Introduction- Generally, in an outdoor mesh deployment, We configure two MeshOS units by giving physical IP in order to pass traffic and for routing to take proper effect.
We configure the MSR devices, so that the client machines ( wired or wireless ) connected behind these units are able to communicate using the L3 interfaces configured.
Once this is set up and the dot11 radio settings is configured properly, we see the link between the two MSR's establishes fine.
Local end:
Radio 1 Wireless mode:na, Wireless channel:100
Link 0: Peer hostname: zhiyuan-6,
Peer radio index: 1, Peer MAC: 00:17:7b:2c:f7:41,
Local role: ap, Local interface name: dot11radio 1/wds 0,
Local IP: 8.184.13.77, Peer IP: 8.184.13.78,
Link state: physical up, Physical up time: 0:1:55,
Link quality: 50%, Data rate: 130M, RSSI: 29, SNR: 29,
Input rate: 36.83 Kbps, Output rate: 10.55 Kbps.
Remote end:
Radio 0 Wireless mode:na, Wireless channel:100
Link 1: Peer hostname: zhiyuan-5,
Peer radio index: 1, Peer MAC: 00:17:7b:00:0b:96,
Local role: ap, Local interface name: dot11radio 1/wds 0,
Local IP: 8.184.13.78, Peer IP: 8.184.13.77,
Link state: physical up, Physical up time: 0:1:55,
Link quality: 60%, Data rate: 130M, RSSI: 41, SNR: 41,
Input rate: 32.87 Kbps, Output rate: 4.75 Kbps.
Environment- Sometimes due to some mis-configuration or loop, we might notice that the VLANs on / behind these MSR units are not accessible. So the device sitting on the remote end will be inaccessible.
Network Topology- PC--- MSR ----------------------------MSR---PC
Configuration Steps- (zhiyuan-6)> enable
(zhiyuan-6)> ssh 8.184.13.78
Host '8.184.13.78' is not in the trusted hosts file.
(fingerprint md5 9e:fd:e2:29:59:8e:5d:7b:24:88:41:24:0e:0f:51:21)
Do you want to continue connecting? (y/n) y
root@8.184.13.78's password:
Hello, Welcome to Aruba CLI
(zhiyuan-5)>
Answer- In such situation where we are unable to access remote end, we have an option by which we can take control of this remote site.
When the RF link between these two MSR's is properly established, it automatically generate a totally random pair of IP. These IP address which are auto-generated, changes every time when a new link is established.
On the local end, if we type "show rf-management link" command, it will show its own auto-generated IP as "Local IP" and neighbor's (remote end) as "Peer IP".
Now, this Peer IP could be pingable and accessible from local end. So, we can easily ssh from this local device, typing in the Peer IP and access the remote end , without actually requiring the VLAN interface to be up.
Verification- Once we SSH to the Peer IP , we can notice, that we are logged in to the peer device's command line.