Wireless Access

Hi guys,

I'm planning to enable IPv6 during a maintenance window this weekend.  I don't have a test environment so the changes will be in production so I wanted to get my ducks aligned before I do anything.

Current aruba environment with IPv4:
Aruba 7210 Master/Standby with ~70 AP225
VRRP 
Bluecat for DNS/DHCP

Under Network > IP > IP Interface

VLAN1 | 172.16.0.245/24 | GE0/0/3          (I have this labeled as UNTRUST in my documents)
VLAN15 | 10.36.2.100 | Pc0-1                    (I have this labeled as the MGMT VLAN and documented as TRUST)
VLAN40 | no ip for this interface | Pc0-1  (I have this labeled as the Client VLAN)

My understanding from the documentation is that I can have IPv4 and IPv6 enabled on the same AP by following these steps:

Enable IPv6 option
1. Navigate to the Configuration > Advanced Services > Stateful Firewall page.
2. Select the Global Settings tab.
3. Select the IPv6 Enable check box to enable the IPv6 option.
4. Click Apply .

Next step is to add an IPv6 address to the MGMT VLAN (VLAN15) - I will use a ULA address I generated from the master controllers MAC address
To Configure Link Local Address
1. Navigate to the Configuration > Network > IP page and select the IP Interfaces tab.
2. Edit a VLAN # and select IP version as IPv6.
3. Enter the link local address in the Link Local Address field.
4. Click Apply.
QUESTION for this section: IPv4 has a section to add the DHCP Help address but I dont see that option for IPv6.

Next step is to configure the DG of the L2 switch that connects my APs to the controller:
1. Navigate to the Configuration > Network > IP page and select the IP Routes tab.
2. Under the Default Gateway section, click Add.
3. Select IPv6 as IP Version, and enter the IPv6 address in the IP Address field.
4. Click Add to add the address to the IPv6 default gateway table.
5. Click Apply.

Next step is to assign the controller and IPv6 address:

1. Navigate to the Configuration > Network > Controller page and select the System Settings tab.
2. Under the Controller IP Details section, select the VLAN15 or the loopback interface Id in the IPv6 Address drop down.
3. Click Apply.

I'm unsure about the last step and how to apply these new settings to the existing APs that have IPv4 already enabled.  When I go into the Provision tab for an existing AP it looks like the Master Discovery is set to Host Controller Name: aruba-master and the IP Settings are set to Obtain IP Address Using DHCP.

In the WebUI
1. Navigate to the Configuration > AP Installation> Provision page and select the Provisioning tab.
2. Select an AP and click Provision.
3. Under the Master Discovery section, enter the host controller IP address and the IPv6 address of the master controller.
4. To provision a static IP, select the Use the following IP address check box under the IP Settings section, and enter the following details:
- IPv6 Address/Prefix-lengths
- Gateway IPv6 Address
- DNS IPv6 Address

Question: How can I set the AP IPv6 address manually like it instructions above but also have the AP receive a DHCP address?  Do I need to re-provision each AP one-by-one or is there a way to bulk provision the ~70 APs at once?

If anyone has set this up in their environment and sees any gaps in my process above it would be greatly appreciated.  I don't have TAC support so if I don't get this right then I have to for next month's maintenance window to fix any misconfigurations :/

Thanks!

------------------------------
C
------------------------------

Have you already seen this document?  https://support.hpe.com/hpesc/public/docDisplay?docId=a00104385en_us

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
------------------------------

Original Message:
Sent: Jun 03, 2021 08:21 PM
From: C
Subject: Enabling IPv6 checklist

Hi guys,

I'm planning to enable IPv6 during a maintenance window this weekend.  I don't have a test environment so the changes will be in production so I wanted to get my ducks aligned before I do anything.

Current aruba environment with IPv4:
Aruba 7210 Master/Standby with ~70 AP225
VRRP 
Bluecat for DNS/DHCP

Under Network > IP > IP Interface

VLAN1 | 172.16.0.245/24 | GE0/0/3          (I have this labeled as UNTRUST in my documents)
VLAN15 | 10.36.2.100 | Pc0-1                    (I have this labeled as the MGMT VLAN and documented as TRUST)
VLAN40 | no ip for this interface | Pc0-1  (I have this labeled as the Client VLAN)

My understanding from the documentation is that I can have IPv4 and IPv6 enabled on the same AP by following these steps:

Enable IPv6 option
1. Navigate to the Configuration > Advanced Services > Stateful Firewall page.
2. Select the Global Settings tab.
3. Select the IPv6 Enable check box to enable the IPv6 option.
4. Click Apply .

Next step is to add an IPv6 address to the MGMT VLAN (VLAN15) - I will use a ULA address I generated from the master controllers MAC address
To Configure Link Local Address
1. Navigate to the Configuration > Network > IP page and select the IP Interfaces tab.
2. Edit a VLAN # and select IP version as IPv6.
3. Enter the link local address in the Link Local Address field.
4. Click Apply.
QUESTION for this section: IPv4 has a section to add the DHCP Help address but I dont see that option for IPv6.

Next step is to configure the DG of the L2 switch that connects my APs to the controller:
1. Navigate to the Configuration > Network > IP page and select the IP Routes tab.
2. Under the Default Gateway section, click Add.
3. Select IPv6 as IP Version, and enter the IPv6 address in the IP Address field.
4. Click Add to add the address to the IPv6 default gateway table.
5. Click Apply.

Next step is to assign the controller and IPv6 address:

1. Navigate to the Configuration > Network > Controller page and select the System Settings tab.
2. Under the Controller IP Details section, select the VLAN15 or the loopback interface Id in the IPv6 Address drop down.
3. Click Apply.

I'm unsure about the last step and how to apply these new settings to the existing APs that have IPv4 already enabled.  When I go into the Provision tab for an existing AP it looks like the Master Discovery is set to Host Controller Name: aruba-master and the IP Settings are set to Obtain IP Address Using DHCP.

In the WebUI
1. Navigate to the Configuration > AP Installation> Provision page and select the Provisioning tab.
2. Select an AP and click Provision.
3. Under the Master Discovery section, enter the host controller IP address and the IPv6 address of the master controller.
4. To provision a static IP, select the Use the following IP address check box under the IP Settings section, and enter the following details:
- IPv6 Address/Prefix-lengths
- Gateway IPv6 Address
- DNS IPv6 Address

Question: How can I set the AP IPv6 address manually like it instructions above but also have the AP receive a DHCP address?  Do I need to re-provision each AP one-by-one or is there a way to bulk provision the ~70 APs at once?

If anyone has set this up in their environment and sees any gaps in my process above it would be greatly appreciated.  I don't have TAC support so if I don't get this right then I have to for next month's maintenance window to fix any misconfigurations :/

Thanks!

------------------------------
C
------------------------------

Hi Colin, thanks for the link.  I forgot to mention in my post that I'm currently using ArubaOS 6.5.  Do you know if there's is a similar IPv6 deployment guide for 6.5?  I've been searching and only saw instructions for 8.x

Thanks1

------------------------------
C
------------------------------

Original Message:
Sent: Jun 03, 2021 10:18 PM
From: Colin Joseph
Subject: Enabling IPv6 checklist

Have you already seen this document?  https://support.hpe.com/hpesc/public/docDisplay?docId=a00104385en_us

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

Original Message:
Sent: Jun 03, 2021 08:21 PM
From: C
Subject: Enabling IPv6 checklist

Hi guys,

I'm planning to enable IPv6 during a maintenance window this weekend.  I don't have a test environment so the changes will be in production so I wanted to get my ducks aligned before I do anything.

Current aruba environment with IPv4:
Aruba 7210 Master/Standby with ~70 AP225
VRRP 
Bluecat for DNS/DHCP

Under Network > IP > IP Interface

VLAN1 | 172.16.0.245/24 | GE0/0/3          (I have this labeled as UNTRUST in my documents)
VLAN15 | 10.36.2.100 | Pc0-1                    (I have this labeled as the MGMT VLAN and documented as TRUST)
VLAN40 | no ip for this interface | Pc0-1  (I have this labeled as the Client VLAN)

My understanding from the documentation is that I can have IPv4 and IPv6 enabled on the same AP by following these steps:

Enable IPv6 option
1. Navigate to the Configuration > Advanced Services > Stateful Firewall page.
2. Select the Global Settings tab.
3. Select the IPv6 Enable check box to enable the IPv6 option.
4. Click Apply .

Next step is to add an IPv6 address to the MGMT VLAN (VLAN15) - I will use a ULA address I generated from the master controllers MAC address
To Configure Link Local Address
1. Navigate to the Configuration > Network > IP page and select the IP Interfaces tab.
2. Edit a VLAN # and select IP version as IPv6.
3. Enter the link local address in the Link Local Address field.
4. Click Apply.
QUESTION for this section: IPv4 has a section to add the DHCP Help address but I dont see that option for IPv6.

Next step is to configure the DG of the L2 switch that connects my APs to the controller:
1. Navigate to the Configuration > Network > IP page and select the IP Routes tab.
2. Under the Default Gateway section, click Add.
3. Select IPv6 as IP Version, and enter the IPv6 address in the IP Address field.
4. Click Add to add the address to the IPv6 default gateway table.
5. Click Apply.

Next step is to assign the controller and IPv6 address:

1. Navigate to the Configuration > Network > Controller page and select the System Settings tab.
2. Under the Controller IP Details section, select the VLAN15 or the loopback interface Id in the IPv6 Address drop down.
3. Click Apply.

I'm unsure about the last step and how to apply these new settings to the existing APs that have IPv4 already enabled.  When I go into the Provision tab for an existing AP it looks like the Master Discovery is set to Host Controller Name: aruba-master and the IP Settings are set to Obtain IP Address Using DHCP.

In the WebUI
1. Navigate to the Configuration > AP Installation> Provision page and select the Provisioning tab.
2. Select an AP and click Provision.
3. Under the Master Discovery section, enter the host controller IP address and the IPv6 address of the master controller.
4. To provision a static IP, select the Use the following IP address check box under the IP Settings section, and enter the following details:
- IPv6 Address/Prefix-lengths
- Gateway IPv6 Address
- DNS IPv6 Address

Question: How can I set the AP IPv6 address manually like it instructions above but also have the AP receive a DHCP address?  Do I need to re-provision each AP one-by-one or is there a way to bulk provision the ~70 APs at once?

If anyone has set this up in their environment and sees any gaps in my process above it would be greatly appreciated.  I don't have TAC support so if I don't get this right then I have to for next month's maintenance window to fix any misconfigurations :/

Thanks!

------------------------------
C
------------------------------

If I'm understanding this documentation correctly: "An IPv6 AP can serve both IPv4 and IPv6 clients" means I need to re-provision the APs as IPv6 and then will be able to handle both IPv4 and IPv6 clients?  Over a single VLAN?

------------------------------
C
------------------------------

Original Message:
Sent: Jun 03, 2021 10:18 PM
From: Colin Joseph
Subject: Enabling IPv6 checklist

Have you already seen this document?  https://support.hpe.com/hpesc/public/docDisplay?docId=a00104385en_us

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

Original Message:
Sent: Jun 03, 2021 08:21 PM
From: C
Subject: Enabling IPv6 checklist

Hi guys,

I'm planning to enable IPv6 during a maintenance window this weekend.  I don't have a test environment so the changes will be in production so I wanted to get my ducks aligned before I do anything.

Current aruba environment with IPv4:
Aruba 7210 Master/Standby with ~70 AP225
VRRP 
Bluecat for DNS/DHCP

Under Network > IP > IP Interface

VLAN1 | 172.16.0.245/24 | GE0/0/3          (I have this labeled as UNTRUST in my documents)
VLAN15 | 10.36.2.100 | Pc0-1                    (I have this labeled as the MGMT VLAN and documented as TRUST)
VLAN40 | no ip for this interface | Pc0-1  (I have this labeled as the Client VLAN)

My understanding from the documentation is that I can have IPv4 and IPv6 enabled on the same AP by following these steps:

Enable IPv6 option
1. Navigate to the Configuration > Advanced Services > Stateful Firewall page.
2. Select the Global Settings tab.
3. Select the IPv6 Enable check box to enable the IPv6 option.
4. Click Apply .

Next step is to add an IPv6 address to the MGMT VLAN (VLAN15) - I will use a ULA address I generated from the master controllers MAC address
To Configure Link Local Address
1. Navigate to the Configuration > Network > IP page and select the IP Interfaces tab.
2. Edit a VLAN # and select IP version as IPv6.
3. Enter the link local address in the Link Local Address field.
4. Click Apply.
QUESTION for this section: IPv4 has a section to add the DHCP Help address but I dont see that option for IPv6.

Next step is to configure the DG of the L2 switch that connects my APs to the controller:
1. Navigate to the Configuration > Network > IP page and select the IP Routes tab.
2. Under the Default Gateway section, click Add.
3. Select IPv6 as IP Version, and enter the IPv6 address in the IP Address field.
4. Click Add to add the address to the IPv6 default gateway table.
5. Click Apply.

Next step is to assign the controller and IPv6 address:

1. Navigate to the Configuration > Network > Controller page and select the System Settings tab.
2. Under the Controller IP Details section, select the VLAN15 or the loopback interface Id in the IPv6 Address drop down.
3. Click Apply.

I'm unsure about the last step and how to apply these new settings to the existing APs that have IPv4 already enabled.  When I go into the Provision tab for an existing AP it looks like the Master Discovery is set to Host Controller Name: aruba-master and the IP Settings are set to Obtain IP Address Using DHCP.

In the WebUI
1. Navigate to the Configuration > AP Installation> Provision page and select the Provisioning tab.
2. Select an AP and click Provision.
3. Under the Master Discovery section, enter the host controller IP address and the IPv6 address of the master controller.
4. To provision a static IP, select the Use the following IP address check box under the IP Settings section, and enter the following details:
- IPv6 Address/Prefix-lengths
- Gateway IPv6 Address
- DNS IPv6 Address

Question: How can I set the AP IPv6 address manually like it instructions above but also have the AP receive a DHCP address?  Do I need to re-provision each AP one-by-one or is there a way to bulk provision the ~70 APs at once?

If anyone has set this up in their environment and sees any gaps in my process above it would be greatly appreciated.  I don't have TAC support so if I don't get this right then I have to for next month's maintenance window to fix any misconfigurations :/

Thanks!

------------------------------
C
------------------------------

And IPV4 OR and IPV6 -only AP can serve ipv6 and ipv6 clients.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
------------------------------

Original Message:
Sent: Jun 06, 2021 03:01 PM
From: C
Subject: Enabling IPv6 checklist

If I'm understanding this documentation correctly: "An IPv6 AP can serve both IPv4 and IPv6 clients" means I need to re-provision the APs as IPv6 and then will be able to handle both IPv4 and IPv6 clients?  Over a single VLAN?

------------------------------
C

Original Message:
Sent: Jun 03, 2021 10:18 PM
From: Colin Joseph
Subject: Enabling IPv6 checklist

Have you already seen this document?  https://support.hpe.com/hpesc/public/docDisplay?docId=a00104385en_us

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

Original Message:
Sent: Jun 03, 2021 08:21 PM
From: C
Subject: Enabling IPv6 checklist

Hi guys,

I'm planning to enable IPv6 during a maintenance window this weekend.  I don't have a test environment so the changes will be in production so I wanted to get my ducks aligned before I do anything.

Current aruba environment with IPv4:
Aruba 7210 Master/Standby with ~70 AP225
VRRP 
Bluecat for DNS/DHCP

Under Network > IP > IP Interface

VLAN1 | 172.16.0.245/24 | GE0/0/3          (I have this labeled as UNTRUST in my documents)
VLAN15 | 10.36.2.100 | Pc0-1                    (I have this labeled as the MGMT VLAN and documented as TRUST)
VLAN40 | no ip for this interface | Pc0-1  (I have this labeled as the Client VLAN)

My understanding from the documentation is that I can have IPv4 and IPv6 enabled on the same AP by following these steps:

Enable IPv6 option
1. Navigate to the Configuration > Advanced Services > Stateful Firewall page.
2. Select the Global Settings tab.
3. Select the IPv6 Enable check box to enable the IPv6 option.
4. Click Apply .

Next step is to add an IPv6 address to the MGMT VLAN (VLAN15) - I will use a ULA address I generated from the master controllers MAC address
To Configure Link Local Address
1. Navigate to the Configuration > Network > IP page and select the IP Interfaces tab.
2. Edit a VLAN # and select IP version as IPv6.
3. Enter the link local address in the Link Local Address field.
4. Click Apply.
QUESTION for this section: IPv4 has a section to add the DHCP Help address but I dont see that option for IPv6.

Next step is to configure the DG of the L2 switch that connects my APs to the controller:
1. Navigate to the Configuration > Network > IP page and select the IP Routes tab.
2. Under the Default Gateway section, click Add.
3. Select IPv6 as IP Version, and enter the IPv6 address in the IP Address field.
4. Click Add to add the address to the IPv6 default gateway table.
5. Click Apply.

Next step is to assign the controller and IPv6 address:

1. Navigate to the Configuration > Network > Controller page and select the System Settings tab.
2. Under the Controller IP Details section, select the VLAN15 or the loopback interface Id in the IPv6 Address drop down.
3. Click Apply.

I'm unsure about the last step and how to apply these new settings to the existing APs that have IPv4 already enabled.  When I go into the Provision tab for an existing AP it looks like the Master Discovery is set to Host Controller Name: aruba-master and the IP Settings are set to Obtain IP Address Using DHCP.

In the WebUI
1. Navigate to the Configuration > AP Installation> Provision page and select the Provisioning tab.
2. Select an AP and click Provision.
3. Under the Master Discovery section, enter the host controller IP address and the IPv6 address of the master controller.
4. To provision a static IP, select the Use the following IP address check box under the IP Settings section, and enter the following details:
- IPv6 Address/Prefix-lengths
- Gateway IPv6 Address
- DNS IPv6 Address

Question: How can I set the AP IPv6 address manually like it instructions above but also have the AP receive a DHCP address?  Do I need to re-provision each AP one-by-one or is there a way to bulk provision the ~70 APs at once?

If anyone has set this up in their environment and sees any gaps in my process above it would be greatly appreciated.  I don't have TAC support so if I don't get this right then I have to for next month's maintenance window to fix any misconfigurations :/

Thanks!

------------------------------
C
------------------------------

Thanks for the follow up but just to clarify:

An AP provisioned as:

AP provisioned as IPv4: can only server IPv4 clents (IPv4 provisioned AP cannot be dual stack)
AP provisioned as IPv6: can serve both IPv4 and IPv6 clients (IPv6 provisioned AP can dual stack)

Is that correct?

I would rather keep the APs provisioned as using DHCPv4 is possible because it's been working already.

Thanks!

------------------------------
C
------------------------------

Original Message:
Sent: Jun 06, 2021 06:13 PM
From: Colin Joseph
Subject: Enabling IPv6 checklist

And IPV4 OR and IPV6 -only AP can serve ipv6 and ipv6 clients.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

Original Message:
Sent: Jun 06, 2021 03:01 PM
From: C
Subject: Enabling IPv6 checklist

If I'm understanding this documentation correctly: "An IPv6 AP can serve both IPv4 and IPv6 clients" means I need to re-provision the APs as IPv6 and then will be able to handle both IPv4 and IPv6 clients?  Over a single VLAN?

------------------------------
C

Original Message:
Sent: Jun 03, 2021 10:18 PM
From: Colin Joseph
Subject: Enabling IPv6 checklist

Have you already seen this document?  https://support.hpe.com/hpesc/public/docDisplay?docId=a00104385en_us

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

Original Message:
Sent: Jun 03, 2021 08:21 PM
From: C
Subject: Enabling IPv6 checklist

Hi guys,

I'm planning to enable IPv6 during a maintenance window this weekend.  I don't have a test environment so the changes will be in production so I wanted to get my ducks aligned before I do anything.

Current aruba environment with IPv4:
Aruba 7210 Master/Standby with ~70 AP225
VRRP 
Bluecat for DNS/DHCP

Under Network > IP > IP Interface

VLAN1 | 172.16.0.245/24 | GE0/0/3          (I have this labeled as UNTRUST in my documents)
VLAN15 | 10.36.2.100 | Pc0-1                    (I have this labeled as the MGMT VLAN and documented as TRUST)
VLAN40 | no ip for this interface | Pc0-1  (I have this labeled as the Client VLAN)

My understanding from the documentation is that I can have IPv4 and IPv6 enabled on the same AP by following these steps:

Enable IPv6 option
1. Navigate to the Configuration > Advanced Services > Stateful Firewall page.
2. Select the Global Settings tab.
3. Select the IPv6 Enable check box to enable the IPv6 option.
4. Click Apply .

Next step is to add an IPv6 address to the MGMT VLAN (VLAN15) - I will use a ULA address I generated from the master controllers MAC address
To Configure Link Local Address
1. Navigate to the Configuration > Network > IP page and select the IP Interfaces tab.
2. Edit a VLAN # and select IP version as IPv6.
3. Enter the link local address in the Link Local Address field.
4. Click Apply.
QUESTION for this section: IPv4 has a section to add the DHCP Help address but I dont see that option for IPv6.

Next step is to configure the DG of the L2 switch that connects my APs to the controller:
1. Navigate to the Configuration > Network > IP page and select the IP Routes tab.
2. Under the Default Gateway section, click Add.
3. Select IPv6 as IP Version, and enter the IPv6 address in the IP Address field.
4. Click Add to add the address to the IPv6 default gateway table.
5. Click Apply.

Next step is to assign the controller and IPv6 address:

1. Navigate to the Configuration > Network > Controller page and select the System Settings tab.
2. Under the Controller IP Details section, select the VLAN15 or the loopback interface Id in the IPv6 Address drop down.
3. Click Apply.

I'm unsure about the last step and how to apply these new settings to the existing APs that have IPv4 already enabled.  When I go into the Provision tab for an existing AP it looks like the Master Discovery is set to Host Controller Name: aruba-master and the IP Settings are set to Obtain IP Address Using DHCP.

In the WebUI
1. Navigate to the Configuration > AP Installation> Provision page and select the Provisioning tab.
2. Select an AP and click Provision.
3. Under the Master Discovery section, enter the host controller IP address and the IPv6 address of the master controller.
4. To provision a static IP, select the Use the following IP address check box under the IP Settings section, and enter the following details:
- IPv6 Address/Prefix-lengths
- Gateway IPv6 Address
- DNS IPv6 Address

Question: How can I set the AP IPv6 address manually like it instructions above but also have the AP receive a DHCP address?  Do I need to re-provision each AP one-by-one or is there a way to bulk provision the ~70 APs at once?

If anyone has set this up in their environment and sees any gaps in my process above it would be greatly appreciated.  I don't have TAC support so if I don't get this right then I have to for next month's maintenance window to fix any misconfigurations :/

Thanks!

------------------------------
C
------------------------------

An ipv4 provisioned AP can serve both sets of clients.
An ipv6 provisioned AP can server both sets of clients.


------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
------------------------------

Original Message:
Sent: Jun 06, 2021 07:58 PM
From: C
Subject: Enabling IPv6 checklist

Thanks for the follow up but just to clarify:

An AP provisioned as:

AP provisioned as IPv4: can only server IPv4 clents (IPv4 provisioned AP cannot be dual stack)
AP provisioned as IPv6: can serve both IPv4 and IPv6 clients (IPv6 provisioned AP can dual stack)

Is that correct?

I would rather keep the APs provisioned as using DHCPv4 is possible because it's been working already.

Thanks!

------------------------------
C

Original Message:
Sent: Jun 06, 2021 06:13 PM
From: Colin Joseph
Subject: Enabling IPv6 checklist

And IPV4 OR and IPV6 -only AP can serve ipv6 and ipv6 clients.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

Original Message:
Sent: Jun 06, 2021 03:01 PM
From: C
Subject: Enabling IPv6 checklist

If I'm understanding this documentation correctly: "An IPv6 AP can serve both IPv4 and IPv6 clients" means I need to re-provision the APs as IPv6 and then will be able to handle both IPv4 and IPv6 clients?  Over a single VLAN?

------------------------------
C

Original Message:
Sent: Jun 03, 2021 10:18 PM
From: Colin Joseph
Subject: Enabling IPv6 checklist

Have you already seen this document?  https://support.hpe.com/hpesc/public/docDisplay?docId=a00104385en_us

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

Original Message:
Sent: Jun 03, 2021 08:21 PM
From: C
Subject: Enabling IPv6 checklist

Hi guys,

I'm planning to enable IPv6 during a maintenance window this weekend.  I don't have a test environment so the changes will be in production so I wanted to get my ducks aligned before I do anything.

Current aruba environment with IPv4:
Aruba 7210 Master/Standby with ~70 AP225
VRRP 
Bluecat for DNS/DHCP

Under Network > IP > IP Interface

VLAN1 | 172.16.0.245/24 | GE0/0/3          (I have this labeled as UNTRUST in my documents)
VLAN15 | 10.36.2.100 | Pc0-1                    (I have this labeled as the MGMT VLAN and documented as TRUST)
VLAN40 | no ip for this interface | Pc0-1  (I have this labeled as the Client VLAN)

My understanding from the documentation is that I can have IPv4 and IPv6 enabled on the same AP by following these steps:

Enable IPv6 option
1. Navigate to the Configuration > Advanced Services > Stateful Firewall page.
2. Select the Global Settings tab.
3. Select the IPv6 Enable check box to enable the IPv6 option.
4. Click Apply .

Next step is to add an IPv6 address to the MGMT VLAN (VLAN15) - I will use a ULA address I generated from the master controllers MAC address
To Configure Link Local Address
1. Navigate to the Configuration > Network > IP page and select the IP Interfaces tab.
2. Edit a VLAN # and select IP version as IPv6.
3. Enter the link local address in the Link Local Address field.
4. Click Apply.
QUESTION for this section: IPv4 has a section to add the DHCP Help address but I dont see that option for IPv6.

Next step is to configure the DG of the L2 switch that connects my APs to the controller:
1. Navigate to the Configuration > Network > IP page and select the IP Routes tab.
2. Under the Default Gateway section, click Add.
3. Select IPv6 as IP Version, and enter the IPv6 address in the IP Address field.
4. Click Add to add the address to the IPv6 default gateway table.
5. Click Apply.

Next step is to assign the controller and IPv6 address:

1. Navigate to the Configuration > Network > Controller page and select the System Settings tab.
2. Under the Controller IP Details section, select the VLAN15 or the loopback interface Id in the IPv6 Address drop down.
3. Click Apply.

I'm unsure about the last step and how to apply these new settings to the existing APs that have IPv4 already enabled.  When I go into the Provision tab for an existing AP it looks like the Master Discovery is set to Host Controller Name: aruba-master and the IP Settings are set to Obtain IP Address Using DHCP.

In the WebUI
1. Navigate to the Configuration > AP Installation> Provision page and select the Provisioning tab.
2. Select an AP and click Provision.
3. Under the Master Discovery section, enter the host controller IP address and the IPv6 address of the master controller.
4. To provision a static IP, select the Use the following IP address check box under the IP Settings section, and enter the following details:
- IPv6 Address/Prefix-lengths
- Gateway IPv6 Address
- DNS IPv6 Address

Question: How can I set the AP IPv6 address manually like it instructions above but also have the AP receive a DHCP address?  Do I need to re-provision each AP one-by-one or is there a way to bulk provision the ~70 APs at once?

If anyone has set this up in their environment and sees any gaps in my process above it would be greatly appreciated.  I don't have TAC support so if I don't get this right then I have to for next month's maintenance window to fix any misconfigurations :/

Thanks!

------------------------------
C
------------------------------

Hi, thanks for clarifying.  I haven't re-provisioned any APs yet but I have done the following so far

1. Enabled IPv6 globally
2. Set and IPv6 address for the VLAN15 which is what the controllers/APs use to communitcate. 
3. I set the controller IPv6 address on the controller

However, I'm now seeing a lot of link-local address showing up in the client dashboard.  Seems like the controller->L2 switch->Bluecat DHCPv6 is working yet but I'm curious why the link-local device addresses are showing up instead of DHCPv4 address?

Any ideas?

------------------------------
C
------------------------------

Original Message:
Sent: Jun 07, 2021 07:43 AM
From: Colin Joseph
Subject: Enabling IPv6 checklist

An ipv4 provisioned AP can serve both sets of clients.
An ipv6 provisioned AP can server both sets of clients.


------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

Original Message:
Sent: Jun 06, 2021 07:58 PM
From: C
Subject: Enabling IPv6 checklist

Thanks for the follow up but just to clarify:

An AP provisioned as:

AP provisioned as IPv4: can only server IPv4 clents (IPv4 provisioned AP cannot be dual stack)
AP provisioned as IPv6: can serve both IPv4 and IPv6 clients (IPv6 provisioned AP can dual stack)

Is that correct?

I would rather keep the APs provisioned as using DHCPv4 is possible because it's been working already.

Thanks!

