CAM Tablet problems while roaming?

by Toperharrier / January 19, 2013 6:49 AM PST

Hi there, Ive been running through a problem in the last few weeks since I added a 2nd wireless AP to my home network to provide better Wifi coverage along the house.

Lets say first, Im from Europe and I have a Cable ISP.

First router (cable-modem-router) get Internet from a Coaxial cable coming from the wall (2nd one has not any coaxial imput as its a neutral router so I cant revert them), second one is connected to the first one on a LAN-to-LAN basis.

Set-up is as follows:

Subnet Mask:
DHCP Server:

Subnet Mask:
DHCP/QoS/Firewall/NAT/UPnP all disabled

Theres no MAC restriction in any of them, both are set-up as allow-all. Theres a PC connected to LAN1 from (A), rest of devices are all Wireless.

Their wifi channels are set different, just like the SSIDs.

Setup seems pretty simple, I get Internet access from both PC and wireless devices connected either to A or B. I can access to both routers from any side. So that should mean setup is OK(?).

Problem is as follows, Imagine a wireless device I connect to A (WLAN_R), then B (WLAN_S), then A again. It has dynamic IP addressing.

(A) IP Assigned in 1s ---> (B) IP Assigned in 1s ---> (A) 5mins to assign IP... ---> (B) 1s again...
(B) IP Assigned in 1s ---> (A) 5mins... ---> (A) 1s...

So I firstly though it could be a DHCP problem/conflict (how in earth? B DHCP server is disabled and not static filters), but no.

I made the devices to connect with static IP. Problem is, I connect fine and get network//Internet access, but when it comes to the same spot (connecting to A after being in B) It "gets assigned" an IP in 1s but I cant access network or Internet for the rest of the time (up to the same 5mins..). Cant access the routers either from the wireless device.

That clearly means its not a DHCP issue, moreover when in the "fail time" the device cant "connect" to A, I can connect any other wireless device to A perfectly (if it hasnt been in B before, of course...)

When I have the Tablet connected to B, I can clearly see it under the LAN route table in A hostpage, stating it as an Ethernet connection. When I connect the Tablet to A, I can see it as Wireless (N) under the same tab (in the "fail time" theres no device ofc).

My guess is the CAM table that routes the MAC address to the physical port where it is located that MAC its getting not refreshed properly and so the route of the Tablet keeps addressing it to the ethernet port rather than its new address (A wireless). Any thoughts?

Ive been trying to spoof the problem but Im running into some problem, first one, both are switchs, second one, I dont own a hub and Ive noticed how hard to find one in my local area that its not really a switch after all (and they are **** expensive). I guess the 2nd router just refreshes its CAM table routes fine so thats the reason I have no problem going A-> B.

To note, I can see the DHCP Request (cos of being broadcast) and ACK (in the actual PC spot with Wireshark even when its directed to the tablet and not the PC nor BC/MC [prominiscuous mode working?]) in the first connect to A.
Can see DHCP requests when connecting to B (no Offer/Request/ACK but it connects fine).
In the A connecting problem spot, I can only see continous Requests/Discoveries and ARPs looking for the router coming from Tablet IP but no response (I guess its addressing the responses to the old eth route, so thats why It doesnt go on with the handshake), no offers/ACK, only after the 5mins when the Tablet ends up connecting, then I can see FULL DHCP process (Discover/Offer/Request/ACK)! even when Offer and ACK are sent from router to Tablet IP... promiscuous mode working? switch falling and becoming a simple hub?

The A router has port forwarding, and Ive tried making the BOOTP-server services to redirect to my PC IP (the one attached to A thru LAN port), but it seems I cant see **** anyway in the first 2 spots I commented earlier (wanna spoof from A to B to see if A response to B when Tablet is attached in A Wlan and not eth port directing to B), thus Im not sure if this is the same as "port mirroring" but attached to a service in the router rather than a port. Theres any spot for my PC I could sniff all this traffic? I thought about getting a 2nd network card for it so I could just make it in the middle of A-B and link both nets from Windows, would this work? I guess I couldnt see any other LAN connected devices to A/B but I should see the routers traffic between any wireless station from A/B (?), thus making all ARP/DHCP process visible (?).

I may try with MiTM, any advice? As far as Im concerned I should be able to "intercept" the traffic going to the related Tablet MAC address, so it wouldnt be a problem the route being false for the Tablet MAC in the CAM table, because it would send it to my PC MAC wich has a correct physical route in such table due to not roaming.

Hope I didnt scare you all with such walltext, and I guess theres a lot of stuff related to the sniffing that may be incorrectly analyzed (nuff sniffer here), just wanted to make sure you get the point of the problem as It gave me some headaches to explain to some friends cable-guy (who couldnt help at all).

Any thought, advice or correction about something I may be doing incorrectly are highly appreciated. Im friendly with new bibliography so feel free to.

by R. Proffitt Forum moderator / January 19, 2013 6:58 AM PST

Sorry I haven't used that in over a decade. But let's summarize.

1. I can't find how the router and AP is connected. An AP would rarely have DHCP so my thought is this is another router. If so, the eithernet from the Router to the Router as an AP would be from one LAN port to another LAN port.

2. Port forwarding? Rarely done. However if you read the recent addition to the CNET Networking Forum Sticky (link to follow) you see many routers block WiFi to LAN communication. This is why I turn that off (or on depending on your point of view.)

Hope this summary helps.

Collapse -
cam table
by Toperharrier / January 19, 2013 7:18 AM PST
In reply to: BOOTP?

1. Its a router in fact, the reason I said I added an AP is because the second router just work like that (an AP or WAP in this case). They are connected with an ethernet cable in a LAN-to-LAN setup to make possible for devices in both "APs" to be LAN accessible from other side (so I can stream from PC to the TV connected to B for example).

2. I cant find any related option in the A router to disable such feature, so I may think of it not being present in this model. Particularly because as Ive said I can see the full DHCP procedure between a device connecting to A wirelessly and A itself with the sniffer located in my PC, but cant track this one procedure fully when Im connecting to B (as it goes to another LAN port), or when the problematic happens (because I guess due to the CAM failure its the same as connecting to B, as the Tablet physical port address is not refreshed in such table to change from Eth2 to Wlan).

A-model is a Hitron CDE-30364
B-model is a Conceptronic C54BRS

Collapse -
OK, so it's a bog standard router and wap.
by R. Proffitt Forum moderator / January 19, 2013 7:26 AM PST
In reply to: cam table

Keep in mind there are many Android tablets out there and "CAM" to me means Computer Aided Manufacturing and not a make+model.

So let's go over another recent issue. Netgear's latest firmware has WiFi issues. Fixes include setting the WiFi to 802.11g only, installing the prior version of firmware and cutting the maximum speed to 150Mbps.

Sorry but if any of this is a misfire but I'm not sure of all the moving parts here. I know our office does not offer support for the P.O.C. Android tablets you can get out there. One client was very upset about this, went away but after a few months came back. We didn't say a word.

Collapse -
cam table
by Toperharrier / January 19, 2013 8:04 AM PST

I think Im nt expressing myself correctly.

CAM = Content Addressable Memory. So the CAM table is the table the switch uses to relate a physical address (MAC) to the related physical port (eth0, eth1, eth2, wlan in case of..) and so making the communication faster/safer (otherwise it would be a hub). So the router gets a packet with Target-IP, it looks for its MAC in ARP table (if it doesnt find it makes an ARP broadcast asking for such MAC address related to the Target-IP, who answers with his own MAC in an unicast back to router), then it relates this MAC to the CAM table to know wich port such MAC its attached to.

If the CAM table relate a MAC to the wrong port of the switch because of some missmatch (not refreshing when roaming, so not changing from eth1 [port where B router is connected and so, the Tablet while connected to B wirelessly comunicate with A thru eth1] to Awlan), it will send the packets with destination to this MAC to the wrong physical port in the switch, being lost in the arrive to B router (where tablet is not already).

Thats the reason I think A is not letting me connect to it after being in B (but connects fine when not being in B before).

The A-CAM table doesnt refresh its port address from B (eth1) to A (wlan), and so the packet response such as ARP/DHCP are sent into the wrong wire, making the Tablet stay out of network untill the CAM table refreshes (its normal recycle time I read to be 300s, wich makes sense to the time Im waiting for network access after roaming back to A).

Wireless roaming in LAN-to-LAN dual/triple router setup is very usual, I guess CAM tables MUST be dynamic, otherwise they wouldnt accept the change in the port addresses, and would keep sending packets to the old wire making the complete roaming impossible.

So, this is a problem not allowing me to roam, and Im trying to know how much I can do to solve if possible, and why its happenning (normal procedure in my own router, wich would be sick, or any kind of conflict making it not refresh properly while it should be doing).

As you can see, I doubt theres any firmware bug related to Wifi being involved, because I can connect to A perfectly If I dont roam from B before doing it. Anyways, I tried making them both only G before (tried disabling all security access also) I discarded the same SSID setup to track down the failure.

Collapse -
ROAM in today's WiFi gear?
by R. Proffitt Forum moderator / January 19, 2013 8:42 AM PST
In reply to: cam table

Sorry you lost me here. At the office I see a disconnect and connect but for now I do not find any standard for seamless roaming. I see I can't help you with that.

Until the makers implement a roaming standard I fear your searches are going to be a lot of headache.

