802.11r not working
Michael T Farnworth
michael at turf.org
Thu Sep 24 06:01:58 EDT 2020
On 24/09/2020 05:10, Dennis Bland wrote:
> Regarding hostapd with OpenWRT: Normally you would include hostapd
> with OpenWRT, as it's an AP platform. If you only want the 802.1X
> authentication functionality of OpenWRT, is there a reason why you
> wouldn't simply use FreeRADIUS as your authentication server?
I am trying to standardise by using OpenWrt for routing traffic around
the house so that I can switch hardware and upgrade relatively easily.
I am using FreeRADIUS under OpenWrt as the authentication server but as
I have something more powerful (and reliable) than a cheap AP I have
move the FreeRADIUS onto it. The problem with something like an Archer
A7 or C7 is that if you use SQM it is relatively limited in terms of
throughput. I have an Armor Z2 which should be better, but it crashes
at least once a week for no obvious or consistent reason, whereas when I
run OpenWrt on x86 it is completely reliable and never falls over. In
the next couple of weeks I expect to be moving onto fibre running at
1000/200 so the x86 will offer the throughput I am looking for as well
as being the most reliable option. Using an AP with WiFi hardware and
running hostapd as the platform for my FreeRadius server might hide this
issue, but it does appear to be a bug.
> If you are observing STA action frames being forwarded from the
> currently-associated AP to the virtual OpenWRT node, then the STA
> considers the virtual OpenWRT to be a valid roam target. Or those
> frames are actually encapsulated EAP over RADIUS packets to perform a
> full STA reauthentication during a (non-802.11r) roam.
Except that I believe EAPOL traffic should be sent using an ethernet
888E packet, not an 890D which is specifically for the use of 802.11r.
I started out filtering my tcpdump for 890D packets precisely because
they are the packet type used for 802.11r and I expected to see a brief
handshake between my mobile device and the routers which isn't showing up.
More information about the Hostap