SlideShare une entreprise Scribd logo

EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x

Télécharger en tant que PPTX, PDF
Aruba, a Hewlett Packard Enterprise company
Aruba, a Hewlett Packard Enterprise company

In this presentation, we will discuss the L3 Redundancy Requirement which primarily comes from customers who want to handle the complete Data Center Failure during natural disasters or other catastrophic events. Check out the webinar recording where this presentation was used: http://community.arubanetworks.com/t5/Wireless-Access/Technical-Webinar-Layer-3-Redundancy-for-Mobility-Master-ArubaOS/td-p/382029 Register for the upcoming webinars: https://community.arubanetworks.com/t5/Training-Certification-Career/EMEA-Airheads-Webinars-Jul-Dec-2017/td-p/271908

Technologie
1  sur  38
1 Master-L3-Redundancy 10:00 GMT | 11:00 CET | 14:00 GST FEB 6th, 2018 Presenter: Abdul Ali Irfaan abdul.ali.irfaan@hpe.com
2 Agenda • Introduction • Functionality • Topology • Configuration • Troubleshooting • Debugging • Caveats • Changes from Earlier Versions • Demo
3 INTRODUCTION
4 Introduction Why Layer-3 Redundancy? • The L3 Redundancy Requirement primarily comes from customers who want to handle the complete Data Center Failure during natural disasters or other catastrophic events. • ArubaOS 8.2.0.0 introduces support for a redundant pair of Mobility Masters. • L3 redundancy will prevent a scenario where a Mobility Master acts as a single point of failure if the link to the Mobility Master goes down, or a co-located standby Mobility Master controller pair fails due to a data center failure or a local natural disaster.
5 Introduction • Configuration and databases are synced automatically from the primary to secondary data center. • Managed Devices detect a failure in the primary data center and automatically switch to the secondary data center. • The switchover event in the managed device will have minimal service impact if any. • With Centralized licensing, a single license can be used for both primary and secondary data centers. • Layer-2 and Layer-3 redundancy will work together. • When the primary data center comes back up all managed devices will switch back to primary data center with minimal service impact if any.
6 FUNCTIONALITY
7 Functionality • The L3 Redundancy Feature supports Active-Standby model. • The L3 Redundancy role is driven by explicit user configuration at both ends. There are 3 roles: Primary ,Secondary, None (default). • The L3 Redundancy role will determine: • If the user can make the config changes • If the sync will be initiated. • When the redundancy Role is “Primary”, user config changes will be allowed on MM and initiates DB/config sync . • If the redundancy Role is “Secondary”, user config changes will not be allowed and sync from primary will be accepted and acted upon. • On the Secondary Master, config changes are allowed only on /mm/mynode. • L3 redundant peers can either be switch IP or VRRP IP of L3 peers.
8 Functionality • There are 4 sets of data that will be synced across L3 peers: • Databases • Certificates • Captive Portal Files (Custom images) • Configurations
9 Functionality • Config sync is periodic and is based on configured l3-sync-timer (default 2 hours). • If L2 redundancy is configured in primary and secondary DC then DB sync is initiated from Primary active to Secondary active . • DB/config sync will not take place between MM’s if both are configured with role as primary or both configured with role as secondary.
10 Functionality • MDs can be configured with secondary master IP during the initial setup, ZTP or as partial configuration from MM. • Each MD will interface with HCM which will provide the reachability information of both Primary and Secondary MM. • If MDs directly terminate on MM, then MDs probe the primary and secondary MM IP to detect primary data center failure. • If MDs connect to MM via VPNC , then MDs probe the primary and secondary VPNC IP (if any) to detect primary data center failure. • When MD detects that it cannot reach primary MM for 15 minutes, it triggers L3 Switchover.
11 Functionality • The MDs will have management tunnel with only one MM at any given time. • When MD detects that Primary Data Center is down and Secondary Data Center is up, MD will tear down the tunnel with Primary DC (or VPNC1) and attempt to establish IPSec tunnel with its Secondary DC (or VPNC2). • Secondary MM will accept MDs only if it detects its tunnel with Primary MM is down. • The MDs can connect to the Secondary Master and it will show up as a connected device in “show switches” in the Secondary master and can stay on it as long as Primary is down. As soon as the Primary is up, the tunnel with MDs will be torn down and MDs will switch back to primary MM.
12 Topology
13 CONFIGURATION
14 Configuration Enabling L3 redundancy (On primary and secondary MM) from /mm/mynode) (Primary-Master) [mynode] (config-submode)#master-l3redundancy (Primary-Master) [mynode] (config-submode)#l3-peer-ip-address 10.17.204.171? ipsec IPSEC secure communication between masters ipsec-custom-cert Custom-Cert-based IPSEC secure communication between masters ipsec-factory-cert Factory-Cert-based IPSEC secure communication between masters (Primary-Master) [mynode] (config-submode)#l3-sync-state ? None No Sync state for L3 Redundancy Primary Set Sync state for L3 Redundancy as Primary Secondary Set Sync state for L3 Redundancy as Secondary (Primary-Master) [mynode] (config-submode)#l3-sync-time 2 Example: (Primary-Master) [mynode] (config) #master-l3redundancy (Primary-Master) [mynode] (config-submode)#l3-peer-ip-address 10.17.204.171 ipsec arub123 (Primary-Master) [mynode] (config-submode)#l3-sync-state Primary (Primary-Master) [mynode] (config-submode)#l3-sync-time 2
15 Configuration Secondary master IP config for MDs (Using CLI under /md) For MD: secondary master-ip <ip/FQDN> ipsec <key> <optional-peer-mac-1> <optional-peer-mac-2> secondary master-ip <ip/FQDN> ipsec-factory-cert <mac-1> <optional-peer-mac-2> secondary master-ip <ip/FQDN> ipsec-custom-cert <mac-1> <optional-peer-mac-2> ca-cert <ca-cert- name/factory-cert> server-cert <server-cert-name/factory-cert> suite-b < gcm128/gcm256> Example: secondary master-ip 10.17.204.171 ipsec aruba123 For BoC: secondary master-ip <ip/FQDN> vpn-ip <ip/FQDN> ipsec <key> <optional-peer-mac-1> <optional-peer-mac-2> secondary master-ip <ip/FQDN> vpn-ip <ip/FQDN> ipsec-factory-cert <mac-1> <optional-peer-mac-2> secondary master-ip <ip/FQDN> vpn-ip <ip/FQDN> ipsec-custom-cert <mac-1> <optional-peer-mac-2> ca-cert <ca-cert-name/factory-cert> server-cert <server-cert-name/factory-cert> suite-b < gcm128/gcm256> Example: secondary masterip 10.17.204.171 vpn-ip 10.17.204.173 ipsec-factory-cert vpn-mac-1 00:50:56:9f:31:8b
16 Configuration Initial Setup in MD: Full-setup : Do you want to enable L3 Redundancy (Yes|No)[No]: Enter Secondary Master switch IP address or FQDN: Is this a VPN concentrator for managed device to reach Secondary Master switch (yes|no) [no]: Enter IPSec Pre-shared Key: Enter Secondary Master switch MAC address: Enter Secondary Redundant Master switch MAC address [none]: This device connects to Secondary Master switch via VPN concentrator (yes|no) [no]: Enter VPN concentrator IP address or FQDN: VPN concentrator Authentication method (FactoryCert|PSKwithMAC) [FactoryCert]: Enter VPN concentrator MAC address: Enter Redundant VPN concentrator MAC address [none]: Enter IPSec Pre-shared Key: Enter VPN concentrator MAC address: Enter Redundant VPN concentrator MAC address [none]: Is Secondary Master switch Virtual Mobility Master? (yes|no) [yes]: Secondary Master switch Authentication method (PSKwithIP|PSKwithMAC) [PSKwithIP]: Secondary Master switch Authentication method (PSKwithIP|PSKwithMAC|FactoryCert) [PSKwithIP]: Enter IPSec Pre-shared Key: Enter Secondary Master switch MAC address: Enter Secondary Redundant Master switch MAC address [none]:
17 Configuration Mini-setup: Do you want to enable L3 Redundancy (Yes|No)[No]: Enter Secondary Master switch IP address or FQDN: Enter VPN concentrator IP address or FQDN [none]: Enter VPN concentrator MAC address: Enter Redundant VPN concentrator MAC address [none]: Enter Secondary Master switch MAC address: Enter Secondary Redundant Master switch MAC address [none]:
18 TROUBLESHOOTING
19 Troubleshooting • Verify L3-sync role, L3 peer IP, Pre-Shared Key on the Primary and Secondary MM • On Primary MM: • On Secondary MM:
20 Troubleshooting • Verify crypto ipsec sa between Primary and Secondary MM
21 Troubleshooting • Crypto ipsec sa on Secondary MM
22 Troubleshooting • Verify database sync between Primary and Secondary MM
23 Troubleshooting • Verify config sync between Primary and Secondary MM
24 Troubleshooting • Verify config-id on Primary and Secondary MM • On Secondary: • On Primary:
25 Troubleshooting • Verify the status of MMs on the MDs
26 Troubleshooting Manual config sync: On Secondary MM: master-l3redundancy config-sync Manual L3 switchover: On MD: master-l3redundancy switchover
27 Troubleshooting • Verify if the MDs have failed over to the Secondary MM
28 Debugging Dbsync related issues logging system process dbsync level debugging Config Sync related issues logging system process cfgm level debugging logging system process cfgdist level debugging Ike related issues : logging security process crypto level debugging Health check and failover issues logging system process fpapps level debugging logging system process hcm level debugging
29 CHANGES FROM EARLIER VERSIONS
30 Changes from earlier versions • In 6.4.4, L3 Redundancy Support was added for BoC Controllers. It had some limitations like • User had to explicitly do the sync across L3 peers manually • MDs rebooted when the Master IP changed • Separate licenses had to be manually installed on the Secondary Master. • In 8.x , L3 redundancy: • Config DB’s and captive portal files are automatically synced between primary an secondary. • MD’s do not reboot during master IP change. • Licenses are synced between Primary and secondary MM.
31 CAVEATS
32 Caveats • No UI support for configuring L3 redundancy in this release • No v6 support for L3 peers. • L3 redundancy is not supported in standalone topology and MCM topology. • L3 redundancy and Centralized licensing in multiple mobility master are mutually exclusive.
33 DEMO
34 Demo
35 Demo
36 Demo
37 QUESTIONS?
38 THANK YOU!

