Wireless Access

Reply
Highlighted
Occasional Contributor I

Arubaos8 two controllers redundancy scenario

hello

 

we do have two aruba 7205 controllers with NO master controller

i'm trying to figure out the best way to deploy them to  acheive redundancy

i read that i can just configure them as standlaone and configure VRRP between them and the APs should just terminate to the VRRP IP ?

 

my question : if i did the above then i'll need to configure double the license one on each controller per AP ?

if the above is true then that's not applicable since we do have100 APs and 100 Licenses only

 

what i'm trying to achieve is

-one controller will serve all aps and user traffic, the other is standy

-if active controller fails aps should termiante on the stadnby one and continue working as normal

-we dont need to add more licneses per controller only 100 license per 100 aps

 

what would  be the optimal redundancy soultion for that setup without mobility master

 

i came across the master controller local design but most of it refering to version 6.x

i'm not sure if that fits on the arubaos8 or not since i'm new to aruba and only deployed standalone deployments

 

looking for clarifications

 

thanks in advance

 

Highlighted
Guru Elite

Re: Arubaos8 two controllers redundancy scenario

If you do not have an MM, your redundancy options in 8.x are virtually identical to those in 6.x (licensing, standby controller, vrrp, etc).


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Occasional Contributor I

Re: Arubaos8 two controllers redundancy scenario

thanks cjoseph

 

so based on teh available option in this regard, what do you recommend that would be best based on our scenario here ?

Highlighted
Guru Elite

Re: Arubaos8 two controllers redundancy scenario

You can configure master redundancy between two controllers and point your access point at the VRRP.  Centralized licensing is enabled automatically.

 

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
MVP Guru

Re: Arubaos8 two controllers redundancy scenario

There's a few options you have here, in short here is the following :

 

If using Master/Local or Master/Master you can enable Centralized Licensing to share the same pool of licenses between two controllers. 

 

You can still use MCM/Standalone mode with AOS8. If you go for Master/Local and you lose the Master, you will need to replace/configure a new master before further changes can be implemented.


If you go for a Master/Master deployment you can still make changes to the environment in the event of a controller failure.

 

Take a look at the Campus Redundancy VRD, this explains all the options in more depth. It is written for AOS6 but the concepts still apply to AOS8 in MCM/Standalone mode.

 

https://community.arubanetworks.com/t5/Validated-Reference-Design/Campus-Redundancy-Model/ta-p/510228

 


ACMP, ACSA, ACDX #985
If my post addresses your query, give kudos:)
Highlighted

Re: Arubaos8 two controllers redundancy scenario

Just to add to and highlight some of what has been stated.

 

With 2 controllers, you can create a standalone, and then set up the other standalone as it's VRRP backup. You can have APs point to the VIP, and the APs will terminate on the primary controller. If the primary controller fails, the APs will terminate to the secondary controller, which will have become the primary. The VRRP failover is 3 heartbeats, and the AP PAPI failover is 8 heartbeats. Heartbeats are 1 second. Clients will disconnect and have to reconnect, and firewall states are not preserved. I refer to this as AP preservation, not client preservation.

 

Instead of doing a standalone configuration, you can set up one controllers as a Master Controller Mode (MCM) Master controller. You can then set up one (or more if you had more) controllers as Mobility Controllers (MCs). APs can only terminat to MCs. The Master controller is "ONLY" a management device. So with 2 controllers, one as the Master and the other as an MC, you would not have any failover for the APs, since as I just stated, APs cannot terminate to the Master controller.

 

If you did add an additional controller to the MCM configuration, you would then have the Master controller, and 2 MCs. At this point, you could set up VRRP between the 2 MCs, LMS-IP and Backup LMS-IP, or High Availability (HA). All three of these will provide redundancy. How quickly the failover occurs varies between the 3 solutions, however clients most likely will be disconnected and firewall states will not be preserved. Again, each of these will do AP preservation, not really client preservation.

 

If you want client preservation, where the client continues and firewall state is preserved, then you need to run a Mobility Master (MM).

 

I hope this helps,

 

David
Sr. Trainer and Author of "Understanding ArubaOS: Version 8.x" book

--Give Kudos if you found something helpful, important, or cool.
--Problem Solved? Click "Accepted Solution" in a post.
Highlighted
Occasional Contributor I

Re: Arubaos8 two controllers redundancy scenario

thanks guys for your feedback

 

so jusst to be on the same page i believe for my setup i'll go with installing to standalone controllers and configure VRRP between them

 

as stated above centralized licensing will work

 

but what about configuration ? will the configuration be sybchronized between the primary standlaone and the backup ?

 

i'm running code 8.4.2

Highlighted
Contributor II

Re: Arubaos8 two controllers redundancy scenario

Hey axai1 I will be doing the same scenario as yours but using a VMC and a 7200.

 

What documentation did you consulted to achieve this configuration ? I tried looking at the fundamentals guide but I didn't find the know-how.

 

And what about the configuration synchronization ? Did you discover the answer ? Based in previous posts here in the airheads community looks like it doesn’t have the synchronization...

 

Although, in my case I have Airwave in my environment, I don’t know if its capable to improve something or maybe bringing the configuration sync feature ?

Highlighted

Re: Arubaos8 two controllers redundancy scenario

If VRRP is configured between 2 standalone controllers, both the licenses and configuration is synchronized between the active controller and the standby controller. Point the APs to the virtual IP (VIP) and if the active goes down, when the standby takes over, the APs will reconnect to the standby (which is now the active). Failover between the active and standby should occur in about 4-5 seconds. Failover time for the APs can vary depending upon how many APs you have failing over. Clients will be disconnected and will have to reconnect and will lose any stateful connection. AirWave does not provide any benefit or features in this design regarding the failover.

I hope this helps,

 

David
Sr. Trainer and Author of "Understanding ArubaOS: Version 8.x" book

--Give Kudos if you found something helpful, important, or cool.
--Problem Solved? Click "Accepted Solution" in a post.
Highlighted
Contributor II

Re: Arubaos8 two controllers redundancy scenario

Thanks for the clarification westcott !!

 

Can you help me, saying to what term or chapter should I look at in the User Guide documentation, that show me how to configure as the best practice this "High Availability" scenario ?

 

And about the configuration sync, are you saying that even after the VRRP is done and the controller is connect to my primary controller, if I change the configuration in my primary controller, my other standalone controller, in this case the VMC, will have its configuration updated ???

Or are you just saying that for the VRRP to happened they both will need to have equal configuration ?

 

 

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: