Wireless Access

Reply
Highlighted
Occasional Contributor II

HA Master/Stanby vs VRRP clarification needed

Hello everyone: 

I need some clarification on the following:   

Topology: 

Two local controllers 7010 running 8.2.1 with 20 315 APs.  

Controllers and APs are on the same vlan. 

I have an AP Group called Branches_AP_GRP

 

Consultant (Aruba is new to me) recommended the following:

ha group-profile "Branch HA"
state-sync
pre-shared-key mykey 
heartbeat
controller 1.1.1.1 role active
controller 1.1.1.2 role standby

 

After first deployment and learning about 8.2 new features, HP SE recommended clustering.  


Virtual Router 10:
Admin State UP, VR State MASTER
IP Address 1.1.1.3, MAC Address x.x.x.x, vlan 10
Priority 110, Advertisement 1 sec, Preemption Enable Delay 30
Auth type PASSWORD, Auth data: ********
tracking is not enabled

 

Virtual Router 10:
Description mex-vrrp
Admin State UP, VR State BACKUP
IP Address 1.1.1.3, MAC Address x.x.x.x, vlan 10
Priority 100, Advertisement 1 sec, Preemption Disable Delay 0
Auth type PASSWORD, Auth data: ********
tracking is not enabled

 

LMS pointing to 1.1.1.3 // the vrrp 

 

Type IPv4 Address Priority Connection-Type STATUS
---- --------------- -------- --------------- ------
peer 1.1.1.1 128 L2-Connected CONNECTED (Leader, last HBT_RSP 14ms ago, RTD = 0.000 ms)
self 1.1.1.2 128 N/A CONNECTED (Member)

 

Questions: 

1 - is this the "best-practice" setup configuration for dual controllers and APs? 

2 - Why one controller has more AP's than the other controller? 

     if I do show ap database it shows 15 APs ("s" flag shows for the remaining 5) with CNTL1 and 5 with CNTL2 

 3 - Has anyone seen before why the AP's cannot discover the controllers in Layer 2? I had to configured DHCP option pointing to 1.1.1.3 in order for the APs to come up.  

  I have two stack Cisco 3850 and one controllers plugged into sw_a and other sw_b for redundancy. 

4 - why does it show the same priority for the cluster on the config? 

lc-cluster group-profile "MY-Cluster"
controller 1.1.1.1 priority 128 mcast-vlan 0 vrrp-ip 0.0.0.0 vrrp-vlan 0 group 0
controller 1.1.1.2 priority 128 mcast-vlan 0 vrrp-ip 0.0.0.0 vrrp-vlan 0 group 0
active-ap-lb

 

I'm sorry for so many questions and thank you in advance for your answers.  

 

Cheers! 

 

Guru Elite

Re: HA Master/Stanby vs VRRP clarification needed

Do you have an MM in your 8.x configuration?


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: HA Master/Stanby vs VRRP clarification needed

Yes, I do.  I forgot to mention that.  

Guru Elite

Re: HA Master/Stanby vs VRRP clarification needed

8.x was designed to address the limitations of VRRP-based and HA-based redundancy of with clustering.

 

In 8.x your cluster would have a VRRP so that you can point your access points using aruba-master or dhcp option based discovery to an active member of that cluster.  After the AP discovers that controller, it is then assigned a primary and failover controller  by the cluster master automatically. You would only use LMS or backup LMS if you wanted to use a second cluster for failover in case the first one is not avaiable (this is rare).  HA should not be configured in conjunction with clustering.  Once your AP discovers a controller in a cluster, the ip addresses of all of the controllers in that cluster is pushed to the access points and the access point no longer uses aruba-master or dhcp option based discovery upon subsequent reboots.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Guru Elite

Re: HA Master/Stanby vs VRRP clarification needed

Questions: 

1 - is this the "best-practice" setup configuration for dual controllers and APs?  YES

2 - Why one controller has more AP's than the other controller? 

     if I do show ap database it shows 15 APs ("s" flag shows for the remaining 5) with CNTL1 and 5 with CNTL2 (You can influence the load balancing by editing the cluster parameters https://community.arubanetworks.com/t5/Wireless-Access/Triggering-AP-Load-Balancing-in-AOS-8-2-Cluster-Troubleshooting/td-p/415193).

 3 - Has anyone seen before why the AP's cannot discover the controllers in Layer 2? I had to configured DHCP option pointing to 1.1.1.3 in order for the APs to come up.  The dhcp option should be pointing to the VRRP.

  I have two stack Cisco 3850 and one controllers plugged into sw_a and other sw_b for redundancy. 

4 - why does it show the same priority for the cluster on the config? 

lc-cluster group-profile "MY-Cluster"
controller 1.1.1.1 priority 128 mcast-vlan 0 vrrp-ip 0.0.0.0 vrrp-vlan 0 group 0
controller 1.1.1.2 priority 128 mcast-vlan 0 vrrp-ip 0.0.0.0 vrrp-vlan 0 group 0
active-ap-lb

 That priority determines who will be the cluster leader or notIf you care to have one controller be the cluster leader over another (you shouldn't, really) you would increase their priority

I'm sorry for so many questions and thank you in advance for your answers.  


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: HA Master/Stanby vs VRRP clarification needed

To clarify, on one of your replies, you mentioned that I should not use the vrrp, but one of the active controller and then the controller will notify the APs of the other controller.  But on another reply, you mentioned I should poit the DHCP option to the vrrp IP.  Is this because (only when) the APs are not able to disconver the controllers via layer 2?  

 

It seems there is no need to LMS ip configuration when using cluster vrrp and that the not-sot balanced load of APs is normal behaviour, correct? 

Guru Elite

Re: HA Master/Stanby vs VRRP clarification needed

VRRP based redundancy is just pointing the APS to a VRRP between controllers using aruba-master or dhcp options.  No clustering would be configured.

 

In a clustering scenario, you need the VRRP between the cluster members to point the aruba-master or dhcp option ip address to a single ip address.

 

Access points should be able to discover controllers layer 2, but many people do not do that for various reasons.

 

You probably configured load balancing after all of the access points were up.  It will load balance, but slowly.  If you reboot all access points, as they come up they will load balance based on the algorithm as they come up.

 

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: