or Connect
AppleInsider › Forums › Mobile › iPhone › Duke's WLAN pummeled by 'misbehaving' iPhones - report
New Posts  All Forums:Forum Nav:

Duke's WLAN pummeled by 'misbehaving' iPhones - report

post #1 of 49
Thread Starter 
The Wi-Fi implementation within Apple's new iPhone handset appears to be the source of a big headache for network administrators at Duke University, according to a published report.

Writing for Network World, John Cox claims that the built-in 802.11b/g adapters on several iPhones periodically flood sections of the Durham, N.C. institution's pervasive wireless LAN with MAC address requests, temporarily knocking out anywhere from a dozen to 30 wireless access points at a time.

"Misbehaving iPhones" are reportedly flooding the access points with up to 18,000 address requests per second, or nearly 10Mbps of bandwidth. As a result, the access points show up as "out of service" for 10-15 minutes at a time, in which there's no way to communicate with them, said Kevin Miller, assistant director, communications infrastructure, with Dukes Office of Information Technology.

Because of the time of year for us, its not a severe problem, Miller said. But from late August through May, our wireless net is critical. My concern is how many students will be coming back in August with iPhones?"

Duke's network team is reported to have identified the Apple handsets as the cause of the issue after capturing wireless traffic for analysis. Cox said the requests are for what is, at least for Dukes network, an invalid router address. However, the source of the bad router addresses have not yet been isolated.

"Devices use the Address Resolution Protocol (ARP) to request the MAC address of the destination node, for which it already has the IP address," he wrote. "When it doesnt get an answer, the iPhone just keeps asking."

Duke's IT department is said to have filed a help desk ticket with Apple over the matter but so far communication with iPhone maker has been "one-way," Cox added.

While Apple is reported to have "escalated" the university's help request, it hadn't yet provided anything substantive as of Monday afternoon.
post #2 of 49
Ah, it sounds like the network is doing something wrong, it is getting a valid request for a MAC address and it appears to be ignoring it. They probably set up their network to do this since they only allow authorized systems to make a request and get on the network.

Since their network configuration is essentially now ignoring the request and the Iphone sees a valid network and keeps making the request it is the phones problem?

I think they should look at their network and fix the problem with the equipment timing out for probably security reason to keep hackers from compromising the network.

If the phone was misbehaving and just flooding a network, I believe this would have shown up elsewhere especial on Apple's own campus.
post #3 of 49
Quote:
Originally Posted by Maestro64 View Post

Ah, it sound like the network is doing something wrong, it get a valid request for a MAC address and it appears to be ignoring it, They probably set up their network to do this since they only allow authorized systems to make a request and get in the network.

While it's possible that the iPhone can be optimized to not send requests as frequently, the fact that routers are being knocked off line by an unintentional DoS attack is the fault of the network administrators.
Dick Applebaum on whether the iPad is a personal computer: "BTW, I am posting this from my iPad pc while sitting on the throne... personal enough for you?"
Reply
Dick Applebaum on whether the iPad is a personal computer: "BTW, I am posting this from my iPad pc while sitting on the throne... personal enough for you?"
Reply
post #4 of 49
Ayup, this is the only network reporting this.

At UNC, just down the road, the *entire network* is one giant flat space. Flat. Think about that for a moment. Every machine, in every dorm, in every office, in every WiFi spot (which is the entire campus). It. Is. Insane. (The CS Dept is reviled among campus IT for being 'different' and not 'playing ball'... they realized how dumb that was, and made their own network. Guess which departmental network is the one that *doesn't* go down more often than a $5 hooker during Fleet Week?)

Since Duke is known for playing catch-up to UNC, I wouldn't be surprised if they followed suit.

My 'sources' at Cisco are pretty sure that's what's happening - Duke has a too-flat network, and have been relying on more or less static device behavior. Now that assumption is broken, and they're paying the price for their configuration. Me? I have no opinion or speculation, I just pass along the expert opinion.
My brain is hung like a HORSE!
Reply
My brain is hung like a HORSE!
Reply
post #5 of 49
Quote:
Originally Posted by Kickaha View Post

Ayup, this is the only network reporting this.

At UNC, just down the road, the *entire network* is one giant flat space. Flat. Think about that for a moment. Every machine, in every dorm, in every office, in every WiFi spot (which is the entire campus). It. Is. Insane. (The CS Dept is reviled among campus IT for being 'different' and not 'playing ball'... they realized how dumb that was, and made their own network. Guess which departmental network is the one that *doesn't* go down more often than a $5 hooker during Fleet Week?)

Since Duke is known for playing catch-up to UNC, I wouldn't be surprised if they followed suit.

My 'sources' at Cisco are pretty sure that's what's happening - Duke has a too-flat network, and have been relying on more or less static device behavior. Now that assumption is broken, and they're paying the price for their configuration. Me? I have no opinion or speculation, I just pass along the expert opinion.

They should be thanking Apple for highlighting they have a poor set up.
Been using Apple since Apple ][ - Long on AAPL so biased
nMac Pro 6 Core, MacBookPro i7, MacBookPro i5, iPhones 5 and 5s, iPad Air, 2013 Mac mini, SE30, IIFx, Towers; G4 & G3.
Reply
Been using Apple since Apple ][ - Long on AAPL so biased
nMac Pro 6 Core, MacBookPro i7, MacBookPro i5, iPhones 5 and 5s, iPad Air, 2013 Mac mini, SE30, IIFx, Towers; G4 & G3.
Reply
post #6 of 49
I'm just impressed the little iPhone can generate 10Mbps of traffic!
post #7 of 49
Quote:
Originally Posted by digitalclips View Post

They should be thanking Apple for highlighting they have a poor set up.

Right, I'm sure that's why they're trying to call apple, just to thank them. Or maybe they should complain because, for some reason, the iPhone is crashing their network. Would there be a reason that 18000 students with laptops or other wifi devices all work fine, but throw a few iPhones into the mix, and all of a sudden its the network's fault? Its not that the phone's are asking for a bad router address, it must be because the other routers aren't responding, even though they don't even have that address.

Then again, maybe if the folks at Duke (or, hell, UNC) stopped patting themselves on the back and congratulating themselves on how great they are, and spent time actually working, they might find the problem.

And is anyone surprised that the communication has been 'one-way'?
post #8 of 49
Quote:
Originally Posted by bignumbers View Post

I'm just impressed the little iPhone can generate 10Mbps of traffic!

I think that's all the iPhones combined, not a single one. They probably have more than a few on their network at any given time.
post #9 of 49
Quote:
Originally Posted by digitalclips View Post

They should be thanking Apple for highlighting they have a poor set up.

post #10 of 49
Quote:
Originally Posted by Louzer View Post

And is anyone surprised that the communication has been 'one-way'?

I'm not.
I would be very surprised if they were in direct communication.

When if ever do you hear do you hear about two-way communication, other than with the large development companies / preferred partners.
post #11 of 49
Quote:
Originally Posted by bignumbers View Post

I'm just impressed the little iPhone can generate 10Mbps of traffic!

Why? The iPhone does have an 802.11g card in it, therefore, it should be able to 54Mbps.
post #12 of 49
Quote:
Originally Posted by hdasmith View Post

Why? The iPhone does have an 802.11g card in it, therefore, it should be able to 54Mbps.

in theory
"i find that if you keep talkin', your mouth comes up with stuff..." Karl Pilkington
Reply
"i find that if you keep talkin', your mouth comes up with stuff..." Karl Pilkington
Reply
post #13 of 49
Quote:
Originally Posted by Louzer View Post

Right, I'm sure that's why they're trying to call apple, just to thank them. Or maybe they should complain because, for some reason, the iPhone is crashing their network. Would there be a reason that 18000 students with laptops or other wifi devices all work fine, but throw a few iPhones into the mix, and all of a sudden its the network's fault? Its not that the phone's are asking for a bad router address, it must be because the other routers aren't responding, even though they don't even have that address.

I think it's that, if they're the only network showing this behavior with a device that is spreading rapidly, then there's a good chance that it is not *just* the device, and not *just* the network, but a combination of the two, wouldn't you agree?

It's entirely possible it's the iPhone misbehaving - but in that case, how come only Duke is suffering from it? As I said, I suspect their assumptions about network use include that a particular node isn't going to be roaming much. Desktops stay put. Laptops stay put for finite amounts of time, disappear from the network, then appear elsewhere, but in all but a tiny few cases, while they're on, they stay put. Not iPhones. They're going to be moving from WAP to WAP all day long. If their network isn't configured to handle that gracefully, then yeah, they're going to have potential issues.

Quote:
Then again, maybe if the folks at Duke (or, hell, UNC) stopped patting themselves on the back and congratulating themselves on how great they are, and spent time actually working, they might find the problem.

Yup. Early-stage finger-pointing when you're the only one having the issue doesn't really help.

Quote:
And is anyone surprised that the communication has been 'one-way'?

Nope. SOP. Open the ticket, see if the client can offer any further info, filter it down to engineering, get folks connected, get information flowing... it often takes a few days. Most large institutions understand that.
My brain is hung like a HORSE!
Reply
My brain is hung like a HORSE!
Reply
post #14 of 49
I find it very hard to believe that the phones are causing this problem. Not because Apple is above having problems, but because nobody has identified this ANYWHERE else. There are more iPhones on the corporate campus I am in then at that school right now. This sounds like something wrong in the network, and the admins are looking for a scapegoat.
--
Mac user, really like OS X.
Reply
--
Mac user, really like OS X.
Reply
post #15 of 49
Quote:
Originally Posted by solipsism View Post

While it's possible that the iPhone can be optimized to not send requests as frequently, the fact that routers are being knocked off line by an unintentional DoS attack is the fault of the network administrators.

They said their "access points". Flood any 802.11b/g access point with enough data and what else would you expect to happen, basically, the bandwidth is full.
post #16 of 49
We propped up Cisco APs in our DMZ to support iPhones where I work and things have been working great in these last few weeks. Who really knows what's happening at Duke? Unless you are there and observing the problem all of this is rampant speculation.

It appears that many in the media have an axe to grind on the iPhone. This is wierd, considering the device has a superiod design and is well tested. I guess a lot of people would like to see Apple lose.
post #17 of 49
The Duke guy said that they are using a ARP server for MAC authenications, this tell me the in order for the device to contact the laptop, PDA, or desktop's MAC address must be contained on the ARP server with that that the device will not be allowed to connect. As someone pointed out ther network is probably pretty flat which is bad if you have a large network. Plus if they are get continuous request from an unauthorized device if should ignore the request not try and process the request.

Plus, maybe the iphone is overly agressive when making it requests so it does not help their situation.

Duke's IT group should have been more cautious about staying the iphone has problems because in the end they might be the ones with egg on their face.
post #18 of 49
My mega wireless site is fine. Duke must have the world's worst network admin??????
I never get tired of being right all the time... but I do get tired of having to prove it to you again and again.
Reply
I never get tired of being right all the time... but I do get tired of having to prove it to you again and again.
Reply
post #19 of 49
I know we're all iPhone fans here, but let's look at this situation with an open mind... Especially because the iPhone is still a new device that may potentially have some issues.

According to the report the iPhone is flooding the network with ARP requests. For those not fully aware of how IP (Internet Protocol) works, allow me to explain.

An ARP request is used to match an IP address (such as 192.168.10.10) with a MAC address (these are the physical network addresses that allow computers to identify network traffic source and destinations). The request looks something like "Who has 192.168.10.20? Tell 192.168.10.10." They are sent as broadcast packets because the destination device is not yet known (the whole purpose is to find it) and as such these packets are supposed to be passed along by access points, switches, etc. Only the device that has the requested address is supposed to respond, and other devices are supposed to simply ignore the request.

ARP requests are only supposed to be used to locate machines on the local network (or subnet). Any time a device needs to talk to a device on the Internet or another segment of the network it sends that traffic through a router. ARP is not supposed to be used in this process because the local computer doesn't need to know the remote machine's MAC address; it couldn't even talk to it if it did know. Because of this, devices should NOT attempt to use ARP to find the address of a computer not on the same network. When a device attempts to talk to a device outside of the local subnet, it is supposed to send that traffic directly to the router, and the router determines where to direct it from there.

If the iPhone is sending ARP requests for IP addresses not in the network to which it is connected, it is behaving in a manner contrary to the way in which IP was designed. Not only that, but if it sends a request, doesn't receive a response, and repeats the request over and over, it creates even more network traffic. If you have enough of these devices misbehaving like this, you can begin to see how network traffic can really begin to add up.

It may be true that Duke's network isn't designed to handle broadcasts well, but that doesn't excuse the iPhone from misbehaving in the first place. It doesn't take a lot of broadcast traffic to bring most networks to their knees.

The other issue here which hasn't been addressed is that this problem could potentially open up security issues, depending on why the iPhone is making these ARP requests and what it is expecting in response. If someone were savvy enough, it would be entirely feasible to forge a response to the requests, then when the iPhone tries to communicate with whatever device it wants to talk to, it wouldn't be hard to forge the conversation and potentially wreak all manner of havoc.

This sounds to me like a serious issue that should be treated as such. Let's not blame Duke's IT staff entirely here.
post #20 of 49
Oh, there's definitely something interesting going on between the interaction of the two forces: iPhones, and Duke's network. I don't think either is going to end up being totally blameless. Someone, somewhere, made an engineering decision based on an assumption that isn't holding true.

Or they just borked it.
My brain is hung like a HORSE!
Reply
My brain is hung like a HORSE!
Reply
post #21 of 49
Net admin myself for large company. Felt that pain. That said:

If I was the admin for that network last thing I would have done was gone to the papers. Call up Crisco...open the TAC case and work it out.

If the admin had any real brains he could have pushed and said I need an iPhone to recreate the issue...

24" iMac, 2 MB Pros, iPad Version 1, 2 x (iPhone 4s), Apple TV 3, a Shuffle and a couple of iTouches somewhere in the house. Spot on wall reserved for an Apple TV of some description. Oh yeah..and...

Reply

24" iMac, 2 MB Pros, iPad Version 1, 2 x (iPhone 4s), Apple TV 3, a Shuffle and a couple of iTouches somewhere in the house. Spot on wall reserved for an Apple TV of some description. Oh yeah..and...

Reply
post #22 of 49
Quote:
Originally Posted by Maestro64 View Post

Duke's IT group should have been more cautious about staying the iphone has problems because in the end they might be the ones with egg on their face.

No, they shouldn't be more cautious. They already tracked down the cause: its iPhone traffic. They also know that its looking for a router that doesn't exist, and requesting continuously for that router (see, even if they are from Duke, they aren't completely clueless - but, really, we all know they're working there because they couldn't get jobs at the Univ. of Maryland).

From that perspective, they're completely correct. The iPhone is royally screwing up their network. Now, whether its because of issues with the iPhone itself, or its their network setup, is a different story.
post #23 of 49
Poor design sucks for the designer... If you build a road with a gate that opens when a car with a validated license plate pulls up, what happens when a bunch of unknown cars show up? Traffic jam... And probably accidents.
post #24 of 49
Quote:
Originally Posted by bignumbers View Post

I'm just impressed the little iPhone can generate 10Mbps of traffic!


It's got to be the network. A Mac address request is very small. It would take an iPhone Flashmob of about 200,000 people to generate 10MB of Mac address requests.

Come on guys, it's the network, not the iPhones. Otherwise this result would be worldwide.

Just another fruitless attack on the iPhone. Oh, they can be soooo jealous, can't they?

post #25 of 49
Quote:
Originally Posted by ajhill View Post

It's got to be the network. A Mac address request is very small. It would take an iPhone Flashmob of about 200,000 people to generate 10MB of Mac address requests.

Come on guys, it's the network, not the iPhones. Otherwise this result would be worldwide.

Just another fruitless attack on the iPhone. Oh, they can be soooo jealous, can't they?

First, its 10 megaBIT, not megaBYTE. 10 mbit isn't that much. Especially if there is a flaw in the iPhone's IP stack. I have had single devices on my network broadcast way more traffic than that when misbehaving. This is entirely within the realm of possibility.

Its statements like yours that cause people to accuse us of being blind Apple zealot fanboys. Please, lets be open minded. Apple doesn't do everything quite perfectly.

If the explanation in the article is correct, which it seems to be, its the iPhone that is generating the traffic that is causing the problem. I'm an IT guy, and the explanation is perfectly plausible and credible. From their description, it truly looks like Apple made a mistake. And it should be fixable.

Duke's network probably could be configured better to handle misbehaving devices, but let's not place all of the blame on them. If I run over someone with my car, does that mean the person I hit is at fault?
post #26 of 49
Quote:
Originally Posted by Louzer View Post

Right, I'm sure that's why they're trying to call apple, just to thank them. Or maybe they should complain because, for some reason, the iPhone is crashing their network. Would there be a reason that 18000 students with laptops or other wifi devices all work fine, but throw a few iPhones into the mix, and all of a sudden its the network's fault? Its not that the phone's are asking for a bad router address, it must be because the other routers aren't responding, even though they don't even have that address.

Then again, maybe if the folks at Duke (or, hell, UNC) stopped patting themselves on the back and congratulating themselves on how great they are, and spent time actually working, they might find the problem.

