SEARCH

Enter your search query in the box above ^, or use the forum search tool.

You are not logged in.

#1 2012-09-06 01:29:52

Schlzm
Member
Registered: 2012-01-04
Posts: 33
Website

WiFi and Other Issues

I have been trying to research a reason for the random access point disassociation problems I am having and noticed unusual traffic.
When the disassociation happens:

18:22:40.799670 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell hostname.local, length 28
18:22:41.799578 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell hostname.local, length 28
18:22:42.799579 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell hostname.local, length 28
18:22:45.802834 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell hostname.local, length 28

A lot of NTP traffic:

Root Delay: 0.000976, Root dispersion: 0.029739, Reference-ID: ramon.Net.Berkeley.EDU

Root Delay: 0.000946, Root dispersion: 0.026840, Reference-ID: tak.cesnet.cz

Root Delay: 0.006790, Root dispersion: 0.033920, Reference-ID: clock.nyc.he.net
      Reference Timestamp:  3555695187.266360998 (2012/09/03 15:06:27)
      Originator Timestamp: 3555696325.701443374 (2012/09/03 15:25:25)
      Receive Timestamp:    3555696325.794240415 (2012/09/03 15:25:25)
      Transmit Timestamp:   3555696325.794268846 (2012/09/03 15:25:25)
        Originator - Receive Timestamp:  +0.092797018
        Originator - Transmit Timestamp: +0.092825479

DNS problems:

    cdns01.comcast.net.domain > hostname.local.60626: [udp sum ok] 53718 q: AAAA? punbb.informer.com. 0/1/0 ns: informer.com. [3h] SOA dns0.easydns.com. zone.easydns.com. 1346794941 21600 7200 1209600 43200 (90)
19:12:35.751925 IP (tos 0x40, ttl 56, id 0, offset 0, flags [DF], proto UDP (17), length 112)
    cdns01.comcast.net.domain > hostname.local.49475: [udp sum ok] 20839 q: AAAA? www.debian.org. 0/1/0 ns: www.debian.org. [1h] SOA orff.debian.org. hostmaster.debian.org. 2012090202 10800 3600 604800 3600 (84)
19:12:35.914626 IP (tos 0x40, ttl 56, id 0, offset 0, flags [DF], proto UDP (17), length 112)
    cdns01.comcast.net.domain > hostname.local.39928: [udp sum ok] 32088 q: AAAA? www.spi-inc.org. 0/1/0 ns: spi-inc.org. [2h] SOA ns1.spi-inc.org. hostmaster.spi-inc.org. 2012042801 10800 7200 2419200 7200 (84)

dmesg at the time of disassociation;

[  328.063596] device wlan0 entered promiscuous mode

uname -r

3.2.0-0.bpo.2-amd64

Leaving an active tcpdump shows constant traffic for NTP, DNS, and ARP. Let me know what I need to do next.


Schlzm

Offline

Be excellent to each other!

#2 2012-09-06 05:56:08

Schlzm
Member
Registered: 2012-01-04
Posts: 33
Website

Re: WiFi and Other Issues

Changed NTP server to time.nist.gov and am not seeing as much random NTP traffic.
Fully idle network <no active connections by me> is still showing a flurry of DNS traffic;

hostname.local.mdns > 224.0.0.251.mdns: [udp sum ok] 0 PTR (QM)? 253.255.255.239.in-addr.arpa. (46)
23:35:11.730220 IP6 (hlim 255, next-header UDP (17) payload length: 54) fe80::e2b9:a5ff:fea8:311b.mdns > ff02::fb.mdns: [udp sum ok] 0 PTR (QM)? 253.255.255.239.in-addr.arpa. (46)
23:35:11.730284 IP (tos 0x0, ttl 255, id 0, offset 0, flags [DF], proto UDP (17), length 74)
    hostname.local.mdns > 224.0.0.251.mdns: [udp sum ok] 0 PTR (QM)? 253.255.255.239.in-addr.arpa. (46)
23:35:13.732496 IP6 (hlim 255, next-header UDP (17) payload length: 54) fe80::e2b9:a5ff:fea8:311b.mdns > ff02::fb.mdns: [udp sum ok] 0 PTR (QM)? 253.255.255.239.in-addr.arpa. (46)
23:35:13.732555 IP (tos 0x0, ttl 255, id 0, offset 0, flags [DF], proto UDP (17), length 74)
    hostname.local.mdns > 224.0.0.251.mdns: [udp sum ok] 0 PTR (QM)? 253.255.255.239.in-addr.arpa. (46)
23:35:15.631027 IP (tos 0x0, ttl 64, id 16958, offset 0, flags [DF], proto UDP (17), length 70)
    hostname.local.60373 > cdns01.comcast.net.domain: [udp sum ok] 60770+ PTR? 76.76.75.75.in-addr.arpa. (42)
23:35:15.658362 IP (tos 0x40, ttl 56, id 0, offset 0, flags [DF], proto UDP (17), length 102)
    cdns01.comcast.net.domain > hostname.local.60373: [udp sum ok] 60770 q: PTR? 76.76.75.75.in-addr.arpa. 1/0/0 76.76.75.75.in-addr.arpa. [1h21m48s] PTR cdns02.comcast.net. (74)

I'm not sure if this traffic is problematic at this point since I haven't suffered a disassociation since I changed my ntp.conf. The frequent and random ARP traffic still exists but it isn't as bad as before. I wont hold my breath until I can run for more than a night without issue.


Schlzm

Offline

#3 2012-09-06 06:49:20

Schlzm
Member
Registered: 2012-01-04
Posts: 33
Website

Re: WiFi and Other Issues

After continuing some research and leaving an idle connection for a little the disassociation came back. Following is the DNS anomolies followed by the ARP issues.

    hostname.local.55417 > cdns01.comcast.net.domain: [udp sum ok] 63680+ A? crunchbanglinux.org. (37)
00:38:56.482023 IP (tos 0x0, ttl 64, id 54668, offset 0, flags [DF], proto UDP (17), length 65)
    hostname.local.55417 > cdns01.comcast.net.domain: [udp sum ok] 28549+ AAAA? crunchbanglinux.org. (37)
00:39:01.486158 IP (tos 0x0, ttl 64, id 55918, offset 0, flags [DF], proto UDP (17), length 65)
    hostname.local.47041 > cdns02.comcast.net.domain: [udp sum ok] 63680+ A? crunchbanglinux.org. (37)
00:39:01.486188 IP (tos 0x0, ttl 64, id 55919, offset 0, flags [DF], proto UDP (17), length 65)
    hostname.local.47041 > cdns02.comcast.net.domain: [udp sum ok] 28549+ AAAA? crunchbanglinux.org. (37)
00:39:01.491574 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell hostname.local, length 28
00:39:02.491577 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell hostname.local, length 28
00:39:03.491577 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell hostname.local, length 28
00:39:06.485454 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell hostname.local, length 28
00:39:07.483580 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell hostname.local, length 28
00:39:08.483580 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.1 tell hostname.local, length 28

Networking section of dmesg for this boot showing;

86.147763] wlan0: authenticate with 7c:4f:b5:da:87:d9
[   86.165967] wlan0: send auth to 7c:4f:b5:da:87:d9 (try 1/3)
[   86.177758] wlan0: authenticated
[   86.189149] wlan0: associate with 7c:4f:b5:da:87:d9 (try 1/3)
[   86.362661] wlan0: RX AssocResp from 7c:4f:b5:da:87:d9 (capab=0x411 status=0 aid=5)
[   86.362671] wlan0: associated
[   86.363444] ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   86.767307] Intel AES-NI instructions are not detected.
[   97.180487] wlan0: no IPv6 routers present
[  132.525591] wlan0: deauthenticating from 7c:4f:b5:da:87:d9 by local choice (reason=3)
[  132.596232] cfg80211: Calling CRDA for country: EC
[  152.483035] wlan0: authenticate with 7c:4f:b5:da:87:d9
[  152.493907] wlan0: send auth to 7c:4f:b5:da:87:d9 (try 1/3)
[  152.504435] wlan0: authenticated
[  152.516610] wlan0: associate with 7c:4f:b5:da:87:d9 (try 1/3)
[  152.720344] wlan0: associate with 7c:4f:b5:da:87:d9 (try 2/3)
[  152.777846] wlan0: RX AssocResp from 7c:4f:b5:da:87:d9 (capab=0x411 status=0 aid=5)
[  152.777850] wlan0: associated
[  328.063596] device wlan0 entered promiscuous mode
[  492.386251] device wlan0 left promiscuous mode
[  591.491101] device wlan0 entered promiscuous mode
[  738.645641] wlan0: deauthenticating from 7c:4f:b5:da:87:d9 by local choice (reason=3)
[  738.688279] cfg80211: Calling CRDA to update world regulatory domain
[  745.709569] wlan0: authenticate with 7c:4f:b5:da:87:d9
[  745.729556] wlan0: send auth to 7c:4f:b5:da:87:d9 (try 1/3)
[  745.735507] wlan0: authenticated
[  745.749175] wlan0: associate with 7c:4f:b5:da:87:d9 (try 1/3)
[  745.754711] wlan0: RX AssocResp from 7c:4f:b5:da:87:d9 (capab=0x411 status=0 aid=5)
[  745.754715] wlan0: associated
[ 3480.327272] device wlan0 left promiscuous mode
[ 6554.575320] device wlan0 entered promiscuous mode
[17765.930766] device wlan0 left promiscuous mode
[17780.344351] device wlan0 entered promiscuous mode
[18558.360482] device wlan0 left promiscuous mode
[18564.082611] device wlan0 entered promiscuous mode
[18693.919754] device wlan0 left promiscuous mode
[18698.233452] device wlan0 entered promiscuous mode
[23043.024961] device wlan0 left promiscuous mode
[23271.307206] device wlan0 entered promiscuous mode

I haven't seen these promiscuous mode entries until tonight and I haven't made any changes not documented here since I began tracking data for this thread.


Schlzm

ETA: When this disassociation happens attempting to ping my router returns "Destinationhost unreachable"

Last edited by Schlzm (2012-09-06 06:50:55)

Offline

#4 2012-09-06 09:15:08

xaos52
The Good Doctor
From: Planet of the @s
Registered: 2011-06-24
Posts: 4,595

Re: WiFi and Other Issues

What I think is happening might have 2 causes - 3 in fact, perhaps even more? :

(1) Your system clock is not set correctly and the NTP service is trying to correct that. It does not do that in one go, but uses many small steps to synchronize the clock. Hence the ntp network traffic.

(2) It is you using tcpdump that sets the wlan device in promiscuous mode. That is the way tcpdump works.

(3) Independent from (1) and (2) you may experience random disconnects from the wireless router.

Post output of

lspci -knn | grep -Ei  -A3 'net|eth'

Are you using network-manager to euh.. manage your network?
Using both eth and wlan?
If both are available network-manager will prefer the eth connection over the wireless.

Last edited by xaos52 (2012-09-06 09:16:36)

Offline

#5 2012-09-06 17:51:36

Schlzm
Member
Registered: 2012-01-04
Posts: 33
Website

Re: WiFi and Other Issues

I don't have my laptop with me right now but will check my hardware clock to make sure it isn't interfering with the NTP controls.

That makes sense for tcpdump to alter the setting but I have been running it for a while now to monitor traffic and haven't seen that entry <or noticed it I guess> until last night.

I am using NetworkManager right now but also experienced the same issues with wicd, have considered using just network for testing purposes but it will not provide me a longterm solution due to mobility requirements. I will post the lspci output when I get home later tonight. I do not use a wired connection.

lspci -knn | grep -Ei  -A3 'net|eth' output:

02:00.0 Network controller [0280]: Realtek Semiconductor Co., Ltd. RTL8188CE 802.11b/g/n WiFi Adapter [10ec:8176] (rev 01)
    Subsystem: AzureWave Device [1a3b:1139]
    Kernel driver in use: rtl8192ce
03:00.0 USB Controller [0c03]: Device [1b21:1042]
--
04:00.0 Ethernet controller [0200]: Atheros Communications Device [1969:1083] (rev c0)
    Subsystem: ASUSTeK Computer Inc. Device [1043:1851]
    Kernel driver in use: atl1c

Thanks,


Schlzm

Last edited by Schlzm (2012-09-07 00:40:02)

Offline

#6 2012-09-07 17:24:37

Schlzm
Member
Registered: 2012-01-04
Posts: 33
Website

Re: WiFi and Other Issues

I think these ARP issues might be a significant part of my problem...

11:18:56.892563 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.9 tell 192.168.0.9, length 46
11:18:58.940314 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.0.9 tell 192.168.0.9, length 46

Schlzm

Offline

#7 2012-09-09 01:04:02

Schlzm
Member
Registered: 2012-01-04
Posts: 33
Website

Re: WiFi and Other Issues

Just to re-iterate,

lspci -knn | grep -Ei  -A3 'net|eth' output:

02:00.0 Network controller [0280]: Realtek Semiconductor Co., Ltd. RTL8188CE 802.11b/g/n WiFi Adapter [10ec:8176] (rev 01)
    Subsystem: AzureWave Device [1a3b:1139]
    Kernel driver in use: rtl8192ce
03:00.0 USB Controller [0c03]: Device [1b21:1042]
--
04:00.0 Ethernet controller [0200]: Atheros Communications Device [1969:1083] (rev c0)
    Subsystem: ASUSTeK Computer Inc. Device [1043:1851]
    Kernel driver in use: atl1c

Thanks,


Schlzm

Offline

#8 2012-09-09 08:42:14

xaos52
The Good Doctor
From: Planet of the @s
Registered: 2011-06-24
Posts: 4,595

Re: WiFi and Other Issues

Post output of

ifconfig -a
ip route

Offline

#9 2012-09-11 01:42:33

Schlzm
Member
Registered: 2012-01-04
Posts: 33
Website

Re: WiFi and Other Issues

ifconfig -a
eth0      Link encap:Ethernet  HWaddr 10:bf:48:05:96:8e  
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
          Interrupt:50 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:2857 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2857 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:4317634 (4.1 MiB)  TX bytes:4317634 (4.1 MiB)

pan0      Link encap:Ethernet  HWaddr 42:79:f7:49:6e:0c  
          BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

wlan0     Link encap:Ethernet  HWaddr e0:b9:a5:a8:31:1b  
          inet addr:192.168.0.8  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::e2b9:a5ff:fea8:311b/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:784 errors:0 dropped:0 overruns:0 frame:0
          TX packets:848 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:757307 (739.5 KiB)  TX bytes:130052 (127.0 KiB)
ip route
default via 192.168.0.1 dev wlan0  proto static 
192.168.0.0/24 dev wlan0  proto kernel  scope link  src 192.168.0.8  metric 2 

Schlzm

Offline

#10 2012-09-25 03:20:12

Schlzm
Member
Registered: 2012-01-04
Posts: 33
Website

Re: WiFi and Other Issues

Pretty sure I have pinned this down to an ARP issue. I appended the following to /etc/dhcp/dhclient.conf

# Stop ARP requests on startup
noarp

Then killed and restarted dhclient. So far so good but I am skeptical.


Schlzm

Offline

#11 2012-09-25 04:49:07

Schlzm
Member
Registered: 2012-01-04
Posts: 33
Website

Re: WiFi and Other Issues

Nevermind that didn't change anything. Looking into some other options.
ETA: Disabled wireless N and Xpress Technology on the router just in case.


Schlzm

Last edited by Schlzm (2012-09-25 04:58:39)

Offline

#12 2012-09-27 06:21:32

Schlzm
Member
Registered: 2012-01-04
Posts: 33
Website

Re: WiFi and Other Issues

Well so far it appears as though the N protocol is the main culprit. Though I do have to admit the adding the noarp entry in dhclient.conf has significantly improved authentication times. Not willing to switch this to [SOLVED] quite yet, but after some more baseline testing I will <if this continues to work>.


Schlzm

ETA: NVM fuqsake damn thing made me a liar as soon as I posted this message and dropped right into the ARP storm the signals a dissasociation. However a manual reconnect with the router seems significantly more efficient than before, so I guess I have that going for me.

Last edited by Schlzm (2012-09-27 06:26:05)

Offline

Board footer

Powered by FluxBB

Copyright © 2012 CrunchBang Linux.
Proudly powered by Debian. Hosted by Linode.
Debian is a registered trademark of Software in the Public Interest, Inc.

Debian Logo