From owner-freebsd-wireless@FreeBSD.ORG Sat Oct 26 14:32:46 2013 Return-Path: Delivered-To: freebsd-wireless@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 3E4244DD; Sat, 26 Oct 2013 14:32:46 +0000 (UTC) (envelope-from uspoerlein@gmail.com) Received: from mail-oa0-x234.google.com (mail-oa0-x234.google.com [IPv6:2607:f8b0:4003:c02::234]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id EF44420DE; Sat, 26 Oct 2013 14:32:45 +0000 (UTC) Received: by mail-oa0-f52.google.com with SMTP id n10so2061372oag.11 for ; Sat, 26 Oct 2013 07:32:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=Znzb3S0w9j2QULsxjHw1L5QLEC8AkzVVGsQLZWAYTVk=; b=RjM39cgtjVWOXvYjt0XEW5ep31rSU6y9kHLXSNddUZYA7/PYqvqmpIctQ6N/bXWspL 4OmQfNsuoIY3om8PnhdLJI8D+huKzQi/40+kgcXVCpPr9iZm8rvGENt+B9bpV3WAKkmh AVJuuWKcX5e21D8+52BQ7tZbuHMoQ6K0WDm6uJKc7eiK4nM2MdwujCMbgKh7UnB993TY eNlETEj8U2ooXi02Bxz2JuaITtEcB74Z+m0xLp8ggZ3u+h/FQBniRUiT/g9+MdEExRTB NWS5U2OG211LNuGaCXN09HhEK7xHnRMVtLRMhrNEljwFig3iuCXJGXtGUBjc5ND/4aUD dg0w== MIME-Version: 1.0 X-Received: by 10.182.22.18 with SMTP id z18mr7272823obe.42.1382797965169; Sat, 26 Oct 2013 07:32:45 -0700 (PDT) Sender: uspoerlein@gmail.com Received: by 10.76.69.104 with HTTP; Sat, 26 Oct 2013 07:32:45 -0700 (PDT) In-Reply-To: References: Date: Sat, 26 Oct 2013 16:32:45 +0200 X-Google-Sender-Auth: D7KQ2elEPGK_weiqa4M4F7JmBjw Message-ID: Subject: Re: implementing multiple BSSID addresses for different VAPs, or 'why was the flag called bssid again?' From: =?UTF-8?Q?Ulrich_Sp=C3=B6rlein?= To: Adrian Chadd Content-Type: text/plain; charset=UTF-8 Cc: "freebsd-wireless@freebsd.org" X-BeenThere: freebsd-wireless@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussions of 802.11 stack, tools device driver development." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Oct 2013 14:32:46 -0000 Well, the following in rc.conf wlans_ath0="wlan0 wlan2" create_args_wlan0="bssid wlanmode hostap country DE authmode wpa ssid COYOTE" ifconfig_wlan0="ssid COYOTE mode 11g pureg up" create_args_wlan2="bssid wlanmode hostap country DE authmode wpa ssid COYOTE_GUEST" ifconfig_wlan2="ssid COYOTE_GUEST mode 11g pureg up" Does not quite work, I'm left with: (from dmesg) Setting hostname: coyote.spoerlein.net. bridge0: Ethernet address: 02:ac:6e:56:db:00 Created clone interfaces: bridge0. wlan0: Ethernet address: 68:a3:c4:51:44:99 wlan2: Ethernet address: 6e:a3:c4:51:44:99 ifconfig: SIOCS80211: Device busy ath0: stuck beacon; resetting (bmiss count 4) (not that there's no echo for creating wlan devices, that should maybe be added?) Anyway, I thus get this: ath0: flags=8943 metric 0 mtu 2290 ether 68:a3:c4:51:44:99 nd6 options=21 media: IEEE 802.11 Wireless Ethernet autoselect mode 11g status: running wlan0: flags=8d43 metric 0 mtu 1500 ether 68:a3:c4:51:44:99 inet6 fe80::6aa3:c4ff:fe51:4499%wlan0 prefixlen 64 tentative scopeid 0xa nd6 options=29 media: IEEE 802.11 Wireless Ethernet autoselect mode 11g status: no carrier ssid COYOTE channel 7 (2442 MHz 11g) regdomain ETSI country DE