Difference between RAP whitelist commands "Purge" and "Del"
Product and Software: This article applies to all Aruba Controller, based on AOS 18.104.22.168 and AOS 22.214.171.124
Aruba controller we have two ways to delete/remove the whitelist-db for RAP.
(Aruba) #whitelist-db rap del (Aruba) #whitelist-db rap purge
Using "Del" keyword we can delete one entry at a time.
Using "Purge" keyword we can delete complete list from controller.
Using "Del" can cause this entry to be delete from all the controller.
i.e. If we delete the entry from Local controller, that change will be pushed to master and from master to all the other locals, eventually whitelist entry will be deleted from all the controllers.
Using "Purge" will cleanup all the entry from controller, which allow controller to get fresh sync from Master controller after few mins.
NOTE: Sync with Master to Local vice versa is depending on timer (non-configurable) and maximum it will take 20 mins to get re-sync.
IMP NOTE: Executing both command "del" or "Purge" will cause RAPs to reboot.
Master and Local controller has 16 AP Entries.
Deleting the Entry from Local Controller using "Del" command and after few mins this will be removed from Master controller as well (as shown below):
However using "Purge" command only cleanup Local controller entries and will not affect other controller in cluster and allows Local controller to again get fresh sync from Master controller.
Few debug commands:
(Aruba) (config) #logging level debugging security process localdb (Aruba) (config) #logging level debugging security process localdb subcat db (Aruba) (config) #logging level debugging security process localdb subcat wl-sync
Few show commands:
(Aruba) #show log security <num/all> | include localdb (Aruba) #show whitelist-db rap-status (Aruba) #show whitelist-db rap long (Aruba) #show whitelist-db seq