Extreme Networks

Leo_Bistmans1 · ‎10-18-2022

Since ExtremeNetworks forced us to use a remote Internet based cloudiq, often 10 or 15% of or AP show disconnected.

The internet cloudiq is only 7 ip hops away ( nl-gcp.extremecloudiq.com ), sub 10 milliseconds.

C:\WINDOWS>tracert -d nl-gcp.extremecloudiq.com

Tracing route to nl-gcp.extremecloudiq.com [34.91.82.64]
over a maximum of 30 hops:

1 <1 ms 3 ms 6 ms 10.12.255.253
2 3 ms 1 ms <1 ms 10.3.1.6
3 1 ms <1 ms <1 ms 172.31.44.3
4 2 ms 2 ms 1 ms 193.191.18.41
5 3 ms 13 ms 2 ms 10.28.35.54
6 24 ms 14 ms 6 ms 80.249.208.247
7 9 ms 9 ms 9 ms 34.91.82.64

Trace complete.

We can still get on the AP via SSH, and run commands like 'show capwap client'. Any hints welcome on how to trigger reconnect or test the connectivity from the AP command line.

tandrews1 · ‎10-18-2022

Depending upon your particular network/firewall setup, investigate increasing the UDP session timeout.

A somewhat related thread that started us down that path:

https://extremeportal.force.com/ExtrArticleDetail?an=000058924

Leo_Bistmans1 · ‎10-19-2022

Likely why smart people invented TCP 40 years ago 😉

Double checked the 300 second interval is there instead of the default 20 ( on Checkpoint firewall ).

jlmangas · ‎10-20-2022

Does your ISP use CG-NAT? If so, the keepalive packets (UDP 12222) might arrive to XIQ cloud with different source port than the initial packets (That's because CG-NAT shares a public IP address among several users)

Leo_Bistmans1 · ‎10-21-2022

No, we run the public ip address on our Checkpoint firewall.

I wonder if there is an api or other way to read the online/offline value out of the cloudiq on the internet, so I can plot values in a graph on Zabbix or such.

It would be nice to correlate that graph with other values like firewall cpu usage, latency / hop count to the cloudiq on the internet etc etc.

Extreme Networks

Howto debug AP disconnected from internet cloudiq

Howto debug AP disconnected from internet cloudiq