Kevin,
Two things:
1) Could you configure your routers w/ secondaries to "answer"
for the 1918 space the phones are looking for? What happens if
the phone actually gets an answer? A) Will it shut up, or B) can
you use this to get more diagnostic information?
2) I wonder if they hacked in some special sauce roaming ability?
It seems like what you are seeing may be aggravated by the device
roaming between ip subnets but staying on the same SSID?
So could they implement a way to deal with the case where a user
would roam from ap A to ap B staying on the same SSID. So maybe
they chose to self arp to help populate upstream bridge tables,
but they accidentally reuse stale cached ip info?
This is all wild speculation, but this is strange behavior from
an IP stack.
Dale
--
Dale W. Carder - Network Engineer
University of Wisconsin at Madison / WiscNet
http://net.doit.wisc.edu/~dwcarder
On Jul 17, 2007, at 5:52 AM, Kevin Miller wrote:
This was the note that I posted on the list last Friday.
To summarize, we began seeing problems on 7/2. Last week we
observed the
problem roughly once/day, and it did recur on Monday. In each case, we
have had a ~10 minute period of time where we observed a substantial
amount of ARP traffic from an iPhone. We got traffic captures from 3
different iPhones (we did not react fast enough in the other incidents
to get captures). In each case the traffic looks like:
[MAC Address of iPhone] > [MAC Address B] ARP who-has [IP A] tell
[IP B]
Where MAC Address B "looks" like the MAC address of a home router of
some sort (OUI is assigned to such a manufacturer).
IP A looks like a home router gateway IP (192.168.1.1, 10.0.1.1,
192.168.2.1, etc)
IP B looks like an IP that might be assigned on a home router
(192.168.1.5, etc)
We have been testing and reviewing all of our infrastructure to see if
anything is out of order. So far, no changes have been made.
We have, unfortunately, not been able to replicate the issue in a
controlled environment. We have spoken to the last two individuals
who's
phones were the identified MAC address. They were walking across
campus
and moved between major wireless zones. There is typically a buffer
between zones where there is no wireless coverage. The zones use the
same SSID. Otherwise there was nothing unusual about what they were
doing with the phones.
-Kevin
Tim M. Crawford wrote:
I don’t know if others are experiencing this. If there are folks
from Duke on the list, can you share your findings?
http://www.networkworld.com/news/2007/071607-duke-iphone.html
Tim
______________________________________________________
*Tim M. Crawford* | Associate Director, IT Operations
Stanford Graduate School of Business
650.724.2447 | [EMAIL PROTECTED]
********** Participation and subscription information for this
EDUCAUSE Constituent Group discussion list can be found at http://
www.educause.edu/groups/.
**********
Participation and subscription information for this EDUCAUSE
Constituent Group discussion list can be found at http://
www.educause.edu/groups/.
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
