Wireless Access

Reply
New Contributor
Posts: 4
Registered: ‎02-11-2013

Connecting AP's over an MPLS cloud to the controller

Hey all-

Trying to build the following network as shown in the attachment, and have a question on how to setup controller discovery.

After looking in the 6.1 UG, I know that this is deployment option 2, where the AP's are seperated by a L3 device from the controllers. My first thought was to simply put an ip helper address with the VRRP IP of the controllers so that the controllers could send a local IP address to the AP's and the GRE tunnel could be built, but then it occured to me that the AP will still need a local network address so that it knows where it's next hop is.

I can't find explicit info on this, so I'm wondering how it needs to be setup to:

1. Allow the AP's on a seperate L3 subnet than the controllers

2. Use DHCP to find both their DG and the controller's IP (something else recommended)?

3. Ensure that the GRE tunnel can be formed between the AP's IP address and the VRRP address. (Pretty sure the answer is yes).

I know this is a covered scenario, just want to make sure I've got my ducks in a row here. Thanks all!

 

MVP
Posts: 1,401
Registered: ‎05-28-2008

Re: Connecting AP's over an MPLS cloud to the controller

[ Edited ]

hi

i hope i understood your questions

 

 

 

1. Allow the AP's on a seperate L3 subnet than the controllers

Aruba AP`s can connect to aruba controller over lan/wan/cloud service and more with nat or with out nat.

(GRE or IPSEC) - you just need to allow the the controller to establish the tunnel (open ports in the router/fw/gw port fw)

2. Use DHCP to find both their DG and the controller's IP (something else recommended)?

use dns record that will redirect the ap's to the controller | or user dhcp option 43.

3. Ensure that the GRE tunnel can be formed between the AP's IP address and the VRRP address.

use dns record that will redirect the ap's to the controller | or user dhcp option 43.

let me know if u need further info - or it's answering your question.

 

rgrds.

 

me

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
MVP
Posts: 1,401
Registered: ‎05-28-2008

Re: Connecting AP's over an MPLS cloud to the controller

[ Edited ]

BTW: u might also configure the AP as RAP (ipsec tunnel).

(if u have pefng/pefv installed on your controller)

 

Example: (of a really old deployment I did for an ISP)

Untitled.png

 

Working mode that can be user: Tunnel/split tunnel/bridge mode (IPSEC recommended over WAN)

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
New Contributor
Posts: 4
Registered: ‎02-11-2013

Re: Connecting AP's over an MPLS cloud to the controller

Thanks for the response!

 

Okay- so if the Aruba controllers are going to handle the DHCP requests of the AP's, the scope should be set to the remote VLAN's L3 addresses, with the DG being the remote router's .1 address, but there should be DHCP option 43 also set that has the controller's VRRP address?

 

So in other words, if the AP is on the 10.0.0.x network (with .1 being the DG of the router) and the controller is on the 192.168.0.x network (with .4 being the VRRP address), and the controllers were the ip-helper target, you'd hand out a 10.0.0.x address with an DHCP 43 option set as 192.168.0.4 (controller's VRRP)?

MVP
Posts: 1,401
Registered: ‎05-28-2008

Re: Connecting AP's over an MPLS cloud to the controller

[ Edited ]

you should  hand them the extrnal LEG (VLAN in front of the cloud) of the controller as their (Access points)  controller address. the internal or extranl vrrp address will stay the same even in failover.

 

  :smileyhappy: *if the above posts helped you - please mark solved and Kudos me , thanks :) *

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
New Contributor
Posts: 4
Registered: ‎02-11-2013

Re: Connecting AP's over an MPLS cloud to the controller

Okay- is there a good guide as to how to setup DHCP w/ options on the controller? Looking at the UG for 6.1 now, but it's a bit unclear.

MVP
Posts: 1,401
Registered: ‎05-28-2008

Re: Connecting AP's over an MPLS cloud to the controller

[ Edited ]

please read attached PDF.

(i hope they will answer your question)

(i dunno if there is a command to enable dhcp option on the controller it-self...there is a linux command,but i never tested the synatx over the cli)

 

linux dhcpd:

option serverip code 43 = ip-address;
class “vendor-class” {
match option vendor-class-identifier;
}

 

cisco switch cli:

option 60 ascii "ArubaAP"
option 43 ip x.x.x.x

 

rgrds.

 

Me

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
New Contributor
Posts: 4
Registered: ‎02-11-2013

Re: Connecting AP's over an MPLS cloud to the controller

Just to clarify- once this DHCP process is done, with options 43 and 60 setup as mentioned, the AP will have the following information:

1. An IP address on the proper remote subnet (i.e. whatever the scope on the DHCP server is set to)

2. A DG address for that remote subnet

3. The address (specified by option 43 and filtered by option 60) of the external VRRP address of the controller.

 

Nothing additional on the remote router needs to be setup other than a IP-helper address pointing to the DHCP server.

 

Thanks for the PDF's. Read through them twice already. Just want to make sure what I'm reading what I think I'm reading. 

MVP
Posts: 1,401
Registered: ‎05-28-2008

Re: Connecting AP's over an MPLS cloud to the controller

[ Edited ]

YEP.

IF THERE IS:

  • an ip address for the Accesspoint. (including GW that can connect to the controller & dns record of course :)
  • Controller address in the AP boot environment or during the adp process.
  • A tunnel of GRE or IPSEC can be establish between the AP and the Controller. (you case ...GRE)
  • (default AP-group with a working vap in the controller)

 

So the remote Accesspoint will be able to go "UP" on the remote controller. (via your MPLS cloud)

 

regards.

 

Me.

 

*dont forget , if i assisted your - please Kudos (The star+ button) me ! Thanks :) :smileyhappy:

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
Aruba
Posts: 1,285
Registered: ‎08-29-2007

Re: Connecting AP's over an MPLS cloud to the controller

If you create the dhcp pool on the controller, the option is automatically added, though it will be the ip of the local controller the scope is created on.

 

You can add other options, but not sure on the syntax to change the ip returned to be something different from the local it is created on.


If my post is helpful please give kudos, or mark as solved if it answers your post.

ACCP, ACMP, ACMX #294
mclarke@arubanetworks.com
Search Airheads
Showing results for 
Search instead for 
Did you mean: