ArubaOS and Controllers

Reply
Occasional Contributor II

Best practise for guest access in a redundant master setup

I've a setup with two Controllers which are configured as redundant-master. For having redundancy for the APs, I'm going to use VRRP.

One of the SSIDs will be used for guest access and the connected vlan (the same on both controllers) should be routed on the controllers. As read in http://airheads.arubanetworks.com/vBulletin/showthread.php?t=2450, there seems to be no synchronization for the dhcp bindings between the two controllers. Therefore I'm planning to split the dhcp-pools. Not really great but doable.

My problem is now, that the default gateways for those guest clients will also be the controller (same IP on both controllers). In case of a switch over from one controller to the other, the mac address associated to this IP will also change. But because the clients are not aware of this change, traffic will land in a black hole till their arp cache ages out.

One solution for this would be vrrp between those two controllers for the guest vlan. Unfortunately I do not have L2 connectivity between those two controllers for the guest vlan because they are in different buildings.

How are you doing those kind of setups?

Thank you very much in advance for your feedback!
Aruba Employee

Best practise for guest access in a redundant master setup

If the primary controller goes down the AP will bootstrap disconnecting
the user from the AP. I don't think you will need to worry about your
arp cache.

Gary
Aruba Employee

Best practise for guest access in a redundant master setup

If the primary controller goes down the AP will bootstrap disconnecting
the user from the AP. I don't think you will need to worry about your
arp cache.

Gary
Occasional Contributor II

Re: Best practise for guest access in a redundant master setup

Hi Gary
Thank you for your feedback.

I agree with you that the arp cache is not an issue if the AP bootstraps. However, as far as I know, if we have a redundant master setup with a VRRP VIP address as the controller address configured in the APs, the AP will just switch over to the second master without a bootstrap. Or I'm wrong here?

Stefan
Occasional Contributor II

Re: Best practise for guest access in a redundant master setup

Just for your information: I changed the design in the way that the wlan controller is not doing routing and therefore the default gateway for the client is external. With this setup (master/master redundancy with VRRP) I have interruptions for clients in case of master switchover of below 10s. Not great but better than if I do routing on the controller itself.

Stefan
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: