[SPAM] Re: Fw: DHCP Fails to Pass Through HostAP AP
Primary Key Development
dev
Wed Apr 29 00:10:13 PDT 2009
Hi Jouni,
Thanks for the reply. Here are answers:
> Have you verified whether the client is able to receive broadcast frames
> when configured with a static IP address?
Yes, when configured statically network broadcasting works: the client is
able to discover and authenticate against an MS Active Directory domain.
> I would expect this combination to work and I have noticed issues in my
> tests. Though, most of the time I do not use bridging, but when I do,
> Windows XP clients has been able to receive an IP address using DHCP.
How do you setup an access point without ethernet bridging?
> I would suggest running a test with simpler configuration, e.g.:
>
> wpa=1
> wpa_pairwise=TKIP
>
> and then another one with:
>
> wpa=2
> wpa_pairwise=CCMP
I tried both configurations but neither succeeded.
> DHCP should work fine without any additional configuration. The only
> thing that I can think of as a reason would be some kind of problems in
> delivering broadcast frames to the clients. I'm assuming that the DHCP
> server is sending out the responses using broadcast frames in this case.
The following tests revealed some interesting results:
* When connecting to an ISC DHCP server through hostapd (DHCP server
residing on the same machine as hostapd), the XP clients work out of the
box. Vista clients require a registry workaround to function (setting
'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{GUID}\DhcpConnEnableBcastFlagToggle'
to '1)
* When connecting to an MS DHCP server (XP and Vista, registry
workaround or not) through hostapd DHCP continues to fail: the client's
requests pass through the AP, but fail and the client assumes the
auto-configuration IP address. Following is a tcpdump of this scenario
(192.168.8.20 is the IP address of the MS Windows DHCP server):
...
02:25:24.722406 IP 192.168.8.20.bootps > 255.255.255.255.bootpc:
BOOTP/DHCP,
Reply, length 311
02:25:37.413180 IP 192.168.8.20.netbios-dgm > 192.168.8.255.netbios-dgm:
NBT
UDP PACKET(138)
02:25:53.552388 IP 169.254.42.56.netbios-ns > 169.254.255.255.netbios-ns:
NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
02:25:53.552381 IP 169.254.42.56.netbios-ns > 169.254.255.255.netbios-ns:
NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
02:25:54.315056 IP 169.254.42.56.netbios-ns > 169.254.255.255.netbios-ns:
NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
02:25:54.315049 IP 169.254.42.56.netbios-ns > 169.254.255.255.netbios-ns:
NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
02:25:55.078701 IP 169.254.42.56.netbios-ns > 169.254.255.255.netbios-ns:
NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
02:25:55.078695 IP 169.254.42.56.netbios-ns > 169.254.255.255.netbios-ns:
NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
02:26:02.681809 IP6 fe80::7539:17f5:ed25:2a38.65460 > ff02::1:3.hostmon:
UDP, length 24
02:26:02.681875 IP 169.254.42.56.65387 > 224.0.0.252.hostmon: UDP, length 24
02:26:02.681804 IP6 fe80::7539:17f5:ed25:2a38.65460 > ff02::1:3.hostmon:
UDP, length 24
02:26:02.681874 IP 169.254.42.56.65387 > 224.0.0.252.hostmon: UDP, length 24
02:26:02.785702 IP6 fe80::7539:17f5:ed25:2a38.65460 > ff02::1:3.hostmon:
UDP, length 24
02:26:02.785772 IP 169.254.42.56.65387 > 224.0.0.252.hostmon: UDP, length 24
02:26:02.785696 IP6 fe80::7539:17f5:ed25:2a38.65460 > ff02::1:3.hostmon:
UDP, length 24
02:26:02.785771 IP 169.254.42.56.65387 > 224.0.0.252.hostmon: UDP, length 24
02:26:02.988551 IP 169.254.42.56.netbios-ns > 169.254.255.255.netbios-ns:
NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
02:26:02.988545 IP 169.254.42.56.netbios-ns > 169.254.255.255.netbios-ns:
NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
02:26:03.752447 IP 169.254.42.56.netbios-ns > 169.254.255.255.netbios-ns:
NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
...
It looks like the MS DHCP server traffic can't pass return through the
access point. DHCP requests to the MS DHCP server via a physical
ethernet connection on the same network succeed.
Any thoughts?
Thanks
-JASON
----- Original Message -----
From: "Jouni Malinen" <j at w1.fi>
To: "Jason Daly" <jason2 at primarykey.ca>
Sent: Sunday, April 26, 2009 2:12 PM
Subject: Re: Fw: DHCP Fails to Pass Through HostAP AP
> On Mon, Apr 27, 2009 at 04:18:54AM -0400, Jason Daly wrote:
>
>> Sorry to email you directly, but my emails continue to be marked by the
>> HostAP mailing list as SPAM. Do you know why? Also, do you have
insight
>> on my inquiry below?:
>
> I have no idea what is marking the message as spam, but anyway, I do not
> see the message you forwarded, so something is filtering it from me..
> The message itself shows up on the mailing list archive, so I would
> expect that it was delivered and just filtered in my local setup.
>
>> When connecting Windows (XP/Vista) wireless clients to a hostapd AP,
DHCP
>> offers do not succeed. When setting the network interface settings on
>> the
>> client to use a static configuration connectivity succeeds and client
>> networking through the AP functions well.
>
> Have you verified whether the client is able to receive broadcast frames
> when configured with a static IP address?
>
>> DHCP is working and the bridge functions: I have confirmed this by
>> successfully
>> obtaining a DHCP lease via the notebook's LAN port.
>
> Have you tried using any other client (e.g., a Linux laptop) through
> this AP using DHCP?
>
>> - hostapd 0.6.9
>> - FC10(2.6.29.1-15.fc10.i686)
>> - ath9k
>
> I would expect this combination to work and I have noticed issues in my
> tests. Though, most of the time I do not use bridging, but when I do,
> Windows XP clients has been able to receive an IP address using DHCP.
>
>> Following are the contents of my hostapd.conf file:
>
>> wpa=3
>> wpa_key_mgmt=WPA-PSK
>> wpa_pairwise=TKIP CCMP
>
> I would suggest running a test with simpler configuration, e.g.:
>
> wpa=1
> wpa_pairwise=TKIP
>
> and then another one with:
>
> wpa=2
> wpa_pairwise=CCMP
>
> In theory, this should not change anything as far as DHCP going through
> the bridge is concerned, but at least it verifies whether the issue
> shows up with CCMP as the group cipher or not.
>
>> Is there a setting in hostapd that must be added to allow DHCP to pass
>> through
>> the bridge. UDP works fine through the bridge, as the client can
see the
>> Windows domain and can broadcast for clients on the domain (when
>> connected
>> via
>> a static IP or via a physical LAN cable).
>
> DHCP should work fine without any additional configuration. The only
> thing that I can think of as a reason would be some kind of problems in
> delivering broadcast frames to the clients. I'm assuming that the DHCP
> server is sending out the responses using broadcast frames in this case.
>
> --
> Jouni Malinen PGP id EFC895FA
>
More information about the Hostap
mailing list