Options
Is it a Mac/iOS problem, or a networking problem? (WiFi)
hurricane1091
Member Posts: 919 ■■■■□□□□□□
in Off-Topic
Hello all,
Have found the time to start to address our wireless infrastructure problems. Only been on the job a month, and had to deal with that strange outage issue ultimately attributed to buggy ASA code. Have had to deal with full DHCP pools and hodge-podge configs on branch routers, but am half way through cleaning that up and extending all branch subnets to /23. So, that's all well and dandy...
But the WIRELESS! Let's begin. HQ did have a site survey done, and we have a 5520 WLC and 1852 Aironet WAPs. Running 2.4 GHz and 5 GHz, two SSIDs (one with WPA-2, one with 802.1x, both with same issue). Fast roaming enabled. Not sure about band steering at HQ (but yes on the Meraki in the branch offices). Interference does not seem to be a problem, nor does too many clients on an access point seem to be an issue. What happens is this: I am connected fine on my client (MacBook) and then I can no longer reach anything at all. My wireless is still connected, cool. WAP shows no disconnect, also cool. Wireshark reveals my MacBook is sending an ARP request for the gateway IP address, and the core appropriately responds to that. The MacBook sends another ARP anyway, reply received, so on and so forth. Can also see broadcast traffic. So we agree that I have connectivity to the AP, and connectivity through the access layer to the core. IP address still on the MacBook, no conflicts. Turn the WiFi off and on, or switch SSIDs, and we're back in business. Multiple MacBook models prone to this problem, never at the same time.
Another problem. Clients disconnect randomly (including my Android phone) and reconnect...usually. The iPads in single app mode on the wall do not always reconnect, which is a problem. I've got some changes to do and further troubleshooting, but this makes no sense. Site survey was done so we should be okay there. I see my signal strength is fine, I'm not roaming, I'm not idle. Why would this happen?
To complicate this further, branch offices have Meraki APs. We have signal issues due to no one performing a site survey, but even when the signal is fine these problems happen as well. I've made changes today to follow Meraki's high density deployment guide, so we'll see what happens.
This ARP issue just screams iOS bug, but the CIO has a love affair with Apple, and just passing blame will not fly. As for the disconnects, something must be wrong with our setup since it happens to Android devices and iOS devices. I set up some debugs on the WAP I connect to, so we'll see if anything useful comes out of that. I can run a wireshark on my MacBook and hopefully capture the disconnect/reconnect there a well and see if it produces anything.
Any ideas as all? Brand new to this Mac world. I see others out there with some woes, but not experienced with these things enough to know any tricks or tidbits to help.
Have found the time to start to address our wireless infrastructure problems. Only been on the job a month, and had to deal with that strange outage issue ultimately attributed to buggy ASA code. Have had to deal with full DHCP pools and hodge-podge configs on branch routers, but am half way through cleaning that up and extending all branch subnets to /23. So, that's all well and dandy...
But the WIRELESS! Let's begin. HQ did have a site survey done, and we have a 5520 WLC and 1852 Aironet WAPs. Running 2.4 GHz and 5 GHz, two SSIDs (one with WPA-2, one with 802.1x, both with same issue). Fast roaming enabled. Not sure about band steering at HQ (but yes on the Meraki in the branch offices). Interference does not seem to be a problem, nor does too many clients on an access point seem to be an issue. What happens is this: I am connected fine on my client (MacBook) and then I can no longer reach anything at all. My wireless is still connected, cool. WAP shows no disconnect, also cool. Wireshark reveals my MacBook is sending an ARP request for the gateway IP address, and the core appropriately responds to that. The MacBook sends another ARP anyway, reply received, so on and so forth. Can also see broadcast traffic. So we agree that I have connectivity to the AP, and connectivity through the access layer to the core. IP address still on the MacBook, no conflicts. Turn the WiFi off and on, or switch SSIDs, and we're back in business. Multiple MacBook models prone to this problem, never at the same time.
Another problem. Clients disconnect randomly (including my Android phone) and reconnect...usually. The iPads in single app mode on the wall do not always reconnect, which is a problem. I've got some changes to do and further troubleshooting, but this makes no sense. Site survey was done so we should be okay there. I see my signal strength is fine, I'm not roaming, I'm not idle. Why would this happen?
To complicate this further, branch offices have Meraki APs. We have signal issues due to no one performing a site survey, but even when the signal is fine these problems happen as well. I've made changes today to follow Meraki's high density deployment guide, so we'll see what happens.
This ARP issue just screams iOS bug, but the CIO has a love affair with Apple, and just passing blame will not fly. As for the disconnects, something must be wrong with our setup since it happens to Android devices and iOS devices. I set up some debugs on the WAP I connect to, so we'll see if anything useful comes out of that. I can run a wireshark on my MacBook and hopefully capture the disconnect/reconnect there a well and see if it produces anything.
Any ideas as all? Brand new to this Mac world. I see others out there with some woes, but not experienced with these things enough to know any tricks or tidbits to help.
Comments
-
Optionshurricane1091
Member Posts: 919 ■■■■□□□□□□
Analyzing this wireshark further, I see what is happening. I am constantly sending ARP requests for my gateway with a destination mac of ff:ff:ff:ff:ff:ff and not receiving a reply. Maybe it is not getting to the core, maybe it is getting dropped somewhere, I am not sure. Then something weird happens, my client starts sending ARP requests directly to the MAC address of the gateway, before getting a reply. How does it know the MAC address of the gateway, if it never received a reply? So strange.
-
Optionshurricane1091
Member Posts: 919 ■■■■□□□□□□
This problem seemingly happens on Windows and MacBook clients, Android Phones, iPhones, iPads, etc.
What happens is this: the client no longer has an ARP entry for the gateway and tries to refresh the ARP entry. I can confirm these ARP requests are forwarded from the WAP, as I have a SPAN port set up on the switchport connected to the WAP. I can also confirm the ARP reply is returns to the WAP via the same SPAN port. The WAP has an ARP entry for my client, but is not forwarding this to my client. With some show commands, I see that the packet count increases for packets received from the client, but the packet count for packets send to the client does not increase. Turning off the wifi on the client and turning it back on fixes this problem, and both counts increase correctly and I am back in business.
WHAT THE HECK.