No relevant resource is found in the selected language.
Enterprise
Worldwide
Search
Support Documentation
WLAN Troubleshooting Guide
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
A STA Fails to Ping the Gateway (Packets Are Lost on the Wired Side)

A STA Fails to Ping the Gateway (Packets Are Lost on the Wired Side)

Symptom

A STA fails to ping the gateway (packets are lost on the wired side).

Possible Causes

Assuming that an AC serves as the user gateway, the following issues may cause STAs to fail to ping the gateway when they are properly authenticated and associated:

  • ARP learning issue
  • IP address issue
  • MAC address issue
  • Environmental issue
    • Poor wireless air interface environment
    • Intermediate switch fault
    • Incorrect network cable connection
    • Network loop

Troubleshooting Procedure

  1. Check whether the STA and gateway have ARP entries of each other.

    Forwarding of ping packets relies on whether the gateway has the ARP entry of the STA. Run the display arp command to check whether the gateway has the ARP entry of the STA. If so, continue troubleshooting.

    • If the gateway does not have the ARP entry of the STA, use the station-trace function to trace ARP packets. Ping the STA from the gateway and check whether ARP packets are sent and received normally.
      1. Enable the station-trace function. (Use the STA with the MAC address d0ff-98b2-31fd as an example.)
        [AC-diagnose] station-trace sta-mac d0ff-98b2-31fd
      2. Ping the STA from the gateway and observe the ARP packet exchange process.
        [AC-diagnose] ping 10.99.99.54
  PING 10.99.99.54: 56  data bytes, press CTRL_C to break
    Reply from 10.99.99.54: bytes=56 Sequence=1 ttl=64 time=71 ms<7>Oct 15 2017 21:06:19.580.1 5c1a-6f8b-d5a0 WIFI/7/BTRACE:[BTRACE]
[WLAN_WIFI][D0FF-98B2-31FD]:SeqNo[1] [ARP] ARP request : who has 10.99.99.54 ? tell 10.99.99.1 Recved from software switch
<7>Oct 15 2017 21:06:19.580.2 5c1a-6f8b-d5a0 WIFI/7/BTRACE:[BTRACE][WLAN_WIFI][D0FF-98B2-31FD]:SeqNo[1] [ARP] ARP request : who has 10.99.99.54 ? tell 10.99.99.1 elapsed[0 ms] Sending pkt to target(Single)
<7>Oct 15 2017 21:06:19.580.3 5c1a-6f8b-d5a0 WIFI/7/BTRACE:[BTRACE][WLAN_WIFI][D0FF-98B2-31FD]:SeqNo[1] [ARP] ARP request : who has 10.99.99.54 ? tell 10.99.99.1 elapsed[0 ms] Success to send pkt to air
<7>Oct 15 2017 21:06:19.580.4 5c1a-6f8b-d5a0 WIFI/7/BTRACE:[BTRACE][WLAN_WIFI][D0FF-98B2-31FD]:SeqNo[2] [ARP] ARP response : 10.99.99.54 is at d0ff-98b2-31fd Recved from target
<7>Oct 15 2017 21:06:19.580.5 5c1a-6f8b-d5a0 WIFI/7/BTRACE:[BTRACE][WLAN_WIFI][D0FF-98B2-31FD]:SeqNo[2] [ARP] ARP response : 10.99.99.54 is at d0ff-98b2-31fd elapsed[0 ms] Entering rx reorder
<7>Oct 15 2017 21:06:19.580.6 5c1a-6f8b-d5a0 WIFI//BTRACE:[BTRACE][WLAN_WIFI][D0FF-98B2-31FD]:SeqNo[2] [ARP] ARP response : 10.99.99.54 is at d0ff-98b2-31fd elapsed[0 ms] Exiting rx reorder for release
<7>Oct 15 2017 21:06:19.580.7 5c1a-6f8b-d5a0 WIFI/7/BTRACE:[BTRACE][WLAN_WIFI][D0FF-98B2-31FD]:SeqNo[2] [ARP] ARP response : 10.99.99.54 is at d0ff-98b2-31fd elapsed[0 ms] Success to send pkt to software switch

      The station-trace function works on APs. If no ARP response packet is received, check the STA or obtain air interface packets to verify that the STA responds to ARP requests. If the ARP interaction process is complete but the gateway still has no ARP entry of the STA, obtain wired packets to locate the device where ARP packets are lost.

    • If the gateway has learned the ARP entry of the STA but the ping operation still fails, configure an ACL-based traffic statistics policy (applicable to most Huawei datacom products) to check whether ICMP packet statistics can be collected on the interface of the gateway connected to the STA.

      In the command, inbound and outbound indicate the inbound and outbound directions of traffic on the local device, respectively. For example, perform the following configuration to configure a traffic statistics policy for STA A (192.168.1.2) to ping device B (192.168.1.1):

      If intermediate devices also support traffic statistics collection, you can use this method to locate the cause of packet loss.

      1. Configure a traffic statistics policy on GigabitEthernet 0/0/1.
        [AC] acl 3000
[AC-acl-adv-3000] rule 5 permit icmp source 192.168.1.2 0.0.0.0 //Filter ICMP packets sent from the IP address 192.168.1.2 matching the ACL rule.
[AC-acl-adv-3000] quit
[AC] traffic classifier test
[AC-classifier-test] if-match acl 3000
[AC-classifier-test] quit
[AC] traffic behavior test
[AC-behavior-test] statistic enable
[AC-behavior-test] quit
[AC] traffic policy test
[AC-trafficpolicy-test] classifier test behavior test
[AC-trafficpolicy-test] quit
[AC] interface GigabitEthernet 0/0/1
[AC-GigabitEthernet0/0/1] traffic-policy test inbound //Bind the policy to the interface.
      2. Check the ICMP packet statistics collected on GigabitEthernet 0/0/1.
        [AC] ping 192.168.1.2
[AC] display traffic policy statistics interface GigabitEthernet 0/0/1 inbound

      Currently, Huawei WLAN products can only collect statistics on the packets sent to or passing through them, but cannot collect statistics on packets they proactively send and reply.

      After the fault is rectified, run the undo traffic-policy test inbound, undo traffic policy test, undo traffic behavior test, and undo traffic classifier test commands to restore the interface configurations.

    • From V200R019C10, you can also run the np-trace-pkt command to trace and collect packet statistics.
      • Currently, this command is available only for the AirEngine 9700-M, AC6805, AirEngine 9700-M1, AirEngine9700D-M, and AirEngineX760 series APs.
      • A maximum of eight filtering rules can be configured.
      • You can specify the parameter inner to filter packets encapsulated over the CAPWAP tunnel.
      • Common IP protocol values are TCP (6), UDP (17), and ICMP (1). For other protocol values, visit List of IP protocol numbers - Wikipedia.
      1. Configure filtering conditions of np-trace-pkt.
        [AirEngine9700-M-diagnose] np-trace-pkt 1 src-ip 192.168.1.2 protocol 1 //Filter out ICMP packets with the source IP address of 192.168.1.2.
      2. Trigger the traffic that meets the filtering conditions, check packet statistics in the inbound and outbound directions of the device.
        [AirEngine9700-M-diagnose] display np-trace-pkt 1 statistics
Index: 1
Configuration:
------------------------------------------------------------------------------------------
SIP             DIP             SMAC           DMAC           SPORT DPORT Protocol Inner
------------------------------------------------------------------------------------------
192.168.1.2     --              --             --             --    --    1        No
------------------------------------------------------------------------------------------

-------------------------------------------
CPU Statistics
-------------------------------------------
Inbound(from NP)  :                 0
Inbound(from CP)  :                 0
Outbound(to NP)   :                 0
Outbound(to CP)   :                 0
-------------------------------------------
NP Statistics
-------------------------------------------
Inbound(from Port):                 0
Inbound(from FWD) :                 0
Outbound(to Port) :                 0
Outbound(to FWD)  :                 0
-------------------------------------------

  2. Check whether the IP addresses of network devices are correct.

    1. Check whether the IP addresses of network devices on the network conflict with each other.
      • If there are a few network devices on the network and the networking is simple, check their IP addresses directly. For example, if there are three network devices on the network, check their IP address on each device. If any two IP addresses are the same, the ping failure is caused by an IP address conflict. Change the conflicting IP address.
      • If the networking is complex, run the display arp ip-conflict track command to check information about the detected IP address conflict, including the conflict type, conflicting IP address, and interfaces. If the command output similar to the following is displayed, an IP address conflict occurs. Change the conflicting IP address.
        <AC> display arp ip-conflict track
Conflict type       : Local IP conflict
IP address          : 192.101.1.1
System time         : 2011-11-19 03:22:16+08:00
Conflict count      : 1
Suppress count      : 0
Local interface     : Vlanif1001
Receive interface   : GE0/0/1
Receive VLAN/CEVLAN : 1001/0
    2. Check whether the IP address of the VLANIF interface on the gateway is correct.

      Run the display ip interface vlanif vlan-id command to check the IP address configuration of all VLANIF interfaces in the VLAN, or run the display ip interface brief command to check brief information about interface IP addresses.

      <AC> display ip interface vlanif 15  
Vlanif15 current state : UP 
Line protocol current state : UP 
The Maximum Transmit Unit : 1500 bytes 
input packets : 766390, bytes : 41540847, multicasts : 681817 
output packets : 242239, bytes : 14679482, multicasts : 172333 
Directed-broadcast packets:  
received packets:            0, sent packets:            0  
forwarded packets:           0, dropped packets:           0 
Internet Address is 10.1.1.119/24 
Broadcast address : 10.1.1.255 
TTL being 1 packet number:    164035 
TTL invalid packet number:         0 
ICMP packet input number:          0   
Echo reply:                      0   
Unreachable:                     0   
Source quench:                   0   
Routing redirect:                0   
Echo request:                    0   
Router advert:                   0   
Router solicit:                  0   
Time exceed:                     0   
IP header bad:                   0   
Timestamp request:               0   
Timestamp reply:                 0   
Information request:             0   
Information reply:               0   
Netmask request:                 0   
Netmask reply:                   0   
Unknown type:                    0    
      [AC] display ip interface brief 
*down: administratively down                                                    
^down: standby                                                                  
(l): loopback                                                                   
(s): spoofing                                                                   
(E): E-Trunk down                                                               
The number of interface that is UP in Physical is 3                             
The number of interface that is DOWN in Physical is 0                           
The number of interface that is UP in Protocol is 3                             
The number of interface that is DOWN in Protocol is 0                           

Interface                         IP Address/Mask      Physical   Protocol      
MEth0/0/1                         172.16.129.120/24    up         up            
NULL0                             unassigned           up         up(s)         
Vlanif100                         10.23.100.1/24       up         up

  3. Check whether MAC address conflicts exist.

    The MAC address of a STA cannot be the same as that of the AC it pings. Otherwise, the ping operation fails. However, this issue rarely occurs. You can run the display arp command to check whether the STA's MAC address is the same as that of the AC.

    [AC] display arp                                                                                                                 
IP ADDRESS      MAC ADDRESS     EXPIRE(M) TYPE        INTERFACE   VPN-INSTANCE                                                      
                                          VLAN/CEVLAN PVC                                                                           
------------------------------------------------------------------------------                                                      
10.10.10.1      e4c2-d1fe-084a            I -         Vlanif1                                                                       
10.10.21.1      e4c2-d1fe-084a            I -         Vlanif100                                                                     
10.10.21.66     8038-bc1b-86c0  20        D-0         GE0/0/5                                                                       
                                           100/-                                                                                    
10.10.22.1      e4c2-d1fe-084a            I -         Vlanif101                                                                     
10.10.22.100    3cd9-2b58-380a  20        D-0         GE0/0/1                                                                       
                                           101/-                                                                                    
10.10.23.1      e4c2-d1fe-084a            I -         Vlanif102                                                                     
189.174.2.3     e4c2-d1fe-084a            I -         Vlanif155                                                                     
200.200.200.1   e4c2-d1fe-084a            I -         Vlanif200                                                                     
10.10.50.2      e4c2-d1fe-084a            I -         Vlanif1000                                                                    
10.10.200.1     e4c2-d1fe-084a            I -         Vlanif2000                                                                    
192.168.1.1     e4c2-d1fe-084a            I -         Vlanif2001                                                                    
192.168.2.1     e4c2-d1fe-084a            I -         Vlanif2002                                                                    
192.168.3.1     e4c2-d1fe-084a            I -         Vlanif2003                                                                    
10.1.2.1        e4c2-d1fe-084a            I -         Vlanif20                                                                      
8.1.1.1         e4c2-d1fe-084a            I -         Vlanif2                                                                       
------------------------------------------------------------------------------                                                      
Total:15        Dynamic:2       Static:0     Interface:13

    If their MAC addresses are the same, use another STA or AC.

