ArubaOS and Controllers

Reply
Regular Contributor I
Posts: 162
Registered: ‎04-11-2011

Master Redundancy question/problem

I'm currently installing a new Aruba wireless solution consisting of 2 3600 controllers. We have configured them to be in a master active/passive configuration with VRRP. When primary master loses link it goes into standby mode and the standby kicks in as primary.

Our wlan vlans and subnets reside on the controller and get redistributed to the rest of the network via ospf. When the secondary controller becomes primary, the layer 2/3 vlan information does not show on the new primary controller. Is this a limitation? Any suggestions?

Thanks
Guru Elite
Posts: 20,410
Registered: ‎03-29-2007

Re: Master Redundancy question/problem

You must configure the layer2, layer3 information manually for each individual controller. While the config will sync and place users on say, VLAN 10, it is up to you to define an ip address for VLAN 10, as well as what port VLAN 10 exists on, on that individual controller.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Regular Contributor I
Posts: 162
Registered: ‎04-11-2011

Re: Master Redundancy question/problem

Thanks for your reply. I don't think our current design is going to work well for master redundancy. We have 2 core switchs, each controller is dual attached to core 1 and core 2. One link on each controller is /30 routed. The other is a /29 routed link that way we have 1 layer 2 broadcast domain for VRRP. There is no trunking of vlans to the controller involved. Do you have any suggestions on master redundancy without trunking vlans to the controllers?
Guru Elite
Posts: 20,410
Registered: ‎03-29-2007

Re: Master Redundancy question/problem

You could point a static route to the VRRP for the subnets that are behind the controllers and have both controllers duplicate identical VLANs for the users internally. That way when one controller fails, the other will pick up, since the routes will be pointed to the VRRP. The best way, of course is to trunk identical VLANs to the controllers, so that you are using the same infrastructure for those devices. Please consult the Validated Reference Design for Campus APs here: http://www.arubanetworks.com/pdf/technology/VRD_Campus_Networks.pdf

Check out the chapter on Redundancy to see how it could be done.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Regular Contributor I
Posts: 162
Registered: ‎04-11-2011

Re: Master Redundancy question/problem

I have changed our topology. We now have controller 1 connected to switch 1 via a 2 port (gi1/0 and gi1/1) LACP trunk and controller 2 connected to switch to with a 2 port (gi1/0 and gi1/1) LACP trunk. Both are /30 routed links with OSPF. We then have each controller linked to the other controller via a /29 routed link on gi1/3 for VRRP. VRRP is set to track gi1/0 and gi1/1 on each controller. If I take down the trunk to the master controller VRRP isn't failing over now. The only way I can get VRRP to fail over is to reboot one of the controllers. Any idea why this is happening?
Guru Elite
Posts: 20,410
Registered: ‎03-29-2007

Re: Master Redundancy question/problem

The only way that a controller will not advertise itself as a master of a VRRP is if it can see another controller advertising that it has greater priority. If you simply just cut both controllers off from each other, they will both advertise them as having control of the VRRP. Do you have the VLAN of the VRRP advertised out of any other interface that would indicate that the VLAN is up?


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Regular Contributor I
Posts: 162
Registered: ‎04-11-2011

Re: Master Redundancy question/problem

Maybe this will clear up my scenario

Controller 1 (VRRP Master)

Interface IP Address / IP Netmask Admin Protocol
vlan 1 unassigned / unassigned down down
vlan 254 172.18.254.78 / 255.255.255.252 up up
vlan 204 172.18.2.206 / 255.255.255.252 up up
vlan 76 172.18.77.1 / 255.255.255.0 up up
vlan 216 172.18.2.218 / 255.255.255.248 up up
loopback 172.18.254.77 / 255.255.255.255 up up
mgmt unassigned / unassigned down down

Virtual Router 216:
Description
Admin State UP, VR State MASTER
IP Address 172.18.2.217, MAC Address 00:00:5e:00:01:d8, vlan 216
Priority 110, Advertisement 1 sec, Preemption Disable Delay 0
Auth type NONE ********
tracking type is interface, gigabitethernet 1/0, subtract value 10
tracking type is interface, gigabitethernet 1/1, subtract value 10
tracked priority 110

Controller 2 (VRRP 216 backup)

Interface IP Address / IP Netmask Admin Protocol
vlan 1 unassigned / unassigned down down
vlan 208 172.18.2.210 / 255.255.255.252 up up
vlan 254 172.18.254.82 / 255.255.255.252 up up
vlan 216 172.18.2.219 / 255.255.255.248 up up
loopback 172.18.254.81 / 255.255.255.255 up up
mgmt unassigned / unassigned down down

Virtual Router 216:
Description
Admin State UP, VR State BACKUP
IP Address 172.18.2.217, MAC Address 00:00:5e:00:01:d8, vlan 216
Priority 100, Advertisement 1 sec, Preemption Disable Delay 0
Auth type NONE ********
tracking type is interface, gigabitethernet 1/0, subtract value 10
tracking type is interface, gigabitethernet 1/1, subtract value 10
tracked priority 100

If i shutdown the links to gi1/0 and gi1/1 to the VRRP master they should still communicate via the VRRP vlan on gi1/3, however; controller 2 is staying as the VRRP backup.
Regular Contributor I
Posts: 162
Registered: ‎04-11-2011

Re: Master Redundancy question/problem

I have a diagram of the layout as well. Just need a way to upload it for you to view it.
Guru Elite
Posts: 20,410
Registered: ‎03-29-2007

Re: Master Redundancy question/problem

How is VLAN 216 connected physically between both controllers? Why do the OSPF instead of layer2 connecting devices?


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Regular Contributor I
Posts: 162
Registered: ‎04-11-2011

Re: Master Redundancy question/problem

Controller 1 and 2 are directly connected to each on their gi1/3 interfaces. gi1/3 is in VLAN 216. Our network is a larger enterprise with a collapsed core topology. We do not have distribution switches. Our distribution layer lives in our core switches. We do not want user traffic/data in our core network. We want the WLAN subnets residing on our controllers with the controller acting as the default gateway with OSPF redistributing those subnets to the rest of the network.
Search Airheads
Showing results for 
Search instead for 
Did you mean: