Problem:
- Affects any version of MSM software
- Affects MSM APs
- Potentially affects MSM Controllers
When pinging a wireless client from a switch connected to the MSM APs, you see duplicate responses from the client.
This could potentially cause unwanted extra traffic coming from an AP (or potentially an MSM controller).
The Ping request and responses will look something like this;
11:04:17.764351 IP 172.16.44.1 > 172.16.44.45: icmp 64: echo request seq 825
11:04:18.001782 IP 172.16.44.45 > 172.16.44.1: icmp 64: echo reply seq 825
11:04:18.001848 IP 172.16.44.45 > 172.16.44.1: icmp 64: echo reply seq 825
11:04:18.001956 IP 172.16.44.45 > 172.16.44.1: icmp 64: echo reply seq 825
11:04:18.002069 IP 172.16.44.45 > 172.16.44.1: icmp 64: echo reply seq 825
Diagnostics:This problem occurs when a defined SSID (VSC) is assigned to a vlan that uses the same subnet of the AP.
When an AP is connected to a network switch, the traffic is generally untagged.
When defining an SSID, it is generally assigned to a Vlan.
On the switch port, if the untagged (native) network share the same subnet as the tagged vlan,
this will cause the AP to send ICMP responses on BOTH the untagged and tagged vlan networks back to the switch port.
SolutionIn the case where the untagged and tagged vlan share the same subnet, then make sure that the VSC Binding for the SSID is NOT using a tagged vlan to forward client traffic.
Instead, allow the client traffic to be sent untagged, and it will remove the conflict and the client will still remain on the same subnet.
In the example below, the SSID is "Client users", and you need to make sure that vlan tagging is disabled.
In this example, make sure that "Egress Network" is disabled and "Network Profile" is set to "None".
This will result in the display of the VSC Binding for the SSID to show "N/A" for the Egress Network.
