Hi, I am using the latest hostapd pulled from git. I am seeing issues exchanging the PMKR1 keys. Configured 2 APs in PSK. The 11r configuration for APs are AP1 ======= mobility_domain=1234 r1_key_holder=00904C2BE631 r1kh=00:90:4C:2B:E6:2A 00:90:4C:2B:E6:2A 3031323334353637383961626364656630313233343536373839616263646566 echo r0kh=00:90:4C:2B:E6:2A abc123 3031323334353637383961626364656630313233343536373839616263646566 pmk_r1_push=1 nas_identifier=abc123 AP2 ======== mobility_domain=1234 r1_key_holder=00904C2BE62A r1kh=00:90:4C:2B:E6:31 00:90:4C:2B:E6:31 3031323334353637383961626364656630313233343536373839616263646566 r0kh=00:90:4C:2B:E6:31 abc123 3031323334353637383961626364656630313233343536373839616263646566 pmk_r1_push=1 nas_identifier=abc123 I have configured same nas identifier in both APs and configure r0kh for AP1 as AP2 and viceversa. Similarly each other is configured for r1. If station associates to AP1 it would send the PMKR1 to AP2 and vice versa. The PMKR1 are never stored. Below is the log. It says possibly invalid sequence number. Is there something which I am missing in the configuration. Looks like the sequence number are not being synchronized. After this if I try to roam station to AP2, the roam fails since the PMKR0 name is not found on AP2. Any inputs on why this could be failing. # 177.589774: l2_packet_receive: src=00:90:4c:2b:e6:31 len=188 177.590382: FT: RRB received packet 00:90:4c:2b:e6:31 -> 00:90:4c:2b:e6:2a 177.590883: FT: RRB-OUI received frame from remote AP 00:90:4c:2b:e6:31 177.590893: FT: RRB-OUI frame - oui_suffix=3 177.590900: FT: wpa_ft_rrb_oui_rx:4422 received rrb rx push no defer 0 177.591851: FT: Received PMK-R1 push 177.592345: FT: R0KH-ID - hexdump(len=6): 61 62 63 31 32 33 177.592357: FT: R1KH-ID=00:90:4c:2b:e6:2a 177.592867: FT: sequence number - hexdump(len=12): 4d 7a 67 16 f9 63 81 59 c6 00 00 00 177.592891: FT: Possibly invalid sequence number in push from 00:90:4c:2b:e6:31 177.592910: FT(RRB): decrypt using key - hexdump(len=32): 30 31 32 33 34 35 36 37 38 39 61 62 63 64 65 66 30 31 32 33 34 35 36 37 38 39 61 62 63 64 65 66 177.594296: Get randomness: len=16 entropy=0 177.594842: FT: wpa_ft_rrb_build:541 encrypt only plain text 177.594852: FT(RRB): plaintext message - hexdump(len=0): 177.594859: FT(RRB): encrypt using key - hexdump(len=32): 30 31 32 33 34 35 36 37 38 39 61 62 63 64 65 66 30 31 32 33 34 35 36 37 38 39 61 62 63 64 65 66 177.594914: FT: RRB-OUI type 4 send to 00:90:4c:2b:e6:31 177.940111: l2_packet_receive: src=00:90:4c:2b:e6:31 len=94 177.940150: FT: RRB received packet 00:90:4c:2b:e6:31 -> 00:90:4c:2b:e6:2a 177.940161: FT: RRB-OUI received frame from remote AP 00:90:4c:2b:e6:31 177.940169: FT: RRB-OUI frame - oui_suffix=5 177.940175: FT: Received sequence number response 177.940208: FT: seq - local R0KH-ID and R1KH-ID Thanks & Regards, Kiran _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
