I have tested the current iOS 14 beta and confirmed that it is on by default for all networks Open, WPA2 and WPA2-EAP:
MAC Addresses are different per SSID
Address changes are scheduled every 12 hours
Address changes happen the next time a device reconnects to the network
“Forgetting” and rejoining changes the MAC address each time
It also means that each random MAC consumes a DHCP lease.
For Hotspots which rely on MAC it means that trial/free periods are reset easily or automatically and paid vouchers are either lost, marked for overuse or require the user to login again.
How is Mikrotik Hotspot affected by this change? Are there mitigations/configurations to ease network management and user headbashing?
It will see the IOS devices as a new device every time it changes its mac address.
So if you have some in your system that are dependent of the mac address, it will break.
That will be hostspot where you have whitelist mac, static IP for devices like i do ++
I did find this list:
1 Users are always in control - users can control enablement of the feature at any time for each network.
2 Addresses are generated randomly for every network
3 Addresses are not linked to your identity
4 Addresses are updated for all networks daily by the device, NO server is involved in address generation. Since addresses are generated randomly, it is very unlikely that two devices on the same network will generate the same address.
5 A new MAC will be used whenever a new address has been generated and the device re-joins the network
Users can see which MACs are generated for each network in the Wi-Fi scan list, even before joining the network
From number 2, it seems to be a unique MAC pr SSID (or network)
But from 4, it seem to change daily. So this will make a big mess.
For all network that using static IP, an IOS device will take one IP for each day. So if you have a 256 subnet, minus DG, SM etc it will take 250+ days for one ISO device to eat all DHCP leases in a C net when you use DHCP-> statci IP.
It will not break, iOS14 just says that private MAC could not be enabled, and continues to work as usual. There is graceful backwards compatibility for this feature, otherwise lot of stuff would break, not just for MikroTik users.
