Controllerless Networks

last person joined: an hour ago 

Aruba Instant Wi-Fi: Meet the controllerless Wi-Fi solution that's easy to set-up, is loaded with security and smarts, and won't break your budget.
Expand all | Collapse all

L2 Mobility in Instant AP (IAP) clusters

Jump to Best Answer
  • 1.  L2 Mobility in Instant AP (IAP) clusters

    Posted Sep 17, 2018 10:22 AM

    Hello Team,

     

    Can please someone explain how the L2 mobility works in IAP Clusters.

    And if yes is there any setting we need to configure ?

    Can we have same client vlan between Clusters VC  if they are L2 connected ?

     

    Thank you.



  • 2.  RE: L2 Mobility in Instant AP (IAP) clusters

    Posted Sep 17, 2018 11:14 AM
    Please see the instant VRD

    https://community.arubanetworks.com/aruba/attachments/aruba/Aruba-VRDs/76/2/Aruba_Instant_VRD_2016.pdf

    For L2 to work you need place all your IAPs in the same L2 VLAN
    It is recommended to separate the Management VLAN and Wireless client Data VLAN, you will need to configure a trunk to achieve this and have the Cluster mgmt VLAN as the native/untagged VLAN

    Thank you

    Victor Fabian

    Pardon typos sent from Mobile


  • 3.  RE: L2 Mobility in Instant AP (IAP) clusters

    Posted Sep 17, 2018 12:18 PM

    Hello Victor,

     

    I have read the Instand VRD but i have around 120 APs so i had create 2 Clusters with seperate and different managment vlan per cluster.

    Can i have L2 mobility for the client vlan (same subnet for both clusters) as long as the client vlan pass to both VC clusters with common core switches and trunk ports even if the managment clustrer vlan is different to both clusters?

    Or should i have also different client vlan per cluster ?

     

    Thank you



  • 4.  RE: L2 Mobility in Instant AP (IAP) clusters

    Posted Sep 18, 2018 08:13 AM

    Hi, I have the similiar Issue and would like to know if anyone have experience deploying multiple VC across same network (Different mgmt vlan for each cluster, but same SSID and VLAN ID for client).

     

    In this case, how can users roam seamlessly across different VC? As what we are observing currently, connection will drop when user roam from one cluster to another. How can we fine tuned that? This should be L2 mobility right? 



  • 5.  RE: L2 Mobility in Instant AP (IAP) clusters

    Posted Sep 18, 2018 08:22 AM

    That all depends if you have a "network assigned" or Virtual Controller assigned VLAN in the SSID?



  • 6.  RE: L2 Mobility in Instant AP (IAP) clusters

    Posted Sep 18, 2018 08:24 AM

    Hi Joseph,

     

    I have network assigned VLAN. Does it make any different?

     

    Thanks



  • 7.  RE: L2 Mobility in Instant AP (IAP) clusters

    Posted Sep 18, 2018 08:28 AM

    If it has Virtual Controller assigned, you would not be allowed to roam.

     

    When your client attempts to roam, does it get the same ip address?



  • 8.  RE: L2 Mobility in Instant AP (IAP) clusters

    Posted Sep 18, 2018 08:32 AM

    Hi Joseph,

     

    Yes. Client will be getting the same IP address. Same SSID.

     

    Situation is we have 3 connected Block, block A -> C. Each Block has around 80 - 100 APs. 3 x VC in 3 different IP subnet. Client IP remains the same if they roam from Block A to Block B or C. 

     

    Is there any fine tuning can be done for this? Thanks 



  • 9.  RE: L2 Mobility in Instant AP (IAP) clusters

    Posted Sep 18, 2018 08:45 AM

    @DL8606 wrote:

    Hi Joseph,

     

    Yes. Client will be getting the same IP address. Same SSID.

     

    Situation is we have 3 connected Block, block A -> C. Each Block has around 80 - 100 APs. 3 x VC in 3 different IP subnet. Client IP remains the same if they roam from Block A to Block B or C. 

     

    Is there any fine tuning can be done for this? Thanks 


    This is also my senario with 2 Block's we have 2 connected Block, block A B. Each Block has around 80 - 100 APs. 2 x VC in 2 different IP subnet same client vlan and the client vlan (/21 with broadcast filtering ) pass everywhere through trunk ports as they have common core switches.

    Is there any document or suggestion if this is correct  and how can we have seamless L2 roaming ?

    Thank you



  • 10.  RE: L2 Mobility in Instant AP (IAP) clusters

    Posted Sep 18, 2018 08:58 AM

    Typically you would enable layer 3 mobility when roaming between two clusters:  https://www.arubanetworks.com/techdocs/Instant_423_WebHelp/InstantWebHelp.htm#UG_files/L3_mobility/Overview.htm?Highlight=layer%203

     

     



  • 11.  RE: L2 Mobility in Instant AP (IAP) clusters

    Posted Sep 18, 2018 09:15 AM

    @cjoseph wrote:

    Typically you would enable layer 3 mobility when roaming between two clusters:  https://www.arubanetworks.com/techdocs/Instant_423_WebHelp/InstantWebHelp.htm#UG_files/L3_mobility/Overview.htm?Highlight=layer%203

     

     


    So we can not have the same client vlan with central DHCP server in 2 clusters ? We need to have different client and managment vlan per cluster ? 



  • 12.  RE: L2 Mobility in Instant AP (IAP) clusters
    Best Answer

    Posted Sep 18, 2018 09:28 AM

    The problem is that firewall sessions are only synched between Instant APs in the same cluster.  If a client roams to a different cluster, even if that client is on the same layer 2 network, the firewall sessions are not synchronized.  It would be like the client's sessions are starting over.

     

    You would have to configure layer 3 roaming between the two clusters for the firewall sessions to be synchronized.  I honestly have never done it where the layer 2 network is the same for both clusters.



  • 13.  RE: L2 Mobility in Instant AP (IAP) clusters

    Posted Sep 18, 2018 09:44 AM

    Hi,

     

    If we dont want to use any firewall feature from the VC's as we have central firewall and all the policies and gateways are there  L2 mobility working ? Do you have any reference with that ?

     

    Thank you.



  • 14.  RE: L2 Mobility in Instant AP (IAP) clusters

    Posted Sep 18, 2018 09:54 AM

    I don't have any experience with that.  You should try to see if that makes a difference.



  • 15.  RE: L2 Mobility in Instant AP (IAP) clusters

    Posted Sep 18, 2018 08:28 AM

    If it has Virtual Controller assigned, you would not be allowed to roam.

     

    When your client attempts to roam, does it get the same ip address?



  • 16.  RE: L2 Mobility in Instant AP (IAP) clusters

    Posted Sep 18, 2018 08:28 AM

    @cjoseph wrote:

    That all depends if you have a "network assigned" or Virtual Controller assigned VLAN in the SSID?


    I also have central DHCP server.