lost connectivity until "wpa_cli reassociate" is issued

[Jouni Malinen]

On Tue, Jan 05, 2016 at 04:43:54PM -0700, David Mosberger wrote:
> Is it normal that "only" the key for broadcast/multicast would be
> re-keyed once an hour?  Or is there a separate key for the AP that
> should be re-keyed?  I'm trying to understand what the difference is
> between the re-keying that is happening and what "reassociate" does.
> I'm hoping that will help me narrow down what to look at in the
> driver.

Yes, this is a normal AP configuration especially when using TKIP as the
group cipher. The pairwise keys between the AP and each station for
unicast frame do not really need to be rekeyed in practice when using
CCMP as the cipher.

There have been bugs in drivers where group rekeying mess up something
in the key configuration either for the group key itself or maybe even
for the pairwise keys. In other words, this does not really sound
anything new, but obviously the exact reason in the driver is likely to
be specific to the driver. In any case, it's probably best to confirm
with a full sniffer trace what is the exact frame that uses incorrect
keying material or if no such frame is found, that the issue is only on
the receiver processing on decryption.

-- 
Jouni Malinen                                            PGP id EFC895FA