  4. Check whether the network environment is normal.

    1. Check the air interface environment (wireless environment).

      Symptom: Air interface environment deterioration may cause a low network access speed, a long ping delay, and packet loss. In most cases, however, ping operations do not fail.

      • In V200R006 and later versions, run the display radio all command to check radio information about all APs.
        <AC> display radio all
CH/BW:Channel/Bandwidth
CE:Current EIRP (dBm)
ME:Max EIRP (dBm)
CU:Channel utilization
------------------------------------------------------------------------------
AP ID Name            RfID  Band  Type    Status  CH/BW    CE/ME   STA     CU
------------------------------------------------------------------------------
1     60de-4474-9640  0     2.4G  bgn     on      6/20M    24/24   0       55%
1     60de-4474-9640  1     5G    an      on      56/20M   25/25   0       3%
------------------------------------------------------------------------------
Total:2
      • In V200R005, run the display radio statistics ap ap-id radio radio-id command to check MAC-layer statistics about a specified radio. In the command output, Wireless channel utilization(%) indicates the channel utilization of the radio. A large volume of service traffic on the air interface and a high channel utilization decrease the air interface efficiency.
        <AC> display radio statistics ap 0 radio 0
  -----------------------------------------------------------------------       
......
   Wireless PER(%)                                       :71                    
   Wireless PER of the last statistic period(%)          :0                     
   Wireless channel utilization(%)                  :0                     
   Wireless received signal strength(dBm)                :-                     
   Wireless receive power(dBm)                           :-                     
......
  -----------------------------------------------------------------------

      When the channel utilization of a radio is greater than 60%, the air interface efficiency is low. Therefore, it is recommended that the channel utilization of a radio do not exceed 60%. To achieve this, optimize the network environment to prevent packet loss.

    2. Check intermediate switches.

      Symptom: When a switch is deployed between devices A and B, device B cannot receive ARP or ICMP packets sent by device A.

      Check method: Check interface configurations of the intermediate switch. If possible, obtain packet headers on the interfaces connecting the switch to devices A and B to check whether packet loss occurs on the switch.

      1. Run the display vlan vlan-id verbose command to check whether a VLAN has been created successfully, detailed information about the VLAN, and configurations on the interface.

        In most cases, the interface directly connected to STAs is added to a service VLAN in untagged mode. If multiple devices are deployed on the network, check whether each device allows packets from the service VLAN to pass through.

        If the command output similar to the following is displayed, the VLAN has been created successfully.

        <AC> display vlan 100 verbose 
* : Management-VLAN 
---------------------   
VLAN ID                     : 100   
VLAN Name                   :   
VLAN Type                   : 
Common   Description                 : VLAN 0100   
Status                      : Enable   
Broadcast                   : Enable   
MAC Learning                : Enable   
Smart MAC Learning          : Disable   
Current MAC Learning Result : Enable   
Statistics                  : Disable   
Property                    : Default   
VLAN State                  : Down   
----------------   
Tagged        Port: GigabitEthernet0/0/1   
----------------   
Active  Tag   Port: GigabitEthernet0/0/1 
------------------- 
Interface                   Physical 
GigabitEthernet0/0/1                   DOWN
      2. Enter the interface view and run the display this command to check the interface PVID and check whether the interface is added to the VLAN in untagged or tagged mode. Determine whether the interface configuration meets actual requirements.
        [AC-GigabitEthernet0/0/8] display this
#
interface GigabitEthernet0/0/8
 port hybrid pvid vlan 100
 port hybrid tagged vlan 100
#
return
      3. Run the display this command in the VLAN view and VLANIF interface view to check whether any traffic policy is bound to the VLANIF interface, such as a traffic filtering policy, which causes service interruption. Check the configuration of the actual policy bound to the interface and rectify the fault accordingly.
        [AC-Vlanif100] display this
#
interface Vlanif100
 ip address 10.23.100.1 255.255.255.0
 traffic-filter inbound acl 3000
 dhcp select interface
#
return
[AC6605-Vlanif100]
    3. Check whether the network cables are connected incorrectly.

