Wireless Access

Reply
Occasional Contributor II
Posts: 20
Registered: ‎06-06-2012

RAP Redundancy

Hello 

 

I have a controller in my headquarter, in this site i have 2 different wan links to provide redundancy.

 

I have some RAPs in my remote site, and need to provide redundancy in case of failure of one of the wan links of the headquarter.

 

 

How can i configure it for my raps?

 

I have tryed to use LMS but it don´t works fine for the RAPs.

 

Could you help me ?

 

Regards

 

Thiago

 

 

 

Aruba
Posts: 1,643
Registered: ‎04-13-2009

Re: RAP Redundancy

[ Edited ]

please refer to the Geographical Redundancy for RAP Deployments in the RAP VRD for full details; but in summary:

 

When considering redundancy for RAPs, there are two components.  

1) The provisioning name 

2) The LMS

 

You can handle the first by either setting up a DNS entry with two IPs; one for each of your locations; that way if one controller is down, RAPs can still find their way to a controller to get their configuration.....which is where the second piece comes in.  The second is handled by the primary/backup LMS IPs (external IPs, not internal).    

 

(Both controllers need the RAP whitelist)

 

 

------------------------------------------------
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX

Occasional Contributor II
Posts: 20
Registered: ‎06-06-2012

Re: RAP Redundancy

Another question:

 

If i need to point 2 different controllers in 2 different locations, it is possible since the same configuration exists on the 2 sides, right ?

 

In this case i need to use LMS too?

Aruba
Posts: 1,368
Registered: ‎12-12-2011

Re: RAP Redundancy

A third option (for RAP3s and 155s or any Instant AP) is to use Instant + VPN as documented in the Instant user guide.  

 

Essentially, you move from a L2 extension in the RAP mode (note all the broadcast and multicast knobs per best practice in Chris's link to our VRD) to a L3 extension with routable subnets per RAP.  There are major architectural differences but for scaling purposes, please consider using our RAPs as Instant APs and enabling an IPSec tunnel to a mobility controller.  

 

The benefits are:

 

1. < 1 minute failover as you can enable two IPSec tunnels to two controllers.

2. L3 connectivity vs. L2 connectivity meaning the RAP clients' gateway is the RAP.  Each home/remote site is its own subnet.  Think broadcast containment, etc...

3. Plug and play (since it's instant) for adding another AP or two.  Also note that IF the demark in the home is NOT in an optimal spot, with Instant, we can enable "wifi uplink" whereby you have an AP where the modem is and you can form a wireless link to another AP where the user may be physically located.

4. No AP/PEF licensing on the controllers (recommend PEF-V however)

5. Scalability numbers well north of AP capacity limits on controllers as all intelligence (control and mangement planes) are distributed.

 

There are many more but at scale, Instant + VPN is a much more robust solution we have been working on and now have in place for a little while now...

Seth R. Fiermonti
Consulting Systems Engineer - ACCX, ACDX, ACMX
Email: seth@hpe.com
-----
If you found my post helpful, please give kudos
Aruba
Posts: 1,368
Registered: ‎12-12-2011

Re: RAP Redundancy


taraujo wrote:

Another question:

 

If i need to point 2 different controllers in 2 different locations, it is possible since the same configuration exists on the 2 sides, right ?

 

In this case i need to use LMS too?


Yes...that should work just like in the CAP scenarios for failover.

Seth R. Fiermonti
Consulting Systems Engineer - ACCX, ACDX, ACMX
Email: seth@hpe.com
-----
If you found my post helpful, please give kudos
Occasional Contributor II
Posts: 20
Registered: ‎06-06-2012

Re: RAP Redundancy

Hello 

 

Thank you for the help. 

 

I did a lab yesterday and the lms works, i just needed to adjust the VPN retries to reduce the downtime.

 

there Is any other parameter i can adjust to improve the reconnection time ?

 

Regards

 

 

Search Airheads
Showing results for 
Search instead for 
Did you mean: