Chun-Yeow, yes, you are correct an extra node should not affect the rest of the nodes in the mesh. Adjusting the "lifetime" is NOT the solution (it does add overhead).
--Fabrice On 12/8/2011 8:43 AM, Yeoh Chun-Yeow wrote: > Hi, Fabrice > > From README authsae: > lifetime: how long a negotiated PMK is valid for. At then end of this > period the key will be deleted and the peer will be authenticated > again (if it's still around). > > I think that it could be a problem whenever one extra mesh node is up > in your network, the communication of existing mesh nodes are > affected. So the only way to minimize the problem is to reduce the > lifetime, but then it will create extra overhead in the network. > > Regards, > Chun-Yeow > > On Thu, Dec 8, 2011 at 9:39 PM, Fabrice Deyber > <[email protected] <mailto:[email protected]>> wrote: > > Hi Chun-Yeow, > Yes, that 's what I observe. It does go back to normal after some > time. That time is related to the "lifetime" in the SAE config file. > This makes sense, the keys are regenerated every "lifetime". It > also correlates with the fact that restarting the meshd daemon(s) > fixes the problem. > > --Fabrice > > > > On 12/8/2011 5:03 AM, Yeoh Chun-Yeow wrote: > > Hi, Javier and Fabrice > > After debugging with Wireshark, let me clarify further: > > Since Node 1 is pinging PC behind Node 2, after successfully > ping and node 3 is brought up, if the ping is continue, PREQ > broadcasting by Node 1 cannot be received or decrypted by Node > 2. Thus, Node 1 assumes Node 2 is dead or out of range since > no PREP from Node 2. Ping is route through Node 3. > > It seems that the problem is the broadcast PREQ frame > generated by either Node 2 or Node 1 cannot be decoded by Node > 1 or Node 2 respectively whenever Node 3 is up or reboot. Only > node 3 can decode the broadcast PREQ frame from either Node 1 > or Node 2. > > But after a period of time, it backs to normal. > > Regards, > Chun-Yeow > > _______________________________________________ Devel mailing list [email protected] http://open80211s.com/mailman/listinfo/devel
