I am in the process of setting up our new Aruba wireless system, and while I’ve learned a lot about ArubaOS et. al. I have a few basic questions on which I’d like your opinions. I’d like to go down the appropriate path with this setup once, if possible, and so need assistance selecting the right path. I have read selected sections of the ArubaOS User Guide and other documentation including the KB and forums, but by no means everything. I’ll edit each post with links to the other two so I can ask separate questions but still give a complete picture. Please feel free to question my assumptions.
Question 1: Use a “redundant master” setup or a “master-with-locals” setup?
We currently have two 3400 controllers and 50 APs, to use for our HQ site (3 bldgs, total of 6 ‘floors’, 450 users) a medium sized site (1 floor of 100 users) and one small office of about 10 users. The other sites are about 45ms and 200ms ‘away,’ respectively. We intend to expand the installation worldwide to our other 2 major sites, 4 medium sites and 12 small sites similar to the above.
I think I can set up our two 3400’s now as redundant masters, and I think these will sync their configurations so that I can enter configuration data on only the active controller. As far as I know this would be like any other VRRP-based device – unless a monitored item goes down, forcing VRRP failover, the active device does everything. There is no ‘subordination’ relationship here, just redundancy.
I could also use a master controller and subordinate local controllers, but I am less clear on how this works. I have looked through Ch 21 of the User Guide but it doesn’t go in to how to divide the APs between controllers. I *think* the AAA, SSID and VAP profiles, etc., are configured on the master and can be used by any local and associated APs but I’m not sure.
We plan on adding more controllers (we’re hoping just 2 to 4 more) to our other major offices to handle the APs for their region. Generally the AAA requirements will be the same globally, and we’d like to make it as easy as possible for travelling staff to connect at other offices (we have a single corporate SSID now at every office, which enforces the same authentication but sometimes with different AAA servers). If it works better, we would then make these others ‘local’ controllers under the master here at HQ.
Could we also have redundant masters at HQ and have the other controllers as locals subordinate to that master (pair)?
Thanks! Paul
Question 2 here: Question 2 of 3
Question 3 here: Question 3 of 3
#3400