Controller Based WLANs

What is a master cluster and how is it configured in ArubaOS 5.0?

Product and Software: This article applies to all Aruba controllers and ArubaOS 5.0 or later.

 

Overview

 

The master cluster feature is introduced in ArubaOS 5.0. With this feature, independent masters are grouped into cluster, and their databases (whitelist, keys, and certificates) are synced periodically. This feature allows a valid AP to move freely from one master controller domain to another and still connect securely using the same certificate.

 

1630_image001.jpg

 

Configuration

 

One master controller is configured as cluster root with a self-signed certificate. All other master controllers act as cluster members certified by the cluster root, which in turn certifies the local controllers. The trust anchor for all the APs in the cluster is the cluster root. Cluster root and cluster members communication are secured by PSK.

 

On the cluster root master:

 

#cluster-member-ip <ip address> IPsec <psk>

 

 

Turns cluster mode on and configures a master controller as cluster ROOT.

 

  •  Specify IP address of cluster MEMBER controller. Can have multiple IP address entries.
  •  If all entries for cluster members are removed, the cluster role becomes NONE.

On the cluster member master:

 

#cluster-root-ip <ip address> IPsec <psk> vlan <id>

 

  •  Turns cluster mode on and configures a master controller as cluster MEMBER.
  •  Can specify only one cluster root IP address. If entry is removed, the cluster role becomes NONE.

(cluster-root) #show cluster-config

 

Cluster Role

------------ Root ---- Cluster IPsec Controllers -------------------------- Switch IP address of Cluster-Members Key ------------------------------------ --- 10.16.0.250 ********

 

(cluster-root) #show cluster-switches

 

SWITCH-IP CLUSTER-ROLE ----------------------------- 10.16.0.250 MEMBER

 

(cluster-mem) #show cluster-config

 

Cluster Role
------------
Member
------
Cluster IPsec Controllers
--------------------------
IP address of the Cluster-Root Key
------------------------------ ---
10.16.0.200 ********

 

 

(cluster-mem) #show cluster-switches

 

SWITCH-IP CLUSTER-ROLE
-----------------------------
10.16.0.200 ROOT

 

 

Version History
Revision #:
1 of 1
Last update:
‎07-02-2014 06:39 AM
Updated by:
 
Labels (1)
Contributors
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.