| View previous topic :: View next topic |
| Author |
Message |
schorsch_76
Guru
Joined: 19 Jun 2012
Posts: 450
|
 Posted: Wed Jul 02, 2014 5:38 am Post subject: hostapd: Run 2 access points |
 |
|
Hi,
currently i run on a gentoo box one hostapd and it works fine. But now i want to create a second AP for guests. I have added a second WLAN card and it is recognized. But how do i configure /etc/hostapd/hostapd.conf to run a second service? Is there an other way to let the first serve handle this guest AP too?
My friend google doest point me to helpful information. I Searched for "hostapd run second service" and related strings, but i did not find the neccessary information. I did hit one thing which could be helpful. bssid. But i could not find more information about this....
Any helping hints would be appreciated! |
|
| Back to top |
|
 |
Aiken
Apprentice
Joined: 22 Jan 2003
Posts: 239
Location: Toowoomba/Australia
|
| Posted: Wed Jul 02, 2014 8:34 am Post subject: |
|
|
Best guess at the moment is create a 2nd config file and start a 2nd hostapd.
Just tried that on the machine that is my main access point. Normally wlan0 is added to br0 so my wireless stuff has normal access to the network and dhcp server. Added a 2nd usb wifi adaptor giving me wlan1 and created a config for it. Started a 2nd hosted using the new config and I had 2 wiifi networks.. I cheated and had the 2nd hostapd add wlan1 to br0 so for a test to see if it worked I had networking without any extra stuffing around.
Have not much thought into this scenario. All of my use has been single ap per machine or the occasional laptop used to extend wireless range where the laptop is given a 2nd wifi adaptor with wlan0 used to connect to the main wifi and wlan0 for hostapd with wlan0 & wlan1 bridged.
_________________
Beware the grue. |
|
| Back to top |
|
|
khayyam
Watchman
Joined: 07 Jun 2012
Posts: 6227
Location: Room 101
|
| Posted: Wed Jul 02, 2014 10:24 am Post subject: |
|
|
schorsch_76, Aiken ...
hostap supports managing multiple interfaces via one hostap instance, it also supports VAP (virtual AP's) so no secondary interface is required for a second AP.
| schorsch_76 wrote: | | how do i configure /etc/hostapd/hostapd.conf to run a second service |
You can provide multiple config files on the command line or via /etc/conf.d/hostapd ("Space separated list of configuration files") you would also add both interfaces to the INTERFACES variable.
best ... khay |
|
| Back to top |
|
|
Aiken
Apprentice
Joined: 22 Jan 2003
Posts: 239
Location: Toowoomba/Australia
|
| Posted: Wed Jul 02, 2014 10:53 am Post subject: |
|
|
| khayyam wrote: | you would also add both interfaces to the INTERFACES variable.
|
I do not have any wlanX in INTERFACES. All of mine are INTERFACES="br0". Why put wlan0 in INTERFACES when hostapd does the configuration and not the init system? I found wlanX in INTERFACES more a nuisance than anything.
Tried "hostapd hostapd.conf hostapd.conf2" and that worked.
_________________
Beware the grue. |
|
| Back to top |
|
|
schorsch_76
Guru
Joined: 19 Jun 2012
Posts: 450
|
| Posted: Wed Jul 02, 2014 10:57 am Post subject: |
|
|
@khayyam: Do you mean virtual interface via "iw phy phy0 interface add wlan10 type managed" ? [1]
My card uses nl80211 driver so it would be ok. That is how i did add that second wlan adapter  It was not clear to me, how to add the second configuration to hostapd. I will give it a shot today or tomorrow evening  Thank you
[1] http://wireless.kernel.org/en/users/Documentation/iw |
|
| Back to top |
|
|
khayyam
Watchman
Joined: 07 Jun 2012
Posts: 6227
Location: Room 101
|
| Posted: Wed Jul 02, 2014 12:18 pm Post subject: |
|
|
| Aiken wrote: | | khayyam wrote: | you would also add both interfaces to the INTERFACES variable.
|
I do not have any wlanX in INTERFACES. All of mine are INTERFACES="br0". Why put wlan0 in INTERFACES when hostapd does the configuration and not the init system? I found wlanX in INTERFACES more a nuisance than anything. |
Aiken ... yes, that would be the prefered method, but a VIF is also an interface and so these would also need to be "started before hostapd". I should have been clearer none the less.
| schorsch_76 wrote: | | @khayyam: Do you mean virtual interface via "iw phy phy0 interface add wlan10 type managed"? |
schorsch_76 ... yes, a VIF (virtual interface) ... but note that this would be "type __ap" not "type managed".
You might look at the create_ap script as it provides various possible hostapd examples ... and so some idea of how netifrc/hostapd might be similarly configured.
best ... khay |
|
| Back to top |
|
|
Aiken
Apprentice
Joined: 22 Jan 2003
Posts: 239
Location: Toowoomba/Australia
|
| Posted: Wed Jul 02, 2014 1:58 pm Post subject: |
|
|
The virtual interface would be a good reason for using INTERFACES. I'll have to accept that . Between wondering if this could be useful to me and can not sleep still playing.
Using 2 usb wifi (wlan0 & wlan1) adaptors no trouble getting 2 hostapd + 2 config working and 1 hostapd + 2 config working. The problems start when trying to a single interface.
The 2 devices I have been playing with are ath9k_htc and rt2800usb. Neither of them are allowing the actual device and the virtual device to be up at the same time. Eventually found my rtl8192cu wifi adaptors and same problem. The ath5k on my laptop is a different matter. Just had 2 ssid off the 1 device working.
On the laptop "iw phy phy0 interface add wlan10 type managed"
Followed by "ifconfig wlan10 hw ether <new mac>"
Started hostapd with 2 config files, 1 for wlan0 and other for wlan10
There is an example hostapd.conf towards the end of http://wiki.stocksy.co.uk/wiki/Multiple_SSIDs_with_hostapd showing how multiple ssid can be done with 1 hostapd and 1 hostapd.conf. Again with my hardware it only works with the ath5k and not the others. Using this page my laptop is sitting here with it's ath5k and wlan0, wlan0_0, wlan0_1 with 3 different ssid using a single hostapd and single config file.
_________________
Beware the grue. |
|
| Back to top |
|
|
szatox
Advocate
Joined: 27 Aug 2013
Posts: 3135
|
| Posted: Wed Jul 02, 2014 5:27 pm Post subject: |
|
|
| Quote: | | I do not have any wlanX in INTERFACES. All of mine are INTERFACES="br0" |
what chipset you're using there? How is it possible for hostapd to use bridge instead of wireless device? Are you sure you actually use that hostapd? (like, you know, if you launch and forget it, it doesn't mean you use it)
I was using old wifi based on atheros 2xxx (works with ath5k modules), and while iwconfig wlan0 mode ap used to work fine with madvifi drivers (and perhaps 2.6 kernels - yeah, it was some time ago), it was impossible to force AP mode without hostapd and with ath5k, because with ath5k all the hard work is done in userspace. That's a pretty good reason to let hostapd make a wifi card turn AP rather than have init do that. Init will simply fail.
And that's also what makes me wonder how the hell hostapd managed to configre a virtual bridge as an AP, since virtual bridge is not a wifi device hostapd is supposed to be able to configure.
Anyway, hostapd can create virtual networks on a single device, and even use them to simulate WDS. Obviously in this case all those virtual networks share the same channel and bandwidth.
Using several phisical devices you can use separated channels to avoid interferences and increase maximal flow. |
|
| Back to top |
|
|
schorsch_76
Guru
Joined: 19 Jun 2012
Posts: 450
|
| Posted: Wed Jul 02, 2014 5:49 pm Post subject: |
|
|
That is strange. I can get both interfaces into AP mode ... manually
| Code: |
zerberus hostapd # iw dev wlan_guest set type __ap
zerberus hostapd # iw dev wlan_georg set type __ap
zerberus hostapd # iw dev wlan_georg info
Interface wlan_georg
ifindex 6
wdev 0x1
addr cx:aa:bb:cc:dd:75
type AP
wiphy 0
zerberus hostapd # iw dev wlan_guest info
Interface wlan_guest
ifindex 8
wdev 0x2
addr cx:aa:bb:cc:dd:76
type AP
wiphy 0
zerberus hostapd #
|
I can start each of it as a AP ... seperatly .. but not both at the same time.
My card is a
| Code: |
05:00.0 Network controller: Intel Corporation Centrino Advanced-N 6235 (rev 24)
Subsystem: Intel Corporation Centrino Advanced-N 6235 AGN
Kernel driver in use: iwlwifi
Kernel modules: iwlwif
|
My hostapd.conf look like
| Code: |
cat hostapd-guest.conf
ssid=test
interface=wlan_guest
driver=nl80211
hw_mode=g
channel=3
ctrl_interface=/var/run/hostapd-guest
ctrl_interface_group=0
ignore_broadcast_ssid=0
ieee80211n=1
wmm_enabled=1
wpa=2
wpa_passphrase=test12345679
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP CCMP
rsn_pairwise=CCMP
|
The second hostapd-gwifi.conf is like this one. interface, ssid, passwd, channel and ctrl_interface adjusted.
| Code: |
diff hostapd-guest.conf hostapd-gwifi.conf
1,2c1,2
< ssid=test
< interface=wlan_guest
---
> ssid=test2
> interface=wlan_georg
5c5
< channel=3
---
> channel=1
7c7
< ctrl_interface=/var/run/hostapd-guest
---
> ctrl_interface=/var/run/hostapd-gwifi
15c15
< wpa_passphrase=test12345679
---
> wpa_passphrase=test12345678
|
My /etc/conf.d/hostapd
| Code: |
cat /etc/conf.d/hostapd
# Space separated List of interfaces which needs to be started before
# hostapd
INTERFACES="wlan_georg wlan_guest"
# Space separated list of configuration files
CONFIGS="/etc/hostapd/hostapd-gwifi.conf /etc/hostapd/hostapd-guest.conf"
# Extra options to pass to hostapd, see hostapd(8)
OPTIONS="-d"
|
If i start both interfaces with this configuration i get this ...
| Code: |
* Starting hostapd ...random: Trying to read entropy from /dev/random
Configuration file: /etc/hostapd/hostapd-gwifi.conf
ctrl_interface_group=0
nl80211: interface wlan_georg in phy phy0
rfkill: initial event: idx=0 type=1 op=0 soft=0 hard=0
rfkill: initial event: idx=1 type=1 op=0 soft=0 hard=0
nl80211: Using driver-based off-channel TX
nl80211: Add own interface ifindex 6
nl80211: Set mode ifindex 6 iftype 3 (AP)
nl80211: Setup AP - device_ap_sme=0 use_monitor=0
nl80211: Subscribe to mgmt frames with AP handle 0x7f9098de3f70
nl80211: Register frame type=0xb0 nl_handle=0x7f9098de3f70
nl80211: Register frame match - hexdump(len=0): [NULL]
nl80211: Register frame type=0x0 nl_handle=0x7f9098de3f70
nl80211: Register frame match - hexdump(len=0): [NULL]
nl80211: Register frame type=0x20 nl_handle=0x7f9098de3f70
nl80211: Register frame match - hexdump(len=0): [NULL]
nl80211: Register frame type=0xa0 nl_handle=0x7f9098de3f70
nl80211: Register frame match - hexdump(len=0): [NULL]
nl80211: Register frame type=0xc0 nl_handle=0x7f9098de3f70
nl80211: Register frame match - hexdump(len=0): [NULL]
nl80211: Register frame type=0xd0 nl_handle=0x7f9098de3f70
nl80211: Register frame match - hexdump(len=0): [NULL]
nl80211: Register frame type=0x40 nl_handle=0x7f9098de3f70
nl80211: Register frame match - hexdump(len=0): [NULL]
BSS count 1, BSSID mask 00:00:00:00:00:00 (0 bits)
nl80211: Regulatory information - country=DE
nl80211: 2400-2483 @ 40 MHz
nl80211: 5150-5250 @ 40 MHz
nl80211: 5250-5350 @ 40 MHz
nl80211: 5470-5725 @ 40 MHz
nl80211: 57240-65880 @ 2160 MHz
