From owner-freebsd-wireless@FreeBSD.ORG Tue Jul 30 12:44:11 2013 Return-Path: Delivered-To: wireless@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id A1C33569; Tue, 30 Jul 2013 12:44:11 +0000 (UTC) (envelope-from jean-sebastien.pedron@dumbbell.fr) Received: from mail.made4.biz (unknown [IPv6:2001:41d0:1:7018::1:3]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 5DDB72F74; Tue, 30 Jul 2013 12:44:11 +0000 (UTC) Received: from [2001:1b48:10b:cafe:225:64ff:febe:589f] (helo=viking.yzserv.com) by mail.made4.biz with esmtpsa (TLSv1:DHE-RSA-CAMELLIA256-SHA:256) (Exim 4.80.1 (FreeBSD)) (envelope-from ) id 1V49Hb-000Da6-W0; Tue, 30 Jul 2013 14:44:08 +0200 Message-ID: <51F7B50E.30708@dumbbell.fr> Date: Tue, 30 Jul 2013 14:43:58 +0200 From: =?ISO-8859-1?Q?Jean-S=E9bastien_P=E9dron?= User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130626 Thunderbird/17.0.7 MIME-Version: 1.0 To: Rui Paulo Subject: Re: 802.1X: dhclient started before the auth. process ends References: <51F26CEB.9010200@dumbbell.fr> <20130729095946.GK59101@e-new.0x20.net> <51F6758C.9020004@dumbbell.fr> <5FE3C8E1-E073-423D-84E2-242D16CA31E4@felyko.com> In-Reply-To: <5FE3C8E1-E073-423D-84E2-242D16CA31E4@felyko.com> X-Enigmail-Version: 1.5.1 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="----enig2FJUOAEFCEQQIEVNILNSV" Cc: freebsd-current@freebsd.org, wireless@freebsd.org X-BeenThere: freebsd-wireless@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussions of 802.11 stack, tools device driver development." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 12:44:11 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) ------enig2FJUOAEFCEQQIEVNILNSV Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 29.07.2013 21:56, Rui Paulo wrote: > Disable all the configuration settings and run wpa_supplicant -ddd > I'm not sure I understand what you mean by "disable all the configuration settings" but I did some more tests by running wpa_supplicant manually (ie. not using netif script) with the same optio= ns. I found that when the interface (here, bge0) is already UP before running wpa_supplicant, the authentication process is fast. However, when the interface is DOWN, wpa_supplicant "associates" quickly but the authentication process starts between 5 and 20 seconds after. Here's a log with both run (with interface UP then DOWN): http://pastebin.com/f5ydiBpV This delay is new with the recent 10-CURRENT. A comment about the behavior I would expect (but keep in mind I'm a dumb user here, not a network expert at all). I see in the logs that when issueing "service netif restart bge0": 1. the interface is put DOWN, which terminates a previous dhclient 2. wpa_supplicant is stopped 3. wpa_supplicant is started again 4. wpa_supplicant associates with a remote peer, which puts the interface UP and triggers dhclient I guess that this works for a Wifi network because the association is only valid after the authentication finishes successfully. However, with 802.1X not involving Wifi (only wired), the association is made right at the beginning (see the logs I pasted), putting the interface UP (and triggering dhclient) before the authentication starts. --=20 Jean-S=E9bastien P=E9dron ------enig2FJUOAEFCEQQIEVNILNSV Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlH3tRcACgkQa+xGJsFYOlNWewCfbGiWPrxkAGtJSpfvJgpqEmqN 4hYAn2fJw0Ko+AwOEYd62a8cCb7GMRjE =34Q/ -----END PGP SIGNATURE----- ------enig2FJUOAEFCEQQIEVNILNSV--