ExtremeWireless (Identifi)

 View Only

 ARP issue in wifi network

Stefan Seubert's profile image
Stefan Seubert posted 05-02-2019 16:24
Hello community,
since the last two weeks we have an ARP issue from time to time.
We run our guest WiFi on an Extreme Identify Wireless Controller. Topology is bridged@AP.
Sometimes we see a WiFi client with an IP Address from the default gateway and our Testsystem have also the MAC address from this Device in the arp table. The right default gateway isn’t reachable when this happened.
Default gateway is an hotspot/firewall appliance and all devices are in the same VLAN without an routed interface on the core.
Till now it was always an android device. The last time for example a huawei mate 20 lite.
we found the guest and it was an older woman so I think it wasn’t an attempted attack.
when the phone is active everything looks fine.
I found an old article who describe this bug but the post was 5 years old.
Have anyone the same issue in his environment?
we tried to activate dhcpsnooping and arpinspection in the networkswitches (A4 Series) but when a WiFi device is roaming to the next AP the connection lost.
So this wasn’t helpfully.
The last try today was to find a solution in the WiFi controller. I found a cisco documentation and cisco only work with arp proxy to inspect arp requests but I don’t find a hint that extreme do this also. The documentation only told my that arp proxy reduce ARP traffic.
Do we have a chance to activate something on the Core (X460-G2) or Accessswitches to prevent this behavior?
Firmware in the WiFi controller is the forelast 10.41.
thanks for your help,
Stefan
Gianni Marranghello's profile image
Gianni Marranghello
Hello Stefan,
for a few months now I have had the problem you described.
For the most part, the devices involved are Oppo and OnePlus (android).
Have you solved your problem?
Thanks

Adrian Orellana's profile image
Adrian Orellana
Maybe there is a dhcp server leasing the gateway IP in that vlan?
Gianni Marranghello's profile image
Gianni Marranghello
Thanks Adrian,
we have made some tests in this direction, but we have not found anything anomalous. DHCP is configured correctly and we don't notice rogue dhcp on the network.

Thank you