Modify

Opened 2 years ago

Closed 2 years ago

Last modified 19 months ago

#21373 closed defect (worksforme)

hostapd.sh - 11r R0KH/R1KH Import Single Line Only

Reported by: J1mbo Owned by: developers
Priority: normal Milestone:
Component: packages Version: Trunk
Keywords: hostapd, 802.11r Cc:

Description

In hostapd.conf there should be one R0KH/R1KH pair per destination access point, however hostapd.sh creates only one entry in /var/run/hostapd-phy0.conf.

Therefore 802.11r cannot work under OpenWRT with more than two APs.

Attachments (0)

Change History (8)

comment:1 Changed 2 years ago by Stefan Hellermann <stefan@…>

It's working here with 4 APs. Be careful to use list instead of option for all r0kh and r1kh entries:

config wifi-iface
... 
        option ieee80211r 1
        list r0kh "MAC1,nasid1,Key"
        list r0kh "MAC2,nasid2,Key"
        list r0kh "MAC3,nasid3,Key"
        list r1kh "MAC1,r1_key_holder,Key"
        list r1kh "MAC2,r1_key_holder,Key"
        list r1kh "MAC3,r1_key_holder,Key"

comment:2 Changed 2 years ago by J1mbo

Perfect, thank-you.

comment:3 Changed 2 years ago by jow

  • Resolution set to worksforme
  • Status changed from new to closed

comment:4 Changed 2 years ago by J1mbo

Stefan, are you able to post a working config and any requirements; I'm struggling to make 802.11r work even though the config looks good (on 15.05).

For instance does bssid need to be the same as the bridge MAC address? Can all the keys in fact be the same?

There is a patch to enable broadcast based configuration which might make this a lot easier to set up (and maintain):
https://stash.fem.tu-ilmenau.de/projects/CAMPUSWLAN/repos/hostapd/commits/22827c01d6ce2a913a2de055771575366a6bde42#

comment:5 Changed 2 years ago by Stefan Hellermann <stefan@…>

Following a config I'm currently testing. Roaming between APs works fine for a Samsung S5 smartphone and Linux clients with 802.11r enabled wpa_supplicant. I'm not sure if roaming works better then without 802.11r, as I haven't measured roaming interruption time. Roaming between 2,4Ghz and 5GHz doesn't work. A friend of mine got problems with Windows 7 clients which couldn't connect after enabling 802.11r.

I'm not sure about the bridge MAC and BSSID as I'm using a routed network, different IP Networks for LAN and WIFI and no bridge.

Default r1_key_holder is 00:00:4f:57:72:74 on openwrt, so I took it and don't need to configure r1_key_holder on each device.

AP1: (BSSID 64:66:b3:de:56:25)

config wifi-device  radio0
        option type     mac80211
        option channel  11
        option hwmode   11g
        option path     'platform/ar934x_wmac'
        option htmode   HT20

config wifi-iface
        option device   radio0
        option network  test
        option mode     ap
        option ssid     test
        option encryption psk2
        option key      secretKey
        option rsn_preauth 1
        option nasid    test1.lan
        option ieee80211r 1
        list r0kh "64:66:b3:de:56:25,test1.lan,000102030405060708090a0b0c0d0e0f"
        list r0kh "c4:6e:1f:ea:e8:01,test2.lan,000102030405060708090a0b0c0d0e0f"
        list r1kh "64:66:b3:de:56:25,00:00:4f:57:72:74,000102030405060708090a0b0c0d0e0f"
        list r1kh "c4:6e:1f:ea:e8:01,00:00:4f:57:72:74,000102030405060708090a0b0c0d0e0f"

AP2: (BSSID c4:6e:1f:ea:e8:01)

config wifi-device  radio0
        option type     mac80211
        option channel  1
        option hwmode   11g
        option path     'platform/qca955x_wmac'
        option htmode   HT20

config wifi-iface
        option device   radio0
        option network  test
        option mode     ap
        option ssid     test
        option encryption psk2
        option key      secrectKey
        option rsn_preauth 1
        option nasid    test2.lan
        option ieee80211r 1
        list r0kh "64:66:b3:de:56:25,test1.lan,000102030405060708090a0b0c0d0e0f"
        list r0kh "c4:6e:1f:ea:e8:01,test2.lan,000102030405060708090a0b0c0d0e0f"
        list r1kh "64:66:b3:de:56:25,00:00:4f:57:72:74,000102030405060708090a0b0c0d0e0f"
        list r1kh "c4:6e:1f:ea:e8:01,00:00:4f:57:72:74,000102030405060708090a0b0c0d0e0f"

I actually put the same r0kh and r1kh lines on each device. The lines for the own BSSID can probably be stripped. You should really change the keys.

comment:6 Changed 2 years ago by J1mbo

Thanks, this is very helpful.

Is there some device listening on 00:00:4f:57:72:74, or does that not really exist anywhere?

comment:7 Changed 2 years ago by J1mbo

I've testing this configuration with the default r1kh set, however I am not observing any inter-AP communication on the LAN side.

So in short: I don't think 802.11r works currently. I'll open another ticket.

comment:8 Changed 19 months ago by khmtanveer@…

I have tested the configurations as above and the good thing is that I can see in the beacon frame the Mobility Domain and FT Capability and Policy 0x01 which means FT BSS transition over DS is 1. Also RSN information I can see FT using PSK. But I haven't been able to capture any kind of ACTION packet or Re-Association request and Re-Association reply messages. I have sniffed on wireless channel and I haven't sniffed on wired network. but if it was working Wireless sniffing should have revealed the Re-Association request and reply messages. Please I need guidance on how to prove that it is working. Also I heard that 802.11r should have a device compatible and I have been testing on windows 10. will it work? Will it work on iphone 4?

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.