Search Linux Wireless

Re: [ath9k-devel] Wireless stalled after a few minutes with Linux Kernel 3.1

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Dec 09, 2011 at 09:07:17PM +0800, Haohui Liao wrote:
> >> Just wondering if I am the only one still doing the following from command line
> >> to connect to wifi?
> >
> > I'm sure you are not the only one.. And in this particular
> > case, I don't
> > see how that would make a difference.
> 
> It DOES.  I tried yesterday with my Fedora 16 (which is using
> kernel 3.1.2).

I understand that you see different behavior between using
NetworkManager and stating wpa_supplicant from the command line.
However, I don't think this is because of the NM vs. manual
wpa_supplicant start, but because of configuration differences. In other
words, if your wpa_supplicant.conf in the manual start case would be
identical with the way NM configured wpa_supplicant, you would most
likely see the same behavior.

> The debugging message wpa_supplicant is as follows:
> 
> WPA: Request PTK rekeying
> WPA: Sending EAPOL-Key Request (en=0 pairwise=1 ptk_set=1 len=99)
> WPA: TX EAPOL-Key-hexdump (len=99): 01 03 ...
> 
> And the is no more communication.  With Wireshark, I will
> get the following (Reference:
> https://bugs.archlinux.org/task/27406?getfile=7864):

Do you know how quickly the connection dies after the PTK rekeying
request? The snapshot from wireshark has a gap of over one minute
without any traffic, so it is difficult to say whether that is because
of there really being no traffic or for some other reasons.

If this issue is indeed triggered by this EAPOL-Key request frame, it
would be useful to know what AP you are using. If I understood
correctly, it is the device with Shenzhen OUI in the MAC address. Do you
have a more detailed model number for the device?

It is interesting the hear that you see a difference between two kernel
versions. I could understand that if the process would actually go
through rekeying, but in this particular case, it looks like the AP just
refuses to do anything with the EAPOL-Key frame and as such, the
kernel/driver difference should not really have mattered.

> I am not sure if the term stall is correct.  But
> wpa_supplicant seems to be hanging there asking (ARP protocol)
> for response from my router but the router seems to be deaf
> and is not responding.  So the ONLY way for me to get back
> a connection is to kill the wpa_supplicant daemon and
> the connection resumes.

The ARP request is not from wpa_supplicant, but something else in the
system. wpa_supplicant not actually send any IP packets through the
connection. The EAPOL-Key Request was indeed from wpa_supplicant and for
some reason, the AP did not seem to react to it (it should have sent
EAPOL-Key msg 1/4). It is a bit difficult to figure out why exactly this
is happening, but this could be some kind of combination of a bug in the
AP and state or keys getting mixed up between the AP and station. Most
stations do not really use the explicit PTK rekeying request that you
happened to have enabled in this case and as such, I would not be too
surprised if that does not get tested properly with all APs.

If you would happen to have another WLAN device that could capture
frames in wireless sniffer mode (i.e., full IEEE 802.11 headers and not
just the data frames from the station), that could provide additional
information here.

> # WPA-Personal(PSK) with TKIP and enforcement for frequent PTK rekeying
> 
> I just change the WPA-PSK to WPA2 and everything just works.
> So I thought I got things correct.   Apparently this is not
> the case.  The PTK just happens to come from the
> configuration.

Well, this is a valid configuration in theory, but not really something
that is normally used and I would recommend using WPA2 with CCMP and
leaving out the PTK rekeying (which is really just a workaround for not
so secure TKIP).

-- 
Jouni Malinen                                            PGP id EFC895FA
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux