From owner-freebsd-current@FreeBSD.ORG Wed Jan 17 16:10:33 2007 Return-Path: X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id D2E3816A415 for ; Wed, 17 Jan 2007 16:10:33 +0000 (UTC) (envelope-from brooks@lor.one-eyed-alien.net) Received: from lor.one-eyed-alien.net (grnl-static-02-0046.dsl.iowatelecom.net [69.66.56.110]) by mx1.freebsd.org (Postfix) with ESMTP id 7A48D13C4BA for ; Wed, 17 Jan 2007 16:10:33 +0000 (UTC) (envelope-from brooks@lor.one-eyed-alien.net) Received: from lor.one-eyed-alien.net (localhost [127.0.0.1]) by lor.one-eyed-alien.net (8.13.8/8.13.8) with ESMTP id l0HG997J001702; Wed, 17 Jan 2007 10:09:10 -0600 (CST) (envelope-from brooks@lor.one-eyed-alien.net) Received: (from brooks@localhost) by lor.one-eyed-alien.net (8.13.8/8.13.8/Submit) id l0HG96uj001701; Wed, 17 Jan 2007 10:09:06 -0600 (CST) (envelope-from brooks) Date: Wed, 17 Jan 2007 10:09:06 -0600 From: Brooks Davis To: Sam Leffler Message-ID: <20070117160906.GB1333@lor.one-eyed-alien.net> References: <200701171608.49339.doconnor@gsoft.com.au> <45ADC311.90008@errno.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="eJnRUKwClWJh1Khz" Content-Disposition: inline In-Reply-To: <45ADC311.90008@errno.com> User-Agent: Mutt/1.5.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0 (lor.one-eyed-alien.net [127.0.0.1]); Wed, 17 Jan 2007 10:09:10 -0600 (CST) Cc: freebsd-current@freebsd.org Subject: Re: WPA-EAP problems X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Jan 2007 16:10:33 -0000 --eJnRUKwClWJh1Khz Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jan 16, 2007 at 10:32:49PM -0800, Sam Leffler wrote: > Daniel O'Connor wrote: > > Hi, > > I have a WPA-EAP network setup (to a WRT54G with OpenRadius which=20 > > authenticates against an OpenLDAP server on my FreeBSD server), however= quite=20 > > often dhclient fails to get a lease at first go. > >=20 > > My wpa_supplicant file looks like.. > > network=3D{ > > ssid=3D"dons" > > scan_ssid=3D1 > > key_mgmt=3DWPA-EAP > > identity=3D"username" > > password=3D"password" > > phase2=3D"auth=3DPAP" > > } > >=20 > > I have the following in rc.conf.. > > ifconfig_ath0=3D"WPA DHCP" > > background_dhclient=3D"YES" > >=20 > > If I kill dhclient and restart it I can get a lease just fine. I don't = see the=20 > > problem on a WPA-TKIP network. >=20 > Sounds like an issue with dhclient. I rarely use anything but WPA-PSK > so haven't noticed issues. >=20 > It would be useful to get a wpa log to see how long it's taking to > authenticate. It'd be nice if dhclient were triggered by authentication > rather than association as packets cannot pass until before. I've > considered changing things to work in this way. This seems like a good idea. The link isn't really up until you can actually pass packets on it. > > I think the problem is that the ath interface comes up but no > > packets can be transferred because WPA stuff is still happening the > > initial requests get lost. >=20 > But dhclient should retry and get a lease w/o your restarting it. I think this should happen, but I think the back off is random exponential so it doesn't take long to get to the point where it will appear hung because it tries for >60s. Is there an 802.11 event we could key off of to reset the timeouts when authentication occurs? -- Brooks --eJnRUKwClWJh1Khz Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (FreeBSD) iD8DBQFFrkohXY6L6fI4GtQRAg6WAJwNzi2FBuYSaaQNhXrDw/qDOED0fwCg0c1p nbCc9giQpvPGUFEBKOweoq4= =zOf9 -----END PGP SIGNATURE----- --eJnRUKwClWJh1Khz--