Controllerless Networks

Reply
Occasional Contributor II

Re: L2 Mobility in Instant AP (IAP) clusters


@DL8606 wrote:

Hi Joseph,

 

Yes. Client will be getting the same IP address. Same SSID.

 

Situation is we have 3 connected Block, block A -> C. Each Block has around 80 - 100 APs. 3 x VC in 3 different IP subnet. Client IP remains the same if they roam from Block A to Block B or C. 

 

Is there any fine tuning can be done for this? Thanks 


This is also my senario with 2 Block's we have 2 connected Block, block A B. Each Block has around 80 - 100 APs. 2 x VC in 2 different IP subnet same client vlan and the client vlan (/21 with broadcast filtering ) pass everywhere through trunk ports as they have common core switches.

Is there any document or suggestion if this is correct  and how can we have seamless L2 roaming ?

Thank you

Guru Elite

Re: L2 Mobility in Instant AP (IAP) clusters

Typically you would enable layer 3 mobility when roaming between two clusters:  https://www.arubanetworks.com/techdocs/Instant_423_WebHelp/InstantWebHelp.htm#UG_files/L3_mobility/Overview.htm?Highlight=layer%203

 

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: L2 Mobility in Instant AP (IAP) clusters


@cjoseph wrote:

Typically you would enable layer 3 mobility when roaming between two clusters:  https://www.arubanetworks.com/techdocs/Instant_423_WebHelp/InstantWebHelp.htm#UG_files/L3_mobility/Overview.htm?Highlight=layer%203

 

 


So we can not have the same client vlan with central DHCP server in 2 clusters ? We need to have different client and managment vlan per cluster ? 

Guru Elite

Re: L2 Mobility in Instant AP (IAP) clusters

The problem is that firewall sessions are only synched between Instant APs in the same cluster.  If a client roams to a different cluster, even if that client is on the same layer 2 network, the firewall sessions are not synchronized.  It would be like the client's sessions are starting over.

 

You would have to configure layer 3 roaming between the two clusters for the firewall sessions to be synchronized.  I honestly have never done it where the layer 2 network is the same for both clusters.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: L2 Mobility in Instant AP (IAP) clusters

Hi,

 

If we dont want to use any firewall feature from the VC's as we have central firewall and all the policies and gateways are there  L2 mobility working ? Do you have any reference with that ?

 

Thank you.

Highlighted
Guru Elite

Re: L2 Mobility in Instant AP (IAP) clusters

I don't have any experience with that.  You should try to see if that makes a difference.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: