Wireless Access

Reply
Occasional Contributor II

Clustering MD in 8.x. The need for VRRP IP?

Hi,

 

I fail to see the need for VRRP IP when clustering two controllers in 8.1.

I have an MM and two MD. When clustering the MD I get an option to set VRRP IP, but that IP has to be different for the two MDs. Isn't the point of clustering to have one cluster IP?

 

If I have AP-loadbalancing enabled and don't have VRRP IP set. Will it still loadbalance the AP between the controllers even tho I have my DNS pointing 'aruba-master' to MD1 IP?

 

If I don't use VRRP IP and I want to send RADIUS-request to Clearpass then the request will come from the IP of each MD. But what if i have VRRP. Will the requests from MD1 come from its VRRP IP and requests from MD2 come from VRRP IP2? 

 

Regards

Philip

 

 


Wireless network engineer consultant| @phivil | ACMP ACCP

Re: Clustering MD in 8.x. The need for VRRP IP?

Two things.

 

1. for AP discovery, when a NEW AP that has never talked to the cluster is added, you can point them to controller 1 of a 2c ontroller cluster. Once provisioned, the AP will get the node list provisioned on to the AP flash, which is the IP address of every controller in the cluster so that subsequent discoveries won't require DNS, DHCP, etc for that AP. However, if controller 1 of the cluster goes down, while previously provisioned APs will find controller 2 from the nodelist, NEW APs will not. So having a VRRP IP between the cluster members to point AP discovery to for new APs would be beneficial. 

 

Secondly, you would want VRRP IPs for COA, in case one client is moved from one controller to another and CPPM needs to send a COA. 

Jerrod Howard
Sr. Technical Marketing Engineer
Occasional Contributor II

Re: Clustering MD in 8.x. The need for VRRP IP?

On your second point I get lost. Lets say I have two controllers:

CTRL1 with IP 192.168.0.1

CTRL2 with IP 192.168.0.2

First I add CTRL1 to the cluster with VRRP IP 192.168.0.10

Then I try to add CTRL2, but I can't use the same VRRP IP (it is giving me an error saying that 192.168.0.10 is used by CTRL1), so I have to use 192.168.0.20 for that.

 

Now Client1 connects, it get "assigned" to CTRL1 so the IP for COA will be 192.168.0.10.

Now Client2 connects and since both controllers in the cluster is active it gets assigned to CTRL2. When that does COA it will use IP 192.168.0.20.

This sort of beats the purpose of having VRRP, or have I got the theory wrong?

 


Wireless network engineer consultant| @phivil | ACMP ACCP

Re: Clustering MD in 8.x. The need for VRRP IP?

Two things:

 

For COA to work, within the clustering profile you create and assign a VIP to each cluster member as part of the cluster config. The MM will then assign the priorities to the cluster member automagically for you.

 

For AP discovery, if you want one single VRRP IP for the entire cluster, you would create a single VIP in the 'Redundancy' section and then set priority for all the other cluster members below whichever one you want as the master. That said, for AP discovery, I don't think you need all 12 added, just at least two for redundancy, but that's up to you. And that ONLY applies to new APs, as provisioned APs will have the node list, which contains the IP of every cluster controller.

Jerrod Howard
Sr. Technical Marketing Engineer
Occasional Contributor II

Re: Clustering MD in 8.x. The need for VRRP IP?

Ah ok thank you. And if I enable AP LoadBalancing in 8.1 the cluster master will choose what MD the AP will go to.

 

With the new clustering feature we don't need to configure High Availability right?


Wireless network engineer consultant| @phivil | ACMP ACCP

Re: Clustering MD in 8.x. The need for VRRP IP?

Correct, the MM will do the cluster management. No need for HA correct.

Jerrod Howard
Sr. Technical Marketing Engineer
Frequent Contributor I

Re: Clustering MD in 8.x. The need for VRRP IP?

(Jumping in because I'm going through this setup right now :-)

 

Once I set up the MDs with a cluster VRRP VIP, do I also need to manually set the RADIUS client source IP to the VIP, or will the controller automatically default to it?

Re: Clustering MD in 8.x. The need for VRRP IP?

I would set it to make sure the controller sends the VIP instead of the native IP. 

Jerrod Howard
Sr. Technical Marketing Engineer
Frequent Contributor I

Re: Clustering MD in 8.x. The need for VRRP IP?

Makes sense - thanks very much!

Occasional Contributor II

Re: Clustering MD in 8.x. The need for VRRP IP?

Hi fsweetser,

 

So you will it up so every MD has their own VRRP IP (in the cluster) and that IP will be the source of Radius-packets?


Wireless network engineer consultant| @phivil | ACMP ACCP
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: