johnodon Posted April 26, 2011 Share Posted April 26, 2011 I posted this on the pfSense forum but figured I would do the same here since there are MANY knowledgeable individuals. _______________________________ Hello All. I have what I hope is a simple question. In my little brain it seems simple but I am seeing some activity that confuses me... I will preface all of this by saying that all wireless devices *seem* to be operating normally (receiving IPs, internet connectivity, intranet connectivity, etc.) I replaced my wired/wireless router (http://www.trendnet.com/products/proddetail.asp?prod=205_TEW-639GR&cat=166) with a pfSense box about a month and it has been working flawlessly. My pfSense has only 2 NICs...LAN and WAN...as I do nto need a DMZ and teh LAN port is connected to a 16 port unmanaged Gbit switch (http://www.newegg.com/Product/Product.aspx?Item=N82E16817111213). I wanted to use my existing router as a wireless access point so I turned off DHCP, Port Forwarding, etc on it. I then connected it to the same switch via a CAT6 patch cable (not crossed) via one of the LAN ports on that router. One point to note: thsi wired/wireless router does not have an uplink port...only a WAN and 4 LANs. Just to provide a visual, I created the image below to show the current setup: My issue: When the wireless router is connected to the switch, it causes constant network traffic. All of the ports on the 16 port switch constantly blink (for any live devices). If I disconnect the wireless router, the traffic stops. Is this normal? I assume not since I have never seen it before. I really didn't think it was causing an issue on my network until I DL'd something from the newsgroups. I can normally max out my connection at ~1.72MB/s and it is rock steady. With the wireless router connected to the switch, my bandwidth monitor (Newsleecher for anyone who cares) has alot of peaks and valleys...1.3MB/s up to 1.7MB/s...up and down constantly. So...if this is not normal behavior this begs the question: should I be using a crossover cable between the switch and the wireless access point? That is the only solution I have come up with thus far but don't have a crossover readily available. I can make one easily enough, but figured I would ask first. TIA for any help provided!!! John Quote Link to comment
toby9999 Posted April 26, 2011 Share Posted April 26, 2011 I've seen this extra behaviour on one of my corporate customers' LANs. It was caused by a faulty cable. I would systematically check/swap each cable in the solution. Reduce everything down to the minimal and try to get a working solution, then step by step add bits (cables etc) back in until the problem resurfaces. It might be that simple, or it might be something else entirely. Quote Link to comment
Chris Pollard Posted April 26, 2011 Share Posted April 26, 2011 A crossover shouldn't be necessary. Wireshark should be able to capture the traffic and some googling will probably tell you what it is. Quote Link to comment
johnodon Posted April 26, 2011 Author Share Posted April 26, 2011 I'll get Wireshark going when I get home. Just had a thought... All of the discussion about Dells and auto-discovery. Could that be a factor? My wife's laptop is a Dell. Do they talk THAT MUCH? I mean my switch and wireless AP are going bonkers. John Quote Link to comment
Chris Pollard Posted April 26, 2011 Share Posted April 26, 2011 If the traffic is being sent to all ports..... then I imagine it is some kind of broadcast, which would fit with auto discovery of some sort. Careful about posting wireshark output on-line.... its very easy to post something you don't want to if you don't filter it carefully. Quote Link to comment
dgaschk Posted April 27, 2011 Share Posted April 27, 2011 I'll get Wireshark going when I get home. Just had a thought... All of the discussion about Dells and auto-discovery. Could that be a factor? My wife's laptop is a Dell. Do they talk THAT MUCH? I mean my switch and wireless AP are going bonkers. John Turn the Dell off and see if it goes away. Quote Link to comment
johnodon Posted April 29, 2011 Author Share Posted April 29, 2011 Posted this on pfSense forums.... _____________________________________ Actually, mystery solved. I ended up looking at my DHCP leases and found one that I did not recognize: 192.168.1.101. I got the corresponding MAC with a ARP - a command and blocked that MAC on my wireless router. Out of curiosity, I looked up that MAC to see who the vendor is: Search results for "00:1E:8F:5A:0A:EE" Prefix Vendor 001E8F CANON INC. LMAO! I just blocked the wireless card in my color printer (Canon MP640). Man was that thing friggin chatty!!! I think I may just leave it blocked (or turn off wireless on it) as I have it connected via USB. Anyway, thanks for the help guys! John Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.