11-18-2011 12:34 PM
Been a while since I've set up an Aruba system but I have one coming up, and I am trying to get back up to speed on everything. The customer has multiple sites, but each site is going to get it's own pair of controllers (1 backup for each site) and there is not going to be a master controller controlling everything. So for our purposes we can just say we have one site.
What is the best way to handle redundancy? The customer is asking about active:active but I'm thinking that you would need a master and two locals for that to happen. Can I do hot redundancy if the controllers are in Standalone mode, or do I have to make them "masters?"
I have enough AP licensing to cover the primary controllers as well as the backups, so that's not an issue.
Any help on this would be greatly appreciated. This was dumped on me and of course I have to have it all configured yesterday :smileyindifferent:
11-18-2011 03:06 PM
So, you have 2 controllers at each site? If so, make one a master and the other a local. That way, you can have 2 ap groups (A and B) and make the master primary for A and the local primary for B (and have the master as the backup for B and the local as the backup for A).
Also, you will only have to configure one device per site, since the global configuration would be pushed from the master to the local at each site. If you make them both separate masters, you may run into classification and roaming issues and you will have two devices to keep in sync. If you make them a master/master redundant pair, you can't terminate APs on the backup master.
11-21-2011 06:59 AM
Thank you! I posed the question to the TAC and they also thought that master/local would be the way to go.
Can you explain why two AP groups would be needed? I thought that the LMS-IP and backup LMS-IP were configured right from the provisioning screen and weren't actually part of the AP Group configuration. And just so that I'm clear, if the "master" controller power failed, the local would still be able to to serve all the APs on its own, correct?
Oh, one other question... would VRRP come into play here? I'm looking at an old Aruba document online about redundancy and it mentions using VRRP and a virtual router IP, etc etc, but I'm guessing that in this case, all APs would be terminating on whatever controller is currently the master.
Thanks SO MUCH for your assistance!
11-21-2011 07:16 AM
The LMS IP and backup LMS IP are configured in the AP system profile, not the provisioning screen. The provisioning screen lets you specify the server IP (where the AP will get its ArubaOS code from) and the master IP (where the AP will get its initial configuration from).
You would need 2 AP groups since you need group 1 to point at the master as the primary and group 2 to point at the local as the primary.
You should purchase and install enough licenses on the local controller so that if the master fails, the local is able to handle the full load. You will lose the ability to configure the WLAN while the master is down, so keep that in mind. I usually have redundant master controllers.
VRRP may come into play in this design. You could have AP system profile x point to controller x for the primary. Controller x would be the active VRRP instance on VLAN x and controller y would be backukp. AP system profile y would point to controller y for the primary and controller y would be the active VRRP instance on VLAN y and controller x would be backup.
That way, if either controller failed, the other controller would take over the VRRP active role and failover would be almost instant (at least for the APs - the users would still see a quick outage because the backup controller doesnt keep state for users).
11-21-2011 07:22 AM
Please take a look at the at Chapter 6: Redundancy Models from the Aruba Mobility Controllers
Validated Reference Design (www.arubanetworks.com/vrd). That explains the redundancy options in detail.
To answer your qustion:
You can suffice with 1 AP-group with LMS and backup LMS set, but a bit faster recovery would be if you load half the AP's on your master (with the local as backup) and half the APs on the local (with the master as backup).
VRRP isn't required but can be used for even faster redundancy if you go for master-master redundancy.
-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.