Wireless Access

Reply
Contributor I
Posts: 69
Registered: ‎08-30-2011

nack and ack order changed on 5.0

Hi

 

IPhone can get IP address on 5.0 while they can not  get IP address on 6.0. From a packet capture, both DHCP nack and ack are sent from dhcp server in our topology. (Please don't notice much why nack is sent. It makes the thing complex.) DHCP server sends “nack” and “ack” in order toward the controller. So nack is sent faster than ack for IPhone on 6.0 all the time, so they CANNOT get IP address. However, ack is sent faster than nack on 5.0, so they can luckily get IP address.

 

That is, the controller changed the order from “ack to nack” on 5.0 when passing through even though the server send “nack to ack” in order. This is our concern and my customer persists.

 

Can anyone have any idea why 5.0 changes from nack->ack order to ack -> nack order all the way to the IPhone side?

I just want to know the difference between 5.0 and 6.0 in this point.

 

Nack is broadcast and Ack is unicast. Dose this difference relate to that?  

You may see the attahced packet capture on 6.0. It is captured on controller egress port to the client side.

 

OAW4504

AP105

MAC authentication

 

Regards

Simon

Guru Elite
Posts: 21,280
Registered: ‎03-29-2007

Re: nack and ack order changed on 5.0

What is the DHCP server?  Are you using a helper address?



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I
Posts: 69
Registered: ‎08-30-2011

Re: nack and ack order changed on 5.0

Hi Cjoseph

 

Windows 2003 and they use ip hepler address.

This issue happens only vlan 30 which is same vlan server locates.

They also set ip helper address on this vlan 30.

 

So as you see in capture, one dhcp broadcsast discover and another relaed unicast discover are created from the controller, so we guess nack is created for broadcast discover and ack is replied for unicast discover. This is a feature of this network.

 

I forgot a capture attach.

 

Regards

Daisuke

Contributor I
Posts: 69
Registered: ‎08-30-2011

Re: nack and ack order changed on 5.0

Wrong

another relaed unicast discover

 

Correct

another relayed unicast discover

Aruba Employee
Posts: 7
Registered: ‎01-27-2012

Re: nack and ack order changed on 5.0

Which code did you move in 6.0?

 

I don't see the attachment. could you attach the pcap file? Where did you take these captures?

 

Thanks,

Pradeep

Contributor I
Posts: 69
Registered: ‎08-30-2011

Re: nack and ack order changed on 5.0

Hi Pradeepk

 

We use from 5.0.3.3 to 6.1.3.4.

I couldn't attahc capture first. So i attached screen catprue on 3rd comment.

 

Regards

Simon

Aruba Employee
Posts: 7
Registered: ‎01-27-2012

Re: nack and ack order changed on 5.0

Hi Simon,

 

Could you paste the output of "show wlan virtual-ap <name of the virtual AP>?

 

Does this issue happens only with I-phones?

 

Thanks,

Pradeep

Contributor I
Posts: 69
Registered: ‎08-30-2011

Re: nack and ack order changed on 5.0

Hi Prdeepk


The order of nack and ack is not changed for any type of clients.
PC can get IP address even if nack is recived first for some reasons.
Only IPhone can't get IP address.
But it may be clinet story, so we want to focus on nack and ack order issue on 5.0

 

I paste show command both 5.0 and 6.0. Attachment is configuration.

Regards

Simon

 

(OAW-4704) #show wlan virtual-ap MatudoSSID-vap_prof

Virtual AP profile "MatudoSSID-vap_prof"
----------------------------------------
Parameter                                       Value
---------                                       -----
Virtual AP enable                               Enabled
Allowed band                                    all
AAA Profile                                     MatudoSSID-aaa_prof
802.11K Profile                                 default
SSID Profile                                    MatudoSSID-ssid_prof
VLAN                                            N/A
Forward mode                                    tunnel
Deny time range                                 N/A
Mobile IP                                       Enabled
HA Discovery on-association                     Disabled
DoS Prevention                                  Disabled
Station Blacklisting                            Enabled
Blacklist Time                                  3600 sec
Dynamic Multicast Optimization (DMO)            Disabled
Dynamic Multicast Optimization (DMO) Threshold  6
Authentication Failure Blacklist Time           3600 sec
Multi Association                               Disabled
Strict Compliance                               Disabled
VLAN Mobility                                   Enabled
Remote-AP Operation                             standard
Drop Broadcast and Multicast                    Disabled
Convert Broadcast ARP requests to unicast       Disabled
Band Steering                                   Disabled
Steering Mode                                   prefer-5ghz
VLAN POOL SIZE                                  0
WMM Traffic Management Profile                  N/A

(OAW-4704) # show version
Alcatel-Lucent Operating System-Wireless.
AOS-W (MODEL: OAW-4704), Version 5.0.3.3
Website: http://www.alcatel.com/enterprise
All Rights Reserved (c) 2005-2011, Alcatel-Lucent.
Compiled on 2011-04-21 at 13:20:15 PDT (build 28008) by p4build

ROM: System Bootstrap, Version CPBoot 1.3.0.1 (build 28907)
Built: 2011-06-24 13:46:21
Built by: p4build@re_client_28907


Switch uptime is 56 minutes 25 seconds
Reboot Cause: Power Failure.
Supervisor Card
Processor XLR 532 (revision C4) with 2017M bytes of memory.
32K bytes of non-volatile configuration memory.
512M bytes of Supervisor Card System flash (model=CF 512MB).



*********************************************************************************************
(OAW-4704) #show wlan virtual-ap MatudoSSID-vap_prof

Virtual AP profile "MatudoSSID-vap_prof"
----------------------------------------
Parameter                                           Value
---------                                           -----
Virtual AP enable                                   Enabled
Allowed band                                        all
AAA Profile                                         MatudoSSID-aaa_prof
802.11K Profile                                     default
SSID Profile                                        MatudoSSID-ssid_prof
VLAN                                                N/A
Forward mode                                        tunnel
Deny time range                                     N/A
Mobile IP                                           Enabled
HA Discovery on-association                         Disabled
DoS Prevention                                      Disabled
Station Blacklisting                                Enabled
Blacklist Time                                      3600 sec
Dynamic Multicast Optimization (DMO)                Disabled
Dynamic Multicast Optimization (DMO) Threshold      6
Authentication Failure Blacklist Time               3600 sec
Strict Compliance                                   Disabled
VLAN Mobility                                       Enabled
Preserve Client VLAN                                Disabled
Remote-AP Operation                                 standard
Drop Broadcast and Multicast                        Disabled
Convert Broadcast ARP requests to unicast           Enabled
Disable conversion multicast RA packets to unicast  Disabled
Deny inter user traffic                             Disabled
Band Steering                                       Disabled
Steering Mode                                       prefer-5ghz
WMM Traffic Management Profile                      N/A

(OAW-4704) # show version
Alcatel-Lucent Operating System-Wireless.
AOS-W (MODEL: OAW-4704), Version 6.1.3.4
Website: http://www.alcatel.com/enterprise
All Rights Reserved (c) 2005-2012, Alcatel-Lucent.
Compiled on 2012-07-23 at 17:11:31 PDT (build 34587) by p4build

ROM: System Bootstrap, Version CPBoot 1.3.0.1 (build 28907)
Built: 2011-06-24 13:46:21
Built by: p4build@re_client_28907


Switch uptime is 3 minutes 55 seconds
Reboot Cause: User reboot.
Supervisor Card
Processor XLR 532 (revision C4) with 2016M bytes of memory.
32K bytes of non-volatile configuration memory.
512M bytes of Supervisor Card System flash (model=CF 512MB).


Aruba Employee
Posts: 7
Registered: ‎01-27-2012

Re: nack and ack order changed on 5.0

Starting from 6.1.3.2 there are following featues enabled by default:

 

  1. "Convert arp to unicast" ( configure terminal wlan virtual-ap <name> no broadcast-filter arp

  2. surpress arp on VLAN (configure terminal interface vlan <id> no surpress-arp )

It would be worth trying diabling them one by one.

 

 

Thanks,

Pradeep

 

 

Search Airheads
Showing results for 
Search instead for 
Did you mean: