Hi All,<div><br></div><div>For a follow here, I have been able to get IBSS RSN (aka PSK-encrypted mesh) working now on an Open Mesh OM1P (aka Atheros AR2315 chipset), and it does successfully mesh with the existing two UBNT ar71xx nodes. So, encrypted mesh does work for atheros and ar71xx targets on OpenWRT trunk r33202.</div>
<div><br></div><div>I've been letting all 3 nodes mutually fping each other as fast as they will allow (roughly 1 ping per 50ms) for the past several days. So for no lockups or ugly complaints appearing in kernel logs, despite ifconfig reporting multiple GBytes transferred.<br>
<br>The problem with ath5k images not booting is actually due to a recently introduced compile option mucking with older ath5k devices:</div><div><a href="https://lists.openwrt.org/pipermail/openwrt-devel/2012-August/016539.html">https://lists.openwrt.org/pipermail/openwrt-devel/2012-August/016539.html</a><br>
<br><div class="gmail_quote">On Thu, Aug 23, 2012 at 6:04 PM, Ben West <span dir="ltr"><<a href="mailto:ben@gowasabi.net" target="_blank">ben@gowasabi.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Hi All,<br>
<br>
Sharing some results from a couple weeks of surfing the choppy waters<br>
of recent OpenWRT trunk: I have been able to get 2 UBNT ar71xx nodes<br>
to mesh with PSK-encrypted adhoc, aka IBSS RSN.<br>
<br>
You can even configure the encryption in /etc/config/wireless,<br>
provided you use hostapd and wpa_supplicant packages instead of wpad<br>
or wpad-mini.<br>
<br>
Known so far:<br>
- The meshconfig tool bundled w/ Commotion does not work at all,<br>
likely due to significant changes made after trunk r31639 for netifd<br>
support. I unfortunately could not glean more info about this, since<br>
nodes flashed w/ the commotionbase package atop r33202 trunk became<br>
completely unresponsive. I have a TTL/serial cable on order, to<br>
hopefully learn more about this.<br>
- Likewise, the freifunk-watchdog service (ffwatchd), as configured &<br>
bundled w/ Commotion, doesn't seem to like an encrypted mesh. I saw<br>
it repeatedly restarting the wireless interfaces, so I removed that<br>
pkg from the firmware images I was testing with. I posted a query to<br>
this list previously if anyone knows of documentation available for<br>
ffwatchd.<br>
- Although you can indeed specify "encryption psk" for the mesh VAP in<br>
/etc/config/wireless, a bug with wpa_supplicant.sh causes that VAP to<br>
lose its assigned IP address thereafter. I had do "ifconfig wlan0<br>
10.12.x.x" after bringing up the wireless to restore the IP address.<br>
- "iw wlan0 station dump" suggests that nodes joining an encrypted<br>
mesh do not get reliably "authorized," even when they are<br>
"authenticated." On the un-authorized node where I observed this, I<br>
bringing its wlan0 down and then back up resolved this.<br>
- My UBNT nodes were able to ping each other (even at 10ms intervals<br>
using fping) OK for days, until a power blip reset them.<br>
<br>
Unknown, so far:<br>
- Whether this works for ath5k too. Trunk r33202 does not appear to<br>
boot at all on ath5k, although recent patches submitted to trunk do<br>
explicitly mention IBSS RSN support for ath5k.<br>
- What sort of speed penalty this imposes, or if the PSK encryption is<br>
done in hardware or software on either platform.<br>
- Whether ar71xx/ath5k driver will let you add more VAPs (encrypted or<br>
not) to a physical interface already broadcasting an encrypted mesh.<br>
- Whether hostapd-mini and wpa-supplicant-mini will correctly<br>
configure IBSS RSN, too.<br>
<br>
It looks like much thanks for getting IBSS RSN to a functional state<br>
on Atheros chips should go to Antonio Quartulli, who is involved with<br>
the BATMAN-based project <a href="http://open-mesh.org" target="_blank">http://open-mesh.org</a>.<br>
<span class="HOEnZb"><font color="#888888"><br>
--<br>
Ben West<br>
<a href="http://gowasabi.net" target="_blank">http://gowasabi.net</a><br>
<a href="mailto:ben@gowasabi.net">ben@gowasabi.net</a><br>
</font></span></blockquote></div><br><br clear="all"><div><br></div>-- <br><div>Ben West</div><div><a href="mailto:me@benwest.name" target="_blank">me@benwest.name</a></div><br>
</div>