Wireless

Good morning all.

I have an issue that I can't seem to get to the bottom of.  High level, clients cannot roam between APs on different controller clusters.  Below are the gritty details.

Scenario - campus setup with 2 clusters (4 controllers on each cluster) geographically separate.  Each cluster has it's own management network, but the devices (WLANs) are on the same L2 network.  There are a few areas where the RF domain from APs in each cluster overlap.  This is where my issue is.  When a user is connected to an AP on Cluster A and walks to an area serviced by an AP on Cluster B, the device moves to the new AP but shows as "connected with no internet".  The IP address of the device does not change since the L2 for that WLAN is the same across both clusters so I don't think I need to (or should) enable IP Mobility (but I could be wrong there) and I don't think 802.11k would help.  The only fix for the end user is to disconnect and reconnect the wifi.

I understand that seamless roaming is only between APs in the same cluster and I'm OK if the device needs to re-authenticate (voice over IP roaming isn't a high priority in this scenario).  I just need the device to connect again automatically.

Any ideas?

Thanks!

Jeff

You can try enabling this parameter in the Virtual AP profile:

fdb-update-on-assoc

That would send out a gratuitous ARP when a client enters the forwarding table to ensure that the switch infrastructure is updated:

fdb-update-on-assoc

Good morning all.

I have an issue that I can't seem to get to the bottom of.  High level, clients cannot roam between APs on different controller clusters.  Below are the gritty details.

Scenario - campus setup with 2 clusters (4 controllers on each cluster) geographically separate.  Each cluster has it's own management network, but the devices (WLANs) are on the same L2 network.  There are a few areas where the RF domain from APs in each cluster overlap.  This is where my issue is.  When a user is connected to an AP on Cluster A and walks to an area serviced by an AP on Cluster B, the device moves to the new AP but shows as "connected with no internet".  The IP address of the device does not change since the L2 for that WLAN is the same across both clusters so I don't think I need to (or should) enable IP Mobility (but I could be wrong there) and I don't think 802.11k would help.  The only fix for the end user is to disconnect and reconnect the wifi.

I understand that seamless roaming is only between APs in the same cluster and I'm OK if the device needs to re-authenticate (voice over IP roaming isn't a high priority in this scenario).  I just need the device to connect again automatically.

Any ideas?

Thanks!

Jeff

You can try enabling this parameter in the Virtual AP profile:

fdb-update-on-assoc

That would send out a gratuitous ARP when a client enters the forwarding table to ensure that the switch infrastructure is updated:

fdb-update-on-assoc

Good morning all.

I have an issue that I can't seem to get to the bottom of.  High level, clients cannot roam between APs on different controller clusters.  Below are the gritty details.

Scenario - campus setup with 2 clusters (4 controllers on each cluster) geographically separate.  Each cluster has it's own management network, but the devices (WLANs) are on the same L2 network.  There are a few areas where the RF domain from APs in each cluster overlap.  This is where my issue is.  When a user is connected to an AP on Cluster A and walks to an area serviced by an AP on Cluster B, the device moves to the new AP but shows as "connected with no internet".  The IP address of the device does not change since the L2 for that WLAN is the same across both clusters so I don't think I need to (or should) enable IP Mobility (but I could be wrong there) and I don't think 802.11k would help.  The only fix for the end user is to disconnect and reconnect the wifi.

I understand that seamless roaming is only between APs in the same cluster and I'm OK if the device needs to re-authenticate (voice over IP roaming isn't a high priority in this scenario).  I just need the device to connect again automatically.

Any ideas?

Thanks!

Jeff

I was finally able to get a change window for this.  Unfortunately it did not correct the issue.  Any chance the APs need to be re-provisioned with the VAP after making this change?  I changed the VAP but did not re-provision any APs.

You can try enabling this parameter in the Virtual AP profile:

fdb-update-on-assoc

That would send out a gratuitous ARP when a client enters the forwarding table to ensure that the switch infrastructure is updated:

fdb-update-on-assoc

Good morning all.

I have an issue that I can't seem to get to the bottom of.  High level, clients cannot roam between APs on different controller clusters.  Below are the gritty details.

Scenario - campus setup with 2 clusters (4 controllers on each cluster) geographically separate.  Each cluster has it's own management network, but the devices (WLANs) are on the same L2 network.  There are a few areas where the RF domain from APs in each cluster overlap.  This is where my issue is.  When a user is connected to an AP on Cluster A and walks to an area serviced by an AP on Cluster B, the device moves to the new AP but shows as "connected with no internet".  The IP address of the device does not change since the L2 for that WLAN is the same across both clusters so I don't think I need to (or should) enable IP Mobility (but I could be wrong there) and I don't think 802.11k would help.  The only fix for the end user is to disconnect and reconnect the wifi.

I understand that seamless roaming is only between APs in the same cluster and I'm OK if the device needs to re-authenticate (voice over IP roaming isn't a high priority in this scenario).  I just need the device to connect again automatically.

Any ideas?

Thanks!

Jeff

They do not.  Try checking "show user-table verbose" on the target controller to make sure the vlans are the same 

I was finally able to get a change window for this.  Unfortunately it did not correct the issue.  Any chance the APs need to be re-provisioned with the VAP after making this change?  I changed the VAP but did not re-provision any APs.

You can try enabling this parameter in the Virtual AP profile:

fdb-update-on-assoc

That would send out a gratuitous ARP when a client enters the forwarding table to ensure that the switch infrastructure is updated:

fdb-update-on-assoc

Good morning all.

I have an issue that I can't seem to get to the bottom of.  High level, clients cannot roam between APs on different controller clusters.  Below are the gritty details.

Scenario - campus setup with 2 clusters (4 controllers on each cluster) geographically separate.  Each cluster has it's own management network, but the devices (WLANs) are on the same L2 network.  There are a few areas where the RF domain from APs in each cluster overlap.  This is where my issue is.  When a user is connected to an AP on Cluster A and walks to an area serviced by an AP on Cluster B, the device moves to the new AP but shows as "connected with no internet".  The IP address of the device does not change since the L2 for that WLAN is the same across both clusters so I don't think I need to (or should) enable IP Mobility (but I could be wrong there) and I don't think 802.11k would help.  The only fix for the end user is to disconnect and reconnect the wifi.

I understand that seamless roaming is only between APs in the same cluster and I'm OK if the device needs to re-authenticate (voice over IP roaming isn't a high priority in this scenario).  I just need the device to connect again automatically.

Any ideas?

Thanks!

Jeff

They are both using a VLAN pool of 4 subnets, but the pools, pool name, subnets, etc are all identical across both clusters.

They do not.  Try checking "show user-table verbose" on the target controller to make sure the vlans are the same 

I was finally able to get a change window for this.  Unfortunately it did not correct the issue.  Any chance the APs need to be re-provisioned with the VAP after making this change?  I changed the VAP but did not re-provision any APs.

You can try enabling this parameter in the Virtual AP profile:

fdb-update-on-assoc

That would send out a gratuitous ARP when a client enters the forwarding table to ensure that the switch infrastructure is updated:

fdb-update-on-assoc

Good morning all.

I have an issue that I can't seem to get to the bottom of.  High level, clients cannot roam between APs on different controller clusters.  Below are the gritty details.

Scenario - campus setup with 2 clusters (4 controllers on each cluster) geographically separate.  Each cluster has it's own management network, but the devices (WLANs) are on the same L2 network.  There are a few areas where the RF domain from APs in each cluster overlap.  This is where my issue is.  When a user is connected to an AP on Cluster A and walks to an area serviced by an AP on Cluster B, the device moves to the new AP but shows as "connected with no internet".  The IP address of the device does not change since the L2 for that WLAN is the same across both clusters so I don't think I need to (or should) enable IP Mobility (but I could be wrong there) and I don't think 802.11k would help.  The only fix for the end user is to disconnect and reconnect the wifi.

I understand that seamless roaming is only between APs in the same cluster and I'm OK if the device needs to re-authenticate (voice over IP roaming isn't a high priority in this scenario).  I just need the device to connect again automatically.

Any ideas?

Thanks!

Jeff

They do not.  Try checking "show user-table verbose" on the target controller to make sure the vlans are the same 

I was finally able to get a change window for this.  Unfortunately it did not correct the issue.  Any chance the APs need to be re-provisioned with the VAP after making this change?  I changed the VAP but did not re-provision any APs.

You can try enabling this parameter in the Virtual AP profile:

fdb-update-on-assoc

That would send out a gratuitous ARP when a client enters the forwarding table to ensure that the switch infrastructure is updated:

fdb-update-on-assoc

Good morning all.

I have an issue that I can't seem to get to the bottom of.  High level, clients cannot roam between APs on different controller clusters.  Below are the gritty details.

Scenario - campus setup with 2 clusters (4 controllers on each cluster) geographically separate.  Each cluster has it's own management network, but the devices (WLANs) are on the same L2 network.  There are a few areas where the RF domain from APs in each cluster overlap.  This is where my issue is.  When a user is connected to an AP on Cluster A and walks to an area serviced by an AP on Cluster B, the device moves to the new AP but shows as "connected with no internet".  The IP address of the device does not change since the L2 for that WLAN is the same across both clusters so I don't think I need to (or should) enable IP Mobility (but I could be wrong there) and I don't think 802.11k would help.  The only fix for the end user is to disconnect and reconnect the wifi.

I understand that seamless roaming is only between APs in the same cluster and I'm OK if the device needs to re-authenticate (voice over IP roaming isn't a high priority in this scenario).  I just need the device to connect again automatically.

Any ideas?

Thanks!

Jeff

And I verified that the device IP address is not changing when roaming from one cluster to another.  IP stays the same, device shows "connected no internet", and just need to disconnect/reconnect to bring it back.  I will be opening a TAC case for this at some point soon, but I'm dealing with a more pressing issue with them and this is a low priority.  It's currently only effecting one small area of our campus where wifi coverage overlaps from one cluster to the other.  But we are expanding our outdoor wireless so this will start happening in more locations.  I appreciate all of the help!!!

They do not.  Try checking "show user-table verbose" on the target controller to make sure the vlans are the same 

I was finally able to get a change window for this.  Unfortunately it did not correct the issue.  Any chance the APs need to be re-provisioned with the VAP after making this change?  I changed the VAP but did not re-provision any APs.

You can try enabling this parameter in the Virtual AP profile:

fdb-update-on-assoc

That would send out a gratuitous ARP when a client enters the forwarding table to ensure that the switch infrastructure is updated:

fdb-update-on-assoc

Good morning all.

I have an issue that I can't seem to get to the bottom of.  High level, clients cannot roam between APs on different controller clusters.  Below are the gritty details.

Scenario - campus setup with 2 clusters (4 controllers on each cluster) geographically separate.  Each cluster has it's own management network, but the devices (WLANs) are on the same L2 network.  There are a few areas where the RF domain from APs in each cluster overlap.  This is where my issue is.  When a user is connected to an AP on Cluster A and walks to an area serviced by an AP on Cluster B, the device moves to the new AP but shows as "connected with no internet".  The IP address of the device does not change since the L2 for that WLAN is the same across both clusters so I don't think I need to (or should) enable IP Mobility (but I could be wrong there) and I don't think 802.11k would help.  The only fix for the end user is to disconnect and reconnect the wifi.

I understand that seamless roaming is only between APs in the same cluster and I'm OK if the device needs to re-authenticate (voice over IP roaming isn't a high priority in this scenario).  I just need the device to connect again automatically.

Any ideas?

Thanks!

Jeff

I am answering your posts out of sequence so I apologize.  We probably need to do debugging on the target controller for the test user to find out the sequence of events. I'm not going to bore you with detailed steps that I would take to figure this out, but in general a debug should give us some clues.

And I verified that the device IP address is not changing when roaming from one cluster to another.  IP stays the same, device shows "connected no internet", and just need to disconnect/reconnect to bring it back.  I will be opening a TAC case for this at some point soon, but I'm dealing with a more pressing issue with them and this is a low priority.  It's currently only effecting one small area of our campus where wifi coverage overlaps from one cluster to the other.  But we are expanding our outdoor wireless so this will start happening in more locations.  I appreciate all of the help!!!

They do not.  Try checking "show user-table verbose" on the target controller to make sure the vlans are the same 

I was finally able to get a change window for this.  Unfortunately it did not correct the issue.  Any chance the APs need to be re-provisioned with the VAP after making this change?  I changed the VAP but did not re-provision any APs.

You can try enabling this parameter in the Virtual AP profile:

fdb-update-on-assoc

That would send out a gratuitous ARP when a client enters the forwarding table to ensure that the switch infrastructure is updated:

fdb-update-on-assoc

Good morning all.

I have an issue that I can't seem to get to the bottom of.  High level, clients cannot roam between APs on different controller clusters.  Below are the gritty details.

Scenario - campus setup with 2 clusters (4 controllers on each cluster) geographically separate.  Each cluster has it's own management network, but the devices (WLANs) are on the same L2 network.  There are a few areas where the RF domain from APs in each cluster overlap.  This is where my issue is.  When a user is connected to an AP on Cluster A and walks to an area serviced by an AP on Cluster B, the device moves to the new AP but shows as "connected with no internet".  The IP address of the device does not change since the L2 for that WLAN is the same across both clusters so I don't think I need to (or should) enable IP Mobility (but I could be wrong there) and I don't think 802.11k would help.  The only fix for the end user is to disconnect and reconnect the wifi.

I understand that seamless roaming is only between APs in the same cluster and I'm OK if the device needs to re-authenticate (voice over IP roaming isn't a high priority in this scenario).  I just need the device to connect again automatically.

Any ideas?

Thanks!

Jeff

Thanks again Colin.  No worries about answering out of order - I posted multiple times out of order so replies that way are expected (my fault).  Quick question - currently the VLAN pools are 4 subnets, each a /20 due to possible number of clients at a time.  This was done a few years ago.  Not entirely sure why it was set up this way except maybe it started to grow and additional subnets were added (and they are not all contiguous) as the population grew.  Would it help to set up a single /18 vlan instead of a vlan pool?  Or would that be too large for a single VLAN and cause other issues?  I will be opening a TAC case in a week or so after I get the other issue under control.

I am answering your posts out of sequence so I apologize.  We probably need to do debugging on the target controller for the test user to find out the sequence of events. I'm not going to bore you with detailed steps that I would take to figure this out, but in general a debug should give us some clues.

And I verified that the device IP address is not changing when roaming from one cluster to another.  IP stays the same, device shows "connected no internet", and just need to disconnect/reconnect to bring it back.  I will be opening a TAC case for this at some point soon, but I'm dealing with a more pressing issue with them and this is a low priority.  It's currently only effecting one small area of our campus where wifi coverage overlaps from one cluster to the other.  But we are expanding our outdoor wireless so this will start happening in more locations.  I appreciate all of the help!!!

They do not.  Try checking "show user-table verbose" on the target controller to make sure the vlans are the same 

I was finally able to get a change window for this.  Unfortunately it did not correct the issue.  Any chance the APs need to be re-provisioned with the VAP after making this change?  I changed the VAP but did not re-provision any APs.

You can try enabling this parameter in the Virtual AP profile:

fdb-update-on-assoc

That would send out a gratuitous ARP when a client enters the forwarding table to ensure that the switch infrastructure is updated:

fdb-update-on-assoc

Good morning all.

I have an issue that I can't seem to get to the bottom of.  High level, clients cannot roam between APs on different controller clusters.  Below are the gritty details.

Scenario - campus setup with 2 clusters (4 controllers on each cluster) geographically separate.  Each cluster has it's own management network, but the devices (WLANs) are on the same L2 network.  There are a few areas where the RF domain from APs in each cluster overlap.  This is where my issue is.  When a user is connected to an AP on Cluster A and walks to an area serviced by an AP on Cluster B, the device moves to the new AP but shows as "connected with no internet".  The IP address of the device does not change since the L2 for that WLAN is the same across both clusters so I don't think I need to (or should) enable IP Mobility (but I could be wrong there) and I don't think 802.11k would help.  The only fix for the end user is to disconnect and reconnect the wifi.

I understand that seamless roaming is only between APs in the same cluster and I'm OK if the device needs to re-authenticate (voice over IP roaming isn't a high priority in this scenario).  I just need the device to connect again automatically.

Any ideas?

Thanks!

Jeff

Growth is probably the answer as to why.

Setting up a single/18 is  dependent on the size of the cam  table that can be handled by your layer 2/3 infrastructure.  That is the biggest hurdle there.

We might be able to figure out why roaming is not working seamlessly before we have to do that, however.

Thanks again Colin.  No worries about answering out of order - I posted multiple times out of order so replies that way are expected (my fault).  Quick question - currently the VLAN pools are 4 subnets, each a /20 due to possible number of clients at a time.  This was done a few years ago.  Not entirely sure why it was set up this way except maybe it started to grow and additional subnets were added (and they are not all contiguous) as the population grew.  Would it help to set up a single /18 vlan instead of a vlan pool?  Or would that be too large for a single VLAN and cause other issues?  I will be opening a TAC case in a week or so after I get the other issue under control.

I am answering your posts out of sequence so I apologize.  We probably need to do debugging on the target controller for the test user to find out the sequence of events. I'm not going to bore you with detailed steps that I would take to figure this out, but in general a debug should give us some clues.

And I verified that the device IP address is not changing when roaming from one cluster to another.  IP stays the same, device shows "connected no internet", and just need to disconnect/reconnect to bring it back.  I will be opening a TAC case for this at some point soon, but I'm dealing with a more pressing issue with them and this is a low priority.  It's currently only effecting one small area of our campus where wifi coverage overlaps from one cluster to the other.  But we are expanding our outdoor wireless so this will start happening in more locations.  I appreciate all of the help!!!

They do not.  Try checking "show user-table verbose" on the target controller to make sure the vlans are the same 

I was finally able to get a change window for this.  Unfortunately it did not correct the issue.  Any chance the APs need to be re-provisioned with the VAP after making this change?  I changed the VAP but did not re-provision any APs.

You can try enabling this parameter in the Virtual AP profile:

fdb-update-on-assoc

That would send out a gratuitous ARP when a client enters the forwarding table to ensure that the switch infrastructure is updated:

fdb-update-on-assoc

Good morning all.

I have an issue that I can't seem to get to the bottom of.  High level, clients cannot roam between APs on different controller clusters.  Below are the gritty details.

Scenario - campus setup with 2 clusters (4 controllers on each cluster) geographically separate.  Each cluster has it's own management network, but the devices (WLANs) are on the same L2 network.  There are a few areas where the RF domain from APs in each cluster overlap.  This is where my issue is.  When a user is connected to an AP on Cluster A and walks to an area serviced by an AP on Cluster B, the device moves to the new AP but shows as "connected with no internet".  The IP address of the device does not change since the L2 for that WLAN is the same across both clusters so I don't think I need to (or should) enable IP Mobility (but I could be wrong there) and I don't think 802.11k would help.  The only fix for the end user is to disconnect and reconnect the wifi.

I understand that seamless roaming is only between APs in the same cluster and I'm OK if the device needs to re-authenticate (voice over IP roaming isn't a high priority in this scenario).  I just need the device to connect again automatically.

Any ideas?

Thanks!

Jeff

Thanks again Colin.  No worries about answering out of order - I posted multiple times out of order so replies that way are expected (my fault).  Quick question - currently the VLAN pools are 4 subnets, each a /20 due to possible number of clients at a time.  This was done a few years ago.  Not entirely sure why it was set up this way except maybe it started to grow and additional subnets were added (and they are not all contiguous) as the population grew.  Would it help to set up a single /18 vlan instead of a vlan pool?  Or would that be too large for a single VLAN and cause other issues?  I will be opening a TAC case in a week or so after I get the other issue under control.

I am answering your posts out of sequence so I apologize.  We probably need to do debugging on the target controller for the test user to find out the sequence of events. I'm not going to bore you with detailed steps that I would take to figure this out, but in general a debug should give us some clues.

And I verified that the device IP address is not changing when roaming from one cluster to another.  IP stays the same, device shows "connected no internet", and just need to disconnect/reconnect to bring it back.  I will be opening a TAC case for this at some point soon, but I'm dealing with a more pressing issue with them and this is a low priority.  It's currently only effecting one small area of our campus where wifi coverage overlaps from one cluster to the other.  But we are expanding our outdoor wireless so this will start happening in more locations.  I appreciate all of the help!!!

They do not.  Try checking "show user-table verbose" on the target controller to make sure the vlans are the same 

I was finally able to get a change window for this.  Unfortunately it did not correct the issue.  Any chance the APs need to be re-provisioned with the VAP after making this change?  I changed the VAP but did not re-provision any APs.

You can try enabling this parameter in the Virtual AP profile:

fdb-update-on-assoc

That would send out a gratuitous ARP when a client enters the forwarding table to ensure that the switch infrastructure is updated:

fdb-update-on-assoc

Good morning all.

I have an issue that I can't seem to get to the bottom of.  High level, clients cannot roam between APs on different controller clusters.  Below are the gritty details.

Scenario - campus setup with 2 clusters (4 controllers on each cluster) geographically separate.  Each cluster has it's own management network, but the devices (WLANs) are on the same L2 network.  There are a few areas where the RF domain from APs in each cluster overlap.  This is where my issue is.  When a user is connected to an AP on Cluster A and walks to an area serviced by an AP on Cluster B, the device moves to the new AP but shows as "connected with no internet".  The IP address of the device does not change since the L2 for that WLAN is the same across both clusters so I don't think I need to (or should) enable IP Mobility (but I could be wrong there) and I don't think 802.11k would help.  The only fix for the end user is to disconnect and reconnect the wifi.

I understand that seamless roaming is only between APs in the same cluster and I'm OK if the device needs to re-authenticate (voice over IP roaming isn't a high priority in this scenario).  I just need the device to connect again automatically.

Any ideas?

Thanks!

Jeff

hi.. did you get a solution for your original problem? i'm also facing the same one, exactly the same, even with an open ssid.  It would be really helpful to know where you landed with this design of 2 clusters and roaming between them.

Thanks again Colin.  No worries about answering out of order - I posted multiple times out of order so replies that way are expected (my fault).  Quick question - currently the VLAN pools are 4 subnets, each a /20 due to possible number of clients at a time.  This was done a few years ago.  Not entirely sure why it was set up this way except maybe it started to grow and additional subnets were added (and they are not all contiguous) as the population grew.  Would it help to set up a single /18 vlan instead of a vlan pool?  Or would that be too large for a single VLAN and cause other issues?  I will be opening a TAC case in a week or so after I get the other issue under control.

I am answering your posts out of sequence so I apologize.  We probably need to do debugging on the target controller for the test user to find out the sequence of events. I'm not going to bore you with detailed steps that I would take to figure this out, but in general a debug should give us some clues.

And I verified that the device IP address is not changing when roaming from one cluster to another.  IP stays the same, device shows "connected no internet", and just need to disconnect/reconnect to bring it back.  I will be opening a TAC case for this at some point soon, but I'm dealing with a more pressing issue with them and this is a low priority.  It's currently only effecting one small area of our campus where wifi coverage overlaps from one cluster to the other.  But we are expanding our outdoor wireless so this will start happening in more locations.  I appreciate all of the help!!!

They do not.  Try checking "show user-table verbose" on the target controller to make sure the vlans are the same 

I was finally able to get a change window for this.  Unfortunately it did not correct the issue.  Any chance the APs need to be re-provisioned with the VAP after making this change?  I changed the VAP but did not re-provision any APs.

You can try enabling this parameter in the Virtual AP profile:

fdb-update-on-assoc

That would send out a gratuitous ARP when a client enters the forwarding table to ensure that the switch infrastructure is updated:

fdb-update-on-assoc

Good morning all.

I have an issue that I can't seem to get to the bottom of.  High level, clients cannot roam between APs on different controller clusters.  Below are the gritty details.

Scenario - campus setup with 2 clusters (4 controllers on each cluster) geographically separate.  Each cluster has it's own management network, but the devices (WLANs) are on the same L2 network.  There are a few areas where the RF domain from APs in each cluster overlap.  This is where my issue is.  When a user is connected to an AP on Cluster A and walks to an area serviced by an AP on Cluster B, the device moves to the new AP but shows as "connected with no internet".  The IP address of the device does not change since the L2 for that WLAN is the same across both clusters so I don't think I need to (or should) enable IP Mobility (but I could be wrong there) and I don't think 802.11k would help.  The only fix for the end user is to disconnect and reconnect the wifi.

I understand that seamless roaming is only between APs in the same cluster and I'm OK if the device needs to re-authenticate (voice over IP roaming isn't a high priority in this scenario).  I just need the device to connect again automatically.

Any ideas?

Thanks!

Jeff

Hello sol_jee

"hi.. did you get a solution for your original problem? i'm also facing the same one, exactly the same, even with an open ssid.  It would be really helpful to know where you landed with this design of 2 clusters and roaming between them."

I did not, but I have not had a chance to try the preserve-vlan option that Colin mentioned above.  This is a very low priority for me since there is only one location where the APs connected to different clusters can overlap.  We are a college campus divided by a road right down the middle and we have a cluster on each side of the street serving half of the APs for redundancy (with capacity to fail over all APs to either cluster).  There is only one location for now that has an outdoor AP that is close enough to the street for a user to roam.  If I get a free weekend I will try the preserve-vlan option and get back to you.

hi.. did you get a solution for your original problem? i'm also facing the same one, exactly the same, even with an open ssid.  It would be really helpful to know where you landed with this design of 2 clusters and roaming between them.

Thanks again Colin.  No worries about answering out of order - I posted multiple times out of order so replies that way are expected (my fault).  Quick question - currently the VLAN pools are 4 subnets, each a /20 due to possible number of clients at a time.  This was done a few years ago.  Not entirely sure why it was set up this way except maybe it started to grow and additional subnets were added (and they are not all contiguous) as the population grew.  Would it help to set up a single /18 vlan instead of a vlan pool?  Or would that be too large for a single VLAN and cause other issues?  I will be opening a TAC case in a week or so after I get the other issue under control.

I am answering your posts out of sequence so I apologize.  We probably need to do debugging on the target controller for the test user to find out the sequence of events. I'm not going to bore you with detailed steps that I would take to figure this out, but in general a debug should give us some clues.

And I verified that the device IP address is not changing when roaming from one cluster to another.  IP stays the same, device shows "connected no internet", and just need to disconnect/reconnect to bring it back.  I will be opening a TAC case for this at some point soon, but I'm dealing with a more pressing issue with them and this is a low priority.  It's currently only effecting one small area of our campus where wifi coverage overlaps from one cluster to the other.  But we are expanding our outdoor wireless so this will start happening in more locations.  I appreciate all of the help!!!

They do not.  Try checking "show user-table verbose" on the target controller to make sure the vlans are the same 

I was finally able to get a change window for this.  Unfortunately it did not correct the issue.  Any chance the APs need to be re-provisioned with the VAP after making this change?  I changed the VAP but did not re-provision any APs.

You can try enabling this parameter in the Virtual AP profile:

fdb-update-on-assoc

That would send out a gratuitous ARP when a client enters the forwarding table to ensure that the switch infrastructure is updated:

fdb-update-on-assoc

Good morning all.

I have an issue that I can't seem to get to the bottom of.  High level, clients cannot roam between APs on different controller clusters.  Below are the gritty details.

Scenario - campus setup with 2 clusters (4 controllers on each cluster) geographically separate.  Each cluster has it's own management network, but the devices (WLANs) are on the same L2 network.  There are a few areas where the RF domain from APs in each cluster overlap.  This is where my issue is.  When a user is connected to an AP on Cluster A and walks to an area serviced by an AP on Cluster B, the device moves to the new AP but shows as "connected with no internet".  The IP address of the device does not change since the L2 for that WLAN is the same across both clusters so I don't think I need to (or should) enable IP Mobility (but I could be wrong there) and I don't think 802.11k would help.  The only fix for the end user is to disconnect and reconnect the wifi.

I understand that seamless roaming is only between APs in the same cluster and I'm OK if the device needs to re-authenticate (voice over IP roaming isn't a high priority in this scenario).  I just need the device to connect again automatically.

Any ideas?

Thanks!

Jeff

Thank you !

In my case, everything is exactly the same! except that i have a single vlan with a single pool across both the clusters. Still i do see the same behavior. So i'm not too sure if the preserve-vlan would help. Anyways i would wait for your test results. 

Hello sol_jee

"hi.. did you get a solution for your original problem? i'm also facing the same one, exactly the same, even with an open ssid.  It would be really helpful to know where you landed with this design of 2 clusters and roaming between them."

I did not, but I have not had a chance to try the preserve-vlan option that Colin mentioned above.  This is a very low priority for me since there is only one location where the APs connected to different clusters can overlap.  We are a college campus divided by a road right down the middle and we have a cluster on each side of the street serving half of the APs for redundancy (with capacity to fail over all APs to either cluster).  There is only one location for now that has an outdoor AP that is close enough to the street for a user to roam.  If I get a free weekend I will try the preserve-vlan option and get back to you.

hi.. did you get a solution for your original problem? i'm also facing the same one, exactly the same, even with an open ssid.  It would be really helpful to know where you landed with this design of 2 clusters and roaming between them.

Thanks again Colin.  No worries about answering out of order - I posted multiple times out of order so replies that way are expected (my fault).  Quick question - currently the VLAN pools are 4 subnets, each a /20 due to possible number of clients at a time.  This was done a few years ago.  Not entirely sure why it was set up this way except maybe it started to grow and additional subnets were added (and they are not all contiguous) as the population grew.  Would it help to set up a single /18 vlan instead of a vlan pool?  Or would that be too large for a single VLAN and cause other issues?  I will be opening a TAC case in a week or so after I get the other issue under control.

I am answering your posts out of sequence so I apologize.  We probably need to do debugging on the target controller for the test user to find out the sequence of events. I'm not going to bore you with detailed steps that I would take to figure this out, but in general a debug should give us some clues.

And I verified that the device IP address is not changing when roaming from one cluster to another.  IP stays the same, device shows "connected no internet", and just need to disconnect/reconnect to bring it back.  I will be opening a TAC case for this at some point soon, but I'm dealing with a more pressing issue with them and this is a low priority.  It's currently only effecting one small area of our campus where wifi coverage overlaps from one cluster to the other.  But we are expanding our outdoor wireless so this will start happening in more locations.  I appreciate all of the help!!!

They do not.  Try checking "show user-table verbose" on the target controller to make sure the vlans are the same 

I was finally able to get a change window for this.  Unfortunately it did not correct the issue.  Any chance the APs need to be re-provisioned with the VAP after making this change?  I changed the VAP but did not re-provision any APs.

You can try enabling this parameter in the Virtual AP profile:

fdb-update-on-assoc

That would send out a gratuitous ARP when a client enters the forwarding table to ensure that the switch infrastructure is updated:

fdb-update-on-assoc

Good morning all.

I have an issue that I can't seem to get to the bottom of.  High level, clients cannot roam between APs on different controller clusters.  Below are the gritty details.

Scenario - campus setup with 2 clusters (4 controllers on each cluster) geographically separate.  Each cluster has it's own management network, but the devices (WLANs) are on the same L2 network.  There are a few areas where the RF domain from APs in each cluster overlap.  This is where my issue is.  When a user is connected to an AP on Cluster A and walks to an area serviced by an AP on Cluster B, the device moves to the new AP but shows as "connected with no internet".  The IP address of the device does not change since the L2 for that WLAN is the same across both clusters so I don't think I need to (or should) enable IP Mobility (but I could be wrong there) and I don't think 802.11k would help.  The only fix for the end user is to disconnect and reconnect the wifi.

I understand that seamless roaming is only between APs in the same cluster and I'm OK if the device needs to re-authenticate (voice over IP roaming isn't a high priority in this scenario).  I just need the device to connect again automatically.

Any ideas?

Thanks!

Jeff

Don't hold your breath - Like I said this is a low priority for me at the moment LOL.  I honestly thought enabling the GARP (Gratuitous ARP) would correct it.  When looking at the controllers and airwave, I see the device roaming as it should.  But it just goes to neverneverland until it is disconnected and reconnected.  To me that's saying that the switch on the back side still has an incorrect path for the device and an ARP request should fix that.  Like you, I'm not that sure the the preserve-vlan will help because I don't see the users vlan changing, but I'm willing to try anything if it will help.

Original Message:
Sent: Jul 26, 2024 11:08 AM
From: sol_jee
Subject: Roaming between 2 clusters in 8.10.x.x

Thank you !

In my case, everything is exactly the same! except that i have a single vlan with a single pool across both the clusters. Still i do see the same behavior. So i'm not too sure if the preserve-vlan would help. Anyways i would wait for your test results. 

Original Message:
Sent: Jul 26, 2024 08:33 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

Hello sol_jee

"hi.. did you get a solution for your original problem? i'm also facing the same one, exactly the same, even with an open ssid.  It would be really helpful to know where you landed with this design of 2 clusters and roaming between them."

I did not, but I have not had a chance to try the preserve-vlan option that Colin mentioned above.  This is a very low priority for me since there is only one location where the APs connected to different clusters can overlap.  We are a college campus divided by a road right down the middle and we have a cluster on each side of the street serving half of the APs for redundancy (with capacity to fail over all APs to either cluster).  There is only one location for now that has an outdoor AP that is close enough to the street for a user to roam.  If I get a free weekend I will try the preserve-vlan option and get back to you.

Original Message:
Sent: Jul 25, 2024 04:23 PM
From: sol_jee
Subject: Roaming between 2 clusters in 8.10.x.x

hi.. did you get a solution for your original problem? i'm also facing the same one, exactly the same, even with an open ssid.  It would be really helpful to know where you landed with this design of 2 clusters and roaming between them.

