Wireless Access

I'm planning to convert from a single 3600 Master to a pair of 3600 with VRRP.

For the moment I have a "spare" 3600 and my planned second 3600, which I'm planning to set up as a mated pair in lab.

Once built and running correctly, I'm thinking I'll just power-down the soon-to-be-former-Master and power up the redundant-pair.

Will the 6 local controllers which all look to the master notice the change? Will they need to be rebooted?

I'm trying to figure out the least impact to end-users -- am I on a good track or is there a better path?

Why not just join the second 3600 to the existing master as a backup, bring up VRRP and then point the locals to the new VRRP address?

I believe changing master address on the locals requires a reboot of locals == large-impact-to-users.

I'm trying not to reboot the locals, or otherwise let the users know anything happened.

What about changing the IP on the master and using the old IP (that the locals are pointing to) as the new VRRP address? As long as the keys match, you shouldn't have to reboot the locals.

That's what I'm hoping for.

Looking for community agreement that the locals won't mind the change.

Your vote and my assumption make two votes -- which will be enough to carry the motion if noone votes against us.

Let's wait for another vote :)

Colin? Victor? 

Bueller?

cappalli is correct , if the IP address doesn't changed no rebooting needed on the locals

Cool, that's enough opinions to convice me (addiing in the opinion of my Aruba-partner)

I'll do it and report back.

Took longer to get things lined up than I'd expected, but we now have a VRRP-mated, redundant-master pair using the IP of the old master and there were almost no hitches.

I took the former local (3600) controller and the RMA replacement (3600) controller and made them a VRRP pair on a spare IP address to test. Then took them off the production switch and cabled them together so they could still talk but not be seen by the world.

With them isolated, I changed their virtual IP address to the current master IP, added the tunnel interfaces and moved Masterhood to the newer unit and confirmed configuration sync and handoff etc.

To make the swap, I disconnected the LAN cables from the outgoing single-failing-master and connected the pair of redundant masters, and everything but three tunnels came back up.

For some reason I had to go to the far end controllers for those three tunnels and shut/wiat 5 minutes/no shut the tunnel to get traffic to pass.

Now everything seems to be good.

I case someone follows me thread and also wonders about the tunnel, the anwer (from CJoseph -- well put by the way) is in this thread:

http://community.arubanetworks.com/t5/Unified-Wired-Wireless-Access/VRRP-IP-cannot-be-L2-GRE-tunnel-endpoint/td-p/33572

In smmary:

Local controllers tunnel to the VRRP address

Master controllers tunnel to the local from their physical address (not VRRP)