Wireless Access

Currently have master 3400 series controller running 6.4.3.6-FIPS and have acquired a new 7010 controller running 8.2.2.5-FIPS. I'm decommissioning the 3400 and bringing up the 7010 as a replacement.The APs are provisioned via DHCP and a DNS host set to aruba-master presumably points the APs to the current controller.

My question: If I change the DNS record to point to the new controller, will the APs transition over seemlessly? Or will they need rebooted at the very least or possibly reset? Or will this not even work?

Thanks for the help!

Assuming you have already staged the 7010 with the configuration and have tested it on a single AP to ensure everything works as you expect. This means that AP groups on the old and new exactly match (otherwise you will have to re-provision all the APs into the new groups on the 7010), that the config is using the same RADIUS server and that the new controller IP(s) are added as RADIUS clients, any SSL or server certs you may have on the 3400 have been created and installed on the new 7010, etc. 

When you change the DHCP and/or DNS to point the APs at the new controller, the APs will have to be rebooted. When they reboot, they will get the new controller IP and terminate on your 7010. If you have CPSec enabled, you will either need to enable auto-provision in CPSec to let the APs automatically pull the new controller cert for the whitelist. If you DON'T enable auto-prov is CPSec, you will need to manually approve each AP to pull the controller cert. Then the APs will reboot again (after the new certs for CPSec are pulled). 

DOUBLE-CHECK that NONE of your APs have any static variable provisioned. If you leave up the old contorller, you will know right away, since any rebooted APs will come back to the old contorller. 

But all this hinges on the first paragraph, that you replicated groups exactly, that the new 7010 config is good, tested, and validated, that all RADIUS settings have been updated accordingly, etc.

Thank your for the quick response.

How would you recommend testing this on a single AP if both controllers are on the same network?

You could log in to one of the APs you want to test, statically set the controller IP and TFTP IP to the new controller (this tells the AP which controller to go to, which is written in the flash of the AP) and reboot it to test. Just don't forget once the DHCP/DNS change is made, to take that out and tell it to use network discovery again :)