indoor ecm authmode WPA2/802.11i privacy MIXED deftxkey 2 AES-CCM 2:128-bit txpower 30 scanvalid 60 pureg protmode CTS wme burst dtimperiod 1 -dfs wlan2: flags=8943 metric 0 mtu 1500 ether 6e:a3:c4:51:44:99 inet6 fe80::6ca3:c4ff:fe51:4499%wlan2 prefixlen 64 tentative scopeid 0xb nd6 options=29 media: IEEE 802.11 Wireless Ethernet autoselect mode 11g status: running ssid COYOTE_GUEST channel 7 (2442 MHz 11g) bssid 6e:a3:c4:51:44:99 regdomain ETSI country DE indoor ecm authmode 802.1x privacy MIXED deftxkey UNDEF txpower 30 scanvalid 60 pureg protmode CTS wme burst dtimperiod 1 -dfs root@coyote:~# ifconfig ath0 ath0: flags=8802 metric 0 mtu 2290 ether 68:a3:c4:51:44:99 nd6 options=21 media: IEEE 802.11 Wireless Ethernet autoselect (autoselect ) status: no carrier root@coyote:~# ifconfig wlan0 create wlandev ath0 bssid wlanmode hostap country DE authmode wpa ssid COYOTE root@coyote:~# ifconfig wlan0 wlan0: flags=8943 metric 0 mtu 1500 ether 6a:a3:c4:51:44:99 inet6 fe80::68a3:c4ff:fe51:4499%wlan0 prefixlen 64 tentative scopeid 0xa nd6 options=29 media: IEEE 802.11 Wireless Ethernet autoselect mode 11g status: running ssid COYOTE channel 13 (2472 MHz 11g) bssid 6a:a3:c4:51:44:99 regdomain ETSI country DE indoor ecm authmode 802.1x privacy MIXED deftxkey UNDEF txpower 30 scanvalid 60 pureg protmode CTS wme burst dtimperiod 1 -dfs root@coyote:~# ifconfig wlan2 create wlandev ath0 bssid wlanmode hostap country DE authmode wpa ssid COYOTE_GUEST ifconfig: SIOCS80211: Device busy Exit 1 root@coyote:~# ifconfig wlan2 wlan2: flags=8943 metric 0 mtu 1500 ether 6e:a3:c4:51:44:99 inet6 fe80::6ca3:c4ff:fe51:4499%wlan2 prefixlen 64 tentative scopeid 0xb nd6 options=29 media: IEEE 802.11 Wireless Ethernet autoselect mode 11g status: running ssid COYOTE_GUEST channel 13 (2472 MHz 11g) bssid 6e:a3:c4:51:44:99 regdomain ETSI country DE indoor ecm authmode 802.1x privacy MIXED deftxkey UNDEF txpower 30 scanvalid 60 pureg protmode CTS wme burst dtimperiod 1 -dfs root@coyote:~# ifconfig wlan0; ifconfig wlan2 wlan0: flags=8943 metric 0 mtu 1500 ether 6a:a3:c4:51:44:99 inet6 fe80::68a3:c4ff:fe51:4499%wlan0 prefixlen 64 tentative scopeid 0xa nd6 options=29 media: IEEE 802.11 Wireless Ethernet autoselect mode 11g status: running ssid COYOTE channel 13 (2472 MHz 11g) bssid 6a:a3:c4:51:44:99 regdomain ETSI country DE indoor ecm authmode 802.1x privacy MIXED deftxkey UNDEF txpower 30 scanvalid 60 pureg protmode CTS wme burst dtimperiod 1 -dfs wlan2: flags=8943 metric 0 mtu 1500 ether 6e:a3:c4:51:44:99 inet6 fe80::6ca3:c4ff:fe51:4499%wlan2 prefixlen 64 tentative scopeid 0xb nd6 options=29 media: IEEE 802.11 Wireless Ethernet autoselect mode 11g status: running ssid COYOTE_GUEST channel 13 (2472 MHz 11g) bssid 6e:a3:c4:51:44:99 regdomain ETSI country DE indoor ecm authmode 802.1x privacy MIXED deftxkey UNDEF txpower 30 scanvalid 60 pureg protmode CTS wme burst dtimperiod 1 -dfs Then I also had to bounce the hostapd on wlan0 and start the one on wlan2 and it looks very promising currently. Is