Wireless Access

Hello fellow Airheads,

We currently have a 3600 controller that is doing the dual duty of serving as a master controller for our district wireless network, and acting as a local controller for the APs at our district office (not the best practice, I know).  We are in the process of acquiring a second 3600 controller.  The new controller will have just 1 AP license, 1 PEF license, and 1 RFProtect license, and it will become the new master controller.  The existing 3600 will act as a local controller for the APs at the District Office to terminate on.

What would, in your opinion, be the best way to accomplish the following:

• Make the new controller a master
• Reconfigure the existing master as a local
• Have the new master assume the same IP that the old master had
• Give the old master a different IP

I was thinking of the following steps, but wasn't sure if they would work as expected:

• Hook up new master with a temporary IP
• Back up flash on old master
• Restore flash onto new master, but don't reboot yet (saw this on another thread about replacing an M3 with a 3600)
• Install licenses
• Change IP on old master
• Reboot new master

Would the above be the correct procedure, and would restoring the flash also keep my Plan data intact?

Thanks!

Is there a reason why you didn't opt for full redundancy?

personally, I would keep the master controller as is and add the local controller and then change the system profile to point the APs to the new local.

Or you could split the APs between the two for more resilience, as Colin suggested.

As Colin said, the best way to do this would be full master redundancy (add the new controller as a backup master and run VRRP between them).  That way, if the primary failed, the other controller could take over.

This would require equal licensing on both controllers, however (at least until centralized licensing is available).

The second procedure you mentioned is probably your best bet if you can't do master/master.  The first procedure wouldn't move your floormaps and plan data to the new controller.  Restoring flash will move that data (and all the other anciallary databases).

If their school district budgeting office is anything like our:; purchasing hardware is fairly easy, but purchasing licensing can get messy. And when you're trying to stretch the budget for every AP you can, purchasing licenses to sit idle 99.999% of the time is hard to justify.

Jbranton,

Understand fully.  The user who opened this thread should also contact his local Aruba sales team, so that he can fully understand his options and get one that fits both technically and financially.

---

@jbranton wrote:

If their school district budgeting office is anything like our:; purchasing hardware is fairly easy, but purchasing licensing can get messy. And when you're trying to stretch the budget for every AP you can, purchasing licenses to sit idle 99.999% of the time is hard to justify.

---

Yes, that is exactly the reason.  By purchasing a controller with only 1 AP/PEF/RFP license, versus 64 licenses, it saves us over $10,000 in costs.  As tight as our budget is right now, this is very important.  Otherwise, yeah, full redundancy would have been great.

That's also the reason that we can't just keep the existing master and make the new one a local.  The existing controller came with 64 AP licenses built-in, so those licenses can't be transferred to the new controller.

Good points.  I understand budget issues.

The best course of action, then, is the backup the existng controller, restore it to the new controller (before you actually plug it into the network so you dont have an address conflict), add the new licenses and the reload.  Once it comes back up, you can disconnect the existing controller from the network, clear the ARP cache one the L3 devices around the controller, change the IP on the existing controller, update the config on the new master so that the LMS-IP points to the new IP for the local controller, and then make the existing controller a local off the of new master. 

It will require a little down-time, but it should be minimal if you plan it out well.

---

@olino wrote:

The best course of action, then, is the backup the existng controller, restore it to the new controller (before you actually plug it into the network so you dont have an address conflict), add the new licenses and the reload.  Once it comes back up, you can disconnect the existing controller from the network, clear the ARP cache one the L3 devices around the controller, change the IP on the existing controller, update the config on the new master so that the LMS-IP points to the new IP for the local controller, and then make the existing controller a local off the of new master. 

 

It will require a little down-time, but it should be minimal if you plan it out well.

---

Thanks!  I'm not concerned about some downtime.  If I do this later in the day, it won't affect anyone anyway. :)

---

@bnewall wrote:

---

@olino wrote:

The best course of action, then, is the backup the existng controller, restore it to the new controller (before you actually plug it into the network so you dont have an address conflict), add the new licenses and the reload.  Once it comes back up, you can disconnect the existing controller from the network, clear the ARP cache one the L3 devices around the controller, change the IP on the existing controller, update the config on the new master so that the LMS-IP points to the new IP for the local controller, and then make the existing controller a local off the of new master. 

 

It will require a little down-time, but it should be minimal if you plan it out well.

---

Thanks!  I'm not concerned about some downtime.  If I do this later in the day, it won't affect anyone anyway. :)

---

Hi all,

Thanks for all of your advice and input!  The new controller arrived yesterday morning and was installed yesterday afternoon.  It went fairly smoothly, but I did encounter a couple of small "gotchas", which I'll bring up in case it helps anyone else.

I'm not certain, but I might have reversed the order of loading the licenses and then restoring the flash backup from the original controller.  But whatever I did, the end result is that after the new master came up, I didn't discover this right away, but it had NO licenses at all.  I suspect that I put on the new licenses, then restored the flash, which tried to put the old licenses on from the other controller, but those licenses were invalidated by the fact that the new controller has a different serial number.

I also ran into an interesting problem where my enable secret password somehow didn't make it over.  When I restored the configuration file, it was in the config, but then later, after a reboot, I couldn't enable from SSH anymore.  I had to restore the config file again, which then required me to re-make some of the config changes I had done before (such as changing a couple of LMS IPs).

Once that was done, it was at THAT point when I saw that the new controller had no licenses, which is why my two laptops could connect but couldn't get IP addresses.  The firewall rules weren't there, because there was no firewall license.  So, I had to apply the licenses, reboot the controller again, THEN restore my backed up configuration AGAIN, then make the same LMS changes AGAIN... :)  But after doing all that, everything was up and running.

Thanks for all of your help!