Adding this post here to share the content of the Airheads Technical Webinar we delivered this today, July 18th on Aruba 8.x Architecture Overview & UI Navigation. For those who could not attend the session please find below:
- Webinar Recording:
- Webinar Slide Deck - below and attached
Please note that you can find additional on-demand technical webinars on our Airheads webinar repository page.
As well we have our Jul- Dec calendar of webinars available here.
Please feel free to leave any additional comments and questions you may have below. 👇🏻👇🏻👇🏻 We will make sure to answer them as soon as possible.
Thanks for showing your interest in the Airheads webinars & joining today's session.
In the post above you should access the webinar slides & recording.
As soon as I will get the Q&A document from Pravin I will include and notify you as well.
@Premkumar J M
Have a lovely day!
We now have this webinar's questions and their respective answers available. Please use the below as needed- a pdf document containing these is uploaded to the post.
Hope this helps
Q1: In 6.5 there is an HA mode with state sync. Where is the difference to the new HA feature, what are the benefits?
A1: For client hitless failover we have Clustering feature introduced in 8.x code. Using this knob, the user traffic is uninterrupted upon the cluster member failure.
Q2: What is the best practice when we move from hardware to VM?
A2: If the hardware controller is MD and you have Cert based RAPs in your deployment then it’s recommended to have a physical device. If RAP is not used in your environment then we can have VMC controllers. You also need to look at the performance of a VMC versus an HW controller. The controller has dedicated encryption chips that are not found in a VMC. 7240 controller peaks at 40 Gbps performance and VMC will max out at 8 Gbps (depending on the virtualizer that is used).
Q3: The controller cluster MUST be only on an L2 network OR it can be built on an L3 network (even losing the seamless failover)?
A3: Cluster hitless failover will happen only if the connection-type is “L2-connected”. A cluster can be built over an L3 network as well but you lose the seamless failover.
Q4: What do you mean by Multi Version?
A4: Mobility master and Managed devices can be in a different version. The only criteria is MM should have a higher version than MD.
Q5: Who we take the decision to forward the traffic on which tunnel in case of primary and data zone? I mean AP or VM based controller?
A5: In MultiZone the AP will have SSID’s configured on the primary zone and on the data zone. Traffic is forwarded to the right controller based on the zone where they are configured. So traffic for the data zone will never hit the primary zone controller as it is directly forwarded to the data zone controller by the AP.
Q6: Do I need additional licenses, to move from Master-Standby-Master Model to MM Model?
A6: No need to have additional license but we need to convert it to 8.x license.
Q7: In managed node, can I "mix in managed node can I "mix" hardware appliance AND virtual one (for example for migration of customer that YET has a hardware appliance AND a virtual environment --> for being cost saving!)
A7: We can have a mix of controllers (Physical and VMCs) but clustering feature will not work in a mixed environment.
Q8: What happens if the mobility master goes down? Will the mobility controllers proceed working as expected?
A8: Yes, Mobility Controllers stay UP and APs broadcast SSIDs, however, some of the services like AirMatch, AppRF, Centralised Visibility (AMON), WebCC, UCC, AirGroup, WMS (Rogue AP/Client), CPSEC and RAP (New AP bringing up will not work), NBAPI.
Q9: Hi a customer has 1 7205 controller with release 6.x and with some AP license. Now how is the best way to migrate to R8.x with a minimum downtime of the existing wifi network?
A9: Would suggest using Migration tool such that both config and license will get migrated.
Q10: Can we connect ap's to mobility master?
Q10: No. MM will not manage APS.
Q11: Do you have to have a mobility master to use 8.x?
A11: There is no need to have an MM to run 8.0 code. 8.0. can also run standalone on a single controller or in MCM mode in a master/local setup. Both of these do not need an MM but they will also not have the 8.0 MM features like Controller Clustering, AirMatch, IPFIX, NBAPI, Jabber classification, optimises services like UCC and AirGroup, Loadable Services Modules, Rules based ClientMatch, Mobility Controller Virtual Appliance (VMC), centralised visibility
Q12: AirMatch - what time are the changes pushed to the APs - and can this be done dynamically rather than at a fixed time?
A12: The changes are pushed once every 24 hrs and the deployment time is 5 AM (by default), or any time necessary.
Q13: Regulatory domains: can you have more than one regulatory domain managed by a single Mobility Master?
ap regulatory-domain-profile "test"
ap regulatory-domain-profile "default"
Q14: Do 8.0 multi-controller deployments always require a Mobility Master?
A14: You can also run controllers with 8.0 in MCM mode and then no MM is needed but you don’t get the new 8.0 features like Controller Clustering, AirMatch, IPFIX, NBAPI, Jabber classification, optimizes services like UCC and AirGroup, Loadable Services Modules, Rules based ClientMatch, Mobility Controller Virtual Appliance (VMC), centralized visibility. MCM master can only be 7030 and up and MCM local can be any 7x00 or 72xx. AP’s can never terminate on the MCM master.
Q15: is all this info also applicable for instant controllers - will instant controller also move to 8.0?
A15: There will be Instant code based on 8.0 but there is no integration planned for Instant and the MM
Q16: How can I configure bridge mode.
A16: It can be configured from System >> Profiles >>Wireless LAN >>VAP Profile. It is not shown in Configuration >> WLANs as we try to discourage the use of bridge mode
Q17: I saw just tunnel and decrypted tunnel when I set campus WLAN SSID
A17: It can be configured from System >> Profiles >>Wireless LAN >>VAP Profile. It is not shown in Configuration >> WLANs as we try to discourage the use of bridge mode
Q18: How much of airwave is integrated in Aruba OS 8.x?
