Controllerless Networks

last person joined: 4 hours ago 

Aruba Instant Wi-Fi: Meet the controllerless Wi-Fi solution that's easy to set-up, is loaded with security and smarts, and won't break your budget.
Expand all | Collapse all

IAP-277 Point-to-Point Link not failover against Ethernet Switch Wired Link failure.

Jump to Best Answer
  • 1.  IAP-277 Point-to-Point Link not failover against Ethernet Switch Wired Link failure.

    Posted Jun 22, 2016 03:53 AM

    Dear all,

     

    I have been tested Wireless Backup for in case of Primary Wired Link failure with IAP-277 "Point-to-Point Mesh Portal/Point setting" like as below diagram.

    Failover.JPG

    It does not work in case of failure of Wired Line.

     

    My detail test procedures are like below.

     

    1. first I start with (2)Backup Wireless Link is up status (not connect (1) Primary Wired Link yet at first time). PCs can ping each other. Ethernet Switch RSTP(Rapid STP) status is FWD/FWD on 1/24 port both switches.

     

    -With basic/normal setting by wizard on SSID Portion It does not work frist time.

    -if I change "On Broadcast Filtering option" from "ARP" to "Disabled" on SSID options, It start to work.

    -Also if I enable STP option "Enable" on "Wired Profile", it works.

    -I am not tested with both options enabled status. 

     

    2.. If (1) Primary Wired Link is connected, PCs  can still ping each other. STP Port status are changed like below.

     

    Left side switch:  1/23 FWD, 1/24 FWD

    Right side switch: 1/23 FWD, 1/24 BLK

     

    3. After Disconnecting (1)Primary Wired Link-making failure of Wired Link, PCs cannot ping. I have been waited around 5 Minute.

     

    STP Port status of ethernet switches are like below.

    Left side switch:  11/24 FWD

    Right side switch: 1/24 FWD

    Now only (2)Backup Wireless Link is up status. This is the problem point.

     

    For the troubleshooting, I tried to 4. step belw.

    4. After disconnect cable of (2)Backup Wirelss Link(Mesh Portal side of AP, Eth0)  short time and reconnect it again. PCs can ping start again.

     

    What is my fault of my setting?

    What kind of option on AP do I have check or change them?

    Would you suggest some solution for this case?

     

    Regards,

     

    Moon-Kee Bahk

     

     

     

     



  • 2.  RE: IAP-277 Point-to-Point Link not failover against Ethernet Switch Wired Link failure.

    Posted Jun 22, 2016 09:55 AM

    With IAP this is going to be a problem, as there's a chance the IAP mesh point sees the VM/portal on the wire and comes up over the wire (even though the port is blocking, the point still gets it's IP address and as such won't come up as mesh). You would have try and make sure the POINT side on the wire is blocking all frames while the wired link is up. Outside of that, there's not much you can do as IAP doesn't have a way currently to ONLY work on mesh, it will try first the wired interface and if it gets an IP address on the wire, will not bring up the mesh.



  • 3.  RE: IAP-277 Point-to-Point Link not failover against Ethernet Switch Wired Link failure.

    Posted Jun 27, 2016 05:52 PM

    Is it some kind of limitation of Mesh Portal/Point of IAP Series?

    Do you have any workaround of this?



  • 4.  RE: IAP-277 Point-to-Point Link not failover against Ethernet Switch Wired Link failure.

    Posted Jun 27, 2016 06:03 PM
    I am not sure if this back up scheme will really work, but there is a way to force an IAP to come up as a mesh point. That is done by enabling en0-bridging on the mesh point.


  • 5.  RE: IAP-277 Point-to-Point Link not failover against Ethernet Switch Wired Link failure.
    Best Answer

    Posted Jun 27, 2016 06:20 PM

    What Yan states will work, but it will require that the mesh point's ethernet interface be blocked, not the portals. In general, with any Aruba Mesh (Instant or AOS mesh), it's up to the wired infrastructure to do all port blocking, our mesh is all pure L2 and we have no monitoring intelligence to go into blocking mode or not. 



  • 6.  RE: IAP-277 Point-to-Point Link not failover against Ethernet Switch Wired Link failure.

    Posted Jun 28, 2016 02:12 AM

    I configure STP protocol on Ethernet Switch to block the port of Mesh/Point side connected.

    After disconnect wired link, AP of Mesh/Portal side rebooted automatically and start sending traffic.

     

    It take around 3 minutes. I am not sure it is working or not.

     

    Thanks all of you guys.. 



  • 7.  RE: IAP-277 Point-to-Point Link not failover against Ethernet Switch Wired Link failure.

    Posted Jun 28, 2016 08:33 AM

    3 min is about right for a link to come up if the link was not already up, for L2 to connect and STP to go from blocking to not lbocking Unfortunately, for AOS mesh, since it's purely L2 and there is no L3 or FO support, it's 100% up to the wired config to make it work, and users have had mixed success in getting it to work reliably.



  • 8.  RE: IAP-277 Point-to-Point Link not failover against Ethernet Switch Wired Link failure.

    Posted Nov 07, 2017 12:37 PM

    I post it here, in case it is helpful. I have been configuring similar setup last week.Two IAPs 277 acting as a bridge between two locations, and in each location the respective AP is connected to a switch:

     

    Switch====IAP(Mesh Portal) - - - wireless link - - - IAP(Mesh Point)=====Switch

     

    Configuring Mesh Link is relatively easy:

    1. Starting from the factory default settings, let the IAPs form the initial cluster. 
    2. substitute the default Instant (SetMeUp) SSID with a new one, where Extended SSID option is disabled. (reboot required) extended-ssid.JPG
    3. enable ETH0 bridging on the IAP that is selected to be Mesh Point (reboot required).extended-ssid.JPG

    After the reboot the mesh link between Mesh Portal and Mesh Point is up and running. You are also able to use the wireless link behind the Mesh Point in the remote location. However, as in my case, if want to use the wired connection behind the Mesh Point here comes the tricky part of the configuration. 

     

    1. Enabling ETH0 bridging option (step 3 above) to form the mesh link disables the wired link. If you want to use it, you have to enable it, and this is a bit hidden. Go to More->Wired  and check the wired profiles there. You have to either define your own wired profile on ETH0 or, as I did, modify the default_wired_profile and enable ETH0, as per default it is in the admin mode DOWN (reboot required).  wired-profile.JPGset the admin state to upset the admin state to up
    2. Last issue to check (may not affect all the setups) is to check on the switch from with the IAP is powered up in the remote location whether there is enough power assigned on that interface. In my case (8 port 2930, AOS-S 16.02) I had initially 25W and lldp on, and that was not sufficient to enable the ETH0 again - the IAP went into a reboot loop. Solution was to increase it to 30W and turn the LLDP off.