Hi Fred, On Thu, Oct 18, 2012 at 12:55 PM, fred veldini <[email protected]> wrote: > Thanks for the information. > I will start digging in to issue with wireshark and get back to the group.
Thanks. > Quick question on mesh secured vs mesh non-secured. > > If i created a non-secured mesh first then decided to secure the mesh > afterwords without taking down the non-secured mesh (adding it while active > in non_secure > mode.) . Will that effect the authsae output and or behavior. If authsae > creats the link for the mesh with channel and id then wouldnt it cancel out > the non_secure mesh anyways. When authsae starts, it leaves any current mesh (secured or unsecured) and it joins/starts a secured one with the configuration given in the config file. After that all non-secure peers that are in range are ignored. See https://github.com/cozybit/authsae/blob/master/linux/meshd-nl80211.c#L525 for details. Cheers, Javier > On Wednesday, October 17, 2012, Javier Cardona <[email protected]> wrote: >> Hi Fred, >> >> Thanks for providing the logs. Some observations: >> >> 1. The "broken" frame reported in dmesg is from 00:15:6d:94:6e:6b to >> 00:15:6d:94:59:d8 and is not found in the authsae logs. There are no >> frames to that destination in the authsae logs. >> >> 2. The "broken" frame is an unsecured peer link open frame (category >> 13 = 0xd = IEEE80211_CATEGORY_MESH_ACTION). See the >><< below >> >> [68981.912493] XXX: frame: 00000000: d0 00 00 00 00 15 6d 94 59 d8 00 >> 15 6d 94 6e 6b ......m.Y...m.nk >> [68981.912499] XXX: frame: 00000010: 00 15 6d 94 6e 6b 00 00>>0d<<01 >> 84 0f 1f 01 ..m.nk........ >> >> 3. authsae only sends *secured* peer link management frames (category >> 15 = 0xf = IEEE80211_CATEGORY_SELF_PROTECTED). For instance: >> >> tx frame hexdump >> d0 00 00 00 00 15 6d 94 4f 76 00 15 6d 94 6e 6b 00 15 6d 94 >> 6e 6b 00 00>>0f<<01 10 00 01 08 82 84 8b 96 8c 12 98 24 32 04 >> >> 4. If that peer link open frame did not originate in authsae, it must >> have originated in the kernel. In fact, it is the kernel that >> establishes peer links in unsecured (open) mesh networks. But that >> protocol is disabled once a secure mesh is started. >> >> 5. Or maybe it was not started? >> >>> ---------- >>> meshd: Starting mesh with mesh id = my-mesh900 >>> ---------- >>> basic rates: hexdump >>> 82 84 8b 96 8c 98 b0 >>> ---------- >>> >>> Unexpected error -16 (expected -107) >> >> Error -16 is NLE_SEQ_MISMATCH, so it appears as if the command to >> start the secured mesh has failed. Apparently authsae ignores that >> error code and proceeds thinking a secure mesh has successfully >> started. But the kernel seems to be running its own unsecured mesh >> under the hood. >> >> So far this is only a hypothesis. To be sure we would have to see the >> beacons from the node that raises all the errors: do those beacons >> have a Robust Secure Network Information element in them? (The RSN IE >> looks like: >> const char rsn_ie[0x16] = {0x30, /* RSN element ID */ >> 0x14, /* length */ >> ... >> and is correctly parsed by wireshark). >> >> If they don't, we would have confirmed the hypothesis. >> >> Thanks for your help on this! >> >> Javier >> >> >> >> >> On Tue, Oct 16, 2012 at 10:19 PM, fred veldini <[email protected]> >> wrote: >>> Hello here is a dump of the authsae mesh errors with a dmesg dump. >>> Hope this helps >>> >>> Fred >>> >>> Things that standout are the following >>> >>> debug in authsae: >>> NL80211_CMD_TX_STATUS (1136259849.264671) >>> tx frame failed!tx_frame(0x80612a0, 0xbfdf06ec, 128) >>> tx frame (seq num=0) >>> >>> >>> dmesg output: >>> ath: phy0: Failed to stop TX DMA, queues=0x005! >>> ath: phy0: Timeout while waiting for nf to load: >>> AR_PHY_AGC_CONTROL=0x40d22 >>> >>> >>> Raw output of authsae and dmesg below >>> >>> >>> ---------------------------------- >>> authsae start cut >>> ---------------------------------- >>> # setting freq 2432, mode 0 (seq num=1136259852) >>> >>> ---------- >>> nlcfg rates hexdump >>> 0a 00 14 00 37 00 6e 00 3c 00 5a 00 78 00 b4 00 f0 00 68 01 >>> e0 01 1c 02 >>> ---------- >>> >>> ---------- >>> mgtk: hexdump >>> 19 a1 95 d6 07 0a 84 37 09 d6 54 c2 ed 76 ba ee >>> ---------- >>> >>> ---------- >>> Fixed Information Elements in this STA hexdump >>> 01 08 82 84 8b 96 8c 12 98 24 32 04 b0 48 60 6c >>> ---------- >>> >>> meshd: Starting mesh with mesh id = my-mesh900 >>> ---------- >>> basic rates: hexdump >>> 82 84 8b 96 8c 98 b0 >>> ---------- >>> >>> Unexpected error -16 (expected -107) >>> NL80211_CMD_NEW_PEER_CANDIDATE(1136259846.237476) >>> tx_frame(0x80612a0, 0xbfdf001c, 128) >>> tx frame (seq num=1136259863) >>> ---------- >>> tx frame hexdump >>> b0 00 00 00 00 15 6d 94 5a 39 00 15 6d 94 6e 6b 00 15 6d 94 >>> 5a 39 00 00 03 00 01 00 00 00 13 00 49 f2 86 1a 2f b3 31 47 >>> 92 57 d5 2f 35 fb 00 d9 e1 15 de 14 46 05 18 fd ac 3f fc a9 >>> 10 7f a8 dd b8 0a 15 a1 74 be 0b ad 0f 8b 07 18 7c 12 64 95 >>> 5d 41 c8 cf 1b 91 c2 6b 06 4a 48 90 1c a2 b3 db f0 32 eb 7f >>> aa f1 2e eb c5 6b cc 47 43 63 76 e7 8f 46 84 db 5d 76 1b 89 >>> 4e f3 e4 3e 38 2e db 95 >>> ---------- >>> >>> new unauthed sta (seq num=1136259864) >>> NL80211_CMD_NEW_STATION (1136259846.252940) >>> NL80211_CMD_TX_STATUS (1136259846.256306) >>> tx frame failed!NL80211_CMD_NEW_PEER_CANDIDATE(1136259846.442116) >>> tx_frame(0x80612a0, 0xbfdf001c, 128) >>> tx frame (seq num=1136259865) >>> ---------- >>> tx frame hexdump >>> b0 00 00 00 00 15 6d 94 4f 76 00 15 6d 94 6e 6b 00 15 6d 94 >>> 4f 76 00 00 03 00 01 00 00 00 13 00 7b d3 ca a4 93 55 f4 f1 >>> ce 86 61 39 15 90 a4 ef e5 cd cf ea 6c a1 c3 6e de 73 d9 0f >>> bc cd 62 a3 7d b8 b0 60 8a de 5c be 07 18 8a 9b de ad 57 b7 >>> 5e d2 87 01 33 51 b3 09 38 52 07 4b 22 b6 30 1d 7f 84 60 28 >>> b1 76 96 70 a9 0f 52 6b fc e4 a0 67 ff ba 3d 74 4e 38 ed 8d >>> 1d c7 07 43 a3 68 5a 37 >>> ---------- >>> >>> new unauthed sta (seq num=1136259866) >>> NL80211_CMD_TX_STATUS (1136259846.458128) >>> NL80211_CMD_NEW_STATION (1136259846.458361) >>> NL80211_CMD_FRAME (1136259846.461391) >>> ---------- >>> rx frame hexdump >>> b0 00 3a 01 00 15 6d 94 6e 6b 00 15 6d 94 4f 76 00 15 6d 94 >>> 6e 6b 80 c5 03 00 01 00 00 00 13 00 e8 21 ee 50 26 bb 83 81 >>> d1 9c 37 3c e6 1a 48 ba f6 07 97 9c 09 28 5f 5e 87 b7 9c 59 >>> 70 0b c9 f3 ca 15 a6 14 e5 b3 45 b8 6d c3 08 69 11 ad b4 8a >>> 3f df df 71 a2 5d 0e 46 09 f0 76 90 bc 21 a6 4d dd 6d 2e a3 >>> 3e 91 89 ac 8e c1 ce 17 bb f3 4c 98 eb ac 60 61 ca 5f 53 83 >>> 70 37 1a 2a f2 ed b2 b5 >>> ---------- >>> >>> tx_frame(0x80612a0, 0xbfdf02ac, 64) >>> tx frame (seq num=1136259867) >>> ---------- >>> tx frame hexdump >>> b0 00 00 00 00 15 6d 94 4f 76 00 15 6d 94 6e 6b 00 15 6d 94 >>> 4f 76 00 00 03 00 02 00 00 00 01 00 80 86 92 5a c4 a3 25 4a >>> 82 cd 44 77 c4 84 00 d6 8c 4d 16 58 dc 83 6e 4c bb 39 98 e1 >>> 15 ce f3 41 >>> ---------- >>> >>> NL80211_CMD_FRAME (1136259846.483637) >>> ---------- >>> rx frame hexdump >>> b0 00 3a 01 00 15 6d 94 6e 6b 00 15 6d 94 4f 76 00 15 6d 94 >>> 6e 6b 90 c5 03 00 02 00 00 00 01 00 e4 28 2b de 83 a9 6e 1f >>> c0 bc ed 15 bb fb 68 50 4a 5c 9d 25 19 fd 51 3e f6 50 bf c5 >>> 8d de 6d e3 >>> ---------- >>> >>> fin: 0, key len:32 peer:00:15:6d:94:4f:76 me:00:15:6d:94:6e:6b >>> ---------- >>> pmk hexdump >>> 32 11 49 4d 2e 55 85 59 1e d5 99 4d de 4d 90 54 34 0a 0f f2 >>> 77 41 65 b7 3b 6b-- > >> Javier Cardona >> cozybit Inc. >> http://www.cozybit.com >> _______________________________________________ >> Devel mailing list >> [email protected] >> http://lists.open80211s.org/cgi-bin/mailman/listinfo/devel >> > > _______________________________________________ > Devel mailing list > [email protected] > http://lists.open80211s.org/cgi-bin/mailman/listinfo/devel > -- Javier Cardona cozybit Inc. http://www.cozybit.com _______________________________________________ Devel mailing list [email protected] http://lists.open80211s.org/cgi-bin/mailman/listinfo/devel
