Introduction- Instead of installing licenses on individual controllers, licenses can be pooled and shared among two or more controllers. This eliminates tedious capacity planning, and eliminates the need for customers to buy extra licenses just for failover purposes. This is the purpose of Centralized licensing.
Feature Notes- VRRP has to be enabled between the license server and standby license server by the user. The license server will own the configured virtual IP address for the VRRP instance. When the license server becomes unavailable, the standby license server steps in as the license server and takes ownership of the virtual IP address. The two controllers acting as license server and standby license server need to be connected on the same broadcast domain (or Layer-2 connected) for VRRP operation. The master and standby license server should be running the same AOS version. The controllers will use the VRIP of the license server to communicate with it. This way all the controllers requesting licenses will talk to the controller currently acting as a license server.
Network Topology- Master/Local individual clusters with the master acting as the licensing server - where the master will serve as the license server. The standby master will serve as the standby license server. There will be no support for a redundant license server in a topology with a single master. In a network with multiple master-local setups, each master will serve as the license server for its locals. License information will not be shared between those masters in such a topology. Local controllers cannot be a "license server".
All masters with one of the controllers acting as the designated licensing server - The customer will need to designate one of the masters as the license server. Another of the controllers can be designated as the standby license server.
Configuration Steps- (config) # license profile
(License provisioning profile) #centralized-licensing-enable
## The following command can be used to specify the license server IP on the license client
(config)#License server-ip <ip>
## The following command can be used to specify the VRID and peer IP address for the standby license server.
(config)#License server-redundancy
(license-server-redundancy)#License-vrrp <vrId>
(license-server-redundancy)#Peer-ip-address <ip>
Answer- (Master-6.4.3-Beta-Abilash) # show license aggregate
Aggregate License Table
-----------------------
Hostname IP Address AP PEF RF Protect xSec Module ACR Last update (secs. ago)
-------- ---------- --- --- ---------- ----------- --- -----------------------
10.17.164.231 0 0 0 0 0 17
Aruba7240 10.17.164.232 1024 0 0 0 0 30
Master-6.4.3-Beta-Abilash 10.17.164.230 1024 1024 1024 0 1024 8
Total AP License Count :2048
Total PEF License Count :1024
Total RF Protect License Count :1024
Total XSEC License Count :0
Total ACR License Count :1024
(Master-6.4.3-Beta-Abilash) #
In this output it can be seen that both master and local are contributing to the AP license pool 1024 + 1024 = 2048.
Verification- (Master-6.4.3-Beta-Abilash) #show license-usage ap
AP Licenses
-----------
Type Number
---- ------
AP Licenses 2048
RF Protect Licenses 1024
PEF Licenses 1024
Overall AP License Limit 1024
Troubleshooting- (Master-6.4.3-Beta-Abilash) #show license server-table
License Server Table
--------------------
Service Type Aggregate Lic. Used Lic. Remaining Lic.
------------ -------------- --------- --------------
Access Points 2048 1 2047
Next Generation Policy Enforcement Firewall Module 1024 1 1023
RF Protect 1024 1 1023
xSec Module 0 0 0
Advanced Cryptography 1024 0 1024
(Master-6.4.3-Beta-Abilash) #