ArubaOS and Controllers

Contributor I

L2 GRE Tunnels Unsustainable - Resolved

This isn't so much a question as it is a free nugget of experience in troubleshooting L2 GRE tunnels between a master/local controller. I had 1 local controller out of 19 which would not build the tunnel correctly to the master controller and I spent 2 weeks t-shooting the issue. I use L2 GRE tunnels to segment Captive Portal traffic away from my intranet/domain traffic enroute to its ultimate destination of raw internet. All guest data traverses said tunnel. The problematic local controller would not sustain a tunnel connection to the master and I eventually stumbled upon the culprit, that being, the tunnel addressing configuration for specifying the tunnel destination MUST match the MASTERIP and LOCALIP ipsec address configured locally on each respective controller. Each controller typically uses its loopback address for "tunnel source" and the address specified for "tunnel destination" has to mirror the masterip or localip ipsec address configured on said controller. I had mistakenly config'ed the actual uplink interface address of the master instead of its loopback. Once I changed the address on the local controller to reflect the master's loopback, the tunnel began passing bidirectional traffic. Note such a change does require you to reboot your local box.

Don't ask me how I whittled this down to being the issue, just keep in mind that even a blind squirrel possesses the ability to stumble upon an acorn every once in a while....unless he stumbles upon the cat first.....:cool:

Hope this helps anyone who might be experiencing a similar problem!
Search Airheads
Showing results for 
Search instead for 
Did you mean: