[FS#3159] 802.11r default settings are inappropriate, need to change two default settings

OpenWrt Bugs openwrt-bugs at lists.openwrt.org
Sun Dec 6 14:18:43 EST 2020


THIS IS AN AUTOMATED MESSAGE, DO NOT REPLY.

The following task has a new comment added:

FS#3159 -  802.11r default settings are inappropriate, need to change two default settings
User who did this - Fabio Scaccabarozzi (fsvm88)

----------
Adding to this, as I spent the last 2 days debugging why my phone was *not* doing "fast" (B->A AP transitions (WPA-PSK): some clients do *not* disassociate/deauth from the old station *even after* associating to the new one (my OnePlus 5 Android 10.0 phone seems to do this).
My understanding was that at least in FT-over-DS via communication to the old AP, this case should have been covered by hostapd, but it's not.
Going A->B works perfectly, but since the client is never deauth/disassociated from A after the transition, going back to A before max_inactivity kicks in on AP A means the client will not reassociate to A, because A expects the old key and Client uses a new one I suppose (and it's still registered in the kernel, you can observe the infamous "Could not set STA to kernel driver" error until the client decides to re-do the entire handshake properly).
Lowering max_inactivity to 15 seconds allowed me to mostly work around this issue.
My guess it that this case is better-handled in WPA-EAP deployments, where one controller is in charge of the keys and does push/pull to the APs.
max_inactivity of 300 should work well for most users - not that I'm walking in and out of my house rooms every other minute myself - but I guess improving the documentation would save many more users a lot of time (esp. for the WPA-PSK usecase).

My final config:

config wifi-device 'radio0'
    option beacon_int '80'
    option channel '60'
    option country 'XX'
    option htmode 'VHT80'
    option hwmode '11a'
    option legacy_rates '0'
    option macaddr 'FF:FF:FF:FF:3c:56'
    option txpower '17'
    option type 'mac80211'

config wifi-iface 'wlan0'
    option bss_transition '1'
    option device 'radio0'
    option doth '1'
    option encryption 'psk2+ccmp'
    option ft_over_ds '0'
    option ft_psk_generate_local '1'
    option ieee80211r '1'
    option ieee80211v '1'
    option ieee80211w '1'
    option key ''
    option max_inactivity '15'
    option mode 'ap'
    option nasid '1111'
    option network 'lan'
    option pmk_r1_push '1'
    option reassociation_deadline '20000'
    option ssid 'net-5g'
    option wnm_sleep_mode '1'

config wifi-device 'radio1'
    option beacon_int '80'
    option channel '3'
    option country 'XX'
    option htmode 'HT20'
    option hwmode '11g'
    option legacy_rates '0'
    option macaddr 'FF:FF:FF:FF:84:eb'
    option txpower '17'
    option type 'mac80211'

config wifi-iface 'wlan1'
    option bss_transition '1'
    option device 'radio1'
    option doth '1'
    option encryption 'psk2+ccmp'
    option ft_over_ds '0'
    option ft_psk_generate_local '1'
    option ieee80211r '1'
    option ieee80211v '1'
    option ieee80211w '1'
    option key ''
    option max_inactivity '15'
    option mode 'ap'
    option nasid '1111'
    option network 'lan'
    option pmk_r1_push '1'
    option reassociation_deadline '20000'
    option ssid 'net'
    option wnm_sleep_mode '1'



Of course, nasid is '2222' for AP #2.

----------

More information can be found at the following URL:
https://bugs.openwrt.org/index.php?do=details&task_id=3159#comment9108

You are receiving this message because you have requested it from the Flyspray bugtracking system.  If you did not expect this message or don't want to receive mails in future, you can change your notification settings at the URL shown above.



More information about the openwrt-bugs mailing list