wpa_supplicant, SAE secured MESH on RT5370 doesn't PING after peer connection is established
Greg Gigon
greg.gigon at gmail.com
Sat Nov 19 04:19:24 PST 2016
Hi
I’ve been trying wpa_supplicant on Raspnerry PI running latest Raspbian. Open mesh network works fine, however SEA key management doesn’t.
By doesn’t I mean, it’s not resolving MAC via ARP and not being able to PING.
I’m testing this on 2 nodes. Running the same Wireless chipset.
Bellow is a lot of information about my env. Same setup is pretty much on both RasPI, the only difference is the IP address.
What should I do next to try to find out what is the problem? Please HELP? I’m truly stuck.
I’m more than happy to provide any other info you think would be helpful.
Greg
pi at raspberrypi3bare:~ $ uname -a
Linux raspberrypi3bare 4.4.21-v7+ #911 SMP Thu Sep 15 14:22:38 BST 2016 armv7l GNU/Linux
————
pi at raspberrypi3bare:~ $ lsusb
Bus 001 Device 004: ID 148f:5370 Ralink Technology, Corp. RT5370 Wireless Adapter
————
pi at raspberrypi3bare:~ $ lsmod
rt2800usb 17554 0
rt2800lib 71894 1 rt2800usb
rt2x00usb 8943 1 rt2800usb
rt2x00lib 37529 3 rt2x00usb,rt2800lib,rt2800usb
mac80211 532162 3 rt2x00lib,rt2x00usb,rt2800lib
crc_ccitt 1278 1 rt2800lib
brcmfmac 186339 0
brcmutil 5661 1 brcmfmac
cfg80211 427855 3 brcmfmac,mac80211,rt2x00lib
rfkill 16037 4 cfg80211,bluetooth
—————
Wiphy phy1
max # scan SSIDs: 4
max scan IEs length: 2257 bytes
Retry short limit: 7
Retry long limit: 4
Coverage class: 0 (up to 0m)
Device supports RSN-IBSS.
Supported Ciphers:
* WEP40 (00-0f-ac:1)
* WEP104 (00-0f-ac:5)
* TKIP (00-0f-ac:2)
* CCMP (00-0f-ac:4)
* 00-0f-ac:10
* GCMP (00-0f-ac:8)
* 00-0f-ac:9
Available Antennas: TX 0 RX 0
Supported interface modes:
* IBSS
* managed
* AP
* AP/VLAN
* WDS
* monitor
* mesh point
Band 1:
Capabilities: 0x172
HT20/HT40
Static SM Power Save
RX Greenfield
RX HT20 SGI
RX HT40 SGI
RX STBC 1-stream
Max AMSDU length: 3839 bytes
No DSSS/CCK HT40
Maximum RX AMPDU length 65535 bytes (exponent: 0x003)
Minimum RX AMPDU time spacing: 2 usec (0x04)
HT RX MCS rate indexes supported: 0-7, 32
TX unequal modulation not supported
HT TX Max spatial streams: 1
HT TX MCS rate indexes supported may differ
Bitrates (non-HT):
* 1.0 Mbps
...
* 54.0 Mbps
Frequencies:
* 2412 MHz [1] (20.0 dBm)
...
* 2484 MHz [14] (20.0 dBm) (no IR)
Supported commands:
* new_interface
* set_interface
* new_key
* start_ap
* new_station
* new_mpath
* set_mesh_config
* set_bss
* authenticate
* associate
* deauthenticate
* disassociate
* join_ibss
* join_mesh
* set_tx_bitrate_mask
* frame
* frame_wait_cancel
* set_wiphy_netns
* set_channel
* set_wds_peer
* probe_client
* set_noack_map
* register_beacons
* start_p2p_device
* set_mcast_rate
* Unknown command (104)
* connect
* disconnect
Supported TX frame types:
* IBSS: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
* managed: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
* AP: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
* AP/VLAN: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
* mesh point: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
* P2P-client: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
* P2P-GO: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
* P2P-device: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
Supported RX frame types:
* IBSS: 0x40 0xb0 0xc0 0xd0
* managed: 0x40 0xd0
* AP: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
* AP/VLAN: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
* mesh point: 0xb0 0xc0 0xd0
* P2P-client: 0x40 0xd0
* P2P-GO: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
* P2P-device: 0x40 0xd0
software interface modes (can always be added):
* AP/VLAN
* monitor
valid interface combinations:
* #{ AP, mesh point } <= 8,
total <= 8, #channels <= 1
HT Capability overrides:
* MCS: ff ff ff ff ff ff ff ff ff ff
* maximum A-MSDU length
* supported channel width
* short GI for 40 MHz
* max A-MPDU length exponent
* min MPDU start spacing
Device supports TX status socket option.
Device supports HT-IBSS.
Device supports SAE with AUTHENTICATE command
Device supports low priority scan.
Device supports scan flush.
Device supports AP scan.
Device supports per-vif TX power setting
Driver supports a userspace MPM
———
pi at raspberrypi3bare:~ $ sudo cat /etc/wpa_supplicant/mesh.conf
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=adm
# mpm on userspace
user_mpm=1
# open mesh network
network={
ssid="MeshIt"
mode=5
frequency=2432
key_mgmt=SAE
psk=“awesome password"
}
————
pi at raspberrypi3bare:~ $ wpa_supplicant -v
wpa_supplicant v2.6
Copyright (c) 2003-2016, Jouni Malinen <j at w1.fi> and contributors
————
pi at raspberrypi3bare:~ $ sudo wpa_supplicant -i mesh -c /etc/wpa_supplicant/mesh.conf
Successfully initialized wpa_supplicant
Could not connect to kernel driver
Using interface mesh with hwaddr 00:19:86:11:98:93 and ssid ""
mesh: interface state UNINITIALIZED->ENABLED
AP-ENABLED
mesh: joining mesh MeshIt
mesh: CTRL-EVENT-CONNECTED - Connection to 00:00:00:00:00:00 completed [id=0 id_str=]
mesh: MESH-GROUP-STARTED ssid="MeshIt" id=0
mesh: new peer notification for 00:19:86:81:42:62
mesh: mesh plink with 00:19:86:81:42:62 established
mesh: MESH-PEER-CONNECTED 00:19:86:81:42:62
———
Detailed DEBUG output from both RasPIs are in here:
http://pastebin.com/raw/Whx1sgXg
http://pastebin.com/raw/q5m7e6ye
————
TCP DUMP on one PI while other one is attempting to PING:
pi at raspberrypi3black:~ $ sudo tcpdump -i mesh
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on mesh, link-type EN10MB (Ethernet), capture size 262144 bytes
11:45:52.943338 ARP, Request who-has 192.168.0.20 tell 192.168.0.10, length 28
11:45:52.943433 ARP, Reply 192.168.0.20 is-at 00:19:86:81:42:62 (oui Unknown), length 28
11:45:54.942921 ARP, Request who-has 192.168.0.20 tell 192.168.0.10, length 28
11:45:54.942963 ARP, Reply 192.168.0.20 is-at 00:19:86:81:42:62 (oui Unknown), length 28
————
More information about the Hostap
mailing list