iOS IP theft on wireless network

I work at a University and have been seeing a lot of IP theft from iOS devices. They seem to cache previously used IP addresses on the wireless network and try to reuse those instead of obtaining a new ip address via dhcp. This will prevent users from connecting for hours some times. A workaround is to have users forget the network. I need to know why this happens. How long an address is cached for. And the dhcp process that iOS devices follow when trying to connect to a network. It seems they initially ARP a request to reuse an IP, but packet captures are also showing some icmpv6 and mdns stuff. I never actually see a dhcp discover, offer or request. Just a DHCP NAK.

Up vote post of Beazle Down vote post of Beazle
398 views
Posted by
Beazle
Reply
Add a Comment

Replies

Hello,

Happy to see that i am not the only one to have noticed the behavior.

On our side, here is the context :

  • 2 universities offering same ssid "eduroam" next to each other

So a student from University A associate successfully to the ssid eduroam, and if he walks towards University B he will authenticate successfully using the ssid eduroam of University B, but after successfull authentication logs show that the device failed to get a new ip address as it asks continuouly (till the end of the dhcp lease ?) its previous obtained ip address to the dhcp server behind the ssid eduroam of University B, the client can be stuck for a very long time (minutes, hours), at some point the client decide to make a dhcp discover and get a valid ip address. All clients seen are iPhone/iPad.

It is devastating for all our Apple clients.

Regards

Posted by
merkhabha
Up vote reply of merkhabha Down vote reply of merkhabha
Add a Comment