And is anyone surprised that the communication has been 'one-way'?

post #27 of 49
Quote:
Originally Posted by djdj View Post

First, its 10 megaBIT, not megaBYTE. 10 mbit isn't that much. Especially if there is a flaw in the iPhone's IP stack. I have had single devices on my network broadcast way more traffic than that when misbehaving. This is entirely within the realm of possibility.

Its statements like yours that cause people to accuse us of being blind Apple zealot fanboys. Please, lets be open minded. Apple doesn't do everything quite perfectly.

If the explanation in the article is correct, which it seems to be, its the iPhone that is generating the traffic that is causing the problem. I'm an IT guy, and the explanation is perfectly plausible and credible. From their description, it truly looks like Apple made a mistake. And it should be fixable.

Duke's network probably could be configured better to handle misbehaving devices, but let's not place all of the blame on them. If I run over someone with my car, does that mean the person I hit is at fault?

Thank you!
post #28 of 49
Quote:
Originally Posted by djdj View Post

If the explanation in the article is correct, which it seems to be, its the iPhone that is generating the traffic that is causing the problem. I'm an IT guy, and the explanation is perfectly plausible and credible. From their description, it truly looks like Apple made a mistake. And it should be fixable.

But then the question stands still, why aren't other people complaining about this? Wouldn't Apple's Campus wifi have seen this? Or how about any other wifi networks? I would think if the issue is simply the iPhone mucking up WiFi, that more and more people would be speaking up saying "Apple messed up".

You want us to not be so quick to lay the blame on Duke and let Apple off. So likewise, don't just eat up a single report, and write it off as Apple having made a mistake. At this point, i'd say its an unknown, with potential for both to be at fault.
post #29 of 49
I like the "flat-network" issue as the probable cause of this problem, or if not the root cause, something that is amplifying what would be a much smaller (and therefore more easily containted) problem on other networks.

I work in IT, though I'm not a network person, and I remember how our network folks were hell bent on segmenting our network into separate zones for students, labs, faculty and administrators, and our school is only ~2500 users total. Why would such a large institution such as Duke opt for a flat network setup?

Of course, it may be an iPhone with a wonky wi-fi card. I've seen bad ethernet cards flood the network, sometimes causing what the network folk call an "arp-storm". It could be that one or two bad iPhone wi-fi cards are wreaking havoc with Duke's flat setup.

I've been using my iPhone on our (segmented) network for 2 weeks, and haven't had a single problem (and our network folk are such that if anything causes a problem, they search and destroy immediately). The fact that other places aren't reporting the same problem places the blame closer to NC than to Cupertino. Unfortunately, too many higher-ed IT/network people come from the corporate world where, if it doesn't have a Microsoft logo you get the 2000 yard stare if you bring them a problem with a Mac. That's also the source of their knee-jerk "it has to be Apple's problem".
post #30 of 49
Quote:
Originally Posted by ajhill View Post

It's got to be the network. A Mac address request is very small. It would take an iPhone Flashmob of about 200,000 people to generate 10MB of Mac address requests.

Come on guys, it's the network, not the iPhones. Otherwise this result would be worldwide.

Just another fruitless attack on the iPhone. Oh, they can be soooo jealous, can't they?


Or a poorly designed and implemented network that is allowing traffic looking for a "incorrect network" to continuously loop. I believe RIP without proper Poison Reverse could cause this.

I wonder what protocols and design they have? I can't find any info on the net anywhere.
Dick Applebaum on whether the iPad is a personal computer: "BTW, I am posting this from my iPad pc while sitting on the throne... personal enough for you?"
Reply
Dick Applebaum on whether the iPad is a personal computer: "BTW, I am posting this from my iPad pc while sitting on the throne... personal enough for you?"
Reply
post #31 of 49
Quote:
Originally Posted by ajhill View Post

It's got to be the network. A Mac address request is very small. It would take an iPhone Flashmob of about 200,000 people to generate 10MB of Mac address requests.

Come on guys, it's the network, not the iPhones. Otherwise this result would be worldwide.

Just another fruitless attack on the iPhone. Oh, they can be soooo jealous, can't they?


Because it can't be a problem with the iPhone OS's network stack. It has been known that OS software can contain bugs that could cause issues. Its happened in the past.
post #32 of 49
Originally Posted by Maestro64
Duke's IT group should have been more cautious about staying the iphone has problems because in the end they might be the ones with egg on their face.

