What is a master cluster and how is it configured in ArubaOS 5.0?

Aruba Employee
Aruba Employee

Product and Software: This article applies to all Aruba controllers and ArubaOS 5.0 or later.




The master cluster feature is introduced in ArubaOS 5.0. With this feature, independent masters are grouped into cluster, and their databases (whitelist, keys, and certificates) are synced periodically. This feature allows a valid AP to move freely from one master controller domain to another and still connect securely using the same certificate.






One master controller is configured as cluster root with a self-signed certificate. All other master controllers act as cluster members certified by the cluster root, which in turn certifies the local controllers. The trust anchor for all the APs in the cluster is the cluster root. Cluster root and cluster members communication are secured by PSK.


On the cluster root master:


#cluster-member-ip <ip address> IPsec <psk>



Turns cluster mode on and configures a master controller as cluster ROOT.


  •  Specify IP address of cluster MEMBER controller. Can have multiple IP address entries.
  •  If all entries for cluster members are removed, the cluster role becomes NONE.

On the cluster member master:


#cluster-root-ip <ip address> IPsec <psk> vlan <id>


  •  Turns cluster mode on and configures a master controller as cluster MEMBER.
  •  Can specify only one cluster root IP address. If entry is removed, the cluster role becomes NONE.

(cluster-root) #show cluster-config


Cluster Role

------------ Root ---- Cluster IPsec Controllers -------------------------- Switch IP address of Cluster-Members Key ------------------------------------ --- ********


(cluster-root) #show cluster-switches


SWITCH-IP CLUSTER-ROLE ----------------------------- MEMBER


(cluster-mem) #show cluster-config


Cluster Role
Cluster IPsec Controllers
IP address of the Cluster-Root Key
------------------------------ --- ********



(cluster-mem) #show cluster-switches


----------------------------- ROOT



Version history
Revision #:
1 of 1
Last update:
‎07-02-2014 06:39 AM
Updated by:
Labels (1)
Search Airheads
Showing results for 
Search instead for 
Did you mean: