Problem with NAT on new software 8.1.4

After we make upgrade of all AP’s and SM’s we find out that on SM’s where we used NAT we have unstable Internet connection.

For now only solution is to make downgrade to 7.3.6 or to use router behind SM for NAT.

Does anybody has any kind of similar experience?


Regards,

Jasa Jovicevic
Infomont
Montenegro

Are they clients connecting the SM to a broadband router? be careful of double NAT…

mmm… haven’t tested 8.1 yet, but if 7.3.6 works fine with the same setup, then sounds like 8.1 has issues

Basically, any clients with a Linksys or Netgear router can never get on once the SM (running NAT + DHCP Server) is upgraded to 8.1.4. If they plug the ethernet connection into a laptop or desktop computer, it works fine. To make matters more interesting, in at least some of these cases, the SM seems to reboot itself, but only while the router is connected (and not while a computer is connected or nothing is connected).

Before it reboots, i notice each time that the size of the NAT translation table keeps growing. I assume it hits 2048 entries and that’s why the radio reboots. So far I call Motorola tech support, which responded with the usual (For the 2 times I’ve ever called them) response that amounts to “Why are you wasting my time?”

Then the support guy told me about the autonegotiation change, and I explained to him that the Canopy SM was successfully negotiating a full-duplex link with the customer and vice versa. He didn’t know what else to say but he kept telling me that they might fix the software if it’s actually broken. Great…

Orig IP Port Final IP Port Prot ALG Status HFin RFin Timeout
192.168.005.002 4352 172.022.000.157 10000 TCP - 1 - - 86

192.168.005.002 2264 172.022.000.157 12055 TCP - 1 - - 43
used 2048 free 0

WTF? Why in the world would these Linksys and Netgear routers just start spewing crap that fills the NAT translation table all the time?

The general symptom is that the user can’t ping the 192.168.5.1 (address on the radio) from behind their NAT box (usually a wireless router for the house to get online with) and when they move the connection from the WAN port on their NAT box to their computer’s ethernet, it works fine. None of this would make me suspect the Canopy radio itself, typically. But in this case, everybody started to complain at the same time and the only common thing is that they were all upgraded to 8.1.4.

Ok the NAT table filling up was just a sideshow. The customer I was talking to had an open wireless router and other people were trying to run morpheus and about 10 other things and all their outgoing traffic was filling up the NAT table big time. I walked them through adding a WPA-PSK password…

But what was interesting to me was that the file sharing program kept
changing port numbers…It was doing this because none of the return packets was ever reaching the computer and it was trying different ports as some ISPs tend to filter common file sharing ports.

I was watching the reply traffic go to the SM, but clearly the client computers don’t receive it when a third party NAT router is in the way and our SM has 8.1.4 installed. I was watching the customer try to ping and try to get dns replies, and when the replies were clearly sent to the SM, they never reached the computer. Remote the third party NAT device and everything works fine (although you might have to reboot the radio and/or renew DHCP on the cient PC for this to happen)

At this point I’m going to downgrade to 7.3.6 since this is just bullshit. CNUT 2.2 is a big pile of shit as well, at least when run behind NAT, about 60% of it doesn’t work. (You would think most providers might have their management PCs behind NAT?!)

Luckily I have a .pkg (tar) version of 7.3.6, as pkg2 would require CNUT…

AHHHHH! NAT in Canopy has never work well, in any version. That’s why I use a router.

Well, Moto NAT has always worked fine in older releases for basic web and mail access. This is the first time that I’ve ever had this much trouble.

Oh yeah, by the way, if you have this problem with 8.1.4 and NAT, CALL TECH SUPPORT!! The way they put it to me, they really aren’t interested in what people report on the forum. They are only interested in what people call them to report. And if they give you bullshit like “You’re the only person who has this problem” then tell them that you know other people on the forum, WHO HAVE CALLED TECH SUPPORT, also have this problem.

Well, I’m seeing it too.
I only have one 8.1.4 SM in the field right now, but I use NAT on most of my SMs, and the one 8.1.4 I’ve deployed seems to be having the same trouble.

Client says that it periodically just stops. I’ve got an event log page that may shed some light on the situation, and I’ll call Moto about it forst thing Monday morning.

