Wireless Access

Occasional Contributor II

Hitless Controller Cluster Design



 We are testing Aruba equipment at the moment and have connected 2 x 7240 controllers to a Master VM.  The network that I have these connected to are our internal management network and not the AP termination network (different vlans). 


The question is, does the switch ip network used for the communication between master vm and controllers have to be the same as the AP termination network? 


The cluster has been configured and is connected at L2 no problems, but I am unfamiliar with how this works with the ap termination. There is no vrrp configuration so would I need to add one in the cluster that is on the ap management vlan? 


Thanks in advance! 


Frequent Contributor I

Re: Hitless Controller Cluster Design

As mentioned on "https://community.arubanetworks.com/t5/Aruba-Solution-Exchange/Clustering-of-Mobility-Controllers/ta-p/282686":


Just put one of the MD ip address as the LMS IP, then the APs will automatically build tunnel to other MD as its backup. The IP doesnt have to be in the same VLAN, but AP must able to reach it.


A Hitless AP failover: When MDs are part of a cluster, APs that come up will connect to their LMS IP (i.e. one of the cluster members), called the Active AP Anchor Controller (or A-AAC). The AP builds a standby tunnel to a Standby AAC (or S-AAC) that is selected by the cluster leader. When the A-AAC goes down, the AP seamlessly fails over to the S-AAC.​ This is similar to how AP Fast Failover (HA) works in AOS 6.x.




- Yopianus Linga-




Occasional Contributor II

Re: Hitless Controller Cluster Design

Thanks for the response. From what I understand, these IPs configured in the cluster need to be reachable by the AP, regardless of VLAN. 


What I've configured for the MD to Master connectivity (and cluster) is a network that is not reachable by the APs so this will not work. Even though the network reachable by the APs has been configured on the MDs (separate vlan) they are not used for the cluster IPs. 


Sounds like what I need to do is remove the MD nodes from the master and re-connect them via the network reachable by the APs. The master does not have this network but it will be easier to work with by allowing the master to talk to the MDs via the distribution network acls. 

Guru Elite

Re: Hitless Controller Cluster Design

I can confirm that when the AP discovers the controller on other ip addresses, it still gets redirected to the controller-ip to obtain instructions and begin servicing clients.

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: Hitless Controller Cluster Design

This is my cluster output:-


#show lc-cluster group-membership 

Cluster Enabled, Profile Name = "lab-profile"
Redundancy Mode On
Active Client Rebalance Threshold = 50%
Standby Client Rebalance Threshold = 75%
Unbalance Threshold = 5%
AP Load Balancing: Enabled
Active AP Rebalance Threshold = 50%
Active AP Unbalance Threshold = 5%
Active AP Rebalance AP Count = 10
Active AP Rebalance Timer = 5 minutes
Cluster Info Table
Type IPv4 Address    Priority Connection-Type STATUS
---- --------------- -------- --------------- ------
self      128             N/A CONNECTED (Member)
peer      128    L2-Connected CONNECTED (Leader, last HBT_RSP 23ms ago, RTD = 0.000 ms)

These IPs are not reachable by the APs :( So I will need to reconfigure with the network that is reachable by the APs. 


I am a newbie when it comes to Aruba as I am familiar with the Cisco WLAN infrastructure. So apologies for the basic questions. 


One final question for this topic, does the master need to be as powerful as the 7240XM as in does it need to support the same number of APs and devices as the MD? I ask this because I'm using a basic master VM setup.



Frequent Contributor I

Re: Hitless Controller Cluster Design

MM "should not" serving APs.

Here are tech webminar for more understanding Aruba OS MM/MD deployment. Hope it will help.



-Yopianus Linga-

Occasional Contributor II

Re: Hitless Controller Cluster Design

Thanks for the quick reply. That is what I was told, that the MM does not terminate the APs and really is just being used for configuration and management of the MDs. 


What confused me was with the product selection of the master controller appliances in the ordering guide listed here:-






Search Airheads
Showing results for 
Search instead for 
Did you mean: