ArubaOS and Controllers

New Contributor

Redirect to L3 Tunnel / 6.1

I am using two 3600's and following the 6.1 user guide, I created a L3 tunnel between the two controllers. I then created an ACL for the role to redirect traffic to the tunnel. I see in the controller logs that this redirection is happening as expected.

The issue I am having is I still have to have a static route to reach the subnets on the other controller. I thought this would have been taken care of with the redirect... I am sure there is a simple solution that I am missing... Any help is appreciated.

Thanks in advance for any suggestions....
Guru Elite

Re: Redirect to L3 Tunnel / 6.1

That is because a layer 3 tunnel only puts routes for the connected tunnel in the routing table. You have to create routes for anything else behind it. That is common practice.

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
New Contributor

Re: Redirect to L3 Tunnel / 6.1

Thanks for the reply..

I was attempting to use the ACL as a type of 'source based route'. I only wanted to route specific packets into the tunnel based on their source. The user guide says redirecting to the tunnel is inplace of a static route. I should not need both. I think this is true because thye static route is to the inside of the tunnel, not the other end. Redirecting the traffic to this tunnel should do the same thing.


Re: Redirect to L3 Tunnel / 6.1

Howdy Kurt,

If I'm understanding ... you have a redirect in an ACL on Controller A to pass traffic up to Controller B, but controller B needs static routes pointing to the subnets on Controller A, correct?

The ACL can handle getting traffic from local subnets on Controller A into a tunnel and routed over to Controller B, but Controller B is still going to need routing information for return traffic. There isn't a dynamic routing protocol running over the tunnel itself, and the tunnel doesn't negotiate with the other end all of the connected L3 subnets that might flow across the tunnel, each end as an autonomous endpoint must know about the others.

Make sense or am I misunderstanding the problem?

Charlie Clemmer
Aruba Customer Engineering
Aruba Employee

Re: Redirect to L3 Tunnel / 6.1

Kurt - Are you forwarding user traffic over this tunnel from an SSID? If so, what forwarding mode are you using.
Search Airheads
Showing results for 
Search instead for 
Did you mean: