Controllerless Networks

Hello.

I'm experiencing a strange problem I'd like to share with you, to see if anyone had a similar experience:

I have a site with 16 IAP-105 deployed in a Virtual-Controller/slave configuration (managed with Airwave).

The AP are connected to small business CISCO switches.

Two of the AP are going offline in a mutual-exclusive mode: when I reboot one, the other is going offline, and vice-versa.

I realized that the AP is going offline because the switch STP protocol is alternatively putting the port in "Blocked", so one of the AP is always off.

I don't understand why this is happening: I tried to sniff traffic from AP, and from what I saw they are not sending out STP BPDU (even if I'm not 100% sure of this).

I can turn-off STP on the ports where AP are connected, but I'd like to understand why this is happening. Any idea?

Thanks,

cips

Can you try enabling portfast on these ports?  Are they tagging VLANs?

Hi.

Yes, portfast is enabled. And yes, the ports where the AP are connected are trunks with some tagged VLANs, since we are broadcasting several SSID there.

Thanks,

Is portfast trunk enabled?

I don't  have such an option in my switch. I'm using SF-300, they are small business switches.

Thanks,

Edit:

On the switch can you do show spanning-tree summary 

Also is that switch the root for those VLANs?

Make sure that you don't have portfast on the trunk interface of your Cisco port otherwise that will create STP issues.

@victorfabian:

Yes, I can try to disable portfast on this.

Do you think that could be the problem?

Thanks,

You need to allow STP trough the process when you have portfast you are disabling that

Taking STP out of the picture...make sure you aren't over utilizing the PoE budget on the switch. I did some quick digging into some folders I have here with PoE wattage per switch. Not sure exactly which one you're using but make sure you have enough to boot all IAP's at once. 

@Networker: the switch is not a POE, so I don't think this is the problem.

I tried to disable port-fast, but sam behavior.

Now I want to try to mirror this port and put myself with wireshark to understand what has been forwarded on this port.

I'll keep you posted.

thanks

Hi.

After a while I came back to you.

I tested several things without getting a solution, then I had an idea: I saw that the AP isolated by the spanning-tree were meshing with other APs.

So, I tried to understand if the meshing was the cause or the effect of the spanning tree block.

I tried to disable meshing on APs (the only way I found was to enable extenede SSID with "extended-ssid" command), and it looks like the spanning-tree blocks are gone. Now I can see all the AP correctly on the network.

So, the Spanning-tree problem was in some way caused by the meshing, I have not really clear why, actually. Probably the AP disabled the uplink and started meshing and some BPDUs were forwarded between APs

Cips