11-21-2013 08:16 AM
So we've deployed a number of AP-22X series with both static (portchannel) and 802.3ad LACP.
The question I have is related to the assignment of the GRE-Striping IP which is configured on the AP System profile.
I understand why we need the IP, and how it allows the dest-IP hash algorithm to work correctly. Seems to make sense with a single controller or an LMS IP that is a physical IP interface.....
How is this handled if the LMS IP I provide on my AP System profile is a VRRP address?
Will the GRE Striping IP follow the VRRP instance?
I haven't had time to lab test this, but it seems like an issue we'll need to fully address shortly.
Thanks to all contributors!
07-17-2014 09:01 AM
There are various other threads about this, with answers from Aruba and other people, but I yours is the same question I have:
I have 6 controllers with physical and loopback addresses but then a series of 4x VRRP groups which move between controllers to provide failover. In the system profile, we point the LMS IP at these VRRP addresses.
I assume that the GRE striping address must be arranged to point at the same controller as the LMS serving that AP. The ArubaOS VRRP implementation doesn't seem to support secondary addresses, so it looks like we'll need another set of VRRP groups, configured identically to the first, but with IP addresseses +1 (to create the hash across ports from the upstream switch). These groups must failover between the same controllers at (approximately) the same time.
Is that correct?
There is a discussion in the following thread saying that there is a delay of about 30s before GRE striping is dragged over to the new controller:
... I'm not sure where that comes from as I would expect the AP to continue talking to the same GRE striping address, it's just VRRP has moved that address across.
The LMS and GRE striping addresses are specified at the system profile level, so I assume these don't dynamically change, once an AP has started up: if there's any rehoming onto a different controller, that is just done via VRRP.
There is a separate thread were someone queries how all this interacts with a backup LMS setting: I don't see how that's going to work, but I'm not worried about that at present.
09-03-2014 10:23 AM
I logged a call with our support partner about this and was pointed at two articles, the most useful of which was here:
... this confirms (in a detailed way!) that two VRRP instances should be set up to failover between the same controllers and the GRE striping address should be set to point at the +1 instance of these.
I have configured this on our system and it appears to work fine (although I haven't tried failover yet).