Wireless Access

Longtime reader, first time poster. We're starting to evaluate 8.1 for deployment and have an extensive RAP setup that needs to be migrated. I'm still working to understand the differences in 8.1 and one aspect that is confusing is RAP termination. We plan on using one virtual MM and rely on VMware clustering to ensure the VM stays up. According to some documentation the RAP will need to terminate on a NAT'd IP of the MM. Will the MM then "pass on" the RAP to terminate on an MD in a clustered environment? Does the MD also then need a public IP? Also, the RAPs must authenticate on the MM via certificates and not PSK, is that right? Broadly speaking, I'd like to be clear on how the RAP works in a cluster, since clustering MDs seems to be best practice for resiliency. The 8.1 guide has an extensive section on RAP setup but it is lacking in detail in how RAPs work in clusters, except for a brief blurb on the lc-rap-pool command. Any advice would be much appreciated. Thanks!

RAP will need to be terminated on the public IPs of the MCs since the MMs can't terminate any Aps

Thanks Victor. Can you expand on how RAPs work in an 8.1-based cluster? In the MM node there's the RAP pool settings under services but that doesn't exist under managed network. Does each MC need a one-to-one NAT? In the old setup we configured an LMS and backup LMS but our cluster will have four MCs. How would that work?

You can use the LMS-ip/B-LMS-IP and do a one to one NAT public IP address (same as before) but in order to support RAPs in a cluster both IPs will need to be public since NAT is not supported with RAPs in a cluster

What is the function of the RAP pool under MM services if we are only using LMS and BLMS? I thought RAPs support up to a four-node cluster in 8.1. Would we choose one MC randomly and hardcode it as the LMS? 

 

http://community.arubanetworks.com/t5/Controller-Based-WLANs/Benefits-of-using-RAP-cluster-support-in-8-x/ta-p/290926

 

 

The RAP pool needs to be defined under your Managed Network.
In a cluster each AP will have an AP Anchor controller and a AP Standby Anchor Controller and the assignment of the AAC and S-AAC is done dynamically .

Please look at the user guide for more information , are you working your Aruba local team or Aruba partner ?

I can only find the cluster rap pool under the mobility master > Mynode> configuration > services > clusters > controller Cluster RAP Pool. 

 

It not under Managed Network maybe this was moved in 8.3  

Hi vqtran9,

 

Were you able to test if it is possible to use RAPs when you have a cluster?

 

The user guide say that LMS IP is ignored when you have AP load balancing enabled on the cluster.

 

/Philip

 

Edit: To answer my own question: It is still not supported to do NAT to a MD in a cluster in 8.2.

Is this behavior going to change in future versions?

Since we are not going to put a public address on our controllers.

 

Other possibility from Aruba TAC was to place a VMC, but this is a high cost for just a few RAPs.

 

 

Also not working on 8.2.1.0 with a cluster.

 

+1 for getting this RAP over NAT on a cluster back.

 

this is also preventing us from using the cluster feature.

Bit dissapointed.

Clustered RAP support only recently was "fixed" with the release of 8.4.0.0.  but yeah, lots of time wasted on prior 8.x releases attempting to get it working -even falling back to VRRP, then "TPM" issues (on VM MC), etc.etc.   Hope to try it out shortly - here's the snipit from the Admin/User Guide:

 

Yes... The public ip is need on the cluster to support NAT in ArubaOS 8.4. Goodwork to share the document. Nice Job!

Hi, we've always had a heck of a time configuring RAPs in AOS-8 with or without NAT. What were the TPM issues you're referring to?