Hi!
I would like to configure controller clustering in AOS8 environment, but the cluster doesn't came up.
I manage controllers by a Mobility Master, and made everything exact like in this video, but it's not working for me.
I must use management vlan1 now, but it's temporary.
Mobility Master:
(MM1) [mynode] #show switches
All Switches
------------
IP Address IPv6 Address Name Location Type Model Version Status Configuration State Config Sync Time (sec) Config ID
---------- ------------ ---- -------- ---- ----- ------- ------ ------------------- ---------------------- ---------
10.0.0.91 None MM1 Building1.floor1 master ArubaMM-VA 8.2.0.0_61883 up UPDATE SUCCESSFUL 0 21
10.0.0.92 None MM2 Building1.floor1 standby ArubaMM-VA 8.2.0.0_61883 up UPDATE SUCCESSFUL 0 21
10.0.0.93 None MC1 Building1.floor1 MD Aruba7030 8.3.0.0_64659 up UPDATE SUCCESSFUL 0 21
10.0.0.94 None MC2 Building1.floor1 MD Aruba7030 8.3.0.0_64659 up UPDATE SUCCESSFUL 0 21
Total Switches:4
(MM1) [mynode] #show crypto ipsec sa
IPSEC SA (V2) Active Session Information
-----------------------------------
Initiator IP Responder IP SPI(IN/OUT) Flags Start Time Inner IP
------------ ------------ ---------------- ----- --------------- --------
10.0.0.91 10.0.0.92 f8603600/2123c00 T2 May 22 13:06:03 -
10.0.0.93 10.0.0.90 7d816f00/3090ed00 UT2 May 22 13:18:20 -
10.0.0.94 10.0.0.90 1f852f00/74226f00 UT2 May 22 13:12:01 -
Flags: T = Tunnel Mode; E = Transport Mode; U = UDP Encap
L = L2TP Tunnel; N = Nortel Client; C = Client; 2 = IKEv2
Total IPSEC SAs: 3
Mobility Controller 1:
(MC1) #show lc-cluster group-membership
Cluster Enabled, Profile Name = "mc-cluster"
Redundancy Mode On
Active Client Rebalance Threshold = 50%
Standby Client Rebalance Threshold = 75%
Unbalance Threshold = 5%
AP Load Balancing: Enabled
Active AP Rebalance Threshold = 50%
Active AP Unbalance Threshold = 5%
Active AP Rebalance AP Count = 30
Active AP Rebalance Timer = 1 minutes
Cluster Info Table
------------------
Type IPv4 Address Priority Connection-Type STATUS
---- --------------- -------- --------------- ------
self 10.0.0.93 128 N/A ISOLATED (Leader)
peer 10.0.0.94 128 N/A SECURE-TUNNEL-NEGOTIATING
(MC1) #show crypto ipsec sa
IPSEC SA (V2) Active Session Information
-----------------------------------
Initiator IP Responder IP SPI(IN/OUT) Flags Start Time Inner IP
------------ ------------ ---------------- ----- --------------- --------
10.0.0.93 10.0.0.90 3090ed00/7d816f00 UT2 May 22 13:18:20 -
Flags: T = Tunnel Mode; E = Transport Mode; U = UDP Encap
L = L2TP Tunnel; N = Nortel Client; C = Client; 2 = IKEv2
Total IPSEC SAs: 1
Mobility Controller 2:
(MC2) #show lc-cluster group-m
Cluster Enabled, Profile Name = "mc-cluster"
Redundancy Mode On
Active Client Rebalance Threshold = 50%
Standby Client Rebalance Threshold = 75%
Unbalance Threshold = 5%
AP Load Balancing: Enabled
Active AP Rebalance Threshold = 50%
Active AP Unbalance Threshold = 5%
Active AP Rebalance AP Count = 30
Active AP Rebalance Timer = 1 minutes
Cluster Info Table
------------------
Type IPv4 Address Priority Connection-Type STATUS
---- --------------- -------- --------------- ------
peer 10.0.0.93 128 N/A SECURE-TUNNEL-NEGOTIATING
self 10.0.0.94 128 N/A ISOLATED (Leader)
(MC2) #show crypto ipsec sa
IPSEC SA (V2) Active Session Information
-----------------------------------
Initiator IP Responder IP SPI(IN/OUT) Flags Start Time Inner IP
------------ ------------ ---------------- ----- --------------- --------
10.0.0.94 10.0.0.90 74226f00/1f852f00 UT2 May 22 13:12:01 -
Flags: T = Tunnel Mode; E = Transport Mode; U = UDP Encap
L = L2TP Tunnel; N = Nortel Client; C = Client; 2 = IKEv2
Total IPSEC SAs: 1As I see the problem is that the controllers doesn't form the IPsec tunnel that needed for the cluster operation, but don't understand why.
Devices are in the same L2 domain, every device can reach any other in this topology. The controllers connected to the same switch by GE0/0/0 in trunk mode (native: vlan1), and the switch ports configuration are identical.
MM: AOS 8.2.0.0-61883
MCs: 8.3.0.0-64659
What could be the problem?
Thanks!
EDIT:
After I wrote this post, tried to configure exclude vlan1 at Mobility Master for MC1 and MC2, deploy changes, and after that I clear excluded vlans, deploy it again, and now it works! :)
(MC1) #show lc-cluster group-membership
Cluster Enabled, Profile Name = "mc-cluster"
Redundancy Mode On
Active Client Rebalance Threshold = 50%
Standby Client Rebalance Threshold = 75%
Unbalance Threshold = 5%
AP Load Balancing: Enabled
Active AP Rebalance Threshold = 50%
Active AP Unbalance Threshold = 5%
Active AP Rebalance AP Count = 30
Active AP Rebalance Timer = 1 minutes
Cluster Info Table
------------------
Type IPv4 Address Priority Connection-Type STATUS
---- --------------- -------- --------------- ------
self 10.0.0.93 128 N/A CONNECTED (Leader)
peer 10.0.0.94 128 L2-Connected CONNECTED (Member, last HBT_RSP 44ms ago, RTD = 0.000 ms)