Wireless Access

Reply
Highlighted
Contributor II

Controller clustering

I need to change 'lc-cluster group-profile' settings for md controller. Current configuration line is: 'controller 10.82.168.24 priority 128 mcast-vlan 0 vrrp-ip 10.82.168.20 vrrp-vlan 1068 group 0 rap-public-ip 0.0.0.0' 

Changing to:

'controller 10.82.168.24 priority 128 mcast-vlan 0 vrrp-ip 0.0.0.0 vrrp-vlan 0 group 0 rap-public-ip 0.0.0.0'

Access points are using cluster vrrp address 10.82.168.20.

Can I disable cluster group-membership so I can make this change without losing APs pointed to this vrrp address?

 


Accepted Solutions
Highlighted

Re: Controller clustering

Technically, the VIP would be better. If you have MC1 and MC2, and you are pointing to the VIP, if one MC is down, the AP would be directed to the other. Reality is that the LMS-IP really is only of significance when a new AP is added to the network. Once the AP communicates with the LMS-IP, the AP is assigned an AP anchor controller (AAC), which the AP stores as the first entry in the node list, which is stored as an environment variable in the APs flash. In addition to the AAC, the other cluster nodes are (randomly, as far as you know, but there is probably some behind the scenes rhyme or reason; I don't know what it is) added to the node list. Any time the AP boots in the future, the AP uses the node list to communicate with the cluster.

 

So, if you have a VIP between the cluster nodes, point the LMS-IP to it. If you don't, you can either create one, or just point the the LMS-IP to one MC and point the backup LMS-IP to the other MC and you should be fine.

 

I hope this helps,

David
Sr. Trainer and Author of "Understanding ArubaOS: Version 8.x" book

--Give Kudos if you found something helpful, important, or cool.
--Problem Solved? Click "Accepted Solution" in a post.

View solution in original post

Highlighted
Contributor II

Re: Controller clustering

Thanks David. I appreciate the response and details. I'm also enjoying your Version 8.x book.

 

Jim

View solution in original post


All Replies
Highlighted
Guru Elite

Re: Controller clustering

Once APs discover to a controller in a cluster, it is assigned a Primary Controller by the cluster leader and connects to that controller (MD) from then on.  It also download the nodelist, which is a list of the controller ips in the cluster.  That AP no longer uses that VRRP address to connect, so you should be good.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted

Re: Controller clustering

Just some additional thoughts. Is LMS-IP configured to point to 10.82.168.20? Don't forget to change that if it is. You can point it to one of the MCs or you could manually configure a VRRP between the two MCs and point the LMS-IP to that VIP (for those who are reading this at a later time, the LMS-IP should not point to any of the VRRP-IP addresses that are configured as part of the cluster configuration, which it appears is what is being corrected in this thread. In fact, the VRRP-IP that is part of the cluster should only be used by the system for authorization server interaction [ASI]). As cjoseph mentioned, once the AP is initially booted and connects to a controller in the cluster, the LMS-IP is no longer (except in rare complex configurations) a concern.

 

I hope this helps,

David
Sr. Trainer and Author of "Understanding ArubaOS: Version 8.x" book

--Give Kudos if you found something helpful, important, or cool.
--Problem Solved? Click "Accepted Solution" in a post.
Highlighted
Contributor II

Re: Controller clustering

Westcott,

 

Thanks for the reply. We don't need the ASI feature. I am setting LMS-IP addresses for a RAP group to point to individual MCs in a cluster. I have a public VRRP-IP for the 2 MCs. Should I set the LMS-IP to the VRRP-IP instead of the 2 individual public MC addresses? This part of the documentation isn't very clear.

Highlighted

Re: Controller clustering

Technically, the VIP would be better. If you have MC1 and MC2, and you are pointing to the VIP, if one MC is down, the AP would be directed to the other. Reality is that the LMS-IP really is only of significance when a new AP is added to the network. Once the AP communicates with the LMS-IP, the AP is assigned an AP anchor controller (AAC), which the AP stores as the first entry in the node list, which is stored as an environment variable in the APs flash. In addition to the AAC, the other cluster nodes are (randomly, as far as you know, but there is probably some behind the scenes rhyme or reason; I don't know what it is) added to the node list. Any time the AP boots in the future, the AP uses the node list to communicate with the cluster.

 

So, if you have a VIP between the cluster nodes, point the LMS-IP to it. If you don't, you can either create one, or just point the the LMS-IP to one MC and point the backup LMS-IP to the other MC and you should be fine.

 

I hope this helps,

David
Sr. Trainer and Author of "Understanding ArubaOS: Version 8.x" book

--Give Kudos if you found something helpful, important, or cool.
--Problem Solved? Click "Accepted Solution" in a post.

View solution in original post

Highlighted
Contributor II

Re: Controller clustering

Thanks David. I appreciate the response and details. I'm also enjoying your Version 8.x book.

 

Jim

View solution in original post

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: