Got it

Troubleshooting Of Wireless Users Can’t Visit Internet For S5710(V200R005C00SPC300)

Latest reply: Apr 1, 2017 09:20:00 1309 1 0 0
Users see wifi signal. After entering password to connect to wifi, it fails to connect.
  • x
  • convention:

Created Apr 1, 2017 09:20:00 Helpful(0) Helpful(0)

Users see wifi signal. After entering password to connect to wifi, it fails to connect.
transparent.gif Handling Process

1. Check the information of APs by the command ”display ap all”. And then found the state the of APs is normal.

<AC6605>display ap all
  All AP information:
  AP    AP               AP              Profile   AP              AP
  ID    Type             MAC             ID        State           Sysname
  0     AP5030DN         643e-8c4a-1f40    0/0     normal          ap-0
  1     AP5030DN         643e-8c4a-1f00    0/0     normal          ap-1
  2     AP5030DN         643e-8c4a-1e80    0/0     normal          ap-2
  3     AP5030DN         643e-8c4a-2000    0/0     normal          ap-3
  4     AP5030DN         643e-8c4a-1ea0    0/0     normal          ap-4
  5     AP5030DN         643e-8c4a-1e40    0/0     normal          ap-5
  6     AP5030DN         643e-8c4a-2040    0/0     normal          ap-6
  7     AP5030DN         643e-8c4a-1e20    0/0     normal          ap-7
  8     AP5030DN         643e-8c4a-1f20    0/0     normal          ap-8
  9     AP5030DN         643e-8c4a-1f60    0/0     normal          ap-9
  10    AP5030DN         643e-8c4a-1fa0    0/0     normal          ap-10
  11    AP5030DN         9c37-f491-6bc0    0/0     normal          ap-11
  12    AP5030DN         9c37-f491-6ae0    0/0     normal          ap-12
  13    AP5030DN         9c37-f491-6ac0    0/0     normal          ap-13
  14    AP5030DN         9c37-f491-6b40    0/0     normal          ap-14
  15    AP5030DN         9c37-f491-6b80    0/0     normal          ap-15
  16    AP5030DN         9c37-f491-6aa0    0/0     normal          ap-16
  17    AP5030DN         9c37-f491-6b20    0/0     normal          ap-17
  18    AP5030DN         9c37-f491-6b00    0/0     normal          ap-18
  19    AP5130DN         643e-8c40-60e0    0/0     normal          ap-19
  20    AP5130DN         643e-8c40-61a0    0/0     normal          ap-20
  21    AP5130DN         643e-8c40-6020    0/0     normal          ap-21
  22    AP5130DN         643e-8c40-6400    0/0     normal          ap-22
  Total number: 23,printed: 23

2. Ping test from AC to APs. Packet lost percentage reach to 30%~40%.

3. Ping test from the AC to PCs. Packet lost percentage reach to 30%~40%.

4. Check the TC information for core SW.

  ===============display stp tc-bpdu statistics===============
-------------------------- STP TC/TCN information --------------------------
MSTID Port                        TC(Send/Receive)      TCN(Send/Receive)
0     GigabitEthernet0/0/1        682/51802             0/0
0     GigabitEthernet0/0/18       11/0                  0/0
0     GigabitEthernet0/0/32       6/0                   0/0
0     GigabitEthernet0/0/46       10/0                  0/0
0     XGigabitEthernet0/0/1       98747/366             0/0
0     XGigabitEthernet0/0/2       101125/6              0/0
0     XGigabitEthernet0/0/3       78481/11              0/0
0     XGigabitEthernet0/0/4       80836/28              0/0
0     XGigabitEthernet0/0/5       83175/17              0/0
0     XGigabitEthernet0/0/6       86282/2               0/0
Found the TC(Send/Receive) increase by the command “display stp tc-bpdu statistics”. There must be ports up/down frequently.

5. Configure the bpdu-protection and stp edged-port just as the steps below:

For the core SW and access SW
stp bpdu-protection
Set ports that connected with terminal (e.g: PC, Server & AP) as edged port or stp disable
interface GigabitEthernet X/X/X
stp edged-port enable

6. Check the trapbuffer of core SW. The details just as below:

Nov 17 2015 22:59:15-05:13 CORE %%01SECE/3/ARPS_DROP_PACKET_LENTH(l)[16]:Invalid packet length.(PacketLength=1680, SourceMAC=f827-93e6-6de1, SourceIP=, SourceInterface=XGigabitEthernet0/0/2, DropTime=2015/11/17 22:59:15)
Check the user(, whether it is invalid user.

7. Check the network and found one PC( send a lot of invalid broadcast packets. Configure the broadcast-suppression and cpu-defend just as below:

a. Input the command “broadcast-suppression packets 5” at the ports that connect with PC which send the invalid packets.
broadcast-suppression packets 5
b. Input the command for core SW
cpu-defend policy io-board
car packet-type ttl-expired cir 8
car packet-type tcp cir 16
car packet-type fib-hit cir 16
auto-defend enable
auto-defend attack-packet sample 5
auto-defend threshold 30
undo auto-defend trace-type source-portvlan
undo auto-defend protocol tcp igmp telnet ttl-expired
auto-defend action deny
auto-defend whitelist 1 interface GigabitEthernet x/x/x  ----that connect with AC
cpu-defend-policy io-board global

8. Check the TC information for core SW.

  ===============display stp tc-bpdu statistics===============
-------------------------- STP TC/TCN information --------------------------
MSTID Port                        TC(Send/Receive)      TCN(Send/Receive)
0     GigabitEthernet0/0/1        852/58792             0/0
Found the TC(Send/Receive) increase and the port GE0/0/1 Received a lot of TC.
Check the equipment that connect with GE0/0/1.

9. After troubleshooting, it's found that all the ports of one SW ports UP/Down frequently.  Check the log of the SW found “Equipment is striked by thunderbolt!”

After troubleshooting, it's found this SW was struck by lightning and the ports UP/Down frequently. The SW sent lots of TC packets, which impacted the network performance. After replaced the fault Switch, the problem for wire users had been resolved.
10. Ping test from AC to APs. There is no packets been lost.
Ping test from the AC to PCs. There is no packets been lost.

transparent.gif Root Cause
1. There is one invalid user who send huge broadcast packets.

2. SW was struck by lightning and the ports UP/Down frequently.
transparent.gif Suggestions
During the Troubleshooting, using different way to reduce the scope of possible root cause. That will be helpful for the work.
View more
  • x
  • convention:


You need to log in to comment to the post Login | Register

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."

My Followers

Login and enjoy all the member benefits


Huawei Enterprise Support Community
Huawei Enterprise Support Community
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Please bind your phone number to obtain invitation bonus.