ARP Roaming Issue Troubleshooting

Overview

When wireless clients roam between access points, they may experience a temporary loss of connectivity to other devices on the LAN (typically lasting 2-5 minutes), while internet access continues to work normally. This is a common issue caused by switch MAC address table aging and is not related to the wireless system itself.

Why This Happens

When a wireless client roams from AP-A to AP-B, the client's MAC address suddenly "moves" from the switch port feeding AP-A to the port feeding AP-B. However, most switches maintain a dynamic MAC address entry for the original port for a set period (typically 120-300 seconds).

During this aging period:

Internet traffic works: Outbound traffic immediately teaches the switch the new location
LAN traffic fails: Other devices attempting to reach the roaming client send frames to the old port location until the MAC entry ages out

The 2-minute connectivity blackout corresponds exactly to the switch's MAC aging timer.

Quick Diagnostic Checks

Check	What to Look For
SSID Configuration	Verify the SSID is not marked as "Guest" or has ACLs that block LAN access by design
Fast Roaming Settings	Check if 802.11r/k/v is enabled (helps but doesn't fix the underlying switch issue)
Switch MAC Aging Timer	Use `show mac address-table aging-time` or check Web UI. If you see 120-300s, this matches the outage duration
MAC Flapping Logs	Review switch logs for "MAC flapping" entries when clients roam - this confirms the root cause

Fix and Mitigation Options

1. Enable MAC Move Updates (Preferred)

Configure the switch to accept rapid MAC address moves:

Cisco-style switches:

mac address-table move update receive

TP-Link switches:

Navigate to Switch > MAC Address Table > Enable Move Update
This allows the switch to immediately update MAC entries when APs notify it of client moves

2. Reduce MAC Aging Timer

TP-Link switches:

Go to L2 FEATURES → MAC Address Table → Aging Config
Set aging time to 20-30 seconds instead of 120-300 seconds
Trade-off: Slightly higher CPU usage in very large networks, but acceptable for typical deployments

3. Network Topology Optimization

Single Switch Deployment: Connect all APs to the same downstream switch
Avoid Cross-Switch Roaming: When AP-A and AP-B connect to different aggregation switches, MAC moves cross switch boundaries and take longer to propagate

4. Force ARP Cache Refresh

Some WLAN systems send Gratuitous ARP (GARP) packets when clients re-associate
Client-side scripts can trigger DHCP lease renewal or send GARP to force LAN devices to refresh their ARP cache
This also prompts the switch to relearn the MAC address location

5. WLAN Profile Verification

Disable Guest Mode: If LAN access is required, ensure the SSID is not configured for guest isolation
Consistent Configuration: Verify SSID, security settings, and VLAN configuration are identical across all APs
Mixed Profiles: Inconsistent settings between APs will break seamless roaming

Ubiquiti UniFi Equipment

Does this issue occur with Ubiquiti equipment?

Yes, this issue can occur with UniFi deployments, but it's less common for the following reasons:

Why UniFi is Less Affected

Integrated Architecture: UniFi controllers communicate directly with UniFi switches, enabling better coordination of MAC address updates during roaming events
RSTP and Fast Convergence: UniFi switches typically run optimized spanning tree protocols that handle topology changes more efficiently
Controller-Based Management: The UniFi controller can coordinate roaming events between APs and switches in the same ecosystem
Default Configurations: UniFi equipment ships with more roaming-friendly default settings compared to many traditional enterprise switches

When Issues Still Occur

Mixed Vendor Environments: Using UniFi APs with non-UniFi switches
Legacy Switch Integration: Connecting to older switches without fast MAC learning capabilities
Large Layer 2 Domains: Very large networks may still experience occasional delays during roaming events

Recommendations for UniFi Deployments

Use UniFi switches when possible to maintain ecosystem integration
Enable "Fast Roaming" in UniFi controller settings
Verify that switch ports connected to APs are configured for trunk/tagged VLANs appropriately
Monitor the UniFi controller logs for roaming events and any associated errors

Bottom Line

The ~2-minute LAN connectivity loss after roaming is almost always caused by the switch holding onto the old port location for the client's MAC address. Enable MAC-move updates or reduce the aging timer, and the problem typically disappears immediately.

For mixed-vendor environments, focus on switch-side solutions. For UniFi-only deployments, ensure all equipment is running current firmware and that fast roaming features are properly configured.

ARP Roaming Issue Troubleshooting

Overview​

Why This Happens​

Quick Diagnostic Checks​

Fix and Mitigation Options​

1. Enable MAC Move Updates (Preferred)​

2. Reduce MAC Aging Timer​

3. Network Topology Optimization​

4. Force ARP Cache Refresh​

5. WLAN Profile Verification​

Ubiquiti UniFi Equipment​

Why UniFi is Less Affected​

When Issues Still Occur​

Recommendations for UniFi Deployments​

Bottom Line​