Wireless Access

Reply
Occasional Contributor II

Re: controller clustering with remote ap's

Now with 8.4.0.0 it should be possible. But is there a tech note how to configure it when using mds in cluster?

 

I set up a lab but it wan't work. I think the RAP tries to connect to the wrong controller because of AP loadbalancing. But how can we bring the RAP to the active controller???

 

On both controller the AP is flagged as 2, with different switch ip. See the logs:

Received MAP_ADD from IKE for default-ha-ipsecmap172.21.4.181 (gw 172.21.4.181) mapid 0 vlanid 0 ip 172.21.4.181 mask 255.255.255.255 src_ip 172.21.4.182 peer_ip 172.21.4.181 uplink_ip 0.0.0.0 flags 0x0


Jan 17 14:25:32 cluster_mgr[4263]: <352302> <5214> <ERRS> |cluster_mgr| cmlb_ap_handle_ap_down_request, No entry in active table in LB-AP thread for AP with mac 00:4e:35:c0:50:ce

The RAP system-profile:

ap system-profile "rap"
    lms-ip x.x.x.126
    bkup-lms-ip x.x.x.127
    ap-console-password f07f0060babda0eb9d334d06ef1ebf796c88bc7e849bf3d0
    bkup-passwords 0709bf2b2078b3fe6c4366c3dcf8b517f4655c2841b47cb3

As soon as i would replace the primary lms ip to .127 it would work.

 

Greets Marc

Super Contributor II

Re: controller clustering with remote ap's

Hi Marc!

 

Did you configure the Public IP -> private IP mappings in the cluster profile?

 

Are those mappings unique and static in the firewall? In other words, each port forward should always terminate on one specific controller, not a VRRP.

 

Do you use the internal RAP whitelist and not an external source?

 

Use #Show lc-cluster group-profile to verify the mappings are in fact the correct mappings and correct according to your port forwards.

 

Cheers,

Christoffer Jacobsson | Aranya AB
Aruba Partner Ambassador
Aruba: ACMX #537 ACCP ACDP | CWNP: CWNE #306
Occasional Contributor II

Re: controller clustering with remote ap's

Hi Christoffer

 

Yes, we have two public IPs natted to the controller IPs (not VRRP) 4500:4500 udp.

 

If I try to configure the rap-public ip it tells me: Error: RAP public ip not configured for controller 172.21.4.182, please configure RAP public IP to all controllers.

 

What does this mean exactly? Do I have to create a dummy vlan with the public ip address as interface?

 

 

Thanks and Greetings

Marc

 

 

 

 

 

 

Super Contributor II

Re: controller clustering with remote ap's

Hi! 

 

Must be refering to this configuration:

 

(host) [cluster] (Classic Controller Cluster Profile "rapcluster") controller 10.10.10.1
rap-public-ip 100.100.100.101
(host) [cluster] (Classic Controller Cluster Profile "rapcluster")controller 10.10.10.2
rap-public-ip 100.100.100.102
(host) [cluster] (Classic Controller Cluster Profile "rapcluster")controller 10.10.10.3
rap-public-ip 100.100.100.103
(host) [cluster] (Classic Controller Cluster Profile "rapcluster")controller 10.10.10.4
rap-public-ip 100.100.100.104

 

Do you have that in place?

 

Cheers,

Christoffer Jacobsson | Aranya AB
Aruba Partner Ambassador
Aruba: ACMX #537 ACCP ACDP | CWNP: CWNE #306
Occasional Contributor II

Re: controller clustering with remote ap's

Hi Christoffer

 

I wasn't able to configure a rap-public-ip to an existing controller in a cluster. I created a new cluster profile with the controller and rap-public-ip without any errors. Then I moved the controllers to the new cluster profile and everything worked fine.

 

Thank you and Greetings

Marc

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: