[Commotion-dev] OpenWRT trunk r33202 does PSK-encrypted adhoc on ar71xx
Ben West
ben at gowasabi.net
Thu May 9 19:07:17 UTC 2013
Bumping this thread. Below is more info about the original patch that
appeared to get ball rolling on IBSS-RSN encryption. There is also contact
info for Antonio Quartulli, who seems to be a good person to ask about
issues with nodes not reliably authenticating themselves upon joining an
encrypted mesh.
https://lists.openwrt.org/pipermail/openwrt-devel/2012-January/013509.html
*Antonio Quartulli* ordex at autistici.org
<openwrt-devel%40lists.openwrt.org?Subject=Re%3A%20%5BOpenWrt-Devel%5D%20%5BPATCH%5D%20mac80211%3A%20provide%20IBSS%20RSN%20support%20for%20ath5k&In-Reply-To=%3C1326711999-20522-1-git-send-email-ordex%40autistici.org%3E>
On Thu, Aug 23, 2012 at 6:04 PM, Ben West <ben at gowasabi.net> wrote:
> Hi All,
>
> Sharing some results from a couple weeks of surfing the choppy waters
> of recent OpenWRT trunk: I have been able to get 2 UBNT ar71xx nodes
> to mesh with PSK-encrypted adhoc, aka IBSS RSN.
>
> You can even configure the encryption in /etc/config/wireless,
> provided you use hostapd and wpa_supplicant packages instead of wpad
> or wpad-mini.
>
> Known so far:
> - The meshconfig tool bundled w/ Commotion does not work at all,
> likely due to significant changes made after trunk r31639 for netifd
> support. I unfortunately could not glean more info about this, since
> nodes flashed w/ the commotionbase package atop r33202 trunk became
> completely unresponsive. I have a TTL/serial cable on order, to
> hopefully learn more about this.
> - Likewise, the freifunk-watchdog service (ffwatchd), as configured &
> bundled w/ Commotion, doesn't seem to like an encrypted mesh. I saw
> it repeatedly restarting the wireless interfaces, so I removed that
> pkg from the firmware images I was testing with. I posted a query to
> this list previously if anyone knows of documentation available for
> ffwatchd.
> - Although you can indeed specify "encryption psk" for the mesh VAP in
> /etc/config/wireless, a bug with wpa_supplicant.sh causes that VAP to
> lose its assigned IP address thereafter. I had do "ifconfig wlan0
> 10.12.x.x" after bringing up the wireless to restore the IP address.
> - "iw wlan0 station dump" suggests that nodes joining an encrypted
> mesh do not get reliably "authorized," even when they are
> "authenticated." On the un-authorized node where I observed this, I
> bringing its wlan0 down and then back up resolved this.
> - My UBNT nodes were able to ping each other (even at 10ms intervals
> using fping) OK for days, until a power blip reset them.
>
> Unknown, so far:
> - Whether this works for ath5k too. Trunk r33202 does not appear to
> boot at all on ath5k, although recent patches submitted to trunk do
> explicitly mention IBSS RSN support for ath5k.
> - What sort of speed penalty this imposes, or if the PSK encryption is
> done in hardware or software on either platform.
> - Whether ar71xx/ath5k driver will let you add more VAPs (encrypted or
> not) to a physical interface already broadcasting an encrypted mesh.
> - Whether hostapd-mini and wpa-supplicant-mini will correctly
> configure IBSS RSN, too.
>
> It looks like much thanks for getting IBSS RSN to a functional state
> on Atheros chips should go to Antonio Quartulli, who is involved with
> the BATMAN-based project http://open-mesh.org.
>
> --
> Ben West
> http://gowasabi.net
> ben at gowasabi.net
>
--
Ben West
http://gowasabi.net
ben at gowasabi.net
314-246-9434
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.chambana.net/pipermail/commotion-dev/attachments/20130509/4ec6bf23/attachment.html>
More information about the Commotion-dev
mailing list