Why are the APs not rolling back to the primary master when using HA

Aruba Employee

Environment Information- This articles applies to controllers running 6.3 and above code with High Availability feature enabled. 

Symptoms- AP fails over to the standby when the primary controller goes down. However once the Primary master comes back up it doesn't roll back.  Only by rebooting the standby it goes back to the primary controller. 

Cause- If preemption is not enabled or LMS ip is not configured there could be issues. 

Resolution- AP not failing back to the primary master when using HA. 

  • Make sure Preemption is enabled on the HA group profile
  • Check if the LMS ip is configured on the AP system profile mapped to AP group
  • Check the LMS hold down period in the AP system profile (default 600 secs)

The LMS marked in the AP system profile will be treated as primary for that AP group. So the AP would attempt to failover once the primary is up.

 If original controller comes back up and preemption is enabled, APs will move back to that controller after LMS Hold down period. 

Related Links- https://arubanetworkskb.secure.force.com/pkb/articles/HowTo/How-to-configure-AP-Fast-Failover
https://arubanetworkskb.secure.force.com/pkb/articles/FAQ/What-is-AP-fast-failover-In-which-mode-is-it-supported

Answer- There is no recommendation on HA Preemption but keep in mind that when APs preempt back to original controller, client will need to go through authentication again. If all the clients are dot1x only, than state sync will help but if any other type of authentication is used on controller (for example captive portal) than client will need to re-auth. 
Note: Client state sync is available in 6.4 and above code

(Master) (config) #show ap system-profile test
AP system profile "test"
------------------------
Parameter                               Value
---------                               -----
RF Band                                 g
RF Band for AM mode scanning            all
Native VLAN ID                          1
Tunnel Heartbeat Interval               1
Session ACL                             ap-uplink-acl
Corporate DNS Domain                    N/A
SNMP sysContact                         N/A
LED operating mode (11n/11ac APs only)  normal
SAP MTU                                 N/A
RAP MTU                                 1200 bytes
LMS IP                                  10.17.168.70
Backup LMS IP                           N/A
LMS IPv6                                N/A
Backup LMS IPv6                         N/A
LMS Preemption                          Enabled
LMS Hold-down Period                    600 sec

(Master) (config) #ha group-profile test
(Master) (HA group information "test") #preemption ?
<cr>

(Master) (HA group information "test") #?
clone                   Copy data from another HA group information
controller              Controller to be made part of this ha-group
controller-v6           Controller to be made part of this ha-group
no                      Delete Command
preemption              After AP fails over to standby, if the active comes
                        back up, preempt the AP to fall back to the active
                        after a hold-down time.


Verify
======
this log is seen when it fails over initially 
(Master) (config) #show ap debug system-status ap-name OLDNAME | include HA
HA Failover Information
Wed Nov 26 21:18:26 2014(53 secs ago): SENT REQ type=HA_FAILOVER len=48 peer=10.17.168.69 seq_num=2 num_attempts=1 rtt=0 secs 040000002B040000002B050A11A85D045476B33904000000020B000200000A11A8450000000000000000000000000200  


this log is seen when it rolls back to the primary as per ap system profile
(Master) (config) #show ap debug system-status ap-name OLDNAME | include HA
2014-11-26 21:24:18 Failover to primary 10.17.168.70 

 

 

Version history
Revision #:
1 of 1
Last update:
‎04-02-2015 10:19 PM
Updated by:
 
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: