Does anyone understand when "bridge_ifname" is required in wpa_supplicant?

James Feeney james at nurealm.net
Mon Sep 19 08:48:46 PDT 2016 

In what circumstances is "bridge_ifname" required in wpa_supplicant?

"bridge_ifname" is the value provided with the "-b" switch on the command line.

In wpa_supplicant/wpa_supplicant_i.h

#        /**
#         * bridge_ifname - Optional bridge interface name
#         *
#         * If the driver interface (ifname) is included in a Linux bridge
#         * device, the bridge interface may need to be used for receiving EAPOL
#         * frames. This can be enabled by setting this variable to enable
#         * receiving of EAPOL frames from an additional interface.
#         */
#        const char *bridge_ifname;

But then, in what particular circumstances is the bridge interface needed for
receiving EAPOL frames? In my case, I have a linux kernel "bonding" interface
with two slaves, one wired and one wireless.  Suppose that wpa_supplicant runs
on both the wired and the wireless interfaces, for the sake of argument.

All of the packets that might pass through the bonding interface will be the
combination of all those packets passing through - and "seen" on - each of the
wired and wireless interfaces.  wpa_supplicant already would "know" these two
interfaces, and it seems that any packets passing through the bonding interface
would be, in a sense, redundant.

wpa_supplicant itself is an integrated 802.11x supplicant, and, if I understand
correctly, does not need to communicate on any interface other than the
interfaces through which it is authenticating - perhaps communicating to some
authentication server "seen" through either the wired interface or the wireless
interface.

The only thing I can imagine is that *if* wpa_supplicant needed to communicate
through some *third* interface that was a) part of the bonded or bridged
interface, and b) *not* one of the interfaces on which wpa_supplicant was
running, then it might need to "know" the bond or bridge interface name.  But I
do not know that that would *ever* be necessary.  Can wpa_supplicant ever act as
an Access Point?  Does wpa_supplicant ever require an *external* 802.11x
authentication server?

What am I missing here?  I don't understand under what circumstances the bridge
interface name is required.

Thanks
James

More information about the Hostap mailing list