>In our testing, we've been using rt2800usb with about 25 devices. IIRC, we had >to do BOTH >of those steps (nohwcrypt=1 AND patch the driver with the MFP flag) to get >encryption working with 802.11s,
Hi Yoeh and James, You were right on the money with the fix. I needed to do both to get the driver working. Now all is well! Thanks a bunch for the assistance! Dale On Sun, May 10, 2015 at 5:09 AM, James Otting via Devel <[email protected]> wrote: > Hi all, > > In our testing, we've been using rt2800usb with about 25 devices. IIRC, we > had to do BOTH of those steps (nohwcrypt=1 AND patch the driver with the MFP > flag) to get encryption working with 802.11s, but we still run into problems > and a fair number of errors and failures with the node count that high. It > seemed to work okay with around 5-10 devices in a mesh though. > > --James > > > > On 05/09/2015 11:14 AM, Yeoh Chun-Yeow via Devel wrote: >> >> Hi, Dale >> >> For rt2800usb, you can try your luck with the following for secured mesh: >> 1. Load the rt2800usb with nohwcrypt=1 to use software crypto >> or >> 2. Modify the driver as shown in >> http://lists.open80211s.org/pipermail/devel/2013-June/002981.html >> >> ---- >> Chun-Yeow >> >> >> On Sat, May 9, 2015 at 11:52 PM, Dale Larson via Devel >> <[email protected]> wrote: >>> >>> Hi, >>> >>> I have a functioning open 802.11s mesh that works great. Now I'm >>> attempting to set up an encrypted mesh using SAE and AMPE. First >>> I tried the wpa_supplicant approach and it appeared to authenticate >>> but I couldn't ping the nodes. >>> >>> So I decided to simplify the problem and used the authsae based >>> daemon provided on GitHub. >>> >>> When I start up the mesh it appears to be authenticated and ready to >>> go but I can't ping either node form the other. mpath dumps show nothing. >>> The dump has entries when I run an open mesh. >>> >>> I seems like I'm missing some piece, step, or...what? >>> >>> Details follow... >>> >>> ======= Test system: >>> >>> * Two BeagleBone Blacks running Debian Wheezy w/kernel 3.15.10-bone8 >>> * iw (4.1) >>> * authsae (Github commit tip 8531ab158910a.) >>> * Using rt2800usb with Ralink Technology, Corp. >>> RT5370 Wireless Adapter (Debian version and firmware) >>> * wpa_supplicant (2.4) version used on failed attempts. >>> >>> ======= authsae.cfg file: >>> /* All mesh station settings */ >>> authsae: >>> { >>> sae: >>> { >>> debug = 172; /* 0xac */ >>> password = "meshpassword"; >>> group = [19, 26, 21, 25, 20]; >>> blacklist = 5; >>> thresh = 5; >>> lifetime = 3600; >>> }; >>> meshd: >>> { >>> meshid = "mesh-sae"; >>> interface = "mesh0"; >>> band = "11g"; >>> channel = 1; >>> #htmode = "HT20"; >>> mcast-rate = 12; >>> }; >>> }; >>> >>> ======== Station 1 >>> Setup... >>> >>> sudo iw wlan0 interface add mesh0 type mp >>> sudo ifconfig mesh0 192.168.42.1 >>> sudo meshd-nl80211 -c authsae.cfg >>> >>> Output... >>> >>> debian@wifimesh01:~$ sudo meshd-nl80211 -c authsae.cfg >>> group 19 is configured, prime is 32 bytes >>> group 26 is configured, prime is 28 bytes >>> group 21 is configured, prime is 66 bytes >>> group 25 is configured, prime is 24 bytes >>> group 20 is configured, prime is 48 bytes >>> nlerror, cmd 11, seq 1431184951: Invalid argument >>> Initiate event >>> computing PWE on 256 bit curve number 19 >>> it took 1 tries to find PWE: 19 >>> state of 00:e0:4c:81:bd:a0 is now (1) COMMITTED >>> >>> state of 00:e0:4c:81:bd:a0 is now (2) CONFIRMED >>> >>> got COMMIT again, try to resync >>> state of 00:e0:4c:81:bd:a0 is now (2) CONFIRMED >>> >>> PMK: >>> 2c1fe937 662e76b8 16616662 bce48938 f064bb26 6c8f0fdc b27df2dd 0f54eb8f >>> >>> Mesh plink: starting establishment with 00:e0:4c:81:bd:a0 >>> Mesh plink: Sending plink action 1 >>> state of 00:e0:4c:81:bd:a0 is now (3) ACCEPTED >>> >>> TODO: return available peer link slots >>> Mesh plink (peer, state, llid, plid, event): 00:e0:4c:81:bd:a0 OPN-SNT >>> 31070 40200 1 >>> Mesh plink: Sending plink action 2 >>> state of 00:e0:4c:81:bd:a0 is now (3) ACCEPTED >>> >>> TODO: return available peer link slots >>> Mesh plink (peer, state, llid, plid, event): 00:e0:4c:81:bd:a0 >>> OPN-RCVD 31070 40200 4 >>> mesh plink with 00:e0:4c:81:bd:a0 established >>> nlerror, cmd 11, seq 1431184970: Invalid argument >>> nlerror, cmd 18, seq 1431184971: Invalid argument >>> Mesh plink timer