Wireless Access

Reply
Contributor II

VRRP vs LMS

Hi,

 

We wonder about VRRP and LMS utility.

 

VRRP makes a VIP shared between two controllers. We thought this have to be used for AP to get configuration on start.

 

After reading some doculentations, one speak about LMS, and configuring IP address and backup address.

 

First : what is this LMS config used for ?

 

Actually we used to configure APs with

setenv serverip <IPV>
setenv master <IPV> using VRRP IP as IPV

 

were does LMS comes in this process ?

 

Second : if LMS is quite usefull, why is it recommended to use physical controllers IP for LMS instead of VRRP one ?

 

We miss some things in redundancy/failover work, if someone can explain it, ,we would appreciate.

 

Regards,

Contributor II

Re: VRRP vs LMS

VRRP is what it is in regular netwroking nothing special.

 

LMS is the local management switch/controller for the AP.

 

LMS in the AP system profile tells the AP what the IP address of the controller you want the AP to come up on. If you have 2 controllers create a VRRP and use that IP as the LMS. This was big in our environment previous and now. Currently we have 2 central clusters running OS 8. Each cluster has a VRRP IP per a cluster and the Primary cluster is Primary LMS and Backup is the Backup LMS. This way if my primary cluster fails the AP will come up on my backup. 

Highlighted
Contributor II

Re: VRRP vs LMS

Typically, we use VIP for master redundancy and LMS for local redundancy if the local on two different subnets. If your local at the same subnet using HA group would be the best option for hitless failover. 

Guru Elite

Re: VRRP vs LMS

In ArubaOS an access point, when an access point is cold-booted it can find its initial controller using DNS, a dhcp option, multicast/broadcasts or have its initial controller statically configured in the flash memory of the access point.  An access points initial controller can vary based on what discovery method is used at what location.  When the access point connects to the controller upon discovery, the administrator has the option of redirecting that access point to the controller the administrator wants that access point to be on....using an LMS-IP in the AP system profile of the AP-Group.  That ip address can be the ip address of a controller or the ip address of a VRRP shared by two controllers...it does not matter.  You can also configure a backup LMS-IP that the access point will fail over to if it loses contact with the initial ip address.

 

VRRP is used specifically when you want two or more controllers to provide high availability via a single ip address.  Only one controller controls the VRRP ip address at one time, and if that controller goes down, a controller that has secondary priority will typically answer that ip address and provide redundancy.

 

 

In summary, the LMS-IP and Backup LMS-IP is designed to redirect an access point to the ip address of the controller you want it terminated on.  That is because sometimes in the discovery process, an access point can end up on a controller that is not intended to be his home controller.  If there is an LMS-IP, the AP is redirected immediately to the correct controller's ip address, starts broadcasting SSIDs and starts accepting clients.  The LMS-ip and the backup LMS-IP can point to VRRPs.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor I

Re: VRRP vs LMS

Just to add,

 

1) VRRP between two controllers works over layer 2, same subnet only, typically between two controllers in the same location.

 

2) Backup LMS-IP can be used by APs to reach to a controller that is over another L3 routed network.

 

Lets take an example , Customer with HQ and Disaster Recovery (DR) Site. 2 controllers in HQ , and 1 in DR.

 

HQ with two controllers having VRRP configured.  AP points LMS-IP TO VRRP IP of HQ, and Backup-LMP IP of DR site.

 

This gives customer redundancy on controller for onsite, and geographical site redundancy.

Aruba Employee

Re: VRRP vs LMS

another important difference between VRRP and LMS backup LMS. If you use the VRRP IP and the controller being the VRRP master fails, the AP needs to bootstrap in order to connect to the new VRRP Master. which will result in clients being disconnected. 

If you use LMS and Backup LMS, the AP already have two tunnels, one to the LMS, which is active and one to the Backup LMS, which is in standby mode. 

If the controller, being the LMS for the AP, fails, the AP instantly switched over the Backup LMS using the standby tunnel. No disconnects or loss of clients. 

From my point of view, this is the main difference in using VRRP or LMS, Backup LMS

 

Just my 2 cents 


visit our Youtube Channel:
https://www.youtube.com/channel/UCFJCnuXFGfEbwEzfcgU_ERQ/featured
Please visit my personal blog as well:
https://www.flomain.de
Guru Elite

Re: VRRP vs LMS


@FlorianBaaske wrote:

another important difference between VRRP and LMS backup LMS. If you use the VRRP IP and the controller being the VRRP master fails, the AP needs to bootstrap in order to connect to the new VRRP Master. which will result in clients being disconnected. 

[Failover from one controller in a VRRP to another controller in the same VRRP is fairly smooth and is an excellent option when both controllers are at the same physical location.  That is not a negative]

 

If you use LMS and Backup LMS, the AP already have two tunnels, one to the LMS, which is active and one to the Backup LMS, which is in standby mode. 

If the controller, being the LMS for the AP, fails, the AP instantly switched over the Backup LMS using the standby tunnel. No disconnects or loss of clients. [Primary and Standby Tunnels require that HA Fast Failover be configured, not just a backup LMS.}

From my point of view, this is the main difference in using VRRP or LMS, Backup LMS

 

Just my 2 cents 


 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Aruba Employee

Re: VRRP vs LMS


@cjoseph wrote:

@FlorianBaaske wrote:

another important difference between VRRP and LMS backup LMS. If you use the VRRP IP and the controller being the VRRP master fails, the AP needs to bootstrap in order to connect to the new VRRP Master. which will result in clients being disconnected. 

[Failover from one controller in a VRRP to another controller in the same VRRP is fairly smooth and is an excellent option when both controllers are at the same physical location.  That is not a negative]

FB: Due, to the missing HA Fast Failover setup, at least all sessions will be dropped, as they are not synced. And to my knowledge, the radio will be going down for some seconds. 

 

If you use LMS and Backup LMS, the AP already have two tunnels, one to the LMS, which is active and one to the Backup LMS, which is in standby mode. 

If the controller, being the LMS for the AP, fails, the AP instantly switched over the Backup LMS using the standby tunnel. No disconnects or loss of clients. [Primary and Standby Tunnels require that HA Fast Failover be configured, not just a backup LMS.}

FB: Correct, and if I talk about LMS and Backup LMS, this implies HA Fast Failover. Going with AOS 8, there is no real use case for LMS ( and Backup LMS) without HA fast failover. 

From my point of view, this is the main difference in using VRRP or LMS, Backup LMS

 

Just my 2 cents 


 


 


visit our Youtube Channel:
https://www.youtube.com/channel/UCFJCnuXFGfEbwEzfcgU_ERQ/featured
Please visit my personal blog as well:
https://www.flomain.de
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: