Solved: Re: Aironet 1815i in Mobility Express flooding gateway (unstable internet connexion and VPN tunnels)

Thierry_TDG · ‎11-10-2017

Hello,

I am newbie with Cisco Aironet product so I appologize if I did any evident mistakes for experts in this forum

I am encountering a very annoying problem which I am facing with a Cisco Aironet 1815i. When it is running and pluggled into the network, after the initial Mobility Express setup Wizard, the access point is litterly flooding the gateway from inside. I mean that, when the AP is running, our internet connexion is not stable anymore (typically I am loosing a lot of packets when reaching a destination oustide of the LAN, e.g. pinging google.com results in 50% lost packets and our VPN tunnels are very unstable). I really don’t know the cause… Please note that I am not currently using VLAN tagging (switch port is in access mode) nor the embeeded DHCP server for the management network. I can see that the AP itself is getting an IP from the "regular" DHCP inside the network and the Mobility Express controller is reachable. As soon as I unplung the Aironet 1815i, the problem disappear and both internet connection and VPN tunnels become stable again… Any idea ?

In attachment, an hyperterminal console captured text file with the initial boot and the following commands and results :

config paging disable
show ap summary
show sysinfo
show run-config
show version
show capwap client config
show capwap client rcb
show tech-support

In advance, a really big thank to those who will take the time to investigate

Best regards,

Denis

Thierry_TDG · ‎11-24-2017

Hello Flavio,

After testing this Cisco ME deployment in my lab without any problem, I discovered that there is probably a conflict between an existing VRRP instance (Cisco routers failover) and the Cisco ME Master AP failure detection.

https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-2/b_Mobility_Express_Deployment_guide/b_Mobility_Express_Deployment_guide_chapter_01011.html

I will keep you informed whether it solves the problem.

Denis

View solution in original post

Thierry_TDG · ‎11-29-2017

Hello Flavio,

I am happy to hereby confirm that the problem is solved :-)

This weird situation came indeed from a VRID value conflict between the VRRP instance of our Cisco routers failover and the Cisco Mobility Express Wifi Master Controller detection failure and election process (which also uses VRRP with VRID 1).

The VRID value of the routers VRRP has been changed from 1 to 3, now everything works fine !

Cisco documentation :

https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-2/b_Mobility_Express_Deployment_guide/b_Mobility_Express_Deployment_guide_chapter_01011.html

Case solved... by myself ;-)

Flavio : a really big thank for your assistance. Based on your suggestion to trace the packets with Wireshark I discoverd VRRP requests and that moving me down the path towards the solution.

Denis

View solution in original post

Flavio Miranda · ‎11-10-2017

Hi @Thierry_TDG

Really weird situation. I try to look at logs but i didn´t see anything that could help you.

I´d recommend you to span the switch port where the access point is connected and try to run Wireshark while network faces related problems. This could give you a clue about what Access Point is sending or receiving to/from your Network

Hope that helps.

-If I helped you somehow, please, rate it as useful.-

Thierry_TDG · ‎11-11-2017

Hello Flavio,

Thanks for your kind answer.

I guess your suggestions should help me to find the culprit.

I will update this case next week (the AP is installed on a customer's site where I use to go once a week).

If any other ideas, feel free to post :-)

Best regards,

Denis

Thierry_TDG · ‎11-22-2017

Hello Flavio,

Here attached is a Wireshark capture file when plugged to a mirrored port (to the access point's one).

The capture longs about 1 minutes.

One can see a lot of bad (black) packets and also Gratuitous ARP request and Reply packets from 192.168.1.50 (IP of the Mobility Express controller) on lines 92 and 93.

After about 30 sec (33 sec) I unplugged the Aironet AP (and also the controller as this AP is the only Cisco ME one on the network). Then one can see the traffic returning to a quiet state (it is quite obvious because the Access Point's port was not plugged anymore so the mirrored port got only broadcast trafic).

I am not an expert in analysing network traffic nor Wireshark so any help / any advice would be highly appredicated :-)

Best regards,

Denis

Flavio Miranda · ‎11-22-2017

Which is the AP's IP address ?

I think a better test would be start capture and then connect the AP and after some time unplug it.

I'll take a look anyway.

-If I helped you somehow, please, rate it as useful.-

Thierry_TDG · ‎11-22-2017

The AP's IP address is 192.168.1.197 (obtained by DHCP).

Thanks again :-)

Best regards,

Denis

Thierry_TDG · ‎11-24-2017

Hello Flavio,

After testing this Cisco ME deployment in my lab without any problem, I discovered that there is probably a conflict between an existing VRRP instance (Cisco routers failover) and the Cisco ME Master AP failure detection.

https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-2/b_Mobility_Express_Deployment_guide/b_Mobility_Express_Deployment_guide_chapter_01011.html

I will keep you informed whether it solves the problem.

Denis

Flavio Miranda · ‎11-24-2017

That´s interesting. Please, keep us informed. This might help more people around here.

Thierry_TDG · ‎11-29-2017

Hello Flavio,

I am happy to hereby confirm that the problem is solved :-)

This weird situation came indeed from a VRID value conflict between the VRRP instance of our Cisco routers failover and the Cisco Mobility Express Wifi Master Controller detection failure and election process (which also uses VRRP with VRID 1).

The VRID value of the routers VRRP has been changed from 1 to 3, now everything works fine !

Cisco documentation :

https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-2/b_Mobility_Express_Deployment_guide/b_Mobility_Express_Deployment_guide_chapter_01011.html

Case solved... by myself ;-)

Flavio : a really big thank for your assistance. Based on your suggestion to trace the packets with Wireshark I discoverd VRRP requests and that moving me down the path towards the solution.

Denis

Flavio Miranda · ‎11-29-2017

Hi @Thierry_TDG

This is the idea here as I understand.

Congratulation on your initiative by find the problem and inform how to solve. This is a really interesting stuff as this AP model is more and more common out there and VRRP is a wider used protocol as well.

Glad to hear from you.