From: Sebastian Gottschall <s.gottschall@dd-wrt.com>
To: Sven Eckelmann <sven@narfation.org>, ath10k@lists.infradead.org
Subject: Re: EAP AP/VLAN: multicast not send to client
Date: Tue, 2 Feb 2021 08:04:56 +0100 [thread overview]
Message-ID: <7759ef6a-2853-5c13-12d9-5cc966b10833@dd-wrt.com> (raw)
In-Reply-To: <268706864.fOQeQAt3TZ@ripper>
the standard ath10k firmware für qca988x chipsets does filter vlans.
the only option for you is using the CT firmware by candelatech, which
does not suffer from this issue.
Sebastian
Am 01.02.2021 um 21:54 schrieb Sven Eckelmann:
> Hi,
>
> I was just testing EAP with dynamic_vlan=2 (and a radius server which returns
> the VLANID 112 for this client). This worked perfectly fine with ath9k. But
> for some reason, the client was not able to receive any multicast/broadcast
> packets with ath10k.
>
> The used OpenWrt 19.07 config was:
>
> config wifi-iface 'eap_radio0'
> option device 'radio0'
> option mode 'ap'
> option ssid 'MyEAPSSID'
> option encryption 'wpa2'
> option ieee80211r '1'
> option server '192.168.178.123'
> option key 'testing123'
> option dynamic_vlan '2'
> option vlan_bridge 'br-lan'
>
> Which creates following hostapd configuration:
>
>
> driver=nl80211
> logger_syslog=127
> logger_syslog_level=2
> logger_stdout=127
> logger_stdout_level=2
> country_code=DE
> ieee80211d=1
> hw_mode=g
> supported_rates=60 90 120 180 240 360 480 540
> basic_rates=60 120 240
> beacon_int=1000
> dtim_period=2
> channel=acs_survey
> chanlist=11
>
>
> ieee80211n=1
> ht_coex=0
> ht_capab=[LDPC][SHORT-GI-20][SHORT-GI-40][TX-STBC][RX-STBC1][MAX-AMSDU-7935][DSSS_CCK-40]
>
> interface=wlan0
> ctrl_interface=/var/run/hostapd
> bss_load_update_period=60
> chan_util_avg_period=600
> disassoc_low_ack=1
> skip_inactivity_poll=0
> preamble=1
> wmm_enabled=1
> ignore_broadcast_ssid=0
> uapsd_advertisement_enabled=1
> utf8_ssid=1
> multi_ap=0
> auth_server_addr=192.168.178.123
> auth_server_port=1812
> auth_server_shared_secret=testing123
> eapol_key_index_workaround=1
> ieee8021x=1
> auth_algs=1
> wpa=2
> wpa_pairwise=CCMP
> ssid=MyEAPSSID
> mobility_domain=3bf3
> ft_psk_generate_local=0
> ft_over_ds=1
> reassociation_deadline=1000
> nas_identifier=ac86749f4dc2
> r0_key_lifetime=10000
> pmk_r1_push=0
> wpa_disable_eapol_key_retries=0
> wpa_key_mgmt=WPA-EAP FT-EAP
> okc=0
> disable_pmksa_caching=1
> dynamic_vlan=2
> vlan_naming=1
> vlan_bridge=br-lan
> vlan_file=/var/run/hostapd-wlan0.vlan
> bssid=ac:86:74:9f:4d:c2
>
>
> The client connected and then following was tested to send some data to the
> client (which had wireshark running to check for incoming packets):
>
> ping ff02::1%wlan0.112
>
> With the ath9k AP, I could see the packets. With ath10k, I wasn't able to see
> anything in the air. So for some reason something (firmware?) is dropping the
> packets. Btw. unicast seems to work fine - but little bit hard to use when ARP
> or ICMPv6 multicast packets are not working.
>
> And there were various reports already in the past which seem to suggest that
> this a problem since a long time:
>
> * https://forum.openwrt.org/t/802-1x-with-dynamic-vlans-5ghz-and-mdns-strange-behaviour/50180
> * https://bugs.openwrt.org/index.php?do=details&task_id=3266&pagenum=3
> * https://forum.openwrt.org/t/multicast-not-working-over-bridged-ap/69059
>
> I have also added the output of
> `perf ftrace ping -c 1 -I wlan0.112 255.255.255.255` in case somebody wants to
> check the trace
>
> Kind regards,
> Sven
>
> _______________________________________________
> ath10k mailing list
> ath10k@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/ath10k
_______________________________________________
ath10k mailing list
ath10k@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/ath10k
next prev parent reply other threads:[~2021-02-02 7:06 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-01 20:54 EAP AP/VLAN: multicast not send to client Sven Eckelmann
2021-02-02 7:04 ` Sebastian Gottschall [this message]
2021-02-02 8:23 ` Sven Eckelmann
2021-02-02 8:58 ` Sebastian Gottschall
2021-02-02 9:06 ` Sven Eckelmann
2021-02-02 9:12 ` Sebastian Gottschall
2021-02-02 10:12 ` Sven Eckelmann
2021-02-02 13:27 ` Ben Greear
2021-02-02 13:57 ` Sven Eckelmann
2021-02-07 16:50 ` Ben Greear
2021-02-07 17:13 ` Sven Eckelmann
2021-02-07 17:42 ` Ben Greear
2021-02-08 20:32 ` Sven Eckelmann
2021-02-08 20:50 ` Ben Greear
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7759ef6a-2853-5c13-12d9-5cc966b10833@dd-wrt.com \
--to=s.gottschall@dd-wrt.com \
--cc=ath10k@lists.infradead.org \
--cc=sven@narfation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).