Robert:
I'm not exactly sure what you're asking in this first question, but let me say that not many wireless clients (that would be network stack specific, I believe) have implemented DNAv4. That Cisco didn't catch this bug during their testing process is unfortunate of course, but not altogether abnormal. Programmers write code all the time that works under normal circumstances, but when something new is introduced, in a way that the programmer didn't expect, bad things can happen, and Cisco is not immune to that. Aruba's opportunistic release this week made it clear that they don't suffer from that bug. As for your second point, no, a single device is unlikely able to generate 11,000 ARP requests/second. What was happening was that the ARP traffic was exiting one WLC onto the wired network, entering another WLC on the same L2 network, and because of the bug, if the client's state had not aged out, was being spit out again on the wired network, after which the packets entered the first controller from the wired network and because of the bug, spit it out again, rinse and repeat. There's no TTL with ARP and the packets not crossing any L3 boundaries, even this packet did have one. So the traffic would keep cycling around until the wireless client's state expired on the second (and third, etc) WLC. Frank From: Prof. Robert Mathews (OSIA) [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 01, 2007 10:05 PM To: [email protected] Subject: [WIRELESS-LAN] iPhones, ARP Storms and Network Interruptions ... Ladies and Gentlemen: Regarding the ARP storms that Duke had been experiencing, I am attempting to understand certain circumstances and fundamentals in more detail. In that context, I wish to pose the following questions before this community. The are: 1) Does anyone here feel that the historic problem, which Apple was noted to be experiencing with DHCP and DNAv4 has had a contributing effect on the manner in which CISCO Wireless Controllers were expected to normally behave? 2) Also, at its peak, I understand that there were as many as 11,000 ARP requests/second from a single device. Does anyone here, have an idea as to 'why' so many ARP requests could have been issued by a single device? If anyone is willing to comment either on, or off-line, I would welcome details that illuminate. All the best, Robert Mathews. -- ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
