CAPsMAN errors in log

I have 5 RB951Ui-2HnD. 1 working as main router and CAPsMAN controller and 4 as Access points.
Some time ago I noticed records from log.
Here are some records

Jul/20/2015 12:59:54 caps,error removing stale connection [::ffff:10.10.2.14:51092,Run,[4C:5E:0C:A6:AC:FF]] because of ident conflict with [::ffff:10.10.2.14:39660,Join,[4C:5E:0C:A6:AC:FF]]
Jul/20/2015 13:00:42 script,error 10.10.2.12 down
Jul/20/2015 13:00:50 script,error 10.10.2.12 up
Jul/20/2015 13:00:57 caps,error removing stale connection [::ffff:10.10.2.14:39660,Run,[4C:5E:0C:A6:AC:FF]] because of ident conflict with [::ffff:10.10.2.14:44498,Join,[4C:5E:0C:A6:AC:FF]]
Jul/20/2015 13:01:00 caps,error removing stale connection [::ffff:10.10.2.12:42350,Run,[4C:5E:0C:DC:D7:19]] because of ident conflict with [::ffff:10.10.2.12:43156,Join,[4C:5E:0C:DC:D7:19]]
Jul/20/2015 13:01:41 script,error 10.10.2.12 down
Jul/20/2015 13:01:49 script,error 10.10.2.12 up
Jul/20/2015 13:02:00 caps,error removing stale connection [::ffff:10.10.2.12:43156,Run,[4C:5E:0C:DC:D7:19]] because of ident conflict with [::ffff:10.10.2.12:38466,Join,[4C:5E:0C:DC:D7:19]]

What means caps,error removing stale connection [::ffff:10.10.2.14:51092,Run,[4C:5E:0C:A6:AC:FF]] because of ident conflict with [::ffff:10.10.2.14:39660,Join,[4C:5E:0C:A6:AC:FF]]?

Here are the settings

[aadmin@WestaHotel] > caps-man interface print 
Flags: M - master, D - dynamic, B - bound, X - disabled, I - inactive, R - running 
 #      NAME                                                    RADIO-MAC         MASTER-INTERFACE                                                   
 0 MDBR cAP-master                                              D4:CA:6D:DA:76:3F none                                                               
 1 MDBR cAP-2L-1                                                4C:5E:0C:A6:AD:28 none                                                               
 2 MDBR cAP-2R-1                                                4C:5E:0C:DC:D7:1E none                                                               
 3 MDBR cAP-3L-1                                                4C:5E:0C:D7:1C:97 none                                                               
 4 MDBR cAP-3R-1                                                4C:5E:0C:A6:AD:04 none

[aadmin@WestaHotel] > caps-man radio print 
Flags: L - local, P - provisioned 
 #    RADIO-MAC         INTERFACE                             REMOTE-CAP-NAME                           REMOTE-CAP-IDENTITY                          
 0  P 4C:5E:0C:D7:1C:97 cAP-3L-1                              [4C:5E:0C:D7:1C:92]                       cAP-3L                                       
 1  P D4:CA:6D:DA:76:3F cAP-main-1                            [D4:CA:6D:DA:76:3A]                       cAP-main                                   
 2  P 4C:5E:0C:A6:AD:28 cAP-2L-1                              [4C:5E:0C:A6:AD:23]                       cAP-2L                                       
 3  P 4C:5E:0C:A6:AD:04 cAP-3R-1                              [4C:5E:0C:A6:AC:FF]                       cAP-3R                                       
 4  P 4C:5E:0C:DC:D7:1E cAP-2R-1                              [4C:5E:0C:DC:D7:19]                       cAP-2R

[aadmin@WestaHotel] > caps-man remote-cap print 
 # ADDRESS                                                                      NAME                         STATE                             RADIOS
 0 10.10.2.13/36877                                                             [4C:5E:0C:D7:1C:92]          Run                                    1
 1 10.10.99.1/50406                                                             [D4:CA:6D:DA:76:3A]          Run                                    1
 2 10.10.2.11/32919                                                             [4C:5E:0C:A6:AD:23]          Run                                    1
 3 10.10.2.14/44498                                                             [4C:5E:0C:A6:AC:FF]          Run                                    1
 4 10.10.2.12/38466                                                             [4C:5E:0C:DC:D7:19]          Run                                    1

Can somebody help me please?

P.S. in log “script,error 10.10.2.12 down and up” this is script for ping to the Acess points

Hi there
I had error like this just today.
I was setting up rb951ui as CAPsMAN and its internal wlan interface as CAP.

The problem was caused by firewall - i had to pass through udp traffic correctly.

I know, situation is not the same, but maybe you could check that (if you did not find a solution already).

Same with me! Cant find problem! My caps are dissconnecting and reconnecting!!
Cant find log description!! Mikrotik team what the log mean??? What causes that???

Possible causes:

1. poor network connection between capsman and caps
2. high cpu load of capsman

I had this issue with new default firewall in v6.40.3. There is a rule:
6 ;;; defconf: drop all not coming from LAN
chain=input action=drop in-interface-list=!LAN
As CAPsMAN’s dynamic interface is new one and it’s are not in interface list “LAN” this rule blocks communication between CAPs.

Change its logic:

 chain=input action=drop in-interface-list=WAN

So, I experienced the same today.
e.g. "removing stale connection [::ffff:10.2.30.120:54023,Run[64:D1:54:87:E4:6F]] because of ident conflict with [::ffff:10.2.30.120:38611,Join[64:D1:54:87:E4:6F]]

This happened for all of my WAP/HAP devices at the same connected to a CHR/VMware based CAPSMAN based forwarding setup. I have 6.40.5 running.

There´s no such rule on the CAPSMAN controller, i.e.:

Connection between CAPSMAN and the access points is perfectly (~1ms).
Did anyone have this issue and resolved it?

I encountered this weird issue today as well.
I was trying to add to the Capsman running on RB2011UiAS-2HnD its own wireless interface. Bridge was created with interfaces from eth2 to eth10 in it.
The reason why you see “removing stale connection…” in logs, is because the Cap disconnects and reconnects so the Capsman sees a duplicated entry, thus removing.
After trying different settings in bridge to no avail, I finally resolved by setting as discovery interface in the Cap one of the running ethernet interfaces in the bridge, not the bridge itself:

/interface wireless cap> print
                            enabled: yes
                         interfaces: wlan1
                        certificate: none
                   lock-to-caps-man: no
               discovery-interfaces: ether3
                 caps-man-addresses: 
                     caps-man-names: 
  caps-man-certificate-common-names: 
                             bridge: none
                     static-virtual: no

For all those who experience this…

First, pay attention to the firewall rules. If You have firewall rules on the bottom of the list where You block everything which is not approved in some rule above then You have to add a firewall rule which will approve UDP 5246,5247 ports input.
If the wireless interfaces are on the same router where CAPsMAN is then add a rule which will allow input with a source address of the router.
This is how I make it work.

Best Regards.

I had the same error today 6.49.6
CAPSMAN running on same device as interfaces
resolved by setting the caps-man-addresses=192.168.199.1 (ip of system)

Good day All,

I found that the discovery interface was configured incorrectly, so what i done is I changed it to my desired “WAN” interface and the error was resolved.

I thought that might help.

Regards
Ethan Davids

Hello everybody. I caught such a problem in the logs on the central router at my work place. But this problem did not apply to all access points, but only to the last one that I connected (the next one always came in its place and problems began). Having come to the conclusion that this is a topology problem, I remembered the STP item in the bridge settings. I set the “none” parameter on all access points and the problem was solved.
But it’s worth mentioning that I use Mikrotik routers as managed switches and access points at the same time, so you may have a different reason for the loss of connection.