Date: Mon, 13 Dec 2010 21:47:45 -0500 From: Russell Yount <russell.yount@gmail.com> To: Adrian Chadd <adrian@freebsd.org> Cc: freebsd-stable@freebsd.org Subject: Re: atheros broadcast/multicast corruption with multiple hostap's Message-ID: <AANLkTikK6NKmzdqihKKA0euNkOF_SGgPQ_viyPD0rQJL@mail.gmail.com> In-Reply-To: <AANLkTimnUmj4_fy89WW-Qkoa%2BDEO8MYkDPR27VwgFFw9@mail.gmail.com> References: <c62ff5ca0912302316o59c01ec5wd9efd008afd59c7f@mail.gmail.com> <4B521FC2.4050402@errno.com> <c62ff5ca1001171010v5ed0458dg7f066e4ef9a15de4@mail.gmail.com> <4B535AAE.3060308@errno.com> <c62ff5ca1001181929j3de9818ct785bfbb18883c55e@mail.gmail.com> <4B5BA0C1.8010901@errno.com> <c62ff5ca1001241616p166238e8ie8a8eff911605d44@mail.gmail.com> <AANLkTinHoSv3yX_73HFaO8wg8tNzoyDbfaTH_y9vLOMQ@mail.gmail.com> <AANLkTinzXPkmnJ3PkzXmwL-W8awhj6T7SbAJ1T5AHpn=@mail.gmail.com> <AANLkTimnUmj4_fy89WW-Qkoa%2BDEO8MYkDPR27VwgFFw9@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Adrian,
Let me try to answer your questions first.
>Which chipsets are they?
Both the
NL-5354MP + Aries2
5004 MP Atheros 4G / CM9
identify themselves as
ath0: <Atheros 5212> mem 0xa0000000-0xa000ffff irq 10 at device 16.0 on
pci0
ath0: [ITHREAD]
ath0: AR5212 mac 5.9 RF5112 phy 4.3
I also have two D-Link DWL-AG530 on an old Dell desktop machine I used to
debug
the driver problems which identify themselves as the same chips.
>Are they using different keys?
Here is a summary of my setup.
Each of the four APs has 4 SSID: wireless{0,1,2,3}
Each of the wlan{0,1,2,3} is bridged to a corresponding VLAN on eth0.
A 5th VLAN has an IP interface for the AP itself.
There are 4 instances of hostapd operating on each AP. This is the only
non-standard part of the configuration which I added rc scripts to start
the hostapd's with different hostapd.conf and /var/run/hostapd.pid files
Each hostapd is configured to talk to a pair of radius servers, one primary
and one backup.
The radius servers are built from freeradius2 ports configuration and
configured as 4 virtual
radius servers operating on different service ports. Each instance is
provisioned with a certificate
which matches the SSID it is serving signed by a common root self signed
certificate. The self signed
root also is used to sign the client certificates.
The AP also run pf so they can block the CARP multicast from the two system
which are gateways for the
different VLANs mirroring the SSIDs.
>Did you try WPA + AES/CCMP in STA mode with these? If not, would you please
do that?
Yes, station mode works.
>What would be a better account to email?
Really this address I normally read. I also use rjy@cmu.edu but am trying to
seperate my personal projects from work so I prefer to use this gmail one.
The main reason it took to long for me to get back to you was I have been
getting a pre-surgery workup for knee surgery I had last friday. I normally
check this account reasonably often.
>What I'd really like to do is write up a set of testing procedures for
>doing things to the ath driver - in station, hostap and adhoc modes -
>so I can test my local 11n+refactored HAL against it. If you've got a
>working setup then I'd like to try and get that documented and
>reproducable, complete with a set of tests for each to try and ensure
>that as much stuff works as possible.
I think I can help you on that. I would not suggest that you duplicate my
setup, but rather here are some suggestions as to where to start.
1.) The /etc/rc.conf lacks the ability to start multiple hostapds. This make
stock system testing of mulitiple SSIDs difficult. I cloned the hostapd
script as /etc/rc.d/hostapd{0,1,2,3} and referenced
/etc/hostapd/hostapd{0,1,2,3}.conf to make this easier to configure.
2.) Similarly you have multiple wireless cards on a client system the
wpa_suppliment rc script lacks the ability to specify a diffferent
configuration file per interface.
3.) The problem the patch I made fixed was related to the AP recognizing
multicast/broadcast traffic orginated by clients when multiple SSID where
configured on an AP. Without the patch only the last configured SSID
actually recognizes broadcasts coming from client reliably. Since often
traffic is initiated by the client the ARP entry on the gateway
will be populated by incoming traffic and the gateway will not need to
broadcast a whereis this IP which the client would respond to. To test this
was tricky since when client connects it orginates traffic using DHCP to get
an address.
To test I either used a client which did not DHCP or forced thegateway ARP
cache to be cleared after client got an address via DHCP.
4.) I can try to help you create a set of scripts which test driver hostapd
and wpa_supplicate. Can we work on this off the list for a while until we
have something people can comment on?
-Russ
On Mon, Dec 13, 2010 at 3:49 AM, Adrian Chadd <adrian@freebsd.org> wrote:
> (I'm removing Sam from the CC: ; it seems he's not interested in this
> stuff any longer.)
>
> On 8 December 2010 09:54, Russell Yount <russell.yount@gmail.com> wrote:
> > Adrian,
> >
> > Yes, I can help track down this.
> >
> > I have only 11agb radios though:
> > NL-5354MP + Aries2
> > 5004 MP Atheros 4G / CM9
>
> Which chipsets are they?
>
> > The changes I made definiately work for these chips, I have 4 APs
> operating
> > with 4 SSID each all configured with WPA2 using x509 certs. Currently,
> the
> > kernel I am using is 8.1.
>
> Are they using different keys?
>
> Did you try WPA + AES/CCMP in STA mode with these? If not, would you
> please do that?
>
> > I seem to recall that the hardware abstration layer for different
> chipsets
> > treated handling of multicast reception differently.
> >
> > Could you send me pointers to what problems are described?
> >
> > Sorry, I took so long to reply, been rather busy, I do not check this
> email
> > account as often as my others.
>
> What would be a better account to email?
>
> What I'd really like to do is write up a set of testing procedures for
> doing things to the ath driver - in station, hostap and adhoc modes -
> so I can test my local 11n+refactored HAL against it. If you've got a
> working setup then I'd like to try and get that documented and
> reproducable, complete with a set of tests for each to try and ensure
> that as much stuff works as possible.
>
> I'd also like to make sure that the AR5416 HAL as shipped in FreeBSD
> behaves the same way as the AR5210,AR5211,AR5212 HALs as well. I only
> have an AR5213 card here; the rest of mine are 11n (AR5416, AR9160,
> AR9280.)
>
> I don't know if I'm going to be able to get all of this into
> 9.0-RELEASE but I'd like to try. The atheros 11n chipsets are
> everywhere now; I'd like to both support the legacy stuff and the new
> stuff with all the features fully working. :-) Right now I haven't any
> idea about what works and what doesn't.
>
> Thanks,
>
>
> Adrian
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTikK6NKmzdqihKKA0euNkOF_SGgPQ_viyPD0rQJL>