Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Wireless Networking Bug Businesses Communications Hardware Apple

IPhones Flooding Wireless LAN At Duke 441

coondoggie sends us to a Network World story, as is his wont, about network problems at Duke University in Durham, N.C. that seem to be related to the iPhone. "The Wi-Fi connection on Apple's recently released iPhone seems to be the source of a big headache for network administrators at Duke. The built-in 802.11b/g adapters on several iPhones periodically flood sections of the school's wireless LAN with MAC address requests, temporarily knocking out anywhere from a dozen to 30 wireless access points at a time. Campus network staff are talking with Cisco, the main WLAN provider, and have opened a help-desk ticket with Apple. But so far, the precise cause of the problem remains unknown. 'Because of the time of year for us, it's not a severe problem,' says Kevin Miller, assistant director, communications infrastructure, with Duke's Office of Information Technology. 'But from late August through May, our wireless net is critical. My concern is how many students will be coming back in August with iPhones? It's a pretty big annoyance, right now, with 20-30 access points signaling they're down, and then coming back up a few minutes later. But in late August, this would be devastating.'" So far, the communication with Apple has been "one-way."
This discussion has been archived. No new comments can be posted.

IPhones Flooding Wireless LAN At Duke

Comments Filter:
  • sigh (Score:3, Insightful)

    by bucky0 ( 229117 ) on Monday July 16, 2007 @09:13PM (#19882989)
    coondoggie sends us to a Network World story, as is his wont,

    At least the editors admit that coondoggie is filling the queue up with network world stories. Maybe they'll do something about it at some point
    • Re:sigh (Score:4, Funny)

      by Icarus1919 ( 802533 ) on Monday July 16, 2007 @09:14PM (#19882995)
      Hey guys, no breaking the fourth wall!
    • by Anonymous Coward on Monday July 16, 2007 @09:33PM (#19883137)
      I'm sorry, but there's something a little OFF here. No wireless hardware requests a MAC address. It may use MAC to authenticate to a table, but it goes for a DHCP lease.

      • Well tested (Score:3, Insightful)

        by Anonymous Coward
        Not to mention that there are several hundred wireless access points on the Apple campus, and several hundred (possibly thousands) of iPhones on the same campus. You'd have thought that any inherent problem with the phone and networking would have been caught, isolated, patched, and distributed by now...

        I'd lay odds there's something screwed with their network...
        • Re: (Score:2, Insightful)

          by statusbar ( 314703 )
          Yeah, but the wireless access points at the Apple Campus are probably Airport Extreme base stations. Perhaps that is why it works there...

        • Re:Well tested (Score:4, Insightful)

          by rob1980 ( 941751 ) on Monday July 16, 2007 @10:41PM (#19883613)
          You would have thought, but what happens on paper and what happens in the real world are often two entirely different things. It all goes back to how many possible different configurations you can test for in a laboratory before you let something go loose in the wild.
        • Re:Well tested (Score:4, Insightful)

          by MidnightBrewer ( 97195 ) on Tuesday July 17, 2007 @08:07AM (#19886059)
          If you RTFA, you'll see that the iPhones were activated off-campus and were trying to access a non-existent IP, most likely related to the first IP that the iPhone came into contact with after being activated. Whenever the iPhone lost connectivity on campus, it would try to seek out that original IP upon re-establishing a connection. In the case of Apple testing on their own campus, the phones were most likely activated at Apple and stayed the majority of the time at Apple - thus the problem never had a chance to crop up. Bizarre behavior, but bugs will happen.
      • by afidel ( 530433 ) on Tuesday July 17, 2007 @01:58AM (#19884667)
        Actually, it's probably really an ARP request. They probably have a very large, flat network and when the iPhones does an ARP broadcast request the AP gets overloaded by the results. This was a known problem with the old Aironet AP's, one of the senior software guys at Cisco/Aironet produced a one off patch for a large university client for the old VxWorks based AP's when I supported them back around the 2001 timeframe. It was actually one of the best examples of object oriented code I had ever seen, he changed the definition of the ARP buffer in one place, recompiled and everywhere that ARP was used the code was updated, very slick.
        • Re: (Score:3, Informative)

          by lmfr ( 567586 )
          From the article:

          The requests are for what is, at least for Duke's network, an invalid router address. Devices use the Address Resolution Protocol (ARP) to request the MAC address of the destination node, for which it already has the IP address. When it doesn't get an answer, the iPhone just keeps asking.

          "I'm not exactly sure where the 'bad' router address is coming from," Miller says. One possibility: each offending iPhone may have been first connected to a home wireless router or gateway, and it may au

      • by itwerx ( 165526 ) <itwerx@gmail.com> on Tuesday July 17, 2007 @02:38AM (#19884837) Homepage
        No wireless hardware requests a MAC address.

        But the iPhone is from Apple, of course it would ask for a Mac address! Heck, they should be glad it didn't ask for a Mac-II address, things would be twice as bad!
        (You can do the math for a Mac-IIcx :)
      • But that's exactly the problem. The iPhone handshakes with a "How are you gentlemen." and asks for a MAC address, at which point the WLAN's response is "What you say !!" and it goes downhill from there...
      • by Phreakiture ( 547094 ) on Tuesday July 17, 2007 @08:50AM (#19886285) Homepage

        I'm sorry, but there's something a little OFF here. No wireless hardware requests a MAC address. It may use MAC to authenticate to a table, but it goes for a DHCP lease.

        I would suggest that perhaps you didn't RTFA, but that is a given, since this is Slashdot.

        It is, indeed, asking for a MAC address.... it's called ARP [wikipedia.org] and it is how an Ethernet device determines what MAC address to use to reach a destination IP address.

    • by PCM2 ( 4486 ) on Monday July 16, 2007 @09:58PM (#19883321) Homepage
      So, who cares? So he submits stories from Network World. He probably works for Network World. Does that fact alone make the story less valuable or interesting? If someone else had submitted the same story, it would be OK then? Slashdot has editors and a moderation system. There's nothing inherently deceptive in submitting your company's (or your own) stories.
      • by bit01 ( 644603 )

        There's nothing inherently deceptive in submitting your company's (or your own) stories.

        If they make clear who they're representing then in general true.

        However, at some point excessive volume equals spam and that crowds out alternative points of view and stories.


        Free speech is compromised by too much noise as well as too little message. Most advertising is content free noise.

    • Re: (Score:3, Funny)

      by slamb ( 119285 ) *

      coondoggie sends us to a Network World story, as is his wont,
      At least the editors admit that coondoggie is filling the queue up with network world stories. Maybe they'll do something about it at some point

      You're setting the bar too high. I'm impressed that they correctly used the word "wont".

    • If it's not good and still getting accepted, that is a problem with the editors. But so long as the article provides something interesting, what does it matter if the person who submits it gets a profit off the site?
    • At least 2 of his 20 published submissions [slashdot.org] were from non-networkworld sources. Of course his only posted comment is a 'correction' to a story linking which he's trying to point to....networkworld. Astro-tuffing should get some kind of modding too. And why are submitters not linked to directly, I had to cut/paste his name in just to see his profile.
  • Interesting problem (Score:3, Interesting)

    by jshriverWVU ( 810740 ) on Monday July 16, 2007 @09:14PM (#19882999)
    He states now it's not a big problem, (guessing because it's summer and not as many students there). Then expecting it to be a BIG problem once students arrive. So to me this says that the iPhones using their service aren't students at all. If this is the case, buckle down the AP settings so they're not open or easily accessible via iPhone and require students to anti up their MAC addresses to connect to the wireless network.
    • Re: (Score:3, Informative)

      by bucky0 ( 229117 )
      Summer school students?
    • by beheaderaswp ( 549877 ) * on Monday July 16, 2007 @09:44PM (#19883203)
      What I want to know is what is a "MAC address request". I've never seen one. I've seen DHCP requests, ARP requests, even AARP requests- but not a MAC address request.

      I didn't know MAC addresses were assigned dynamically.

      But I'm over 40- what do I know?
      • MAC addresses request != MAC addresses assigned dynamically

        The nodes need to know the MAC address associated with an IP address, so they ask for it... or something like that. It's part of the dynamic DHCP process.

        I'm sure someone else will give a much better answer.
        • by Matey-O ( 518004 )
          That would be an ARP request...and if they knew what they were talking about, would have been CALLED an ARP request. Sounds like we're not getting the full story here.
        • by Architect_sasyr ( 938685 ) on Monday July 16, 2007 @10:29PM (#19883539)
          I don't know if this is a "better" answer, but I haven't liked the one's given yet: Initial DHCP request goes to ARP broadcast (which should NEVER make it past the AP/Authenticator depending on setup - much less into another subnet), a response is returned containing an IP address. Most units hold the IP address in temporary information and do another ARP request to see if anyone has that address in use (again to ARP broadcast). If it is in use then they try again, if not the unit assigns itself the IP address and joins the network. It then tries to find the ARP address of the DNS servers (look at it in wireshark or tcpdump - "who has x.x.x.x tell y.y.y.y"), the Gateway and whatever else your standard unit would be looking for (Domain Controller for a PC, Samba shares if you have auto-search enabled etc.).

          My guess is that either there is no DHCP and the iPhones just try like crazy, or some other misconfiguration of the network is causing these. Couple this with potential interference from all the other iPhone devices in the area, which could (and probably does) cause dropped packets, and one has a veritable storm of ARP requests which could easily take out subnets. 8 wireless cards is enough to DoS a high end wireless access point (Yellow Laptop anyone) so it doesn't stretch the imagination to think that some iPhone's could do it.

          My $0.02 AU
          • Okay if this is really the case, no DHCP network, then why does this same thing not happen when Laptops looking for DHCP addresses come in range of duke? For example, I would imagine that whenever there's a conference or perhaps when the student show up in september that all the laptops on campus are set to hunt for DHCP by default (since that's how one usually sets up wireless networks). Seems like you'd have the same sort of storm.
            • Re: (Score:3, Insightful)

              by ronanbear ( 924575 )
              Movement. Laptops are often off when they move and most people carry them very slowly if they're off. An iPhone can move around the campus a lot faster and will try to connect to every access point along the way. In colleges a lot of movement is at exactly the same time i.e. lunch and between classes. During these times a large number of devices could move from one node to another. The network might have trouble keeping up with all the movement of devices into and out of it.

          • by kayditty ( 641006 ) on Tuesday July 17, 2007 @12:42AM (#19884381)
            I have no idea why no one on the entirety of slashdot knows anything about networks. If I were to reply to every wrong post in this thread alone, I'd be here all fucking morning, so I'm just going to deal with this one.

            DHCP is not implicit in any network topology. It may be modern and 'expected,' but, jesus christ, every time there's a network discussion on this site, DHCP is strewn all over it like shit on a truck stop toilet. Just because you were born in 1995 and have an "ADSL" connection that uses DHCP (well, it probably uses PPPoE now) doesn't mean you're qualified to say anything, and it certainly doesn't mean there aren't real networks that have never even heard of the silly little protocol.

            That said, the initial DHCP request does go to a broadcast address, but it certainly has nothing to do with ARP. It goes to the global broadcast address (MAC: FF:FF:FF:FF:FF:FF). There's no such thing as an ARP address. ARP is a network layer protocol lying atop Ethernet (primarily; it isn't limited to Ethernet, of course). It is a MAC address you are thinking of.

            Your use of commas is worse than your knowledge of low-level network protocols, really. I don't even know why I bother. Whoever mods this shit up, go fuck yourself. And whoever's out there that actually does know what they're talking about (surely there's someone else out of two million users), like I do, fuck you for not replying and setting these morons straight. It's a ridiculous place to read for technological discussion, anymore.
            • by weicco ( 645927 )

              I suggest everyone to read Douglas E Comer's Internetworking with TCP/IP Vol 1 - Principles, Protocols and Architecture. It's a little old book but amazingly good one, allthought new editions comes with yellow cover, I liked the red one better (we used to call it Comer's Red Book :) Anyway, it came really handy when I was dealing with NDIS intermediate network drivers (Windows stuff) and Ethernet & TCPIP protocols.

        • Re: (Score:3, Funny)

          by Random832 ( 694525 )
          Don't you mean the Dynamic DHCP Protocol?
      • It sounds to me as if the problem is at least partly with the network admins who don't know their ARP from their MAC...
    • by sokoban ( 142301 )
      Duke runs a lot of summer camps. I know second session of TIP should be running right now, and probably several other camps as well.

      They generally use a good chunk of the dorm space, and probably more than a few of them have iPhones.
    • He states now it's not a big problem, (guessing because it's summer and not as many students there). Then expecting it to be a BIG problem once students arrive. So to me this says that the iPhones using their service aren't students at all.

      Little leap of logic there. Most campuses have a decent number of students on campus during summer for any of the following reasons:

      (i) summer classes
      (ii) research (i.e. most grad students who don't even realize its summer)
      (iii) friggin professors

      Most unis give ou

    • The first people I can think of that would be on campus: professors, grad students, summer classes, visiting students, administrative staff, and summer camps & programs. I'm sure there are more, but the point is that a University of that size never completely shuts down.
    • Re: (Score:3, Funny)

      by StikyPad ( 445176 )
      anti [answers.com]
      ante [answers.com]
      auntie [answers.com]
  • Critical? (Score:4, Insightful)

    by DogDude ( 805747 ) on Monday July 16, 2007 @09:18PM (#19883027)
    But from late August through May, our wireless net is critical.

    Wireless? Critical? Dumb.
    • Re:Critical? (Score:5, Insightful)

      by gravos ( 912628 ) on Monday July 16, 2007 @09:23PM (#19883059) Homepage
      Mod parent up. My university has gone to all-wireless too, and it's completely retarded because it's so unreliable. **A MICROWAVE OVEN IN THE KITCHEN KNOCKS EVERYONE OFF THE NETWORK**, for christ's sake, and that's to say nothing of intentional disruption.
      • Re: (Score:3, Insightful)

        by Tuoqui ( 1091447 )
        Yes it is dumb. Run some cable and leave the wireless for students with laptops and shit. Cables are the best method for mission critical things anyways.

        Ofcourse, if they are using it for everything even desktop computers in labs... It could very easily be that a few iPhones can bring down APs but that would be a colossally stupid idea to begin with and any network designer approving such a plan should be shot.
        • Re:Critical? (Score:5, Insightful)

          by PCM2 ( 4486 ) on Monday July 16, 2007 @10:01PM (#19883345) Homepage

          Yes it is dumb. Run some cable and leave the wireless for students with laptops and shit. Cables are the best method for mission critical things anyways.

          Yeah. Unless you're a university, and your "mission critical things" (remember the definition of "mission"?) include things like ... ohhh, I dunno ... students with laptops and shit?

    • Re:Critical? (Score:5, Interesting)

      by Citius ( 991975 ) on Monday July 16, 2007 @09:42PM (#19883193) Homepage Journal
      The number of students who use a wireless network for basic needs is rapidly growing at Duke. As a recent Duke graduate, I've been in a number of classes where tests are administered over the WLAN using Blackboard (burn BB to hell!). If a WLAN AP goes down, and that's during a test, you've got the grades - and unhappiness - of 40+ people/class on your head. Given that we're a rather nitpicky bunch over our grades, grade unhappiness doesn't end well for those who cause it... So yes. Wireless is critical at Duke.
      • Re: (Score:2, Insightful)

        by snowraver1 ( 1052510 )
        Pretty sure the point was that one should have a wired network that is critical, and a wireless network just for fun.

        I agree 100% Wireless is nowhere near as reliable as wired.
  • No wonder (Score:5, Funny)

    by marcosdumay ( 620877 ) <marcosdumay@@@gmail...com> on Monday July 16, 2007 @09:18PM (#19883031) Homepage Journal

    "So far, the communication with Apple has been "one-way."

    No wonder there is no answer... Apple people weren't able to receive any network package with all those iPhones around.

  • Cisco (Score:4, Interesting)

    by zymano ( 581466 ) on Monday July 16, 2007 @09:27PM (#19883083)
    "I don't believe it's a Cisco problem in any way, shape, or form," he says firmly"

    How do they know that?
    • Re:Cisco (Score:4, Informative)

      by prisoner-of-enigma ( 535770 ) on Monday July 16, 2007 @09:47PM (#19883235) Homepage
      Probably because he knows that a wireless network -- no matter how robust -- will always be at the mercy of a misbehaving device. Air is a shared medium. You can't force a device to shut up no matter what you try, assuming the device is engineered badly enough. That seems to be the case here. Even attempting something basic like blocking a wildcard MAC for all iPhones wouldn't work if the device just persistently floods the airwaves with spurious requests. It's essentially a DoS attack similar to a ping flood, but with no way to "cut it off" at an upstream router. Even better, the "attacking" device isn't fixed to a landline somewhere, it could be roving around in somebody's pocket or purse making neutralization a huge headache. Fun!

      I've done consulting in the wireless market for a while now. One of my key markets is the healthcare market, and I make sure I tell any hospital using wireless that there is absolutely, positively, unequivocally no way they can stop a determined DoS WLAN attack. Set up a noise source at 2.4GHz (or 5.8GHz for 802.11a), crank up the wattage well above the FCC limit for the ISM bands, and aim the antenna at the building. It *will* shut down *any* WLAN you've got unless the building is built like a Faraday cage.

      There is nothing you can do about it short of rooting out the source of the noise and shutting it down. Granted, such an attack is highly illegal (violates FCC radiated power limits, which might be a felony, I'm not sure), but I doubt that's on the mind of the prankster (or terrorist) who's shutting you down.
    • by PCM2 ( 4486 )
      Sure. And when some script kiddies launch a DoS attack that takes out your router, leaving you completely without connectivity, that's not a Cisco problem either. It's obviously a script kiddie problem.
  • Bet you 10 to 1... (Score:5, Insightful)

    by g-san ( 93038 ) on Monday July 16, 2007 @09:29PM (#19883091)
    ...it's their network. Why are we only hearing about it here? They probably have a loop in their network or some kind of ARP forwarding active they don't understand. You would think something like this would get caught early on in testing with the iPhone, this kind of problem tends to stand out. I also doubt the iPhone has enough horsepower to pump out 10Mbps of ARP requests, sounds like a networking device is sourcing these packets.
    • I also doubt the iPhone has enough horsepower to pump out 10Mbps of ARP requests

      A 486 can swamp a T-1 line, I don't doubt that the ARM processor(s) in the iPhone can max out a 54Mb 802.11/g link. One ARP request is only about 28 bytes, and it's not like there's a lot of computation involved in creating one. I agree, it sounds like there's some kind of misconfiguration, I can't imagine why any device would fire off that many requests unless it was receiving some kind of response that caused it to send a new request. Hmmm, I wonder if it's some kind of timing issue, maybe the phone i

    • by blindbat ( 189141 ) on Monday July 16, 2007 @11:05PM (#19883793)
      Actually I was in an Apple store last Thursday and they were having the same problem. I was trying to connect to their network with another non apple device and finally connected on third attempt. The store employees were all aware that their phones were having trouble connecting and staying connected to the wireless. Many of the phones were having to connect through ATT.
  • No problem for us (Score:2, Interesting)

    by SuperKendall ( 25149 )
    We have a number of WAP's at work. We also have a number of people who have bought iPhones, and we have not seen any wireless nodes go down from iPhone traffic.
  • by caller9 ( 764851 )
    I can take out a cisco WLAN controller with thin APs and aironet APs with an arp flood for a non-existent IP. Are they even in the same subnet? Is the whole wifi network from one building to another layer2? Or is the problem arising because it is actually layer3 from building to building and the APN name doesn't change.

