Critical resources are
device IP addresses or interface destinations on the network interoperated as critical
to the health of the network. The critical resource feature allows for the continuous
monitoring of these addresses. A critical resource, if not available, can result in the
network suffering performance degradation. A critical resource can be a gateway, a AAA
server, a WAN interface, or any hardware or service on which the stability of the
network depends. Critical resources are pinged regularly by the access point. If there
is a connectivity issue, an event is generated stating a critical resource is
unavailable. By default, no critical resource policy is enabled, and one needs to be
created and implemented.
Critical resources can be monitored
directly through the interfaces on which they‘re discovered. For example, a critical
resource on the same subnet as the access point can be monitored by its IP address.
However, a critical resource located on a VLAN must continue to monitored on that
VLAN.
Critical resources can be configured for access
points and wireless controllers using their respective profiles.
To define critical resources:
-
Select from the web UI.
The Device Configuration
screen displays a list of managed devices or peer controllers, service
platforms, or access points.
-
Select Profile Overrides.
-
Select Critical Resources.
In the List of Critical Resources tab, the Critical Resource
Name table displays the name of the resources configured on
this device.
The screen lists the destination IP addresses or interfaces
(VLAN, WWAN, or PPPoE) used for critical resource connection. IP addresses
can be monitored directly by the controller, service platform, or access
point. However, a VLAN, WWAN, or PPPoE must be monitored behind an
interface.
-
Click Add to add a new critical
resource and connection method.
Click Edit to modify or override
the configuration for an existing critical resource. If you are adding a new critical resource, assign it a
name up to 32 characters.
-
Select Use Flows so that the
critical resource will monitor using firewall flows for DHCP or DNS instead of
ICMP or ARP packets.
This reduces the amount of traffic on the
network. This setting is disabled by default.
-
To sync adopted devices to state changes with a
resource-state change message, select Sync Adoptees.
This setting is disabled by
default.
-
Use the Offline Resource Detection
drop-down menu to define how critical resource event messages are
generated.
Options include Any and All. If you select Any, an event is generated
when the state of any single critical resource changes. If you select All, an event is generated
when the state of all monitored critical resources change.
-
Use the Monitor Criteria drop-down
menu to select either rf-domain-manager, cluster-master, or All as the resource for monitoring critical resources by one
device and updating the rest of the devices in a group.
If you select
rf-domain-manager, the current
rf-domain manager performs resource monitoring, and the rest of the devices do
not. The RF-domain-manager updates any state changes to the rest of the devices
in the RF Domain.
With the cluster-master option, the
cluster master performs resource monitoring and updates the cluster members
with state changes.
With a controller-managed RF
Domain, set Monitoring
Criteria to All because the controller might not know the VLAN bridged
locally by the devices in the RF Domain monitoring DHCP.
-
In the Monitor Via field at the top
of the screen, select the IP option to monitor a critical resource directly (within the same
subnet) using the provided IP address as a network identifier.
-
In the Monitor Via field at the top
of the screen, select the Interface check box to monitor a critical resource using the
critical resource‘s VLAN, WWAN1,
or PPPoE1 interface.
If you select VLAN, use the spinner control
to define the destination VLAN ID used as the interface for the critical
resource.
-
Click + Add Row to define the
following for critical resource configurations:
IP Address |
Provide the IP address of the
critical resource. This is the address used by the access
point to ensure the critical resource is available. Up to
four addresses can be defined. |
Mode |
Set the ping mode used when the
availability of a critical resource is validated. Select
from:
- arp-only – Use only the Address Resolution
Protocol (ARP) for pinging the critical
resource. ARP is used to resolve hardware addresses
when only the network layer address is known.
- arp-and-ping – Use both ARP and Internet Control Message
Protocol (ICMP) for pinging the critical
resource and sending control messages (for example,
device not
reachable or requested service not available).
|
Port |
Define the interface
on which to monitor critical resource. This field lists
the available hardware interfaces. This option is
available only when the selected mode is arp-only.
|
VLAN |
Using the spinner control, define
the VLAN on which the critical resource is
available. |
-
Select the Monitor Interval tab.
-
Use Monitor Interval to set the duration, in seconds, between two
successive pings to the critical resource.
Select a duration between 5 and 86,400
seconds. The default setting is 30 seconds.
-
Use Source IP for Port-Limited Monitoring to define the IP address
used as the source address in ARP packets used to detect a critical resource on
a layer 2 interface.
Generally, the source address 0.0.0.0 is
used in the ARP packets used to detect critical resources. However, some devices
do not support that IP address and drop the ARP packets. Use this field to
provide an IP address specifically used for this purpose. The IP address used
for Port-Limited Monitoring must be different from the IP address configured on
the device.
-
Use Monitor Retry Count to set the number of retry
connection attempts (1 - 10) permitted before this device connection is defined
as down (offline).
The default setting is three connection
attempts.
-
Click OK to save the changes to the
critical resource configuration and monitor interval.
Click Reset to revert to the last
saved configuration.