Friday, 27 February 2015

Nice to know

If AP's IP address is unknown, connect the ethernet cable from AP to PC and send the command:
                                        ping -b

AP will respond back.

root@pb16lap01u:/home/priya/# ping -b
WARNING: pinging broadcast address
PING ( 56(84) bytes of data.
64 bytes from icmp_req=2 ttl=255 time=0.402 ms
64 bytes from icmp_req=3 ttl=255 time=0.444 ms
64 bytes from icmp_req=4 ttl=255 time=0.382 ms

DHCP setup sequence in Cisco AP:
To open command line interface: telnet <AP's IP address> 9000
ap> en
password: (generally Cisco)
ap#conf t
ap(config)#service dhcp
ap(config)#ip dhcp pool meghna
ap(dhcp-config)#lease infinite

How to unpatch a .patch file?
patch -p1 < hostapd_2.0_xxx.patch

How to set module parameter for kernel module during load time?

modprobe wil6210 rx_ring_order=8
This can be verified in /sys/module/wil6210/parameters/rx_ring_order

4 way handshake:

How to configure PTK and GTK rekeying? 
   For 30 mins timeout, in WLC configure the “Enable Session Timeout” in 1800


In hostpad.conf,
   wpa_group_rekey=600 (in seconds)

> show pmk-cache all shows lifetime of the timers.

while running hostapd, if you get the error : nl80211: Could not configure driver mode

sudo nmcli nm wifi off
sudo rfkill unblock wlan

Installing toolchain
Download tool chain
cd /dir/in/which/tar/file/is/saved && tar xjf gcc-arm-none-eabi-*-yyyymmdd-mac.tar.bz2

which arm-none-eabi-gcc
should show something like:

Friday, 23 January 2015

P2P Provisioning

Purpose of provisioning is to get user credential (WPS PIN or PBC) for WPS procedure. P2P GO shall use the operating channel as indicated during GO negotiation.

When a P2P Device joins an existing P2P Group that it has not stored a credential for, it shall send a Provision Discovery Request frame with a single method set in the Config Methods attribute to indicate the desire to enroll in the network.

The Provision Discovery Request frame shall be sent to the P2P Device Address of the P2P Group Owner and on the operating channel of the P2P Group.

The P2P Group Owner may use this frame as a trigger that a device wants to enroll (maybe an indication can be shown to the user). A P2P Group Owner shall respond to a received Provision Discovery Request frame with a Provision Discovery Response frame.

Provision discovery request will have a single method set in the config methods  attribute to indicate the desire to enroll in the network.

Provision discovery response MAY have same method as in provision discovery request to indicate SUCCESS or shall be NULL to indicate failure.

Group formation bit in the P2P capability bitmap of the P2P capability attribute shall be set to 1 until provisioning succeeds.

On successful completion of provisioning P2P Group Owner shall set group formation bit is set to 0.

Thursday, 22 January 2015

Opportunistic power save in P2P

Opportunistic power save allows P2P Group Owner to save power when all its associated clients are sleeping.

P2P Power Management protocol defines an availability period, called the CTWindow(Client Traffic Window), during which a P2P Group Owner is present.  P2P Clients are allowed to transmit during CTWindow period. If at the end of the CTWindow all associated P2P Clients are sleeping, the P2P
Group Owner is allowed to sleep until the next Beacon time. However, if any P2P Client stays in active mode at the end of the CTWindow the P2P Group Owner is forced to remain awake
until the next Beacon time.

The P2P Group Owner is responsible for selecting an appropriate value for
CTWindow. The CTWindow shall be an integral number of TU and shall always
be less than the beacon interval. For a P2P Group Owner that desires to be
discoverable, the CTWindow should be at least 10 TU. A CTWindow shall start
at each TBTT and extend for the chosen duration.

Opportunistic power save:
The P2P  Group Owner shall indicate that Opportunistic Power Save is enabled by setting  the OppPS bit to 1 in the CTWindow and OppPS Parameters field of the Notice of Absence attribute in beacon.

With OppPS set to 1:

 If at the end of the CTWindow all associated P2P Clients are sleeping, the P2PGroup Owner is allowed to sleep until the next Beacon time. Here's a Null function set with
power management bit set to 1 to indicate that STA is going to sleep.

However, if any P2P Client stays in active mode at the end of the CTWindow the P2P Group Owner is forced to remain awake until the next Beacon time.

Wednesday, 18 December 2013

WiFi Direct

Wi-Fi Direct builds upon the successful IEEE802.11 infrastructure mode and lets devices negotiate who will take over the AP-like functionalities. Thus, legacy Wi-Fi devices may seamlessly connect to Wi-Fi Direct devices . By taking this decision, Wi-Fi Direct immediately inherits all the enhanced QoS, power saving, and security mechanisms.

Here's a quick guide on setting up WPS.

In a typical Wi-Fi network, clients discover and associate to WLANs, which are created and announced by Access Points (APs). In this way, a device unambiguously behaves either as an AP or as a client, each of these roles involving a different set of functionality. A major novelty of Wi-Fi Direct is that these roles are specified as dynamic, and hence a Wi-Fi Direct device has to implement both the role of a client and the role of an AP.

The device implementing AP-like functionality in the P2P Group is referred to as the P2P Group Owner (P2P GO), and devices acting as clients are known as P2P Clients.Legacy clients can also communicate with the P2P GO, as long as they are not 802.11b-only devices and support the required security mechanisms.

For example, consider a laptop accessing the Internet through a legacy infrastructure AP while at the same time streaming content to a TV set by establishing a P2P Group, where the laptop acts as P2P GO.

If the P2P GO leaves the P2P Group then the group is torn down, and has to be re-established using some of the specified procedures.

 Wi-Fi Direct devices usually start by performing a traditional Wi-Fi scan (active or passive), by means of which they can discover existent P2P Groups3 and Wi-Fi networks.

After this scan, a new Discovery algorithm is executed, which we describe next. First, a P2P Device selects one of the so-called Social channels, namely channels 1, 6 or 11 in the 2.4 Ghz band, as its Listen channel.

Then, it alternates between two states: a search state, in which the device performs active scanning by sending Probe Requests in each of the social channels; and a listen state, in which the device listens for Probe Requests
in its listen channel to respond with Probe Responses. The amount of time that a P2P Device spends on each state is randomly distributed, typically between 100 ms and 300 ms.

EAP based setup based on external registrar

Station willing to connect to AP, sends out a probe request with WPS IE, request type set to enrollee.

AP sends a Wi-Fi Simple Configuration probe response to the Registrar with
Response Type set to AP.

After this M1 to M8 exchange occurs. Enrollee (the station) may decide to associate to a WSC-enabled AP and initiate the registration protocol by sending message M1 to the Registrar; assuming that
the Registrar is not yet prepared to enroll the candidate enrollee it will respond with message M2D.

M2D – this message indicates that the Registrar is unable to authenticate with the Enrollee, but it is willing to provide descriptive information about the Registrar to the Enrollee.

Phase 1:
1. The Enrollee sends its Discovery message using an 802.11 probe request. The
Discovery message is broadcast by the AP to all external Registrars.
2. The AP responds to the probe request with its own Discovery data.
3. The Enrollee connects to the AP and initiates 802.1X.
4. The Enrollee‟s M1 message is proxied to all External Registrars as UPnP events.
Each active Registrar (Internal Registrar, if enabled, and all the External
Registrars that have subscribed to receive UPnP events from the AP) should
send M2 or M2D.
5. The two external Registrars send M2D messages to the AP. The AP queues
these up for delivery to the Enrollee.
6.The AP sequentially delivers the M2D messages to the Enrollee, which responds
with ACK messages to each one. After the last M2D has been delivered without
a WSC_MSG response, the AP sends EAP-Failure to terminate the 802.1X

Phase 2:
1. Enter PIN in ER.
2. Registrar notifies the AP when it becomes active by setting the Selected Registrar attribute to TRUE
3. After the AP receives a SetSelectedRegistrar UPnP action with Selected Registrar TRUE, AP incorporates Selected Registrar flag set to TRUE in its Beacons and Probe Responses
4. Enrollee reconnects and restarts the 802.1X authentication. This time, Registrar sends an M2 message rather than an M2D message.
5. The Enrollee and Registrar engage in the complete Registration Protocol until the
Enrollee is provisioned with its Credential.

Monday, 16 December 2013

Out-of-Band setup

In out-of-band methods there is a transfer of information by a channel other than the Wi-Fi channel itself.

  1. Near-Field-Communication Method, in which the user simply has to bring the new client close to the access point to allow a near field communication between the devices. NFC Forum compliant RFID tags can also be used. Support of this mode is optional.
  2. USB Method, in which the user uses a USB flash drive to transfer data between the new client device and the access point of the network. Support of this mode is optional, but deprecated.

The USB method has been deprecated and is not part of the Alliance's certification testing.

Thursday, 7 November 2013

Hostapd - user space daemon for AP and authentication server

To make hotspot on a laptop, Check if iwlist to check if it has AP capability as shown below.

Download hostpad source code from Read for further details.
root@ramapriya:/home/ramapriya/hostapd-2.4/hostapd#cp defconfig .config
You get two binaries after successful make: hostapd and hostapd_cli.

Once set up is ready, change hostapd.conf file in hostapd folder.
A sample configuration is given below:


2. Start hostapd.
./hostapd  hostapd.conf

3. Start the AP using the configuration in hostapd.conf file.

Possible errors:
fatal error: netlink/genl/genl.h: No such file or directory
sudo apt-get install libnl-dev