for 00:e0:4c:81:bd:a0 fired on state ESTAB >>> Timeout for peer 00:e0:4c:81:bd:a0 in state 4 >>> >>> ======== Station 2 >>> Setup... >>> >>> sudo iw wlan0 interface add mesh0 type mp >>> sudo ifconfig mesh0 192.168.42.2 >>> sudo meshd-nl80211 -c authsae.cfg >>> >>> Output... >>> debian@wifimesh02:~$ sudo meshd-nl80211 -c authsae.cfg >>> group 19 is configured, prime is 32 bytes >>> group 26 is configured, prime is 28 bytes >>> group 21 is configured, prime is 66 bytes >>> group 25 is configured, prime is 24 bytes >>> group 20 is configured, prime is 48 bytes >>> nlerror, cmd 11, seq 1431184956: Invalid argument >>> Initiate event >>> computing PWE on 256 bit curve number 19 >>> it took 1 tries to find PWE: 19 >>> state of 00:e0:4c:81:bc:1a is now (1) COMMITTED >>> >>> state of 00:e0:4c:81:bc:1a is now (2) CONFIRMED >>> >>> PMK: >>> 2c1fe937 662e76b8 16616662 bce48938 f064bb26 6c8f0fdc b27df2dd 0f54eb8f >>> >>> Mesh plink: starting establishment with 00:e0:4c:81:bc:1a >>> Mesh plink: Sending plink action 1 >>> state of 00:e0:4c:81:bc:1a is now (3) ACCEPTED >>> >>> resending CONFIRM... >>> state of 00:e0:4c:81:bc:1a is now (3) ACCEPTED >>> >>> TODO: return available peer link slots >>> Mesh plink (peer, state, llid, plid, event): 00:e0:4c:81:bc:1a OPN-SNT >>> 40200 31070 1 >>> Mesh plink: Sending plink action 2 >>> TODO: return available peer link slots >>> Mesh plink (peer, state, llid, plid, event): 00:e0:4c:81:bc:1a >>> OPN-RCVD 40200 31070 4 >>> mesh plink with 00:e0:4c:81:bc:1a established >>> nlerror, cmd 11, seq 1431184974: Invalid argument >>> nlerror, cmd 18, seq 1431184975: Invalid argument >>> Mesh plink timer for 00:e0:4c:81:bc:1a fired on state ESTAB >>> Timeout for peer 00:e0:4c:81:bc:1a in state 4 >>> >>> ======== Station Dumps (iw mesh0 station dump): >>> debian@wifimesh01:~$ iw mesh0 station dump >>> Station 00:e0:4c:81:bd:a0 (on mesh0) >>> inactive time: 113720 ms >>> rx bytes: 6689 >>> rx packets: 118 >>> tx bytes: 838 >>> tx packets: 7 >>> tx retries: 2 >>> tx failed: 0 >>> signal: -23 dBm >>> signal avg: -23 dBm >>> Toffset: -5121717 us >>> tx bitrate: 54.0 MBit/s >>> rx bitrate: 1.0 MBit/s >>> mesh llid: 0 >>> mesh plid: 0 >>> mesh plink: ESTAB >>> mesh local PS mode: ACTIVE >>> mesh peer PS mode: UNKNOWN >>> mesh non-peer PS mode: ACTIVE >>> authorized: yes >>> authenticated: yes >>> preamble: long >>> WMM/WME: yes >>> MFP: yes >>> TDLS peer: no >>> >>> debian@wifimesh02:~$ iw mesh0 station dump >>> Station 00:e0:4c:81:bc:1a (on mesh0) >>> inactive time: 250 ms >>> rx bytes: 4642 >>> rx packets: 81 >>> tx bytes: 646 >>> tx packets: 5 >>> tx retries: 1 >>> tx failed: 0 >>> signal: -33 dBm >>> signal avg: -33 dBm >>> Toffset: 287297429 us >>> tx bitrate: 11.0 MBit/s >>> rx bitrate: 1.0 MBit/s >>> mesh llid: 0 >>> mesh plid: 0 >>> mesh plink: ESTAB >>> mesh local PS mode: ACTIVE >>> mesh peer PS mode: ACTIVE >>> mesh non-peer PS mode: ACTIVE >>> authorized: yes >>> authenticated: yes >>> preamble: long >>> WMM/WME: yes >>> MFP: yes >>> TDLS peer: no >>> >>> ======== Yet pings don't work: >>> >>> debian@wifimesh02:~$ ping 192.168.42.1 >>> PING 192.168.42.1 (192.168.42.1) 56(84) bytes of data. >>> From 192.168.42.2 icmp_seq=1 Destination Host Unreachable >>> From 192.168.42.2 icmp_seq=2 Destination Host Unreachable >>> From 192.168.42.2 icmp_seq=3 Destination Host Unreachable >>> From 192.168.42.2 icmp_seq=4 Destination Host Unreachable >>> From 192.168.42.2 icmp_seq=5 Destination Host Unreachable >>> From 192.168.42.2 icmp_seq=6 Destination Host Unreachable >>> ^C >>> debian@wifimesh02:~$ sudo iw mesh0 mpath dump >>> DEST ADDR NEXT HOP IFACE SN METRIC QLEN >>> EXPTIME DTIM DRET FLAGS >>> debian@wifimesh02:~$ >>> >>> ======= >>> >>> Dale >>> _______________________________________________ >>> Devel mailing list >>> [email protected] >>> http://lists.open80211s.org/cgi-bin/mailman/listinfo/devel >> >> _______________________________________________ >> Devel mailing list >> [email protected] >> http://lists.open80211s.org/cgi-bin/mailman/listinfo/devel > > > _______________________________________________ > Devel mailing list > [email protected] > http://lists.open80211s.org/cgi-bin/mailman/listinfo/devel _______________________________________________ Devel mailing list [email protected] http://lists.open80211s.org/cgi-bin/mailman/listinfo/devel
