Aruba Solution Exchange

 View Only
last person joined: one year ago 

Configuration made simple through intelligent wizards
Back to Library

AOS-Switch: Tunneled node configuration 

Dec 07, 2016 03:43 PM

Q:

How to configure AOS-switchport to be handled by an associated Aruba Mobility Controller?

ASE Link:  Go to the solution



A:

Summary

This solution will configure the tunneled node feature on an ArubaOS-Switch device, allowing traffic on a switch port to be handled by an associated Aruba Mobility Controller.

Minimum Software Version Required

This feature requires ArubaOS-Switch 16.02 or later, running on a 2920, 2930F, 3800, 3810, or 5400R switch.

Configuration Notes

This solution first enables the global tunneled-node-server feature. Next, it configures the global tunneled node server IP address where the Aruba Mobility Controller resides (and, optionally, a backup controller IP address) as well as an optional keep-alive timer.  Finally, the tunneled node feature is enabled on the specified interfaces.

Here are some things to keep in mind when configuring this feature:

  • It is recommended to use a dedicated VLAN for tunneled node ports
  • The ports' VLAN ID must exist on the Aruba Mobility Controller
  • The VLAN must not have an IP address configured on the switch
  • Jumbo frames should be enabled on the tunneled node VLAN on every device in the tunnel path with a minimum supported MTU of 1584 bytes
  • Devices in the same VLAN in non-tunneled node ports cannot reach devices on tunneled node ports, even on the same local switch
  • MAC addresses of devices on the tunneled node ports will not be listed in switch MAC tables

There are a number of features that cannot be enabled when the tunneled node feature is in use, listed below:

Global:

  • QinQ
  • Meshing
  • Distributed trunk
  • IPv4 multicast routing
  • OpenFlow
  • VXLAN

VLAN used for tunneled-node ports:

  • IP addressing (manual & DHCP)
  • DHCP Snooping (IPv4 & IPv6)
  • ARP Protect

Tunneled node ports:

  • Dynamic IP lockdown (IPv4 and IPv6)
  • IPv6 RA Guard
  • MACSec
  • Link aggregation
  • AAA (802.1X/MAC Auth/Web Auth/Local MAC Auth/Port Sec)

Licenses

For switches, none required. For mobility controllers, standard license requirements apply.

References

  1. ArubaOS-Switch Management and Configuration Guide K/KA/KB.16.02 (Chapter 26)

Statistics
0 Favorited
22 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.