Hi
Good evening,here your answer: :smileyhappy:
http://community.arubanetworks.com/t5/ArubaOS-and-Controllers/Using-GRE-Tunnels-to-centralize-L3-access/m-p/2831
Example (by other fourm member - old post here in AirHeads)
:
Let's suppose Controller A has a Vlan "V" which is your voice Vlan. You have controller B which does not have that Voice VLAN, but you have clients that routinely attach to controller B which does not have Vlan V. Here's how you would solve that:
You would create a GRE Tunnel between Controller A and Controller B. On controller A, you would Attach Vlan V to that tunnel. On controller B, you would create Vlan "V" and attach it to no interfaces. You would attach Vlan "V" on Controller B to the same GRE tunnel. In other words, you would make a layer 2 Tunnel between two controllers, just for bridging the same VLAN.
When handsets attach to controller A, they would be placed into Vlan V, and their traffic would be sent on their way. When handsets attach to controller B, they would be placed into Vlan V, which tunnels back to Controller A, that has the REAL Vlan V and traffic would continue like nothing happened. Your main vulnerability, of course is if Controller A is down, you cannot put handsets onto Vlan V, because that is your only path to that Vlan.
Vlan V = 100
config example
Controller A:
interface tunnel 100
tunnel source vlan 1
tunnel destination 192.168.10.1 <---------IP interface on Controller B for terminating tunnel
tunnel Vlan 100 <-----Puts Vlan 100 traffic on that tunnel
trusted
!
!
Controller B:
Interface tunnel 100
tunnel source Vlan 1
tunnel destination 192.168.20.1 <--------IP interface on Controller A for terminating tunnel
tunnel Vlan 100 <------Puts all VLAN traffic 100 on that tunnel
trusted
In Summary:
1. Create Vlan 100 on Controller A
2. Assign Vlan 100 to an interface
3. Create Tunnel 100 on Controller A and attach Vlan 100 traffic to it, and make it trusted
4. Create Vlan 100 on Controller B but don't assign it to an interface
5. Create Tunnel 100 on Controller B and attach Vlan 100 traffic to it, and make it trusted
When handsets get on Controller B, they will be placed on Vlan 100, and their traffic will be sent back to Controller A where the REAL Vlan 100 is.
update me if further info/help needed (K+ me if i helped u)
Me.