Wireless Access

Good morning friends.

A few days ago I had a problem with my nobreaks from one of the racks of my company, and since the electricity here is unstable, I have several power outages throughout the week. There are 8 stacked switches distributed in 2 circuits and one nobreak for each circuit.

In these racks, I have several Aruba APS distributed and I realize that when the power fails and the switch loses connection, the APS seem to get lost and start to do ArpND attack on the network, with many APS packets. (detected by the core).

Sometimes, it seems these APS get the entire MAC table of the switch, as if it were responsible for the routing of the packets.

Is it possible that this happens in case of communication failure between the AP and the controller ?! any way to make sure that in case of failure the AP simply does not transmit signal ?!
"Attack ( arpNd ) detected on vlan.0.2 [ InPort(lag.0.104) LEN(78) DA(33:33:00:00:00:02) SA(9C:1C:12:C3:22:AA) C-TAG(8100:0002) ETYPE(86DD) SIP(fe80::9e1c:12ff:fec3:22aa) DIP(ff02::2) VER(6) PROTO(58) TOS(0) TTL(255) FLOW(0) ICMP(133:0) ]"
 

Thank you!

We have  4 controllers.

Aruba-01 is the master.

Aruba-02 is the Standby

These controllers is a cluster with IP .35

The other 2(Aruba-03 and 04) Are Local with Master .35

We have this design because number of licenses.

No problem with the design.

When the access points lose connectivity with the controller, the access points will ARP for the default gateway to try to reestablish connectivity.  What switching infrastructure is that message being generated by?

Our Switch are Enterasys (Extreme Networks ).  Model B5G.

For some reason that i dont know how to explain, during this Lost of Connectivity, all network works normally, it is only with the return of intrastructure that we gave problems. When AP's return connectivity, the network dotn work properly. It seems like the Ap's are Core of my network.

How many access points do you have?

Something about 140.

56 on cluster (1 and 2)

43 on aruba-03

40 on aruba-04

These AP's registered on ARUBA-04 are the problem. They are connected  on rack that the nobreak doesnt work.

What is nobreak?

Sorry Joseph.

In Brazil, NoBreak is a UPS, battery power source ...

but our batteries are without battery and we dont have chargers, then, with the power failure, our switches are turned off. 

Thank you.

According to the thread here:  https://community.extremenetworks.com/extreme/topics/hostdos-8-attack-arpnd-detected-on-vlan it just means that a device on your network is sending 3 ARPs in less than half a second.

When access points lose connectivity to the controller, they do send ARPs for their default gateway.  Do the access points come up by themselves after?

Also, what version of ArubaOS is this?

Aruba OS 6.3.1.16

when the power returns, the network becomes unstable, and we need to reset the switches because the APS become responsible for the communication of ALL Mac Adress. After reset, the network returns to properly operation and APS can connect on controller. 

6.3.1.16 is very old.  What model controllers and what model access points are you running?  It might be time to consider an upgrade.

We know. 

But the device is out of warranty and we do not have an active contract for Aruba solution.

We dont have authorization to update the firmware. I think many problems could be solved but we cant. 

Aruba 3400

Aps 135.

Any ideia?