Recommandé

EMEA Airheads - AP Discovery Logic and AP Deployment
EMEA Airheads - AP Discovery Logic and AP DeploymentEMEA Airheads - AP Discovery Logic and AP Deployment
EMEA Airheads - AP Discovery Logic and AP DeploymentAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- ArubaOS - Rogue AP troubleshooting
EMEA Airheads- ArubaOS - Rogue AP troubleshootingEMEA Airheads- ArubaOS - Rogue AP troubleshooting
EMEA Airheads- ArubaOS - Rogue AP troubleshootingAruba, a Hewlett Packard Enterprise company
 
Airheads Tech Talks: Advanced Clustering in AOS 8.x
Airheads Tech Talks: Advanced Clustering in AOS 8.xAirheads Tech Talks: Advanced Clustering in AOS 8.x
Airheads Tech Talks: Advanced Clustering in AOS 8.xAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads - Aruba Remote Access Point (RAP) Troubleshooting
EMEA Airheads - Aruba Remote Access Point (RAP) TroubleshootingEMEA Airheads - Aruba Remote Access Point (RAP) Troubleshooting
EMEA Airheads - Aruba Remote Access Point (RAP) TroubleshootingAruba, a Hewlett Packard Enterprise company
 
Campus Redundancy Models
Campus Redundancy ModelsCampus Redundancy Models
Campus Redundancy ModelsAruba, a Hewlett Packard Enterprise company
 
