Hi List and fellow PF users,
We are now running packetfence (4.5.1, migration to 5.x is due next month) with success on a wide wireless network (over 1200 access points), but we have some performances issues with the database. >From our experience, the main problems are caused by mobile android devices >which constantly request IP on our registration networks when they are not >registered, probably because they detect they don't have a working internet >access. This constant flow of dhcp request provoke a lot of update in iplog table, with a lot of deadlocks on our mysql cluster. Those deadlocks then provoke different problems, including some problems with the captive portal, as the ip<->mac resolution is not working as smoothly as it should. I know that the deadlock issue may be fixed by an upgrade to packetfence 4.6 or 5.x, but for now w e are looking for different way to block those unregistered devices automatically. We designed some firewall rules to limit to detect and limit the DHCP requests on our remote firewalls (w e use VLAN enforcement with routed networks), but I'm also looking at the Violation system to isolate those devices. I could not find a way to define a trigger based on the number of DHCP requests send from a device, did someone already managed to do this ? Regards, -- Frédéric Hermann Neptune Internet Services
------------------------------------------------------------------------------
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
