Controller Based WLANs

How to configure AP GRE link aggregration to work in VRRP environment?

Aruba Employee
Requirement:

We want have an AP which supports GRE aggregation to come up on the VRRP instance running between two controllers. We want that AP to support two GRE tunnels on VRRP master and when it fails over to VRRP backup.



Solution:

An AP which supports redundant GRE tunnels can come up fine on VRRP instance and also fail over successfully between the controllers under following conditions:

 

1. The AP is successfully able to negotiate LACP parameters with its uplink switch on both the interfaces.

2. VRRP IP is configured as LMS IP in the AP system profile.
3. Unique IP is given as striping IP and VRRP IP configured as LMS IP in ap-lacp-striping-ip profile on both the controllers.



Configuration:

We have three controllers setup as given below. The VRRP runs between the two local controllers:

 

  1. Master             ip address = 10.1.1.2              N/A                                          N/A                                    N/A
  2. Local-3            ip address = 10.1.1.3               VRRP IP = 10.1.1.203              VRRP priority = 110  GRE striping IP = 10.1.1.103  
  3. Local-5            ip address = 10.1.1.5               VRRP IP = 10.1.1.203              VRRP priority = 100 GRE striping IP = 10.1.1.105

 

 

  1. On Local 3 first we configure the VRRP:

(local-3) (config) #vrrp 3

(local-3) (config-vrrp)#preempt

(local-3) (config-vrrp)#priority 110

(local-3) (config-vrrp)#ip address 10.1.1.203

(local-3) (config-vrrp)#vlan 1

(local-3) (config-vrrp)#no shutdown

 

  1. Then we configure the AP LACP striping IP on local-3. We must make sure that striping IP is unique and the LMS IP is the VRRP IP.

(local-3) (config) #ap-lacp-striping-ip

(local-3) (AP LACP LMS map information) #aplacp-enable

(local-3) (AP LACP LMS map information) #striping-ip 10.1.1.103 lms 10.1.1.203

 

  1. Next, we configure the VRRP on local-5

(local-5) (config) #vrrp 3

(local-5) (config-vrrp)#ip address 10.1.1.203

(local-5) (config-vrrp)#vlan 1

(local-5) (config-vrrp)#no shutdown

 

  1. After that, we configure the AP lacp striping IP on local-5. Again, we must make sure that striping IP is unique and the LMS IP is the VRRP IP.

(local-5) (config) #ap-lacp-striping-ip

(local-5) (AP LACP LMS map information) #aplacp-enable

(local-5) (AP LACP LMS map information) #striping-ip 10.1.1.105 lms 10.1.1.203

 

Note that LMS IP is same VRRP-IP but Striping IP is unique on both the controllers.

 

  1. On master controller, we need to put the lms-IP in the system profile to the VRRP IP.

(Master) (config) #ap system-profile default

(Master) (AP system profile "default") #lms-ip 10.1.1.203



Verification

1.    On local-3  we can see that the AP comes up with s flag in the database:
(local-3) (config) #show ap database
-----------
Name               Group    AP Type  IP Address  Status     Flags  Switch IP  Standby IP
----               -----    -------  ----------  ------     -----  ---------  ----------
9c:1c:12:c0:a2:e4  default  225      10.1.1.251  Up 3m:11s  s      10.1.1.3   0.0.0.0


Flags: U = Unprovisioned; N = Duplicate name; G = No such group; L = Unlicensed
       I = Inactive; D = Dirty or no config; E = Regulatory Domain Mismatch
       X = Maintenance Mode; P = PPPoE AP; B = Built-in AP; s = LACP striping
       R = Remote AP; R- = Remote AP requires Auth; C = Cellular RAP;
 

2.    We shut down the VRRP on local 3 to move the AP to local-5:

(local-3) (config) #vrrp 3
(local-3) (config-vrrp)#shut
(local-3) (config-vrrp)#show vrrp
Virtual Router 3:
    Description
    Admin State DOWN, VR State INIT
    IP Address 10.1.1.203, MAC Address 00:00:5e:00:01:03, vlan 1
    Priority 110, Advertisement 1 sec, Preemption Enable Delay 0
    Auth type NONE ********
    tracking is not enabled

 

3.    We see that VRRP on local-5 has become the VRRP-Master:
(local-5) #show vrrp
Virtual Router 3:
    Description
    Admin State UP, VR State MASTER
    IP Address 10.1.1.203, MAC Address 00:00:5e:00:01:03, vlan 1
    Priority 100, Advertisement 1 sec, Preemption Disable Delay 0
    Auth type NONE ********
    tracking is not enabled

 

4.    We see that the AP comes up on local-5 with S flag:
(local-5) #show ap database
AP Database
-----------
Name               Group    AP Type  IP Address  Status      Flags  Switch IP  Standby IP
----               -----    -------  ----------  ------      -----  ---------  ----------
9c:1c:12:c0:a2:e4  default  225      10.1.1.251  Up 10m:27s  s      10.1.1.5   0.0.0.0

Flags: U = Unprovisioned; N = Duplicate name; G = No such group; L = Unlicensed
       I = Inactive; D = Dirty or no config; E = Regulatory Domain Mismatch
       X = Maintenance Mode; P = PPPoE AP; B = Built-in AP; s = LACP striping

Version history
Revision #:
2 of 2
Last update:
‎12-01-2015 10:34 AM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.