it possible that there is a timing issue involved and doing it manually works better than when the startup scripts run through this? I've now got this working version that seems to be solid and comes up during boot w/o manual intervention. /etc/rc.conf: wlans_ath0="wlan0 wlan2" create_args_wlan0="bssid wlanmode hostap country DE authmode wpa ssid COYOTE" create_args_wlan2="bssid wlanmode hostap country DE authmode wpa ssid COYOTE_GUEST" (no ifconfig_wlanX settings, I'm using a bridge for these, no hostapd!) /etc/rc.local: #!/bin/sh /etc/rc.d/hostapd start wlan0 sleep 2 /etc/rc.d/hostapd start wlan2 and I get: root@coyote:~# ifconfig wlan0; ifconfig wlan2 wlan0: flags=8943 metric 0 mtu 1500 ether 68:a3:c4:51:44:99 nd6 options=29 media: IEEE 802.11 Wireless Ethernet autoselect mode 11g status: running ssid COYOTE channel 13 (2472 MHz 11g) bssid 68:a3:c4:51:44:99 regdomain ETSI country DE indoor ecm authmode WPA2/802.11i privacy MIXED deftxkey 2 AES-CCM 2:128-bit txpower 30 scanvalid 60 protmode CTS wme burst dtimperiod 1 -dfs wlan2: flags=8943 metric 0 mtu 1500 ether 6e:a3:c4:51:44:99 nd6 options=29 media: IEEE 802.11 Wireless Ethernet autoselect mode 11g status: running ssid COYOTE_GUEST channel 13 (2472 MHz 11g) bssid 6e:a3:c4:51:44:99 regdomain ETSI country DE indoor ecm authmode WPA2/802.11i privacy MIXED deftxkey 2 AES-CCM 2:128-bit txpower 30 scanvalid 60 protmode CTS wme burst dtimperiod 1 -dfs root@coyote:~# pgrep -fl hostapd 3071 /usr/sbin/hostapd -P /var/run/hostapd-wlan2.pid -B /etc/hostapd-wlan2.conf 3061 /usr/sbin/hostapd -P /var/run/hostapd-wlan0.pid -B /etc/hostapd-wlan0.conf Now I need to un-bridge the wlan2, put in a firewalled guest network and tweak pf accordingly. Or maybe I'll use a pf-based filtering bridge. And I still need an USB fob for that 5GHz AP. Thanks! Uli 2013/10/21 Adrian Chadd : > So, I finally (!) figured out how this address cloning crap works. > > In if_ath.c, there's assign_address(). It, yes, assigns addresses. If the > hardware supports the bssid mask field and the clone flag is set, it sets up > multiple addresses. This works great for up to 4 MACs. We have to modify it > to support more than 4 MAC addresses per NIC. > > .. but, how do you set the clone flag? > > The ifconfig manpage has two entries for 'bssid'. > > * the first is when you 'create' a VAP. It's passed as an arguement during > create, but before wlanmode. It doesn't take an option. > * the second is for setting the BSS ID for the VAP. It _does_ take an option > (the MAC.) > > If you try this, it fails: > > * ifconfig wlan11 create wlandev ath0 wlanmode hostap ssid 'foo_2' bssid > > If you try this, it works: > > * ifconfig wlan11 create wlandev ath0 bssid wlanomde hostap ssid 'foo_2' > > So, if you run multi-VAP, and you want to use WPA on all of the VAPs, please > try using 'bssid' as above and ensure you get multiple MAC addresses. This > should make things behave much, much better. If it doesn't then we have > bigger problems. > > Thanks, > > > -adrian >