      Symptom: The interface status is incorrect or the packet transmission path is incorrect.

      Check method: Check the network cable connections and run the display interface brief command to view the Up/Down status of all interfaces.

      <AC> display interface brief
PHY: Physical                                                                   
*down: administratively down                                                    
(l): loopback                                                                   
(s): spoofing                                                                   
(b): BFD down                                                                   
(e): ETHOAM down                                                                
(d): Dampening Suppressed                                                       
InUti/OutUti: input utility/output utility                                      
Interface                   PHY   Protocol InUti OutUti   inErrors  outErrors   
Eth-Trunk0                  down  down        0%     0%          0          0   
Eth-Trunk1                  down  down        0%     0%          0          0   
GigabitEthernet0/0/1        down  down        0%     0%          0          0   
GigabitEthernet0/0/2        down  down        0%     0%          0          0   
GigabitEthernet0/0/3        down  down        0%     0%          0          0   
GigabitEthernet0/0/4        up    up       0.01%  0.01%          0          0   
GigabitEthernet0/0/5        down  down        0%     0%          0          0   
GigabitEthernet0/0/6        up    up       0.01%  0.01%          0          0   
GigabitEthernet0/0/7        down  down        0%     0%          0          0   
GigabitEthernet0/0/8        down  down        0%     0%          0          0   
GigabitEthernet0/0/9        down  down        0%     0%          0          0   
GigabitEthernet0/0/10       down  down        0%     0%          0          0   
GigabitEthernet0/0/11       down  down        0%     0%          0          0   
GigabitEthernet0/0/12       down  down        0%     0%          0          0   
GigabitEthernet0/0/13       down  down        0%     0%          0          0   
GigabitEthernet0/0/14       down  down        0%     0%          0          0   
GigabitEthernet0/0/15       down  down        0%     0%          0          0   
GigabitEthernet0/0/16       down  down        0%     0%          0          0   
GigabitEthernet0/0/17       down  down        0%     0%          0          0   
GigabitEthernet0/0/18       down  down        0%     0%          0          0   
GigabitEthernet0/0/19       down  down        0%     0%          0          0   
GigabitEthernet0/0/20       up    up       0.01%  0.01%          0          0   
GigabitEthernet0/0/21       down  down        0%     0%          0          0   
GigabitEthernet0/0/22       down  down        0%     0%          0          0   
GigabitEthernet0/0/23       down  down        0%     0%          0          0   
GigabitEthernet0/0/24       down  down        0%     0%          0          0   
MEth0/0/1                   up    up          0%     0%          0          0   
NULL0                       up    up(s)       0%     0%          0          0   
Vlanif1                     up    down        --     --          0          0   
Wlan-Ess1                   down  down        --     --          0          0   
XGigabitEthernet0/0/1       down  down        0%     0%          0          0   
XGigabitEthernet0/0/2       down  down        0%     0%          0          0
    4. Check whether a loop occurs on the network.

      Symptom: A large number of packets are lost due to MAC address flapping.

      Check method: Log in to the AC through the serial port and run the display mac-address command repeatedly to check whether the MAC address is learned by the correct interface or whether the MAC address flaps between different interfaces, and whether a loop occurs on the network.

      <AC> display mac-address
------------------------------------------------------------------------------- 
MAC Address       VLAN/VSI               Learned-From               Type       
------------------------------------------------------------------------------- 
4c1f-cc25-611b    100/-                  GE0/0/1                    security   

------------------------------------------------------------------------------- 
Total items displayed = 1

Translation
简体中文
Download
Updated: 2023-06-02

Document ID: EDOC1000060368

Views: 1823698

Downloads: 5813

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Digital Signature File

Digital Signature Authentication Mode
Share
Previous Next

Copyright © 2023 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :