Controller Based WLANs

 View Only
last person joined: one year ago 

APs, Controllers, VIA
Back to Library

How to configure a GRE tunnel between a Branch and a Master controller? 

Mar 29, 2017 02:54 PM

Requirement:

A Branch controller can be configured with a static IP or a dynamic IP address for the uplink VLAN. In a Branch controller, when the uplink VLAN and the Controller-IP are set to acquire dynamic IP address, the uplink VLAN IP and the controller-IP may change during the reboots. So configuring a GRE tunnel between specific IP addresses of the controllers could be a challenge. 



Solution:

With Branch controllers, we can configure the GRE tunnel with the tunnel-source as the "Controller-IP" and the tunnel-destination as the branch-master-ip. This configuration will allow the Branch controller to establish a GRE tunnel to the Master controller even if the Controller-IP of the Branch changes after a reboot. The tunnel interface have to be configured only on the Branch controller. We don't need to configure the tunnel interface on the Master controller. The tunnel interface on the Master controller will be auto-created once the Branch controller establishes a GRE tunnel to the Master. 



Configuration:

On the Master controllers WebUI, navigate to "Configuration >> BRANCH >> Smart Config" and select the Branch config group name. 

 

Under the Branch config group, navigate to "Networking" tab. 

 

Under "Tunnels", click "New" and configure the tunnel with Source IP as "Controller IP Address" and Destination IP as "Branch Master IP". 

 

Click on "Add". Apply and Save configuration. 

 



Verification

Once the configuration is done on the smart Config wizard, the Branch controller will establish the GRE tunnel to the Master. Now on the Master controller, we can see the auto-created tunnel interface with suffix "(INT)". 

In this setup, there are two Branch controllers (Branch-1 and Branch-2) in the same config group. Hence this tunnel configuration will be pushed to both the controllers in this branch-config-group and there would be two GRE tunnels created to the Master controller with two different tunnel interfaces. 
 

On the Master controller CLI: 
========================

Verify the IP address of the Branch controllers 

(Rajaguru-6.4.3.9) #show switches

All Switches
------------
IP Address   Name              Location          Type    Model      Version        Status  Configuration State  Config Sync Time (sec)  Config ID
----------   ----              --------          ----    -----      -------        ------  -------------------  ----------------------  ---------
10.10.10.1   Rajaguru-6.4.3.9  Building1.floor1  master  Aruba7240  6.4.3.9_55230  up      UPDATE SUCCESSFUL    0                       59
172.16.5.1   7005-Branch-2     Building1.floor1  branch  Aruba7005  6.4.3.9_55230  up      UPDATE SUCCESSFUL    2                       59
172.16.6.1   7005-Branch-1     Building1.floor1  branch  Aruba7005  6.4.3.9_55230  up      UPDATE SUCCESSFUL    2                       59
172.16.20.5  7030-Branch-3     Building1.floor1  branch  Aruba7030  6.4.3.9_55230  up      UPDATE SUCCESSFUL    2                       59

Total Switches:4

 

Verify that there are auto-created tunnel interfaces with suffix (INT). 

(Rajaguru-6.4.3.9) #show ip interface brief

Interface                   IP Address / IP Netmask        Admin   Protocol
vlan 10                     10.10.10.1 / 255.255.255.0     up      up
vlan 1                      unassigned / unassigned        up      down
vlan 20                     20.20.20.1 / 255.255.255.0     up      up
vlan 110                  10.110.110.1 / 255.255.255.0     up      up
vlan 100                     100.0.0.1 / 255.255.255.0     up      up
vlan 120                  10.120.120.1 / 255.255.255.0     up      up
loopback                    unassigned / unassigned        up      up
tunnel 64007 (INT)          unassigned / unassigned        up      up
tunnel 64008 (INT)          unassigned / unassigned        up      up

 

Verify that the tunnel destination of of the tunnels are pointing to the branch controller's IP address. 

(Rajaguru-6.4.3.9) #show interface tunnel 64007

Tunnel 64007 is up line protocol is up
Description: Internal Tunnel created for Branch controller Communication
Source  10.10.10.1
Destination 172.16.5.1
Tunnel mtu is set to 1100
Tunnel is a Layer2 GRE TUNNEL
Tunnel is Trusted
Inter Tunnel Flooding is enabled
Tunnel keepalive is disabled
Keepalive type is Default
tunnel vlan 110


(Rajaguru-6.4.3.9) #show interface tunnel 64008

Tunnel 64008 is up line protocol is up
Description: Internal Tunnel created for Branch controller Communication
Source  10.10.10.1
Destination 172.16.6.1
Tunnel mtu is set to 1100
Tunnel is a Layer2 GRE TUNNEL
Tunnel is Trusted
Inter Tunnel Flooding is enabled
Tunnel keepalive is disabled
Keepalive type is Default
tunnel vlan 110

 

Statistics
0 Favorited
2 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.