Controllerless Networks

Hello to everyone. I have two AP together in the same group (same configuration, same virtual controller). If I unplug the "master" - the AP that manage the VC web interface - the other AP does not take in charge the virtual controller role.
I've tried both selecting and/or not the "preferred master" option. Simply if I unplug the master AP the virtual controller becomes unreachable. The Aruba OS version is the 6.5.4.3.

Is it normal or is this an issue?

Did you set  virtual controller ip address?  That is a separate high availability address that is assumed by the current master. 

Hi CJoseph :)

Yes, during the configuration I've set the VC IP - and after the down of the "master" AP this IP does not more respond.

SSH into the AP that should be up and type "show log system" to see what is going on.

Here I am.

Using ssh on the survived AP I can see the election of the new master, but I'm unable to access to the VC using the web UI at the VC IP address.

In this test I used 3 AP, following you can see the log from the new master and the slave one:

Jan 1 08:19:17 KERNEL(- IP ADDRESS - .221): [ 1170.547199] (08:19:17) !!! Pot-Master ---> Master
Jan 1 08:19:17 cli[2613]: <341135> <WARN> |AP - IP ADDRESS - .224 cli| Master Changed - new 127.0.0.1 old - IP ADDRESS - .225 current swarm state 3.
Jan 1 08:19:18 cli[2613]: <341004> <WARN> |AP - IP ADDRESS - .224 cli| Received NTP alert trigger - status is failure, retry - 216, DTLS state - 0
Jan 1 08:19:18 cli[2613]: <341135> <WARN> |AP - IP ADDRESS - .224 cli| Master Changed - new 127.0.0.1 old - IP ADDRESS - .225 current swarm state 1.
Jan 1 08:19:18 cli[2613]: <341004> <WARN> |AP - IP ADDRESS - .224 cli| Swarm State Change from Found to Image-ok
Jan 1 08:19:23 cli[2613]: <341194> <WARN> |AP - IP ADDRESS - .224 cli| Loading configuration, func swarm_timer_handler, line 11596.
Jan 1 08:19:23 cli[2613]: <341101> <WARN> |AP - IP ADDRESS - .224 cli| Execute command-configure terminal.
Jan 1 08:19:24 cli[2613]: <341004> <WARN> |AP - IP ADDRESS - .224 cli| Do CLI wlan factory
Jan 1 08:19:24 cli[2613]: <341004> <WARN> |AP - IP ADDRESS - .224 cli| Swarm State Change from Image-ok to Complete
Jan 1 08:19:26 cli[2613]: <341097> <WARN> |AP - IP ADDRESS - .224 cli| recv_image_check: mac-xx.xx.xx.xx.xx.xx, version-6.5.4.3-6.5.4.3_61959, ccode_idx-255.
Jan 1 08:19:26 cli[2613]: <341165> <WARN> |AP - IP ADDRESS - .224 cli| send image match to - IP ADDRESS - .222.
Jan 1 08:19:31 cli[2613]: <341254> <WARN> |AP - IP ADDRESS - .224 cli| VC add delta configuration id 2 to msg CLI_CONFIG_INIT.
Jan 1 08:19:31 cli[2613]: <341199> <WARN> |AP - IP ADDRESS - .224 cli| send_config_init: send config to slave - IP ADDRESS - .222, csum 5353, using url 0, auto save disable 0.
Jan 1 08:19:37 cli[2613]: <341004> <WARN> |AP - IP ADDRESS - .224 cli| provision try.

Jan 1 08:48:27 cli[4753]: <341135> <WARN> |AP - IP ADDRESS - .222 cli| Master Changed - new - IP ADDRESS - .224 old - IP ADDRESS - .225 current swarm state 3.
Jan 1 08:48:28 cli[4753]: <341135> <WARN> |AP - IP ADDRESS - .222 cli| Master Changed - new - IP ADDRESS - .224 old - IP ADDRESS - .225 current swarm state 1.
Jan 1 08:48:29 cli[4753]: <341004> <WARN> |AP - IP ADDRESS - .222 cli| Received NTP alert trigger - status is failure, retry - 541, DTLS state - 0
Jan 1 08:48:30 cli[4753]: <341135> <WARN> |AP - IP ADDRESS - .222 cli| Master Changed - new - IP ADDRESS - .224 old - IP ADDRESS - .225 current swarm state 1.
Jan 1 08:48:30 cli[4753]: <341004> <WARN> |AP - IP ADDRESS - .222 cli| Swarm State Change from Found to Image_ok
Jan 1 08:48:34 cli[4753]: <341004> <WARN> |AP - IP ADDRESS - .222 cli| Received NTP alert trigger - status is failure, retry - 542, DTLS state - 0
Jan 1 08:48:35 cli[4753]: <341004> <WARN> |AP - IP ADDRESS - .222 cli| restart dhcp helper and dnsmasq!!!
Jan 1 08:48:35 cli[4753]: <341004> <WARN> |AP - IP ADDRESS - .222 cli| recv_config_init: config isn't changed; skip config and change to sync complete
Jan 1 08:48:39 cli[4753]: <341004> <WARN> |AP - IP ADDRESS - .222 cli| Received NTP alert trigger - status is failure, retry - 543, DTLS state - 0

From the logs, it also looks like you have no connectivity with the outside world for ntp to sync, and that could cause issues.  Is there a way to fix that and try again?

Usually when I work with this "wifi kit" (1 switch and 2 or more AP) I set a standard configuration working "offline" - see the image below:

Ok,

On the failover test that you did before, on the new master can you see the other access point(s) by typing "show aps"?

Can you also do a pcap with wireshark from your laptop when you try to ping the virtual-ip address to see what is being returned?

After shut down the "old" master, on the "new" master I can see only 1 AP (the master itself). 

From the "new" master I can ping with success the VC IP, from my computer (see the previous schema) no.

I'm not great with Wireshark, what I can see when I start a ping from my computer to the VC IP is a trace from my laptop to the "new" master AP.

The question is, does your windows computer have the ARP entry for the Virtual ip?

arp -a

No.

I'm thinking to open a ticket in Aruba Support...

Thank you CJoseph :)