Wireless Access

last person joined: 2 hours ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

Controller clustering

Jump to Best Answer
  • 1.  Controller clustering

    Posted Feb 06, 2020 07:21 PM

    I need to change 'lc-cluster group-profile' settings for md controller. Current configuration line is: 'controller 10.82.168.24 priority 128 mcast-vlan 0 vrrp-ip 10.82.168.20 vrrp-vlan 1068 group 0 rap-public-ip 0.0.0.0' 

    Changing to:

    'controller 10.82.168.24 priority 128 mcast-vlan 0 vrrp-ip 0.0.0.0 vrrp-vlan 0 group 0 rap-public-ip 0.0.0.0'

    Access points are using cluster vrrp address 10.82.168.20.

    Can I disable cluster group-membership so I can make this change without losing APs pointed to this vrrp address?

     



  • 2.  RE: Controller clustering

    Posted Feb 06, 2020 07:52 PM

    Once APs discover to a controller in a cluster, it is assigned a Primary Controller by the cluster leader and connects to that controller (MD) from then on.  It also download the nodelist, which is a list of the controller ips in the cluster.  That AP no longer uses that VRRP address to connect, so you should be good.



  • 3.  RE: Controller clustering

    Posted Feb 08, 2020 06:21 PM

    Just some additional thoughts. Is LMS-IP configured to point to 10.82.168.20? Don't forget to change that if it is. You can point it to one of the MCs or you could manually configure a VRRP between the two MCs and point the LMS-IP to that VIP (for those who are reading this at a later time, the LMS-IP should not point to any of the VRRP-IP addresses that are configured as part of the cluster configuration, which it appears is what is being corrected in this thread. In fact, the VRRP-IP that is part of the cluster should only be used by the system for authorization server interaction [ASI]). As cjoseph mentioned, once the AP is initially booted and connects to a controller in the cluster, the LMS-IP is no longer (except in rare complex configurations) a concern.

     

    I hope this helps,



  • 4.  RE: Controller clustering

    Posted Feb 10, 2020 12:43 PM

    Westcott,

     

    Thanks for the reply. We don't need the ASI feature. I am setting LMS-IP addresses for a RAP group to point to individual MCs in a cluster. I have a public VRRP-IP for the 2 MCs. Should I set the LMS-IP to the VRRP-IP instead of the 2 individual public MC addresses? This part of the documentation isn't very clear.



  • 5.  RE: Controller clustering
    Best Answer

    Posted Feb 10, 2020 10:18 PM

    Technically, the VIP would be better. If you have MC1 and MC2, and you are pointing to the VIP, if one MC is down, the AP would be directed to the other. Reality is that the LMS-IP really is only of significance when a new AP is added to the network. Once the AP communicates with the LMS-IP, the AP is assigned an AP anchor controller (AAC), which the AP stores as the first entry in the node list, which is stored as an environment variable in the APs flash. In addition to the AAC, the other cluster nodes are (randomly, as far as you know, but there is probably some behind the scenes rhyme or reason; I don't know what it is) added to the node list. Any time the AP boots in the future, the AP uses the node list to communicate with the cluster.

     

    So, if you have a VIP between the cluster nodes, point the LMS-IP to it. If you don't, you can either create one, or just point the the LMS-IP to one MC and point the backup LMS-IP to the other MC and you should be fine.

     

    I hope this helps,



  • 6.  RE: Controller clustering
    Best Answer

    Posted Feb 11, 2020 12:37 PM

    Thanks David. I appreciate the response and details. I'm also enjoying your Version 8.x book.

     

    Jim