Wireless Access

Reply
Occasional Contributor II

AOS 8.x - MD Auto-rollback Config rollback feature

Wondering if someone can help me with "Bad configuration recovery" section that I found in Aruba 8.3 documentation.

 

Detail of the feature in the documentation:

Aruba OS 8.3 Guide

 

The document describes the feature for the MD to rollback to a last known configuration if the config pushed by the MM has caused it to lose connectivity to the MM.

 

As part of our AOS 8 go live I'm testing this in our lab;

- MM/MD connected and IPSec connection active using single uplink from MD

- MM pushes configuration to MD to setup LACP

- MD accepts configuration and sets up LACP

- MD loses connection to MM since uplink is not setup for LACP (yet)

 

I have waited about 30 minutes for the MD to restore itself but it hasn't ?

In the logs I get the following:

Jun 21 03:52:17 cfgm[3474]: <399816> <3474> <ERRS> |cfgm| handle_read: State(READY:CONFIG PROPAGATION:CFGID-118:PEND-118:INITCFGID:0) FD=27:Failure receiving heartbeat response header information Result=-1 Err=Connection timed out
Jun 21 03:52:17 cfgm[3474]: <399838> <3474> <WARN> |cfgm| LmsHeartBeatResultAction: State(READY:CONFIG PROPAGATION:CFGID-118:PEND-118:INITCFGID:0) FD=27:Cannot heartbeat with the master.

 

Questions:

- Do we need to turn on this auto-rollback feature ? (could not find anything on that)

- Is rollback taking longer than 30 minutes ? If so can we configure this to be shorter ?

 

Wondering why my MM/MD is not auto-recovering itself. Btw running code 8.3.0.7 on both MD/MD.

 

Occasional Contributor II

Re: AOS 8.x - MD Auto-rollback Config rollback feature

It's been 12 hours and no auto-rollback happened. I've restored manually (through setting the other side to LACP). 

 

I've now shut down the single uplink port through the MM on the MD and have waited 90 minutes to restore, which it hasn't.

 

I think it is likely more a case for TAC/Engineering but was hoping anyone here would have some experience. 

Highlighted
Guru Elite

Re: AOS 8.x - MD Auto-rollback Config rollback feature

Turn on logging for configmgr on that MD and see what is ocurring:

 

config t

logging system process cfgm level debugging

 

 

"show log system 50" on the MD


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: AOS 8.x - MD Auto-rollback Config rollback feature

Thanks - that helped me figure out what was going.

 

I was expecting the MM to revert the configuration but the config rollback happens on the MD only.

 

And since I didn't change the bad config on the MM, I was stuck in rollback / config propagation loop between MD recovering from the bad config and then having the MM pushing the bad config again once the tunnel came up.

 

This also explains the use of "Disaster-recovery" mode better where you set it to ignore the config pushed from the MM until you can fix it.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: