Wireless Access

Reply
Occasional Contributor II
Posts: 12
Registered: ‎01-16-2015

Master redundancy and controller role question

Hello, here is my first question for the forum.

 

We have a pair of shiny new 7210 controllers, and I am going through the configurations for the first time.

 

My history is that I am an  Enterasys man, so these Aruba controllers are new to me, too.

 

I am having some good successes configuring so far.  I have them both connecting with trunked uplink ports, and the VRRP instances I created for active/active operations are behaving as they should.

 

I think I have the master redundancy configured, but am not sure about the standby master controller role.

 

When I did the initial configs, I set one controller role to master, and the second controller role to local.  Now I get to my first qestion:

 

Should I change the role of my local controller to master instead of local as well?

 

My second question has to do with the WebUI config for Master Redundancy.  I chose to use IPSec, which asks to enter a password, of course.  Where on the other controller do I configure that IPsec password for the master redundancy feature to work?

 

Thanks,

 

Jess

Guru Elite
Posts: 20,761
Registered: ‎03-29-2007

Re: Master redundancy and controller role question

[ Edited ]

The answer to your last question is "Yes".

 

To configure master redundancy:

 

- Configure a vrrp between two controllers on their management vlan.

- First Make sure that the controller with the configuration that you desire has the higher priority and is  the "master" of the vrrp (show vrrp).  This is important, because whoever has control of the VRRP when you configure master redundancy propagates his configuration to the opposite controller.  If you configure the VRRP wrong, a controller with very little configuration who has control of the VRRP when you configure master redundancy will overwrite the other controller's configuration.

- When you are sure the controller with the desired config is the master of the VRRP, first configure master redundancy on that side.  Master redundancy will ask you what VRRP do you want to tie the master redundancy to.  This is important because the status of that VRRP decides what configuration will be used between both controllers.

- Configure master redundancy on the other side.  That side should have the role of "backup" on the VRRP

- When you have both sides configured, when you type "show switches" from the "Master" side, it should show the other side as standby, and that is how you know you are successful...

 

Gotchas:

 

- You cannot terminate any access points on the backup master.  You would point the LMS-IP of the ap group at the VRRP address and whoever has control of the VRRP (the master) would terminate and service the access points.

- If any access points point to the backup master, no traffic will be passed

- If the backup master is running a DHCP server, it will still give out ip addresses.

 

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 12
Registered: ‎01-16-2015

Re: Master redundancy and controller role question

Thanks, Colin.  That was very helpful.  I am now getting beat up with IP interfaces and uplink prioirities...

 

Jess

Occasional Contributor I
Posts: 6
Registered: ‎03-20-2016

Re: Master redundancy and controller role question

Hi All,

I am facing an issue that the standby controller is changing as master automatically without any failover. 

Controller:7210

OS: ArubaOS_72xx_6.4.4.8_55228

 

Anybody can help to solve this issue?

 

Reg,

Shamz

 

 

 

Guru Elite
Posts: 20,761
Registered: ‎03-29-2007

Re: Master redundancy and controller role question

You should open a TAC case.  Troubleshooting what you describe could be complicated and would be difficult to handle on this forum.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 12
Registered: ‎09-22-2016

Re: Master redundancy and controller role question

Hi, It is an old thread, but I could not find an answer anywhere else. I am having the same set up, but failover to the backup-master takes abbout 1 minute. Is that normal and is there a way to speed it up?

I see that it takes about 30sec for the backup to become a master and the APs to fail over and about another 30 sec for the AP to start passing client traffic.

MVP
Posts: 1,302
Registered: ‎11-07-2008

Re: Master redundancy and controller role question

what does your VRRP config and master redundancy config look like?

Jerrod Howard
Sr. Techical Marketing Engineer
Occasional Contributor II
Posts: 12
Registered: ‎09-22-2016

Re: Master redundancy and controller role question

Here it is

 

master-redundancy
  master-vrrp 11
  peer-ip-address 10.0.0.6 ipsec *************
!
vrrp 11
  ip address 10.0.0.11
  vlan 30
  preempt delay 15
  no shutdown
!


####################


master-redundancy
  master-vrrp 11
  peer-ip-address 10.0.0.5 ipsec ***********
!
vrrp 11
  priority 50
  ip address 10.0.0.11
  vlan 30
  preempt delay 15
  no shutdown
!

Search Airheads
Showing results for 
Search instead for 
Did you mean: