02-10-2009 08:42 AM - edited 07-03-2021 05:08 PM
Hello,
I have here an interesting issue. We have a mac address authentication scheme for our wireless structure and we have found that if a wireless client is not registered on the network, it sends multicast arp requests via the wired connection which ends up forcing the switch to errdisable the port due to going over the default 16 arp requests/second.
This can be solved by just disabling wireless or registering the wireless mac on the network but my question is why would the wireless client send arps via the wired connection in the first place?
02-10-2009 01:56 PM
What wired connection are you talking about? Are the clients using wireless and also plugged into a switch?
If a client has multiple NICs, the OS determines which one to use. If you look at Network Connections in XP, for example, you can order which NIC should be used when multiple ones are installed. In general, by default the wired connection is used since it's faster.
I'm not sure if that's what you're looking for or not... haha.
02-10-2009 02:12 PM
Yes, the clients are connecting to both wireless and wired networks.
So basically why would the OS be sending ARP requests out via wired network when the wireless nic is refused access due to not being registered and does not recieve a IP address from DHCP?
02-11-2009 09:57 AM
Hi Everyone,
I'm not sure if this helps or not, but do you need to have multicasting running on your switches? If you don't need to multicast, then maybe you can disable that, use unicast instead, and maybe that will remove the multicast arp packets. If you have a Wireless LAN Controller, check to see if multicasting is turned on. I only have unicast mode running. Did you use a packet sniffer like wireshark to find the multicast packets? Maybe you can find where they're coming from by checking the packets. Hope this helps!
02-11-2009 12:01 PM
Well, ARP requests aren't actually multicasts, but if they were then that'd be a good suggestion.
So you're saying that the client does NOT get an address via either wireless or wired? Is it giving itself an APIPA (169.x.x.x)? If so, it would start ARPing out anything it tries to connect it, and that would just depend on the programs running on the client.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide