Why is eduroam so bad

Overview

Eduroam (education roaming) is a global wireless network access service developed for the international research and education community. Launched in 2003 by TERENA (now GÉANT), it allows students, researchers, and staff from participating institutions to obtain internet connectivity across campus and when visiting other participating institutions. The service operates through a federation model where over 10,000 institutions worldwide maintain their own authentication infrastructure while adhering to common technical standards. Each institution manages its own wireless network infrastructure and user database, connecting through national roaming operators to the global eduroam infrastructure. This decentralized approach means quality and performance vary significantly between locations, with some institutions investing heavily in robust systems while others provide minimal support. The network has grown from a European research project to a global service spanning 106 countries, creating coordination challenges across different technical implementations and support cultures.

How It Works

Eduroam operates using IEEE 802.1X authentication with the RADIUS protocol. When a user attempts to connect, their device sends credentials to the local access point, which forwards them through a chain of RADIUS servers. First, the local institution's RADIUS server checks if the user belongs to that institution. If not, it forwards the request to the user's home institution's RADIUS server via national and international proxy servers. The home institution verifies the credentials using its authentication system (typically tied to institutional accounts) and returns an acceptance or rejection. Successful authentication grants network access with policies set by the visited institution. This complex routing can fail at multiple points: outdated certificates on RADIUS servers, misconfigured device settings, firewall restrictions, or synchronization issues between federation members. Each institution must maintain PKI certificates, configure RADIUS servers correctly, and ensure compatibility with diverse client devices and operating systems.

Why It Matters

Despite its flaws, eduroam remains crucial for academic mobility, enabling seamless connectivity for millions of students and researchers traveling between institutions. It eliminates the need for guest accounts and simplifies access at conferences, collaborations, and exchange programs. The service supports international research projects by providing reliable identity management across borders. For institutions, it reduces administrative overhead for managing visitor access while maintaining security through centralized authentication. However, the variability in implementation quality affects user experience, potentially hindering academic work when connectivity fails during critical moments like research presentations or remote collaborations. The network's continued expansion depends on addressing these reliability issues while maintaining its open, federated model that respects institutional autonomy.