Page 1 of 1

CAPsMAN errors in log

Posted: Mon Jul 20, 2015 11:52 pm
by westex
I have 5 RB951Ui-2HnD. 1 working as main router and CAPsMAN controller and 4 as Access points.
Some time ago I noticed records from log.
Here are some records
Jul/20/2015 12:59:54 caps,error removing stale connection [::ffff:10.10.2.14:51092,Run,[4C:5E:0C:A6:AC:FF]] because of ident conflict with [::ffff:10.10.2.14:39660,Join,[4C:5E:0C:A6:AC:FF]]
Jul/20/2015 13:00:42 script,error 10.10.2.12 down
Jul/20/2015 13:00:50 script,error 10.10.2.12 up
Jul/20/2015 13:00:57 caps,error removing stale connection [::ffff:10.10.2.14:39660,Run,[4C:5E:0C:A6:AC:FF]] because of ident conflict with [::ffff:10.10.2.14:44498,Join,[4C:5E:0C:A6:AC:FF]]
Jul/20/2015 13:01:00 caps,error removing stale connection [::ffff:10.10.2.12:42350,Run,[4C:5E:0C:DC:D7:19]] because of ident conflict with [::ffff:10.10.2.12:43156,Join,[4C:5E:0C:DC:D7:19]]
Jul/20/2015 13:01:41 script,error 10.10.2.12 down
Jul/20/2015 13:01:49 script,error 10.10.2.12 up
Jul/20/2015 13:02:00 caps,error removing stale connection [::ffff:10.10.2.12:43156,Run,[4C:5E:0C:DC:D7:19]] because of ident conflict with [::ffff:10.10.2.12:38466,Join,[4C:5E:0C:DC:D7:19]]
What means caps,error removing stale connection [::ffff:10.10.2.14:51092,Run,[4C:5E:0C:A6:AC:FF]] because of ident conflict with [::ffff:10.10.2.14:39660,Join,[4C:5E:0C:A6:AC:FF]]?

Here are the settings
[aadmin@WestaHotel] > caps-man interface print 
Flags: M - master, D - dynamic, B - bound, X - disabled, I - inactive, R - running 
 #      NAME                                                    RADIO-MAC         MASTER-INTERFACE                                                   
 0 MDBR cAP-master                                              D4:CA:6D:DA:76:3F none                                                               
 1 MDBR cAP-2L-1                                                4C:5E:0C:A6:AD:28 none                                                               
 2 MDBR cAP-2R-1                                                4C:5E:0C:DC:D7:1E none                                                               
 3 MDBR cAP-3L-1                                                4C:5E:0C:D7:1C:97 none                                                               
 4 MDBR cAP-3R-1                                                4C:5E:0C:A6:AD:04 none       
[aadmin@WestaHotel] > caps-man radio print 
Flags: L - local, P - provisioned 
 #    RADIO-MAC         INTERFACE                             REMOTE-CAP-NAME                           REMOTE-CAP-IDENTITY                          
 0  P 4C:5E:0C:D7:1C:97 cAP-3L-1                              [4C:5E:0C:D7:1C:92]                       cAP-3L                                       
 1  P D4:CA:6D:DA:76:3F cAP-main-1                            [D4:CA:6D:DA:76:3A]                       cAP-main                                   
 2  P 4C:5E:0C:A6:AD:28 cAP-2L-1                              [4C:5E:0C:A6:AD:23]                       cAP-2L                                       
 3  P 4C:5E:0C:A6:AD:04 cAP-3R-1                              [4C:5E:0C:A6:AC:FF]                       cAP-3R                                       
 4  P 4C:5E:0C:DC:D7:1E cAP-2R-1                              [4C:5E:0C:DC:D7:19]                       cAP-2R                                       
[aadmin@WestaHotel] > caps-man remote-cap print 
 # ADDRESS                                                                      NAME                         STATE                             RADIOS
 0 10.10.2.13/36877                                                             [4C:5E:0C:D7:1C:92]          Run                                    1
 1 10.10.99.1/50406                                                             [D4:CA:6D:DA:76:3A]          Run                                    1
 2 10.10.2.11/32919                                                             [4C:5E:0C:A6:AD:23]          Run                                    1
 3 10.10.2.14/44498                                                             [4C:5E:0C:A6:AC:FF]          Run                                    1
 4 10.10.2.12/38466                                                             [4C:5E:0C:DC:D7:19]          Run                                    1
Can somebody help me please?

