FreeBSD + EAP/TLS + IPv6 != OK
Sébastien Pierrel
sebastien.pierrel
Wed Dec 7 12:52:59 PST 2005
Jouni Malinen wrote:
> On Wed, Dec 07, 2005 at 12:18:25PM +0200, S?bastien Pierrel wrote:
>
>>I'm having a weird problem while combining FreeBSD 6.0-RELEASE,
>>wpa_supplicant and IPv6.
>
>>Authentication (eap/tls) works ok, dhcp gives me an IPv4 address, but
>>for some strange reason IPv6 doesn't work.
>
> Have you tried whether IPv4 broadcast packets are received correctly?
Yes, they are.
>>I used ethereal to figure it out and it seems that the router
>>advertisement (RA) packet is corrupted when "entering" the freebsd host.
>
>>Ethereal captures on mob_1 and mob_2 show different content of the very
>>same packet (RA): in the ethernet frame, src and dst MACs are the same
>>but all the rest is different (size is even different: 8bytes longer on
>>mob_1).
>
> This sounds like the multicast receiving in the driver or net80211 code
> is not working correctly.
>
>>I'm quite confused by this problem. I thought about an encryption issue,
>>but how could this affect the IPv6 packets and not IPv4?
>
>
> If it is only affecting multicast/broadcast packets, that could be
> explained by different keys used for multicast and unicast frames.
It looks like this is the case: packets sent to neighbor discovery (ie
eth_dst = 33:33:00:00:00:01) are wrong whereas IPv6 packets sent to
unicast are OK.
> Did you try using the wpa_supplicant version included in FreeBSD
> 6.0-RELEASE (v0.3.9, if I remember correctly)?
No, I haven't because this version (0.3.9) doesn't support eap-tls.
> This could be either a bug in driver/net80211 or some kind of
> mismatch in parameters when broadcast key is being configured.
How to find this out and how much effort is that to be fixed?
Thanks,
/Seb.
More information about the Hostap
mailing list