Wireless Access

 View Only
last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Multizone Design question

This thread has been viewed 26 times

  • 1.  Multizone Design question

    Posted Dec 01, 2021 10:34 AM
    Hi, 

    I just wanted to ask a question with regards to MultiZone. I would like to have the primary zone as a standalone controller and I would like to have the data zone to a controller managed by an MM. Is this possible? Is multi zone supported in this way? 
    I am asking this question as I have only seen it the other way around where the primary zone is managed by an MM and the datazone is managed by a standalone. 

    If so, Do both controllers need to see each other? What traffic do I need to allow between both controllers?
    What ports do I need to have open so the AP can connect to the DZ controller?

    Thanks,


  • 2.  RE: Multizone Design question

    MVP GURU
    Posted Dec 01, 2021 11:20 AM
    Multizone can be used with standalone controllers. Mobility Conductor/Master is not required.

    "A zone is merely a collection of mobility controllers (MCs) under a single administrative domain. A zone can consist of a standalone 8.x MC, or a Mobility Master and its associated managed devices."



    ------------------------------
    Dustin Burns
    Lead Mobility Engineer @WEI

    ACCX 1271| ACMX 509| ACSP | ACDA | MVP Guru 2021
    If my post was useful accept solution and/or give kudos
    ------------------------------

    Original Message


  • 3.  RE: Multizone Design question

    Posted Dec 01, 2021 11:31 AM
    can you please categorically confirm that the Standalone can be the primary zone and the controllers managed by MM the data zone?
    Original Message


  • 4.  RE: Multizone Design question

    MVP GURU
    Posted Dec 01, 2021 01:38 PM
    Yes and Yes

    ------------------------------
    Dustin Burns
    Lead Mobility Engineer @WEI

    ACCX 1271| ACMX 509| ACSP | ACDA | MVP Guru 2021
    If my post was useful accept solution and/or give kudos
    ------------------------------

    Original Message


  • 5.  RE: Multizone Design question

    EMPLOYEE
    Posted Dec 01, 2021 04:51 PM
    This is for your reference
    https://support.hpe.com/hpesc/public/docDisplay?docId=a00098228en_us
    page 22 talks about multizone and standalone controller.

    ------------------------------
    Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba.
    ------------------------------

    Original Message


  • 6.  RE: Multizone Design question

    Posted Dec 01, 2021 11:45 AM
    Also, do the Primary zone controller and Data zone controller do they need to see each other?
    From AP connecting to Primary zone controller what ports need to be allowed to connect to datazone controller?
    Original Message


  • 7.  RE: Multizone Design question

    MVP GURU
    Posted Dec 01, 2021 01:40 PM
    No the controllers do not need to see each other.

    Same ports as normal operation:

    Between an AP and the controller:

    PAPI (UDP port 8211). If the AP uses DNS to discover the LMS controller, the AP first attempts to connect to the master controller. (Also allow DNS (UDP port 53) traffic from the AP to the DNS server.)
    PAPI (UDP port 8211). All APs running as Air Monitors (AMs) require a permanent PAPI connection to the master controller.
    FTP (TCP port 21)
    TFTP (UDP port 69) all APs, if there is no local image on the AP (for example, a new AP) the AP will use TFTP to retrieve the initial image.
    SYSLOG (UDP port 514)
    PAPI (UDP port 8211)
    GRE (protocol 47)
    Control Plane Security (CPSec) uses UDP port 4500


    ------------------------------
    Dustin Burns
    Lead Mobility Engineer @WEI

    ACCX 1271| ACMX 509| ACSP | ACDA | MVP Guru 2021
    If my post was useful accept solution and/or give kudos
    ------------------------------

    Original Message