Date: Tue, 30 Jul 2013 14:43:58 +0200 From: =?ISO-8859-1?Q?Jean-S=E9bastien_P=E9dron?= <jean-sebastien.pedron@dumbbell.fr> To: Rui Paulo <rpaulo@felyko.com> Cc: Adrian Chadd <adrian@freebsd.org>, freebsd-current@freebsd.org, Lars Engels <lars.engels@0x20.net>, wireless@freebsd.org Subject: Re: 802.1X: dhclient started before the auth. process ends Message-ID: <51F7B50E.30708@dumbbell.fr> In-Reply-To: <5FE3C8E1-E073-423D-84E2-242D16CA31E4@felyko.com> References: <51F26CEB.9010200@dumbbell.fr> <20130729095946.GK59101@e-new.0x20.net> <CAJ-Vmo=yw-jL%2BT2QUfiOfx8oGZweNt%2BgWFBaVriVPtWsrVCEiA@mail.gmail.com> <51F6758C.9020004@dumbbell.fr> <5FE3C8E1-E073-423D-84E2-242D16CA31E4@felyko.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) ------enig2FJUOAEFCEQQIEVNILNSV Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 29.07.2013 21:56, Rui Paulo wrote: > Disable all the configuration settings and run wpa_supplicant -ddd > <all your other options...> I'm not sure I understand what you mean by "disable all the configuration settings" but I did some more tests by running wpa_supplicant manually (ie. not using netif script) with the same optio= ns. I found that when the interface (here, bge0) is already UP before running wpa_supplicant, the authentication process is fast. However, when the interface is DOWN, wpa_supplicant "associates" quickly but the authentication process starts between 5 and 20 seconds after. Here's a log with both run (with interface UP then DOWN): http://pastebin.com/f5ydiBpV This delay is new with the recent 10-CURRENT. A comment about the behavior I would expect (but keep in mind I'm a dumb user here, not a network expert at all). I see in the logs that when issueing "service netif restart bge0": 1. the interface is put DOWN, which terminates a previous dhclient 2. wpa_supplicant is stopped 3. wpa_supplicant is started again 4. wpa_supplicant associates with a remote peer, which puts the interface UP and triggers dhclient I guess that this works for a Wifi network because the association is only valid after the authentication finishes successfully. However, with 802.1X not involving Wifi (only wired), the association is made right at the beginning (see the logs I pasted), putting the interface UP (and triggering dhclient) before the authentication starts. --=20 Jean-S=E9bastien P=E9dron ------enig2FJUOAEFCEQQIEVNILNSV Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlH3tRcACgkQa+xGJsFYOlNWewCfbGiWPrxkAGtJSpfvJgpqEmqN 4hYAn2fJw0Ko+AwOEYd62a8cCb7GMRjE =34Q/ -----END PGP SIGNATURE----- ------enig2FJUOAEFCEQQIEVNILNSV--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?51F7B50E.30708>