Controller-less WLANs

last person joined: 12 days ago 

IAP, Central, MSR, Outdoor Mesh

Why do we see SSIDs getting disabled on IAP when GRE tunnel is down?

By esupport posted Aug 10, 2020 10:27 AM

  
Q:

Why do we see SSIDs getting disabled on IAP when GRE tunnel is down?



A:

Starting from IAP version 8.4.0.0, By default all the SSID’s configured on the IAP (locally bridged & SSID’s used for GRE tunnel) both will be disabled when there is a failover or tunnel status goes down on the IAP( enhancement done on 8.4.0.0)

 

Below is the knob highlighted under gre config

 

# show gre config

 

GRE Tunnel Configuration

----------------------------------

GRE Primary Server                       :2222::2

GRE Primary IP                               :2222::2

GRE Backup Server                        :1111::1

GRE Backup IP                                :1111::1

GRE Type                                         :25944 (0x6558)

GRE Per AP Tunnel                        :disable

GRE Preemption                            :enable

GRE Holdon Time                          :600

GRE Failover type                          :ping

GRE Ping Interval                            :15 (secs)

GRE Allowed Inactive Time           :15 (secs)

GRE Ping Retry Count                     :3

GRE Reconnect User On Failover :enable

GRE Reconnect Time On Failover :60 (secs)

 

VPN logs to validate at the time of tunnel market down : 

show log vpn : 

cli_rap_send_tunnel_info(8519) send tunnel state (master) :DOWN 2020-03-05 18:26:32 
cli_rap_send_tunnel_info(8523) send tunnel type (master) :GRE PRIMARY 2020-03-05 18:26:34 
cli_gre_send_disable_ssid(8585) send disable ssid (master) 2020-03-05 18:26:34 
cli_send_ping_to_gre_endpoint:311 primary tunnel is marked down. 2020-03-05 18:27:22 
cli_gre_send_disable_ssid(8585) send disable ssid (master)

 

To prevent SSID’s getting disable on the IAP, need to enable below knob :

 

gre disable-reconnect-user-on-failover

 

# show gre config

 

GRE Tunnel Configuration

----------------------------------

GRE Primary Server                       :2222::2

GRE Primary IP                               :2222::2

GRE Backup Server                        :1111::1

GRE Backup IP                                :1111::1

GRE Type                                         :25944 (0x6558)

GRE Per AP Tunnel                        :disable

GRE Preemption                            :enable

GRE Holdon Time                          :600

GRE Failover type                          :ping

GRE Ping Interval                            :15 (secs)

GRE Allowed Inactive Time           :15 (secs)

GRE Ping Retry Count                     :3

GRE Reconnect User On Failover :disabled

0 comments
4 views