Hi ER58,
I think this will not work.
In a cluster, the AP will connect to the Cluster (either the Cluster VIP or an individual Cluster) to get a list of all Controllers in the Cluster. Then, the AP will get an AP Achor Controller (the one, having the primary connection with the AP) and a Standby AP Anchor Controller (the one, having the backup connection with the AP). You do not have control over which controller is used for which AP, this is done automatically in the cluster.
You should configure a VIP (VRRP) for the cluster and point your DNS record to this VIP. This also makes sure, that the VIP is always available even if the ptp link fails.
The AP's will use this VIP only for the first connection and afterward will use the controller-ip learned from the cluster to connect to individual members of the cluster.
Hope this makes it more clear :)
BR
Florian
------------------------------
-------------------------------------------------------------------------------
Florian Baaske
-------------------------------------------------------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
-------------------------------------------------------------------------------
Also visit the AirHeads Youtube Channel:
https://www.youtube.com/channel/UCFJCnuXFGfEbwEzfcgU_ERQ-------------------------------------------------------------------------------
Feel free to visit my personal Blog
https://www.flomain.de------------------------------
Original Message:
Sent: Apr 22, 2021 05:41 PM
From: E.S. Rosenberg
Subject: Multiple Access Point VLANs
Hey Florian!
Thanks for trying to understand, the setup is probably a bit weird/crazy so I'll try to explain it a bit better.
We have 2 buildings (old, new), they are linked by a p2p fibre connection and can function as a single network.
Each building has it's own Internet connection and firewall and can thus function as a standalone network.
We have a cluster of 2 7030 controllers that manages APs in both buildings.
To make sure that in the event of a disruption to the p2p link between the buildings the users don't feel anything we will be moving one of the 2 controllers to the new building, also all WLANs have a "new building" version that runs on a vlan in the new building using the local firewall instead of the old building.
I wanted there to also be 2 access point networks so that in the event of a split the access points are also guaranteed to continue functioning and lack any dependence on the other building.
To the best of my understanding though the controller can have IP addresses on multiple vlans it can only have one "controller-ip" and my guess is that this is the only IP that will respond to ADP requests.
I am considering using the DNS based method and to send a different reply depending on the source of the request thus a dns request originating on the new building access point vlan would get the new building vlan IP address of the controller, however as I did not have experience with this use of DNS yet I figured I would first try a plain setup and use ADP also as I recall while I was playing around with this I create a DNS record using the new building IP address but I think even like that it did not work but I would have to recheck that next week.
As I'm writing this I actually also think that maybe I could add resilience to the Access Point vlan by just moving the DHCP server to be on the controller cluster for this vlan since the APs don't need a default-gateway and only the controller does.
------------------------------
Keeper of the Keys
Original Message:
Sent: Apr 22, 2021 04:22 PM
From: Florian Baaske
Subject: Multiple Access Point VLANs
Hi ER58,
I do not understand your topology with the information you provided. My recommendation would be to use DNS to discover the controller(s). Just make sure, that the AP's in each VLAN can reach the controller on its controller-ip and that this IP is resolved through DNS (aruba-master.your-domain.tld).
BR
Florian
------------------------------
-------------------------------------------------------------------------------
Florian Baaske
-------------------------------------------------------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
-------------------------------------------------------------------------------
Also visit the AirHeads Youtube Channel:
https://www.youtube.com/channel/UCFJCnuXFGfEbwEzfcgU_ERQ
-------------------------------------------------------------------------------
Feel free to visit my personal Blog
https://www.flomain.de
Original Message:
Sent: Apr 22, 2021 06:10 AM
From: E.S. Rosenberg
Subject: Multiple Access Point VLANs
bumping...
------------------------------
Keeper of the Keys
Original Message:
Sent: Apr 19, 2021 05:48 PM
From: E.S. Rosenberg
Subject: Multiple Access Point VLANs
Hi everyone,
TL;DR - Is it possible to have 2/multiple vlans with APs connected to the same controller and use ADP on both VLANs?
We have a controller cluster which so far always used vlan X as the vlan on which APs connect, now to allow 2 locations to continue to function in a split brain situation we added vlan Y as a second AP vlan (both locations have their own Internet connection and router the seperate vlans allow local DHCP to the location).
However when I connect an AP to vlan Y it doesn't actually succeed in finding the controller using ADP even though it has an interface on both vlan X and Y (and is pingable on both too).
Both vlan X and vlan Y are setup on an LACP aggregate ("port channel" on ArubaOS) from the controller to the switch and the "port channel" is trusted.
------------------------------
Keeper of the Keys
------------------------------