On Tue, Jun 7, 2011 at 2:37 AM, V-SHY HO <vshy...@hotmail.com> wrote: > Hi all, > > First, thank for Javier's script that make mac80211_hwsim have success ping. > > I used wireshark to capture the setup and ping process in real secured mesh > with only one hop (actually can't call mesh). > > For setup process, > > wireshark captured beacon frames, authentication and action packets. > > After the setup process, then one of two nodes received beacon frame > continuously. > > When the ping process start, > > The ping sender sent out data frame to broadcast. (which supposed to have > destination address of another node) > > Another node also received the data frame generated by ping process but it > won't reply because that was a broadcast frame. > > The nodes' MAC address were > > f0:7d:68:c4:d7:a8 > > f0:7d:68:c4:d8:37 > > ( IP address was set and secured mesh link established before ping process) > > Ping process become broadcast transmission with broadcast destination > address (and don't have receiver address, transmitter address) > is the reason we cannot have success ping at secured mesh?
Thank you for the captures. This is the same problem we've observed on our ath9k cards and seems to be related to key installation. For secured mesh to work the driver/device need to support multiple Group Temporal Keys (GTKs) as a different key will be required to decrypt broadcast traffic from each peer. The authsae daemon does exchange gtk's with each authenticated peer and will install the keys successfully. You've seen that with mac80211_hwsim, and you can confirm that for your driver by inspecting the keys via debugfs. But the ath9k driver seems to nuke the encrypted broadcast frame before passing it to mac80211 for decryption. This is why there is no response to those broadcast frames (which I assume are ARP requests to resolve the MAC address of the peer) Thanks, Javier -- Javier Cardona cozybit Inc. http://www.cozybit.com _______________________________________________ Devel mailing list Devel@lists.open80211s.org http://open80211s.com/mailman/listinfo/devel
