Wireless Access

last person joined: 9 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

AOS Cluster - adding VLANs and Excluding VLANs

This thread has been viewed 23 times

  • 1.  AOS Cluster - adding VLANs and Excluding VLANs

    Posted Sep 13, 2018 04:23 AM

    We're having a cluster running as L2-connected. 

    We have excluded VLANs 1,1001-1099, 1125-1150, 1200-1230

    Cluster running on VLAN 200 

    it's L2 and all good.

     

    We added VLANs 11151 - 1155

    we have not excluded these.

    Still - after lc-cluster start-vlan-probe, and a reboot - the controller still sees the cluster as L2

     

    the ports are configured like this

    PC0 - static access VLAN200

    PC1 - trunk, allow all except VLAN200

     

    As far as I know - the cluster should revert to L3 when adding new VLANs that aren't excluded, but it is still L2

     

    From a daily maintenance point of view, i guess we should exclude them, just to be safe - but is it needed 



  • 2.  RE: AOS Cluster - adding VLANs and Excluding VLANs

    Posted Sep 13, 2018 05:40 AM

    Hi,

     

    you only need to exclude VLANs, where the controllers do not see each other.

    If all VLANs you use are tagged on uplinks and switches between the controllers, than probes sent on all that VLANs will be seen between the controllers. It stays L2 connected.

     

    Thus in most cases you do not need to exclude a lot of VLANs.

    One common case is VLAN1. VLAN1 is not used in a lot of enterprise networks and thus not available between controllers. Needs to be excluded.

     

    All VLANs used to bridge clients to at the controller cluster need to be available at all cluster nodes. No need to exclude them. If state changes to L3 connected, you know, something is wrong in your network. E.g. VLAN missing on Uplink.

     

    Another Example might be, if you bridge at AP to a VLAN not used at controllers. You have to add that VLAN to the controllers to be able to configure bridging at AP. But you need to exclude it from cluster, since it is not allowed on Uplinks between controllers.

     

    As summary, most of the time I just need to exclude VLAN1. But of course I need to setup my uplink trunks correctly ;-)

     

    Kind Regards, Jörg

     

     

     



  • 3.  RE: AOS Cluster - adding VLANs and Excluding VLANs

    Posted Nov 02, 2019 08:45 PM

    Our environement was setup with each vlan being used by different SSIDs as excluded. I'm being told that is not needed as that is preventing the cluster members from seeing those vlans and making failover decisions.

     

    With that said, it sounds like vlan 1 and maybe my management vlan is all that needs excluded. I'm a bit confused on the topic, seeing that the consulting firm configured ours with basically every vlan in use as excluded.

     

    Any advice or further explanation is very appreciated.

     

    Thanks



  • 4.  RE: AOS Cluster - adding VLANs and Excluding VLANs

    EMPLOYEE
    Posted Nov 03, 2019 03:38 AM

    Controllers in a cluster need to probe each other on client VLANs so that it can know which users can be statefully failed over between controllers.  All client VLANs should be removed from that list.