From owner-freebsd-current@FreeBSD.ORG Wed Jul 31 01:47:20 2013 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 86EA8D03 for ; Wed, 31 Jul 2013 01:47:20 +0000 (UTC) (envelope-from rpaulo@felyko.com) Received: from felyko.com (felyko.com [174.136.100.2]) by mx1.freebsd.org (Postfix) with ESMTP id 6CBA02392 for ; Wed, 31 Jul 2013 01:47:20 +0000 (UTC) Received: from [IPv6:2601:9:4d00:119:ddaa:c345:db22:1daf] (unknown [IPv6:2601:9:4d00:119:ddaa:c345:db22:1daf]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by felyko.com (Postfix) with ESMTPSA id 05E293982B; Tue, 30 Jul 2013 18:47:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=felyko.com; s=mail; t=1375235234; bh=okREphCtWHkbjZJqiOX/z1PKSCHGLM81DnriVm3wLuI=; h=Subject:From:In-Reply-To:Date:Cc:References:To; b=h+pFgtHWYr6BTBbz0x3G4u+r3UGaFlYrYaFEa/wiQA8qc11G4ElKaVr7a/OZaU639 PYPoDFP4K+DgxbGiNAhe6jsCQykPXgCSoXpwCunWH4L57w1rYLRGn5c5JyMq7W5X0c se1bfXC0CX25M2KIWo3tdwxWzYqUgg3iSty8r7x8= Content-Type: text/plain; charset=iso-8859-1 Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) Subject: Re: 802.1X: dhclient started before the auth. process ends From: Rui Paulo In-Reply-To: <51F7B50E.30708@dumbbell.fr> Date: Tue, 30 Jul 2013 18:47:12 -0700 Content-Transfer-Encoding: quoted-printable Message-Id: <70BF48B3-7E85-4259-89B8-098561797CA9@felyko.com> References: <51F26CEB.9010200@dumbbell.fr> <20130729095946.GK59101@e-new.0x20.net> <51F6758C.9020004@dumbbell.fr> <5FE3C8E1-E073-423D-84E2-242D16CA31E4@felyko.com> <51F7B50E.30708@dumbbell.fr> To: =?iso-8859-1?Q?Jean-S=E9bastien_P=E9dron?= X-Mailer: Apple Mail (2.1508) X-Mailman-Approved-At: Wed, 31 Jul 2013 02:46:17 +0000 Cc: "freebsd-current@freebsd.org bsd" X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 01:47:20 -0000 On 30 Jul 2013, at 05:43, Jean-S=E9bastien P=E9dron = wrote: > On 29.07.2013 21:56, Rui Paulo wrote: >> Disable all the configuration settings and run wpa_supplicant -ddd >> >=20 > I'm not sure I understand what you mean by "disable all the > configuration settings" but I did some more tests by running > wpa_supplicant manually (ie. not using netif script) with the same = options. >=20 > I found that when the interface (here, bge0) is already UP before > running wpa_supplicant, the authentication process is fast. However, > when the interface is DOWN, wpa_supplicant "associates" quickly but = the > authentication process starts between 5 and 20 seconds after. >=20 > Here's a log with both run (with interface UP then DOWN): > http://pastebin.com/f5ydiBpV >=20 > This delay is new with the recent 10-CURRENT. >=20 > A comment about the behavior I would expect (but keep in mind I'm a = dumb > user here, not a network expert at all). I see in the logs that when > issueing "service netif restart bge0": > 1. the interface is put DOWN, which terminates a previous dhclient > 2. wpa_supplicant is stopped > 3. wpa_supplicant is started again > 4. wpa_supplicant associates with a remote peer, which puts the > interface UP and triggers dhclient >=20 > I guess that this works for a Wifi network because the association is > only valid after the authentication finishes successfully. However, = with > 802.1X not involving Wifi (only wired), the association is made right = at > the beginning (see the logs I pasted), putting the interface UP (and > triggering dhclient) before the authentication starts. Could you please change the initialisation script rc.d/wpa_supplicant to = make it run with the extra options "-dd" ? The messages you sent are not = enough to diagnose the problem. -- Rui Paulo