Main Nav

Is a frustrating topic for sure. Even if you have a good wireless guest network, many vendors/visitors and even some faculty/staff/students just prefer to pull their own devices out and use “their own WLAN” anywhere and everywhere- it’s just part of their lifestyle. And yes, frustratingly our friends at Verizon and AT&T who make these units increasingly cheaper could give a rip about interference or policy of the places the gadgets get used. My own rant: http://wirednot.wordpress.com/2013/02/25/mi-fi-not-kind-to-wi-fi/

 

Prevention is great if you can effectively spread the word, but the need to have a mitigation strategy is inevitable- as is the occasional scenario where a class or meeting (or stadium event) has its campus wireless crippled by people “bringin’ their own Wi-Fi”. Sadly. Our lot in life is to bear the criticism that the WLAN sucks when we’re simply a victim of physics, until we can deal with getting the devices eliminated.

 

The move to 5 GHz by more devices helps, but doesn’t eliminate the problem as some Mi-Fis are showing up in 5 GHz as well. To me, this is just one of the negative (to us in the Enterprise WLAN business) effects of the general consumerization of IT, and of WLAN specifically. There is no fix, there is no answer, so you need a strategy that combines:

 

·         Education- frequent and non-threatening messages of why these devices are problematic

·         Get partners- IT staff/Deans, etc  beyond the WLAN admins have to buy in and help with the message

·         Enforcement- when you can without obsessing about it

·         Tolerance- some you just have to let slide, either politically or because it’s just not worth the battle

 

And you have to be able to apply these in varying weights depending on the situation. Nothing with wireless is simple any more.

 

One man’s O-pinion.

 

Regards-

 

Lee Badman

 

 

 

 

Comments

Has anyone constructed a wired/wireless set of tools that will allow us to manually detect WiFi rogues and then disable their MAC addresses on the wired network?  I have Prime 1.3 running for APs so I can see the rogues but I don't know which wired port they are connected to.  
-Scott (we are the morlocks) Allen




Thanks for coming on-list for this Jim. It’s one of those “this is everybody’s problem” topics. Much appreciated.

 

-Lee

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jim Florwick (jiflorwi)
Sent: Thursday, January 09, 2014 10:09 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Myfi

 

Today the only solution that we have had any luck with is wireless policy and spreading the word.  It is an education problem – and the Carriers will likely start caring more as they themselves deploy more wi-fi and bear the burden of their creations.  If you publish a policy – it's a lot like posting a speed limit – no one cares until someone gets a ticket.  Policing the policy is an important part of the education process.  In annual events we sponsor and support we police this using system location and then Fluke AirChecks to triangulate and identify an individual in a crowd  (that's actually fun for me – but not as productive as running the network).  Year on year since we started implementing policies, we have seen an improvement.  It's often not worth trying to track the Mi–Fi's down now as they will be gone before you can get to them – and in reality the short time they are active doesn't really interfere all that much.  It is my hope that one day this is like recycling – and neighbors will council neighbors on social responsibility.

 

As far as blocking the MAC address – this is not possible as the Mi-Fi is not on your control plane – it is it's own Wlan and is not using your wired resources – just your spectrum.  You can try rogue containment – and we have – eventually users get frustrated and quit – however this is only practical at normal user volumes – large events you can't afford to waste spectrum by attacking rogues over the air.

 

Standards committees are well aware of the issue – but the hangup is that an IBSS or Mi-Fi is perfectly legal by the specification.  Some hope can be seen in the WFA's adoption of an Enterprise Voice Certification.  Perhaps one day we will have a consumer cert vs Enterprise Engineered cert – and hopefully a way to mandate what features are acceptable on a privately engineered enterprise network.

 

 

Jim Florwick

Cisco

TME WNG 

 

 

From: Scott Allen <scott@GEORGETOWN.EDU>
Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Date: Thursday, January 9, 2014 9:23 AM
To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] Myfi

 

Has anyone constructed a wired/wireless set of tools that will allow us to manually detect WiFi rogues and then disable their MAC addresses on the wired network?  I have Prime 1.3 running for APs so I can see the rogues but I don't know which wired port they are connected to.  

-Scott (we are the morlocks) Allen

 

 

 

This has been a great topic even if it we haven't resolved anything.  I still think a signed petition, like we did for Apple, might get someone's attention and get them to change their ways.  What kills me is that this channel 2 thing is not good for them either.  Our signals on 1 and 6 are interfering with them as well.  

I took a class with Dave Molta at SU a few years back and as part of that class we all had to do a project.  One group studied the effect of multiple APs sharing a channel vs two APs on adjacent channels.  They found that there wasn't a measurable difference in performance between multiple clients on one AP compared to those same clients across separate APs on the same channel.  Basically the clients follow the protocol and continue to do collision avoidance and stay out of each others way.  However, stick that second AP on an interfering channel and all clients suffered dramatically because at that point they are just noise to each other. 

I explained it to the end user with the My-fi like this:

If your My-Fi was on the same channel as one of our APs, i.e. 1,6,11 it would be like 4 people at a cocktail party hanging out and talking.  They would use social queues to figure out when to talk so that we were not talking over each other.  However, having the Mi-Fi on channel 2 would be like two of the people singing John Jacob Jingleheimer Schmidt at the top of their lungs 2 feet away while the other 2 continued to try and have a conversation.  They could still do it but it would far less then optimal.    

He seemed to be on-board with me changing his settings when I explained it that way.  At first he didn't want me messing with his My-Fi.  So I agree that education is our #1 tool for now.

BTW - Dave's class is excellent.  Easily in my top 2 of classes I took while at SU.

John


I did reach out to Novatel- got no response.

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of John Kaftan
Sent: Thursday, January 16, 2014 9:25 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Myfi

 

This has been a great topic even if it we haven't resolved anything.  I still think a signed petition, like we did for Apple, might get someone's attention and get them to change their ways.  What kills me is that this channel 2 thing is not good for them either.  Our signals on 1 and 6 are interfering with them as well.  

 

I took a class with Dave Molta at SU a few years back and as part of that class we all had to do a project.  One group studied the effect of multiple APs sharing a channel vs two APs on adjacent channels.  They found that there wasn't a measurable difference in performance between multiple clients on one AP compared to those same clients across separate APs on the same channel.  Basically the clients follow the protocol and continue to do collision avoidance and stay out of each others way.  However, stick that second AP on an interfering channel and all clients suffered dramatically because at that point they are just noise to each other. 

 

I explained it to the end user with the My-fi like this:

 

If your My-Fi was on the same channel as one of our APs, i.e. 1,6,11 it would be like 4 people at a cocktail party hanging out and talking.  They would use social queues to figure out when to talk so that we were not talking over each other.  However, having the Mi-Fi on channel 2 would be like two of the people singing John Jacob Jingleheimer Schmidt at the top of their lungs 2 feet away while the other 2 continued to try and have a conversation.  They could still do it but it would far less then optimal.    

 

He seemed to be on-board with me changing his settings when I explained it that way.  At first he didn't want me messing with his My-Fi.  So I agree that education is our #1 tool for now.

 

BTW - Dave's class is excellent.  Easily in my top 2 of classes I took while at SU.

 

John

 

###Start dream

One solution would be for 802.11 to enable a "Priority Infrastructure" flag that would be advertised as part of the 802.11 control frames
(each entity would have to apply for a PI identifier: large corporations, Universities, ...).
Individual Access-Points (like MiFi or home-AP) would have the option to acknowledge it or not.
This flag would force non-priority infrastructure devices to pick another channel when a PI frame is encountered, but it would be optional and enabled by default on most devices.
So, if you live in a house surrounded by too many "Priority Infrastructure", you can elect to not acknowledge the flag and live freely in Part15.
The PI would not be designed as an ultimate control mechanism, but as a "polite spectrum behavior".
This would be specifically designed for personal hotspots. 
This could also solve some of the "frictions" that Wi-Fi managers encounter on campus with devices that act as AP and are part of some
equipment. Sscientific equipment, printers, or stubborn professor that have their own APs would be great candidate for this!

802.11r and k help the management of clients, but I don't remember those helping the management of interferences between infrastructures.

Could this be added to 802.11f?

If not, let's name it 802.11pi ;-)

###end dream

Philippe

Philippe Hanset

 
On Jan 16, 2014, at 9:42 AM, Lee H Badman <lhbadman@SYR.EDU> wrote:

I did reach out to Novatel- got no response.
 
From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUOn Behalf Of John Kaftan
Sent: Thursday, January 16, 2014 9:25 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Myfi
 
This has been a great topic even if it we haven't resolved anything.  I still think a signed petition, like we did for Apple, might get someone's attention and get them to change their ways.  What kills me is that this channel 2 thing is not good for them either.  Our signals on 1 and 6 are interfering with them as well.  
 
I took a class with Dave Molta at SU a few years back and as part of that class we all had to do a project.  One group studied the effect of multiple APs sharing a channel vs two APs on adjacent channels.  They found that there wasn't a measurable difference in performance between multiple clients on one AP compared to those same clients across separate APs on the same channel.  Basically the clients follow the protocol and continue to do collision avoidance and stay out of each others way.  However, stick that second AP on an interfering channel and all clients suffered dramatically because at that point they are just noise to each other. 
 
I explained it to the end user with the My-fi like this:
 
If your My-Fi was on the same channel as one of our APs, i.e. 1,6,11 it would be like 4 people at a cocktail party hanging out and talking.  They would use social queues to figure out when to talk so that we were not talking over each other.  However, having the Mi-Fi on channel 2 would be like two of the people singing John Jacob Jingleheimer Schmidt at the top of their lungs 2 feet away while the other 2 continued to try and have a conversation.  They could still do it but it would far less then optimal.    
 
He seemed to be on-board with me changing his settings when I explained it that way.  At first he didn't want me messing with his My-Fi.  So I agree that education is our #1 tool for now.
 
BTW - Dave's class is excellent.  Easily in my top 2 of classes I took while at SU.
 
John

 

I got my hands on someone's Verizon Myfi today and it was set to Auto choose what channel to broadcast its SSID on.  The crazy thing chose channel 2!  It was putting out a pretty strong signal too.  I was seeing a -50 dB from 10 feet away.
 
To anyone else connected to channel 1 or 6 a signal on channel 2 is going to be noise, i.e. interference. 
 
When doing scans I have seen this before.  I have seen these things on every channel but 1,6,11 now that I think about it.
 
I logged into its web interface and was able to force it to use channel 1.  There is also an easy to use interface right on the device where I could chose the channel.
 
I'm just alarmed that these things choose non-standandard channels.  If 3-4  or more of these things show up in room hosting a conference we may have a real problem.  Its hard enough to put 120 laptops in a room and get them all on and happy let alone having these things out there.
 
I'm curious, does anybody police these devices at high density events or make an announcement requesting folks turn them off? I can't imagine these Myfis perform well in high density situations due to their competing for bandwidth on both 2.4 and cellular bands. 
 
Thanks

--
John Kaftan
IT Infrastructure Manager
Utica College

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

We too have seen this issue in our conference center and other functions that go on around campus. As for policing them, we have in the past tried to shut them down and had good luck in doing so. Once everyone in the room turned off their Myfi’s they started working again on the campus wireless network. The down fall is that once you cleared the room and all is good a new group of people lets out and more Myfi’s show up. It’s fighting a losing battle is you ask me. Best we can do is get the person or person’s running the event and educate them about the possible situations before the event takes place. With that said, I’m also curious how others handle this issue during their large venues. ‘

 

Thanks,

 

 

Mark G. Anthony

Network Administrator

Information Technology Services

The Florida State University

Email manthony@fsu.edu

 

 

 

Is a frustrating topic for sure. Even if you have a good wireless guest network, many vendors/visitors and even some faculty/staff/students just prefer to pull their own devices out and use “their own WLAN” anywhere and everywhere- it’s just part of their lifestyle. And yes, frustratingly our friends at Verizon and AT&T who make these units increasingly cheaper could give a rip about interference or policy of the places the gadgets get used. My own rant: http://wirednot.wordpress.com/2013/02/25/mi-fi-not-kind-to-wi-fi/

 

Prevention is great if you can effectively spread the word, but the need to have a mitigation strategy is inevitable- as is the occasional scenario where a class or meeting (or stadium event) has its campus wireless crippled by people “bringin’ their own Wi-Fi”. Sadly. Our lot in life is to bear the criticism that the WLAN sucks when we’re simply a victim of physics, until we can deal with getting the devices eliminated.

 

The move to 5 GHz by more devices helps, but doesn’t eliminate the problem as some Mi-Fis are showing up in 5 GHz as well. To me, this is just one of the negative (to us in the Enterprise WLAN business) effects of the general consumerization of IT, and of WLAN specifically. There is no fix, there is no answer, so you need a strategy that combines:

 

·         Education- frequent and non-threatening messages of why these devices are problematic

·         Get partners- IT staff/Deans, etc  beyond the WLAN admins have to buy in and help with the message

·         Enforcement- when you can without obsessing about it

·         Tolerance- some you just have to let slide, either politically or because it’s just not worth the battle

 

And you have to be able to apply these in varying weights depending on the situation. Nothing with wireless is simple any more.

 

One man’s O-pinion.

 

Regards-

 

Lee Badman

 

 

 

 

Has anyone constructed a wired/wireless set of tools that will allow us to manually detect WiFi rogues and then disable their MAC addresses on the wired network?  I have Prime 1.3 running for APs so I can see the rogues but I don't know which wired port they are connected to.  
-Scott (we are the morlocks) Allen




Message from jiflorwi@cisco.com

Today the only solution that we have had any luck with is wireless policy and spreading the word.  It is an education problem – and the Carriers will likely start caring more as they themselves deploy more wi-fi and bear the burden of their creations.  If you publish a policy – it's a lot like posting a speed limit – no one cares until someone gets a ticket.  Policing the policy is an important part of the education process.  In annual events we sponsor and support we police this using system location and then Fluke AirChecks to triangulate and identify an individual in a crowd  (that's actually fun for me – but not as productive as running the network).  Year on year since we started implementing policies, we have seen an improvement.  It's often not worth trying to track the Mi–Fi's down now as they will be gone before you can get to them – and in reality the short time they are active doesn't really interfere all that much.  It is my hope that one day this is like recycling – and neighbors will council neighbors on social responsibility.

As far as blocking the MAC address – this is not possible as the Mi-Fi is not on your control plane – it is it's own Wlan and is not using your wired resources – just your spectrum.  You can try rogue containment – and we have – eventually users get frustrated and quit – however this is only practical at normal user volumes – large events you can't afford to waste spectrum by attacking rogues over the air.

Standards committees are well aware of the issue – but the hangup is that an IBSS or Mi-Fi is perfectly legal by the specification.  Some hope can be seen in the WFA's adoption of an Enterprise Voice Certification.  Perhaps one day we will have a consumer cert vs Enterprise Engineered cert – and hopefully a way to mandate what features are acceptable on a privately engineered enterprise network.


Jim Florwick
Cisco
TME WNG 


From: Scott Allen <scott@GEORGETOWN.EDU>
Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Date: Thursday, January 9, 2014 9:23 AM
To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] Myfi

Has anyone constructed a wired/wireless set of tools that will allow us to manually detect WiFi rogues and then disable their MAC addresses on the wired network?  I have Prime 1.3 running for APs so I can see the rogues but I don't know which wired port they are connected to.  
-Scott (we are the morlocks) Allen




Thanks for coming on-list for this Jim. It’s one of those “this is everybody’s problem” topics. Much appreciated.

 

-Lee

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jim Florwick (jiflorwi)
Sent: Thursday, January 09, 2014 10:09 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Myfi

 

Today the only solution that we have had any luck with is wireless policy and spreading the word.  It is an education problem – and the Carriers will likely start caring more as they themselves deploy more wi-fi and bear the burden of their creations.  If you publish a policy – it's a lot like posting a speed limit – no one cares until someone gets a ticket.  Policing the policy is an important part of the education process.  In annual events we sponsor and support we police this using system location and then Fluke AirChecks to triangulate and identify an individual in a crowd  (that's actually fun for me – but not as productive as running the network).  Year on year since we started implementing policies, we have seen an improvement.  It's often not worth trying to track the Mi–Fi's down now as they will be gone before you can get to them – and in reality the short time they are active doesn't really interfere all that much.  It is my hope that one day this is like recycling – and neighbors will council neighbors on social responsibility.

 

As far as blocking the MAC address – this is not possible as the Mi-Fi is not on your control plane – it is it's own Wlan and is not using your wired resources – just your spectrum.  You can try rogue containment – and we have – eventually users get frustrated and quit – however this is only practical at normal user volumes – large events you can't afford to waste spectrum by attacking rogues over the air.

 

Standards committees are well aware of the issue – but the hangup is that an IBSS or Mi-Fi is perfectly legal by the specification.  Some hope can be seen in the WFA's adoption of an Enterprise Voice Certification.  Perhaps one day we will have a consumer cert vs Enterprise Engineered cert – and hopefully a way to mandate what features are acceptable on a privately engineered enterprise network.

 

 

Jim Florwick

Cisco

TME WNG 

 

 

From: Scott Allen <scott@GEORGETOWN.EDU>
Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Date: Thursday, January 9, 2014 9:23 AM
To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] Myfi

 

Has anyone constructed a wired/wireless set of tools that will allow us to manually detect WiFi rogues and then disable their MAC addresses on the wired network?  I have Prime 1.3 running for APs so I can see the rogues but I don't know which wired port they are connected to.  

-Scott (we are the morlocks) Allen

 

 

 

Agreed. Both Jim and Lee hit the nail on the head. 
It sounds obvious, but for me what has really helped most, is education. Creating a sense of "ownership" of the service for building occupants goes a long way.

Mike

-----The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> wrote: -----

To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
From: Lee H Badman <lhbadman@SYR.EDU>
Sent by: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Date: 01/09/2014 08:54AM
Subject: Re: [WIRELESS-LAN] Myfi

Thanks for coming on-list for this Jim. It’s one of those “this is everybody’s problem” topics. Much appreciated.