Airheads Tech Talks: Cloud Guest SSID on Aruba Central
Airheads Tech Talks: Cloud Guest SSID on Aruba CentralAirheads Tech Talks: Cloud Guest SSID on Aruba Central
Airheads Tech Talks: Cloud Guest SSID on Aruba CentralAruba, a Hewlett Packard Enterprise company
 
Roaming behavior and Client Troubleshooting
Roaming behavior and Client TroubleshootingRoaming behavior and Client Troubleshooting
Roaming behavior and Client TroubleshootingAruba, a Hewlett Packard Enterprise company
 
The Aruba Tech Support Top 10: WLAN design, configuration and troubleshooting...
The Aruba Tech Support Top 10: WLAN design, configuration and troubleshooting...The Aruba Tech Support Top 10: WLAN design, configuration and troubleshooting...
The Aruba Tech Support Top 10: WLAN design, configuration and troubleshooting...Aruba, a Hewlett Packard Enterprise company
 

Recommandé

EMEA Airheads - AP Discovery Logic and AP Deployment
EMEA Airheads - AP Discovery Logic and AP DeploymentEMEA Airheads - AP Discovery Logic and AP Deployment
EMEA Airheads - AP Discovery Logic and AP DeploymentAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- ArubaOS - Rogue AP troubleshooting
EMEA Airheads- ArubaOS - Rogue AP troubleshootingEMEA Airheads- ArubaOS - Rogue AP troubleshooting
EMEA Airheads- ArubaOS - Rogue AP troubleshootingAruba, a Hewlett Packard Enterprise company
 
Airheads Tech Talks: Advanced Clustering in AOS 8.x
Airheads Tech Talks: Advanced Clustering in AOS 8.xAirheads Tech Talks: Advanced Clustering in AOS 8.x
Airheads Tech Talks: Advanced Clustering in AOS 8.xAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads - Aruba Remote Access Point (RAP) Troubleshooting
EMEA Airheads - Aruba Remote Access Point (RAP) TroubleshootingEMEA Airheads - Aruba Remote Access Point (RAP) Troubleshooting
EMEA Airheads - Aruba Remote Access Point (RAP) TroubleshootingAruba, a Hewlett Packard Enterprise company
 
Campus Redundancy Models
Campus Redundancy ModelsCampus Redundancy Models
Campus Redundancy ModelsAruba, a Hewlett Packard Enterprise company
 
Airheads Tech Talks: Cloud Guest SSID on Aruba Central
Airheads Tech Talks: Cloud Guest SSID on Aruba CentralAirheads Tech Talks: Cloud Guest SSID on Aruba Central
Airheads Tech Talks: Cloud Guest SSID on Aruba CentralAruba, a Hewlett Packard Enterprise company
 
Roaming behavior and Client Troubleshooting
Roaming behavior and Client TroubleshootingRoaming behavior and Client Troubleshooting
Roaming behavior and Client TroubleshootingAruba, a Hewlett Packard Enterprise company
 
The Aruba Tech Support Top 10: WLAN design, configuration and troubleshooting...
The Aruba Tech Support Top 10: WLAN design, configuration and troubleshooting...The Aruba Tech Support Top 10: WLAN design, configuration and troubleshooting...
The Aruba Tech Support Top 10: WLAN design, configuration and troubleshooting...Aruba, a Hewlett Packard Enterprise company
 
Wireless LAN Design Fundamentals in the Campus
Wireless LAN Design Fundamentals in the CampusWireless LAN Design Fundamentals in the Campus
Wireless LAN Design Fundamentals in the CampusAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads How licensing works in Aruba OS 8.x
EMEA Airheads How licensing works in Aruba OS 8.xEMEA Airheads How licensing works in Aruba OS 8.x
EMEA Airheads How licensing works in Aruba OS 8.xAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Aruba OS- Mobile First Platform– Aruba OS 8.0 introduction
EMEA Airheads- Aruba OS- Mobile First Platform– Aruba OS 8.0 introductionEMEA Airheads- Aruba OS- Mobile First Platform– Aruba OS 8.0 introduction
EMEA Airheads- Aruba OS- Mobile First Platform– Aruba OS 8.0 introductionAruba, a Hewlett Packard Enterprise company
 
Optimizing Aruba WLANs for Roaming Devices
Optimizing Aruba WLANs for Roaming DevicesOptimizing Aruba WLANs for Roaming Devices
Optimizing Aruba WLANs for Roaming DevicesAruba, a Hewlett Packard Enterprise company
 
Guest Access with ArubaOS
Guest Access with ArubaOSGuest Access with ArubaOS
Guest Access with ArubaOSAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Aruba Instant AP- VPN Troubleshooting
EMEA Airheads- Aruba Instant AP- VPN TroubleshootingEMEA Airheads- Aruba Instant AP- VPN Troubleshooting
EMEA Airheads- Aruba Instant AP- VPN TroubleshootingAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Instant AP- Instant AP Best Practice Configuration
EMEA Airheads- Instant AP- Instant AP Best Practice ConfigurationEMEA Airheads- Instant AP- Instant AP Best Practice Configuration
EMEA Airheads- Instant AP- Instant AP Best Practice ConfigurationAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads - What does AirMatch do differently?v2
EMEA Airheads - What does AirMatch do differently?v2 EMEA Airheads - What does AirMatch do differently?v2
EMEA Airheads - What does AirMatch do differently?v2Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- ArubaOS - Cluster Manager
EMEA Airheads- ArubaOS - Cluster ManagerEMEA Airheads- ArubaOS - Cluster Manager
EMEA Airheads- ArubaOS - Cluster ManagerAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads - Multi zone ap and centralized image upgrade
EMEA Airheads - Multi zone ap and centralized image upgradeEMEA Airheads - Multi zone ap and centralized image upgrade
EMEA Airheads - Multi zone ap and centralized image upgradeAruba, a Hewlett Packard Enterprise company
 
