HPE Community
M and MSM Series
1751765 Members
4589 Online
108781 Solutions
New Discussion

Lossing access to network - dns og IP nat issue

 
snakkes
Occasional Contributor

‎11-29-2012 02:10 AM - edited ‎11-30-2012 12:29 AM

‎11-29-2012 02:10 AM - edited ‎11-30-2012 12:29 AM

Lossing access to network - dns og IP nat issue

Update:

 

Found this error. still cannot find anything regarding this in the documentation.

 

Nov 30 08:25:00 debug dnrd         Reach the maximum simultaneous Masquerading connections discarding DNS (id='29383',client-ip-address='10.x.x.x(200)

 

Now and then we are having issues with one of our VSC's. We have on msm760 and approx. fifty MSM460's. The VSC in queston is 802.1x with radius and the dhcp/dns settings is within the VSC. The problem seems to start when the number of wireless clients reaches above 200. I suspect it to be either an IP problem or a DNS issue, but cannot be sure as the logs only gives me the error below. I noticed an infomessage on the controller mentioned an ip or dns maskerade limit on the vsc, but the  760 manual does not tell me anything regarding this. Error received is listed below. 

 

 

Nov 29 10:34:56 err    iprulesmgr   Cannot provide network access to user (nas-port='59',name='host/xxx-xxx-41.domain.local',calling-station-id='0C-60-76-47-D6-4D',framed-ip-address='10.0.123.123') due to internal error.

Any help would be greatly appreciated.

 

 

\\Snakkes

Snakkes
1 person had this problem.
0 Kudos
3 REPLIES 3
amed
New Member

‎12-15-2014 02:35 PM

‎12-15-2014 02:35 PM

Re: Lossing access to network - dns og IP nat issue

Hello again,

Could you please do this action plan. And let me know if they resolve the issue.

 

SYMPTOM:Too many DNS request discarding messages in the unfiltered log.

Cause

CAUSE:Receiving DNS request discarding messages in the unfiltered log like following.

 

Jan 23 10:13:51.418          debug   dnrd: Reach the maximum simultaneous Masquerading connections discarding DNS (id='29392',client-ip-address='10.10.4.131'). (200)

Jan 23 10:13:51.418          debug   dnrd: Reach the maximum simultaneous Masquerading connections discarding DNS (id='41118',client-ip-address='10.10.4.131'). (200)

Jan 23 10:13:51.414          debug   dnrd: Reach the maximum simultaneous Masquerading connections discarding DNS (id='34047',client-ip-address='10.10.4.131'). (200)

Jan 23 10:13:51.414          debug   dnrd: Reach the maximum simultaneous Masquerading connections discarding DNS (id='11876',client-ip-address='10.10.4.118'). (200)

Answer/Solution / and action plan :

FIX: Following are the steps to overcome this.

  1. Take a backup of the current configuration of the controller.
  2. Open it with a notepad.
  3. Search for “max-user-connections”
  4. By default it is “max-user-connections  = 200”. Please increase it to 1000 and save.
  5. Restore the ‘saved’ config file to controller.

NB:

Please note, that you will need to have a downtime to do this as this process requires the controller reboot.

 

Best regards,

 

Wandering_Wifi
Occasional Visitor

‎02-12-2015 09:28 AM - edited ‎02-13-2015 08:17 AM

‎02-12-2015 09:28 AM - edited ‎02-13-2015 08:17 AM

Re: Lossing access to network - dns og IP nat issue

I have a controller with the same issue. I just changed the values and confirmed it's reflecting in the config but the syslog is still spamming this same error. Is there anything else I can try?

 

**EDIT: I was able to get the error to stop spamming after configuring the DNS server to the local ISPs addresses. Previously the unit had been on Google/Level 3 DNS.

ijic
Visitor

‎02-18-2016 06:40 AM

‎02-18-2016 06:40 AM

Re: Lossing access to network - dns og IP nat issue

Hi, 

 

i have same issue but for now i can not change configuration file.

for information wich firmware version do you use ?

 

Thank

 

 

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.