I have connection problems, when I am connected with my wifi network. I am using the encryption method "WPA2-EAP" and a seperated Windows RADIUS-Server. I am loosing the connection and my IP after 1 or 2 hours. I have to wait a few minutes and then I am reconnected. The AP (Linksys WRT3200ACM) is only a pass-through to the RADIUS-Server. I also have two other networks (BYOD & Guests) with the encryption method "WPA2-PSK" and there are no connection problems. I am using "OpenWrt 18.06.4 r7808-ef686b7292" and "wpad 2018-05-21-62566bc2-6". I also checked the logs form the Windows RADIUS-Server and there a no errors.
This looks exactly like what I have on my Openwrt router, so chances are you have the same issue:
When using WPA-EAP the PTK key is automatically being rekey each hour if you do not override it with a special config setting. The result is, that when you are use WPA-EAP you also have enabled PSK rekeying each hour without any additional setting. And without hostapd/wpa_supplicant debugging there are no log messages when rekeying. (There is now a warning in kernel >= 5.20 when it's considered dangerous.)
And PSK-rekeying is really broken. Starting from the IEEE-802.11 specification (impossible to rekey a busy connection without frame losses) down to most drivers (not doing it right) . The result is, that rekey only works in a few device/driver combinations OR if the link is idle when rekeying. If either the AP or the STA don't get it right any traffic between AP and the STA while rekeying has an excellent change the trick the replay protection of at least one station to drop all packets till the connection is rekeyed again. I've found and opened a bug for that three years ago: https://dev.archive.openwrt.org/ticket/18966
The only "simple" fix for that is to disable the rekeying at the moment. For that we have to add the hostapd config option "eap_reauth_period=0" to out hostapd config. (In the past I was able to simple configure it via uci, but on my Openwrt 18.06.2 the setting is not added to the hostapd.conf and therefore without effect. Have to dig deeper to figure out why that is no longer working.)
To test if you really have a rekey issue try enabling rekey also for PSK, that is still working:
This sets the rekey interval to 30s. Start streaming a video and ping your default GW. You should have multiple 30s long connection losses within 5min. Probably a 30s working/30s broken loop.
But that depends on many factors and it may sometimes work for some rekeys. (The outages should all 30s long, through)
Mac80211 from 4.20 kernel has a important - but still incomplete - fix for the issue. So trunk or Openwrt 19.07 could fix the issue is some cases.