I have a peculiar routing problem

On 2015-08-16 10:06, tsu2 wrote:
>
> Recommend execute an unsolicited arp on resume.

I don’t see how to do that, but it will not work. (Ok, found the way, but does not work. See below).


minas-tirith:~ # arp -s oldrouter f8:1a:67:91:f4:22
minas-tirith:~ # ping -c 2 oldrouter
PING oldrouter (192.168.1.5) 56(84) bytes of data.

--- oldrouter ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 999ms

minas-tirith:~ #

The entry for the oldrouter (ak AP-2) is there, yet pings fail.

But:


minas-tirith:~ # iwconfig
eth0      no wireless extensions.

lo        no wireless extensions.

wlan0     IEEE 802.11bgn  ESSID:"En...."
Mode:Managed  Frequency:2.472 GHz  Access Point: F8:8E:85:64:78:F3
Bit Rate=65 Mb/s   Tx-Power=14 dBm
Retry  long limit:7   RTS thr:off   Fragment thr:off
Encryption key:off
Power Management:off
Link Quality=68/70  Signal level=-42 dBm
Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
Tx excessive retries:0  Invalid misc:35   Missed beacon:0

minas-tirith:~ #

Notice the MAC of the wlan0 access point, it is not that in the ARP table. Ah, of course, I was using the ethernet MAC, which is different.


minas-tirith:~ # arp -s oldrouter F8:8E:85:64:78:F3
minas-tirith:~ # ping -c 2 oldrouter
PING oldrouter (192.168.1.5) 56(84) bytes of data.
From router.valinor (192.168.1.1): icmp_seq=2 Redirect Host(New nexthop: oldrouter (192.168.1.5))
From router.valinor (192.168.1.1) icmp_seq=2 Redirect Host
--- oldrouter ping statistics ---
2 packets transmitted, 0 received, +1 errors, 100% packet loss, time 999ms

minas-tirith:~ #


So no, that’s wrong.

I’m starting to think it is a WiFi association issue.

Description of “everything arp” including command to execute an
unsolicited arp (ie broadcast your machine’s IP on your own and not in
response to an arp query)
2.1. Address Resolution Protocol (ARP)

No go:


minas-tirith:~ # ping -c 2 oldrouter
PING oldrouter (192.168.1.5) 56(84) bytes of data.
From minas-tirith.valinor (192.168.1.129) icmp_seq=1 Destination Host Unreachable
From minas-tirith.valinor (192.168.1.129) icmp_seq=2 Destination Host Unreachable

--- oldrouter ping statistics ---
2 packets transmitted, 0 received, +2 errors, 100% packet loss, time 999ms
pipe 2
minas-tirith:~ # arping -q -c 3 -U -I wlan0 192.168.1.129
minas-tirith:~ # ping -c 2 oldrouter
PING oldrouter (192.168.1.5) 56(84) bytes of data.

--- oldrouter ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1000ms

minas-tirith:~ #
minas-tirith:~ # arp
Address                  HWtype  HWaddress           Flags Mask            Iface
oldrouter                ether   f8:1a:67:91:f4:22   C                     wlan0
router.valinor           ether   f8:8e:85:64:78:f2   C                     wlan0
minas-tirith:~ # ping -c 2 oldrouter
PING oldrouter (192.168.1.5) 56(84) bytes of data.

--- oldrouter ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1000ms

minas-tirith:~ #


See? the command populates the ARP table, but the found MAC is that of the ethernet cable, whereas I’m connected to the AP of the same device.
To reach that MAC, the packet has to go to the AP-2, then traverse the cable to the main router (GW), and then back on the same cable to the aux router (AP-2)… Ugh. Ugly.


Cheers / Saludos,

Carlos E. R.

(from 13.1 x86_64 “Bottle” (Minas Tirith))

On 2015-08-16 01:06, nrickert wrote:
> Is there any possibility that there could be two different devices with
> the same IP address? That could interfere with ARP.

The problem may be that there is one device with one IP and two MACs:
the oldrouter, aka AP-2.

It has a connected ethernet port to the LAN, and it has a WiFi access
point, which is the reason for its existence: having an AP upstairs.
Each side has a different MAC, I understand.

Pinging it via cable works perfectly.

Pinging it via wireless, while connected to it, does not.


Cheers / Saludos,

Carlos E. R.
(from 13.1 x86_64 “Bottle” at Telcontar)

Yes, it may be is a limitation of this device. Do you have wireless isolation enabled perhaps? That can cause issues like this.

On 2015-08-17 00:26, deano ferrari wrote:
>
> Yes, it may be is a limitation of this device. Do you have wireless
> isolation enabled perhaps? That can cause issues like this.

(Looking…) No, not enabled.

One issue with this device is that I can not set a default gateway on
it, it tries to outclever me and refuses.

There is no WAN on it, the ADSL port is disconnected. The gateway is the
other router, ie, on the LAN, but it thinks it must be outside, and
refuses to accept the setting.

Nevertheless, Internet when connected to this AP works. It is the LAN
which doesn’t.

Its internal log is full of entries like this, twice per minute:


> 1970-01-01 20:07:17 IGMP Warning V2 igmp router occured! Not matching ours V3.

I don’t know its relevance.


Cheers / Saludos,

Carlos E. R.

(from 13.1 x86_64 “Bottle” (Minas Tirith))

Out of interest, what brand/model ADSL router? I can understand the need for a second AP, and re-deploying this one, but you may need to be pragmatic and consider purchasing another, (unless you can live with the current limitations).

On 2015-08-17 01:16, deano ferrari wrote:
>
> Out of interest, what brand/model ADSL router? I can understand the need
> for a second AP, and re-deploying this one, but you may need to be
> pragmatic and consider purchasing another, (unless you can live with the
> current limitations).

It is a TP-Link TD-W8970

I did a similar setup for a friend. I re-purposed an adsl router, but in
that case I flashed it with OpenWrt. There both routers are sitting side
by side, but with different SSID. It works very well, no issues. The
problem that it solves is basically the same as mine: weak signal on the
ISP WiFi device.

I might do the same here, flash my router: but it was a real pain, and
this unit was relatively expensive. If I can find a second hand router
elsewhere and flash it, that might do.

Unless we can figure out what is the problem with it :-?


Cheers / Saludos,

Carlos E. R.

(from 13.1 x86_64 “Bottle” (Minas Tirith))

On 2015-08-17 01:54, Carlos E. R. wrote:
> It is a TP-Link TD-W8970

You see, this was my main (and sole) router a few months ago, and then
it worked perfectly.


Cheers / Saludos,

Carlos E. R.

(from 13.1 x86_64 “Bottle” (Minas Tirith))

Yes, that is an approach worth considering. I work with Mikrotik routers that allow phenomenal control in situations like these :slight_smile:

On 2015-08-16 04:34, Carlos E. R. wrote:


|
| fibre line, to ISP
|
Fibre router\__Y (WiFi AP-1)
| | | |
(ethernet ports)
|
|
cable to "computer room" upstairs
|
|
8 port switch (with management IP)
| | | | | | | |
\
\_ Old ADSL router\__Y (WiFi AP-2)
(same SSID/Pass)


I disconnected the upstairs cable, yet I can ping anything upstairs
without problems - which means that I’m currently connected to AP-2, the
access point (old router) upstairs.

Obviously, I can not ping the ISP router (AP-1), while the
interconnecting cable is removed.

So the router that fails is the ISP provided router. When I’m connected
to it, via wireless, I can not ping anything upstairs.

This router I can not replace, I’m stuck with it. I could disconnect its
WiFi, perhaps. …] Done!

Actually, I heard that many people complain about the bad quality of the
WiFI in this router. It is a Comtrend VG-8050 :-/

So issue solved… WiFi (ISP router) disconnected downstairs, only
enabled upstairs. It is powerful enough to power the entire house, even
at 25% power. I can adjust its power if needed.


Cheers / Saludos,

Carlos E. R.

(from 13.1 x86_64 “Bottle” (Minas Tirith))