Managing and Optimizing RF Spectrum for Aruba WLANs
Managing and Optimizing RF Spectrum for Aruba WLANsManaging and Optimizing RF Spectrum for Aruba WLANs
Managing and Optimizing RF Spectrum for Aruba WLANsAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Aruba Central with Instant AP
EMEA Airheads- Aruba Central with Instant APEMEA Airheads- Aruba Central with Instant AP
EMEA Airheads- Aruba Central with Instant APAruba, a Hewlett Packard Enterprise company
 
Aruba WLANs 101 and design fundamentals
Aruba WLANs 101 and design fundamentalsAruba WLANs 101 and design fundamentals
Aruba WLANs 101 and design fundamentalsAruba, a Hewlett Packard Enterprise company
 
6 understanding aruba rf issues
6 understanding aruba rf issues6 understanding aruba rf issues
6 understanding aruba rf issuesVenudhanraj
 
Onboard Deployment Guide 3.9.6
Onboard Deployment Guide 3.9.6Onboard Deployment Guide 3.9.6
Onboard Deployment Guide 3.9.6Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- ArubaOS - Understanding Control-Plane-Security
EMEA Airheads- ArubaOS - Understanding Control-Plane-SecurityEMEA Airheads- ArubaOS - Understanding Control-Plane-Security
EMEA Airheads- ArubaOS - Understanding Control-Plane-SecurityAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Aruba 8.x Architecture overview & UI Navigation
EMEA Airheads- Aruba 8.x Architecture overview & UI NavigationEMEA Airheads- Aruba 8.x Architecture overview & UI Navigation
EMEA Airheads- Aruba 8.x Architecture overview & UI NavigationAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads_ Advance Aruba Central
EMEA Airheads_ Advance Aruba CentralEMEA Airheads_ Advance Aruba Central
EMEA Airheads_ Advance Aruba CentralAruba, a Hewlett Packard Enterprise company
 
Access Management with Aruba ClearPass
Access Management with Aruba ClearPassAccess Management with Aruba ClearPass
Access Management with Aruba ClearPassAruba, a Hewlett Packard Enterprise company
 
Aruba Mobility Controllers
Aruba Mobility ControllersAruba Mobility Controllers
Aruba Mobility ControllersAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Manage Devices at Branch Office (BOC)
EMEA Airheads- Manage Devices at Branch Office (BOC)EMEA Airheads- Manage Devices at Branch Office (BOC)
EMEA Airheads- Manage Devices at Branch Office (BOC)Aruba, a Hewlett Packard Enterprise company
 
Virtualization & Network Connectivity
Virtualization & Network Connectivity Virtualization & Network Connectivity
Virtualization & Network Connectivity itplant
 

Contenu connexe

Tendances

6 understanding aruba rf issues
6 understanding aruba rf issues6 understanding aruba rf issues
6 understanding aruba rf issuesVenudhanraj
 

Tendances (20)

Wireless LAN Design Fundamentals in the Campus
Wireless LAN Design Fundamentals in the CampusWireless LAN Design Fundamentals in the Campus
Wireless LAN Design Fundamentals in the Campus
 
EMEA Airheads How licensing works in Aruba OS 8.x
EMEA Airheads How licensing works in Aruba OS 8.xEMEA Airheads How licensing works in Aruba OS 8.x
EMEA Airheads How licensing works in Aruba OS 8.x
 
EMEA Airheads- Aruba OS- Mobile First Platform– Aruba OS 8.0 introduction
EMEA Airheads- Aruba OS- Mobile First Platform– Aruba OS 8.0 introductionEMEA Airheads- Aruba OS- Mobile First Platform– Aruba OS 8.0 introduction
EMEA Airheads- Aruba OS- Mobile First Platform– Aruba OS 8.0 introduction
 
Optimizing Aruba WLANs for Roaming Devices
Optimizing Aruba WLANs for Roaming DevicesOptimizing Aruba WLANs for Roaming Devices
Optimizing Aruba WLANs for Roaming Devices
 
Guest Access with ArubaOS
Guest Access with ArubaOSGuest Access with ArubaOS
Guest Access with ArubaOS
 
EMEA Airheads- Aruba Instant AP- VPN Troubleshooting
EMEA Airheads- Aruba Instant AP- VPN TroubleshootingEMEA Airheads- Aruba Instant AP- VPN Troubleshooting
EMEA Airheads- Aruba Instant AP- VPN Troubleshooting
 
EMEA Airheads- Instant AP- Instant AP Best Practice Configuration
EMEA Airheads- Instant AP- Instant AP Best Practice ConfigurationEMEA Airheads- Instant AP- Instant AP Best Practice Configuration
EMEA Airheads- Instant AP- Instant AP Best Practice Configuration
 
EMEA Airheads - What does AirMatch do differently?v2
EMEA Airheads - What does AirMatch do differently?v2 EMEA Airheads - What does AirMatch do differently?v2
EMEA Airheads - What does AirMatch do differently?v2
 
EMEA Airheads- ArubaOS - Cluster Manager
EMEA Airheads- ArubaOS - Cluster ManagerEMEA Airheads- ArubaOS - Cluster Manager
EMEA Airheads- ArubaOS - Cluster Manager
 
EMEA Airheads - Multi zone ap and centralized image upgrade
EMEA Airheads - Multi zone ap and centralized image upgradeEMEA Airheads - Multi zone ap and centralized image upgrade
EMEA Airheads - Multi zone ap and centralized image upgrade
 
Managing and Optimizing RF Spectrum for Aruba WLANs
Managing and Optimizing RF Spectrum for Aruba WLANsManaging and Optimizing RF Spectrum for Aruba WLANs
Managing and Optimizing RF Spectrum for Aruba WLANs
 
EMEA Airheads- Aruba Central with Instant AP
EMEA Airheads- Aruba Central with Instant APEMEA Airheads- Aruba Central with Instant AP
EMEA Airheads- Aruba Central with Instant AP
 
Aruba WLANs 101 and design fundamentals
Aruba WLANs 101 and design fundamentalsAruba WLANs 101 and design fundamentals
Aruba WLANs 101 and design fundamentals
 
6 understanding aruba rf issues
6 understanding aruba rf issues6 understanding aruba rf issues
6 understanding aruba rf issues
 
Onboard Deployment Guide 3.9.6
Onboard Deployment Guide 3.9.6Onboard Deployment Guide 3.9.6
Onboard Deployment Guide 3.9.6
 
EMEA Airheads- ArubaOS - Understanding Control-Plane-Security
EMEA Airheads- ArubaOS - Understanding Control-Plane-SecurityEMEA Airheads- ArubaOS - Understanding Control-Plane-Security
EMEA Airheads- ArubaOS - Understanding Control-Plane-Security
 
EMEA Airheads- Aruba 8.x Architecture overview & UI Navigation
EMEA Airheads- Aruba 8.x Architecture overview & UI NavigationEMEA Airheads- Aruba 8.x Architecture overview & UI Navigation
EMEA Airheads- Aruba 8.x Architecture overview & UI Navigation
 
EMEA Airheads_ Advance Aruba Central
EMEA Airheads_ Advance Aruba CentralEMEA Airheads_ Advance Aruba Central
EMEA Airheads_ Advance Aruba Central
 
Access Management with Aruba ClearPass
Access Management with Aruba ClearPassAccess Management with Aruba ClearPass
Access Management with Aruba ClearPass
 
Aruba Mobility Controllers
Aruba Mobility ControllersAruba Mobility Controllers
Aruba Mobility Controllers
 

Similaire à EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x

Virtualization & Network Connectivity
Virtualization & Network Connectivity Virtualization & Network Connectivity
Virtualization & Network Connectivity itplant
 
CCNA4 Verson6 Chapter2
CCNA4 Verson6 Chapter2CCNA4 Verson6 Chapter2
CCNA4 Verson6 Chapter2Chaing Ravuth
 
Expanding your options with the MQ Appliance
Expanding your options with the MQ ApplianceExpanding your options with the MQ Appliance
Expanding your options with the MQ ApplianceAnthony Beardsmore
 
Building a Highly available messaging hub using the IBM MQ Appliance
Building a Highly available messaging hub using the IBM MQ ApplianceBuilding a Highly available messaging hub using the IBM MQ Appliance
Building a Highly available messaging hub using the IBM MQ ApplianceAnthony Beardsmore
 
20088 1 ccna3 3.1-06 switch configurations
20088 1 ccna3 3.1-06 switch configurations20088 1 ccna3 3.1-06 switch configurations
20088 1 ccna3 3.1-06 switch configurationsDipak Misra
 
Set Up & Operate Tungsten Replicator
Set Up & Operate Tungsten ReplicatorSet Up & Operate Tungsten Replicator
Set Up & Operate Tungsten ReplicatorContinuent
 
The SaltStack Pub Crawl - Fosscomm 2016
The SaltStack Pub Crawl - Fosscomm 2016The SaltStack Pub Crawl - Fosscomm 2016
The SaltStack Pub Crawl - Fosscomm 2016effie mouzeli
 
NFD9 - Dinesh Dutt, Data Center Architectures
NFD9 - Dinesh Dutt, Data Center ArchitecturesNFD9 - Dinesh Dutt, Data Center Architectures
NFD9 - Dinesh Dutt, Data Center ArchitecturesCumulus Networks
 
IBM System Networking Overview - Jul 2013
IBM System Networking Overview - Jul 2013IBM System Networking Overview - Jul 2013
IBM System Networking Overview - Jul 2013Angel Villar Garea
 
Informix HA Best Practices
Informix HA Best Practices Informix HA Best Practices
Informix HA Best Practices Scott Lashley
 
Always on high availability best practices for informix
Always on high availability best practices for informixAlways on high availability best practices for informix
Always on high availability best practices for informixIBM_Info_Management
 
IBM MQ Appliance - Administration simplified
IBM MQ Appliance - Administration simplifiedIBM MQ Appliance - Administration simplified
IBM MQ Appliance - Administration simplifiedAnthony Beardsmore
 
Setup & Operate Tungsten Replicator
Setup & Operate Tungsten ReplicatorSetup & Operate Tungsten Replicator
Setup & Operate Tungsten ReplicatorContinuent
 
Webinar Slides: Tungsten Connector / Proxy – The Secret Sauce Behind Zero-Dow...
Webinar Slides: Tungsten Connector / Proxy – The Secret Sauce Behind Zero-Dow...Webinar Slides: Tungsten Connector / Proxy – The Secret Sauce Behind Zero-Dow...
Webinar Slides: Tungsten Connector / Proxy – The Secret Sauce Behind Zero-Dow...Continuent
 
Slow things down to make them go faster [FOSDEM 2022]
Slow things down to make them go faster [FOSDEM 2022]Slow things down to make them go faster [FOSDEM 2022]
Slow things down to make them go faster [FOSDEM 2022]Jimmy Angelakos
 
Firewalld : A New Interface to Your Netfilter Stack
Firewalld : A New Interface to Your Netfilter StackFirewalld : A New Interface to Your Netfilter Stack
Firewalld : A New Interface to Your Netfilter StackMahmoud Shiri Varamini
 
Training Slides: Basics 102: Introduction to Tungsten Clustering
Training Slides: Basics 102: Introduction to Tungsten ClusteringTraining Slides: Basics 102: Introduction to Tungsten Clustering
Training Slides: Basics 102: Introduction to Tungsten ClusteringContinuent
 
F5 link controller
F5 link controllerF5 link controller
F5 link controllerJimmy Saigon
 

Similaire à EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x (20)

EMEA Airheads- Manage Devices at Branch Office (BOC)
EMEA Airheads- Manage Devices at Branch Office (BOC)EMEA Airheads- Manage Devices at Branch Office (BOC)
EMEA Airheads- Manage Devices at Branch Office (BOC)
 
Virtualization & Network Connectivity
Virtualization & Network Connectivity Virtualization & Network Connectivity
Virtualization & Network Connectivity
 
