The underlying mechanism for the Aruba redundancy solution is the Virtual Router Redundancy Protocol (VRRP)
-If VRRP preemption is disabled (the default setting) and all controllers share the same priority, the first controller that comes up becomes the master.
OR
-If VRRP preemption is enabled and all controllers share the same priority, the controller with the highest IP address becomes the master.

---Configure Physical intervaces, Vlan and VRRP:

##### Interface And VRRP config on wifi-ctrl1

interface gigabitethernet 1/1
description "GE1/1"
trusted
trusted vlan 132-135,140-141
switchport mode trunk
switchport trunk allowed vlan 132-135,139-141
!
interface vlan 132
ip address 10.11.32.11 255.255.255.0

vrrp 1
priority 110
authentication **********
ip address 10.11.32.10
description "Preferred Master - g1, pw: **********"
vlan 132
preempt delay 0
advertise 1
no shutdown
!
vrrp 2
authentication **********
ip address 10.11.32.9
description "Preferred Backup g1, pw: **********"
vlan 132
preempt delay 0
advertise 1
no shutdown
!

#####Interface And VRRP config on wifi-ctrl2
interface gigabitethernet 1/1
description "GE1/1"
trusted
trusted vlan 132-135,140-141
switchport mode trunk
switchport trunk allowed vlan 132-135,139-141
!
interface vlan 132
ip address 10.11.32.12 255.255.255.0

vrrp 1
authentication **********"
ip address 10.11.32.10
description "Preferred Backup - G1 - pw **********""
vlan 132
preempt delay 0
advertise 1
no shutdown
!
vrrp 2
priority 110
authentication **********"
ip address 10.11.32.9
description "Preferred Masterg1, pw: **********""
vlan 532
preempt delay 0
advertise 10
no shutdown
  

### You can add "tracking master-up-time 30 add 20" to the VRRP config.
This means that this VRRP instance has a normal priority of 100. If (and only if) this controller becomes the master and stays that way for 30 minutes, the priority will rise to 120.
It is designed to ensure that a master will only be allowed to take and maintain control of the VRRP if it has been up for a certain amount of time.

---Use the following commands to associate the VRRP instance with master controller redundancy:

master-redundancy # Enter the master-redundancy context.
master-vrrp 1 # Associates a VRRP instance with master redundancy. Enter the virtual router ID of the VRRP instance.
peer-ip-address 10.0.99.9 ipsec *********** # Loopback IP address of the peer controller for master redundancy. The pre-shared key secures communication between the master controllers.
database synchronize period 30

To view the database synchronization settings on the controller, use the following command:

show database synchronize

The synchronization period is a configurable parameter with a recommended setting of 30 minutes between synchronizations.

!!!There are some things that are not synced, such as VLANs, IP addresses, DHCP pools, host name, etc...(internal database can only exist on one controller,)
- VLANs
- VLAN interfaces
- Spanning tree configuration
- clock summer-time config
- clock timezone
- login banner
- location setting
- tunnel interfaces
- snmp-server configurations
- Ethernet port configurations
- port-channels
- RAP pool - !!!!! this is easy to miss. The command "ip local pool "RAP-pool" 1.1.1.1 1.1.1.100" has to be manually entered on both controllers otherwise RAP won't failover to the standby unit.

If there is a requirement to have active-active scenario, than the above configuration will not work. Master-Local redundancy has to be deployed (ref: http://community.arubanetworks.com/t5/Unified-Wired-Wireless-Access/Master-Master-Redundancy-Scenario/td-p/57760)

ref:

http://www.arubanetworks.com/vrd/CampusWNetworksVRD/wwhelp/wwhimpl/js/html/wwhelp.htm#href=Chap5_Redundancy.html

All Blogposts