Group rekey with lots of stations.
Mon Sep 23 01:06:10 PDT 2013
On Thu, Sep 05, 2013 at 11:12:16AM -0700, Ben Greear wrote:
> We are seeing an issue where a few of our 60+ stations are getting kicked
> out by a customer's AP when it rekeys. It seems that at least a few rekey messages
> are lost and the hostapd gives up and disconnects the client stations.
Do you know why the messages are lost?
> These 60+ stations are all on one machine, so the supplicant there has lots of work
> to do in a short time. There are some additional station machines connected and running
> some background traffic.
If there are any stations that are unable to reply to group rekey
messages in reasonable time, such stations are expected to be
disconnected to allow the rekey operation to go ahead.
> Since it appears all stations need to rekey at once, I am wondering if
> it would be valid to be more lenient in hostapd's retransmit timers?
Your use case sounds quite special and if you want to test something
like that, you may need more CPU on the simulated station side.. The
default timeouts should not be modified unless a more real world use
case is showing failures for this to avoid delaying rekeying. The new
GTK can be taken into use only after all associated STAs have received
it (or are disconnected due to timeout or are using WNM-Sleep Mode).
Jouni Malinen PGP id EFC895FA
More information about the Hostap