This time is about some basic things. I will describe the unified Aruba controller discovery process. With the new unified software, the process is the same for IAP and CAP. Actually, with the new unified software, there is no IAP or CAP anymore.

The Aruba discovery process is a simple process. The AP uses this process to find a controller or a way to connect to AirWave or Central. Once, the AP found a controller, AirWave or Central it never uses the process again. Except, you do a factory reset on the AP.

The process has 7 plus 1 options. The first 7 options run automatically. The last option is the manual provisioning.

Unified Aruba Controller Discovery: Static Master Assignment

The first and easiest way to discover a controller is the static master assignment. You can do this by manually setting the environment variable during AP boot:

APBoot 1.5.3.14 (build 45815)
Built: 2014-09-05 at 11:23:04

Model: AP-20x
CPU:   BCM53011/15, revision A0
I2C:   ready
SKU:   2
OTP:   0xeca01028
Clock:
       CPU:  800 MHz
       DDR:  533 MHz
       AXI:  400 MHz
       APB:  200 MHz
       PER:  400 MHz
DRAM:  128 MB
POST1: memory passed
SF:    Detected MX25L25635E with page size  4 kB, total 32 MB
Flash: 32 MB
PCIe0: RC, link up
       dev fn venID devID class  rev    MBAR0    MBAR1    MBAR2    MBAR3
       00  00  14e4  4360 00002   03 08000004 00000000 00000000 00000000
PCIe1: RC, link up
       dev fn venID devID class  rev    MBAR0    MBAR1    MBAR2    MBAR3
       00  00  14e4  4360 00002   03 40000004 00000000 00000000 00000000
Power: POE
Net:   eth0
Radio: bcm43460#0, bcm43460#1

Hit  to stop autoboot:  2  0 
apboot> setenv master 10.100.100.50

apboot> printenv 

bootdelay=2
baudrate=9600
autoload=n
boardname=Springbank
servername=aruba-master
bootcmd=boot ap
autostart=yes
bootfile=armv7ns.ari
ethaddr=94:b4:0f:cb:75:cc
ethact=eth0
os_partition=0
stdin=serial
stdout=serial
stderr=serial
master=10.100.100.50

Environment size: 248/65532 bytes
apboot> saveenv 

Saving Environment to Flash...
Erasing flash...Writing to flash..................done
apboot> boot

After boot, the AP connects to the controller with the IP “10.100.100.50” (in my example). This is not handy in large environments and I’m not aware of any customer doing it that way.

I describe this options as well because after the AP uses one of the other options, the controller IP is saved to the same environment variable as above. So, after the AP completes one of the other options, the static assignment option is used for all other reboots.

Unified Aruba Controller Discovery: DHCP Based Discovery

From my point of view, this one is the most used option in the field. The AP tries this options first if no static assignment is present. For IPv4 the AP expects DHCP option 43. If you use IPv6, the AP requests option 52:

Unified Aruba Controller Discovery - IPv6 Option 52

Unified Aruba Controller Discovery – IPv6 Option 52

I will not show the IPv6 setup. But it is the same as with IPv4.

You find the DHCP configuration for a CAP here:

http://www.arubanetworks.com/techdocs/ArubaOS_60/UserGuide/DHCP_Option_43.php

In my case, the DHCP configuration looks like this:

#Aruba Option 43 for CAP
option master code 43 = ip-address;

#Match Option 60
class "ArubaAP-Class" {
        match option vendor-class-identifier;
}

#AP_Management
subnet 10.102.102.0 netmask 255.255.255.0 {
        option routers                  10.102.102.1;
        option subnet-mask              255.255.255.0;
        option domain-search            "flomain.local";
        option domain-name              "flomain.local";
        option domain-name-servers      192.168.2.26;
        subclass "ArubaAP-Class" "ArubaAP" { -->Matches the AP Requests
                option vendor-class-identifier "ArubaAP"; -->Responds with Option 60 "ArubaAP"
                option master           10.100.100.50; -->Set the Master
        }
        range                           10.102.102.10 10.102.102.200;
}

The config above is for the ISC-DHCP-Server on Debian. I create a new option “master”. This option is an IP address. The IP of the controller.

I also create a new class. This class matches all device with a specific “vendor-class-identifier”. DHCP option 60.

In the subnet declaration, I bring both together. The result is the controller IP in the Offer and ACK response from the DHCP server:

Unified Aruba Controller Discovery - Option 43

Unified Aruba Controller Discovery – Option 43

From the AP console it looks like this:

Getting an IP address...
[   21.388000] ADDRCONF(NETDEV_UP): bond0: link is not ready
[   23.392000] bond0: link up (1000FD)
[   23.394000] ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
10.102.102.10 255.255.255.0 10.102.102.1
Running ADP...Done. Master is 10.100.100.50

If you cannot use DHCP option 43, go to the next option, ADP.

Unified Aruba Controller Discovery: ADP Based Discovery

If the AP did not get option 43 in the DHCP Offer and/or Ack response but get an IP the AP tries the Aruba Discovery Protocol (ADP) to find a controller. ADP is very simple. The AP just send a broadcast or multicast. I have never seen the multicast option in environments. But the AP sends ADP packets to the multicast group 239.0.82.11. You need to implement multicast routing in the backbone. The controller joins this group as well. But most of the time multicast routing is the show stopper.

Most of the time, my customers use the broadcast option, with the controller in the same VLAN as the AP. If the customer did not use DHCP option 43. This is a simple UDP broadcast:

Unified Aruba Controller Discovery - ADP Broadcast

Unified Aruba Controller Discovery – ADP Broadcast

Unified Aruba Controller Discovery: DNS Based Discovery

This is the second most used option. If the AP can get an IP and can reach a DNS server, this option fits perfectly. The AP tries the options above first, but if they fail, DNS is used.

The AP simply tries to resolve aruba-master.domain.tld. The “domain.tld” part is from the DHCP packet. Put this name into your DNS. The AP will resolve the name and connect to the controller.

Unified Aruba Controller Discovery - DNS Request aruba-master

Unified Aruba Controller Discovery – DNS Request aruba-master

In the screenshot above, you see the DNS queries and afterward the PAPI requests to the controller.

From the CLI it looks like the options above:

Getting an IP address...
[   24.552000] ADDRCONF(NETDEV_UP): bond0: link is not ready
[   26.556000] bond0: link up (1000FD)
[   26.558000] ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
10.102.102.10 255.255.255.0 10.102.102.1
Running ADP...Done. Master is 10.100.100.50

Unified Aruba Controller Discovery: Instant VC Discovery

After all the steps above, the AP tries to find another virtual controller (VC). If the AP is in this step, it is in the Instant part of the discovery options. From this stage, the discovery of a controller is only possible after a reboot.

The Instant VC discovery is done through broadcasts. The VC will send UDP broadcasts in the VLAN:

Unified Aruba Controller Discovery - IAP VC Discovery

Unified Aruba Controller Discovery – IAP VC Discovery

If the AP receives such a message, it will connect to the VC, download the full IAP image and restart as an IAP. If no message is received, the AP has not so many options left.

Unified Aruba Controller Discovery: AirWave Discovery

If all the options above fail, the AP is not able to directly connect to a controller (mobility controller or virtual controller(IAP)).

One of the last options is to check DHCP option 43 for information to reach AirWave. The DHCP configuration for this looks like this:

#LAB_IAP
subnet 10.202.202.0 netmask 255.255.255.0 {
        option routers                  10.202.202.254;
        option subnet-mask              255.255.255.0;
        option domain-search            "lab.flomain.local";
        option domain-name              "lab.flomain.local";
        option domain-name-servers      192.168.2.26;
        subclass "ArubaAP-Class" "ArubaInstantAP" {
                option vendor-class-identifier "ArubaInstantAP";
                option airwave          "iap-test,192.168.2.23,aruba123"; -->send the AirWave connection String
        }
        range                           10.202.202.10 10.202.202.200;
}

The option for the AirWave connection string is defined like this:

#Aruba Option 43 for AirWave
option airwave code 43 = string;

The class to match option 60 is defined the same as above for the DHCP based controller discovery.

If the string above is in the DHCP answer from the DHCP server, you see the following in the AP log:

Getting an IP address...
Jan  1 00:00:42 udhcpc[3231]: udhcpc (v0.9.9-pre) started

Jan  1 00:00:43 udhcpc[3231]: send_discover: pkt num 0, secs 0

Jan  1 00:00:43 udhcpc[3231]: Sending discover...

Jan  1 00:00:44 udhcpc[3231]: send_selecting: pkt num 0, secs 2

Jan  1 00:00:44 udhcpc[3231]: Sending select for 10.202.202.13...

Jan  1 00:00:44 udhcpc[3231]: Lease of 10.202.202.13 obtained, lease time 689311

Jan  1 00:00:44 udhcpc[3231]: DHCP OPT 60 is ArubaInstantAP


Jan  1 00:00:44 udhcpc[3231]: DHCP OPT 43, len: 30, buf: iap-test,192.168.2.23,aruba123


Jan  1 00:00:44 udhcpc[3231]: ams-ip: 192.168.2.23, length of ams-key: 8


[   58.601904] ip_time_handler: Got ip and packets on bond0 Started master election 4-0, rand 26
10.202.202.13 255.255.255.0 10.202.202.254

After some time, ca. 5min, the AP starts talking to AirWave and shows up as a new device. The AP will download the full IAP image from AirWave and reboot as an IAP.

Unified Aruba Controller Discovery: Activate

If even AirWave is not working, the AP tries to connect to Activate. First, the AP checks for a new Instant software image. Afterwards, it looks for provisioning rules in Activate. If a rule is found, the AP follows those instructions.

If nothing is there, the AP broadcasts a default SSID “SetMeUp-xx:xx:xx” to allow a manual provisioning of the AP. If this fails as well, the AP reboots and starts from scratch.

Unified Aruba Controller Discovery: Putting all Together

After you know all the single steps, an AP tries to connect to a controller you can decide which one is best for your environment. Keep in mind, the steps are sequentially and not in parallel. Below is an overview of all options:

Unified Aruba Controller Discovery Process

Unified Aruba Controller Discovery Process

What is your preferred discovery method? Let me know as a comment below.

If you find this post interesting, leave me a comment and share it with your friends. If you don’t like the post, leave me a comment and share it with your enemy. But whatever you do, leave me a comment, now.