A18: AirWave is not integrated into AOS 8.x but MM’s and MD’s running 8.x can be fully managed from AirWave like any other Aruba device. AirWave does have knowledge on new features like clustering and shows that info also. Configuration can only be done from the MM and not from AirWave
Q19: I would to know IF is possible in a "branch office" to build the cluster of managed node with ONE hardware appliance + ONE virtual appliance... basically because in a scenario where we migrate previous 6.5 environments to 8.2 architecture we probably can convert local hardware appliance in managed node (1) AND for a cost saving proposition we can ask to the customer to create the second managed node of the cluster on a virtual machine...
Q19: This will be discussed in detail in BOC Webinar session.
Q20: What is the bandwidth requirement between the MM and the MDs (BW capacity, latency,...)? In a scenario of 1 MM controlling 500 controllers what would be the BW consumed?
A20: Bandwidth requirements vary depending on AP, controller, users, services that you are using. We tested with 1MM, 1*7220 controller, 10 AP and 1000 clients running AOS 8.0.1 firmware and a setup like this require 300 Kbps for Management traffic between MM and MC. During this testing, 250 clients were AirGroup Servers, 250 clients were AirGroup clients and 500 WebCC clients were generating around 1.4 Mbps traffic. GSM, DDS, AirGroup, Web-CC, UCC, Firewall Visibility, DPI, WMS were enabled.
Q21: Can we upgrade a 6.5 master-local setup to Version 8 without deploying a mobility master?
A21: You can also run controllers with 8.0 in MCM mode and then no MM is needed but you don’t get the new 8.0 features like Controller Clustering, AirMatch, IPFIX, NBAPI, Jabber classification, optimizes services like UCC and AirGroup, Loadable Services Modules, Rules based ClientMatch, Mobility Controller Virtual Appliance (VMC), centralized visibility. MCM master can only be 7030 and up and MCM local can be any 7x00 or 72xx. AP’s can never terminate on the MCM master.
Q22: Is a mobility master mandatory in an AOS8.x deployment? For example, can we have just standalone Local controllers without having a mobility master controller?
A22: Yes, we can run 8.x code on a standalone controller.
Q23: Can you push configuration or generally manage the mobility controllers through API calls to MM?
A23: Not sure about it for now. Will be discussed in detail in upcoming API Webinar session.
Q24: The controllers in the same group, are they all in the same physical location ? in layer2?
A24: It can be in a different location as well.
Q25: What is the difference between a VMC and a hardware device? Any recommendations which to choose?
A25: If the hardware controller is MD and you have Cert based RAPs in your deployment then it’s recommended to have a physical device. If RAP is not used in your environment then we can have VMC controllers. You also need to look at the performance of a VMC versus an HW controller. The controller has dedicated encryption chips that are not found in a VMC. 7240 controller peaks at 40 Gbps performance and VMC will max out at 8 Gbps (depending on the virtualizer that is used)
Q26: Are there some reference sites with production versions of 8.x and mobility master in place. Large scale implementations if possible?
A26: We have several sites with multiple 1000’s of AP’s in production running AOS 8.x but naming them needs to go through the local HPE Arube team.
Q27: can we be able to download this session?
A27: Yes, the webinar recording and slides are available on the Airheads Community.
Q28: What is the cost of a license for this product?
A28: Please contact your local HPE Aruba representative for price info
Q29: Is the Mobility Master compatible with Instant Controller?
A29: No, IAP’s cannot be managed from the MM
Q30: I need a mobility master in case I have only two controllers (one primary one backup)?
A30: We can deploy two standalone in master/master-backup config in 8.x.
Q31: Can Aruba IAPs Virtual Controllers be managed by Mobility Master?
A31: No, IAP’s cannot be managed from the MM
Q32: In Instant setup, there is no dedicated controller, it is a virtual controller... the instant virtual controller also has a software version....so will the instant VC be upgraded to 8.0?
A32: There will be Instant code based on 8.0 but there is no integration planned for Instant and the MM
Q33: I am using my current master controllers to terminate IAP VPN tunnels, how would I go ahead with 8.x.
A33: No, the MM is not terminating any APs and is not part of the datapath. IAP-VPN will have to be terminated on MDs.
Note: IAP VPN is not supported when MD is VMC controller.
Q34: Are there any limitations on the VMC?
A34: VMC controllers are not recommended if the network has Cert based RAP and IAP-VPN deployments. Throughput of a VMC is also considerably lower than an HW based controller like the 7240XM
Q35: Does the mobility master have to be a VM or can existing master / standby-master controllers be used as mobility master when migrating to 8.x?
A35: Existing controller cannot be turned into MM but we do have the choice of running the MM on a VM or order an MM Hardware Appliance. See: http://www.arubanetworks.com/products/networking/controllers/mobility-master/
Q36: In this scenario: customer has a lot of branch office, and they want to work bridge mode for AP's but I couldn't find the bridge on mobility master.
A36: It can be configured from System >> Profiles >>Wireless LAN >>VAP Profile.
Q37: Where do I find the registration link to the next webinars going more in detail with version 8?
A37: The Aug- Dec webinar calendar is open for registrations and available on Airheads Community.
Q38: In 8.x what is the role of Airwave compared to the MM? Is there any value added of having Airwave with an MM?
A38: MM can have a history of only a few minutes whereas Airwave will have historic information. AirWave provides monitoring, reporting, alerting over a long historic period and the MM does not.
Q39: Can we get a copy of this recorded Webinar?
The webinar recording and slides are available on the Airheads Community.
Additional system requirements are mentioned in 126.96.36.199 release notes which can be downloaded from the below link
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.