ArubaOS and Controllers

Reply
Contributor II

6.1 Redundancy Issues

Hi,

We upgraded from 3.4 to 6.1 in our 3200s and now our APs won't failover to the backup controller. When we disconnect the primary controller the backup takes over the LMS IP and we can ping it from other stations but not from the APs when we console in. Also, the APs are showing an error:

asap_gre_ipv4_err:Received ICMP (DEST_Unreach, PROT_Unreach) from XXX.XXX.XXX.XXX

and the moment we plug back in the primary controller, the APs would terminate to that controller and we can also see that the controller uses the LMS IP. The LMS IP address was placed under the AP's config. Also the 2 controllers are synching successfully but the backup once it takes over can't see any APs terminating to it. Anyone experienced this issue before?
Guru Elite

Re: 6.1 Redundancy Issues

1- type "show vrrp" on the backup controller to make sure it has controler
2 - type "show datapath session table" on the backup to make sure that traffic is being seen by that controller
3 - type "show ap database" to see if any access points are seen by that back up controller.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor II

Re: 6.1 Redundancy Issues

Also once the backup controller takes over, we could not ping the AP and the AP could not ping the controller. However, we can ping the LMS IP from a computer. No APs could terminate to the backup controller. When we provision an AP, what should be the setting we use for the controller name and controller's IP on the provision page? Should this be the primary's IP? Or the LMS IP? Thanks.
Guru Elite

Re: 6.1 Redundancy Issues

You should not have to change any of those parameters or configure them.

AP should discover controller via dns or dhcp and that address should point to the vrrp.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor II

Re: 6.1 Redundancy Issues

We are using ADP to find the controller and the controller is the DHCP server. There is no router in between the AP and the controller just switches and no firewalls are configured in between.
Guru Elite

Re: 6.1 Redundancy Issues

Okay. Make the lms-ip in the ap system profile the ip address of the vrrp


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor II

Re: 6.1 Redundancy Issues

We've added that LMS IP to the LMS IP section on the AP profile from the start. Does this have something to do with CPSEC? Because when we first plugged in the AP to our access switch, the primary controller saw the APs but they were denied because of unapproved certificate. We changed it to factory approved but never saw this on the backup controller. However, when we do database sync. we can see that the CPSEC info are exchanged between the 2 controllers.
Guru Elite

Re: 6.1 Redundancy Issues

The three commands that were posted before here: http://airheads.arubanetworks.com/vBulletin/showpost.php?p=12848&postcount=2 will tell you what you need to know.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: