To configure an overlay AirGroup controller: 1.Ĭreate an L2 GRE tunnel from the mDNS proxy controller to the mobility access controller. If the devices are connected to trusted ports, the mDNS packets are directly forwarded to the users and the policies are not applied to these packets. The mDNS packets from these wired devices are tunneled to an overlay controller by using ACL redirect in a user role and only when the users are connected to untrusted ports. Link status last changed 0 day 4 hr 22 min 35 secĪny wired mDNS devices, such as Apple TV® or printers that are directly connected to the access controller in an overlay deployment, must be connected to the untrusted ports. Last clearing of "show interface" counters 0 day 4 hr 24 min 23 sec
IGMP Snooping is enabled on this interface Routing interface is enable, Forwarding mode is enableĭirected broadcast is disabled, BCMC Optimization disabled ProxyARP disabled Suppress ARP disabled IPv6 is enabled, link-local address is fe80::b:8600:10e:4a00 To reduce the broadcast packet in wired and wireless network, you can keep the broadcast-filter parameter enabled.ĭisable BC/MC optimization on user VLANs using the interface vlan no bcmc-optimization command, and then execute the show interface vlan command to verify that BC/MC optimization is disabled: If this option is enabled, it drops broadcast and multicast traffic (except DHCP offers and acknowledgements), which affects the mDNS queries from the AirGroup controller and the wired network. When you enable this feature in a Virtual AP profile, broadcast ARPs destined for the wireless clients that are part of the user and station tables are converted to unicast ARP requests.ĭisable the Drop broadcast and multicast option in the Virtual AP profile. (This ACL must be moved to the top of the ACL list):Įnable the Convert Broadcast ARP Requests to Unicast option in a Virtual AP profile to enable ARP conversion on individual virtual APs. To configure the mobility access controller that terminates the APs: 1.Ĭreate an L2 GRE tunnel from the mobility access controller to the AirGroup controller and identify the user VLAN that carries the mDNS packets to the AirGroup controller:Īdd a session ACL for user roles to redirect all mDNS packets from clients to the tunnel. Refer to the following sections to configure the WLAN Controller and the AirGroup Controller in an overlay deployment: To support Multi- Controller AirGroup clusters, use the Integrated Deployment Model. Multi- Controller AirGroup clusters are not supported in overlay deployment model. If you must terminate user VLANs on the overlay controller, ensure that no VLANs create a loop. If you use this model, ensure that no user VLANs (wired or wireless) terminate on the AirGroup overlay controller. The production WLAN controller must be configured with Access Control List (ACL) redirect rules to send mDNS traffic from user VLANs to the overlay controller, which is connected through a L2 GRE tunnel.
Controller overlay code#
Although the production WLAN controller does not require a code upgrade, the overlay AirGroup controller requires a version of ArubaOS that supports the AirGroup feature. This model allows you to deploy AirGroup without upgrading the existing production controller managing your network. The overlay deployment model uses one access controller to terminate APs and provide WLAN services, and a second dedicated mDNS proxy controller to act as an overlay that provides AirGroup functionality. Overlay Deployment Model Overlay Deployment Model