Wireless Access

last person joined: 16 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

HA Master+Local Configuration

This thread has been viewed 1 times

  • 1.  HA Master+Local Configuration

    Posted Apr 08, 2016 06:23 PM

    Aruba documentation suggests the use of local controllers at all sites and a pair of masters for management.

     

    I am trying to understand if it is possible to use local controllers at all sites and have one site with one controller pair designated as a HA master and local pair, ie performing the roles of both local and master.

     



  • 2.  RE: HA Master+Local Configuration

    EMPLOYEE
    Posted Apr 08, 2016 06:35 PM
    That would be a master and backup master. Yes.


  • 3.  RE: HA Master+Local Configuration

    Posted Apr 08, 2016 06:45 PM

    To clarify, these HA masters can terminate APs?

     

    To do this, would I simply create a HA group for the two controllers and also set up a Master VRRP address? 



  • 4.  RE: HA Master+Local Configuration

    EMPLOYEE
    Posted Apr 08, 2016 06:50 PM
    The master can terminate APs. The backup master cannot.


  • 5.  RE: HA Master+Local Configuration

    Posted Apr 08, 2016 06:54 PM

    OK so its impossible to create a pair of controllers that are both ha locals and ha masters?

     

    IE if the primary master/local fails, you lose the APs at that site.



  • 6.  RE: HA Master+Local Configuration

    EMPLOYEE
    Posted Apr 08, 2016 06:58 PM
    If one controller fails at a site with two controllers, the second controller will service access points.


  • 7.  RE: HA Master+Local Configuration

    Posted Apr 08, 2016 07:15 PM

    Aruba documentation talks about how to set up HA locals. It talks about how to set up HA masters. It also talks about how to set up a single controller as a master and local.

     

    But it never talks about making a HA master and local pair. Meaning one pair of controllers that performs both functions, (master stuff and terminating APs at the same time). That when one of these fails the secondary takes over both functions as master (for everyone) and local (the aps at that site).

     

    Is this possible?

     

     



  • 8.  RE: HA Master+Local Configuration

    EMPLOYEE
    Posted Apr 08, 2016 07:20 PM
    Why don't we talk about your existing setup as an example.

    What do you have?


  • 9.  RE: HA Master+Local Configuration

    Posted Apr 08, 2016 07:27 PM

    I have a site with a single controller acting as master/local. It is the master for many other HA local pairs at remote sites. It is also the local controller for one site.

     

    I want to make it HA. But not just HA local (ap termination) also master (db stuff, config, etc). Possible?

     

    Aruba recommends to break these into different boxes. 2 HA masters, and 2 HA locals. But that requires 4 boxes. Why not do it with 2, assuming you have the resources?



  • 10.  RE: HA Master+Local Configuration

    EMPLOYEE
    Posted Apr 08, 2016 08:12 PM

    So let's get some terminology out of the way:

     

    Master = Controller where you can make changes to the global configuration.  It also has the database with all of the APs, access points neighbors and ARM calculations of all of the controllers.  It can terminate APs for client traffic.  If the master goes away, local controllers can still run, authenticate people, etc.  It just means that you have no way of changing the global configuration.  There is only one master in a master-local "system" at a time.  A master can be the "primary" for access points and a "backup" for others at the same time.  A master cannot be a master and a local at the same time.

    Backup Master = Controller that backs up the master controller BUT only when the master controller goes away.  It cannot terminate access points while the master is still up.  If the master goes away the Backup Master becomes the master and you can make changes to the global configuration, as well as terminate APs on this new master.  It has to be in the same layer 2 VLAN as the master, because they must have a VRRP between them that determines who is the master.  There is at most only one Backup master in a master-local "system" at a time

    Local Controller = A controller that has a read-only copy of the global configuration.  It can terminate access points and pass user traffic.  If the master goes away, and there is no backup master in the picture, you cannot make any changes to the global configuration.  There can be many, many locals in a master.  A local can be the "primary" for access points and a "backup" for others at the same time.

     

    A controller is designated a master, backup master or local depending on whether or not you can change the global configuration on it.  It has nothing to do with HA, specifically.

     

    Based on your statement below, you can do your configuration with just two controllers:  A master and a local.



  • 11.  RE: HA Master+Local Configuration
    Best Answer

    Posted Apr 09, 2016 12:41 PM

    Thanks for clearing that up! 

     
    So a solution looks like ths: I will have one Master and one Local controller, the Master will be the Primary for that site, and the Local will be the backup (or vise versa). 
     
    To do this I simply make an HA group and add the Master and Local to it.
     
    If the Master Fails I will not be able to alter configs, but my APs at the site will be able to terminate on the Local (secondary).
     
    Sound good?
     
    Also, how do you recover from a failed Master? Simply restore the config and reimport licenses?


  • 12.  RE: HA Master+Local Configuration

    EMPLOYEE
    Posted Apr 09, 2016 01:08 PM

    If you were using centralized licensing, you have 30 days to replace the master before the local stops working with the centralized licenses it used .  You could promote the local to a master, if you want to make changes to the global configuration (requires a reboot).



  • 13.  RE: HA Master+Local Configuration

    Posted Apr 09, 2016 01:11 PM

    Cool, and the plan we outline above (master + local in an HA group acting as primary/secondary) is possible?

     

     



  • 14.  RE: HA Master+Local Configuration

    EMPLOYEE
    Posted Apr 09, 2016 02:20 PM
    Yes.


  • 15.  RE: HA Master+Local Configuration

    Posted Apr 09, 2016 03:37 PM

    Thanks!!



  • 16.  RE: HA Master+Local Configuration

    Posted Apr 04, 2018 11:29 PM

    Hi,

    I am new to aruba products. Could you please explain the tunnel formation that is happening in master-local.

    1. My AP is forming a PAPI tunnel with the master and then it checks the lms ip which is the local controller's IP.

    2. Now my AP will it form PAPI tunnel at first with the local controller or is it GRE and then PAPI

    Thank you in advance



  • 17.  RE: HA Master+Local Configuration

    EMPLOYEE
    Posted Apr 04, 2018 11:34 PM

    Please open a new thread.  This topic is 2 years old and unrelated to your question.