nanog mailing list archives
Re: Breaking the internet (hotels, guestnet style)
From: Owen DeLong <owen () delong com>
Date: Tue, 8 Dec 2009 07:21:27 -0800
I know what you're saying, but seriously, haven't we just repeated all the same mistakes in IPv6? And of course it'd be a nightmare to cover all the edge cases, this is why nobody tries to figure it out, so in the end we end up with many really cruddy hatchet jobs.
Not exactly.... With IPv6, RA/SLAAC is nearly instantaneous, unlike DHCP. This is both good and bad. For this purpose, it happens to be good... 1. Have your authentication server running on a host that will accept connections to _ANY_ address. 2. Have your router send RA/SLAAC for your authentication network to unauthenticated machines such that their default gateway is an address that lands them on the authentication server. 3. Once they're authenticated, send them real RA/SLAAC. 4. No need to hork DNS, and, the web page you faked at first can work just fine after they log in, even if they cached the DNS information because you gave them the legitimate address.
Why would "web browsers" have a hot-spot button? What if I want to just use ssh? And where's the web browser on my VoIP telephony adapter, etc? :-)
Almost all of these systems require you to call support to get a MAC authentication Exception if you don't have a web browser on your device. Most of them grant exceptions on a not to exceed 30 day basis, too.
It's gotta be difficult for the hotspot networks. Even at&t can't seem to make it all work right even when they control both sides; I've seen iPhones just hang when connecting to attwifi (and I can say I've seen it not work in some way maybe even more often than I've seen it actually work). At least the iPhone seems to have some built-in support for this sort of thing. (Anybody know anything more about that?)
Yep... Then there are the airports where there seems to be a spanning tree delay between getting associated with the hotspot and being able to get a DHCP address. (I've only encountered this behavior at a few US airports, never on a hotel network). Owen
Current thread:
- Re: Breaking the internet (hotels, guestnet style), (continued)
- Re: Breaking the internet (hotels, guestnet style) Stephen Sprunk (Dec 09)
- Re: Breaking the internet (hotels, guestnet style) Owen DeLong (Dec 09)
- Re: Breaking the internet (hotels, guestnet style) Joe Greco (Dec 08)
- Re: Breaking the internet (hotels, guestnet style) Andrew Cox (Dec 08)
- Re: Breaking the internet (hotels, guestnet style) Mark Andrews (Dec 08)
- Re: Breaking the internet (hotels, guestnet style) Leo Bicknell (Dec 08)
- Re: Breaking the internet (hotels, guestnet style) Seth Mattinen (Dec 08)
- Re: Breaking the internet (hotels, guestnet style) Joe Abley (Dec 08)
- Re: Breaking the internet (hotels, guestnet style) Tony Finch (Dec 08)
- Re: Breaking the internet (hotels, guestnet style) Sean Donelan (Dec 08)
- Re: Breaking the internet (hotels, guestnet style) Owen DeLong (Dec 08)
- Re: Breaking the internet (hotels, guestnet style) Andrew Cox (Dec 08)
- Re: Breaking the internet (hotels, guestnet style) Michael Thomas (Dec 08)
- Re: Breaking the internet (hotels, guestnet style) Steven Bellovin (Dec 07)
- Re: Breaking the internet (hotels, guestnet style) Lou Katz (Dec 07)
- Re: Breaking the internet (hotels, guestnet style) Joel Esler (Dec 07)
- Re: Breaking the internet (hotels, guestnet style) John R. Levine (Dec 07)
- Re: Breaking the internet (hotels, guestnet style) Joel Esler (Dec 07)
- Re: Breaking the internet (hotels, guestnet style) Shane Ronan (Dec 08)
- Re: Breaking the internet (hotels, guestnet style) Paul Vixie (Dec 08)
- Re: Breaking the internet (hotels, guestnet style) Steven Bellovin (Dec 08)