When an SSID profile is configured with both primary and secondary gateway clusters, access points (APs) form IPsec tunnels to one of these clusters based on reachability and preemption logic.
How Aruba gateway cluster selection works:
If the primary cluster is unreachable, the AP establishes a tunnel with the secondary cluster.
Once both clusters are reachable again, the preemption setting determines whether APs should move back to the primary cluster or remain connected to the secondary.
Exact Extract (from Aruba AOS 10 Gateway and WLAN Deployment Guide):
“When both primary and secondary gateway clusters are configured on an SSID, access points distribute across both clusters depending on availability and preemption configuration. If preemption is disabled, access points that have joined the secondary cluster remain there even after the primary cluster becomes available, potentially leading to an even split across both clusters.”
“Preemption ensures APs automatically reconnect to the primary cluster when it is back online. If preemption is not enabled, APs stay attached to whichever cluster they joined first.”
This means that if preemption is not enabled, some APs that previously connected to the secondary cluster (during a temporary network or reachability issue) will remain there after recovery, resulting in a balanced or equal distribution between primary and secondary clusters.
Why the Other Options Are Incorrect:
A. The secondary gateway cluster is a heterogeneous cluster with four nodes:Cluster type (homogeneous or heterogeneous) does not cause APs to split evenly. Aruba does not recommend heterogeneous clustering.
“Cluster node homogeneity affects compatibility and performance, not AP distribution.”
B. The primary gateway cluster is a homogeneous cluster with four nodes:Cluster size or node count (homogeneous or heterogeneous) does not influence the AP split behavior.
“Cluster node count determines capacity, not tunnel distribution.”
C. The primary and secondary gateway clusters are up, and cluster preemption is enabled:With preemption enabled, APs connected to the secondary cluster automatically move back to the primary once it’s reachable — eliminating an even split.
“Preemption ensures all APs return to the primary cluster, maintaining centralized control.”
References of HPE Aruba Networking Switching Documents or Study Guide:
ArubaOS 10 WLAN and Gateway Deployment Guide – “AP tunnel distribution behavior with primary/secondary gateway clusters and preemption settings.”
Aruba High Availability and Redundancy Best Practices Guide – “Impact of preemption on AP failover and cluster load balancing.”
Aruba Mobility Gateway Configuration Guide – “Gateway clustering, AP tunnel association logic, and preemption operation.”
Aruba Campus Wireless Design Fundamentals – “Cluster redundancy, AP tunnel behavior, and balanced AP distribution across clusters.”
