[ previous ] [ next ] [ threads ]
 
 From:  Lee Sharp <leesharp at hal dash pc dot org>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] dhcp server problem
 Date:  Fri, 23 Feb 2007 17:24:18 -0600 
David Burgess wrote:
> On 2/23/07, Lee Sharp <leesharp at hal dash pc dot org> wrote:
>> David Burgess wrote:

>> > So an occasional client has a problem obtaining an IP address from our
>> > m0n0wall dhcp server. I've searched the archives and my problem appears
>> to
>> > be unique in some respects.

>> The few times I have seen this have been ARP table screwups.  This can
>> be very common with wireless as clients move from switch (AP) to switch.
>>   I would start by segmenting the network.  If you can, divide wireless
>> and wired.

> Hm. Our entire network is wireless with multiple access points connected
> wirelessly. The only situation I can think of that would fit your
> explanation is when a client moves from one AP to another, which happens
> occasionally. Would that cause the problem?

> If so, then what is the solution? Is there some way to flush the ARP table,
> or manually update an ARP entry from either the router or the client side?


This is way beyond the normal scope of this list.  So lets go! :)

First lets start with the arp table.  Every system on your network has 
one.  Every computer, switch and AP.  For one interface devices, 
(desktops) it is a simple table.  Type 'arp -a' from the command line to 
see it.  (Windows, Mac, Linux or Unix...)  It shows the IP address 
translated to mac address of everything it has seen.  In a switched 
network, that will be the router.  It may include printers, servers, and 
other systems you touch.  At home connected directly to a router with no 
other items, it will only be the router.

Now a switch has a much more complex routing table.  It has no IP stuff. 
  It just knows the port each MAC address hangs off.  Now what happens 
when a MAC address moves?  This depends on how far down a chain it is.

Say you have a switch at the router.  It has several switches off it for 
each floor.  Each floor has several switches for each region of the 
floor.  Each region has one (or more) AP.  Now Bob's laptop walks down 
the hall.  On the way it connects to the floor above.  The AP says "I 
have bob's MAC."  The regional switch says "I have Bob's MAC."  The 
floor switch says "I have Bob's MAC." The router switch says "I have 
Bob's MAC." down the chan to the floor switch on Bob's floor who now 
says "I have Bob's MAC." but on a different port... And the regional 
switch says "He has Bob's MAC." and on to the AP.  But by now Bob has 
gone back to his desk.  So the first AP says, "But I have Bob's MAC..."

If you have someone on a edge between to APs they can flip back and 
forth, and this goes on.

Solutions...  You can shorten the "lease time" (I know it is not lease 
time, but the analogy works) on some advanced switches.  You can use 
different ESSIDs so the client doesn't move as easily.  You can use less 
switches on the wireless network.

			Lee