CCNA4 Verson6 Chapter2
CCNA4 Verson6 Chapter2CCNA4 Verson6 Chapter2
CCNA4 Verson6 Chapter2
 
Expanding your options with the MQ Appliance
Expanding your options with the MQ ApplianceExpanding your options with the MQ Appliance
Expanding your options with the MQ Appliance
 
Building a Highly available messaging hub using the IBM MQ Appliance
Building a Highly available messaging hub using the IBM MQ ApplianceBuilding a Highly available messaging hub using the IBM MQ Appliance
Building a Highly available messaging hub using the IBM MQ Appliance
 
20088 1 ccna3 3.1-06 switch configurations
20088 1 ccna3 3.1-06 switch configurations20088 1 ccna3 3.1-06 switch configurations
20088 1 ccna3 3.1-06 switch configurations
 
Set Up & Operate Tungsten Replicator
Set Up & Operate Tungsten ReplicatorSet Up & Operate Tungsten Replicator
Set Up & Operate Tungsten Replicator
 
The SaltStack Pub Crawl - Fosscomm 2016
The SaltStack Pub Crawl - Fosscomm 2016The SaltStack Pub Crawl - Fosscomm 2016
The SaltStack Pub Crawl - Fosscomm 2016
 
NFD9 - Dinesh Dutt, Data Center Architectures
NFD9 - Dinesh Dutt, Data Center ArchitecturesNFD9 - Dinesh Dutt, Data Center Architectures
NFD9 - Dinesh Dutt, Data Center Architectures
 
IBM System Networking Overview - Jul 2013
IBM System Networking Overview - Jul 2013IBM System Networking Overview - Jul 2013
IBM System Networking Overview - Jul 2013
 
Informix HA Best Practices
Informix HA Best Practices Informix HA Best Practices
Informix HA Best Practices
 
Always on high availability best practices for informix
Always on high availability best practices for informixAlways on high availability best practices for informix
Always on high availability best practices for informix
 
IBM MQ Appliance - Administration simplified
IBM MQ Appliance - Administration simplifiedIBM MQ Appliance - Administration simplified
IBM MQ Appliance - Administration simplified
 
IBM Programmable Network Controller
IBM Programmable Network ControllerIBM Programmable Network Controller
IBM Programmable Network Controller
 
Setup & Operate Tungsten Replicator
Setup & Operate Tungsten ReplicatorSetup & Operate Tungsten Replicator
Setup & Operate Tungsten Replicator
 
Webinar Slides: Tungsten Connector / Proxy – The Secret Sauce Behind Zero-Dow...
Webinar Slides: Tungsten Connector / Proxy – The Secret Sauce Behind Zero-Dow...Webinar Slides: Tungsten Connector / Proxy – The Secret Sauce Behind Zero-Dow...
Webinar Slides: Tungsten Connector / Proxy – The Secret Sauce Behind Zero-Dow...
 
Slow things down to make them go faster [FOSDEM 2022]
Slow things down to make them go faster [FOSDEM 2022]Slow things down to make them go faster [FOSDEM 2022]
Slow things down to make them go faster [FOSDEM 2022]
 
Firewalld : A New Interface to Your Netfilter Stack
Firewalld : A New Interface to Your Netfilter StackFirewalld : A New Interface to Your Netfilter Stack
Firewalld : A New Interface to Your Netfilter Stack
 
Training Slides: Basics 102: Introduction to Tungsten Clustering
Training Slides: Basics 102: Introduction to Tungsten ClusteringTraining Slides: Basics 102: Introduction to Tungsten Clustering
Training Slides: Basics 102: Introduction to Tungsten Clustering
 
F5 link controller
F5 link controllerF5 link controller
F5 link controller
 

Plus de Aruba, a Hewlett Packard Enterprise company

EMEA Airheads– Aruba Clarity. Because a Wi-Fi Problem's Often Not a "Wi-Fi" P...
EMEA Airheads– Aruba Clarity. Because a Wi-Fi Problem's Often Not a "Wi-Fi" P...EMEA Airheads– Aruba Clarity. Because a Wi-Fi Problem's Often Not a "Wi-Fi" P...
EMEA Airheads– Aruba Clarity. Because a Wi-Fi Problem's Often Not a "Wi-Fi" P...Aruba, a Hewlett Packard Enterprise company
 

Plus de Aruba, a Hewlett Packard Enterprise company (16)

Airheads Tech Talks: Understanding ClearPass OnGuard Agents
Airheads Tech Talks: Understanding ClearPass OnGuard AgentsAirheads Tech Talks: Understanding ClearPass OnGuard Agents
Airheads Tech Talks: Understanding ClearPass OnGuard Agents
 
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.xEMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
 
EMEA Airheads- Switch stacking_ ArubaOS Switch
EMEA Airheads- Switch stacking_ ArubaOS SwitchEMEA Airheads- Switch stacking_ ArubaOS Switch
EMEA Airheads- Switch stacking_ ArubaOS Switch
 
EMEA Airheads- LACP and distributed LACP – ArubaOS Switch
EMEA Airheads- LACP and distributed LACP – ArubaOS SwitchEMEA Airheads- LACP and distributed LACP – ArubaOS Switch
EMEA Airheads- LACP and distributed LACP – ArubaOS Switch
 
Introduction to AirWave 10
Introduction to AirWave 10Introduction to AirWave 10
Introduction to AirWave 10
 
EMEA Airheads- Virtual Switching Framework- Aruba OS Switch
EMEA Airheads- Virtual Switching Framework- Aruba OS SwitchEMEA Airheads- Virtual Switching Framework- Aruba OS Switch
EMEA Airheads- Virtual Switching Framework- Aruba OS Switch
 
EMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.x
EMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.xEMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.x
EMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.x
 
EMEA Airheads- Getting Started with the ClearPass REST API – CPPM
EMEA Airheads- Getting Started with the ClearPass REST API – CPPMEMEA Airheads- Getting Started with the ClearPass REST API – CPPM
EMEA Airheads- Getting Started with the ClearPass REST API – CPPM
 
Airheads Meetups: 8400 Presentation
Airheads Meetups: 8400 PresentationAirheads Meetups: 8400 Presentation
Airheads Meetups: 8400 Presentation
 
Airheads Meetups: Ekahau Presentation
Airheads Meetups: Ekahau PresentationAirheads Meetups: Ekahau Presentation
Airheads Meetups: Ekahau Presentation
 
Airheads Meetups- High density WLAN
Airheads Meetups- High density WLANAirheads Meetups- High density WLAN
Airheads Meetups- High density WLAN
 
Airheads Meetups- Avans Hogeschool goes Aruba
Airheads Meetups- Avans Hogeschool goes ArubaAirheads Meetups- Avans Hogeschool goes Aruba
Airheads Meetups- Avans Hogeschool goes Aruba
 
EMEA Airheads - Configuring different APIs in Aruba 8.x
EMEA Airheads - Configuring different APIs in Aruba 8.x EMEA Airheads - Configuring different APIs in Aruba 8.x
EMEA Airheads - Configuring different APIs in Aruba 8.x
 
Bringing up Aruba Mobility Master, Managed Device & Access Point
Bringing up Aruba Mobility Master, Managed Device & Access PointBringing up Aruba Mobility Master, Managed Device & Access Point
Bringing up Aruba Mobility Master, Managed Device & Access Point
 
EMEA Airheads– Aruba Clarity. Because a Wi-Fi Problem's Often Not a "Wi-Fi" P...
EMEA Airheads– Aruba Clarity. Because a Wi-Fi Problem's Often Not a "Wi-Fi" P...EMEA Airheads– Aruba Clarity. Because a Wi-Fi Problem's Often Not a "Wi-Fi" P...
EMEA Airheads– Aruba Clarity. Because a Wi-Fi Problem's Often Not a "Wi-Fi" P...
 
EMEA Airheads- ClearPass extensions and how they can help
EMEA Airheads- ClearPass extensions and how they can helpEMEA Airheads- ClearPass extensions and how they can help
EMEA Airheads- ClearPass extensions and how they can help
 

Dernier

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 

Dernier (20)

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 

EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x

  • 1. 1 Master-L3-Redundancy 10:00 GMT | 11:00 CET | 14:00 GST FEB 6th, 2018 Presenter: Abdul Ali Irfaan abdul.ali.irfaan@hpe.com
  • 2. 2 Agenda • Introduction • Functionality • Topology • Configuration • Troubleshooting • Debugging • Caveats • Changes from Earlier Versions • Demo
  • 4. 4 Introduction Why Layer-3 Redundancy? • The L3 Redundancy Requirement primarily comes from customers who want to handle the complete Data Center Failure during natural disasters or other catastrophic events. • ArubaOS 8.2.0.0 introduces support for a redundant pair of Mobility Masters. • L3 redundancy will prevent a scenario where a Mobility Master acts as a single point of failure if the link to the Mobility Master goes down, or a co-located standby Mobility Master controller pair fails due to a data center failure or a local natural disaster.
  • 5. 5 Introduction • Configuration and databases are synced automatically from the primary to secondary data center. • Managed Devices detect a failure in the primary data center and automatically switch to the secondary data center. • The switchover event in the managed device will have minimal service impact if any. • With Centralized licensing, a single license can be used for both primary and secondary data centers. • Layer-2 and Layer-3 redundancy will work together. • When the primary data center comes back up all managed devices will switch back to primary data center with minimal service impact if any.
  • 7. 7 Functionality • The L3 Redundancy Feature supports Active-Standby model. • The L3 Redundancy role is driven by explicit user configuration at both ends. There are 3 roles: Primary ,Secondary, None (default). • The L3 Redundancy role will determine: • If the user can make the config changes • If the sync will be initiated. • When the redundancy Role is “Primary”, user config changes will be allowed on MM and initiates DB/config sync . • If the redundancy Role is “Secondary”, user config changes will not be allowed and sync from primary will be accepted and acted upon. • On the Secondary Master, config changes are allowed only on /mm/mynode. • L3 redundant peers can either be switch IP or VRRP IP of L3 peers.
  • 8. 8 Functionality • There are 4 sets of data that will be synced across L3 peers: • Databases • Certificates • Captive Portal Files (Custom images) • Configurations
  • 9. 9 Functionality • Config sync is periodic and is based on configured l3-sync-timer (default 2 hours). • If L2 redundancy is configured in primary and secondary DC then DB sync is initiated from Primary active to Secondary active . • DB/config sync will not take place between MM’s if both are configured with role as primary or both configured with role as secondary.
  • 10. 10 Functionality • MDs can be configured with secondary master IP during the initial setup, ZTP or as partial configuration from MM. • Each MD will interface with HCM which will provide the reachability information of both Primary and Secondary MM. • If MDs directly terminate on MM, then MDs probe the primary and secondary MM IP to detect primary data center failure. • If MDs connect to MM via VPNC , then MDs probe the primary and secondary VPNC IP (if any) to detect primary data center failure. • When MD detects that it cannot reach primary MM for 15 minutes, it triggers L3 Switchover.
  • 11. 11 Functionality • The MDs will have management tunnel with only one MM at any given time. • When MD detects that Primary Data Center is down and Secondary Data Center is up, MD will tear down the tunnel with Primary DC (or VPNC1) and attempt to establish IPSec tunnel with its Secondary DC (or VPNC2). • Secondary MM will accept MDs only if it detects its tunnel with Primary MM is down. • The MDs can connect to the Secondary Master and it will show up as a connected device in “show switches” in the Secondary master and can stay on it as long as Primary is down. As soon as the Primary is up, the tunnel with MDs will be torn down and MDs will switch back to primary MM.
  • 14. 14 Configuration Enabling L3 redundancy (On primary and secondary MM) from /mm/mynode) (Primary-Master) [mynode] (config-submode)#master-l3redundancy (Primary-Master) [mynode] (config-submode)#l3-peer-ip-address 10.17.204.171? ipsec IPSEC secure communication between masters ipsec-custom-cert Custom-Cert-based IPSEC secure communication between masters ipsec-factory-cert Factory-Cert-based IPSEC secure communication between masters (Primary-Master) [mynode] (config-submode)#l3-sync-state ? None No Sync state for L3 Redundancy Primary Set Sync state for L3 Redundancy as Primary Secondary Set Sync state for L3 Redundancy as Secondary (Primary-Master) [mynode] (config-submode)#l3-sync-time 2 Example: (Primary-Master) [mynode] (config) #master-l3redundancy (Primary-Master) [mynode] (config-submode)#l3-peer-ip-address 10.17.204.171 ipsec arub123 (Primary-Master) [mynode] (config-submode)#l3-sync-state Primary (Primary-Master) [mynode] (config-submode)#l3-sync-time 2
  • 15. 15 Configuration Secondary master IP config for MDs (Using CLI under /md) For MD: secondary master-ip <ip/FQDN> ipsec <key> <optional-peer-mac-1> <optional-peer-mac-2> secondary master-ip <ip/FQDN> ipsec-factory-cert <mac-1> <optional-peer-mac-2> secondary master-ip <ip/FQDN> ipsec-custom-cert <mac-1> <optional-peer-mac-2> ca-cert <ca-cert- name/factory-cert> server-cert <server-cert-name/factory-cert> suite-b < gcm128/gcm256> Example: secondary master-ip 10.17.204.171 ipsec aruba123 For BoC: secondary master-ip <ip/FQDN> vpn-ip <ip/FQDN> ipsec <key> <optional-peer-mac-1> <optional-peer-mac-2> secondary master-ip <ip/FQDN> vpn-ip <ip/FQDN> ipsec-factory-cert <mac-1> <optional-peer-mac-2> secondary master-ip <ip/FQDN> vpn-ip <ip/FQDN> ipsec-custom-cert <mac-1> <optional-peer-mac-2> ca-cert <ca-cert-name/factory-cert> server-cert <server-cert-name/factory-cert> suite-b < gcm128/gcm256> Example: secondary masterip 10.17.204.171 vpn-ip 10.17.204.173 ipsec-factory-cert vpn-mac-1 00:50:56:9f:31:8b
  • 16. 16 Configuration Initial Setup in MD: Full-setup : Do you want to enable L3 Redundancy (Yes|No)[No]: Enter Secondary Master switch IP address or FQDN: Is this a VPN concentrator for managed device to reach Secondary Master switch (yes|no) [no]: Enter IPSec Pre-shared Key: Enter Secondary Master switch MAC address: Enter Secondary Redundant Master switch MAC address [none]: This device connects to Secondary Master switch via VPN concentrator (yes|no) [no]: Enter VPN concentrator IP address or FQDN: VPN concentrator Authentication method (FactoryCert|PSKwithMAC) [FactoryCert]: Enter VPN concentrator MAC address: Enter Redundant VPN concentrator MAC address [none]: Enter IPSec Pre-shared Key: Enter VPN concentrator MAC address: Enter Redundant VPN concentrator MAC address [none]: Is Secondary Master switch Virtual Mobility Master? (yes|no) [yes]: Secondary Master switch Authentication method (PSKwithIP|PSKwithMAC) [PSKwithIP]: Secondary Master switch Authentication method (PSKwithIP|PSKwithMAC|FactoryCert) [PSKwithIP]: Enter IPSec Pre-shared Key: Enter Secondary Master switch MAC address: Enter Secondary Redundant Master switch MAC address [none]:
  • 17. 17 Configuration Mini-setup: Do you want to enable L3 Redundancy (Yes|No)[No]: Enter Secondary Master switch IP address or FQDN: Enter VPN concentrator IP address or FQDN [none]: Enter VPN concentrator MAC address: Enter Redundant VPN concentrator MAC address [none]: Enter Secondary Master switch MAC address: Enter Secondary Redundant Master switch MAC address [none]:
  • 19. 19 Troubleshooting • Verify L3-sync role, L3 peer IP, Pre-Shared Key on the Primary and Secondary MM • On Primary MM: • On Secondary MM:
  • 20. 20 Troubleshooting • Verify crypto ipsec sa between Primary and Secondary MM
  • 22. 22 Troubleshooting • Verify database sync between Primary and Secondary MM
  • 23. 23 Troubleshooting • Verify config sync between Primary and Secondary MM
  • 24. 24 Troubleshooting • Verify config-id on Primary and Secondary MM • On Secondary: • On Primary:
  • 25. 25 Troubleshooting • Verify the status of MMs on the MDs
  • 26. 26 Troubleshooting Manual config sync: On Secondary MM: master-l3redundancy config-sync Manual L3 switchover: On MD: master-l3redundancy switchover
  • 27. 27 Troubleshooting • Verify if the MDs have failed over to the Secondary MM
  • 28. 28 Debugging Dbsync related issues logging system process dbsync level debugging Config Sync related issues logging system process cfgm level debugging logging system process cfgdist level debugging Ike related issues : logging security process crypto level debugging Health check and failover issues logging system process fpapps level debugging logging system process hcm level debugging
  • 30. 30 Changes from earlier versions • In 6.4.4, L3 Redundancy Support was added for BoC Controllers. It had some limitations like • User had to explicitly do the sync across L3 peers manually • MDs rebooted when the Master IP changed • Separate licenses had to be manually installed on the Secondary Master. • In 8.x , L3 redundancy: • Config DB’s and captive portal files are automatically synced between primary an secondary. • MD’s do not reboot during master IP change. • Licenses are synced between Primary and secondary MM.
  • 32. 32 Caveats • No UI support for configuring L3 redundancy in this release • No v6 support for L3 peers. • L3 redundancy is not supported in standalone topology and MCM topology. • L3 redundancy and Centralized licensing in multiple mobility master are mutually exclusive.