IP assignment and authenticated port
Sarah Thomas
sarah040.thomas
Tue Feb 3 01:08:22 PST 2015
Hi Scott,
By saying client should'nt be able to send DHCP request, do you mean the
broadcast message from the client or any other message?
Because I see the below in code (where dhcp broadcast message can be used
for station detection)
/* *setup dhcp listen socket for sta detection* */
if ((drv->dhcp_sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
perror("socket call failed for dhcp");
return -1;
}
if (eloop_register_read_sock(drv->dhcp_sock, handle_dhcp, drv->ctx,
NULL)) {
printf("Could not register read socket\n");
return -1;
}
Thanks,
Sarah
On Tue, Feb 3, 2015 at 1:49 PM, Scott Armitage <
s.p.armitage at scottarmitage.eu> wrote:
>
> > On 3 Feb 2015, at 06:02, Sarah Thomas <sarah040.thomas at gmail.com> wrote:
> >
> > Hi,
> >
> > The intention is to port hostapd on a wired switch. So, wanted to
> understand, whether there will be any interaction between dhcp server and
> the port authorization by 802.1x? I read somewhere, only after the port is
> authenticated by 802.1x, IP address will be assigned to the clients and
> layer 3 communication will start between the client and switch. So wanted
> to know, how this port authorization info is communicated to dhcp server?
> >
>
>
> The standard way is all traffic (other than that required for 802.1X
> authentication) is blocked at the switch port level until the switch port
> has been authorised. The client shouldn?t be able to send a DHCP request
> until the switch has received an Access-Accept for the client.
>
>
> Regards
>
>
> Scott Armitage
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.shmoo.com/pipermail/hostap/attachments/20150203/2058a157/attachment-0001.htm>
More information about the Hostap
mailing list