07-22-2014 12:19 AM
We have a remote site that is connected to main site via radio relay. Radio relay link can be not very reliable so there might be a situation when there is NO connectivity between remote site and main site.
We have 2 controllers at the main site and no controllers at remote site are planned. We plan CAPs at remote site to use split-tunnel to forward traffic to main site (remote site will only deliver Internet access via main site gateways).
1) Will CAPs at remote site bring down SSID after 8 seconds (I have read that this is the behavoiur for tunneled SSIDs) if connectivity to controller lost?
2) If connectivity gets back to normal will AP reboot or they just bring up SSID? What is the period (in seconds) to bring up the SSID if connectivity gets back to normal?
Thanks for any information in advance!
07-22-2014 12:39 AM
In this instance you should use RAPs. Your split tunnel and tunnel SSIDs will not work if a connection to the controller is lost however any bridge mode SSIDs will remain up.
07-22-2014 12:50 AM - edited 07-22-2014 12:52 AM
There is no backup link between remote site and main site. All services delivered to clients depend on the radio relay link. No link - no service. So it's actually ok if SSID will go down when radio relay link is not available.
In case we use RAPs that will give just an image of service: SSID is up but no connectivity to main site (no Internet).
We need information about CAP: how do they behave if connection to controller lost and restored.
07-22-2014 02:51 AM
If my post is helpful please give kudos, or mark as solved if it answers your post.
ACCP, ACMP, ACMX #294
07-22-2014 01:00 PM - edited 08-22-2014 05:11 AM
I would like to share some results that I got from the lab.
To simulate connectivity problem between CAP and controller I used ACL to block any traffic.
1) After ACL gets installed I see that AP detects that tunnel to controller is down (in ~8 seconds) and starts bringing down SSIDs.
AP still tries to install control channel (via IPsec) to controller but fails. After 20 minutes AP reboots with following message:
sapd: <311009> <DBUG> |AP Engines@172.17.7.11 sapd| |ap| ^[msg sapd_reboot: SAPD reboot called, msg - Unable to set up IPSec tunnel, Error:RC_ERROR_IKEV2_TIMEOUT ]
After reboot AP still tries to install control channel.
2) After ACL is removed AP starts broadcasting SSID in ~30 seconds (g-radio comes up first, after that in some seconds comes up a-radio). AP doesn't need to reboot.
Hope that will help somebody.
BTW, we are using ArubaOS 126.96.36.199 (build 41362).