Monitoring Sites in the Topology Tab

This section includes the following topics:

Before You Begin

The following types of devices are displayed as part of the Topology tab:

  • IAP
  • Gateway
  • AOS-S and AOS-CX switch

  • AOS-S and AOS-CX switch stack

In the topology map, Aruba Central supports third-party routers, switches, gateways, and Instant Access Point from the vendors listed below:

  • Cisco
  • Procurve
  • Juniper
  • HPE Comware
  • Meraki
  • Cumulus
  • Huawei
  • Mikrotik
  • Extreme
  • HPE OfficeConnect Switch
  • Arista
  • 3Com
  • Ruckus
  • Mojo
  • Mist
  • Motorola
  • Netgear
  • Dell
  • Comware
  • Hirschmann Railswitch
  • Ubiquiti

Pre-requisites

This section discusses the pre-requisites associated with the devices so that they are displayed correctly in the Topology tab:

  • According to the current topology, there should be a one-to-one mapping between a site and a device. Topology does not currently support unmanaged devices belonging to multiple sites. All Aruba Central managed devices that are connected to a common unmanaged device must terminate on the same site.
  • In Aruba Central, the maximum number of devices supported per site in the topology tab is 500.

  • To identify a valid third-party device in the topology, the neighbor device must have a valid third-party vendor name in either hostname or system description for the devices on the site. Also, the enabled capability for the unmanaged neighbor device must include one of the following:
    • Access Point
    • Router
    • Bridge
    • Repeater
    • Other
    • Unknown but not Station or Telephone

Grouping VPNCs on the Topology Map

The guidelines for grouping VPNCs are:

  • If the tunnels in the overlay are orchestrated, the VPNCs are grouped according to their hub groups. You can also see the group preference order marked as primary, secondary, or tertiary. For more information, see Configuring the SD-Branch Overlay Network.
  • If the tunnels are configured manually, the VPNCs are grouped according to their sites. If the VPNCs are not associated with any site, they are grouped based on their hub groups. For manual tunnels, the Data Center group preference is not displayed.
  • If you have a combination of gateways in a single site, with one gateway configured as a manual tunnel and the other gateway configured as an orchestrated tunnel, both the tunnels are treated as manual and the VPNCs are grouped based on their sites. If there are no associated sites, they are grouped according to their hub groups.

Do not install VPNCs with orchestrated tunnels and manual tunnels together in a single site.

Viewing the Topology Map

To view the topology map, complete the following steps:

  1. In the Aruba Central app, set the filter to a site for which you want to view the topology map.

    The dashboard context for the site is displayed.

  2. Under Manage, click Overview > Topology.

    The topology map for the selected site is displayed.

  3. In the topology map, hover over a device or a link to view the details. For more information, see Device or Link Details.
  4. In the device or the link details, click the Show Details link to view the Details pane. For more information, see Details Pane .

Features on Topology Tab User Interface

The following figure shows the different features available on the Topology tab:

Figure 1   Features on Topology Tab

Table 1: Icon Details

Callout Number

Description

1

Click the icon to show or hide the VLANs pane.

2

Click the toggle switch to show or hide the device name.

3

Click the filter icon to filter the type of devices to be shown on the map. The following options are available:

  • Access Points—Allows you to show or hide the APs from the topology map.
  • Security Cloud—Allows you to show or hide the Zscaler and Palo Alto Prisma Access™ Cloud Service from the topology map.
  • Switch—Allows you to show or hide the switches from the topology map.
  • VPNC—Allows you to show or hide the VPNCs and the virtual gateways from the topology map.
  • Unmanaged—Allows you to show or hide the unmanaged devices from the topology map.
  • Show Devices Without Link—Allows you to show or hide the devices without link from the topology map.

4

Click the icon to view the topology map in a left to right orientation. The default orientation of the topology map is left to right orientation.

5

Click the icon to view the topology map in a top-down orientation.

6

The search bar allows you to locate a device in the topology map. The search bar field supports exact and partial text searches.

7

Click the icon to reset the topology map to the default view.

8

Click the , icons to change the zoom level of the topology map. Alternatively, you can drag the slider to set the zoom level of the topology map.

9

Click the icon to view the topology map in full-screen view. In the full-screen view, the device or link details feature is disabled in the topology map.

When the number of downstream devices connected to a device is less than or equal to 10, the devices are visible in the topology map. When the number of downstream devices connected to a device is more than 10, click the device icon to view the devices in the topology map. A bubble icon on the device represents the number of connected downstream devices.

Table 2: Icon Types

Icon

Type

AP

Branch Gateway

Switch

Switch Stack

Unmanaged Device

Uplink

VPNC

Third-party Zscaler VPNC

Third-party Azure VPNC

Third-party AWS VPNC

Icon Status

  • —Indicates that the device health is poor when the CPU Central Processing Unit. A CPU is an electronic circuitry in a computer for processing instructions. usage is greater than 90% and the memory usage is greater than 90%.
  • —Indicates that the device health is good when the CPU usage is lower than or equal to 75% and the memory usage is lower than or equal to 75%.
  • —Indicates that the device health is fair when the CPU usage is greater than 75% and the memory usage is greater than 75%.
  • —Indicates that the device is online.
  • —Indicates that the device is offline.

Device or Link Details

When you hover over a device or link, a pop-up displays the following details:

Figure 2  Device or Link Details

  • Access Point—Displays the following details:
    • Name—Hostname of the AP.
    • Type—Type of the device.
    • Model—Hardware model of the AP.
    • Health Reason—The health status of the AP. This parameter is only available when the AP is offline.
    • Show Details—Click the link to view the Details pane.
  • Branch Gateway—Displays the following details:
    • Name—Hostname of the Branch Gateway.
    • Type—Type of device deployment.
    • Model—Hardware model of the device.
    • Children—Number of devices connected to the Branch Gateway, categorized based on the health and status of the devices. The Children field displays the following details:
      • Health—Count of devices connected to the Branch Gateway based on the health of the device. For more information, see Icon Status.
      • Status—Count of devices connected to the Branch Gateway based on the current status of the devices. The arrow in green indicates that the device is online. The arrow in red indicates that the device is offline.
    • Show Details—Click the link to view the Details pane.
  • VPNC—Displays the following details:
    • Name—Hostname of the VPNC.
    • Type—Type of device deployment.
    • Model—Hardware model of the device.
    • Show Details—Click the link to view the Details pane.
  • Unmanaged—Displays the following details:
    • Name—Name of the unmanaged device.
    • IP Address—IP address of the unmanaged device.
    • Show Details—Click the link to view the Details pane.

    The value of the IP Address parameter is empty if LLDP does not provide the neighbor information.

  • Switch—Displays the following details:
  • Switch Stack—Displays the following details:
    • Name—Hostname of the switch stack.
    • Type—Type of the device.
    • Model—Hardware model of the switch.
    • Children—Number of devices connected to the switch categorized based on the health and status of the devices. The Children field displays the following details:
      • Health—Count of devices connected to the switch based on the health of the device. For more information, see Icon Status.
      • Status—Count of devices connected to the switch based on the current status of the devices. The arrow in green indicates that the device is online. The arrow in red indicates that the device is offline.
    • VLANs—List of VLANs configured on the switch. This field is displayed only when the VLANs option is selected under Overlays. For more information, see VLAN Overlay Details.
    • Show Details—Click the link to view the Details pane.
  • AOS-CX VSX Switch—Displays the following details:
    • Name—Name of the AOS-CX switch that is configured with VSX. The name is displayed in the VSX_<Device Name> format. For example, VSX_8320-switch-primary. However, in the map, this name is displayed in the VSX_<first four characters of device name>...<last eight characters of device name> format. For example, VSX_8320...-primary.
    • Type—Type of the device.
    • Model—Hardware model of the AOS-CX switch.
    • VSX Role—Role of the AOS-CX switch in the VSX configuration. Supported values are Primary and Secondary.
    • Children—Number of devices connected to the switch categorized based on the health and status of the devices. The Children field displays the following details:
      • Health—Count of devices connected to the switch based on the health of the device. For more information, see Icon Status.
      • Status—Count of devices connected to the switch based on the current status of the devices. The arrow in green indicates that the device is online. The arrow in red indicates that the device is offline.
    • VLANs—List of VLANs configured on the switch. This field is displayed only when the VLANs option is selected under Overlays. For more information, see VLAN Overlay Details.
    • Show Details—Click the link to view the Details pane.
  • Tunnel—Displays the alias map name of the tunnel configured on the Branch Gateway and Access Point.

    In the topology map, the tunnels are shown as dotted lines. The tunnel in green color indicates that the tunnel is up. The tunnel in red color indicates that the tunnel is down.

    Click the tunnel link to view the Details pane.

    • In case of High Availability, the redundant gateway tunnel details are also displayed in the Details tab under Virtual Tunnels when you select the tunnel. To know more about the status of tunnels, see Verifying Tunnel Status
    • From the Aruba Central 2.5.4 release onwards, the topology map supports displaying the tunnels for APs. The maximum number of tunnels supported in APs with ArubaOS 8.9.0.0 or later firmware version is 8. And the maximum number of tunnels supported is 128 tunnels for APs with ArubaOS 10.3.0.0 or later firmware version.
  • Uplink—Displays the following information about uplinks configured on the Branch Gateway and Access Point:
    • <Name of the Branch Gateway>—Displays the name of the Branch Gateway for the gateway uplink or <Name of the Access Point>—Displays the name of the access point for the access point uplink.
    • Uplink—Type of the uplink.
    • VLAN—VLAN ID of the uplink.
    • Health Reason—Displays the health status of the uplink. This parameter is only available when the uplink is down. The uplink in green color indicates that the uplink is up. The uplink in red color indicates that the uplink is down.

    Click the uplink to view the Details pane.

    • In case of High Availability, the redundant gateway tunnel details are also displayed in the Details tab under Virtual Tunnels when you select the uplink.
    • From the Aruba Central 2.5.4 release onwards, the topology map supports displaying the uplink details for APs. The maximum number of uplink details supported in APs with ArubaOS 8.9.0.0 firmware version or later is 2. And the maximum number of uplink details supported is 5 uplink details for APs with ArubaOS 10.3.0.0 or later firmware version.
  • Edge—Displays the following information about the link:
    • <Name of the connected device>—Name of the device connected with the edge link.
    • <Interface number>—Interface number of the device.
    • Health Reason—Displays the health status of the edge link. This parameter is only available when the edge link is down.
    • Alternative links—Number of the alternative links.

    The edge in green color indicates that the edge is up. The edge in red color indicates that the edge is down.

    Click the uplink to view the Details pane.

  • Unmanaged edge—Displays the following information about the link:
    • <Name of the connected device>—Name of the device connected with the edge link.
    • <Port Identifier>—Port number of the device.
    • Health Reason—Displays the health status of the edge link. This parameter is only available when the edge link is down.
    • Alternative links—Number of the alternative links.

    The unmanaged edge in green color indicates that the unmanaged edge is up. The unmanaged edge in red color indicates that the unmanaged edge is down.

    Click the unmanaged edge link to view the Details pane.

  • ISL edge in AOS-CX VSX topology map—Displays the following information about the link:
    • ISL—Number of inter-switch link (ISL) present between the AOS-CX switches configured with VSX
    • Other Links—Number of other links present between the AOS-CX switches configured with VSX.
    • <Name of the connected device>—Name of the device connected with the edge link.
    • <Interface name>—Interface name where the switches are connected to the devices.

    Active tunnels are green in color and inactive tunnels are red in color. If there are multiple tunnels connecting to a VPNCs, and even if one of those tunnels is down, the tunnel mapping is displayed in red dotted lines.

Details Pane

In the topology map, the Details pane provides a summary of the devices, uplinks, and tunnel details.

A green bullet icon indicates that the device health is good when the CPU usage is lower than or equal to 75% and the memory usage is lower than or equal to 75%. A yellow bullet icon indicates that the device health is fair when the CPU usage is greater than 75% and the memory usage is greater than 75%. A red bullet icon indicates that the device health is poor when the CPU usage is greater than 90% and the memory usage is greater than 90%. The arrow in green indicates that the device is online. The arrow in red indicates that the device is offline.

In the topology map, select a device and then click the Show Details link in the pop-up window to view the Details pane. To view the Details pane for a tunnel, uplink, or edge, click the link.

The Details task pane displays the following information:

Figure 3  Details Pane

  • Access Point—Displays the following details:
  • Branch Gateway—Displays the following details:
    • Name—Hostname of the Branch Gateway. Click the Branch Gateway name to view the Gateway Details page.
    • IP—IP address of the Branch Gateway.
    • MAC—MAC address of the device.
    • Type—Type of device deployment.
    • Serial—Serial number of the Branch Gateway.
    • Model—Hardware model of the device.
    • Status—Operational status of the device.
    • Health—Operational health of the device.
  • VPNC—Displays the following details:
    • Name—Hostname of the VPNC. Click the VPNC name to view the Gateway Details page.
    • IP—IP address of the VPNC.
    • MAC—MAC address of the device.
    • Type—Type of device deployment.
    • Serial—Serial number of the VPNC.
    • Model—Hardware model of the device.
    • Status—Operational status of the device.
    • Health—Operational health of the device.
  • Unmanaged—Displays the following details:
    • Name—Name of the unmanaged device.
    • Description—Description of the unmanaged device.
    • IP—IP address of the unmanaged device.
    • Capabilities—Displays the capabilities of the unmanaged device.
      • Supported—Lists the supported capabilities of the unmanaged device.
      • Enabled—Lists the enabled capabilities of the unmanaged device.

    The value of the parameters are empty if LLDP does not provide the neighbor information.

  • Switch—Displays the following details:
    • Name—Hostname of the switch. Click the switch name to view the Switch Details page.
    • IP—IP address of the switch.
    • MAC—MAC address of the switch.
    • Type—Type of the device.
    • Serial—Serial number of the switch.
    • Model—Hardware model of the switch.
    • Status—Operational status of the switch.
    • Health—Operational health of the switch.
  • Switch Stack—Displays the following details:
    • Name—Hostname of the switch. Click the switch name to view the Switch Details page.
    • IP—IP address of the switch.
    • MAC—MAC address of the switch.
    • Type—Type of the device.
    • Serial—Serial number of the switch.
    • Stack Role—Role of the switch in the stack.
    • Model—Hardware model of the switch.
    • Status—Operational status of the switch.
    • Health—Operational health of the switch.
    • Stack Members—Provides the Name, Role, and State details of the stack member. Click the stack member name to view the Switch Details page.
  • AOS-CX VSX—Displays the following details:
    • Name—Hostname of the AOS-CX switch with VSX configured. Click the switch name to view the Switch Details page.
    • IP—IP address of the switch.
    • MAC—MAC address of the switch.
    • Type—Type of the device.
    • Serial—Serial number of the switch.
    • Model—Hardware model of the switch.
    • Status—Operational status of the switch.
    • Health—Operational health of the switch.

    The VSX section displays the following details:

    • ISL State—State of the ISL connection with the peer AOS-CX switch. Following are the supported values:
      • WAITING_FOR_PEER—Waiting for connectivity to the peer.
      • PEER_ESTABLISHED—Steady state. VSX LAGs are up when the device is in this state.
      • SPLIT_SYSTEM_PRIMARY—Lost ISL connectivity to the peer and the device is operating as primary.
      • SPLIT_SYSTEM_SECONDARY—Lost ISL connectivity to the peer and the device is operating as secondary.
      • SYNC_PRIMARY—ISL connectivity to the peer restored and the device is syncing states to the peer.
      • SYNC_SECONDARY—ISL connectivity to the peer restored and he device is learning states from the peer. VSX LAGs are down when the device is in this state.
      • SYNC_SECONDARY_LINKUP_DELAY—Device has learned its states from the peer and monitoring for hardware is to be programmed. VSX LAGs are down when the device is in this state.
    • Config Sync Enabled—Configuration synchronization between the VSX switches are enabled or disabled.
    • Config Sync Status—Status of the configuration synchronization between the VSX switches. Following are the supported values:
      • IN-SYNC—Configuration synchronization is operational and the VSX switches are in sync.
      • DISABLED—Configuration synchronization is disabled.
      • SW_IMAGE_VERSION_MISMATCH_ERROR—Software image version on the primary device does not match with the software image version on the secondary device.
      • CONFLICTING_OR_MISSING_DEVICE_ROLES—Either the role is missing on one of the VSX peers or the same role is configured on both VSX peers.
      • PEER_DB_CONNECTION_ERROR—Error in connecting to peer database. It involves errors due to ISL or ISL management.
      • CONFIGURATION_SYNC_CONFLICT—Configuration synchronization is operational, but has conflicts synchronizing the configuration. Conflicts can occur if the configuration on the primary device is marked for sync, but the same configuration on the secondary device is not marked for sync.
      • CONFIGURATION_SYNC_MISSING_REFERENCE—Configuration synchronization is operational, but has missing references in synchronizing the configuration.
    • Role—Role of the AOS-CX switch in the VSX configuration. Supported values are Primary and Secondary.
    • Peer IP—IPv4 address of the peer switch.
    • Peer Serial—Serial number of the peer switch.
    • Peer MAC—MAC address of the peer switch.
    • Peer Name—Hostname of the peer switch.
    • Last Seen—Date on which the peer switch was last synced.
  • Tunnel—Displays the following information about tunnels configured on the Branch Gateway and Access Point:
    • Map Name—Name of the tunnel interface.
    • Peer MAC—MAC address of the peer device with which the tunnel was established.
    • Local MAC—MAC address of the Branch Gateway.
    • Source IP—Source IP address from where the traffic originates. The source IP is displayed as ANY if the source IP address is 0.0.0.0.
    • Destination IP—IP address to which the traffic is sent. The Destination IP is displayed as ANY if the destination IP address is 0.0.0.0.
    • Established Time—Timestamp showing when the tunnel was established.
    • VLAN—VLAN ID of the tunnel.
    • Source Serial—Source Serial of the tunnel.

    The tunnel in green color indicates that the tunnel is up. The tunnel in red color indicates that the tunnel is down. To know more about the status of tunnels, see Verifying Tunnel Status.

  • Uplink—Displays the following information about uplinks configured on the Branch Gateway and Access Point:

    The uplink in green color indicates that the uplink is up. The uplink in red color indicates that the uplink is down.

  • Edge—Displays the following information about the link:
    • Interface numbers—Interface numbers of the device.
    • Health Reason—Displays the health status of the edge link. This parameter is only available when the edge link is down.
    • Interface—Interface number of the device.
    • Serial—Serial number of the device.
    • Device Name—Name of the device.
    • Port Number—Port number of the device.

    In case of Branch Office Controller (BOC) to Switch link, if a peer Branch Gateway link is configured for redundancy, link details are displayed for the peer Branch Gateway to switch link as well.

  • Unmanaged edge—Displays the following information about all the links:
    • Interface numbers—Interface numbers of the device.
    • Health Reason—Displays the health status of the edge link. This parameter is only available when the edge link is down.
    • Interface—Interface number of the device.
    • Serial—Serial number of the device.
    • Device Name—Name of the device.
    • Port Number—Port number of the device.
    • Interface—Interface number of the unmanaged device.
    • MAC—MAC address of the unmanaged device.
    • Device Name—Name of the unmanaged device.
    • Port Identifier—Displays the port ID, port name, or MAC address of the unmanaged device.
  • ISL edge in AOS-CX VSX topology map—Displays the following information about the ISL edge:
    • Inter-Switch Link Status—Status of the ISL connection with the peer.
    • <LAG-name> - ISL section displays details about all the interfaces that are part of the LAG. This section also displays the details of the devices connected to these interfaces. It displays the following details:
      • Serial—Serial number of the individual device.
      • Device Name—Name of the individual device.
      • Port Number—Port number of the individual device.
    • Other—This section displays details about the other links present between the VSX configured AOS-CX switches. It displays the following details:
      • Serial—Serial number of the individual device.
      • Device Name—Name of the individual device.
      • Port Number—Port number of the individual device.

Unreachable Devices

The Unreachable Devices pane provides information about the orphan and the offline unmanaged devices. An unmanaged device is considered to be orphan when all its neighboring Aruba devices get deleted and are only displayed in the Unreachable Devices list. An unmanaged device is considered to be offline when all its neighboring Aruba devices are offline and are displayed both in the Topology map and in the Unreachable Devices list.

When an unmanaged device is either offline or disconnected, they are only displayed in the Unreachable Devices list. The devices listed in the Unreachable Devices pane are deleted after 15 days.

To view the Unreachable Devices pane, click the Unreachable Devices button. The Unreachable Devices pane displays the following details:

  • Name—Name of the unmanaged device.
  • Type—Type of the unreachable device.
  • MAC—MAC address of the unmanaged device.
  • Last Seen—The last active time and date of the unmanaged device.

VLAN Overlay Details

The topology map displays information about the VLANs configured on switches running AOS-S and AOS-CX software. To view the VLAN information:

  1. Select the VLANs option under Overlays. The VLANs pane is displayed and the network elements in the topology map, such as device icons and edge links, are grayed out.

    The VLANs pane displays the first 50 VLANs (unique VLAN ID and name pairs) in the ascending order of VLAN IDs. To search for other VLANs, click the search icon.

  2. Select a VLAN from the VLANs pane. You can also enter a VLAN name or ID in the search box.
  3. The topology map displays the following information:
    • The switches that have the selected VLANs configured are highlighted in a color depending on the status of the switch, green for online and red for offline.
    • The edge link connecting two switches is highlighted in blue, if the following conditions are met:
      • The VLAN IDs are present in both the switches and in the ports associated with the edge link between the switches.
      • The VLAN type (tagged or untagged) configured is the same in both the switches.
  4. Hover over the switch to view the list of all VLANs (comma separated) configured on the switch.

    The VLAN IDs are also listed as a range if consecutive VLAN IDs are configured. For example, 100-178, 190, 210.

  5. Hover over the edge link connecting the two switches. The pop-up displays the following information:
    • Host name of the switch
    • Serial number of the switch
    • VLAN ID
    • Type of VLAN: tagged, untagged, or missing