Date: Tue, 30 Jul 2013 18:47:12 -0700 From: Rui Paulo <rpaulo@felyko.com> To: =?iso-8859-1?Q?Jean-S=E9bastien_P=E9dron?= <jean-sebastien.pedron@dumbbell.fr> Cc: "freebsd-current@freebsd.org bsd" <freebsd-current@freebsd.org> Subject: Re: 802.1X: dhclient started before the auth. process ends Message-ID: <70BF48B3-7E85-4259-89B8-098561797CA9@felyko.com> In-Reply-To: <51F7B50E.30708@dumbbell.fr> References: <51F26CEB.9010200@dumbbell.fr> <20130729095946.GK59101@e-new.0x20.net> <CAJ-Vmo=yw-jL%2BT2QUfiOfx8oGZweNt%2BgWFBaVriVPtWsrVCEiA@mail.gmail.com> <51F6758C.9020004@dumbbell.fr> <5FE3C8E1-E073-423D-84E2-242D16CA31E4@felyko.com> <51F7B50E.30708@dumbbell.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
On 30 Jul 2013, at 05:43, Jean-S=E9bastien P=E9dron = <jean-sebastien.pedron@dumbbell.fr> wrote: > On 29.07.2013 21:56, Rui Paulo wrote: >> Disable all the configuration settings and run wpa_supplicant -ddd >> <all your other options...> >=20 > I'm not sure I understand what you mean by "disable all the > configuration settings" but I did some more tests by running > wpa_supplicant manually (ie. not using netif script) with the same = options. >=20 > I found that when the interface (here, bge0) is already UP before > running wpa_supplicant, the authentication process is fast. However, > when the interface is DOWN, wpa_supplicant "associates" quickly but = the > authentication process starts between 5 and 20 seconds after. >=20 > Here's a log with both run (with interface UP then DOWN): > http://pastebin.com/f5ydiBpV >=20 > This delay is new with the recent 10-CURRENT. >=20 > A comment about the behavior I would expect (but keep in mind I'm a = dumb > user here, not a network expert at all). I see in the logs that when > issueing "service netif restart bge0": > 1. the interface is put DOWN, which terminates a previous dhclient > 2. wpa_supplicant is stopped > 3. wpa_supplicant is started again > 4. wpa_supplicant associates with a remote peer, which puts the > interface UP and triggers dhclient >=20 > I guess that this works for a Wifi network because the association is > only valid after the authentication finishes successfully. However, = with > 802.1X not involving Wifi (only wired), the association is made right = at > the beginning (see the logs I pasted), putting the interface UP (and > triggering dhclient) before the authentication starts. Could you please change the initialisation script rc.d/wpa_supplicant to = make it run with the extra options "-dd" ? The messages you sent are not = enough to diagnose the problem. -- Rui Paulo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?70BF48B3-7E85-4259-89B8-098561797CA9>