I was planning a big firmware upgrade party Sunday night, but I’ve called a halt to that.

Here’s a clip of the event log for those that might be interested…

08:00:01 UT : 11/25/06 : File src/fecwhisp.c : Line 94 FatalError()
08:00:01 UT : 11/25/06 : File src/stack_dump.c : Line 142
Stack Dump information:
Current context Interrupt active, Task: STAT
Current Stack: 11%
Max Stack: 61%
Interrupt Stack Dump:
0x006a6820: 0x006a68b0 0x000ae840 0x53544154 0x00146ed0
0x006a6830: 0x00000000 0x006a6900 0x00000000 0x006a6470
0x006a6840: 0x00000200 0x0003fffe 0x006a6c70 0x006a6d30
0x006a6850: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6860: 0x00003c04 0x07108000 0x00016e6c 0x507e6523
0x006a6870: 0x000095da 0x0000dfd6 0x00000000 0x006a6c70
0x006a6880: 0x000000dc 0x000004dc 0x53544154 0x00000000
0x006a6890: 0x00000000 0x00148cbc 0x0073043c 0x00000030
0x006a68a0: 0x0073049c 0x00380000 0x0000000c 0x00ce1800
0x006a68b0: 0x006a68b8 0x00047fc0 0x006a68c0 0x000aa0fc
0x006a68c0: 0x006a68d0 0x000aa294 0x0700000a 0x02b00000
0x006a68d0: 0x006a6900 0x00148b54 0x006a68e0 0x00000000
0x006a68e0: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a68f0: 0x00000bff 0x006a69c0 0x006ec4ac 0x000006a0
0x006a6900:
Task Stack Dump:
0x006a6900: 0x006a69a0 0x001481a4 0x00145a98 0x00145aa8
0x006a6910: 0x00009002 0x00000000 0x00000000 0x20000000
0x006a6920: 0x00145a98 0x0015a768 0x00000001 0x00001002
0x006a6930: 0x001b75cb 0x00000007 0x006a6cd0 0x00000000
0x006a6940: 0x006ea678 0x006eaa2c 0x00000000 0x00000000
0x006a6950: 0x001be984 0x00000000 0x00000000 0x00000000
0x006a6960: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6970: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6980: 0x00000000 0x00000000 0x00000000 0x00000bff
0x006a6990: 0x006a69c0 0x006ec4ac 0x000006a0 0x00001000
0x006a69a0: 0x006a69b8 0x00145a98 0x00000000 0x00000000
0x006a69b0: 0x0000002e 0x00000018 0x006a69d0 0x0014284c
0x006a69c0: 0x00000000 0x00000000 0x006a69d0 0xffffffc0
0x006a69d0: 0x006a69e8 0x00142804 0x00000000 0x00000000
0x006a69e0: 0x00000000 0x00000000 0x00000000 0x00142728
0x006a69f0: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6a00: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6a10: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6a20: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6a30: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6a40: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6a50: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6a60: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6a70: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6a80: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6a90: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6aa0: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6ab0: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6ac0: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6ad0: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6ae0: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6af0: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6b00: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6b10: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6b20: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6b30: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6b40: 0x00000000 0x00000000 0x00000000 0x00000000
0x006a6b50: 0x00000000 0x00000000
Link Register: 0x000ae7a8

08:00:01 UT : 11/25/06 : File src/syslog.c : Line 997 System Reset Exception – External Hard Reset Watchdog Reset

I have found the same problems.

I went back to 7.3.6

Lets all make sure we call in to Moto so that they get the message that it’s not working!!!

cvs, email your crash log to technical-support@canopywireless.com

Also, I have customers who has trouble with computers connected directly to a switch which plugs into the SM. I was at the customer’s place and plugged in a laptop to a spot on their switch which worked for my laptop but didn’t work on their computer. I downgraded the SM to 7.3.6 and their computer works again… Their other computer always works fine with 8.1.4 on the SM. I was stupid and didn’t take anything with me that I could capture the traffic with, but I’m just moving the rest of the NAT/DHCP customers to 7.3.6.

Done. I’ll still follow up with a call on Monday.

Thanks!