Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

AP1252 intermittently blocks ARP requests from the wired lan

Hello everybody

I am having connectivity/stability problems with wifi clients, using 14 accesspoints (Cisco AP1252).

All wifi clients are impacted, no matter which AP they are associated with.

Symptoms :

------------------

- client associates to a ssid, everything runs fine

- all of a sudden, the client begins having problems contacting certain LAN servers, while others still work.

- after a little while, situation comes back to normal

After hours (and days..) of testing and troubleshooting, I have nailed the problem to be at the AP1252 level.

When the client experiences problems, he does not receive Broadcast traffic (thus, he cannot respond to the ARP requests from the server he is trying to contact).

While the client was experiencing the problem, I have configured a port on the same switch, to act as a monitor port for the AP he was associated to at the time :   it seems to me that the accesspoint DOES receive the broadcasts ARP at all times.  Only sometimes it prevents them from reaching the wireless clients..

I did a tcpdump on 2 different clients who were associated to the same accesspoint :  both were not getting the broadcasts from the lan.

Tcpdump arp from a wireless client (172.30.2.32) :
-------------------------------------------------------------------------

First he gets many regular arp requests from the lan, then all of a sudden he doesnt get any broadcast to ff:ff:ff:ff:ff:ff, but he only sees his personal arp requests.

(...)

1342166237.253094 78:2b:cb:4a:e6:d3 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 172.30.1.106 tell 172.30.1.16, length 46

1342166237.461222 00:0c:29:e8:e4:8d > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 172.30.1.20 tell 172.30.1.5, length 46

1342166237.461612 00:0c:29:e8:e4:8d > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 172.30.1.21 tell 172.30.1.5, length 46

1342166237.461994 00:0c:29:e8:e4:8d > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 172.30.1.22 tell 172.30.1.5, length 46

1342166237.670116 00:0c:29:e8:e4:8d > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 172.30.1.23 tell 172.30.1.5, length 46

1342166237.670507 00:0c:29:e8:e4:8d > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 172.30.1.32 tell 172.30.1.5, length 46

1342166237.670889 cc:52:af:44:fb:c6 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 172.30.1.9 tell 172.30.0.1, length 46

1342166237.879586 cc:52:af:44:f6:27 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 172.30.1.9 tell 172.30.0.43, length 46

1342166238.296807 cc:52:af:44:fb:93 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 172.30.1.16 tell 172.30.0.137, length 46

1342166238.297197 78:2b:cb:4a:e6:d3 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 172.30.0.137 tell 172.30.1.16, length 46

1342166238.715445 cc:52:af:44:f5:f1 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 172.30.1.9 tell 172.30.0.135, length 46

1342166238.715837 00:0b:cd:38:11:51 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 172.30.1.81 tell 172.30.0.26, length 46

1342166239.366425 48:5b:39:8c:36:00 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 172.30.1.254 tell 172.30.0.145, length 46

1342166239.366448 48:5b:39:8c:36:00 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 172.30.1.254 tell 172.30.0.145, length 46

1342166259.097498 00:15:af:81:52:b2 > 00:0c:29:e8:e4:8d, ethertype ARP (0x0806), length 42: Request who-has 172.30.1.5 tell 172.30.2.32, length 28

1342166259.113181 00:0c:29:e8:e4:8d > 00:15:af:81:52:b2, ethertype ARP (0x0806), length 60: Reply 172.30.1.5 is-at 00:0c:29:e8:e4:8d, length 46

1342166288.361512 00:15:af:81:52:b2 > 00:0c:29:e8:e4:8d, ethertype ARP (0x0806), length 42: Request who-has 172.30.1.5 tell 172.30.2.32, length 28

1342166288.368165 00:0c:29:e8:e4:8d > 00:15:af:81:52:b2, ethertype ARP (0x0806), length 60: Reply 172.30.1.5 is-at 00:0c:29:e8:e4:8d, length 46

1342166319.761498 00:15:af:81:52:b2 > 00:0c:29:e8:e4:8d, ethertype ARP (0x0806), length 42: Request who-has 172.30.1.5 tell 172.30.2.32, length 28

1342166319.762948 00:0c:29:e8:e4:8d > 00:15:af:81:52:b2, ethertype ARP (0x0806), length 60: Reply 172.30.1.5 is-at 00:0c:29:e8:e4:8d, length 46

1342166348.861500 00:15:af:81:52:b2 > 00:0c:29:e8:e4:8d, ethertype ARP (0x0806), length 42: Request who-has 172.30.1.5 tell 172.30.2.32, length 28

1342166348.864644 00:0c:29:e8:e4:8d > 00:15:af:81:52:b2, ethertype ARP (0x0806), length 60: Reply 172.30.1.5 is-at 00:0c:29:e8:e4:8d, length 46

(...)

A tcpdump from a wired host shows a continuous flow of ARP requests.

For the moment I have found a workaround (setting static IP on the clients + static ARP entries for those clients on the servers they need to contact), but this is not easy and not practical (new wifi clients, new static arps to set on servers .. + arp tables are lost on reboot).

Our setup :

----------------

A big warehouse, 14 accesspoints, hooked to 3 HP Procurve switches.

All 3 switches are linked back to a main "central" switch (ProCurve Switch 2510G-24 (J9279A)) where the servers reside.

All AP have the same configuration :  2 SSID (one using WPA, one using WEP, on different Vlans).

WPA clients are in the same subnet as the wired lan.


Information about the Access Points :

-------------------------------------------------------

- Model: AIR-AP1252AG-E-K9

- System Software Filename: c1250-k9w7-tar.124-25d.JA1

- System Software Version: 12.4(25d)JA1

- Bootloader Version: 12.4(18a)JA1

- ARP Caching: DISABLED


I guess the problem would go better if I enable ARP Caching on the AP, but it is not a real solution neither.

I have searched a LOT on the web, but failed to find a solution to my problem.

I would appreciate if anyone could help me solve or troubleshoot this issue further..

Greetings,

Renaud

2 REPLIES

Re: AP1252 intermittently blocks ARP requests from the wired lan

Are you sure the arp frames are sent (or not) over wireless? It may be received by the AP on wired and sent over wireless but for some reason the client does not recognized it.

Also, if there are too many ARP requests from same clients there would probably be a security feature that detects this as ARP storm and stops forwarding it for specific time.

Is the problem period always the same? Or it is different from time to time?

What type of clients you have? What type of traffic? Is there any specific application the clients use?

Sent from Cisco Technical Support iPad App

Rating useful replies is more useful than saying "Thank you"
New Member

AP1252 intermittently blocks ARP requests from the wired lan

How could I be sure the arp frames are sent over wireless or not?

I tried to tcpdump 2 differents wireless clients at the same time, and both showed the same results (incoming arp stops at a random moment)... To be 100% certain, i would need to be able to dump a pcap file from the AP's wireless interface itself. (if there is a way to do that .. tell me.. i'm not so much familiar with cisco cli)

For the arp storm, it would be possible, but nothing shows up in the log of the AP apart from clients roaming and authenticating.

The period is really random.. But it is mainly during the work hours (at night it seemed more stable, when i was remotely testing things).

Clients experiencing the problem are mainly laptops.  We have like 20 pda (on forklifts, handheld, arm-held) but they seem less prone to have problems: they only discuss with 1 server on the lan so they have less problems.

Laptops are windows xp's, accessing www / oracle forms / other java web apps / activedirectory / fileservers / ...

I have the same problem with a linux laptop so it is not windows related.

Thank you

945
Views
0
Helpful
2
Replies
CreatePlease login to create content