Wireless Access

last person joined: 5 hours ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

Design question local-local

Jump to Best Answer
  • 1.  Design question local-local

    Posted Jan 22, 2014 09:21 AM

    I'm walking through http://www.arubanetworks.com/wp-content/uploads/BaseDesignsVRDV8_20110913.pdf

    and wondering how can I terminate several vlans on the one VRRP Instance?

    Especially bellow in VRRP table ID 7 and 8 are assigned to user Vlans and configured on distribution switches.VRRP1.png

    VRRP2.png



  • 2.  RE: Design question local-local

    Posted Jan 22, 2014 04:37 PM

    VRRP is not able to do several VLANs within one instance

     

    I think what the doc meant to explain is that based on the VRRP VIP attach to a certain AP-Group/Virtual-AP that supports the VLANs (150-155)

     

     

    2014-01-22 16_34_29-AP Group.png

     

    2014-01-22 16_35_12-AP Group.png 



  • 3.  RE: Design question local-local

    Posted Jan 23, 2014 06:09 AM

    Thank you for pointing that out, Victor

    What is with the following of Local Redundancy config from http://www.arubanetworks.com/wp-content/uploads/CampusVRDV8_20110913.pdf :

    LC1-Sunnyvale-6000
    !
    vrrp 7
    priority 110
    ip address 10.169.145.7
    description "intial-primary-7"
    vlan 145
    no shutdown
    !
    vrrp 8
    ip address 10.169.145.8
    description "initial-standby-8"
    vlan 145
    no shutdown
    
    LC2-Sunnyvale-6000
    !
    vrrp 7
    ip address 10.169.145.7
    description "initial-standby-7"
    vlan 145
    no shutdown
    !
    vrrp 8
    priority 110
    ip address 10.169.145.8
    description "initial-primary-8"
    vlan 145
    no shutdown

    I have never seen two vrrp instances vor the same vlan (both vrrp 7 and 8 in the same vlan 145).

    Is that a good practice to have multiple VRRP IDs in the same vlan for active-active locals?

     

    Thank you in advance for your response!



  • 4.  RE: Design question local-local
    Best Answer

    Posted Jan 23, 2014 08:59 AM

     

    You do that when you want each controller to backup each other .

     

    So let's say you have 4 APs on controllerA and another 4 APs on controllerB then you create two instances where each AP group has a master and backup VRRP setup

     

    ControllerA

    VRRP-7 Master

    VRRP-8 Backup

     

    ControllerB

    VRRP-7 Backup

    VRRP-8 Master

     

    ControllerA-APGroup > System Profile > LMS IP VRRP-7 (APs will land on controllerA and if it fails the APs will move to controllerB)

     

    Same thing for the other one.

     

     



  • 5.  RE: Design question local-local

    Posted Jan 23, 2014 09:19 AM

    Ok, but do I need for each VRRP instance a separate vlan or can I use the same vlan id, as vlan 145 in the example above



  • 6.  RE: Design question local-local
    Best Answer

    Posted Jan 23, 2014 10:00 AM

     

    You can use the same VLAN for each VRRP instance



  • 7.  RE: Design question local-local

    Posted Jan 23, 2014 03:21 PM

    Since 6.3 there is a new feature for HA, would it not be better to use in this case Fast Failover instead of VRRP ?

    If so, do we need then to use same settings for LMS and Backup LMS IP on both controllers?

     

    ControllerA: APGroup > System Profile > LMS IP 10.169.145.4 / Backup LMS IP 10.169.145.5

    ControllerB: APGroup > System Profile > LMS IP 10.169.145.4 / Backup LMS IP 10.169.145.5

     

     



  • 8.  RE: Design question local-local
    Best Answer

    Posted Jan 23, 2014 11:42 PM

    Yes, HA is suggested over VRRP.

     

    Since HA establishes two GRE tunnels, one to the active controller and another to the standby, the AP is able to fail over more quickly and with less strain on the standby controller.