P.S. in log "script,error 10.10.2.12 down and up" this is script for ping to the Acess points

Re: CAPsMAN errors in log

Posted: Thu Aug 13, 2015 3:14 pm
by tomaspi
Hi there
I had error like this just today.
I was setting up rb951ui as CAPsMAN and its internal wlan interface as CAP.

The problem was caused by firewall - i had to pass through udp traffic correctly.

I know, situation is not the same, but maybe you could check that (if you did not find a solution already).

Re: CAPsMAN errors in log

Posted: Wed Apr 12, 2017 11:36 am
by OnixJonix
Same with me! Cant find problem! My caps are dissconnecting and reconnecting!!
Cant find log description!! Mikrotik team what the log mean??? What causes that???

Re: CAPsMAN errors in log

Posted: Tue May 16, 2017 12:33 pm
by drpater
Possible causes:

1. poor network connection between capsman and caps
2. high cpu load of capsman

Re: CAPsMAN errors in log

Posted: Wed Oct 11, 2017 1:49 pm
by Vladkarok
I had this issue with new default firewall in v6.40.3. There is a rule:
6 ;;; defconf: drop all not coming from LAN
chain=input action=drop in-interface-list=!LAN
As CAPsMAN's dynamic interface is new one and it's are not in interface list "LAN" this rule blocks communication between CAPs.

Re: CAPsMAN errors in log

Posted: Wed Oct 11, 2017 3:00 pm
by pukkita
Change its logic:
 chain=input action=drop in-interface-list=WAN

Re: CAPsMAN errors in log

Posted: Thu Dec 14, 2017 1:05 pm
by anuser
So, I experienced the same today.
e.g. "removing stale connection [::ffff:10.2.30.120:54023,Run[64:D1:54:87:E4:6F]] because of ident conflict with [::ffff:10.2.30.120:38611,Join[64:D1:54:87:E4:6F]]

This happened for all of my WAP/HAP devices at the same connected to a CHR/VMware based CAPSMAN based forwarding setup. I have 6.40.5 running.

ThereĀ“s no such rule on the CAPSMAN controller, i.e.:
Change its logic:
 chain=input action=drop in-interface-list=WAN
Connection between CAPSMAN and the access points is perfectly (~1ms).
Did anyone have this issue and resolved it?

Re: CAPsMAN errors in log

Posted: Tue Dec 11, 2018 9:56 pm
by Caci99
I encountered this weird issue today as well.
I was trying to add to the Capsman running on RB2011UiAS-2HnD its own wireless interface. Bridge was created with interfaces from eth2 to eth10 in it.
The reason why you see "removing stale connection..." in logs, is because the Cap disconnects and reconnects so the Capsman sees a duplicated entry, thus removing.
After trying different settings in bridge to no avail, I finally resolved by setting as discovery interface in the Cap one of the running ethernet interfaces in the bridge, not the bridge itself:
/interface wireless cap> print
                            enabled: yes
                         interfaces: wlan1
                        certificate: none
                   lock-to-caps-man: no
               discovery-interfaces: ether3
                 caps-man-addresses: 
                     caps-man-names: 
  caps-man-certificate-common-names: 
                             bridge: none
                     static-virtual: no

Re: CAPsMAN errors in log

Posted: Wed May 01, 2019 12:16 am
by spaxton
For all those who experience this...

First, pay attention to the firewall rules. If You have firewall rules on the bottom of the list where You block everything which is not approved in some rule above then You have to add a firewall rule which will approve UDP 5246,5247 ports input.
If the wireless interfaces are on the same router where CAPsMAN is then add a rule which will allow input with a source address of the router.
This is how I make it work.

Best Regards.