Some best practices for managing an Aruba Switch in Airwave
04-24-2018 07:50 AM
As you can have maximum of one template in Airwave for every Switch model, how to manage switches of the same/different models but with different port numbers in Airwave? The 2930F for instance comes in 8, 24 and 48 ports variants.
There can be 3 different ways on doing this:
Use different Groups for different port numbers
So maybe you have 24 and 48 ports of the 2930F. Therefore you would have 2 groups for every variant.
Even if you perform ZTP using DHCP all switches will get in one group and get one template pushed (if automatic authorization is set to R/W). This Template will include configuration for 24-port switch.
At a later step you would move the switch to another group for 48-port switch.
Use one Group with partial configuration
As the method before, your ZTP group will contain a template for 24-port switch. But instead of moving a switch to another group, you would here go to partial configuration and run a configuration snippet (you may have saved separately) that only contains configuration that only apply to a 48-port switch.
Set then this configuration as baseline.
Use one Group with variables
This method is intended when you don’t want to have any manual action on Airwave and the 24 and 48 port switch gets its config automatically. That’s being said, you need to be familiar with template variables, if not please have a look at Airwave user guide.
There are 3 useful variables when it comes to port numbers on switches
- num_of_a_port: count of number of interfaces starting with letter A. Example: if device has A1, A2
- num_of_b_port: count of number of interfaces starting with letter B. Example: if device has B1, B2
- num_of_normal_port: Count of ports except A ports and B ports and OOBM ports
So the configuration for VLAN10 in a template will look like this
no ip address
You can of course optimize the configuration and say that the template contains 24-port config and the if statement writes only what is related to 48-porrt config.
So the config for VLAN10 will look like
no ip address
If you are using port access on all ports except port 1. So the template will include
aaa port-access authenticator 2
aaa port-access authenticator 3
aaa port-access authenticator 24
aaa port-access authenticator 25
aaa port-access authenticator 48
Note: if you execute the command aaa port-access authenticator 2-24. The switch will write in the config the command explicitly for every port. So you will end up having a mismatch.
Note: pushing config for 48-port switch on a 24-port one might cause some issues. Therefor please review your template carefully and test before applying on live switches.
- The template should only contain configuration that apply to all switches. Don’t use the template for tagging/untagging vlans on ports (unless you have uplink ports that apply for all switches).
- For tagging/untagging vlans use partial configuration and set the new config as a baseline.
- Always use Switch Firmware 16.05+ and Airwave 8.2.6+. After these versions, the switch must not reboot after making a change in the template.