Environment : Aruba Mobility Controller AOS version 184.108.40.206
GRE tunnel is created between the Access Point and controller to for the Service Set Identifier (SSID). The default MTU for the GRE tunnel is 1500 bytes for the Campus Access Point (CAP) and 1200 bytes for the Remote Access Point (RAP). In some deployment scenario, the CAP is install in the branch office is connected to the corporate network via the IPSEC tunnel established between two external VPN endpoints. Packet fragmentation will occur if the MTU size for the GRE tunnel is at the default of 1500 bytes. Packets fragmentation will generally cause degraded throughput and performance. Perform the following steps to change the MTU to 1200 bytes to avoid packet fragmentation for this deployment scenario. Web UI: 1. Login with your administrator account username and password. 2. Click on Configuration -> WIRELESS (AP Configuration) -> Select the AP Group name where the change is needed -> AP (AP system) -> General (SAP MTU), Enter 1200 3. Click APPLY 4. Click Save configuration CLI: 1. SSH to the master mobility controller with the administrator username and password. 2. Enter the enable mode if bypass is disabled. 3. Note down the name of the AP GROUP where the change is needed. 3. Type "config t" 4. Type "ap system-profile <name of the profile> 5. Type "mtu 1200". This will change the MTU to 1200 bytes. Example: ap-group "python" virtual-ap "python123" ap-system-profile "python" ap system-profile "python" mtu 1200 lms-ip 10.163.248.1 Verification: To verify the MTU value,SSH to the controller where the AP is terminated and type "show ap bss" command. Check the value under the MTU column. Example (static-master) #show ap bss fm (forward mode): T-Tunnel, S-Split, D-Decrypt Tunnel, B-Bridge (s-standard, p-persistent, b-backup, a-always) Aruba AP BSS Table ------------------ bss ess port ip phy type ch/EIRP/max-EIRP cur-cl ap name in-t(s) tot-t mtu acl-state acl fm --- --- ---- -- --- ---- ---------------- ------ ------- ------- ----- --- --------- --- -- 00:1a:1e:8f:a0:80 python123 N/A 10.163.148.148 g-HT ap 11/34/20.5 0 00:1a:1e:c0:fa:08 0 2m:31s 1200 - 60 T 00:1a:1e:8f:a0:90 python123 N/A 10.163.148.148 a-HT ap 149+/35.5/20 0 00:1a:1e:c0:fa:08 0 2m:31s 1200 - 60 T Port information is available only on 6xx controller. Channel followed by "*" indicates channel selected due to unsupported configured channel. "Spectrum" followed by "^" indicates Local Spectrum Override in effect. Num APs:2 Num Associations:0
Thanks for uploading the info - I've observed exactly the same problem and that trick resolved the dirty config issue.
Well recently I've faced a strange behavoir - The controller is upgraded from 6.3 to 6.4 - Out of 80 Aps 45 were shown down after controller successfully booted up on to newer IOS.
Here I explain connectivity part:
AP -> SW -> BR-Router -> DMVPN cloud - with IP-MTU 1400 ----- -> HUB-R -> SW - > Controller.
AP-default Profile was already having SAP MTU set to 1200 and all APs were working fine with old Controller IOS 6.3.
With 6.4 - within a Branch out of 4 APs 1 has come up succesfully rest all found in down state. After troubleshooting It's seen issue gets solved by setting up Tunnel-IP MTU to 1200 over BR-Router and then remaining all APs started coming up on network.
Would appreciate if you could highlight something on this? How come chaning IP MTU makes communication normal b/w AP and controller?
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.