目录
理论解读
bSTA从其bSTA接口发送互联请求帧
时,帧内需含有一个多AP IE字段
(如表3),该字段包含一个多AP拓展子单元
:bit 7=1
表明该STA为bSTA
该字段的添加由函数add_multi_ap_ie
实现:
// ieee802_11_common.c
size_t add_multi_ap_ie(u8 *buf, size_t len, u8 value)
{
u8 *pos = buf;
if (len < 9)
return 0;
*pos++ = WLAN_EID_VENDOR_SPECIFIC; // 221
*pos++ = 7; /* len */
WPA_PUT_BE24(pos, OUI_WFA); // OUI_WFA = 0x506f9a
pos += 3;
*pos++ = MULTI_AP_OUI_TYPE; // 0x1B
*pos++ = MULTI_AP_SUB_ELEM_TYPE; // 0x06
*pos++ = 1; /* len */
*pos++ = value;
return pos - buf;
}
multi_ap选项的解释
option multi_ap ‘2’
# Enable Multi-AP functionality
# 0 = disabled (default)
# 1 = AP support backhaul BSS
# 2 = AP support fronthaul BSS
# 3 = AP supports both backhaul BSS and fronthaul BSS
wireless配置影响hostapd的conf:
没有设置option multi_ap的时候,在tmp/run/hostapd-phy0.conf文件中,multi_ap的值是0,即使在wireless配置文件中,配置了backhaul ssid和key,这两项在conf中也不存在;
配置option multi_ap ‘2’,在conf文件中,backhaul ssid和key生效;
配置option wds ‘1’,在conf文件中,会出现wds_sta=1;
WPS support
WPS must only be advertised on fronthaul BSSs, not on backhaul BSSs, so WPS should not be enabled on a backhaul-only BSS in hostapd.conf. The WPS configuration purely works on the fronthaul BSS.
When a WPS M1 message has an additional subelement that indicates a request for a Multi-AP backhaul link, hostapd must not respond with the normal fronthaul BSS credentials; instead, it should respond with the (potentially different) backhaul BSS credentials.
To support this, hostapd has the ‘multi_ap_backhaul_ssid’,
‘multi_ap_backhaul_wpa_psk’ and ‘multi_ap_backhaul_wpa_passphrase’ options.
When these are set on an BSS with WPS, they are used instead of the normal credentials when hostapd receives a WPS M1 message with the Multi-AP IE. Only WPA2-Personal is supported in the Multi-AP specification, so there is no need to specify authentication or encryption options. For the backhaul credentials, per-device PSK is not supported.
If the BSS is a simultaneous backhaul and fronthaul BSS, there is no need to
specify the backhaul credentials, since the backhaul and fronthaul credentials
are identical.
To enable the Multi-AP backhaul STA feature when it performs WPS, a new
parameter has been introduced to the WPS_PBC control interface call. When this “multi_ap=1” option is set, it adds the Multi-AP backhaul subelement to the Association Request frame and the M1 message. It then configures the new network profile with ‘multi_ap_backhaul_sta=1’. Note that this means that if the AP does not follow the Multi-AP specification, wpa_supplicant will fail to associate.
In summary, this is the end-to-end behavior for WPS of a backhaul link (i.e.,
multi_ap=1 option is given in the wps_pbc call on the STA side, and multi_ap=2 and multi_ap_backhaul_ssid and either multi_ap_backhaul_wpa_psk or multi_ap_backhaul_wpa_passphrase are set to the credentials of a backhaul BSS
in hostapd on Registrar AP).
- Fronthaul BSS Beacon frames advertise WPS support (nothing Multi-AP
specific). - Enrollee sends Authentication frame (nothing Multi-AP specific).
- AP sends Authentication frame (nothing Multi-AP specific).
- Enrollee sends Association Request frame with Multi-AP IE.
- AP sends Association Response frame with Multi-AP IE.
