Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Controller N+1 redundancy

This thread has been viewed 6 times

  • 1.  Controller N+1 redundancy

    Posted Jun 20, 2017 09:35 AM

    Hi,

     

    I would like to ask about the aruba controller N+1 design based on aruba mobility controller VRD with the following Diagram.

    I have some question on the failover flow.

    let say i have 3+1 topology (3 sites), with each sites vlan gateway located on the local router. Each site connected to the local Data Center via MPLS link (L3) (Let say the site is LDC1), and we have the backup controller on the LDC1, with DHCP server for all sites locaten on the centralized Data Center (Let say site DC1)

    My Question :

     

    1. Do we need to have a DHCP server and connect to the Backup controller via L2 link?

     

    2. What do we need to configure on the backup controller side? only the vlan id? since its not possible to configure each user subnet IP addess on the controller, because the backup controller and the local site default gateway is L3

     

    thanks in advanced

    N+1.png

     

     



  • 2.  RE: Controller N+1 redundancy

    EMPLOYEE
    Posted Jun 20, 2017 10:17 PM

    When there is "failover" the APs on one controller will swing over to another controller, but still use the same global configuration based on the AP-Group that the AP is in.  Each SSID has a Virtual AP, which has a VLAN#1 that clients will be placed on.  What subnet that VLAN is, depends on the controller that the AP is on:

     

    If you configure the Virtual AP for VLAN 10, on the production controller, whatever ports or subnet the production has configured for VLAN 10, that is where the clients will end up.  Upon failover, again, whatever ports or subnet are assigned to VLAN 10 on the backup controller, that is where the clients will end up.

     

    There comes a time where you cannot define the same VLAN number on both controllers, that is where VLAN naming comes in:  you would configure the Virtual AP to point to a VLAN name, and you would have the option of attaching a VLAN number to that name depending on what controller the APS are on.  It could be VLAN 10 on the production or primary controller, and then VLAN 20 on the backup controller, because the name would be defined in the Virtual AP globally, but the VLAN number that is assigned to that name would be configured locally on each controller:

     

     

     

    http://community.arubanetworks.com/t5/Controller-Based-WLANs/What-is-a-named-VLAN-and-how-do-I-configure-it/ta-p/181562



  • 3.  RE: Controller N+1 redundancy

    Posted Jun 23, 2017 11:30 PM

    Hi, thanks for your reply !!

     

    just want to clarify the solution here,

    -On this case we have a router on the local site and local DC (where the backup controller exists), 

     

    (1) If we configure the controller as L2, then we need to configure the local router as the gateway for User VLAN, and we cannot use the same vlan id on the backup controller.

    So we need to configure a new vlan and subnet on the backup controller (with the vlan gateway on the local DC router), let say a bigger subnet to cover all of the N sites failover.

    When faiolover occured, the AP will reboot and user will do new DHCP discovery for new VLAN

     

    (2) if we configure the controller as L3, then we can use the same vlan with the local site, all we need to consider is the Routing configuration from each side

     

    thanks