[PLUG] Understanding Networking Components
Mike Connors
mconnors1 at gmail.com
Mon Apr 2 19:32:48 UTC 2012
>
> I just find it highly irregular that they would specify a DNS server that
> is external to the network, and then give a domain name that would require
> a call to that DNS server, before you are allowed to pass traffic through
> the gateway. These networks have to have their own DNS server, or at least
> a proxy DNS server to redirect traffic until you've accepted the T&C.
> Otherwise, the whole security model breaks down.
>
> Russel - This was my suspicion where things were breaking down too. But,
consider this. When Rich's DHCP client receives a quarantined ip addr from
the local subnet there's no tcp/ip communication per se. An DHCP request
goes out and then an ip address and additional info is assigned. At that
point a tcp/ip redirect should happen via the DHCP server on the WAP to
send any ip and/or http traffic to the captive portal page
But if the first ip packets from Rich's computer go out eth0, they will
never make in to the WAP DHSP server and be redirected to the captive
portal. It's possible, depending on how the captive portal works and how
it's configured that a call to an internal DNS server doesn't need to
happen.
I'm curious if Russell Senior or anyone else involved with Personal Telco
wifi ap setup can weigh in on how the the captive portal works for their
WAPs and if a local DNS call is made or not.
More information about the PLUG
mailing list