802.11s vs. hostapd-dynamic-vlan?

I'm puzzled.

I want to use both, 802.11s with batman-adv on top, and a hostapd able to read wpa_psk_file and vlan_file.

But as soon as I use hostapd, I no longer got a mesh neighbor.
And if I use wpad-mesh-whatsoeverssl I got a mesh neigh., but permanent AP-STA-POSSIBLE-PSK-MISMATCH.
But back to hostapd, the same config works perfectly to assign stations to their VLAN, but I loose my 802.11s mesh. I'm lost.

Edit PS: 23.05.5

If the documentation is to be trusted, wpad-mesh-<ssl_library> is wpad-basic-<ssl_library> plus mesh support. And "basic" variants do not come with wpa_psk_file support. The "full large" wpad should support both mesh and wpa_psk_file, i.e. you would want to install the wpad-<ssl_library> package (hostapd does not include the supplicant required for mesh).

I think, at least from memory, that this is true.

So @_bernd it is probably worth trying wpad-mypreferredssl, ie the full, high fat. high protein, carnivore diet version :wink:

I think I tried that last night but will do agian, it would be a shame if not both features could be used at the same time.

Don't forget to do service wpad restart, or to be absolutely certain, power cycle.
I've been caught by that "gotcha" a couple of times.....

1 Like

Sure. I got bitten yesterday too. Often wifi, is enough but if the config was screwed up before then yes a reboot is more safe. If my kid is distracted I try to try it out before lunch...

And if I switch packages I have to reboot anyway because I need to flash a new image. The testbed is offline ATM.

Ok I tripple checked:

hostapd:

  • no mesh peer
  • wpa_psk_file is used; move STA to VLAN works

wpad:

  • no mesh peer
  • PSK-MISMATCH

wpad-foossl:

  • mesh peer
  • PSK-MISMATCH

@bluewavenet
I can't "mix" these packages, correct?

Does anyone know why wpad does not has this hostapd feature of reading and using wpa_psk_file and vlan_file?

Maybe I should think about how to run a cable from the hall to the living room then :confused:

Unsurprising. hostapd does not contain the wpa_supplicant neccessary for mesh.

wpad-somessl is definitely able to use wpa_psk_file. Perhaps the problem lies in the combination of mesh and wpa_psk_file? Did you try one without the other?

No, wpad contains hostapd (and wpa_supplicant).

Looking at a functioning meh node with wpad-mbedtls installed, I see it also has hostapd-common installed.
Do you also need to have hostapd-myfavoritetls?
Can you remove hostapd-common and add hostapd-myfavoritetls without breaking something?

Thanks for that pointer, I forgot about that!


Mon Sep 23 12:36:38 2024 daemon.notice wpa_supplicant[1301]: mesh1: new peer notification for 02:00:11:03:00:01
Mon Sep 23 12:36:38 2024 daemon.notice wpa_supplicant[1301]: mesh0: interface state UNINITIALIZED->ENABLED
Mon Sep 23 12:36:38 2024 daemon.notice wpa_supplicant[1301]: mesh0: AP-ENABLED
Mon Sep 23 12:36:38 2024 daemon.notice wpa_supplicant[1301]: mesh0: joining mesh .11s-TEST
Mon Sep 23 12:36:38 2024 daemon.notice netifd: Network device 'mesh0' link is up
Mon Sep 23 12:36:38 2024 daemon.notice netifd: Interface 'bat0_mesh0' has link connectivity
Mon Sep 23 12:36:38 2024 daemon.notice netifd: Interface 'bat0_mesh0' is setting up now
Mon Sep 23 12:36:38 2024 daemon.notice wpa_supplicant[1301]: mesh0: CTRL-EVENT-CONNECTED - Connection to 00:00:00:00:00:00 completed [id=1 id_str=]
Mon Sep 23 12:36:38 2024 kern.info kernel: [  124.600428] IPv6: ADDRCONF(NETDEV_CHANGE): mesh0: link becomes ready
Mon Sep 23 12:36:38 2024 daemon.notice wpa_supplicant[1301]: mesh0: MESH-GROUP-STARTED ssid=".11s-TEST" id=1
Mon Sep 23 12:36:38 2024 daemon.notice wpa_supplicant[1301]: mesh0: new peer notification for 02:00:11:02:00:01
Mon Sep 23 12:36:38 2024 kern.info kernel: [  124.765855] batman_adv: bat0: Adding interface: mesh0

Mon Sep 23 12:36:38 2024 kern.info kernel: [  124.796277] batman_adv: bat0: Interface activated: mesh0
Mon Sep 23 12:36:39 2024 daemon.notice netifd: Interface 'bat0_mesh0' is now up
Mon Sep 23 12:36:39 2024 daemon.notice wpa_supplicant[1301]: mesh1: MESH-SAE-AUTH-FAILURE addr=02:00:11:03:00:01
Mon Sep 23 12:36:39 2024 daemon.notice wpa_supplicant[1301]: mesh0: mesh plink with 02:00:11:02:00:01 established
Mon Sep 23 12:36:39 2024 daemon.notice wpa_supplicant[1301]: mesh0: MESH-PEER-CONNECTED 02:00:11:02:00:01
Mon Sep 23 12:36:39 2024 daemon.notice wpa_supplicant[1301]: mesh1: mesh plink with 02:00:11:03:00:01 established
Mon Sep 23 12:36:39 2024 daemon.notice wpa_supplicant[1301]: mesh1: MESH-PEER-CONNECTED 02:00:11:03:00:01

Mon Sep 23 12:36:57 2024 daemon.info hostapd: wlan0: STA f4:8c:50:21:05:39 IEEE 802.11: authenticated
Mon Sep 23 12:36:57 2024 daemon.info hostapd: wlan0: STA f4:8c:50:21:05:39 IEEE 802.11: associated (aid 1)
Mon Sep 23 12:36:57 2024 daemon.notice hostapd: Assigned VLAN ID 71 from wpa_psk_file to f4:8c:50:21:05:39
Mon Sep 23 12:36:57 2024 daemon.err hostapd: VLAN: vlan_add: ADD_VLAN_CMD failed for eth0: File exists
Mon Sep 23 12:36:57 2024 daemon.err hostapd: VLAN: br_addif: Failure determining interface index for 'vlan71'
Mon Sep 23 12:36:57 2024 daemon.err hostapd: VLAN: ifconfig_helper: ioctl(SIOCGIFFLAGS) failed for interface vlan71: No such device
Mon Sep 23 12:36:57 2024 kern.info kernel: [  143.271585] br-vlan71: port 3(wlan0.71) entered blocking state
Mon Sep 23 12:36:57 2024 kern.info kernel: [  143.277897] br-vlan71: port 3(wlan0.71) entered disabled state
Mon Sep 23 12:36:57 2024 kern.info kernel: [  143.284308] device wlan0.71 entered promiscuous mode
Mon Sep 23 12:36:57 2024 kern.info kernel: [  143.289863] br-vlan71: port 3(wlan0.71) entered blocking state
Mon Sep 23 12:36:57 2024 kern.info kernel: [  143.295940] br-vlan71: port 3(wlan0.71) entered forwarding state
Mon Sep 23 12:36:57 2024 daemon.notice hostapd: wlan0: AP-STA-CONNECTED f4:8c:50:21:05:39 auth_alg=open
Mon Sep 23 12:36:57 2024 daemon.info hostapd: wlan0: STA f4:8c:50:21:05:39 RADIUS: starting accounting session 69C95A79BED97021
Mon Sep 23 12:36:57 2024 daemon.info hostapd: wlan0: STA f4:8c:50:21:05:39 WPA: pairwise key handshake completed (RSN)
Mon Sep 23 12:36:57 2024 daemon.notice hostapd: wlan0: EAPOL-4WAY-HS-COMPLETED f4:8c:50:21:05:39
root@ap-flur:~# opkg list-installed | grep -Ee 'hostapd|wpa'
hostapd - 2023-09-08-e5ccbfc6-8
hostapd-common - 2023-09-08-e5ccbfc6-8
hostapd-utils - 2023-09-08-e5ccbfc6-8
wpa-cli - 2023-09-08-e5ccbfc6-8
wpa-supplicant-mesh-openssl - 2023-09-08-e5ccbfc6-8

Thanks a lot @takimata and @bluewavenet!

PS: I will clean it up and probably share the setup.

1 Like