Dropped frames (unauthorized port) in AP mode

Jouni Malinen j
Sat Jun 22 00:59:29 PDT 2013


On Tue, Jun 18, 2013 at 11:25:38PM +0200, Mihai Moldovan wrote:
> I am still experiencing huge problems with my ath9k cards (AR9380 and AR5416) in
> master mode.
> 
> Both devices + some e1000e card are bridged together, with hostapd acting as a
> WPA-PSK authenticator.

Which version of hostapd are you using and have you notified hostapd of
that bridging design (bridge parameter in the configuration file)?

> hostapd is throwing out those messages:
> 
> hostapd: wifi1: STA f8:1e:df:dd:01:f7 IEEE 802.11: authentication OK (open system)
> [...] MLME: MLME-AUTHENTICATE.indication(f8:1e:df:dd:01:f7, OPEN_SYSTEM)
> [...] MLME: MLME-DELETEKEYS.request(f8:1e:df:dd:01:f7)
> [...] IEEE 802.11: authenticated
> [...] IEEE 802.11: association OK (aid 1)
> [...] IEEE 802.11: associated (aid 1)
> [...] MLME: MLME-ASSOCIATE.indication(f8:1e:df:dd:01:f7)
> [...] MLME: MLME-DELETEKEYS.request(f8:1e:df:dd:01:f7)
> [...] WPA: event 1 notification
> [...] WPA: start authentication
> [...] IEEE 802.1X: unauthorizing port
> [...] WPA: sending 1/4 msg of 4-Way Handshake
> [...] WPA: EAPOL-Key timeout

This would indicate that no response for EAPOL-Key frame was received.
Either the msg 1/4 was not sent or 2/4 was not received properly.
Incorrect bridge configuration can cause this.

> [ 7131.846665] wifi1: Allocated STA f8:1e:df:dd:01:f7
> [ 7131.846670] wifi1: moving STA f8:1e:df:dd:01:f7 to state 2
> [ 7131.846672] wifi1: moving STA f8:1e:df:dd:01:f7 to state 3
> [ 7131.846731] wifi1: Inserted STA f8:1e:df:dd:01:f7
> [ 7131.846759] wifi1: dropped frame to f8:1e:df:dd:01:f7 (unauthorized port)
> [ 7134.951612] wifi1: moving STA f8:1e:df:dd:01:f7 to state 2

> What does "unauthorized port" mean?

That dropped frame is likely some unrelated packet that something else
in the system tried to transmit. That's fine and getting it dropped is
expected. Since there is only one such frame listed here, I'd assume the
multiple EAPOL-Key 1/4 frames were not dropped.

Do you have another device you could use as a sniffer to capture the
frames between the devices? It would be useful to verify whether
EAPOL-Key 1/4 and 2/4 are actually transmitted or not.

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the Hostap mailing list