Wireless Access

last person joined: 5 hours ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

Setting up a VRRP in an existing Primary and Secondary controller

  • 1.  Setting up a VRRP in an existing Primary and Secondary controller

    Posted Nov 25, 2019 08:46 PM

    I currently have a primary and secondary controller and want to have a vrrp for it's failover. Should the access points controller ip be directed to the vrrp ip for the failover to work? or is it okay for its ip to remain in the primary controller?

     

    Thanks



  • 2.  RE: Setting up a VRRP in an existing Primary and Secondary controller

    Posted Nov 26, 2019 01:48 AM

    Have them directed to the VRRP IP, that way if the primary were to fail and the secondary should take its place, the APs would not be confused as to whom to connect to.

     

    --Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.
    --Problem Solved? Click "Accepted Solution" in a post.



  • 3.  RE: Setting up a VRRP in an existing Primary and Secondary controller

    Posted Nov 26, 2019 03:06 AM

    The VRRP address is only needed for first AP discovery. After AP provisioning is the LMS IP is set in the AP flash.

     

    Configuration depends on the setup.

    - Always put the VRRP address to your dhcp-option 43 or DNS aruba-master if the APs are not L2 connected

     

    ArubaOS8 Cluster:

    - You dont need to set the LMS IP because an SSID create a tunnel to each controler (A-AAC and S-AAC).

     

    ArubaOS6/8 Master-Standby:

    - Set the LMS IP Primairy and the LMS Standby controllers in the AP System profile (note this trigger a direct AP reboot).

     



  • 4.  RE: Setting up a VRRP in an existing Primary and Secondary controller

    Posted Nov 26, 2019 10:15 AM

    Related question: if we don't have a cluster set up yet, can we start with creating VRRP IP even if we don't create a cluster. Then boot all the APs to that IP. Then enable  clustering, would that work?

     

    Otherwise I think we need to boot all the APs to a VRRP IP, then just leave them in down state and configure a cluster and hope APs come back online :)



  • 5.  RE: Setting up a VRRP in an existing Primary and Secondary controller

    Posted Nov 26, 2019 04:31 PM

    VRRP is only needed (clustered or not) for a AP to "find" the controller when its not L2 connected. DNS "aruba-master" or DHCP option 43/60 are pointed to the VRRP VIP address.

     

    In a non-cluster setup (master-standby or 2 locals) the LMS Primairy IP and LMS backup IP in de System AP profile are write down in the AP flash at the point of provisioning. When the LMS IPs are in de AP flash, the VRRP address is ignored. After set the LMS IP and LMS backup IP you have to configure a HA group for fastfailover when a controller failed.

    LMS IP=first controller IP LMS Backup IP=second controller IP.

     

    In a ArubaOS8 cluster this works diffrent, there is no LMS IP needed. When a AP is provisioned to a ArubaOS8 cluster two GRE tunnels are created. The A-AAC (active AP anchor controller tunnel) and a S-AAC (standby AP anchor tunnel). Still VRRP is only needed when AP must be first find the controller for provisioning.

     

    Moving from a non-cluster to a cluster need an ArubaOS8 Mobility Master MM. The MM is responsible for the cluster configution. When moving to a Cluster a migrationtool or re-configuration is needed. An ArubaOS8 cluster works different when it comes to the LMS IP configuration in the system AP profile.

     

    Hope this help you!



  • 6.  RE: Setting up a VRRP in an existing Primary and Secondary controller

    Posted Nov 26, 2019 04:43 PM

    We have two separate 8.4 controllers and wondering what is the best way to go towards clustered setup. Last time I tried to create the cluster and a VRRP IP, all the APs went down for some reason :) When I removed the clustering setup, everything came up again. I only added a VRRP IP and created a cluster, but didn't boot APs beforehand or anything.

     

    Maybe I could do a "cluster" from the first member, then re-provision the APs to that cluster? Or point the DNS towards the 1 node cluster. And when everything is migrated then add the second controller to that cluster



  • 7.  RE: Setting up a VRRP in an existing Primary and Secondary controller

    Posted Nov 26, 2019 05:10 PM

    For an ArubaOS8 cluster you need a separate Mobility Master server. The cluster termology in the GUI without a Mobility Master is different.

    When run two controllers without a Mobility Master you miss some features like clustering, live-updates, airmatch, etc.

     

    Without a Mobility Master server and two controllers you still can create a master-standby setup as we did often in 6.x versions. In-fact you install two controllers in standalone mode and use the LMS IP settings for redunancy when a controller fail.

     

    Still no need for VRRP :) ONLY for find the controller when a AP is not provisioned.

     

    Example:

    Option 43/60 and DNS aruba-master are set to the first controller. And LMS IP is set to the second controller. When an AP is not yet provisioned it connect to controller 1. While provisioned the AP get an LMS-IP of controller two, reboots and connect to controller two without using the DHCP options or DNS.

     

    When controller 1 was down, the AP cant find the controller through option 43/60 or DNS and stuck in the boot process and reboot and reboot again. The AP never can be provisioned.

     

    When option43/60 and DNS are set to the VRRP VIP and controller 1 is down, the AP discovery process reach controller 2 via the VIP address. Provioning take place and the LMS IP is write down in flash and is used by the AP to connect to that controller next time.

     

    VRRP is only need when one controller is down and still can do a discover proces for new AP's that are not provisioned.

     

     



  • 8.  RE: Setting up a VRRP in an existing Primary and Secondary controller

    Posted Nov 26, 2019 05:16 PM

    Sorry I wasn't clear, we have MM and controllers are under there. However we have APs already connected to one but they are not in a cluster yet.



  • 9.  RE: Setting up a VRRP in an existing Primary and Secondary controller

    Posted Nov 26, 2019 05:25 PM

    On youtube the ABC Networking channel have a good step by step tutorial how to configure a cluster (part 4).

     

    https://www.youtube.com/playlist?list=PLsYGHuNuBZcatGA1POy6iVpVlDTLYzNFE



  • 10.  RE: Setting up a VRRP in an existing Primary and Secondary controller

    Posted Nov 26, 2019 05:28 PM

    I followed that last video time, and after configuring cluster all my APs went to DOWN mode until I removed the cluster config :) I've also done the clustering setup to our lab environment so the actual config was ok, but all the existing APs failed to connect to the cluster after they had already been connected to a single controller.

     

    Will probably have to better lab this to see what our options are when migrating to cluster setup