Princeton University Identifies iPad DHCP Flaw
Princeton University’s Office of Information Technology has posted a document describing networking problems suffered by roughly half of the 40 iPads on campus. The problem isn’t so much experienced by the iPad as caused by it – here’s what’s happening. (Since I initially wrote this article, I’ve heard of other sites experiencing the problem, including the University of Washington and George Washington University.)
The iPad uses DHCP (Dynamic Host Configuration Protocol) client software (in the iPhone OS) to request network configuration information – most notably an IP address – from a DHCP server. That IP address is typically “leased” to the DHCP client for a period of time; once that lease expires, if the DHCP client is still online, it asks to renew the lease and retain its IP address. If the client is not online when the lease expires, the DHCP server is free to assign that IP address to another device. When the DHCP client returns to the network, it requests and receives a new IP address.
The problem seems to be that the iPad, in some situations, is failing to renew its DHCP lease but continuing to use the previously assigned IP address. Because the lease wasn’t renewed, the DHCP server believes it is free to reassign the IP address. If that IP address is reassigned to another device while the iPad continues to use it, both devices end up using the same IP address, which can cause loss of network connectivity, confusing dialogs as operating systems attempt to handle the error condition, and more.
Princeton is working with Apple to resolve the problem, which is believed to lie with the DHCP client in iPhone OS 3.2, and which should be easy to fix with an update to that version of the iPhone OS. In the meantime, Princeton recommends that iPad users not connect to the campus network because if an iPad malfunctions, it may need to be blocked to prevent it from causing problems for other network users.
Who’s likely to experience this problem? Primarily institutions with large networks that rely on DHCP for a constantly changing collection of network devices. Home users and those with small networks aren’t nearly as likely to experience IP address collisions due to this problem.
If you do run into this problem on a small network you control, there are a variety of possible solutions:
- Assign a static IP address to your iPad and configure your DHCP server to avoid handing out that address to other devices. This fix isn’t feasible on a large network with a lot of devices because it requires too much manual intervention.
- Configure your DHCP server to reserve a particular IP address for your iPad. I tried this in AirPort Utility using the client ID approach to identifying the iPad, but it didn’t work; it’s possible the MAC address approach would work better. This approach also requires too much manual intervention to be useful on a larger network.
- Set a very long DHCP lease time so the DHCP server is much less likely to reassign the iPad’s IP address to another device. Trying this on a large network would likely tie up too many IP addresses that weren’t actually in use or require the use of NAT.
It is worth noting that, despite a quote in The Daily Princetonian article linked above, this DHCP problem is almost certainly unrelated to the Wi-Fi problems that have plagued some iPad users (see “Some iPad Users Suffer Wi-Fi Woes,” 6 April 2010).
Nevertheless, here’s hoping that Apple fixes this problem soon, not because it’s necessarily causing all that much trouble even for large networks, but because it would be a shame if the iPad garnered a bad reputation among network managers based on what should be an easily fixed bug, given that DHCP is a long-established standard.
On the iPhone, there is a "Renew Lease" button. One can also press the "Forget Network" button and re-establish a new Wifi connection.
I don't have an iPad (yet) but I am wondering if these suggestions could work.
Renewing the lease would certainly work, but only if the iPad user realizes that he or she is the problem. Presumably the iPad continues to work in most cases, causing the problem for the other device, so there's no way for the user to know to renew the lease manually.
How can you even set the Client ID on the iPad?
MAC locking does work on my Time Capsule.
There's a client ID field in the DHCP view on the iPad. What I don't know offhand is how to find the MAC address; it doesn't seem to be listed anywhere obvious (though I'm sure I could sniff it with some external tool).
Just like on other iPhone OS devices: Settings, About, Wi-Fi Address.
Ah, Settings > General > About > Wi-Fi Address...
And here I was looking in Settings > Wi-Fi.
most of us should remember that this is not likely affecting the problems of most home users, like me. I have problems with wifi disappearing, sometimes asking for re-entry of password. Attempting to reconnect or forget then join again eventually works with no need for actually re-entering the password ....
I hope Apple fixes this fast! Functional but annoying!
Thank you tidbits for all you provide.
We're seeing the same issue on the UW campus.
Re: iPad clientid: it seems to match what you name your device the first time you connect your iPad to iTunes (and presumably changes there will propagate).
Well that's odd - I wonder why they provide a Client ID field, if they're picking up the client ID from the iPad's name.
Oddly enough, I think this explains problems I had when I added my iPad to my home airport extreme network which includes 3 macs, 3 squeezeboxes, squeeze controller, and a tivo. The iPad brought down the network connections for our iMac, and 2 squeezeboxes. I'm still trying to recover.
The iPad lost its IP address. I renewed the DHCP lease a few times on the iPad, and it successively lost the address moments later. I had to set a manual address for the iPad, and have not had problems since. 2 squeezeboxes returned to the network when the lease ran out, and i'm still trying to reconnect the controller.
I thought the whole thing was mysterious, but related to the iPad. Glad to hear that I'm not crazy, and it's not the airport extreme! I thought I had more troubleshooting ahead. I'm looking forward to a fix. I had planned on setting everything that would be stable in the house to a static address.
I "grew up" on the Internet with static IPs (for my first Internet connection at home, I had my own Class C) so I like static, or at least DHCP reserved, IP addresses for things that aren't moving.
The only trick is making sure that the DHCP pool doesn't include the addresses you want to be static.
How can you say this likely affects "Primarily institutions with large networks ..."?
Doesn't any wi-fi network which uses DHCP (most home wi-fi networks use DHCP by default) will experience this problem if one uses an iPad on it for longer than the lease period?
It sounds like an attempt to minimize the problem.
It sounds like you're making some assumptions. Most home networks and many default setups for small office networks don't recycle DHCP leases that often unless you've specifically changed the numbers, if the router offers that option.
When a lease period is up, some routers simply assign the same address again, too.
Most home networks using DHCP won't have new devices coming on frequently (and thus duplicating the IP address) - it's just a matter of large networks getting a lot of usage from a lot of devices.
How do you explain Paulo's (see above) experience then? Do you suspect he has an atypical setup?
He might have set the DHCP lease time quite short; he has a lot of devices; or his particular iPad is possessed.
Some of the iPad network behavior sounds downright mystical.
Do you know anyone else with three Squeezeboxes? :-) I'm not saying that this problem can't affect a small network; I'm just saying that it's much less likely to affect the standard small network due to the small number of devices and the likelihood that they wouldn't be hopping on and off the network constantly.
Most home networks also have DHCP IP pools much larger than the number of devices they ever see. In contrast, many large sites see more devices over time than they have IP addresses, so IP reuse by another device is common.
At the recent National Association of Broadcasters convention in Las Vegas I was never able to connect to their open wi-fi with my iPod Touch. I asked around and found that other iPod/Phone and iPad users were also having problems. I could get the wi-fi link but never got an IP address. I have also experienced this from time to time elsewhere with the Touch.
Just makes me wonder if any of these things are related...
I wouldn't think so, just from the way Princeton describes the iPad problem, but you never know.
Princeton has now posted a page with some suggested (but awkward) workarounds.