Client station sends probes on DFS channels

Jean-Pierre Tosoni jp.tosoni at acksys.fr
Wed Nov 30 10:03:47 PST 2016 

Hello list,

There is a case where I can see probes on a DFS channel, from a
non-associated station using ath10k. (note that the problem does
not arise when using ath9k).

*The setup*

I am using Openwrt, wpa_supplicant and compat-wireless 2016-10-08,
Card firmware is	ath10k_pci: qca988x hw2.0 (0x4100016c, 0x043202ff)
		fw 10.2.4.70-2 api 5 htt-ver 2.1 wmi-op 5 htt-op 2
		cal otp max-sta 128 features no-p2p
	ath10k_pci: debug 0 debugfs 1 tracing 0 dfs 1 testmode 1

I am using channel 116, regdom US or FR, where I see no traffic at all
using wireshark+Airpcap.
I set wpa_supplicant to scan this channel only for a specific SSID "ssid1".

At initial startup of the client device, no probes are going out, which is
OK.

Then, on another device, I start a hostapd set to channel 116, with a
different SSID "otherssid" so that the supplicant will not associate.

Shortly (1-2s) after the beacons appear in the air, the client begins to
Send probe request in the air, which is unexpected, but acceptable since
the client can infer absence of radars from the presence of beacons.

*The problem*

If I power down the AP, the client continues to send probes for around
10 minutes, which is unacceptable since it cannot handle radar detection,
as it is a slave device in the meaning of ETSI/EN 301-893[1].


Some tests I made:
- I tried to investigate the "beacon hint" mechanism but it appears that it
  is not used on DFS channels.

- I tried to force the IEEE80211_NO_IR flag when IEEE80211_CHAN_DFS is set.

- When I reload the reg. domain using "iw reg set", the probes cease, but
will
  reappear if I cycle my AP again On then Off.

- When I let the client associate, then disassociate and stop the AP, the
same
  problem arises. It disappears if I add a call to ath10k_regd_update() in
mac.c
  after a disconnection (This is not a fix, since in my case the client
never
  associates).

- Since at startup, the client does not send probes, I infer that the
problem
  is *not* caused by a hidden AP that the card could see but not airpcap.

- I tried with channels 52 and 100, with regdom FR or US: same problem.

Any ideas?


[1]
http://www.etsi.org/deliver/etsi_en/301800_301899/301893/01.08.01_60/en_3018
93v010801p.pdf 

J.P. Tosoni - ACKSYS

More information about the ath10k mailing list