Discovery Logic

In the previous Instant releases, access points were predefined as either controller-based Campus APs or controller-less Instant APs. Each legacy Instant AP was shipped with an Instant image that enabled the Instant AP to act as its own virtual controller or to join an existing Instant cluster.

Starting with Instant 6.5.2.0, the new access points introduced in this release or following releases can run on both controller-based mode and controller-less mode. Based on the selected mode, the AP runs a corresponding image:

  • Controller mode will run AOS-8 image.
  • Controller-less mode will run Instant image.

Each access point is shipped with either a limited functionality manufacturing image or an Instant image. An access point with either of the limited functionality manufacturing image or the Instant image will run the full discovery logic. Based on that, it will download the AOS-8 or Instant image and convert to the corresponding mode.

Starting from Instant 6.5.4.5, the Cloud First principle is applied to the AP discovery feature. In this principle, the AP, regardless of whether it is factory reset or configured, retrieves provisioning rules from Activate after it boots up.

Preference Role

Users can predefine the AP mode by configuring the preference role using the WebUI or the CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions..

In the AOS-8 WebUI

To set the AP preference role to controller-less in the WebUI:

  1. Navigate to Maintenance > Access Point > Convert to instant mode in the WebUI.
  2. Select the AP(s) on which you want to set the preference role to controller-less.
  3. Click Convert to instant mode.

In the CLI

To set the AP preference role to controller-less in the CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions., execute the following commands:

(host) #ap redeploy controller-less

all

ap-group

ap-name

ip-addr

ip6-addr

wired-mac

Discovery Logic Workflow

Figure 1  AP Discovery Logic

The following steps describe the AP discovery logic:

  1. When an AP boots up, it connects to Activate to obtain a provisioning rule.
  2. If provisioning is already done by AirWave or Central, verify if a provisioning rule exists. If yes, the provisioning rule is saved in the flash memory. Compare the saved provisioning rule with the rule in Activate. If the rule in Activate is new, save the new provisioning rule in flash. For example, if the conductor and member Instant APs obtain different AirWave addresses or if the conductor and member Instant APs obtain a different AirWave or Central rule, the conductor Instant AP rule takes higher precedence.

Only the conductor Instant AP can apply provisioning rules to the Instant AP cluster.

  1. If the rule is to perform a mandatory upgrade of the Instant AP, ensure to upgrade the Instant AP to the desired version. The conductor Instant AP executes the upgrade after a cluster is formed.
  2. If the rule is to convert the Instant AP to Campus AP Campus APs are used in private networks where APs connect over private links (LAN, WLAN, WAN or MPLS) and terminate directly on controllers. Campus APs are deployed as part of the indoor campus solution in enterprise office buildings, warehouses, hospitals, universities, and so on. or Remote AP Remote APs extend corporate network to the users working from home or at temporary work sites. Remote APs are deplyed at branch office sites and are connected to the central network on a WAN link., the conversion takes effect for every Instant AP regardless of whether it is a conductor or a member. This requires a manual registration of every conductor and member Instant AP with Activate.
  3. If there is no rule from Activate or if conversion to Campus AP Campus APs are used in private networks where APs connect over private links (LAN, WLAN, WAN or MPLS) and terminate directly on controllers. Campus APs are deployed as part of the indoor campus solution in enterprise office buildings, warehouses, hospitals, universities, and so on. or Remote AP Remote APs extend corporate network to the users working from home or at temporary work sites. Remote APs are deplyed at branch office sites and are connected to the central network on a WAN link. fails, the conductor AP conducts local provisioning detection to check the local AirWave configuration.
  1. If the AirWave or Central server is not found, or if the Instant AP is a member, verify if the following conditions for local controller discovery are met:
    • The Instant AP is factory reset.
    • The uap_controller_less mode is not set.
    • There is no provision rule saved in flash.
  1. If the controller is found, the Instant AP sends a hello message to the controller and converts to a Campus AP Campus APs are used in private networks where APs connect over private links (LAN, WLAN, WAN or MPLS) and terminate directly on controllers. Campus APs are deployed as part of the indoor campus solution in enterprise office buildings, warehouses, hospitals, universities, and so on..
  2. When a conductor failover happens, the new conductor Instant AP connects to Activate to retrieve the provisioning rule. If the new conductor successfully obtains the provisioning rule, it applies this rule to the cluster.

Manual Upgrade

APs running in unprovisioned mode broadcast a special provisioning SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. to which users can connect to upgrade the AP manually. Upon connecting, users can access a local provisioning page in the WebUI to upgrade the AP to an AOS-8 or Instant image. For more information on upgrading APs manually, refer to the following scenarios:

  • Controller-based AP over Manual Campus AP or Remote AP Conversion in the AOS-8 User Guide.
  • Controller-less AP over Manual Instant AP Conversion in the AOS-8 User Guide.

The provisioning SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. for all APs running Instant 6.5.2.0 onwards, including legacy Instant APs is SetMeUp-xx:xx:xx.

Deployment Scenarios

This section describes the controller-less AP deployment and hybrid deployment scenarios:

Controller-less AP Deployments

The following sections describe controller-less AP deployment scenarios.

Controller-less AP in an Instant Network

Users can deploy APs directly into a running Instant network, which consists of an Instant AP cluster and a virtual controller that manages the network. In this scenario, there is an actively running Instant network with a conductor Instant AP.

The AP is able to successfully discover the Instant Virtual Controller and join the cluster. The manufacturing image image in the AP is upgraded to the Instant image of the virtual controller and the configuration is synchronized from the Virtual Controller to the newly added Instant AP.

For more information on electing a conductor in an Instant network, see Conductor Election and Virtual Controller.

Controller-less AP over Activate, AirWave, or Central

In this scenario, there is no cluster deployed in the subnet Subnet is the logical division of an IP network. but AirWave, Activate, and Central can be reached over the network.

In this deployment scenario, Activate,AirWave, or Central must be accessible to the AP.

APs are upgraded to the Instant image through AirWave, Activate, and Central in the following steps:

  1. The AP boots up with the limited functionality manufacturing image or the Instant image and attempts to locate Activate.
  2. If the AP locates Activate, it receives pre-configured provisioning rules to connect to AirWave or Central or convert into a Campus AP Campus APs are used in private networks where APs connect over private links (LAN, WLAN, WAN or MPLS) and terminate directly on controllers. Campus APs are deployed as part of the indoor campus solution in enterprise office buildings, warehouses, hospitals, universities, and so on. or Remote AP Remote APs extend corporate network to the users working from home or at temporary work sites. Remote APs are deplyed at branch office sites and are connected to the central network on a WAN link.. If Activate is unreachable, the AP attemps to locate a virtual controller, AirWave, or Central.

    APs that connect to Activate are automatically upgraded from the manufacturing image to the latest Instant or Instant image. Refer to the latest Aruba Activate User Guide for more details on configuring provisioning rules.

  1. If the AP locates AirWave, it can be upgraded to the Instant image. If an enforced image upgrade rule is configured in AirWave, the AP is upgraded to the Instant image that is configured for the enforced upgrade rule. If no enforced upgrade rule is configured, the AP is upgraded to the latest Instant image in AirWave. After the AP is upgraded, it reboots in controller-less mode. Refer to the latest AirWave User Guide for details on AP image upgrade.

All firmware must be uploaded to AirWave before the AP connects and downloads the Instant image. Refer to the latest AirWave Deployment Guide for details on firmware upload.

  1. If the AP locates Central, it can be upgraded to the Instant image through the Maintenance > Firmware page in the Central WebUI. After the AP is upgraded, it reboots in controller-less mode. Refer to the latest Central User Guide for more details on AP image upgrade.

    Central synchronizes with Aruba Activate to retrieve the latest Instant image.

  1. After the AP is upgraded to controller-less mode, it forms a new Instant AP cluster and converts into the conductor. Other APs which are not deployed can join the cluster and upgrade to the Instant image.

Controller-less AP over Manual Instant AP Conversion.

If the AP cannot be upgraded into an Instant AP through a virtual controller, Activate, AirWave, or Central, users can connect to a special provisioning SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. broadcasted by the unprovisioned AP to manually convert the AP to an Instant AP through the WebUI. Refer to the Controller-less AP in an Instant Network section and the Controller-less AP over Activate, AirWave, or Central section in the AOS-8 User Guide for details on upgrading an AP to the Instant image using a virtual controller, Activate, AirWave, or Central.

To manually convert an AP to an Instant AP in the WebUI:

1. Log in to your virtual controller.

2. Connect to the following provisioning SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. broadcasted by the unprovisioned AP: SetMeUp-xx:xx:xx.

3. Open a web browser and then navigate to the following URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet.:

https://setmeup.arubanetworks.com

4. Under Access Point Setup, select Image File or Image URL to upload the Instant image.

  • If you selected Image File, click Browse to locate and select an Instant image file from your local file explorer.
  • If you selected Image URL, enter the web address of the Instant image under URL.

5. Click Save.

After the AP is upgraded, it reboots in the controller-less mode.

Behavior of Default Provisioning SSID

Starting with Instant 8.5.0.0, The AP will stop broadcast of default SetMeUp SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. when it discovers the controller IP through Activate, DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  server or DNS Domain Name System. A DNS server functions as a phone book for the intranet and Internet users. It converts human-readable computer host names into IP addresses and IP addresses into host names. It stores several records for a domain name such as an address 'A' record, name server (NS), and mail exchanger (MX) records. The Address 'A' record is the most important record that is stored in a DNS server, because it provides the required IP address for a network peripheral or element. server.

The AP in its factory default state scans for the controller IP every 1 second. During the scan if the AP discovers the controller IP, it disables the default SetMeUp SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network.. The SetMeUp SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. is disabled as the AP attempts to connect to the controller and remains disabled even if it is unable to connect to the controller. The default SetMeUp SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. will be disabled if the Instant AP receives any of the following:

To re-enable the default SetMeUp SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network., remove the controller IP from Activate, DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  server and DNS Domain Name System. A DNS server functions as a phone book for the intranet and Internet users. It converts human-readable computer host names into IP addresses and IP addresses into host names. It stores several records for a domain name such as an address 'A' record, name server (NS), and mail exchanger (MX) records. The Address 'A' record is the most important record that is stored in a DNS server, because it provides the required IP address for a network peripheral or element. server. When the AP scans for the controller IP again, it does not discover the IP and the default SetMeUp SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. starts broadcasting.

AP Deployments in Hybrid Controller-Instant Networks

Users can deploy APs into hybrid networks, which contain both controller-based and controller-less APs. APs in hybrid networks are upgraded to the AOS-8 or Instant image using the same methods as APs in pure controller or Instant networks. However, the following items must be in place before deploying APs in a hybrid network: