Request for Guidance on MACsec Support and Custom Hostapd Implementation

Victor Gondry victor.gondry at
Mon Apr 24 09:22:49 PDT 2023

Dear Hostapd community,

I hope this email finds you well. I am currently working on a project
involving MACsec and hostapd, and I would greatly appreciate your
guidance on a couple of questions I have.

Automatic MACsec Channel Establishment:

Is it possible with the current version of hostapd to compile a
version that supports automatic MACsec channel establishment between a
wired Linux client (running wpa_supplicant) and a host running hostapd
on the other end of the wired link ?
I saw that there was a lot of MACsec related code in the source, but
didn't manage to find a working configuration to achieve this other
than this guy :
If so, could you please provide some guidance on the necessary
configurations or changes required to enable this feature ?

Custom Hostapd Implementation for a Specific Use Case:

I am also interested in developing a custom version of hostapd
tailored to my particular use case, which involves having one instance
of hostapd running on a virtual port/NIC, acting as a Port Access
Entity (PAE), Authenticator, and maintaining an MKA session with a
single authenticated wired host running wpa_supplicant.

To achieve this, I would like to know which specific blocks of code
within the hostapd codebase are required for this purpose. Your
guidance on the essential components and any potential modifications
needed would be invaluable in helping me build a streamlined version
of hostapd for my project. I have already read a lot of the codebase
to familiarize myself with it and started to reorder files that seemed
relevant to my use case, but I feel like this will take an eternity..

I understand that this is a complex request, but any assistance or
pointers you could provide would be very much appreciated. I look
forward to your response.

Thank you for your time

Best regards,

More information about the Hostap mailing list