North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: iPhone and Network Disruptions ...
- From: Warren Kumari
- Date: Tue Jul 24 15:43:05 2007
Adding to the random speculation pile this just arrived in my mailbox:
------------------------------------------------------------------------
--
Cisco Security Advisory: Wireless ARP Storm Vulnerabilities
Advisory ID: cisco-sa-20070724-arp
http://www.cisco.com/warp/public/707/cisco-sa-20070724-arp.shtml
------------------------------------------------------------------------
----
It sounds like a badly configured pair of wireless controllers can,
under fairly normal conditions, lead to an ARP storm...
I have no idea if this is the actual issue that occurred at Duke, but
it *is* interesting....
W
On Jul 24, 2007, at 12:28 PM, Frank Bulk wrote:
Duke runs both Cisco's distributed and autonomous APs, I believe.
Kevin's
report on EDUCAUSE mentioned autonomous APs, but with details as
hazy as
they are right now, I don't dare say whether one system or another
caused or
received the problem.
Frank
-----Original Message-----
From: [email protected] [mailto:[email protected]] On
Behalf Of Dale
W. Carder
Sent: Sunday, July 22, 2007 2:51 PM
To: Bill Woodcock
Cc: Sean Donelan; North American Network Operators Group
Subject: Re: iPhone and Network Disruptions ...
On Jul 21, 2007, at 8:52 PM, Bill Woodcock wrote:
Cisco, Duke has now come to see the elimination of the problem,
see:
"*Duke Resolves iPhone, Wi-Fi Outage Problems"* at
http://www.eweek.com/article2/0,1895,2161065,00.asp
it's an ARP storm, or something similar,
when the iPhone roams onto a new 802.11 hotspot. Apple hasn't
issued a
fix yet, so Cisco had to do an emergency patch for some of their
larger
customers.
As I understand, Duke is using cisco wireless controllers to run their
wireless network. Apparently there is some sort of interop issue
where
one system was aggravating the other to cause arp floods in rfc1918
space.
We've seen 116 distinct iphones so far on our campus and have had
sniffers
watching arps all week to look for any similar nonsense. However, we
are running the AP's in autonomous (regular ios) mode without any
magic
central controller box.
Dale
--
Dale W. Carder - Network Engineer
University of Wisconsin at Madison / WiscNet
http://net.doit.wisc.edu/~dwcarder
--
Never criticize a man till you've walked a mile in his shoes. Then
if he didn't like what you've said, he's a mile away and barefoot.
|