Wired Intelligent Edge (Campus Switching and Routing)

This community is currently in a read-only state due to a maintenance window. For more info click here
Reply
Highlighted
Aruba Employee

Dynamic Segmentation -Tunned-node-serve state issue

Hello ,

 

I had been watching Dynamic segmentation series on Aruba channel and trying to implement it on LAB. 

It seems i am unable to establish the tunnel to the controller. ( I am using port-base tunnel method as of now ).

 

This how the swich port configurations look like:

 

(Vlan 888 is the non-routed Vlan that the video seems to suggest that i should create on the switchports)

 

Port going to the desktop :

 

interface 1/2
name "PORT-BASED"
tunneled-node-server
untagged vlan 888
exit

 

Port going to the mobility controller :

interface 1/5
name "ToMc1"
tagged vlan 888,2048
exit

 

I can see debug logs that says tunnel is online. 

 

I 11/11/19 09:02:29 05187 tunneled-node: ST1-CMDR: Tunneled Node: Tunnel
TunneledNodeTnl02 (318767757) deleted.
I 11/11/19 09:02:42 05183 tunneled-node: ST1-CMDR: Using server 10.76.134.228
I 11/11/19 09:02:42 05186 tunneled-node: ST1-CMDR: Tunneled Node: Tunnel
TunneledNodeTnl02 (318767757) created.
I 11/11/19 09:02:42 05185 tunneled-node: ST1-CMDR: Tunneled Node: Tunnel
TunneledNodeTnl02 (318767757) is on-line.

 

However the command, show "tunneled-node-server state" seems to suggest that the tunnel is still in progress . 

 

Tunneled Node Port State

Active Controller IP Address : 10.76.134.228

Port State
------ -------------------------
1/2 In Progress

 

Anyone has any ideas , what am i missing here ?

 

Thanks,

Rahul Nair.

 

 


Accepted Solutions
Highlighted
Aruba Employee

Re: Dynamic Segmentation -Tunned-node-serve state issue

It turns out, that the issue was indeed with the licensing. 

Apparently each switch also consumes an RFP license along with an AP license.

The tunnel seemed to come up as soon as the RFP license was installed.

View solution in original post

Highlighted

Re: Dynamic Segmentation -Tunned-node-serve state issue

We didn't have any RFP licenses but only AP and PEF. Aruba TAP clicked around our Mobility Master and I think disabled and enabled the RFP part or something like that. Now the dynamic segmentation works without RFP licenses for us.

View solution in original post


All Replies
Highlighted

Re: Dynamic Segmentation -Tunned-node-serve state issue

Are you able to ping the controller?

Any firewall in between?



- - - - Aruba ACEX #105 (ACCX, ACDX, ACMX, ACSP, ACEAP | HPE Master ASE - - - -

- - - - - - - Feel free to give kudos or accept as a solution! - - - - - - - - -
Highlighted
Aruba Employee

Re: Dynamic Segmentation -Tunned-node-serve state issue

Hi Fabian,

 

No there is no FW in between. It is a lab environment. 

 

And yes i am able to ping the MC. 

 

Aruba-Stack-2930M# ping 10.76.134.228
10.76.134.228 is alive, time = 1 ms

 

 BTW i can see some logs on the MC whichs says :

Nov 11 19:57:31 stm[3716]: <304022> <3716> <WARN> |stm| mux_bootstrap_request: dropped for license key enforcement
Nov 11 19:58:34 stm[3716]: <304022> <3716> <WARN> |stm| mux_bootstrap_request: dropped for license key enforcement
Nov 11 19:59:44 stm[3716]: <304022> <3716> <WARN> |stm| mux_bootstrap_request: dropped for license key enforcement

 

I have enough AP licenses installed on the MC. Still no luck.

Highlighted
Aruba Employee

Re: Dynamic Segmentation -Tunned-node-serve state issue

Installed AP licenses, PEF license and ACR licenses as well - just in case to be sure its not anything with licensing, but still no luck. 

 

The controller is still generating the same warning logs.

Highlighted
Aruba Employee

Re: Dynamic Segmentation -Tunned-node-serve state issue

It turns out, that the issue was indeed with the licensing. 

Apparently each switch also consumes an RFP license along with an AP license.

The tunnel seemed to come up as soon as the RFP license was installed.

View solution in original post

Highlighted
MVP Guru Elite

Re: Dynamic Segmentation -Tunned-node-serve state issue

Yes, it is "documented"...



PowerArubaSW: Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP... More info

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...) More info

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)

PowerArubaIAP: Powershell Module to use Aruba Instant AP

PowerArubaMC: Powershell Module to use Mobility Controller / Master


ACMP 6.4 / ACMX #107 / ACCP 6.5 / ACSP
Highlighted

Re: Dynamic Segmentation -Tunned-node-serve state issue

We didn't have any RFP licenses but only AP and PEF. Aruba TAP clicked around our Mobility Master and I think disabled and enabled the RFP part or something like that. Now the dynamic segmentation works without RFP licenses for us.

View solution in original post

Highlighted
MVP Guru Elite

Re: Dynamic Segmentation -Tunned-node-serve state issue

Yes don't need RFP for work

 

but if you have AP and use RFP licence, you need RFP licence for switch too...



PowerArubaSW: Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP... More info

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...) More info

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)

PowerArubaIAP: Powershell Module to use Aruba Instant AP

PowerArubaMC: Powershell Module to use Mobility Controller / Master


ACMP 6.4 / ACMX #107 / ACCP 6.5 / ACSP
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: