Apple devices spoofing default gateway?

• Previous message (by thread): Apple devices spoofing default gateway?
• Next message (by thread): Apple devices spoofing default gateway?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu Mar 14, 2019 at 04:19:04PM -0500, Jimmy Hess wrote:
> Apple's Bonjour protocols include something called Apple Bonjour Sleep Proxy
> for Wake on Demand ---  When a device goes to sleep,  the Proxy that runs on
> various Apple devices is supposed to seize all the IP and MAC addresses that
> device had registered, so it can wait for an incoming TCP SYN, (and if one's
> received,  then signal the sleeping device to wake up and process the
> connection.)

That's a very interesting observation - when we talk to the users of the
Apple devices, they quite often say that the device was 'asleep' when it
was sending these 'spoofed' ARP responses.

> (Or perhaps they wanted to have a feature to let someone  AirPlay from a
> different VLAN than another device?)

Cisco Wireless does claim to have some features to 'help' Bonjour / mDNS
to work better. I wonder if one of those features is misbehaving.

Simon

• Previous message (by thread): Apple devices spoofing default gateway?
• Next message (by thread): Apple devices spoofing default gateway?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]