[c-nsp] Apple Mac + iPhone = strange network loop?
Peter Rathlev
peter at rathlev.dk
Tue May 25 11:28:45 EDT 2010
I wonder if anybody else have seen this problem. In the past two weeks
we've had two cases where a "tethering" between a MacBook and an iPhone
have resulted in some strange "loop" on the network.
It seems that the users have setup some kind of network connection
sharing between the iPhone and the Mac. I don't know Macs well enough to
know exactly how it works, but it looks like some NAT thing.
It also looks like the Mac uses a wired connection and the iPhone uses a
wireless connection to the same L2 network. On the gateways (running
HSRP) we then see this:
002660: May 21 09:16:50.426 CEST: %HSRP-4-BADAUTH: Bad authentication
from 10.100.0.134, group 22, remote state Standby
It turns out this (10.100.0.134) is the IP address of the MacBook.
Capturing the traffic, we can see that it is exactly the HSRP hellos,
but just with the IP address replaced, a la NAT.
Without HSRP authentication (we tried that too!) it actually "steals"
the primary role, i.e. when it "reflects" the primary router's hello the
two real routers assume a "Standby" role.
It doesn't cause broadcast loops or anything, so it seems to only
forward/bridge unicast packets.
Apart from telling people not to connect their wonderful Apple devices
in this way, what can we do? :-)
--
Peter
More information about the cisco-nsp
mailing list