Wired Intelligent Edge

last person joined: yesterday 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Back to discussions
Expand all | Collapse all

Aruba 3810 configuration problem ?

This thread has been viewed 2 times

  • 1.  Aruba 3810 configuration problem ?

    Posted Mar 22, 2017 04:21 AM
      |   view attached

    Hi,

     

    We have been looking up Aruba 3810 (16.03.0003) open flow features and we haven't found out a configuration solution for this test case.

    This is the setup of the network operating center who wants to have 1..n customer sites in near future.

    1) Customer has 1 public IP address block 123.11.2.0/24, for their site
    2) Aruba 3810 is on customer premises, installed so that the servers connecting to the switch have also public ip's from same 123.11.2.0 address block i.e vlan 345 (gateway 123.11.2.1)
    3) HP VAN SDN controller is in network operating center on site B having a public ip from another public IP address block 88.100.100.88
    4) On the Aruba 3810, the controller vlan 603 has public ip address from 123.11.2.10 address block , so that the HP VAN SDN controller can be connect to it
    5) Only one physical cable is allowed to be used between edge device and Aruba 3810 switch

     

    So the question is: how to configure Aruba 3810 so that the setup works?

     

    Is the only solution to use subnets of 123.11.20.0/24 address block?

     



  • 2.  RE: Aruba 3810 configuration problem ?
    Best Answer

    EMPLOYEE
    Posted Mar 29, 2017 04:13 AM
      |   view attached

    Hello,

     

    The SDN Controller has to be on a different subnet as the member vlans. There are valid reasons to separate the controller traffic from the data. It is common practice to have a separate control plane and dataplane. This ensures that data plane performance does not interfere with control traffic. In addition, also consider the security risks. Users of that VLAN can access the controller as well because control plane and dataplane are on the same VLAN.

    This means that you have to create a VLAN for data traffic and a VLAN for control traffic. From the drawing I can see that you have a class C network, so what you can do is split up the class C. You can use a /30 on the controller VLAN and a /25 on the data VLAN. This means that you will lose 50% of your addressing space. You can potentially solve this by adding IP addresses with /26  /27 /28 /29 /30. You will still lose some IP addresses though for network/broadcast and IP address assignment to the switches of these subnets (lose 28 IP addresses). You also have to consider the additional routing for the added subnets.



  • 3.  RE: Aruba 3810 configuration problem ?

    Posted Mar 29, 2017 07:57 AM

    Hello,

     

    Yes, we know that there is a need to separtate the controller traffic from the data.

     

    Based on the documentation we also end up into same conclusion that there needs to be two separated networks as you have also drawn. The amount of product documentation is so high that it's quite easy to miss some configuration options.