------------------------------
C

Original Message:
Sent: Jun 06, 2021 06:13 PM
From: Colin Joseph
Subject: Enabling IPv6 checklist

And IPV4 OR and IPV6 -only AP can serve ipv6 and ipv6 clients.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

Original Message:
Sent: Jun 06, 2021 03:01 PM
From: C
Subject: Enabling IPv6 checklist

If I'm understanding this documentation correctly: "An IPv6 AP can serve both IPv4 and IPv6 clients" means I need to re-provision the APs as IPv6 and then will be able to handle both IPv4 and IPv6 clients?  Over a single VLAN?

------------------------------
C

Original Message:
Sent: Jun 03, 2021 10:18 PM
From: Colin Joseph
Subject: Enabling IPv6 checklist

Have you already seen this document?  https://support.hpe.com/hpesc/public/docDisplay?docId=a00104385en_us

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

Original Message:
Sent: Jun 03, 2021 08:21 PM
From: C
Subject: Enabling IPv6 checklist

Hi guys,

I'm planning to enable IPv6 during a maintenance window this weekend.  I don't have a test environment so the changes will be in production so I wanted to get my ducks aligned before I do anything.

Current aruba environment with IPv4:
Aruba 7210 Master/Standby with ~70 AP225
VRRP 
Bluecat for DNS/DHCP

Under Network > IP > IP Interface

VLAN1 | 172.16.0.245/24 | GE0/0/3          (I have this labeled as UNTRUST in my documents)
VLAN15 | 10.36.2.100 | Pc0-1                    (I have this labeled as the MGMT VLAN and documented as TRUST)
VLAN40 | no ip for this interface | Pc0-1  (I have this labeled as the Client VLAN)

My understanding from the documentation is that I can have IPv4 and IPv6 enabled on the same AP by following these steps:

Enable IPv6 option
1. Navigate to the Configuration > Advanced Services > Stateful Firewall page.
2. Select the Global Settings tab.
3. Select the IPv6 Enable check box to enable the IPv6 option.
4. Click Apply .

Next step is to add an IPv6 address to the MGMT VLAN (VLAN15) - I will use a ULA address I generated from the master controllers MAC address
To Configure Link Local Address
1. Navigate to the Configuration > Network > IP page and select the IP Interfaces tab.
2. Edit a VLAN # and select IP version as IPv6.
3. Enter the link local address in the Link Local Address field.
4. Click Apply.
QUESTION for this section: IPv4 has a section to add the DHCP Help address but I dont see that option for IPv6.

Next step is to configure the DG of the L2 switch that connects my APs to the controller:
1. Navigate to the Configuration > Network > IP page and select the IP Routes tab.
2. Under the Default Gateway section, click Add.
3. Select IPv6 as IP Version, and enter the IPv6 address in the IP Address field.
4. Click Add to add the address to the IPv6 default gateway table.
5. Click Apply.

Next step is to assign the controller and IPv6 address:

1. Navigate to the Configuration > Network > Controller page and select the System Settings tab.
2. Under the Controller IP Details section, select the VLAN15 or the loopback interface Id in the IPv6 Address drop down.
3. Click Apply.

I'm unsure about the last step and how to apply these new settings to the existing APs that have IPv4 already enabled.  When I go into the Provision tab for an existing AP it looks like the Master Discovery is set to Host Controller Name: aruba-master and the IP Settings are set to Obtain IP Address Using DHCP.

In the WebUI
1. Navigate to the Configuration > AP Installation> Provision page and select the Provisioning tab.
2. Select an AP and click Provision.
3. Under the Master Discovery section, enter the host controller IP address and the IPv6 address of the master controller.
4. To provision a static IP, select the Use the following IP address check box under the IP Settings section, and enter the following details:
- IPv6 Address/Prefix-lengths
- Gateway IPv6 Address
- DNS IPv6 Address

Question: How can I set the AP IPv6 address manually like it instructions above but also have the AP receive a DHCP address?  Do I need to re-provision each AP one-by-one or is there a way to bulk provision the ~70 APs at once?

If anyone has set this up in their environment and sees any gaps in my process above it would be greatly appreciated.  I don't have TAC support so if I don't get this right then I have to for next month's maintenance window to fix any misconfigurations :/

Thanks!

------------------------------
C
------------------------------

Are you sure the clients do effectively get a global IPv6? If you do a 'show user' on the CLI, you will see an entry for every IP4 and IPv6 a client gets. The WebUI somewhat summarizes the IPs to a single line. IPv6 enabled clients will (always?) have a link-local address in addition to the global address.

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------

Original Message:
Sent: Jun 07, 2021 12:29 PM
From: C
Subject: Enabling IPv6 checklist

Hi, thanks for clarifying.  I haven't re-provisioned any APs yet but I have done the following so far

1. Enabled IPv6 globally
2. Set and IPv6 address for the VLAN15 which is what the controllers/APs use to communitcate. 
3. I set the controller IPv6 address on the controller

However, I'm now seeing a lot of link-local address showing up in the client dashboard.  Seems like the controller->L2 switch->Bluecat DHCPv6 is working yet but I'm curious why the link-local device addresses are showing up instead of DHCPv4 address?

Any ideas?

------------------------------
C

Original Message:
Sent: Jun 07, 2021 07:43 AM
From: Colin Joseph
Subject: Enabling IPv6 checklist

An ipv4 provisioned AP can serve both sets of clients.
An ipv6 provisioned AP can server both sets of clients.


------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

Original Message:
Sent: Jun 06, 2021 07:58 PM
From: C
Subject: Enabling IPv6 checklist

Thanks for the follow up but just to clarify:

An AP provisioned as:

AP provisioned as IPv4: can only server IPv4 clents (IPv4 provisioned AP cannot be dual stack)
AP provisioned as IPv6: can serve both IPv4 and IPv6 clients (IPv6 provisioned AP can dual stack)

Is that correct?

I would rather keep the APs provisioned as using DHCPv4 is possible because it's been working already.

Thanks!

------------------------------
C

Original Message:
Sent: Jun 06, 2021 06:13 PM
From: Colin Joseph
Subject: Enabling IPv6 checklist

And IPV4 OR and IPV6 -only AP can serve ipv6 and ipv6 clients.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

Original Message:
Sent: Jun 06, 2021 03:01 PM
From: C
Subject: Enabling IPv6 checklist

If I'm understanding this documentation correctly: "An IPv6 AP can serve both IPv4 and IPv6 clients" means I need to re-provision the APs as IPv6 and then will be able to handle both IPv4 and IPv6 clients?  Over a single VLAN?

------------------------------
C

Original Message:
Sent: Jun 03, 2021 10:18 PM
From: Colin Joseph
Subject: Enabling IPv6 checklist

Have you already seen this document?  https://support.hpe.com/hpesc/public/docDisplay?docId=a00104385en_us

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

Original Message:
Sent: Jun 03, 2021 08:21 PM
From: C
Subject: Enabling IPv6 checklist

Hi guys,

I'm planning to enable IPv6 during a maintenance window this weekend.  I don't have a test environment so the changes will be in production so I wanted to get my ducks aligned before I do anything.

Current aruba environment with IPv4:
Aruba 7210 Master/Standby with ~70 AP225
VRRP 
Bluecat for DNS/DHCP

Under Network > IP > IP Interface

VLAN1 | 172.16.0.245/24 | GE0/0/3          (I have this labeled as UNTRUST in my documents)
VLAN15 | 10.36.2.100 | Pc0-1                    (I have this labeled as the MGMT VLAN and documented as TRUST)
VLAN40 | no ip for this interface | Pc0-1  (I have this labeled as the Client VLAN)

My understanding from the documentation is that I can have IPv4 and IPv6 enabled on the same AP by following these steps:

Enable IPv6 option
1. Navigate to the Configuration > Advanced Services > Stateful Firewall page.
2. Select the Global Settings tab.
3. Select the IPv6 Enable check box to enable the IPv6 option.
4. Click Apply .

Next step is to add an IPv6 address to the MGMT VLAN (VLAN15) - I will use a ULA address I generated from the master controllers MAC address
To Configure Link Local Address
1. Navigate to the Configuration > Network > IP page and select the IP Interfaces tab.
2. Edit a VLAN # and select IP version as IPv6.
3. Enter the link local address in the Link Local Address field.
4. Click Apply.
QUESTION for this section: IPv4 has a section to add the DHCP Help address but I dont see that option for IPv6.

Next step is to configure the DG of the L2 switch that connects my APs to the controller:
1. Navigate to the Configuration > Network > IP page and select the IP Routes tab.
2. Under the Default Gateway section, click Add.
3. Select IPv6 as IP Version, and enter the IPv6 address in the IP Address field.
4. Click Add to add the address to the IPv6 default gateway table.
5. Click Apply.

Next step is to assign the controller and IPv6 address:

1. Navigate to the Configuration > Network > Controller page and select the System Settings tab.
2. Under the Controller IP Details section, select the VLAN15 or the loopback interface Id in the IPv6 Address drop down.
3. Click Apply.

I'm unsure about the last step and how to apply these new settings to the existing APs that have IPv4 already enabled.  When I go into the Provision tab for an existing AP it looks like the Master Discovery is set to Host Controller Name: aruba-master and the IP Settings are set to Obtain IP Address Using DHCP.

In the WebUI
1. Navigate to the Configuration > AP Installation> Provision page and select the Provisioning tab.
2. Select an AP and click Provision.
3. Under the Master Discovery section, enter the host controller IP address and the IPv6 address of the master controller.
4. To provision a static IP, select the Use the following IP address check box under the IP Settings section, and enter the following details:
- IPv6 Address/Prefix-lengths
- Gateway IPv6 Address
- DNS IPv6 Address

Question: How can I set the AP IPv6 address manually like it instructions above but also have the AP receive a DHCP address?  Do I need to re-provision each AP one-by-one or is there a way to bulk provision the ~70 APs at once?

If anyone has set this up in their environment and sees any gaps in my process above it would be greatly appreciated.  I don't have TAC support so if I don't get this right then I have to for next month's maintenance window to fix any misconfigurations :/

Thanks!

------------------------------
C
------------------------------