ArubaOS and Controllers

Reply
New Contributor
Posts: 3
Registered: ‎08-05-2009

Duplicate Sessions? Same MAC Address?

I have a situation where users will plug their laptops into the LAN via a patch cable and they will leave their WiFi connection to our Aruba controller connected. Some, but not all, laptops will send a packet to the Aruba controller using their WiFi IP address and then later send a packet to the Aruba controller using their LAN IP address. In both cases, the source MAC address of the packet is the MAC address of the WiFi controller on their laptop.

As a result, those users are taking up 2 sessions on the controller and sometimes we eventually top out at 256 user sessions.

I thought it might be the XP "build" that we use on the company laptops, but a brand new laptop with a raw (Microsoft standard) XP install (Service Pack 2) will exhibit the same behavior.

I was able to verify that the laptops are sending two packets with different source IP's but the same source MAC by running a WireShark capture on the test machine and reading through the saved capture file.

ArubaOS version 3.3.1.10
Aruba 800-16 controller.
All Aruba AP-60, AP-61, and AP-70 Access Points

Has anyone else seen this behavior?

Thanks in advance,

Gary
Aruba Employee
Posts: 119
Registered: ‎05-16-2007

Re: Duplicate Sessions? Same MAC Address?

Yep....Windows will "leak" wired IP addresses out the WLAN side and these IPs show up in the user table in the aruba controller, taking a user from the user count.

You'll need to configure and enable a "valid-user" ACLs which basically prevents these known wired networks from being placed into the user datapath, thus preventing the multiple entries and keeping you well under the max user count of the controller.

Should be referenced in the documentation.
New Contributor
Posts: 3
Registered: ‎08-05-2009

Re: Duplicate Sessions? Same MAC Address?

BJ

Thanks!!

BTW You ought to pass this along to your tech support - they told me they have never seen this problem before.

Gary
Occasional Contributor II
Posts: 31
Registered: ‎06-24-2009

Re: Duplicate Sessions? Same MAC Address?

Brian - I have come across this as well. Where in the documentation is this found.

Thanks!
Guru Elite
Posts: 21,037
Registered: ‎03-29-2007

Knowledgebase

Luca,

There is no specific documentation about this, but the "validuser" acl is the way to deal with this. Details about the validuser ACL and how it can prevent 169.x.x.x and other undesirable addresses from entering the user table is listed in the knowledgebase on the support site, answer ID 40.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: