Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

WAP4410N firmware upgrade from 2.0.7.4-K9 to 2.0.7.8 breaks ARP

I found that upgrading the firmware of a WAP4410N from 2.0.7.4-K9 to 2.0.7.8 prevents many ARP packets for devices attached to the WAP from being
delivered, and hence replied to, causing occasional network hangs for wireless devices. I have confirmed this using tcpdump from several devices.  Only 1% of ARP packets make it to the wireless network.  Reverting to firmware 2.0.7.4-K9 fixed the problem and 100% of ARP packets appear, and hangs have stopped..

Is this a known problem?  It is a bug.

6 REPLIES
Community Member

It seems that "Wireless

It seems that "Wireless Isolation:(between SSID)" is actually acting as "Wireless Isolation:(within SSID)"

When both are disabled I have no issues.

So looks like a bug to me.

Community Member

Uh, I never looked at those

Uh, I never looked at those because I was using only a single SSID.  They seem like they control VPNs and cross-SSID visibility.

Community Member

Uh, I wonder if the IPMI

Uh, I wonder if the IPMI (sharing an ethernet port) was seen as a VPN ARP entry and that somehow got the WAP confused.

Community Member

Wow mate, you could put that

Wow mate, you could put that in one reply :)

Well anyway... I don't have anything here with IPMI.

I'd never even notice that actually, but I was playing with an old server in the lab and since it's a heavy piece I went the lazy way, connecting it with an USB wifi for the tests.

Surprisingly, the only way to RDP or ping it, was by using machines behind the firewall /default gateway for the wifi clients/.

So the arp requests seemed to be broadcasted normally, but no replies getting back, unless requested by the gateway.

Honestly, I didn't dig too much, just went trough the WAP settings as the only one suspicious. With both isolation options disabled all works fine. Asked google and got this topic.

Still, if someone is interested in fixing things for these EOL devices, I can eventually re-test and provide outputs and so on.

Community Member

I ended up removing anIPMI

I ended up removing an IPMI card that was sharing a NIC and that fixed the problem.  The firmware version turned out to be a non-issue.

Community Member

What was happening is that

What was happening is that the IPMI card was repeatedly asking for its own IP address (even though it had a fixed IP address), and no one was replying.  It feels like at some point the WAP decided to stop listening to ARP entries, and connections to certain hosts had no idea what the ethernet MAC address was.

223
Views
0
Helpful
6
Replies
CreatePlease to create content