AP not establishing tunnel to data plane

Summary

This article explains how to troubleshoot an AP that is connecting to the vSZ controller but not forming a tunnel to a data plane.

Question

Why is my AP able to connect to the vSZ controller, but unable to create a tunnel to a data plane?

Customer Environment

Customer is running a vSZ-Dataplane and Ruckus APs

Root Cause

If other APs on the same management prefix are able to form tunnels, then the tunnel manager service on the affected AP is potentially in a disabled state.

Symptoms

Tunnel WLAN is disabled on the AP

Troubleshooting Steps

  • Check if dataplane status is active and managed on vSZ controller under Network>Cluster>Data Planes.
  • Login to the AP's CLI, by establishing an SSH session with the AP's management IP.
  • From the CLI, execute the command "get tunnelmgr".
  • In the first few lines of output, confirm that the tunnelmgr service is enabled as shown in below example:
tunnelmgr Service:      Enabled <--- shows that service is enabled
Tunnel Establishment:   Enabled
Tunnel Authentication:  Enabled
Tunnel Cipher:          Disabled
PMTU:                   Auto
PMTU Discovery:         Enabled
Node Affinity:          Disabled
Force Fragmentation:    Disabled
Offload:                Enabled
Tunnel Type: Ruckus-GRE
SCG-D IP List:       =1@[192.168.50.10]:23233 <--- shows the data plane IP
GRE over UDP: AP/WSG-D UDP port # 23233/23233
Keep Alive Interval/Retry-Limit: 10/6
Offload: 1
Keep Alive Interval2: N/A
Keep Alive Count: N/A
Force Primary Interval: N/A
  • Ping the data plane IP address and test the connection between AP and vDP.
  • Make sure TCP and UDP Port 23233 are open between AP and vDP.
  • Make sure there is no mismatch in AP & DP firmware versions.
  • For further debugging, enable tunnelmgr debug on AP using the command "set tunnelmgr log_level 7" and download AP support logs.

Resolution

AP Tunnel Formation with vDP

  • The vSZ controller informs the AP of the vSZ-D/SZ100-D/SZ144-D data interface after a successful AP registration.
  • The vSZ-D/SZ100-D/SZ144-D is displayed as active and managed on vSZ controller under Network>Cluster>Data Planes.
  • AP establishes a RUCKUS GRE tunnel with the vSZ-D/SZ100-D/SZ144-D data interface when a tunnel WLAN is configured.
  • AP sends keepalive messages to data plane every 10 seconds.
  • If there is no response to keepalive message, AP retries 6 times and at the end of the number of retries, if there is no response AP determines tunnel is down.
  • AP tries to failover and establish tunnel with other vDP(if available).

Manually activating tunnelmgr service on AP

If the tunnelmgr service is disabled, set the service to enabled by issuing the below command on the AP CLI:
  
set tunnelmgr enable

Verify that the service is now operational by executing:
  
get tunnelmgr

Article Number:
000004498

Updated:
August 19, 2024 11:41 AM (4 months ago)

Tags:
Troubleshooting, SZ144 D, vSZ Dataplane, SZ100D, ZoneFlex Indoor, ZoneFlex Outdoor

Votes:
0

This article is:
helpful
not helpful

Working...Please wait

This is here to prevent you from accidentally submitting twice.

The page will automatically refresh.

Alert!!

Close