Controller Based WLANs

Create GRE tunnel between VRRP.

by on ‎07-03-2014 08:36 PM

Aruba supports Creation of L-2 GRE tunnels to connect two disjointed subnets over the network.

Sometimes users want to put multiple controllers on the end for redundancy. This would ensure that the subnets are reachable even if one of the controller goes down.

 

Environment : This article is valid for Aruba Controllers on all OS versions.

 

We have four controllers. Two are one site and two other at other side.

Controller A ====|                                           | ==== Controller C
                                |                                           |
       (10.1.1.1)   VRRP =============VRRP ( 20.1.1.1)
                                |                                            |
Controller B ====|                                            |==== Controller D                          

VRRP addresses are routable over the network cloud. We are bridging the user vlan over the GRE ( 192.168.1.0 / 24)

 

Basic IP config:
==============================
Controller A

# config t
# vlan 1
# int vlan 1
# ip address 10.1.1.2 255.255.255.0

# vlan 2
# int vlan 2
# ip address 192.168.1.1 255.255.255.0

# vrrp 1
# vlan 1
# ip address 10.1.1.1
# priority 110
#
# no shut

Controller b

# config t
# vlan 1
# int vlan 1
# ip address 10.1.1.3 255.255.255.0

# vlan 2
# int vlan 2
# ip address 192.168.1.2 255.255.255.0

# vrrp 1
# vlan 1
# ip address 10.1.1.1
# priority 100
# no shut

Controller c

# config t
# vlan 1
# int vlan 1
# ip address 20.1.1.2 255.255.255.0

# vlan 2
# int vlan 2
# ip address 192.168.1.3 255.255.255.0

# vrrp 1
# vlan 1
# ip address 20.1.1.1
# priority 110
# pre
# no shut

Controller c

# config t
# vlan 1
# int vlan 1
# ip address 20.1.1.3 255.255.255.0

# vlan 2
# int vlan 2
# ip address 192.168.1.4 255.255.255.0

# vrrp 1
# vlan 1
# ip address 20.1.1.1
# priority 100
==================================

GRE tunnel config:

Controller A and B

# interface tunnel 1
# tunnel vlan 2
# tunnel source 10.1.1.1
# tunnel destination 20.1.1.1
# no shut

Controller C and D

# interface tunnel 1
# tunnel vlan 2
# tunnel source 20.1.1.1
# tunnel destination 10.1.1.1
# no shut

 

To have redundant L-2 GRE tunnel between two subnets, we can create the GRE tunnel b/w the VRRP instances on the routers instead of creating different tunnels b/w different vlans.

This provides us redundancy. The owner of VRRP will have the GRE terminated on it.

The GRE tunnel stays up, as long as at least on controller is up both ends.

 

 

1. Verify that VRRP is working fine

# show VRRP

2. Verify that the tunnel destination is reachable from either end

3. Verify that the decaps are incrementing

# show datapath tunnel

Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.