Search Linux Wireless

RE: ARP dropped during WPA handshake

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


> > > During the initial WPA handshake the connection is not fully set up,
> > > and so no general traffic can (nor should) pass between the STA and AP.
> > > That includes ARP and any L2/L3+ protocols, except for EAP and wifi
> > > management packets.
> > >
> > > The interface itself must be IFF_UP before it can pass traffic,
> > > including the WPA handshake traffic.  IFF_UP only means that the
> > > interface can be configured at the L2 level and the hardware is
> > > active, it does *not* mean the interface can pass traffic.
> > >
> > > Whatever is causing the ARPs shouldn't be doing that yet, and should
> > > be fixed to use the interface's "operstate" or IFF_LOWER_UP instead
> > > of IFF_UP.  Only when the supplicant changes the interface's
> > > operstate to IF_OPER_UP is the interface *actually* ready to pass
> traffic.  IFF_UP is not sufficient.
> > >
> >
> > Thanks for your reply.
> >
> > It seems wpa_supplicant set the operstate to IF_OPER_DORMANT when he
> received the ASSOCIATED Event from the driver (through netlink). And set the
> operstate to IF_OPER_UP in case of wpa handshake success.
> >
> > Is it normal the local ip stack send arp when netdev it is on
> IF_OPER_DORMANT state?
> 
> I'm not sure the kernel stack cares much as long as the device is up.
> It is requesting the ARP because some application is attempting to
> communicate with that IP address.  That application should probably be
> waiting until the interface is actually ready to communicate, which means
> IF_OPER_UP.
> 
> But if this is the first WPA handshake with the AP during the initial
> connection, the wifi device shouldn't even have an IP address yet, so nothing
> should be doing ARP on the interface yet.  Perhaps whatever is assigning the
> IP address to the interface is doing it too early, before the interface is
> IF_OPER_UP?
> 
It is not the initial connection. My sta is connected on AP1 and the communication is established (in my test the communication it is iperf from STA to computer behind the APs). 

I looking for a solution to enable the communication for wpa_supplicant, but block the L3 communication while the WPA handshake is not finished.

Have you any idea?

Cedric.


--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Wireless Personal Area Network]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Hiking]     [MIPS Linux]     [ARM Linux]     [Linux RAID]

  Powered by Linux