You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2012-09-06 01:29:52
WiFi and Other Issues
I have been trying to research a reason for the random access point disassociation problems I am having and noticed unusual traffic.
When the disassociation happens:
18:22:40.799670 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell hostname.local, length 28
18:22:41.799578 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell hostname.local, length 28
18:22:42.799579 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell hostname.local, length 28
18:22:45.802834 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell hostname.local, length 28A lot of NTP traffic:
Root Delay: 0.000976, Root dispersion: 0.029739, Reference-ID: ramon.Net.Berkeley.EDU
Root Delay: 0.000946, Root dispersion: 0.026840, Reference-ID: tak.cesnet.cz
Root Delay: 0.006790, Root dispersion: 0.033920, Reference-ID: clock.nyc.he.net
Reference Timestamp: 3555695187.266360998 (2012/09/03 15:06:27)
Originator Timestamp: 3555696325.701443374 (2012/09/03 15:25:25)
Receive Timestamp: 3555696325.794240415 (2012/09/03 15:25:25)
Transmit Timestamp: 3555696325.794268846 (2012/09/03 15:25:25)
Originator - Receive Timestamp: +0.092797018
Originator - Transmit Timestamp: +0.092825479DNS problems:
cdns01.comcast.net.domain > hostname.local.60626: [udp sum ok] 53718 q: AAAA? punbb.informer.com. 0/1/0 ns: informer.com. [3h] SOA dns0.easydns.com. zone.easydns.com. 1346794941 21600 7200 1209600 43200 (90)
19:12:35.751925 IP (tos 0x40, ttl 56, id 0, offset 0, flags [DF], proto UDP (17), length 112)
cdns01.comcast.net.domain > hostname.local.49475: [udp sum ok] 20839 q: AAAA? www.debian.org. 0/1/0 ns: www.debian.org. [1h] SOA orff.debian.org. hostmaster.debian.org. 2012090202 10800 3600 604800 3600 (84)
19:12:35.914626 IP (tos 0x40, ttl 56, id 0, offset 0, flags [DF], proto UDP (17), length 112)
cdns01.comcast.net.domain > hostname.local.39928: [udp sum ok] 32088 q: AAAA? www.spi-inc.org. 0/1/0 ns: spi-inc.org. [2h] SOA ns1.spi-inc.org. hostmaster.spi-inc.org. 2012042801 10800 7200 2419200 7200 (84)dmesg at the time of disassociation;
[ 328.063596] device wlan0 entered promiscuous modeuname -r
3.2.0-0.bpo.2-amd64Leaving an active tcpdump shows constant traffic for NTP, DNS, and ARP. Let me know what I need to do next.
Schlzm
Offline
#2 2012-09-06 05:56:08
Re: WiFi and Other Issues
Changed NTP server to time.nist.gov and am not seeing as much random NTP traffic.
Fully idle network <no active connections by me> is still showing a flurry of DNS traffic;
hostname.local.mdns > 224.0.0.251.mdns: [udp sum ok] 0 PTR (QM)? 253.255.255.239.in-addr.arpa. (46)
23:35:11.730220 IP6 (hlim 255, next-header UDP (17) payload length: 54) fe80::e2b9:a5ff:fea8:311b.mdns > ff02::fb.mdns: [udp sum ok] 0 PTR (QM)? 253.255.255.239.in-addr.arpa. (46)
23:35:11.730284 IP (tos 0x0, ttl 255, id 0, offset 0, flags [DF], proto UDP (17), length 74)
hostname.local.mdns > 224.0.0.251.mdns: [udp sum ok] 0 PTR (QM)? 253.255.255.239.in-addr.arpa. (46)
23:35:13.732496 IP6 (hlim 255, next-header UDP (17) payload length: 54) fe80::e2b9:a5ff:fea8:311b.mdns > ff02::fb.mdns: [udp sum ok] 0 PTR (QM)? 253.255.255.239.in-addr.arpa. (46)
23:35:13.732555 IP (tos 0x0, ttl 255, id 0, offset 0, flags [DF], proto UDP (17), length 74)
hostname.local.mdns > 224.0.0.251.mdns: [udp sum ok] 0 PTR (QM)? 253.255.255.239.in-addr.arpa. (46)
23:35:15.631027 IP (tos 0x0, ttl 64, id 16958, offset 0, flags [DF], proto UDP (17), length 70)
hostname.local.60373 > cdns01.comcast.net.domain: [udp sum ok] 60770+ PTR? 76.76.75.75.in-addr.arpa. (42)
23:35:15.658362 IP (tos 0x40, ttl 56, id 0, offset 0, flags [DF], proto UDP (17), length 102)
cdns01.comcast.net.domain > hostname.local.60373: [udp sum ok] 60770 q: PTR? 76.76.75.75.in-addr.arpa. 1/0/0 76.76.75.75.in-addr.arpa. [1h21m48s] PTR cdns02.comcast.net. (74)I'm not sure if this traffic is problematic at this point since I haven't suffered a disassociation since I changed my ntp.conf. The frequent and random ARP traffic still exists but it isn't as bad as before. I wont hold my breath until I can run for more than a night without issue.
Schlzm
Offline
#3 2012-09-06 06:49:20
Re: WiFi and Other Issues
After continuing some research and leaving an idle connection for a little the disassociation came back. Following is the DNS anomolies followed by the ARP issues.
hostname.local.55417 > cdns01.comcast.net.domain: [udp sum ok] 63680+ A? crunchbanglinux.org. (37)
00:38:56.482023 IP (tos 0x0, ttl 64, id 54668, offset 0, flags [DF], proto UDP (17), length 65)
hostname.local.55417 > cdns01.comcast.net.domain: [udp sum ok] 28549+ AAAA? crunchbanglinux.org. (37)
00:39:01.486158 IP (tos 0x0, ttl 64, id 55918, offset 0, flags [DF], proto UDP (17), length 65)
hostname.local.47041 > cdns02.comcast.net.domain: [udp sum ok] 63680+ A? crunchbanglinux.org. (37)
00:39:01.486188 IP (tos 0x0, ttl 64, id 55919, offset 0, flags [DF], proto UDP (17), length 65)
hostname.local.47041 > cdns02.comcast.net.domain: [udp sum ok] 28549+ AAAA? crunchbanglinux.org. (37)
00:39:01.491574 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell hostname.local, length 28
00:39:02.491577 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell hostname.local, length 28
00:39:03.491577 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell hostname.local, length 28
00:39:06.485454 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell hostname.local, length 28
00:39:07.483580 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell hostname.local, length 28
00:39:08.483580 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell hostname.local, length 28Networking section of dmesg for this boot showing;
86.147763] wlan0: authenticate with 7c:4f:b5:da:87:d9
[ 86.165967] wlan0: send auth to 7c:4f:b5:da:87:d9 (try 1/3)
[ 86.177758] wlan0: authenticated
[ 86.189149] wlan0: associate with 7c:4f:b5:da:87:d9 (try 1/3)
[ 86.362661] wlan0: RX AssocResp from 7c:4f:b5:da:87:d9 (capab=0x411 status=0 aid=5)
[ 86.362671] wlan0: associated
[ 86.363444] ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 86.767307] Intel AES-NI instructions are not detected.
[ 97.180487] wlan0: no IPv6 routers present
[ 132.525591] wlan0: deauthenticating from 7c:4f:b5:da:87:d9 by local choice (reason=3)
[ 132.596232] cfg80211: Calling CRDA for country: EC
[ 152.483035] wlan0: authenticate with 7c:4f:b5:da:87:d9
[ 152.493907] wlan0: send auth to 7c:4f:b5:da:87:d9 (try 1/3)
[ 152.504435] wlan0: authenticated
[ 152.516610] wlan0: associate with 7c:4f:b5:da:87:d9 (try 1/3)
[ 152.720344] wlan0: associate with 7c:4f:b5:da:87:d9 (try 2/3)
[ 152.777846] wlan0: RX AssocResp from 7c:4f:b5:da:87:d9 (capab=0x411 status=0 aid=5)
[ 152.777850] wlan0: associated
[ 328.063596] device wlan0 entered promiscuous mode
[ 492.386251] device wlan0 left promiscuous mode
[ 591.491101] device wlan0 entered promiscuous mode
[ 738.645641] wlan0: deauthenticating from 7c:4f:b5:da:87:d9 by local choice (reason=3)
[ 738.688279] cfg80211: Calling CRDA to update world regulatory domain
[ 745.709569] wlan0: authenticate with 7c:4f:b5:da:87:d9
[ 745.729556] wlan0: send auth to 7c:4f:b5:da:87:d9 (try 1/3)
[ 745.735507] wlan0: authenticated
[ 745.749175] wlan0: associate with 7c:4f:b5:da:87:d9 (try 1/3)
[ 745.754711] wlan0: RX AssocResp from 7c:4f:b5:da:87:d9 (capab=0x411 status=0 aid=5)
[ 745.754715] wlan0: associated
[ 3480.327272] device wlan0 left promiscuous mode
[ 6554.575320] device wlan0 entered promiscuous mode
[17765.930766] device wlan0 left promiscuous mode
[17780.344351] device wlan0 entered promiscuous mode
[18558.360482] device wlan0 left promiscuous mode
[18564.082611] device wlan0 entered promiscuous mode
[18693.919754] device wlan0 left promiscuous mode
[18698.233452] device wlan0 entered promiscuous mode
[23043.024961] device wlan0 left promiscuous mode
[23271.307206] device wlan0 entered promiscuous modeI haven't seen these promiscuous mode entries until tonight and I haven't made any changes not documented here since I began tracking data for this thread.
Schlzm
ETA: When this disassociation happens attempting to ping my router returns "Destinationhost unreachable"
Last edited by Schlzm (2012-09-06 06:50:55)
Offline
#4 2012-09-06 09:15:08
- xaos52
- The Good Doctor
- From: Planet of the @s
- Registered: 2011-06-24
- Posts: 4,493
Re: WiFi and Other Issues
What I think is happening might have 2 causes - 3 in fact, perhaps even more? :
(1) Your system clock is not set correctly and the NTP service is trying to correct that. It does not do that in one go, but uses many small steps to synchronize the clock. Hence the ntp network traffic.
(2) It is you using tcpdump that sets the wlan device in promiscuous mode. That is the way tcpdump works.
(3) Independent from (1) and (2) you may experience random disconnects from the wireless router.
Post output of
lspci -knn | grep -Ei -A3 'net|eth'Are you using network-manager to euh.. manage your network?
Using both eth and wlan?
If both are available network-manager will prefer the eth connection over the wireless.
Last edited by xaos52 (2012-09-06 09:16:36)
bootinfoscript - emacs primer - I ♥ #!
Offline
#5 2012-09-06 17:51:36
Re: WiFi and Other Issues
I don't have my laptop with me right now but will check my hardware clock to make sure it isn't interfering with the NTP controls.
That makes sense for tcpdump to alter the setting but I have been running it for a while now to monitor traffic and haven't seen that entry <or noticed it I guess> until last night.
I am using NetworkManager right now but also experienced the same issues with wicd, have considered using just network for testing purposes but it will not provide me a longterm solution due to mobility requirements. I will post the lspci output when I get home later tonight. I do not use a wired connection.
lspci -knn | grep -Ei -A3 'net|eth' output:
02:00.0 Network controller [0280]: Realtek Semiconductor Co., Ltd. RTL8188CE 802.11b/g/n WiFi Adapter [10ec:8176] (rev 01)
Subsystem: AzureWave Device [1a3b:1139]
Kernel driver in use: rtl8192ce
03:00.0 USB Controller [0c03]: Device [1b21:1042]
--
04:00.0 Ethernet controller [0200]: Atheros Communications Device [1969:1083] (rev c0)
Subsystem: ASUSTeK Computer Inc. Device [1043:1851]
Kernel driver in use: atl1cThanks,
Schlzm
Last edited by Schlzm (2012-09-07 00:40:02)
Offline
#6 2012-09-07 17:24:37
Re: WiFi and Other Issues
I think these ARP issues might be a significant part of my problem...
11:18:56.892563 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.9 tell 192.168.0.9, length 46
11:18:58.940314 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.9 tell 192.168.0.9, length 46Schlzm
Offline
#7 2012-09-09 01:04:02
Re: WiFi and Other Issues
Just to re-iterate,
lspci -knn | grep -Ei -A3 'net|eth' output:
02:00.0 Network controller [0280]: Realtek Semiconductor Co., Ltd. RTL8188CE 802.11b/g/n WiFi Adapter [10ec:8176] (rev 01)
Subsystem: AzureWave Device [1a3b:1139]
Kernel driver in use: rtl8192ce
03:00.0 USB Controller [0c03]: Device [1b21:1042]
--
04:00.0 Ethernet controller [0200]: Atheros Communications Device [1969:1083] (rev c0)
Subsystem: ASUSTeK Computer Inc. Device [1043:1851]
Kernel driver in use: atl1cThanks,
Schlzm
Offline
#8 2012-09-09 08:42:14
- xaos52
- The Good Doctor
- From: Planet of the @s
- Registered: 2011-06-24
- Posts: 4,493
Re: WiFi and Other Issues
Post output of
ifconfig -a
ip routebootinfoscript - emacs primer - I ♥ #!
Offline
#9 2012-09-11 01:42:33
Re: WiFi and Other Issues
ifconfig -a
eth0 Link encap:Ethernet HWaddr 10:bf:48:05:96:8e
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:50
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2857 errors:0 dropped:0 overruns:0 frame:0
TX packets:2857 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:4317634 (4.1 MiB) TX bytes:4317634 (4.1 MiB)
pan0 Link encap:Ethernet HWaddr 42:79:f7:49:6e:0c
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
wlan0 Link encap:Ethernet HWaddr e0:b9:a5:a8:31:1b
inet addr:192.168.0.8 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::e2b9:a5ff:fea8:311b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:784 errors:0 dropped:0 overruns:0 frame:0
TX packets:848 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:757307 (739.5 KiB) TX bytes:130052 (127.0 KiB)ip route
default via 192.168.0.1 dev wlan0 proto static
192.168.0.0/24 dev wlan0 proto kernel scope link src 192.168.0.8 metric 2 Schlzm
Offline
#10 2012-09-25 03:20:12
Offline
#12 2012-09-27 06:21:32
Re: WiFi and Other Issues
Well so far it appears as though the N protocol is the main culprit. Though I do have to admit the adding the noarp entry in dhclient.conf has significantly improved authentication times. Not willing to switch this to [SOLVED] quite yet, but after some more baseline testing I will <if this continues to work>.
Schlzm
ETA: NVM fuqsake damn thing made me a liar as soon as I posted this message and dropped right into the ARP storm the signals a dissasociation. However a manual reconnect with the router seems significantly more efficient than before, so I guess I have that going for me.
Last edited by Schlzm (2012-09-27 06:26:05)
Offline
Pages: 1
Copyright © 2012 CrunchBang Linux.
Proudly powered by Debian. Hosted by Linode.
Debian is a registered trademark of Software in the Public Interest, Inc.
