Wireless Access

Reply
Highlighted
MVP Expert
MVP Expert

Re: Master, stand by config on Aruba OS 8

Enable "State Synchronisation and enter the PSK (that key is uses between te controllers when bound them). The PSK key is mandatory.

 

I enable "Pre-emption" at one of my customers without any issues and good failover test senario's. But later one i dont really like pre-emption in any way because when you have flapping links it will negative impact the database synchronisation i believe. So i dont user pre-emption anymore in my configs, also not for the VRRP itself.

 

Kind Regards Marcel Koedijk
HPE ASE Flexnetwork | ACMP | ACCP | Ekahau ECSE Design - Was this post usefull, Kudos are welcome.
Highlighted

Re: Master, stand by config on Aruba OS 8

Hello Marcel

Thank you very much for your help! im sure this will be really helpful for other users in the future as there is no much info on how to do this on a stand alone mode.

 

Just to let you know, on the version 8.5.0.5 i ddint have to do this

 

The second MC02 you need to do from the CLI :

(MC02) [mynode] # configure terminal
(MC02) [mynode] (config) # ha group-membership "Group-Name"
(MC02) [mynode] (config) # exit
(MC02) [mynode] # write memory

it seems taht after is syncronized you dont have to do this or is not required anymore...

I was getting an error that the ha group-membership didnt exist in that controller. 

I changed the lms to  172.16.150.250 Which is the real ip of VM1 and for the secondary lms 172.16.150.251 which is the real ip of the VM2

 

The APS points to 172.16.150.252 which is the virtual IP.

 

I did the test  after this

 

I simulate a faiure of the VM1 and the AP Took a while but he came up again and i was able to connect to the SSID

 

Is there anything i can do to reduce that time of downtime?

 

Cheers

Carlos

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
Highlighted
MVP Expert
MVP Expert

Re: Master, stand by config on Aruba OS 8

If you like a seemless failover from AP, Controller or User perspective i recommend a Mobility Master with a Cluster configuration, way more easy to configured and manage.

Kind Regards Marcel Koedijk
HPE ASE Flexnetwork | ACMP | ACCP | Ekahau ECSE Design - Was this post usefull, Kudos are welcome.
Highlighted

Re: Master, stand by config on Aruba OS 8

I configured the HA on Controller level.  The HA does not appear at folder level.

 

After i see both Controllers up i can no longer see the HA config on the secondary controller.

 

Should i configure this  Before making it look like a master and stand by? i mean the HA config?  if i do that i should be able to configure it as it willl be as a stand alone. and not syncronized.

 

But before that, yes it does a full reboot.   Let me check the config

 

Cheers

Carlos

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
Highlighted

Re: Master, stand by config on Aruba OS 8

okay i actually find out that it didnt do a full reboot, it just stay there on access denied for like 3 mins and 30 seconds  and the ap came back again.  

Question

Is this the downtime you get of your AP in this HA mode stand alone stand alone? or your AP with SSIDS goes up faster than mine that takes 3 mins 30 seconds?

 

Cheers

Carlos

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
Highlighted
Guru Elite

Re: Master, stand by config on Aruba OS 8

If you are using master redundancy, you should just point the LMS-IP at the VRRP.  HA configuration is not supported in combination with master redundancy:  https://www.arubanetworks.com/techdocs/ArubaOS_86_Web_Help/Content/arubaos-solutions/vrrp/migr-vrrp-bku-lmred.htm

Screenshot 2020-02-05 at 16.14.57.png


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
ArubaOS Consolidated Release Notes
Aruba Technical Webinars
Highlighted
MVP Expert
MVP Expert

Re: Master, stand by config on Aruba OS 8

Thanks Colin!

 

I did a quicktest in my HomeLAB and your right....as always ;) I just configure the VRRP VIP as the primairy LMS IP in the AP system profile and in my DHCP43 options for ap provisioning.

 

  • When i hard shutdown my MC01 the AP will re-built the GRE tunnels to the second controller within a couple off seconds.

Capture.JPG

Kind Regards Marcel Koedijk
HPE ASE Flexnetwork | ACMP | ACCP | Ekahau ECSE Design - Was this post usefull, Kudos are welcome.
Guru Elite

Re: Master, stand by config on Aruba OS 8

I am not right.  That is what the user guide says...


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
ArubaOS Consolidated Release Notes
Aruba Technical Webinars
Highlighted
MVP Expert
MVP Expert

Re: Master, stand by config on Aruba OS 8

User Guide 8.6.0.0, link. (start at page 764)

 

Test1: Dont use HA and only VRRP with LMS-IP=VRRP VIP address.

- hard shut MC01, two AP failover with 10 seconds

- restore MC01 and MC02, MC02=Master (no pre-eemtion)

- had shut MC02, two AP dont failback to MC01 and do a full reboot, not good ;).

- AP serial says: Unable to set up IPSec tunnel, Error:RC_ERROR_IKE_XAUTH_AUTHORIZATION_FAILED

 

Test2: Create a HA-GROUP both MC01/MC02 in dual-mode, change the LMSIP=MC01 LMS_BKP=MC02

- After create the HA group i bound it to MC01, it was not possible to bound it to MC02, also not from the MC02 CLI.

- (TEST-MC01) [mynode] (config) #ha group-membership "HA" says no supported on this node.

- Failover test fails again, AP reboots.

 

While MC02 was the Master controller i was able (GUI and CLI) to create the HA group the same way as i did on MC01.

- hard shut MC01, 1 ping lost, AP stay UP

- restore MC01 and MC02, MC02=Master (no pre-eemtion)

- hard shut MC02, 1 ping lost, AP stay UP

- test it four three times again, same result.

 

Tested with version: 8.6.0.2 two VMC in standalone mode en-rolled.

 

Kind Regards Marcel Koedijk
HPE ASE Flexnetwork | ACMP | ACCP | Ekahau ECSE Design - Was this post usefull, Kudos are welcome.
Highlighted
Guru Elite

Re: Master, stand by config on Aruba OS 8

To be clear, if you are using master/standby, you MUST connect access points to the VRRP for proper redundancy.  You CANNOT use HA.  Why?  Because the VRRP determines what controller is the master and can actually serve access points.  The other controller will not accept access points.  If you configure ha and access points fail over to a controller that doesn't have control of the VRRP, the access points will not function.

 

Again, DO NOT use HA when pointing APs to master redundant controllers.  Point the APS at the VRRP between them.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
ArubaOS Consolidated Release Notes
Aruba Technical Webinars
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: