Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

missing Heartbeats at remote site

This thread has been viewed 15 times

  • 1.  missing Heartbeats at remote site

    Posted Sep 21, 2015 08:47 AM

    Hi

     

    New to Aruba wireless so bear over if i seem ti mis somthing :-)

     

    I have a remote site where i have 2 AP 1x205 and 1x215 and it seems that Heartbeats is not comming over, i have tried everything i can think of

     

    Changing mty to 1200, changing MSS on the firewall to 1400, the link is used for a lot of other things and seems to have no problems.

     

    The radio resets and then back up, i i changs timers to 60 and retry to 120 then a reset every 2h. It  seems that this is the missing Heartbeet, as far as i undestand.

     

    Local AP works fine, and the remote works, can be configured etc.

     

    This is som info:

     

    Aruba Operating System Software.
    ArubaOS (MODEL: Aruba7005), Version 6.4.2.3

     

    # Source Destination Prt MTU Acls BSSID Decaps Encaps Heartbeats Seqnum Missed Outoforder Flags
    ------ -------------- -------------- --- ---- ------------------- ----------------- ---------- ---------- ---------- ------ ------ ---------- -----
    20 192.168.128.23 172.20.127.140 47 1200 0 0 0 0 40:E3:D6:CF:B0:58 16194 0 16192 16199 0 0 TES
    13 192.168.128.23 172.20.127.141 47 1200 0 0 0 0 AC:A3:1E:C6:CE:E2 18181 0 18173 16025 7107 0 TES
    29 192.168.128.23 10.0.1.167 47 1200 0 0 0 0 AC:A3:1E:C6:CE:F0 0 0 0 0 0 0 TES
    26 192.168.128.23 10.0.1.151 47 1200 0 0 0 0 40:E3:D6:CF:B0:30 0 0 0 0 0 0 TES

     

    The 2 on top is local

     

    Any suggestions where to adjust ?

     

    Regards

     

    Erik Loeth

     



  • 2.  RE: missing Heartbeats at remote site

    EMPLOYEE
    Posted Sep 21, 2015 09:13 AM

    How is the remote site connected?

     



  • 3.  RE: missing Heartbeats at remote site

    Posted Sep 21, 2015 09:22 AM

    Hi and thanks for replying

     

    It is a openvpn site to site, no nat 

    ping from client remote to controller 7005

     

    $ ping -D -s 1272 192.168.128.23 
    PING 192.168.128.23 (192.168.128.23): 1272 data bytes
    1280 bytes from 192.168.128.23: icmp_seq=0 ttl=62 time=12.591 ms
    1280 bytes from 192.168.128.23: icmp_seq=1 ttl=62 time=11.213 ms

     

     

    Regards Erik Loeth

     



  • 4.  RE: missing Heartbeats at remote site

    EMPLOYEE
    Posted Sep 21, 2015 09:50 AM
    Please make sure that the switch that the AP is plugged into has negotiated the correct speed and duplex and there are no errors on the port.


  • 5.  RE: missing Heartbeats at remote site

    Posted Sep 21, 2015 10:02 AM

    Hi

     

    It is on 2 diffrent switches 1000/full no errors, no nothing.

     

    Video conference works fine over the AP (in beween the radio reset).

     

    nothing points to problems on the lan, the only thing is the gre tunnel is not parsing traffic, and the only dif is the vpn ??

     

    Regards Erik Loeth



  • 6.  RE: missing Heartbeats at remote site

    EMPLOYEE
    Posted Sep 21, 2015 10:25 AM

    You shoud ping the access point from the controller.



  • 7.  RE: missing Heartbeats at remote site

    Posted Sep 21, 2015 10:59 AM

    Hi

     

    Ping works fine from the 7005 and the ap registre fine, download the code, config etc.

     

    Ping also is fine from the AP > 7005.

     

    I see the ap in the 7005 and se clients on the AP and they work.

     

    Regards Erik Loeth

     



  • 8.  RE: missing Heartbeats at remote site

    EMPLOYEE
    Posted Sep 21, 2015 11:00 AM
    How often is it missing heartbeats? What is the size of the link?


  • 9.  RE: missing Heartbeats at remote site

    Posted Sep 21, 2015 11:12 AM

    As far as i se it it newer get a single heartbeat, the link is 50Mb and video conf. over the same link between the same 2 nets from 10.0.1.0 <> 192.168.128.0 works fine. (Another brand works just fine over the same link), just changed to Aruba, and the access localy (bridged) works perfectly.

     

    When converting the AP it gets the sw from 7005 no problem.

     

    Regards Erik Loeth

     

     

     



  • 10.  RE: missing Heartbeats at remote site

    EMPLOYEE
    Posted Sep 21, 2015 11:23 AM

    I would consider upgrading the Aruba controller software.  There has been quite a few fixes and 6.4.2.3 came out awhile ago.



