Topic: Not responding to ARP requests?

The content of this topic has been archived on 28 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Page 1 of 1

Post #1

tux

29 Mar 2007, 12:19

Hi All,

I use a Meraki Mini to connect in managed mode to an other OpenWRT powered AP. Bridging is disabled on both devices, instead I use different subnets and routing in between. Routes were correctly set up and firewall is disabled both.

It seems that ARP requests of the AP were not answered by the Meraki until I send some packets out of the Meraki itself:

#
# client is already authenticated, but AP keeps sending ARP requests to client
#

10:30:45.586817 arp who-has 172.19.36.66 tell 172.19.36.65
10:30:46.583788 arp who-has 172.19.36.66 tell 172.19.36.65
10:30:47.583771 arp who-has 172.19.36.66 tell 172.19.36.65
10:30:48.584921 arp who-has 172.19.36.66 tell 172.19.36.65
10:30:49.583790 arp who-has 172.19.36.66 tell 172.19.36.65
10:30:50.583763 arp who-has 172.19.36.66 tell 172.19.36.65
10:30:51.587350 arp who-has 172.19.36.66 tell 172.19.36.65
10:30:52.583764 arp who-has 172.19.36.66 tell 172.19.36.65
10:30:53.583763 arp who-has 172.19.36.66 tell 172.19.36.65
10:30:54.586169 arp who-has 172.19.36.66 tell 172.19.36.65
10:30:55.583764 arp who-has 172.19.36.66 tell 172.19.36.65
10:30:56.583766 arp who-has 172.19.36.66 tell 172.19.36.65
10:30:57.588679 arp who-has 172.19.36.66 tell 172.19.36.65
10:30:58.583764 arp who-has 172.19.36.66 tell 172.19.36.65
10:30:59.583785 arp who-has 172.19.36.66 tell 172.19.36.65
10:31:00.588033 arp who-has 172.19.36.66 tell 172.19.36.65
10:31:01.583793 arp who-has 172.19.36.66 tell 172.19.36.65
10:31:02.583793 arp who-has 172.19.36.66 tell 172.19.36.65
10:31:03.586140 arp who-has 172.19.36.66 tell 172.19.36.65
10:31:04.583772 arp who-has 172.19.36.66 tell 172.19.36.65
10:31:05.583787 arp who-has 172.19.36.66 tell 172.19.36.65
10:31:06.584853 arp who-has 172.19.36.66 tell 172.19.36.65
10:31:07.237922 arp who-has 172.19.36.65 tell 172.19.36.66

#
# made a ping from ethernet port and ARP response is beeing sent
#

10:31:07.238075 IP 172.16.161.57 > 172.19.36.66: ICMP echo request, id 1024, seq 52094, length 40
10:31:07.238230 arp reply 172.19.36.65 is-at 00:17:31:e7:5c:e9 (oui Unknown)

10:31:12.233762 arp who-has 172.19.36.66 tell 172.19.36.65
10:31:12.235080 arp reply 172.19.36.66 is-at 00:18:0a:01:16:9e (oui Unknown)

Anyone knows a reason for that?

This are the ARP dependent sysctl variables:

root@OpenWrt:~# sysctl -a | grep arp
net.bridge.bridge-nf-call-arptables = 1
net.ipv4.conf.ath0.arp_accept = 0
net.ipv4.conf.ath0.arp_ignore = 0
net.ipv4.conf.ath0.arp_announce = 0
net.ipv4.conf.ath0.arp_filter = 0
net.ipv4.conf.ath0.proxy_arp = 0
net.ipv4.conf.eth0.arp_accept = 0
net.ipv4.conf.eth0.arp_ignore = 0
net.ipv4.conf.eth0.arp_announce = 0
net.ipv4.conf.eth0.arp_filter = 0
net.ipv4.conf.eth0.proxy_arp = 0
net.ipv4.conf.lo.arp_accept = 0
net.ipv4.conf.lo.arp_ignore = 0
net.ipv4.conf.lo.arp_announce = 0
net.ipv4.conf.lo.arp_filter = 0
net.ipv4.conf.lo.proxy_arp = 0
net.ipv4.conf.default.arp_accept = 0
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 0
net.ipv4.conf.default.arp_filter = 0
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.all.arp_accept = 0
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 0
net.ipv4.conf.all.arp_filter = 0
net.ipv4.conf.all.proxy_arp = 0

I already tried arp_accept, arp_ignore and proxy_arp, but nothing changed.
My thought was, that wpa_supplicant may cause this problems!? Anyone already had those issues?

Thanks for your read and hopefully for your reply :)

Greetz,
tux

Post #2

GoldServe

29 Mar 2007, 16:20

I think I have this problem too! No clue!

Post #3

george

30 Mar 2007, 07:18

you see that your meraki is ignoring all apr messages? it has

net.ipv4.conf.all.arp_ignore = 1

and additionally

net.ipv4.conf.default.arp_ignore = 1

which means that it will ignore all those messages. Try

echo 0 > net.ipv4.conf.default.arp_ignore && echo 0 > net.ipv4.conf.all.arp_ignore

probably that will help. My Meraki didn't arrive yet, but on my notebook (which runs also wpa_supplicant) these variables have all value 0.

HtH,

George

Post #4

george

30 Mar 2007, 07:21

uuppss... shouldn't be echo but sysctl -w net.ipv4.con.all.arp_ignore=0 and sysctl -w net.ipv4.conf.default.arp_ignore=0

Btw.: I noticed you have bridge-arptables in your kernel. Maybe that is why your bridging doesn't work?

Regards,

George

Post #5

tux

30 Mar 2007, 09:27

In file /etc/sysctl.conf I set:

net.ipv4.conf.default.arp_ignore=0
net.ipv4.conf.all.arp_ignore=0
net.bridge.bridge-nf-call-arptables=0

... and sysctl is know showing this values on both devices:

root@OpenWrt:~# sysctl -a | grep arp
net.bridge.bridge-nf-call-arptables = 0
net.ipv4.conf.ath0.arp_accept = 0
net.ipv4.conf.ath0.arp_ignore = 0
net.ipv4.conf.ath0.arp_announce = 0
net.ipv4.conf.ath0.arp_filter = 0
net.ipv4.conf.ath0.proxy_arp = 0
net.ipv4.conf.eth0.arp_accept = 0
net.ipv4.conf.eth0.arp_ignore = 0
net.ipv4.conf.eth0.arp_announce = 0
net.ipv4.conf.eth0.arp_filter = 0
net.ipv4.conf.eth0.proxy_arp = 0
net.ipv4.conf.lo.arp_accept = 0
net.ipv4.conf.lo.arp_ignore = 0
net.ipv4.conf.lo.arp_announce = 0
net.ipv4.conf.lo.arp_filter = 0
net.ipv4.conf.lo.proxy_arp = 0
net.ipv4.conf.default.arp_accept = 0
net.ipv4.conf.default.arp_ignore = 0
net.ipv4.conf.default.arp_announce = 0
net.ipv4.conf.default.arp_filter = 0
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.all.arp_accept = 0
net.ipv4.conf.all.arp_ignore = 0
net.ipv4.conf.all.arp_announce = 0
net.ipv4.conf.all.arp_filter = 0
net.ipv4.conf.all.proxy_arp = 0

But I have still the same effect
On weekend I will try to compile without bridge-arptables (another problem).

I'm very amused that Meraki Mini becomes more and more famous, it's a very nice product with a comparable price.
But it's a blemish that Meraki source has been forked of OpenWRT trunk!! Dear Meraki developers, whom will read this, do your work closely to OpenWRT and provide your changes in here.

Post #6

GoldServe

12 Oct 2007, 08:41

I have this problem on y kamikaze 7.09 install on the fonera.

ATH0 is wan and I enabled port forwarding to get into ssh but no go. I can't even ping the box. When I log into the fonera via lan and do some stuff, i am somehow able to pint the box from external and able to ssh in. I don't know what I can do to make the box respond to arps without going into the box and playing around first.

Post #7

tux

12 Oct 2007, 09:29

Sorry, no further results on that.
Maybe some expert is able to provide help?!

(Last edited by tux on 12 Oct 2007, 09:30)

The discussion might have continued from here.

Page 1 of 1