Thanks Ariyap.
To answer the questions you presented.
1. is the mgmt vlan for the IAPs, the native vlan for the switch port that connects to the APs? No, We have created a vlan 40 for the APs specifically. The APs are the only devices on vlan 40. All users are on other vlans.
In this particular building the switches themselves are dedicated to the APs. AP515s only, no other network devices.
2. is the IAP cluster configured for management VLAN? The management vlan on the AP is left at the default. The previously mentioned vlan 40 is not configured on the Aps.
3. are there any L2 ACLs configured? Certainly not on the APs and the switching teams tells me not on the switches either.
4. assuming the IAPs have dhcp based IP, check the dhcp server for any clues The APs do get their IP via DHCP and there does not seem to be an issue there. Even when Aruba Central has indicated an AP is down I am able to establish an ssh session to it so IP addressing does not seem to be the issue. I have noted however that at least some of the time, even though ssh to an affected AP is possible, the webUi is not available and the AP is in a degraded state.
------------------------------
Senior Network Analyst
Ottawa Carleton District School Board
Ottawa ON
Canada
------------------------------
Original Message:
Sent: Sep 28, 2022 03:19 AM
From: Ariya Parsamanesh
Subject: Why am I getting more than one Publisher AP/Virtual Controller on the same vlan.
I come across this sort of issues only when the network is not stable.
- is the mgmt vlan for the IAPs, the native vlan for the switch port that connects to the APs?
- is the IAP cluster configured for management VLAN?
- are there any L2 ACLs configured?
- assuming the IAPs have dhcp based IP, check the dhcp server for any clues
------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba.
Original Message:
Sent: Sep 27, 2022 09:00 AM
From: Unknown User
Subject: Why am I getting more than one Publisher AP/Virtual Controller on the same vlan.
Hi Gorazd.
Interesting point that you make regarding 10.3. That is definitely something I will want to discuss with my SE.
I am convinced that this is an inter-closet issue! The problem has been proving this to the Switching team that refuses to acknowledge that there is an intercloset issue. What I have to do is somehow prove to them that the beacons are not being received from closet to closet. My feeling is that they are looking at layer 3 to try and diagnose a layer 2 issue. It is also worth noting that I began to see this problem when the switches at this site were replaced as part of an upgrade we are doing. That said, we have hundreds of these new switches deployed in sites where there is no problem at all. If anyone knows what packets I could perhaps capture or perhaps a cli command on the APs that would indicate that beacons are not being received, I would be grateful.
When I ssh to an AP that is acting as a VC and "show election status" I see that the AP will have both sent and received beacons which indicates to me that it was once receiving from the correct master, but is now unable to hear those beacons and is sending beacons of its own.
------------------------------
Senior Network Analyst
Ottawa Carleton District School Board
Ottawa ON
Canada
Original Message:
Sent: Sep 27, 2022 01:54 AM
From: Gorazd Kikelj
Subject: Why am I getting more than one Publisher AP/Virtual Controller on the same vlan.
Hi Terry.
I see this only when my network uplinks were broken. Check for interface errors on switches and look into uplinks between closets. From your description I assume, that you see multiple VCs only between closets and not in the same closet. So check uplinks.
As addition, did you consider upgrading to 10.3 as you already have Aruba Central subscriptions? This would eliminate VCs completely and will give you more controller features. There are some small features that I miss in 10 stream and are currently in Instant 8 stream, but most probably nothing that will affect your configuration.
Best, Gorazd
------------------------------
Gorazd Kikelj
Original Message:
Sent: Sep 26, 2022 02:30 PM
From: Unknown User
Subject: Why am I getting more than one Publisher AP/Virtual Controller on the same vlan.
I am having a problem where a cluster of IAPs that are all on the same VLAN will randomly elect a new Publisher and sometimes this will result in two or more different APs assuming the role of Virtual Controller.
There are 126 IAP515's in the cluster which are spread across 3 wiring closets within a large Secondary School. All 126 APs are on the same VLAN and this VLAN is dedicated to the APs. There are no other devices of any kind on the AP VLAN.
The APs are managed using Aruba Central and are running on version 8.7.1.8.
What appears to happen is that for some reason the APs in one or more closets will stop hearing the beacons sent from the Publisher and then elect a new publisher for the APs in that particular wiring closet. At times there are as many as 3 Publisher APs at the same time.
The symptoms are intermittent but happen regularly and disappear as randomly as they appear. I do not have access to the network switches but my colleagues that manage the switching are unable to see why this might be happening.
Has anyone run into anything like this?
------------------------------
Terry Pelley
Senior Network Analyst
Ottawa Carleton District School Board
Ottawa ON
Canada
------------------------------