OpenWrt/LEDE Project

  • Status Closed
  • Percent Complete
    100%
  • Task Type Bug Report
  • Category Base system
  • Assigned To No-one
  • Operating System All
  • Severity Medium
  • Priority Very Low
  • Reported Version openwrt-19.07
  • Due in Version Undecided
  • Due Date Undecided
  • Private
Attached to Project: OpenWrt/LEDE Project
Opened by BinaryEvolved - 30.12.2020
Last edited by Mathias Kresin - 04.01.2021

FS#3546 - ieee80211w breaks WLAN routing intra-zone

Device: Linksys WRT1900ACS
Software Versions:

  • OpenWrt 19.07.5 r11257-5090152ae3
  • wpad-basic 2019-08-08-ca8c2bd2-4 or wpad-openssl 2019-08-08-ca8c2bd2-4
  • hostapd-common 2019-08-08-ca8c2bd2-4

Problem:

When setting 802.11w Management Frame Protection to optional in Luci or adding option ieee80211w ‘1’ to /etc/config/wireless to a config wifi-iface, WLAN devices connected to AP are unable to route to other devices in the same subnet/interface.
This only applies when attempting to send data to another client on the same WLAN interface. Clients can still send data to other WLAN interfaces or other subnets (when permitted by firewall).
End clients will received either “Host is down” or “No route”.

Examples:

  • WLAN client assigned to 192.168.1.2 cannot find route to 192.168.1.3 with ieee80211w enabled
  • WLAN client assigned to 192.168.1.2 can find route to 192.168.2.2 with ieee80211w enabled
  • WLAN client assigned to 192.168.1.2 can find route to 192.168.2.2 with ieee80211w disabled

Expected Behavior:

Enabling Management Frame Protection to optional should not break routing to other devices on the same WLAN interface. If set to optional it should not break anything for clients that do not support it. If this is due to

Additional Info:

  • I sadly do not have access to clients which support ieee80211w, so I am unable to test if this issue still occurs with devices that support the feature.
  • This issue occurs with either wpad-openssl or wpad-basic (I included both version numbers tested above)
Closed by  Mathias Kresin
04.01.2021 21:20
Reason for closing:  Different project
BinaryEvolved commented on 30.12.2020 09:10

Oops, made a mistake in my original report

The examples should say:

Examples:

  • WLAN client assigned to 192.168.1.2 cannot find route to 192.168.1.3 with ieee80211w enabled
  • WLAN client assigned to 192.168.1.2 can find route to 192.168.2.2 with ieee80211w enabled
  • WLAN client assigned to 192.168.1.2 can find route to 192.168.1.3 with ieee80211w disabled
Hannu Nyman commented on 30.12.2020 13:42
Linksys WRT1900ACS

The wifi driver mwlwifi is known to have problems with 802.11w Management Frame Protection as "optional". (possibly also with "mandatory", but I haven't tested).

See e.g.

As mwlwifi is practically abandonware that is not developed further, the situation is not expected to improve, as fixes would likely require changes to the closed-source firmware blob.

Not sure if your problem are related to that, but as you have a mwlwifi device, it is a possible culprit.

BinaryEvolved commented on 01.01.2021 06:00

Ah darn, okay good to know im not going crazy. Been diagnosing this issue for a couple of weeks now and it took a while for me to narrow it down to the ieee80211w.

Thanks for finding what I could not!

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing