-mixed-ip-port Src XOR Dst IP Addr and TCP/UDP Port src-dst-port Src XOR Dst TCP/UDP Port src-ip Src IP Addr src-mac Src Mac Addr src-mixed-ip-port Src IP Addr and TCP/UDP Port src-port Src TCP/UDP Port 5760-1(config)#port-channel load-balance src-dst-ip 5760-1#show etherchannel load-balance EtherChannel Load-Balancing Configuration: src-dst-ip EtherChannel Load-Balancing Addresses Used Per-Protocol: Non-IP: Source XOR Destination MAC address IPv4: Source XOR Destination IP address IPv6: Source XOR Destination IP address 5760-1#sh etherchannel summary Flags: D - down P - bundled in port-channel I - stand-alone s - suspended H - Hot-standby (LACP only) R - Layer3 S - Layer2 U - in use f - failed to allocate aggregator M - not in use, minimum links not met u - unsuitable for bundling w - waiting to be aggregated d - default port Number of channel-groups in use: 1 Number of aggregators: 1 Group Port-channel Protocol Ports ------+-------------+-----------+----------------------------------------------- 16 Po16(SU) - Te1/0/5(P) Te1/0/6(P)
Make sure you configure NTP, & your 5760 is sync with it. Also username/password configured to access this via GUI
5760-1(config)#username admin privilege 15 password 0 Cisco123 5760-1#sh run | in ntp ntp server x.x.4.104 ntp server x.x.4.103 5760-1#sh run | in clock clock timezone AEST 10 0 clock summer-time AEDT recurring 1 Sun Oct 2:00 1 Sun Apr 3:00 5760-1#show ntp associations address ref clock st when poll reach delay offset disp *~x.x.4.104 x.x.131.118 2 84 128 377 0.952 3.035 4.226 +~x.x.4.103 x.x.192.50 2 92 128 377 0.963 2.782 3.103 * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured 5760-1#sh clock 16:43:51.564 AEDT Thu Dec 12 2013
That’s pretty much the basic configuration & you should be able to access 5760 GUI using its management IP (https://10.160.49.1/wireless) using admin/Cisco123 credentials.
You can check the license level as below & if you do not have permanent license you activate evaluation license for 90days using “license right-to-use activate apcount evaluation acceptEULA ” CLI command. If it is permanent license you can activate them using “license right-to-use activate apcount <No of AP> slot {1 |2} acceptEULA “.
5760-1#show license right-to-use summary
License Name Type Count Period left
-----------------------------------------------
apcount base 0 Lifetime
apcount adder 1000 Lifetime
--------------------------------------------
Evaluation AP-Count: Disabled
Total AP Count Licenses: 1000
AP Count Licenses In-use: 0
AP Count Licenses Remaining: 1000
You have to upgrade software image depend on the IOS-XE image come with your 5760. In my case I have already upgraded it (you can follow Getting Started with 3850 post to see detail) to 3.9.6 since I am doing beta trial with 3700 series AP.
5760-1#sh ver . . . License Level: Ipservices License Type: Permanent Next reload license Level: Ipservices cisco AIR-CT5760 (i686) processor with 10485760K bytes of physical memory. Processor board ID FOC1727V0MT 2 Virtual Ethernet interfaces 6 Ten Gigabit Ethernet interfaces 2048K bytes of non-volatile configuration memory. 10485760K bytes of physical memory. 255000K bytes of Crash Files at crashinfo:. 3612840K bytes of Flash at flash:. 0K bytes of Dummy USB Flash at usbflash0:. 0K bytes of at webui:. Base Ethernet MAC Address : 44:ad:d9:03:9d:00 Motherboard Assembly Number : 73-14448-04 Motherboard Serial Number : FOC172568FD Model Revision Number : A0 Model Number : AIR-CT5760 System Serial Number : FOC1727V0MT Switch Ports Model SW Version SW Image Mode ------ ----- ----- ---------- ---------- ---- * 1 6 AIR-CT5760 03.09.06.MZP ct5760-ipservicesk9 INSTALL Configuration register is 0x201 (will be 0x102 at next reload)
Here is consolidated configuration guide (for IOS-XE3.3 which is the latest at the time of this write up) that you should refer. yes it is 1818 page guide & takes time to absorb it. 
Consolidated Platform Configuration Guide, Cisco IOS XE Release3.3SE (Cisco WLC 5700 Series)
In next post, we will see how we can use this controller to associate with 3850 (MA) to register AP.
Related Posts
1. Getting Started with 3850
2. WLAN configs with 3850 – Part 1
3. WLAN configs with 3850 – Part 2
4. 3850 Password Recovery
5. Converged Access Mobility
6. 3850- Flexible Netflow
7. Wireshark Capture in 3850
8. 3850(MA) with 5760(MC)
