Scenario: CPPM Cluster with 2 or more instances. Multi controller deployment. Redundancy is required.
What's the verdict on using the CPPM Virtual IP(VIP) address for captive portal and RADIUS requests?
My understanding is just to use the virtual IP(s) for captive portals and populate RADIUS clients with each CPPM instance. To balance RADIUS request between the CPPM instances I would configure RADIUS clients like so:
RADIUS Client 1
RADIUS Server group
Priority 1: CPPM1
Priority 2: CPPM2
RADIUS Client 2
Priority 1: CPPM2
Priority 2: CPPM1
Is that the recommended way to configure this?
Why not configure 2 x VIPs.
Primary node: CPPM1
Secondary node; CPPM2
Primary node: CPPM2
Secondary node; CPPM1
Then configure the RADIUS clients:
Priority 1: VIP1
Priority 1: VIP2
What are the advantages/disadvantages? Thoughts?
Ok, so just rely on the RADIUS client to identify if the RADIUS server is "working" and fail through to the next if the first fails.
Would the time for the VIP to failover be longer than the time it take for a RADIUS client to identify a server is down?
It looks like VIP failover would be quicker (with the Aruba defaults).
From my experience you don't want to use the VIP for RADIUS. (except when you can only configure 1 RADIUS server.) The reason is that is the RADIUS process fails or is not running the VIP doesn't fail over.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.