- Enrollee sends M1 with additional Multi-AP subelement.
- AP sends M8 with backhaul instead of fronthaul credentials.
- Enrollee sends Deauthentication frame.
References
[1] https://www.wi-fi.org/discover-wi-fi/wi-fi-easymesh
[2] https://github.com/prplfoundation/prplMesh
[3] https://www.wi-fi.org/file/multi-ap-specification-v10
(requires registration)
建立基础的四地址WPS
1、修改主路由和从路由的配置文件
Master AP
- 在接口中添加一句四地址使能配置,然后wifi重启
config wifi-iface 'default_radio0'
option device 'radio0'
option network 'lan'
option mode 'ap'
option wds '1' # 添加四地址配置
option ssid 'SiWiFi-17f0'
option encryption 'sae-mixed'
option key '12345678'
option hidden '0'
option ifname 'wlan0'
option wpa_group_rekey '36000'
option isolate '0'
option group '1'
option disable_input '0'
option wps_pushbutton '1'
option wps_label '0'
option band_steering '0'
Slave AP
- 修改network配置为dhcp,然后重启network
config interface 'lan'
option device 'br-lan'
option proto 'dhcp'
# option proto 'static'
# option ipaddr '192.168.1.1'
# option netmask '255.255.255.0'
# option ip6assign '60'
- 添加一个如下配置的STA,然后wifi重启
# 复制专用
config wifi-iface 'default_radio0_sta'
option device 'radio0'
option ifname 'wlan_sta'
option mode 'sta'
option network 'lan'
option wds '1'
option wpa_pushbutton '1'
option wps_config 'push_button'
option multi_ap '1'
option ssid 'easymesh'
option encryption 'psk2+ccmp'
option key '12345678'
option disabled '0'
# 注意事项
config wifi-iface 'default_radio0_sta' # 接口的默认名不可以含有短杠“-”
option device 'radio0'
option ifname 'wlan-sta'
option mode 'sta'
option network 'lan'
option wds '1'
option wpa_pushbutton '1'
option wps_config 'push_button'
option multi_ap '1' # 这一句应该不需要
option ssid 'easymesh'
option encryption 'psk2+ccmp' # 加密方式需要设置为psk2+ccmp
option key '12345678'
option disabled '0'
2、建立WPS连接
同下建立多AP的四地址WPS
3、查看是否连接成功
同下建立多AP的四地址WPS
现象记录
1、觉得debug效率太低,尝试利用wpa_print
开启CONFIG_DEBUG_SYSLOG宏
需要关闭CONFIG_NO_STDOUT_DEBUG、CONFIG_NO_WPA_MSG、CONFIG_ANDROID_LOG
需要开启CONFIG_DEBUG_SYSLOG
需要修改wpa_debug_syslog=1
但是还是无效
2、删除下级sta的判断,下级无限重启
建立多AP的四地址WPS
1、修改wireless配置文件
(1)主路由配置说明
config wifi-device 'radio0'
option type 'mac80211'
option country 'CN'
option txpower_lvl '2'
option txpower '25'
option channel '36'
option channels '36-165'
option band '5G'
option hwmode '11a'
option noscan '1'
option netisolate '0'
option max_all_num_sta '64'
option rd_disabled '1'
option path 'soc/0.pcie/pci0000:00/0000:00:00.0/0000:01:00.0'
option htmode 'HE80'
option disabled '0'
config wifi-iface 'default_radio0'
option device 'radio0'
option network 'lan'
option mode 'ap'
option wds '1' # 设置为四地址
option multi_ap '2' # 设置当前AP为fAP
option multi_ap_backhaul_ssid 'prplmesh_bh' # 设置对应的bAP的ssid
option multi_ap_backhaul_key '12345678' # 设置对应的bAP的key
option ssid 'SiWiFi-3b34'
option encryption 'psk2+ccmp' # 在部分节中,加密方式修改为"psk2+ccmp",为了方便,加密方式全部修改统一
option key '12345678'
option hidden '0'
option ifname 'wlan0'
option wpa_group_rekey '36000'
option isolate '0'
option group '1'
option disable_input '0'
option wps_pushbutton '1'
option wps_label '0'
option band_steering '0'
# 新增一个表示bAP的节(section)
config wifi-iface 'default_radio0_1' # 节的名称不可以出现短杠"-"
option device 'radio0'
option network 'lan'
option mode 'ap'
option multi_ap '1' # 设置当前AP为bAP
option ssid 'prplmesh_bh' # 设置bAP的ssid
option encryption 'psk2+ccmp'
option key '12345678' # 设置bAP的key
option hidden '0'
option ifname 'wlan0_1' # 设置当前接口的名字
option wpa_group_rekey '36000'
option isolate '0'
option group '1'
option disable_input '0'
option wps_pushbutton '1'
option wps_label '0'
option band_steering '0'
config wifi-iface 'guest_radio0'
option device 'radio0'
option network 'guest'
option mode 'ap'
option ssid 'SiWiFi-3b34-guest'
option encryption 'none'
option hidden '0'
option ifname 'wlan0-guest'
option isolate '1'
option group '1'
option netisolate '0'
option disable_input '0'
option disabled '1'
config wifi-device 'radio1'
option type 'mac80211'
option country 'CN'
option txpower_lvl '2'
option txpower '20'
option channel '1'
option band '2.4G'
option hwmode '11g'
option noscan '1'
option netisolate '0'
option max_all_num_sta '64'
option rd_disabled '0'
option path 'soc/0.pcie/pci0000:00/0000:00:00.0/0000:01:00.1'
option htmode 'VHT20'
option disabled '0'
config wifi-iface 'default_radio1'
option device 'radio1'
option network 'lan'
option mode 'ap'
option ssid 'SiWiFi-3b30-2.4G'
option encryption 'psk2+ccmp'
option key '12345678'
option hidden '0'
option ifname 'wlan1'
option wpa_group_rekey '36000'
option isolate '0'
option group '1'
option disable_input '0'
option wps_pushbutton '1'
option wps_label '0'
option band_steering '0'
config wifi-iface 'guest_radio1'
option device 'radio1'
option network 'guest'
option mode 'ap'
option ssid 'SiWiFi-3b30-2.4G-guest'
option encryption 'none'
option hidden '0'
option ifname 'wlan1-guest'
option isolate '1'
option group '1'
option netisolate '0'
option disable_input '0'
option disabled '1'
(2)从路由配置说明
config wifi-device 'radio0'
option type 'mac80211'
option country 'CN'
option txpower_lvl '2'
option txpower '25'
option channel '36'
option channels '36-165'
option band '5G'
option hwmode '11a'
option noscan '1'
option netisolate '0'
option max_all_num_sta '64'
option rd_disabled '1'
option path 'soc/0.pcie/pci0000:00/0000:00:00.0/0000:01:00.0'
option htmode 'HE80'
option disabled '0'
config wifi-iface 'default_radio0'
option device 'radio0'
option network 'lan'
option mode 'ap'
option ssid 'SiWiFi-17f0'
option encryption 'sae-mixed'
option key '12345678'
option hidden '0'
option ifname 'wlan0'
option wpa_group_rekey '36000'
option isolate '0'
option group '1'
option disable_input '0'
option wps_pushbutton '1'
option wps_label '0'
option band_steering '0'
# 新增一个表示bSTA的节(section)
config wifi-iface 'default_radio0_sta'
option device 'radio0'
option ifname 'wlan_sta' # 设置当前接口的名字
option mode 'sta' # 接口模式设置为sta
option network 'lan'
option wds '1' # 设置为四地址
option wpa_pushbutton '1'
option wps_config 'push_button'
option multi_ap '1' # 设置当前STA为bSTA
option encryption 'psk2+ccmp' # 设置加密方式
option disabled '0'
option ssid 'easymesh' # 设置默认的ssid
option key '12345678' # 设置默认的key
config wifi-iface 'guest_radio0'
option device 'radio0'
option network 'guest'
option mode 'ap'
option ssid 'SiWiFi-17f0-guest'
option encryption 'none'
option hidden '0'
option ifname 'wlan0-guest'
option isolate '1'
option group '1'
option netisolate '0'
option disable_input '0'
option disabled '1'
config wifi-device 'radio1'
option type 'mac80211'
option country 'CN'
option txpower_lvl '2'
option txpower '20'
option channel '1'
option band '2.4G'
option hwmode '11g'
option noscan '1'
option netisolate '0'
option max_all_num_sta '64'
option rd_disabled '0'
option path 'soc/0.pcie/pci0000:00/0000:00:00.0/0000:01:00.1'
option htmode 'VHT20'
option disabled '0'
config wifi-iface 'default_radio1'
option device 'radio1'
option network 'lan'
option mode 'ap'
option ssid 'SiWiFi-17ec-2.4G'
option encryption 'sae-mixed'
option key '12345678'
option hidden '0'
option ifname 'wlan1'
option wpa_group_rekey '36000'
option isolate '0'
option group '1'
option disable_input '0'
option wps_pushbutton '1'
option wps_label '0'
option band_steering '0'
config wifi-iface 'guest_radio1'
option device 'radio1'
option network 'guest'
option mode 'ap'
option ssid 'SiWiFi-17ec-2.4G-guest'
option encryption 'none'
option hidden '0'
option ifname 'wlan1-guest'
option isolate '1'
option group '1'
option netisolate '0'
option disable_input '0'
option disabled '1'
2、建立WPS连接
(1)cli 工具
controller + agent 端:
hostapd_cli -i <ifname> wps_pbc
agent 端:
# 作为normal STA启动
wpa_cli -i <ifname> wps_pbc
# 作为backhaul STA启动
wpa_cli -i <ifname> wps_pbc multi_ap=1
(2)ubus 工具
controller + agent 端:
ubus call hostapd.<ifname> wps_start
agent 端:
# 作为normal STA启动
ubus call wpa_supplicant.<ifname> wps_start
# 作为backhaul STA启动
ubus call wpa_supplicant.<ifname> wps_start '{"multi ap":true}'
对应上述的wireless配置,在控制台输入以下指令(两种方式二选一即可):
上级执行:
hostapd_cli -i wlan0 wps_pbc
下级执行:
wpa_cli -i wlan_sta wps_pbc
wpa_cli -i wlan_sta wps_pbc multi_ap=1
上级执行:
ubus call hostapd.wlan0 wps_start
下级执行:
ubus call wpa_supplicant.wlan_sta wps_start
ubus call wpa_supplicant.wlan_sta wps_start '{"multi ap":true}'
3、查看是否连接成功
在下级执行:
cat var/run/wpa_supplicant-wlan_sta.conf
可以看到:
root@OpenWrt:/# cat var/run/wpa_supplicant-wlan_sta.conf
ctrl_interface=/var/run/wpa_supplicant
update_config=1
country=CN
network={
scan_ssid=1
ssid="prplmesh_bh"
key_mgmt=WPA-PSK
multi_ap_backhaul_sta=1
psk="12345678"
proto=WPA2
}
注意,wpa_supplicant-wlan_sta.conf文件默认存储的是bSTA的ssid和key,成功建立WPS后,该文件则存储的是上级中bAP的ssid和key。
- 在配置的过程中,fAP的multi_ap_backhaul_key设置为1234567,会导致wifi没起来,hostapd进程也没起来
- bAP的key设置为1234567,会导致wlan0_1没起来
- 下级bSTA的key设置为1234567,连接时导致"Failed to connect to non-global ctrl_ifname: wlan_sta error: No such file or directory"