Netgear WPN824v2 (MIMO) router...
- From: "Robert G. Brown" <rgb phy duke edu>
- To: networkmanager-list <networkmanager-list gnome org>
- Subject: Netgear WPN824v2 (MIMO) router...
- Date: Mon, 3 Jul 2006 16:26:45 -0400 (EDT)
Here's an odd question that may or may not have anything to do with NM.
My old 802.11b linksys WAP was quietly dying -- no longer able to
maintain more than 20% signal strength, usually less -- and besides,
both my laptops have ipw2200 g's. So I went out and got a spanking new
Netgear WPN824v2 MIMO router -- the one with seven antennae and blinking
blue lights that you can't turn off. Plugged it in, hacked around on it
for half an hour or so to turn off its dhcp server etc (I run my own so
I can network install from my home server) and voila! my wireless
network was reestablished, but now both laptops were running g and
getting (one presumes) higher bandwidth, although a lot of the stuff I
access from home is bottlenecked at DSL speeds anyway.
I run a set of system monitor panels at the top of my screen that
includes the network. I noticed that my network load (which was zero a
lot of the time before as I work on local files etc) starts off at zero
but then creeps up over time to end up in a range anywhere from 4% to
100%, sustained, when I'm not typing and nothing at all is happening on
the system. This is enough that the system load average sometimes bumps
up to a few percent when nothing is happening, and the system fan kicks
on as heat is generated from the load.
I used tcpdump/top to try to figure out just what was happening. top is
unremarkable -- hald accumulates a bit of time, NM accumulates a minute
or so a day, X of course accumlates time, but nothing looks like it is
running away or unreasonable.
tcpdump is interesting, though. I see a steady stream of packets like
the one below -- typically 3-5 almost-full-MTU frames/sec. Note that
they are "from" the router and "to" the wireless interface on my laptop.
Note also that they are completely empty past the ethernet header itself
(or if there ever was data, it was stripped off upstream by the wireless
interface).
rgb lilith|B:1096#tcpdump -l -i eth1 -XX -c 3 -s 1518
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 1518 bytes
14:27:42.744030 00:14:6c:9d:be:d0 (oui Unknown) > 00:12:f0:74:06:c6 (oui Unknown) Null Information, send seq 0, rcv seq 0, Flags [Command], length 1476
0x0000: 0012 f074 06c6 0014 6c9d bed0 05c4 0000 ...t....l.......
0x0010: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0020: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0030: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0040: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0050: 0000 0000 0000 0000 0000 0000 0000 0000 ................
... (for all 1476 bytes payload plus ethernet header).
The packets are being sprayed out only on wireless, not on the
wired/switched connections from the same router. As you can see, they
are empty -- not IP at all, not any protocol that I can see. They are
pure, (almost) max MTU, empty, ethernet packets -- dest address, source
address, length (0x05c4 = 1476) and then just nothing.
No outgoing packets reply to this stream, BTW. This stream seems slow
to explain the network load, but every few minutes it STOPS COLD -- and
the network load drops right back to zero, where it belongs. So there
is a very strong correlation between getting what looks like a few
packets per second on the interface, directly from the router, and
network loads of 100% when there is "no" actual traffic on the interface
except for this packet stream.
I'm wondering if this is an artifact of netgear's implementation of MIMO
-- perhaps what is making it through to the OS from a "sounding frame".
In order to tune the multiple antennae dynamically, tuning frames are
(supposedly) periodically sent with some complex encoded information.
It MAY be that these frames are supposed to be isolated by the wireless
client device and not passed back to the recipient network interface --
if you have a MIMO compliant device receiving, which is of course pretty
much impossible at this point. Perhaps the radio pulls off the tuning
information correctly but is still forwarding the packet headers and an
empty frame to the bus, I don't know. Does anybody on this list know
what's going on ? Is this perhaps an artifact instead of a NM feature,
perhaps in response to these odd no-protocol packets? Is there any way
to shut them off or regulate them to drop the network "load" back down
to sane idle levels?
If nobody has a clue I'll bug Netgear and (if anyone likes) report back
to the list. Other than this the WAP is nice -- I get a solid four bars
almost without exception anywhere I move my system in the house now and
well out into the yard where I was all but losing my b signal before.
rgb
Justin Wickett
Duke 2010
Quoting "Robert G. Brown" <rgb phy duke edu>:
On Sun, 2 Jul 2006, justin wickett duke edu wrote:
The products my company (www.skypilot.com) sells calculates the best
routes for
the packets to take when they first come online and every so often
afterwards
based on RSSI levels, modulation rates, number of hops, etc... I did a bit
of
research for you and discovered that the Netgear WPN824 "RangeMax
constantly
surveys your home environment for physical barriers and interference and
adjusts the wireless signal to compensate for these performance blockers"
(http://www.netgear.com/products/details/WPN824.php#power). So maybe the
packets you are receiving are a direct result from this "constant"
surveying?
Yeah, that's exactly what I'm worried about except that there seems to
be a runaway feature to this. I might tolerate a survey packet a
second, or one every two seconds, but I'm seeing multiple packets per
second, and they are BIG packets -- basically a whole MTU. The router
has basically no way to control this.
I guess I'll have to try contacting netgear and bugging them about this.
I do have a choice -- the linksys MIMO wasn't much more expensive -- but
the netgear looked like it was better at maintaining connections. It
is, I think, but at too high a cost...
rgb
Good luck and let me know how this turns out.
Justin Wickett
Duke 2010
Quoting "Robert G. Brown" <rgb phy duke edu>:
Dear All,
I just got a Netgear WPN824 MIMO WAP/router to replace my old linksys,
which was dropping my connection a lot and only 802.11b capable.
The new WAP works well enough EXCEPT for one thing. When NetworkManager
first brings up the interface all is well. 72% signal strength at the
furthest point in my house, 54 Mbps, lovely.
HOWEVER, as I remain connected, the network traffic on my box creeps up
even when the network is idle -- no tcp connections, no udp connections,
but the network 9%, 20%, 24% in use. top reveals no process that is
particularly busy, although e.g. hald and a few others do gradually
accumulate time.
tcpdump shows:
rgb lilith|B:1010#tcpdump -i eth1
tcpdump: verbose output suppressed, use -v or -vv for full protocol
decode
listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
17:43:59.210555 00:14:6c:9d:be:d0 (oui Unknown) > 00:12:f0:74:06:c6 (oui
Unknown) Null Information, send seq 0, rcv seq 0, Flags [Command],
length 1476
17:43:59.510548 00:14:6c:9d:be:d0 (oui Unknown) > 00:12:f0:74:06:c6 (oui
Unknown) Null Information, send seq 0, rcv seq 0, Flags [Command],
length 1476
17:43:59.810512 00:14:6c:9d:be:d0 (oui Unknown) > 00:12:f0:74:06:c6 (oui
Unknown) Null Information, send seq 0, rcv seq 0, Flags [Command],
length 1476
17:44:00.111016 00:14:6c:9d:be:d0 (oui Unknown) > 00:12:f0:74:06:c6 (oui
Unknown) Null Information, send seq 0, rcv seq 0, Flags [Command],
length 1476
!!! Packets coming in at the rate of 1-4 per second. The source IP
address turns out to be the router. The destination interface is my
laptop.
So why in the world is the WAP whapping on my lap? So to speak...;-)
Does it achieve its signal-matching power by basically polling the
connection and adjusting all those internal antennae to work around the
house obstacles or something? I like the overall quality of the
connection, but this appears to be using something like 2% of the CPU
which seems middling excessive.
Hmmm, I just tested this with my second household laptop, also 11g. It
also is getting this exact same packet stream, holding it at an IDLE
load average of 0.4, receiving something like 5000 packets per second.
Is this a router designed as a subtle denial of service attack? Or do I
have something foolishly misconfigured in some way...
Help appreciated.
rgb
--
Robert G. Brown http://www.phy.duke.edu/~rgb/
Duke University Dept. of Physics, Box 90305
Durham, N.C. 27708-0305
Phone: 1-919-660-2567 Fax: 919-660-2525 email:rgb phy duke edu
_______________________________________________
Dulug mailing list
Dulug dulug duke edu
https://lists.dulug.duke.edu/mailman/listinfo/dulug
--
Robert G. Brown http://www.phy.duke.edu/~rgb/
Duke University Dept. of Physics, Box 90305
Durham, N.C. 27708-0305
Phone: 1-919-660-2567 Fax: 919-660-2525 email:rgb phy duke edu
--
Robert G. Brown http://www.phy.duke.edu/~rgb/
Duke University Dept. of Physics, Box 90305
Durham, N.C. 27708-0305
Phone: 1-919-660-2567 Fax: 919-660-2525 email:rgb phy duke edu
--
Robert G. Brown http://www.phy.duke.edu/~rgb/
Duke University Dept. of Physics, Box 90305
Durham, N.C. 27708-0305
Phone: 1-919-660-2567 Fax: 919-660-2525 email:rgb phy duke edu
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
