Wireless Access

All,

You know you've struck an interesting quesiton when your Aruba SE buddies say, "Let me know how that's configured!" Haha

I'm working with a customer right now and they've installed AP225s in two floors of their new HQ. The APs are each connected back with an LACP / LAG configuration on the switch side. They have 2 x 7210s that are running 6.3.1.9. The two controllers are setup in a VRRP, master / standby configuration - pretty standard stuff.

All of the documentation for the "gre-striping-ip" / LAG config in the AP System Profile says to use the LMS + 1. This IP address also has to be routeable in your enterprise. So how do you pull this off in a multiple master, or N+1 failover scenario? I am going to try running a second VRRP instance across another VLAN and pointing the Striping IP at that address. I know it's not the LMS + 1, but it sounds like the only scalable approach.

I would definitely appreciate to know how others have dealt with this in their deployments - thanks!

-Mike

Maybe this could help :

"This GRE-STRIPING-IP is always tied to controller Mac in ARP resolution and this can affect failover. If AP is switch over to another controller in a VRRP environment, the AP/L3 may still hold the older ARP of the GRE-STRIPING-IP that affects failover. As of upto 6.3.1.3, to support controller redundancy with VRRP and using AP LACP, make sure the AP's are connected to the VRRP pair controllers via a L3 network and the controller's upstream L3 gateways has a static host route to this GRE-STRIPING IP "X+1" address with nexthop to LMS-IP "X" VRRP address"

Hi Victor,

I had seen that little blurb when I was doing some research on this. Doesn't that seem kludgy to you? I mean, yeah, I could setup a static route on each of the controllers and run BFD on that static route, giving a higher preference to one controller at a time - but that is not an elegant solution.

I have a TAC case open on this issue right now where I'm being told that if I add the LMS+1 IP to the system profile that it should just work, even if that IP is not routeable. I gave that a whirl yesterday and it didn't work. It did end up working when I added a loopback of the LMS+1 IP to the controller. Again, the question becomes how do you scale that without getting all kludgy.

I definitely appreciate the reply!

-Mike

FYI - There are a few new options in AOS 6.4.2.

ArubaOS 6.4.2.0 introduces the AP LACP LMS map information profile, a local profile that maps a LMS
IP address to a GRE striping IP address. If the AP fails over to a standby or backup controller, the AP LACP
LMS map information profile on the new controller defines the IP address that AP uses to terminate 802.11.g
radio tunnels on the new controller. This feature allows AP-220 Series or AP-270 Series access points to form a
802.11.g radio tunnel to a backup controller the event of a controller failover, even if the backup controller is
in a different L3 network. In previous releases, the GRE striping IP address was defined in the global AP system
profile, which did not allow APs to maintain GRE striping tunnels if the AP failed over to a backup controller in a
different L3 network. The GRE striping IP address parameter is deprecated from the AP system profile in
ArubaOS 6.4.2.0.

Hi Tim,

I read that in the most recent release notes - thank god! 

-Mike