  • 11.  RE: missing Heartbeats at remote site

    Posted Sep 21, 2015 12:10 PM

    I have tried to find a new sw, due to the fact that i am new to Aruba i have difiucilty finding it, are you able to point me in the right direction, it is a 7005.

     

    Thanks in advance :-)

     

    Erik Loeth

     

     



  • 12.  RE: missing Heartbeats at remote site

    EMPLOYEE
    Posted Sep 21, 2015 12:15 PM

    The latest software in that train should be in the folder here:  https://support.arubanetworks.com/DownloadSoftware/tabid/75/DMXModule/510/EntryId/18618/Default.aspx

     

    Download the version for the 7000 series controller.  Please let me know if you are having difficulty obtaining it.

     

     

     



  • 13.  RE: missing Heartbeats at remote site

    Posted Sep 21, 2015 12:19 PM

    I have been there, but it takes a week to get a login, i got the equipment last week so login is in progress eaven that i typed the serial of the 7005

     

    So if you are able to help it will be appriciated.

     

    Erik Loeth

     



  • 14.  RE: missing Heartbeats at remote site

    Posted Sep 21, 2015 12:27 PM

    Thanks downloading now.

     

    I will upgrade and get back.

     

    Have a nice day/evening 

     

    Erik Loeth

     

     



  • 15.  RE: missing Heartbeats at remote site

    Posted Sep 22, 2015 01:18 AM

    So, the 7005 is updated to latest sw, but still the same problem.

     

    # Source Destination Prt MTU Acls BSSID Decaps Encaps Heartbeats Seqnum Missed Outoforder Flags
    ------ -------------- -------------- --- ---- ------------------- ----------------- ---------- ---------- ---------- ------ ------ ---------- -----
    12 192.168.128.23 172.20.127.140 47 1500 0 0 0 0 40:E3:D6:CF:B0:58 44206 0 44203 44337 0 0 TES
    17 192.168.128.23 172.20.127.141 47 1200 0 0 0 0 AC:A3:1E:C6:CE:E2 44087 0 44085 44092 0 0 TES
    24 192.168.128.23 10.0.1.167 47 1200 0 0 0 0 AC:A3:1E:C6:CE:F0 0 0 0 0 0 0 TES
    27 192.168.128.23 10.0.1.151 47 1200 0 0 0 0 40:E3:D6:CF:B0:30 0 0 0 0 0 0 TES

     

    2015-09-22 05:56:21 Switching to LMS 192.168.128.23: Missed heartbeats: Last Sequence Generated=729 Sent=729 Rcvd=0. Last Ctrl message: KEEPALIVE len=45 dest=192.168.128.23 tries=1 seq=15
    2015-09-22 05:56:23 New connection, Changing to LMS (192.168.128.23) [cur_lms_index: 0, event: REDUN_EVENT_TUNNEL_UP, cur_state: REDUN_STATE_TUNNEL_LMS, function: redun_tunnel_up(5267)]

     

    I have set the timers temporary to 60 sec and 120 times this gives a rebootstrap every 2h, to have the ap up for longer time.

     

    Reg. Erik Loeth

     



  • 16.  RE: missing Heartbeats at remote site

    EMPLOYEE
    Posted Sep 22, 2015 07:01 AM

    Is this the only remote site that is having the problem?



  • 17.  RE: missing Heartbeats at remote site

    Posted Sep 22, 2015 07:49 AM

    Yes this is a test site, i have had the ap moved to the central site and it works as expected.

     

    Now i am in the prosses of sniffing 1 point at the time to find where the gre packet is lost

    I se it on the link from > 7005

     

    I will be back later.

     

    Regards Erik

     



  • 18.  RE: missing Heartbeats at remote site

    Posted Sep 23, 2015 11:58 AM

    Ok after many many many tests it seems that VMware is dropping GRE in 5,5

     

    I se gre on the uplink to VM but not in the FW (virtual machine)

     

    https://communities.vmware.com/thread/458453?tstart=0

     

    My PFsense (the FW with the VPN) is a new clean install, and 2.2.4 is supporting VMXnet3, the issue is only on E1000 driver.

     

    I will update VM in the weekend to verify that it solves the issue. 

     

    Regards Erik Loeth

     



  • 19.  RE: missing Heartbeats at remote site
    Best Answer

    Posted Sep 24, 2015 11:35 AM

    I am now able to confirm that VMware is dropping protocol 47, if the machine is using E1000 ethernet version. If this is changed to VMXnet3 type protocol 47 flow perfectly.

     

    It is observed on VMware 5.5.0 and 5.5.0 U1.

     

    So if usung PFsense, TMG or other similar type of termination for VPN tunnels it will give you problems.

    Problem found with Sniffer

    on the trunk in the switch > VMware Packets from the AP, protocol 47 is OK

    ON the Inside interface in PFsense a packet capture show NO protocol 47 packets.

     

    This is only seen on IPV4 protocol 47.

     

    Regards and have a nice day.