Quote:
Originally Posted by Louzer View Post

No, they shouldn't be more cautious. They already tracked down the cause: its iPhone traffic. They also know that its looking for a router that doesn't exist, and requesting continuously for that router (see, even if they are from Duke, they aren't completely clueless - but, really, we all know they're working there because they couldn't get jobs at the Univ. of Maryland).

From that perspective, they're completely correct. The iPhone is royally screwing up their network. Now, whether its because of issues with the iPhone itself, or its their network setup, is a different story.



The writer you chastise is correct you are wrong in this particular argument. Your logic is like saying ... if lying down on the sidewalk with your head in the road is a problem because cars keep hitting you then it might be an issue with the cars. The writer simply stated they should be sure what is the problem first. Moving your head would be worth a try first ...

Sure they have identified the iPhones are involved but if as the writer correctly says, IF this is because of a network screw up they might be wise to trouble shoot before publicly stating it is the FAULT of the iPhones and thus feeding trolls with fodder to repeat and exaggerate and attempt to damage Apple's reputation.
Been using Apple since Apple ][ - Long on AAPL so biased
nMac Pro 6 Core, MacBookPro i7, MacBookPro i5, iPhones 5 and 5s, iPad Air, 2013 Mac mini, SE30, IIFx, Towers; G4 & G3.
Reply
Been using Apple since Apple ][ - Long on AAPL so biased
nMac Pro 6 Core, MacBookPro i7, MacBookPro i5, iPhones 5 and 5s, iPad Air, 2013 Mac mini, SE30, IIFx, Towers; G4 & G3.
Reply
post #33 of 49
Quote:
Originally Posted by kupan787 View Post

But then the question stands still, why aren't other people complaining about this? Wouldn't Apple's Campus wifi have seen this? Or how about any other wifi networks? I would think if the issue is simply the iPhone mucking up WiFi, that more and more people would be speaking up saying "Apple messed up".

There are several possibilities... Maybe Duke's network is too flat and should be segmented better. Maybe Duke is the only one saying anything. But even if both of those are the case, it doesn't excuse the behavior of the iPhone. No device should be flooding a network with ARP requests, period. Whether the network can handle it or not is not the issue here.

Apple is allowed to make a few little mistakes here and there, right? I'm sure they'll fix it. You guys are acting like there is no way in hell it could be a problem with the iPhone. Let's be a little more realistic.
post #34 of 49
Um, they explained the issue the article.

The iPhone WiFi is fine, they're getting (presumably by DHCP) a router address that doesn't exist, and then looking for that router whenever they want to send traffic off the subnet.

And the netadmins haven't worked out yet where they're getting their router information from - if the network's that flat then the responsibility would seem to be with whoever's running a misconfigured DHCP server, andthe netadmins to track it down sharpish.

What's off is that other wifi connected devices getting a DHCP address on that net would work, and iPhones wouldn't.

A few things could cause that - other stuff might not actually work, they might have some DHCP strings that mean the duff DHCP server gets selected to serve them, or there could have been a change such that everything with an existing DHCP address lease retains it's (working) config, but new devices (like all the iPhones that just got bought) get the new (duff) information.

BTW, it's not an iPhone thing - any device looking for a router will keep ARPing for it until it turns up. It could be that the iPhones ARP at a ridiculously fast rate, or there's a lot of them - most IP networks have some spurious ARP traffic, but usually for non-existent hosts, rather than routers.

Cheers,

Martin.
15" PB, 15" MBP, MB, MBA, G5 iMac, C2D iMac, Mac Mini, UK iPhone 3G, SGI RealityEngine2, SGI/Division Virtual Reality Rig, NetApp F760C
Reply
15" PB, 15" MBP, MB, MBA, G5 iMac, C2D iMac, Mac Mini, UK iPhone 3G, SGI RealityEngine2, SGI/Division Virtual Reality Rig, NetApp F760C
Reply
post #35 of 49
Quote:
Originally Posted by datamodel View Post

Um, they explained the issue the article.
...
BTW, it's not an iPhone thing - any device looking for a router will keep ARPing for it until it turns up. It could be that the iPhones ARP at a ridiculously fast rate, or there's a lot of them - most IP networks have some spurious ARP traffic, but usually for non-existent hosts, rather than routers.

It seems like you just skimmed the article. The iPhone is trying to find the MAC addresses of IPs that don't exist on a given segment of the Duke network (the ARP flooding). It happens when the phone loses WiFi connectivity in one location and tries to reconnect in another location. When it connects to the new segment it shouldn't be flooding it with ARP requests for addresses that don't exist on that segment. This is an IP stack flaw, pure and simple. What other possible explanation is there for it?

The article also states that it is only two iPhones that are causing all of the problems. Sounds like they have really narrowed it down.

Quoting from the article: "On two occasions, one last Friday and one today, Monday 16 July, both users seemed to be behaving completely normally, yet both iPhones started flooding the net with ARP requests. In both cases, the user first successfully connected to the WLAN at one location, and then moved to another building, where the ARP flood began. 'It may have something to do with the iPhone losing connectivity and then trying to reconnect in a new location,' Miller says." This makes it pretty clear that the problem is with the iPhone. Not a lot of room for debate if you ask me.
post #36 of 49
Except that if it were *solely* the fault of the iPhone, you'd expect to see this on *any* network with multiple WAPs, as the iPhones roam. Now, it's possible that this is simply the first such report, but until the second, third, fourth, and so on appear, then it's even odds as to what portion of the system is causing the issue.

Again, I suspect that the Duke network isn't set up to gracefully handle roaming clients, *and* there very well may be an issue with the iPhone stack, and the combination of the two is causing the situation.
My brain is hung like a HORSE!
Reply
My brain is hung like a HORSE!
Reply
post #37 of 49
I just spent the last hour researching this in the original forums where the problem is being discussed. Definitely an iPhone problem... Why?

1. It isn't just happening at Duke. Other networks are seeing it too; Duke is the only one that has gotten picked up by the media so far. (And, by the way, they didn't go to the media, Network World found the discussion of the problem in a blog, and came to them to ask to publish the story.) Most other locations are banning the range of iPhone MAC addresses to prevent them from bringing their networks down. (And just because you haven't heard about it doesn't mean it isn't happening elsewhere, BTW!)

2. It isn't happening with all iPhones. It is a strange set of circumstances that trigger the problem. A given phone has to have been at three locations with similar configurations but different IP subnets successively (first at location A, then B, then C, though the specific locations of A,B and C do vary). At location C the iPhone tries to find a router that existed at location A, and sends out 30 ARP requests to find that router EVERY MILLISECOND, so each iPhone is sending out roughly 30,000 ARP requests per second.

3. It also appears that the default settings on the iPhone may not trigger the problem, that the user has to have changed the WiFi configuration to some degree, though to what degree that is remains unclear.

4. The Duke network isn't "flat" as some have suggested. It appears to have been well organized and implemented, and this is (ironically) actually contributing to the iPhone's behavior.

5. No device should EVER send out 30,000 ARP requests for the same IP address per second, no matter what the circumstances of the network it is connected to, much less when the requested IP address isn't in the iPhone's current subnet.

6. The problem ticket has been escalated at Apple to try to find a solution.

It's a bug in the iPhone, and Apple will fix it.
post #38 of 49
Back in my day, we didn't have fancy phones to get our e-mail. We had to wait in line for hours and log into the school internet with TELNET. We would be lucky to check our e-mail once a month. Simply typing the wrong password would shut down the entire system.

These Tweedle-Duke and Tweedle-Ding-Dongs don't know their heads from their rear ends. In my day, you were a computer genius if you were the SYSOP of a BBS.

Enough of this iPHONE shenanigans... Get your books out, walk to and from your classes uphill both ways, and study.

iPhone tom-foolery... enough
post #39 of 49
Quote:
Originally Posted by djdj View Post

I just spent the last hour researching this in the original forums where the problem is being discussed. Definitely an iPhone problem...

It's a bug in the iPhone, and Apple will fix it.

Keen, thanks for the update.

How is the Duke network setup exacerbating the issue? I'm intensely curious to find out what the various parameters are to this problem...
My brain is hung like a HORSE!
Reply
My brain is hung like a HORSE!
Reply
post #40 of 49
Quote:
Originally Posted by Kickaha View Post

How is the Duke network setup exacerbating the issue? I'm intensely curious to find out what the various parameters are to this problem...

If their WiFi network was setup in a single subnet (I know, not really possible for an organization that large) the problem likely wouldn't be occurring. If every Access Point was on the same subnet the "B to C" transition probably wouldn't trigger the bug.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
AppleInsider › Forums › Mobile › iPhone › Duke's WLAN pummeled by 'misbehaving' iPhones - report