    Judging by the statement that they can exhibit the behavior after being handed from one access point to another kind of nullifies the theory that they may be trying to re associate with the u
  • by bhmit1 ( 2270 ) on Monday July 16, 2007 @09:36PM (#19883147) Homepage
    Any non-secured network (either where users can plug into the lan or over wireless) where a device is able to bring down the network should be considered defective. I've seen places were the entire lan was flat with users connecting on cisco's management vlan and could bring down the whole company by plugging in a device that advertised a new route to the internet (legit or not). To a similar point, if a device on a wireless network is able to flood the network, then the access points need to be tuned. Sure, they can jam the airwaves, and there's nothing you can do to stop that DoS. But, you don't have to turn 18,000 requests per second into something that broadcasts across the rest of the network. Every firewall app that I've worked with includes throttling and I would hope these APs do as well.

    This doesn't mean that apple released a product without a defect. But if your network crashes because of a defective device, then you should fix your network first.
  • by xRelisH ( 647464 ) on Monday July 16, 2007 @09:39PM (#19883169)
    Umm, a bunch of ARP Requests by a few mobile devices shouldn't be knocking out a Cisco router. These AP's are supposed to be able to withstand much worse than a few of these things.

    I call bullshit. I say it's their IT/Computing Department is blaming their poor infrastructure on iPhone.
    • by technormality ( 1086527 ) on Monday July 16, 2007 @09:51PM (#19883265)
      18,000 arp requests a second? Smells like a spanning tree loop to me. Thats where I would start looking. Could be a single AP bridging the same vlan with spanning tree disabled. Anyone roaming into into its range could cause havoc.
    • Re: (Score:3, Informative)

      by brunes69 ( 86786 )
      Are you somehow trying to imply that a campus-wide network that supports THOUSANDS of wireless devices with no issues, is automatically the one to blame when 1-2 iPhones bring it down, without even knowing the details?

      It's amazing the Apple fanboy-ism around here. I have seen MANY devices have flaws like this in my time. Everyone knew the iPhone, as a first gen product, was going to have it's problems. This is likely one of them.

      And no matter what you seem to think you know about WiFi - one device can EASIL
  • by Nikron ( 888774 ) on Monday July 16, 2007 @09:40PM (#19883173)
    I want to request a mac address from my access point. Anyone want to post a HOW-TO?
    • by Idbar ( 1034346 )
      Man! You can imagine how revolutionary the iPhone is, it requests MAC addresses not IP addresses. No wonder why it's messing up that network.
    • I want to request a mac address from my access point. Anyone want to post a HOW-TO?

      1 Turn the AP upside down
      2 Read the MAC address off the sticker

      You are welcome. I'll be here all week.
    • Re: (Score:3, Funny)

      by flyingfsck ( 986395 )
      Well, it is an Apple device - of course it would request a Mac address.
  • I would imagine that this problem is either A) a configuration problem on the school's end, or B) will be fixed fairly quickly. I suggest "fixed quickly" because if this is a problem, then all those iPhones Apple is giving to their own employees will crash the Apple campus wireless network too. Plus given all the amazing paid and free press Apple is getting on the iPhone I'm sure they don't want any significant problems arising to generate legitimate bad press about their shiny new product.
  • There's no place like!!!

    followed by ..

    ET iPhone
  • Apple DHCP client (Score:5, Informative)

    by papasui ( 567265 ) on Monday July 16, 2007 @09:52PM (#19883271) Homepage
    I'm a net engineer for one of the major US cable isps.. A VERY common issue I see with the Apple Airport Extremes is a problem with them declining offered leases infinitely. When this happens the DHCP server marks the lease as temporarily unavailable, the end result is a single offending Airport extreme can eat all the available addresses. The work around is to configure the dhcp server to ignore declines from the client. Regardless it's very annonying (and I'm typing this post on a Macbook so I'm not anti-Apple).
    • Re: (Score:3, Insightful)

      by GizmoToy ( 450886 )
      Shouldn't the DHCP server be able to gracefully accept declines? It seems to me that getting a lease declined and then marking it unusable is a very poor implementation in the first place.
      • Re:Apple DHCP client (Score:5, Informative)

        by Doctor Memory ( 6336 ) on Monday July 16, 2007 @11:17PM (#19883887)
        Actually, that's just what the server should do. The client is only supposed to send DHCPDECLINE if it detects that the network address is already in use. DHCP servers are encouraged to check any address offered (using an ICMP Echo Request) to make sure it is not in use. However, there's also supposed to be a switch to turn this off. DHCP clients are encouraged to check any offered addresses using an ARP packet. If the ARP packet generates a response (indicating that another machine already has the offered address), then the client should respond with DHCPDECLINE. Therefore, if the server isn't checking addresses before it hands them out, it stands to reason that it would mark them as "unavailable" if a client responds that the address is already in use. Unfortunately, the side effect would seem to be that a misbehaving piece of hardware could indeed eat all available addresses. I'd suggest that the remedy for that is to have the server check any declined address, and only mark it "in use" if it got a response.
  • For all you saying "It's Duke's fault! Secure the network!" maybe you should consider that Duke provides wireless access to something like 15,000 undergrads, grads, faculty, etc. Duke's network is set up so that you can connect to a pool of internal IPs with no authentication, but before you can actually go to any sites other than the network registration site, you have to type in your Duke ID and password.

    This is an effective solution. Can you imagine if Duke locked down APs with MAC filtering? You'd have
    • by mr_matticus ( 928346 ) on Monday July 16, 2007 @11:23PM (#19883913)
      Oh come on. MAC registrations are almost wholly automated at any given large university--including Stanford, Berkeley, UBC, UC Davis, and Penn, where I have had personal experience. All you do is login with your staff (or I suppose student) account information and head to a page where you enter the MAC address(es) of your computer(s) along with your employee number and birthday or some other personally identifying information they already have on file. You click submit, and within 30 minutes you get an email saying your computers have been authorized.

      The only downside is that some schools require this must be done from an authorized computer, so you have to head to a computer lab or classroom the first time you do it. Other schools allow you to get into the system from any Internet-connected computer, which is the ideal solution, since it's behind a two-part authentication system anyway.
  • So when you (Score:5, Interesting)

    by phoebe ( 196531 ) on Monday July 16, 2007 @10:24PM (#19883509)
    spend thousands of dollars on expensive Cisco AP equipment, a factor above consumer grade systems, and something goes wrong, the extra instrumentation doesn't help and the vendor just blames somebody else? Is this a good reason not to go with expensive equipment, or just colossal incompetence of the administrator who configured everything?
    • Re: (Score:3, Insightful)

      Answer: Yes

      Cisco has it's moments, but IMHO they're not remotely worth the premium you pay. Go with HP; they sell the same level of hardware and offer the same level of support, but it costs a hell of a lot less, and since it costs so much less you can get the hardware you actually need rather than just what you have to settle for because your budget doesn't swing more than one 10,000 dollar PIX.

      Add to that the byzantine configurations, and it's easy for a non-gifted engineer to make pretty big mistakes.
  • If Apple can't make hardware that works, and/or won't own up to their problems and fix them, then ban all iPhones from connecting to the university WiFi network via their MAC vendor and device ID portions. After all that is what the structure of a MAC is for - so the network admins know what kind of devices are being used.

    Banning iPhones campus wide because they are faulty would trigger some nice nasty press for Apple and piss off a lot of owners of the device - I imagine they would fix the problem much faster (or at least respond to the ticket!)

Trap full -- please empty.