 

-Lee

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jim Florwick (jiflorwi)
Sent: Thursday, January 09, 2014 10:09 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Myfi

 

Today the only solution that we have had any luck with is wireless policy and spreading the word.  It is an education problem – and the Carriers will likely start caring more as they themselves deploy more wi-fi and bear the burden of their creations.  If you publish a policy – it's a lot like posting a speed limit – no one cares until someone gets a ticket.  Policing the policy is an important part of the education process.  In annual events we sponsor and support we police this using system location and then Fluke AirChecks to triangulate and identify an individual in a crowd  (that's actually fun for me – but not as productive as running the network).  Year on year since we started implementing policies, we have seen an improvement.  It's often not worth trying to track the Mi–Fi's down now as they will be gone before you can get to them – and in reality the short time they are active doesn't really interfere all that much.  It is my hope that one day this is like recycling – and neighbors will council neighbors on social responsibility.

 

As far as blocking the MAC address – this is not possible as the Mi-Fi is not on your control plane – it is it's own Wlan and is not using your wired resources – just your spectrum.  You can try rogue containment – and we have – eventually users get frustrated and quit – however this is only practical at normal user volumes – large events you can't afford to waste spectrum by attacking rogues over the air.

 

Standards committees are well aware of the issue – but the hangup is that an IBSS or Mi-Fi is perfectly legal by the specification.  Some hope can be seen in the WFA's adoption of an Enterprise Voice Certification.  Perhaps one day we will have a consumer cert vs Enterprise Engineered cert – and hopefully a way to mandate what features are acceptable on a privately engineered enterprise network.

 

 

Jim Florwick

Cisco

TME WNG 

 

 

From: Scott Allen <scott@GEORGETOWN.EDU >
Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv < WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Date: Thursday, January 9, 2014 9:23 AM
To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU " <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU >
Subject: Re: [WIRELESS-LAN] Myfi

 

Has anyone constructed a wired/wireless set of tools that will allow us to manually detect WiFi rogues and then disable their MAC addresses on the wired network?  I have Prime 1.3 running for APs so I can see the rogues but I don't know which wired port they are connected to.  

-Scott (we are the morlocks) Allen

 

 

 

Ajay,

 

There is a lot of discussion on Educause list about interference from Myfi devices from AT&T and Verizon.  Can we check to see of we can somehouse cause the MyWi devices to switch to another channel than the one we are using?  We can make a huge marketing windfall from this.  Others use all the channels and cannot do this.

 

Best,

 

Manish

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jim Florwick (jiflorwi)
Sent: Thursday, January 09, 2014 7:09 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Myfi

 

Today the only solution that we have had any luck with is wireless policy and spreading the word.  It is an education problem – and the Carriers will likely start caring more as they themselves deploy more wi-fi and bear the burden of their creations.  If you publish a policy – it's a lot like posting a speed limit – no one cares until someone gets a ticket.  Policing the policy is an important part of the education process.  In annual events we sponsor and support we police this using system location and then Fluke AirChecks to triangulate and identify an individual in a crowd  (that's actually fun for me – but not as productive as running the network).  Year on year since we started implementing policies, we have seen an improvement.  It's often not worth trying to track the Mi–Fi's down now as they will be gone before you can get to them – and in reality the short time they are active doesn't really interfere all that much.  It is my hope that one day this is like recycling – and neighbors will council neighbors on social responsibility.

 

As far as blocking the MAC address – this is not possible as the Mi-Fi is not on your control plane – it is it's own Wlan and is not using your wired resources – just your spectrum.  You can try rogue containment – and we have – eventually users get frustrated and quit – however this is only practical at normal user volumes – large events you can't afford to waste spectrum by attacking rogues over the air.

 

Standards committees are well aware of the issue – but the hangup is that an IBSS or Mi-Fi is perfectly legal by the specification.  Some hope can be seen in the WFA's adoption of an Enterprise Voice Certification.  Perhaps one day we will have a consumer cert vs Enterprise Engineered cert – and hopefully a way to mandate what features are acceptable on a privately engineered enterprise network.

 

 

Jim Florwick

Cisco

TME WNG 

 

 

From: Scott Allen <scott@GEORGETOWN.EDU>
Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Date: Thursday, January 9, 2014 9:23 AM
To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] Myfi

 

Has anyone constructed a wired/wireless set of tools that will allow us to manually detect WiFi rogues and then disable their MAC addresses on the wired network?  I have Prime 1.3 running for APs so I can see the rogues but I don't know which wired port they are connected to.  

-Scott (we are the morlocks) Allen

 

 

 

Sorry for blasting the group.  This email was meant for internal consumption.  My apologies.

 

Best,

 

Manish

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Manish Rai
Sent: Thursday, January 09, 2014 2:03 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Myfi

 

Ajay,

 

There is a lot of discussion on Educause list about interference from Myfi devices from AT&T and Verizon.  Can we check to see of we can somehouse cause the MyWi devices to switch to another channel than the one we are using?  We can make a huge marketing windfall from this.  Others use all the channels and cannot do this.

 

Best,

 

Manish

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jim Florwick (jiflorwi)
Sent: Thursday, January 09, 2014 7:09 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Myfi

 

Today the only solution that we have had any luck with is wireless policy and spreading the word.  It is an education problem – and the Carriers will likely start caring more as they themselves deploy more wi-fi and bear the burden of their creations.  If you publish a policy – it's a lot like posting a speed limit – no one cares until someone gets a ticket.  Policing the policy is an important part of the education process.  In annual events we sponsor and support we police this using system location and then Fluke AirChecks to triangulate and identify an individual in a crowd  (that's actually fun for me – but not as productive as running the network).  Year on year since we started implementing policies, we have seen an improvement.  It's often not worth trying to track the Mi–Fi's down now as they will be gone before you can get to them – and in reality the short time they are active doesn't really interfere all that much.  It is my hope that one day this is like recycling – and neighbors will council neighbors on social responsibility.

 

As far as blocking the MAC address – this is not possible as the Mi-Fi is not on your control plane – it is it's own Wlan and is not using your wired resources – just your spectrum.  You can try rogue containment – and we have – eventually users get frustrated and quit – however this is only practical at normal user volumes – large events you can't afford to waste spectrum by attacking rogues over the air.

 

Standards committees are well aware of the issue – but the hangup is that an IBSS or Mi-Fi is perfectly legal by the specification.  Some hope can be seen in the WFA's adoption of an Enterprise Voice Certification.  Perhaps one day we will have a consumer cert vs Enterprise Engineered cert – and hopefully a way to mandate what features are acceptable on a privately engineered enterprise network.

 

 

Jim Florwick

Cisco

TME WNG 

 

 

From: Scott Allen <scott@GEORGETOWN.EDU>
Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Date: Thursday, January 9, 2014 9:23 AM
To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] Myfi

 

Has anyone constructed a wired/wireless set of tools that will allow us to manually detect WiFi rogues and then disable their MAC addresses on the wired network?  I have Prime 1.3 running for APs so I can see the rogues but I don't know which wired port they are connected to.  

-Scott (we are the morlocks) Allen

 

 

 

Fix the Mi-Fi situation and all will be forgiven. How one wireless technology sector can be so clueless about the issues they cause for another is confounding.

See if you can get a sticker put on the devices that say "These aren't exactly welcome everywhere" for bonus points.

:)

Lee Badman
Network Architect/Wireless TME
ITS, Syracuse University
315.443.3003

-----Original Message-----
From: Manish Rai [mrai@MERUNETWORKS.COM]
Received: Thursday, 09 Jan 2014, 17:07
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU [WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU]
Subject: Re: [WIRELESS-LAN] Myfi

Sorry for blasting the group.  This email was meant for internal consumption.  My apologies.

 

Best,

 

Manish

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Manish Rai
Sent: Thursday, January 09, 2014 2:03 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Myfi

 

Ajay,

 

There is a lot of discussion on Educause list about interference from Myfi devices from AT&T and Verizon.  Can we check to see of we can somehouse cause the MyWi devices to switch to another channel than the one we are using?  We can make a huge marketing windfall from this.  Others use all the channels and cannot do this.

 

Best,

 

Manish

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Jim Florwick (jiflorwi)
Sent: Thursday, January 09, 2014 7:09 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Myfi

 

Today the only solution that we have had any luck with is wireless policy and spreading the word.  It is an education problem – and the Carriers will likely start caring more as they themselves deploy more wi-fi and bear the burden of their creations.  If you publish a policy – it's a lot like posting a speed limit – no one cares until someone gets a ticket.  Policing the policy is an important part of the education process.  In annual events we sponsor and support we police this using system location and then Fluke AirChecks to triangulate and identify an individual in a crowd  (that's actually fun for me – but not as productive as running the network).  Year on year since we started implementing policies, we have seen an improvement.  It's often not worth trying to track the Mi–Fi's down now as they will be gone before you can get to them – and in reality the short time they are active doesn't really interfere all that much.  It is my hope that one day this is like recycling – and neighbors will council neighbors on social responsibility.

 

As far as blocking the MAC address – this is not possible as the Mi-Fi is not on your control plane – it is it's own Wlan and is not using your wired resources – just your spectrum.  You can try rogue containment – and we have – eventually users get frustrated and quit – however this is only practical at normal user volumes – large events you can't afford to waste spectrum by attacking rogues over the air.

 

Standards committees are well aware of the issue – but the hangup is that an IBSS or Mi-Fi is perfectly legal by the specification.  Some hope can be seen in the WFA's adoption of an Enterprise Voice Certification.  Perhaps one day we will have a consumer cert vs Enterprise Engineered cert – and hopefully a way to mandate what features are acceptable on a privately engineered enterprise network.

 

 

Jim Florwick

Cisco

TME WNG 

 

 

From: Scott Allen <scott@GEORGETOWN.EDU>
Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Date: Thursday, January 9, 2014 9:23 AM
To: "WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: Re: [WIRELESS-LAN] Myfi

 

Has anyone constructed a wired/wireless set of tools that will allow us to manually detect WiFi rogues and then disable their MAC addresses on the wired network?  I have Prime 1.3 running for APs so I can see the rogues but I don't know which wired port they are connected to.  

-Scott (we are the morlocks) Allen

 

 

 

Could a complaint to the FCC help?  Has anyone tried that?  Remember how we signed a petition for Apple to get their act together about a year ago?  Maybe if we all bombarded the FCC about this issue they would find the teeth to go after Verizon and ATT et al.

I know.  I am a dreamer...but I'm not the only one....


It’s worth a shot, but they’re not “technically” doing anything wrong.

 

 

Tim Cappalli  |  ACCP /  ACMP /  CCNA
Network Engineer  |  Brandeis University
cappalli@brandeis.edu | (617) 701-7149

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of John Kaftan
Sent: Friday, January 10, 2014 12:00 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Myfi

 

Could a complaint to the FCC help?  Has anyone tried that?  Remember how we signed a petition for Apple to get their act together about a year ago?  Maybe if we all bombarded the FCC about this issue they would find the teeth to go after Verizon and ATT et al.

I know.  I am a dreamer...but I'm not the only one....

 

I agree with Tim- FCC won’t give a rip. Peppering the landscape with WLAN channel 2 isn’t illegal, just idiotic.

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Tim Cappalli
Sent: Friday, January 10, 2014 8:13 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Myfi

 

It’s worth a shot, but they’re not “technically” doing anything wrong.

 

 

Tim Cappalli  |  ACCP /  ACMP /  CCNA
Network Engineer  |  Brandeis University
cappalli@brandeis.edu | (617) 701-7149

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of John Kaftan
Sent: Friday, January 10, 2014 12:00 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Myfi

 

Could a complaint to the FCC help?  Has anyone tried that?  Remember how we signed a petition for Apple to get their act together about a year ago?  Maybe if we all bombarded the FCC about this issue they would find the teeth to go after Verizon and ATT et al.

I know.  I am a dreamer...but I'm not the only one....

 

This reminds me of that guy on the cell phone, talking loud, spoiling the meal/ride/etc for everyone in the restaurant/train/(plane?). Boorish behavior is not illegal. Although in the case of myfi, I think the users sometimes have no clue about the impact of the device. The vendors of products who use the in-between channels have no excuse though.

 

Pete Morrissey

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Lee H Badman
Sent: Friday, January 10, 2014 8:27 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Myfi

 

I agree with Tim- FCC won’t give a rip. Peppering the landscape with WLAN channel 2 isn’t illegal, just idiotic.

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Tim Cappalli
Sent: Friday, January 10, 2014 8:13 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Myfi

 

It’s worth a shot, but they’re not “technically” doing anything wrong.

 

 

Tim Cappalli  |  ACCP /  ACMP /  CCNA
Network Engineer  |  Brandeis University
cappalli@brandeis.edu | (617) 701-7149

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of John Kaftan
Sent: Friday, January 10, 2014 12:00 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Myfi

 

Could a complaint to the FCC help?  Has anyone tried that?  Remember how we signed a petition for Apple to get their act together about a year ago?  Maybe if we all bombarded the FCC about this issue they would find the teeth to go after Verizon and ATT et al.

I know.  I am a dreamer...but I'm not the only one....

 

Personally I think an opportunity was missed to drop support for overlapping channels in 11ac, at least on the AP side. It would be a nice motivator to deny them the biggest wifi certification sticker yet if they keep doing braindead things like default to channel 2. Frank Sweetser fs at wpi.edu | For every problem, there is a solution that Manager of Network Operations | is simple, elegant, and wrong. Worcester Polytechnic Institute | - HL Mencken On 01/10/2014 08:27 AM, Lee H Badman wrote: > I agree with Tim- FCC won’t give a rip. Peppering the landscape with WLAN > channel 2 isn’t illegal, just idiotic. > > *From:*The EDUCAUSE Wireless Issues Constituent Group Listserv > [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Tim Cappalli > *Sent:* Friday, January 10, 2014 8:13 AM > *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > *Subject:* Re: [WIRELESS-LAN] Myfi > > It’s worth a shot, but they’re not “technically” doing anything wrong. > > ** > > *Tim Cappalli* | ACCP / ACMP / CCNA > Network Engineer | Brandeis University > cappalli@brandeis.edu | (617) 701-7149 > > *From:*The EDUCAUSE Wireless Issues Constituent Group Listserv > [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > ] *On Behalf Of *John Kaftan > *Sent:* Friday, January 10, 2014 12:00 AM > *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU > > *Subject:* Re: [WIRELESS-LAN] Myfi > > Could a complaint to the FCC help? Has anyone tried that? Remember how we > signed a petition for Apple to get their act together about a year ago? Maybe > if we all bombarded the FCC about this issue they would find the teeth to go > after Verizon and ATT et al. > > I know. I am a dreamer...but I'm not the only one.... > >
Only supporting 5GHz channels did eliminate the overlapping issue for 802.11ac clients. (s) Now if we can just fix this backwards compatibility issue they keep forcing on us with each standards refresh. (/s)

Though in all seriousness, making 5GHz non-optional will be one of the improvements that benefits large Wi-Fi networks the devices adopt it and as users go through their normal tech refresh cycle. It is much easier to recommend someone makes sure that their device supports 802.11ac, than it has been to try to explain to them the difference between an 802.11n device and a 5GHz capable 5GHz device.

As Cliff Skolnick said in 2011: "2.4GHz is dead to me." I just hope we get a few more years out of 5GHz before it gets as bad.

-Luke 


This has been a great topic even if it we haven't resolved anything.  I still think a signed petition, like we did for Apple, might get someone's attention and get them to change their ways.  What kills me is that this channel 2 thing is not good for them either.  Our signals on 1 and 6 are interfering with them as well.  

I took a class with Dave Molta at SU a few years back and as part of that class we all had to do a project.  One group studied the effect of multiple APs sharing a channel vs two APs on adjacent channels.  They found that there wasn't a measurable difference in performance between multiple clients on one AP compared to those same clients across separate APs on the same channel.  Basically the clients follow the protocol and continue to do collision avoidance and stay out of each others way.  However, stick that second AP on an interfering channel and all clients suffered dramatically because at that point they are just noise to each other. 

I explained it to the end user with the My-fi like this:

If your My-Fi was on the same channel as one of our APs, i.e. 1,6,11 it would be like 4 people at a cocktail party hanging out and talking.  They would use social queues to figure out when to talk so that we were not talking over each other.  However, having the Mi-Fi on channel 2 would be like two of the people singing John Jacob Jingleheimer Schmidt at the top of their lungs 2 feet away while the other 2 continued to try and have a conversation.  They could still do it but it would far less then optimal.    

He seemed to be on-board with me changing his settings when I explained it that way.  At first he didn't want me messing with his My-Fi.  So I agree that education is our #1 tool for now.

BTW - Dave's class is excellent.  Easily in my top 2 of classes I took while at SU.

John


I did reach out to Novatel- got no response.

 

From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of John Kaftan
Sent: Thursday, January 16, 2014 9:25 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Myfi

 

This has been a great topic even if it we haven't resolved anything.  I still think a signed petition, like we did for Apple, might get someone's attention and get them to change their ways.  What kills me is that this channel 2 thing is not good for them either.  Our signals on 1 and 6 are interfering with them as well.  

 

I took a class with Dave Molta at SU a few years back and as part of that class we all had to do a project.  One group studied the effect of multiple APs sharing a channel vs two APs on adjacent channels.  They found that there wasn't a measurable difference in performance between multiple clients on one AP compared to those same clients across separate APs on the same channel.  Basically the clients follow the protocol and continue to do collision avoidance and stay out of each others way.  However, stick that second AP on an interfering channel and all clients suffered dramatically because at that point they are just noise to each other. 

 

I explained it to the end user with the My-fi like this:

 

If your My-Fi was on the same channel as one of our APs, i.e. 1,6,11 it would be like 4 people at a cocktail party hanging out and talking.  They would use social queues to figure out when to talk so that we were not talking over each other.  However, having the Mi-Fi on channel 2 would be like two of the people singing John Jacob Jingleheimer Schmidt at the top of their lungs 2 feet away while the other 2 continued to try and have a conversation.  They could still do it but it would far less then optimal.    

 

He seemed to be on-board with me changing his settings when I explained it that way.  At first he didn't want me messing with his My-Fi.  So I agree that education is our #1 tool for now.

 

BTW - Dave's class is excellent.  Easily in my top 2 of classes I took while at SU.

 

John

 

Close
Close


Annual Conference
September 29–October 2
Register Now!

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.

Close

Digital Badges
Member recognition effort
Earn yours >

Career Center


Leadership and Management Programs

EDUCAUSE Institute
Project Management

 

 

Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.

 

Close
EDUCAUSE organizes its efforts around three IT Focus Areas

 

 

Join These Programs If Your Focus Is

Close

Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
 

 

Close

2014 Strategic Priorities

  • Building the Profession
  • IT as a Game Changer
  • Foundations


Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.