I have a question regarding inherited configuration and changes to
a controllers config when it is has lost access to Mobility Master
In our enviroment we have 2 7205 controllers in a cluster-each
with port channels to our switch
During some switch maintenance one of the controllers lost contact
to Mobility Master because the port-channel went down.
In trying to do some troubleshooting, we attempted to remove one of the Aruba Controller interfaces form the port channel..but couldnt due to the error which said said the configuration was pushed from another hierarchy...
Is there a work around to this?
How would I make configuration changes if I needed to for troubleshooting issues in the future, if a controller has lost contact
with mobility master...which is managing the server?
Have you considered using the Disaster Recovery mode? This will allow you to make changes if a MD is disconnected from a MM
A word about disaster recovery:
It should only be used for connectivity issues between an MD and an MM. The unfortunate part about disaster recovery mode is if your change on the MD in disaster recovery mode allows you to regain connectivity, the MD will re-download the configuration from the MM and break it again. How to fix?
- Fix the configuration on the MM for that MD, first
- enable disaster recovery on the MD
- make your configuration changes on the MD to re-establish connectivity (type show crypto ipsec sa on the MM and MD to see if they are connected)
- disable disaster recovery (configuration will be downloaded from the MM).
cjoseph's suggestion is the ideal way of doing it, however I do want to just make a note here. With ArubaOS 8, the MC obtains its entire configuration from the MM. It may seem extreme, but if you know/believe the configuration on the MM is correct, and the MC is still having problems, you can do a 'write erase all' on the MC and have it download the complete configuration again.
I have one of my lab cluster MCs configured for zero touch provisioning (ZTP) with activate, and to demonstrate this point to classes, I will console into the MC, and do a 'write erase all' on it. Within about 10 minutes, it has rebooted, communicated with the MM, downloaded its entire configuration, rebooted again, and rejoined the network and the cluster. This of course works because the configuration on the MM for that MC is valid.
Just to add to what wescott said, ahead of doing a "write erase all", you can attempt to do a "ccm-debug full-config-sync" on the MD to attempt to fully download the entire config if you observe any inconsistency. https://www.arubanetworks.com/techdocs/ArubaOS_85_Web_Help/content/arubaos-solutions/1cli-commands/ccm-debug.htm
That should take less time than a write erase all.
thanks for the help
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.