From owner-freebsd-current@FreeBSD.ORG Tue Jul 22 15:30:29 2008 Return-Path: Delivered-To: current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 53E041065781 for ; Tue, 22 Jul 2008 15:30:29 +0000 (UTC) (envelope-from sam@freebsd.org) Received: from ebb.errno.com (ebb.errno.com [69.12.149.25]) by mx1.freebsd.org (Postfix) with ESMTP id 0E3BE8FC1F for ; Tue, 22 Jul 2008 15:30:28 +0000 (UTC) (envelope-from sam@freebsd.org) Received: from trouble.errno.com (trouble.errno.com [10.0.0.248]) (authenticated bits=0) by ebb.errno.com (8.13.6/8.12.6) with ESMTP id m6MFUQoY030960 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 22 Jul 2008 08:30:27 -0700 (PDT) (envelope-from sam@freebsd.org) Message-ID: <4885FD12.1090408@freebsd.org> Date: Tue, 22 Jul 2008 08:30:26 -0700 From: Sam Leffler Organization: FreeBSD Project User-Agent: Thunderbird 2.0.0.9 (X11/20071125) MIME-Version: 1.0 To: John Nielsen References: <200807221048.48729.lists@jnielsen.net> In-Reply-To: <200807221048.48729.lists@jnielsen.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DCC-Rhyolite-Metrics: ebb.errno.com; whitelist Cc: current@freebsd.org Subject: Re: ath vap - second hostap _almost_ works X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jul 2008 15:30:29 -0000 John Nielsen wrote: > Sam et al- > > I just upgraded my "router" box to -CURRENT so I could try out the new vap > code. The upgrade went fine and the single access point setup I had > before works fine on wlan0. > > I'm trying to set up a second access point for an "insecure" network. I am > able to create and configure the wlan1 interface and clients can see the > SSID and associate to the network. However the access point is unable to > send traffic over the interface (the 103 network below): > > stealth# ping 192.168.103.240 > PING 192.168.103.240 (192.168.103.240): 56 data bytes > ping: sendto: Network is down > > Interestingly, it can receive traffic just fine. DHCP, for instance: > > stealth# tcpdump -i wlan1 > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on wlan1, link-type EN10MB (Ethernet), capture size 68 bytes > 10:35:32.557438 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, > Request [|bootp] > 10:35:36.558022 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, > Request [|bootp] > > etc. dhcpd receives and acts on the requests but is unable to send > replies: > > Jul 22 10:11:13 stealth dhcpd: DHCPDISCOVER from 00:1b:77:9d:ab:ba > (jnielsengl1830) via wlan1 > Jul 22 10:11:13 stealth dhcpd: DHCPOFFER on 192.168.103.240 to > 00:1b:77:9d:ab:ba (jnielsengl1830) via wlan1 > Jul 22 10:11:13 stealth dhcpd: send_packet: Network is down > > The problem seems to follow the second hostap device configured (e.g. > wlan1). I swapped the networks and the insecure one worked propery and > the "old" network stopped working. I'm trying to determine if this is a > misconfiguration on my part, a software bug or a hardware limitation. > I've tested with ipfw turned off via sysctl and with and without hidessid > and bgscan on both interfaces. Details of my setup: > > FreeBSD stealth.jnielsen.net 8.0-CURRENT FreeBSD 8.0-CURRENT #0: Mon Jul > 21 03:24:10 EDT 2008 > john@stealth.jnielsen.net:/usr/obj/usr/src8/src/sys/STEALTH i386 > > (D-Link DWL-G520 PCI card) > ath_hal: 0.9.20.3 (AR5210, AR5211, AR5212, RF5111, RF5112, RF2413, RF5413) > ath0: mem 0xe5040000-0xe504ffff irq 16 at device 8.0 on > pci0 > ath0: [ITHREAD] > ath0: WARNING: using obsoleted if_watchdog interface > ath0: mac 5.6 phy 4.1 radio 4.5 > > stealth# egrep "ath|wlan" /etc/rc.conf | grep -v "^#" > wlans_ath0="wlan0 wlan1" > create_args_wlan0="wlanmode hostap" > create_args_wlan1="wlanmode hostap wlanaddr 10:0d:88:a6:61:a8" > FWIW, it's better to just use "wlanmode hostap bssid" to get a unique address. > ifconfig_wlan0="inet 192.168.3.10 netmask 255.255.255.0 ssid sixten > wepmode on deftxkey 1 wepkey 1:0x[26 digit hex key]" > ifconfig_wlan1="inet 192.168.103.1 netmask 255.255.255.0 ssid freewifi > wepmode off" > What happens if you disable WEP use? > stealth# ifconfig ath0 && ifconfig wlan0 && ifconfig wlan1 > ath0: flags=8843 metric 0 mtu 2290 > ether 00:0d:88:a6:61:a8 > media: IEEE 802.11 Wireless Ethernet autoselect mode 11g > status: running > wlan0: flags=8843 metric 0 mtu > 1500 > ether 00:0d:88:a6:61:a8 > inet 192.168.3.10 netmask 0xffffff00 broadcast 192.168.3.255 > media: IEEE 802.11 Wireless Ethernet autoselect mode 11g > status: running > ssid sixten channel 6 (2437 Mhz 11g) bssid 00:0d:88:a6:61:a8 > regdomain FCC indoor ecm authmode OPEN privacy ON deftxkey 1 > wepkey 1:104-bit txpower 19 scanvalid 60 protmode CTS wme burst ff > dturbo dtimperiod 1 -dfs > wlan1: flags=8c43 metric 0 > mtu 1500 > ether 10:0d:88:a6:61:a8 > inet 192.168.103.1 netmask 0xffffff00 broadcast 192.168.103.255 > media: IEEE 802.11 Wireless Ethernet autoselect mode 11g > status: running > ssid freewifi channel 6 (2437 Mhz 11g) bssid 10:0d:88:a6:61:a8 > regdomain FCC indoor ecm authmode OPEN privacy OFF txpower 19 > scanvalid 60 protmode CTS wme burst ff dturbo dtimperiod 1 -dfs > > Any input greatly appreciated. Thanks! > > I'll need to setup this config as I don't think I've ever tested one like it (my vap's are typically bridged and don't terminate on the wireless host). You might check wlanstats of each vap to see if packets are being tossed. Otherwise you'll need to look at a lower level to find where the packets are being lost; e.g. use tcpdump -y IEEE802_11 on the wlan devices to see if the missing frames are being dispatched from the ath driver. If you can't find the reason please file a PR w/ the details you've provided. Sam