BUG: per_sta_vif and sae_passphrase's vlanid are not compatible
rany
rany2 at riseup.net
Sat Feb 24 14:35:58 PST 2024
I understood the cause now. Disabling `okc` and enabling
`disable_pmksa_caching` works around the issue. So I presume it's not
binding the VLAN when it is using a cache entry.
On 2/24/24 23:10, rany wrote:
> Hello!
>
> I'm currently facing an issue when both sae_passphrase's vlanid and
> per_sta_vif are used. When that happens, I could see from `brctl show`
> that the new AP_VLAN interface is created and added to the VLAN bridge
> very briefly and then immediately removed from the bridge. I'm not
> sure why this is happening but I figured it should be reported anyway.
>
> I'm sorry if I'm short of details but below is my BSS config, if there
> is anything more I must provide please let me know:
>
> interface=wl0-ap0
> ctrl_interface=/var/run/hostapd
> bss_load_update_period=60
> chan_util_avg_period=600
> disassoc_low_ack=1
> skip_inactivity_poll=0
> preamble=1
> wmm_enabled=1
> ignore_broadcast_ssid=0
> uapsd_advertisement_enabled=1
> utf8_ssid=1
> multi_ap=0
> tdls_prohibit=1
> sae_require_mfp=1
> sae_pwe=2
> wpa_psk_file=/etc/hostapd.wpa_psk
> sae_password_file=/etc/hostapd.sae_passwords
> auth_algs=1
> wpa=2
> wpa_pairwise=CCMP
> ssid=<redacted>
> wnm_sleep_mode=1
> wnm_sleep_mode_no_keys=1
> wpa_disable_eapol_key_retries=1
> wpa_key_mgmt=WPA-PSK FT-PSK WPA-PSK-SHA256 SAE FT-SAE
> mobility_domain=41e3
> ft_psk_generate_local=0
> ft_over_ds=0
> reassociation_deadline=1000
> r0_key_lifetime=10000
> pmk_r1_push=0
> r0kh=ff:ff:ff:ff:ff:ff * <redacted>
> r1kh=00:00:00:00:00:00 00:00:00:00:00:00 <redacted>
> okc=1
> ieee80211w=1
> group_mgmt_cipher=AES-128-CMAC
> dynamic_vlan=2
> vlan_naming=1
> vlan_bridge=br-vlan
> vlan_no_bridge=
> vlan_file=/var/run/hostapd-wl0-ap0.vlan
> qos_map_set=0,0,2,16,1,1,255,255,18,22,24,38,40,40,44,46,48,56
> bssid=<redacted>
>
> Best
>
>
> _______________________________________________
> Hostap mailing list
> Hostap at lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/hostap
More information about the Hostap
mailing list