Original Message:
Sent: Jun 26, 2024 09:32 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

Thanks again Colin.  No worries about answering out of order - I posted multiple times out of order so replies that way are expected (my fault).  Quick question - currently the VLAN pools are 4 subnets, each a /20 due to possible number of clients at a time.  This was done a few years ago.  Not entirely sure why it was set up this way except maybe it started to grow and additional subnets were added (and they are not all contiguous) as the population grew.  Would it help to set up a single /18 vlan instead of a vlan pool?  Or would that be too large for a single VLAN and cause other issues?  I will be opening a TAC case in a week or so after I get the other issue under control.

Original Message:
Sent: Jun 26, 2024 09:00 AM
From: cjoseph
Subject: Roaming between 2 clusters in 8.10.x.x

I am answering your posts out of sequence so I apologize.  We probably need to do debugging on the target controller for the test user to find out the sequence of events. I'm not going to bore you with detailed steps that I would take to figure this out, but in general a debug should give us some clues.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Jun 26, 2024 08:52 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

And I verified that the device IP address is not changing when roaming from one cluster to another.  IP stays the same, device shows "connected no internet", and just need to disconnect/reconnect to bring it back.  I will be opening a TAC case for this at some point soon, but I'm dealing with a more pressing issue with them and this is a low priority.  It's currently only effecting one small area of our campus where wifi coverage overlaps from one cluster to the other.  But we are expanding our outdoor wireless so this will start happening in more locations.  I appreciate all of the help!!!

Original Message:
Sent: Jun 26, 2024 07:37 AM
From: cjoseph
Subject: Roaming between 2 clusters in 8.10.x.x

They do not.  Try checking "show user-table verbose" on the target controller to make sure the vlans are the same 

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Jun 26, 2024 07:34 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

I was finally able to get a change window for this.  Unfortunately it did not correct the issue.  Any chance the APs need to be re-provisioned with the VAP after making this change?  I changed the VAP but did not re-provision any APs.

Original Message:
Sent: Jun 07, 2024 12:48 PM
From: cjoseph
Subject: Roaming between 2 clusters in 8.10.x.x

You can try enabling this parameter in the Virtual AP profile:

fdb-update-on-assoc

That would send out a gratuitous ARP when a client enters the forwarding table to ensure that the switch infrastructure is updated:

fdb-update-on-assoc

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Jun 07, 2024 08:21 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

Good morning all.

I have an issue that I can't seem to get to the bottom of.  High level, clients cannot roam between APs on different controller clusters.  Below are the gritty details.

Scenario - campus setup with 2 clusters (4 controllers on each cluster) geographically separate.  Each cluster has it's own management network, but the devices (WLANs) are on the same L2 network.  There are a few areas where the RF domain from APs in each cluster overlap.  This is where my issue is.  When a user is connected to an AP on Cluster A and walks to an area serviced by an AP on Cluster B, the device moves to the new AP but shows as "connected with no internet".  The IP address of the device does not change since the L2 for that WLAN is the same across both clusters so I don't think I need to (or should) enable IP Mobility (but I could be wrong there) and I don't think 802.11k would help.  The only fix for the end user is to disconnect and reconnect the wifi.

I understand that seamless roaming is only between APs in the same cluster and I'm OK if the device needs to re-authenticate (voice over IP roaming isn't a high priority in this scenario).  I just need the device to connect again automatically.

Any ideas?

Thanks!

Jeff

Thanks ! .. will be watching this thread :-) 

An interesting observation when i did a debug for a user; the controller is dropping packets as as its not assigned via dhcp

Yes i have enforce dhcp set on the aaa profile. Not too sure if i should take it out just to solve this use case.

Original Message:
Sent: Jul 26, 2024 11:51 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

Don't hold your breath - Like I said this is a low priority for me at the moment LOL.  I honestly thought enabling the GARP (Gratuitous ARP) would correct it.  When looking at the controllers and airwave, I see the device roaming as it should.  But it just goes to neverneverland until it is disconnected and reconnected.  To me that's saying that the switch on the back side still has an incorrect path for the device and an ARP request should fix that.  Like you, I'm not that sure the the preserve-vlan will help because I don't see the users vlan changing, but I'm willing to try anything if it will help.

Original Message:
Sent: Jul 26, 2024 11:08 AM
From: sol_jee
Subject: Roaming between 2 clusters in 8.10.x.x

Thank you !

In my case, everything is exactly the same! except that i have a single vlan with a single pool across both the clusters. Still i do see the same behavior. So i'm not too sure if the preserve-vlan would help. Anyways i would wait for your test results. 

Original Message:
Sent: Jul 26, 2024 08:33 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

Hello sol_jee

"hi.. did you get a solution for your original problem? i'm also facing the same one, exactly the same, even with an open ssid.  It would be really helpful to know where you landed with this design of 2 clusters and roaming between them."

I did not, but I have not had a chance to try the preserve-vlan option that Colin mentioned above.  This is a very low priority for me since there is only one location where the APs connected to different clusters can overlap.  We are a college campus divided by a road right down the middle and we have a cluster on each side of the street serving half of the APs for redundancy (with capacity to fail over all APs to either cluster).  There is only one location for now that has an outdoor AP that is close enough to the street for a user to roam.  If I get a free weekend I will try the preserve-vlan option and get back to you.

Original Message:
Sent: Jul 25, 2024 04:23 PM
From: sol_jee
Subject: Roaming between 2 clusters in 8.10.x.x

hi.. did you get a solution for your original problem? i'm also facing the same one, exactly the same, even with an open ssid.  It would be really helpful to know where you landed with this design of 2 clusters and roaming between them.

Original Message:
Sent: Jun 26, 2024 09:32 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

Thanks again Colin.  No worries about answering out of order - I posted multiple times out of order so replies that way are expected (my fault).  Quick question - currently the VLAN pools are 4 subnets, each a /20 due to possible number of clients at a time.  This was done a few years ago.  Not entirely sure why it was set up this way except maybe it started to grow and additional subnets were added (and they are not all contiguous) as the population grew.  Would it help to set up a single /18 vlan instead of a vlan pool?  Or would that be too large for a single VLAN and cause other issues?  I will be opening a TAC case in a week or so after I get the other issue under control.

Original Message:
Sent: Jun 26, 2024 09:00 AM
From: cjoseph
Subject: Roaming between 2 clusters in 8.10.x.x

I am answering your posts out of sequence so I apologize.  We probably need to do debugging on the target controller for the test user to find out the sequence of events. I'm not going to bore you with detailed steps that I would take to figure this out, but in general a debug should give us some clues.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Jun 26, 2024 08:52 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

And I verified that the device IP address is not changing when roaming from one cluster to another.  IP stays the same, device shows "connected no internet", and just need to disconnect/reconnect to bring it back.  I will be opening a TAC case for this at some point soon, but I'm dealing with a more pressing issue with them and this is a low priority.  It's currently only effecting one small area of our campus where wifi coverage overlaps from one cluster to the other.  But we are expanding our outdoor wireless so this will start happening in more locations.  I appreciate all of the help!!!

Original Message:
Sent: Jun 26, 2024 07:37 AM
From: cjoseph
Subject: Roaming between 2 clusters in 8.10.x.x

They do not.  Try checking "show user-table verbose" on the target controller to make sure the vlans are the same 

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Jun 26, 2024 07:34 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

I was finally able to get a change window for this.  Unfortunately it did not correct the issue.  Any chance the APs need to be re-provisioned with the VAP after making this change?  I changed the VAP but did not re-provision any APs.

Original Message:
Sent: Jun 07, 2024 12:48 PM
From: cjoseph
Subject: Roaming between 2 clusters in 8.10.x.x

You can try enabling this parameter in the Virtual AP profile:

fdb-update-on-assoc

That would send out a gratuitous ARP when a client enters the forwarding table to ensure that the switch infrastructure is updated:

fdb-update-on-assoc

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Jun 07, 2024 08:21 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

Good morning all.

I have an issue that I can't seem to get to the bottom of.  High level, clients cannot roam between APs on different controller clusters.  Below are the gritty details.

Scenario - campus setup with 2 clusters (4 controllers on each cluster) geographically separate.  Each cluster has it's own management network, but the devices (WLANs) are on the same L2 network.  There are a few areas where the RF domain from APs in each cluster overlap.  This is where my issue is.  When a user is connected to an AP on Cluster A and walks to an area serviced by an AP on Cluster B, the device moves to the new AP but shows as "connected with no internet".  The IP address of the device does not change since the L2 for that WLAN is the same across both clusters so I don't think I need to (or should) enable IP Mobility (but I could be wrong there) and I don't think 802.11k would help.  The only fix for the end user is to disconnect and reconnect the wifi.

I understand that seamless roaming is only between APs in the same cluster and I'm OK if the device needs to re-authenticate (voice over IP roaming isn't a high priority in this scenario).  I just need the device to connect again automatically.

Any ideas?

Thanks!

Jeff

Thanks ! .. will be watching this thread :-) 

An interesting observation when i did a debug for a user; the controller is dropping packets as as its not assigned via dhcp

Yes i have enforce dhcp set on the aaa profile. Not too sure if i should take it out just to solve this use case.

Original Message:
Sent: Jul 26, 2024 11:51 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

Don't hold your breath - Like I said this is a low priority for me at the moment LOL.  I honestly thought enabling the GARP (Gratuitous ARP) would correct it.  When looking at the controllers and airwave, I see the device roaming as it should.  But it just goes to neverneverland until it is disconnected and reconnected.  To me that's saying that the switch on the back side still has an incorrect path for the device and an ARP request should fix that.  Like you, I'm not that sure the the preserve-vlan will help because I don't see the users vlan changing, but I'm willing to try anything if it will help.

Original Message:
Sent: Jul 26, 2024 11:08 AM
From: sol_jee
Subject: Roaming between 2 clusters in 8.10.x.x

Thank you !

In my case, everything is exactly the same! except that i have a single vlan with a single pool across both the clusters. Still i do see the same behavior. So i'm not too sure if the preserve-vlan would help. Anyways i would wait for your test results. 

Original Message:
Sent: Jul 26, 2024 08:33 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

Hello sol_jee

"hi.. did you get a solution for your original problem? i'm also facing the same one, exactly the same, even with an open ssid.  It would be really helpful to know where you landed with this design of 2 clusters and roaming between them."

I did not, but I have not had a chance to try the preserve-vlan option that Colin mentioned above.  This is a very low priority for me since there is only one location where the APs connected to different clusters can overlap.  We are a college campus divided by a road right down the middle and we have a cluster on each side of the street serving half of the APs for redundancy (with capacity to fail over all APs to either cluster).  There is only one location for now that has an outdoor AP that is close enough to the street for a user to roam.  If I get a free weekend I will try the preserve-vlan option and get back to you.

Original Message:
Sent: Jul 25, 2024 04:23 PM
From: sol_jee
Subject: Roaming between 2 clusters in 8.10.x.x

hi.. did you get a solution for your original problem? i'm also facing the same one, exactly the same, even with an open ssid.  It would be really helpful to know where you landed with this design of 2 clusters and roaming between them.

Original Message:
Sent: Jun 26, 2024 09:32 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

Thanks again Colin.  No worries about answering out of order - I posted multiple times out of order so replies that way are expected (my fault).  Quick question - currently the VLAN pools are 4 subnets, each a /20 due to possible number of clients at a time.  This was done a few years ago.  Not entirely sure why it was set up this way except maybe it started to grow and additional subnets were added (and they are not all contiguous) as the population grew.  Would it help to set up a single /18 vlan instead of a vlan pool?  Or would that be too large for a single VLAN and cause other issues?  I will be opening a TAC case in a week or so after I get the other issue under control.

Original Message:
Sent: Jun 26, 2024 09:00 AM
From: cjoseph
Subject: Roaming between 2 clusters in 8.10.x.x

I am answering your posts out of sequence so I apologize.  We probably need to do debugging on the target controller for the test user to find out the sequence of events. I'm not going to bore you with detailed steps that I would take to figure this out, but in general a debug should give us some clues.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Jun 26, 2024 08:52 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

And I verified that the device IP address is not changing when roaming from one cluster to another.  IP stays the same, device shows "connected no internet", and just need to disconnect/reconnect to bring it back.  I will be opening a TAC case for this at some point soon, but I'm dealing with a more pressing issue with them and this is a low priority.  It's currently only effecting one small area of our campus where wifi coverage overlaps from one cluster to the other.  But we are expanding our outdoor wireless so this will start happening in more locations.  I appreciate all of the help!!!

Original Message:
Sent: Jun 26, 2024 07:37 AM
From: cjoseph
Subject: Roaming between 2 clusters in 8.10.x.x

They do not.  Try checking "show user-table verbose" on the target controller to make sure the vlans are the same 

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Jun 26, 2024 07:34 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

I was finally able to get a change window for this.  Unfortunately it did not correct the issue.  Any chance the APs need to be re-provisioned with the VAP after making this change?  I changed the VAP but did not re-provision any APs.

Original Message:
Sent: Jun 07, 2024 12:48 PM
From: cjoseph
Subject: Roaming between 2 clusters in 8.10.x.x

You can try enabling this parameter in the Virtual AP profile:

fdb-update-on-assoc

That would send out a gratuitous ARP when a client enters the forwarding table to ensure that the switch infrastructure is updated:

fdb-update-on-assoc

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Jun 07, 2024 08:21 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

Good morning all.

I have an issue that I can't seem to get to the bottom of.  High level, clients cannot roam between APs on different controller clusters.  Below are the gritty details.

Scenario - campus setup with 2 clusters (4 controllers on each cluster) geographically separate.  Each cluster has it's own management network, but the devices (WLANs) are on the same L2 network.  There are a few areas where the RF domain from APs in each cluster overlap.  This is where my issue is.  When a user is connected to an AP on Cluster A and walks to an area serviced by an AP on Cluster B, the device moves to the new AP but shows as "connected with no internet".  The IP address of the device does not change since the L2 for that WLAN is the same across both clusters so I don't think I need to (or should) enable IP Mobility (but I could be wrong there) and I don't think 802.11k would help.  The only fix for the end user is to disconnect and reconnect the wifi.

I understand that seamless roaming is only between APs in the same cluster and I'm OK if the device needs to re-authenticate (voice over IP roaming isn't a high priority in this scenario).  I just need the device to connect again automatically.

Any ideas?

Thanks!

Jeff

I would say that disabling that setting is worth trying.

I'm not aware of a sync of dhcp issued IP-mac mappings between controllers in different clusters. Roaming between clusters is something that should be avoided, and not a standard scenario.

Thanks ! .. will be watching this thread :-) 

An interesting observation when i did a debug for a user; the controller is dropping packets as as its not assigned via dhcp

Yes i have enforce dhcp set on the aaa profile. Not too sure if i should take it out just to solve this use case.

Original Message:
Sent: Jul 26, 2024 11:51 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

Don't hold your breath - Like I said this is a low priority for me at the moment LOL.  I honestly thought enabling the GARP (Gratuitous ARP) would correct it.  When looking at the controllers and airwave, I see the device roaming as it should.  But it just goes to neverneverland until it is disconnected and reconnected.  To me that's saying that the switch on the back side still has an incorrect path for the device and an ARP request should fix that.  Like you, I'm not that sure the the preserve-vlan will help because I don't see the users vlan changing, but I'm willing to try anything if it will help.

Original Message:
Sent: Jul 26, 2024 11:08 AM
From: sol_jee
Subject: Roaming between 2 clusters in 8.10.x.x

Thank you !

In my case, everything is exactly the same! except that i have a single vlan with a single pool across both the clusters. Still i do see the same behavior. So i'm not too sure if the preserve-vlan would help. Anyways i would wait for your test results. 

Original Message:
Sent: Jul 26, 2024 08:33 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

Hello sol_jee

"hi.. did you get a solution for your original problem? i'm also facing the same one, exactly the same, even with an open ssid.  It would be really helpful to know where you landed with this design of 2 clusters and roaming between them."

I did not, but I have not had a chance to try the preserve-vlan option that Colin mentioned above.  This is a very low priority for me since there is only one location where the APs connected to different clusters can overlap.  We are a college campus divided by a road right down the middle and we have a cluster on each side of the street serving half of the APs for redundancy (with capacity to fail over all APs to either cluster).  There is only one location for now that has an outdoor AP that is close enough to the street for a user to roam.  If I get a free weekend I will try the preserve-vlan option and get back to you.

Original Message:
Sent: Jul 25, 2024 04:23 PM
From: sol_jee
Subject: Roaming between 2 clusters in 8.10.x.x

hi.. did you get a solution for your original problem? i'm also facing the same one, exactly the same, even with an open ssid.  It would be really helpful to know where you landed with this design of 2 clusters and roaming between them.

Original Message:
Sent: Jun 26, 2024 09:32 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

Thanks again Colin.  No worries about answering out of order - I posted multiple times out of order so replies that way are expected (my fault).  Quick question - currently the VLAN pools are 4 subnets, each a /20 due to possible number of clients at a time.  This was done a few years ago.  Not entirely sure why it was set up this way except maybe it started to grow and additional subnets were added (and they are not all contiguous) as the population grew.  Would it help to set up a single /18 vlan instead of a vlan pool?  Or would that be too large for a single VLAN and cause other issues?  I will be opening a TAC case in a week or so after I get the other issue under control.

Original Message:
Sent: Jun 26, 2024 09:00 AM
From: cjoseph
Subject: Roaming between 2 clusters in 8.10.x.x

I am answering your posts out of sequence so I apologize.  We probably need to do debugging on the target controller for the test user to find out the sequence of events. I'm not going to bore you with detailed steps that I would take to figure this out, but in general a debug should give us some clues.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Jun 26, 2024 08:52 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

And I verified that the device IP address is not changing when roaming from one cluster to another.  IP stays the same, device shows "connected no internet", and just need to disconnect/reconnect to bring it back.  I will be opening a TAC case for this at some point soon, but I'm dealing with a more pressing issue with them and this is a low priority.  It's currently only effecting one small area of our campus where wifi coverage overlaps from one cluster to the other.  But we are expanding our outdoor wireless so this will start happening in more locations.  I appreciate all of the help!!!

Original Message:
Sent: Jun 26, 2024 07:37 AM
From: cjoseph
Subject: Roaming between 2 clusters in 8.10.x.x

They do not.  Try checking "show user-table verbose" on the target controller to make sure the vlans are the same 

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Jun 26, 2024 07:34 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

I was finally able to get a change window for this.  Unfortunately it did not correct the issue.  Any chance the APs need to be re-provisioned with the VAP after making this change?  I changed the VAP but did not re-provision any APs.

Original Message:
Sent: Jun 07, 2024 12:48 PM
From: cjoseph
Subject: Roaming between 2 clusters in 8.10.x.x

You can try enabling this parameter in the Virtual AP profile:

fdb-update-on-assoc

That would send out a gratuitous ARP when a client enters the forwarding table to ensure that the switch infrastructure is updated:

fdb-update-on-assoc

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Jun 07, 2024 08:21 AM
From: johnstonj@rowan.edu
Subject: Roaming between 2 clusters in 8.10.x.x

Good morning all.

I have an issue that I can't seem to get to the bottom of.  High level, clients cannot roam between APs on different controller clusters.  Below are the gritty details.

Scenario - campus setup with 2 clusters (4 controllers on each cluster) geographically separate.  Each cluster has it's own management network, but the devices (WLANs) are on the same L2 network.  There are a few areas where the RF domain from APs in each cluster overlap.  This is where my issue is.  When a user is connected to an AP on Cluster A and walks to an area serviced by an AP on Cluster B, the device moves to the new AP but shows as "connected with no internet".  The IP address of the device does not change since the L2 for that WLAN is the same across both clusters so I don't think I need to (or should) enable IP Mobility (but I could be wrong there) and I don't think 802.11k would help.  The only fix for the end user is to disconnect and reconnect the wifi.

I understand that seamless roaming is only between APs in the same cluster and I'm OK if the device needs to re-authenticate (voice over IP roaming isn't a high priority in this scenario).  I just need the device to connect again automatically.

Any ideas?

Thanks!

Jeff