nl80211: Added 802.11b mode based on 802.11g information
Completing interface initialization
Mode: IEEE 802.11g Channel: 1 Frequency: 2412 MHz
nl80211: Set freq 2412 (ht_enabled=1 sec_channel_offset=0)
RATE[0] rate=10 flags=0x1
RATE[1] rate=20 flags=0x1
RATE[2] rate=55 flags=0x1
RATE[3] rate=110 flags=0x1
RATE[4] rate=60 flags=0x0
RATE[5] rate=90 flags=0x0
RATE[6] rate=120 flags=0x0
RATE[7] rate=180 flags=0x0
RATE[8] rate=240 flags=0x0
RATE[9] rate=360 flags=0x0
RATE[10] rate=480 flags=0x0
RATE[11] rate=540 flags=0x0
wlan_georg: Flushing old station entries
wlan_georg: Deauthenticate all stations
nl80211: CMD_FRAME freq=2412 wait=0 no_cck=0 no_ack=0 offchanok=0
nl80211: Frame command failed: ret=-16 (Device or resource busy) (freq=2412 wait=0)
wpa_driver_nl80211_set_key: ifindex=6 alg=0 addr=(nil) key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_nl80211_set_key: ifindex=6 alg=0 addr=(nil) key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_nl80211_set_key: ifindex=6 alg=0 addr=(nil) key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_nl80211_set_key: ifindex=6 alg=0 addr=(nil) key_idx=3 set_tx=0 seq_len=0 key_len=0
Using interface wlan_georg with hwaddr cx:aa:bb:cc:dd:75 and ssid "test2"
Deriving WPA PSK based on passphrase
SSID - hexdump_ascii(len=5):
74 65 73 74 32 test2
PSK (ASCII passphrase) - hexdump_ascii(len=12): [REMOVED]
PSK (from passphrase) - hexdump(len=32): [REMOVED]
random: Got 15/20 bytes from /dev/random
random: Only 15/20 bytes of strong random data available from /dev/random
random: Not enough entropy pool available for secure operations
WPA: Not enough entropy in random pool for secure operations - update keys later when the first station connects
GMK - hexdump(len=32): [REMOVED]
Key Counter - hexdump(len=32): [REMOVED]
WPA: Delay group state machine start until Beacon frames have been configured
nl80211: Set beacon (beacon_set=0)
WPA: Start group state machine to set initial keys
WPA: group state machine entering state GTK_INIT (VLAN-ID 0)
GTK - hexdump(len=16): [REMOVED]
WPA: group state machine entering state SETKEYSDONE (VLAN-ID 0)
wpa_driver_nl80211_set_key: ifindex=6 alg=3 addr=0x7f9098ba3f2a key_idx=1 set_tx=1 seq_len=0 key_len=16
broadcast key
wpa_driver_nl80211_set_operstate: operstate 0->1 (UP)
netlink: Operstate: linkmode=-1, operstate=6
wlan_georg: Setup of interface done.
Configuration file: /etc/hostapd/hostapd-guest.conf
ctrl_interface_group=0
nl80211: interface wlan_guest in phy phy0
rfkill: initial event: idx=0 type=1 op=0 soft=0 hard=0
rfkill: initial event: idx=1 type=1 op=0 soft=0 hard=0
nl80211: Using driver-based off-channel TX
nl80211: Add own interface ifindex 8
nl80211: Set mode ifindex 8 iftype 3 (AP)
nl80211: Setup AP - device_ap_sme=0 use_monitor=0
nl80211: Subscribe to mgmt frames with AP handle 0x7f9098de9fe0
nl80211: Register frame type=0xb0 nl_handle=0x7f9098de9fe0
nl80211: Register frame match - hexdump(len=0): [NULL]
nl80211: Register frame type=0x0 nl_handle=0x7f9098de9fe0
nl80211: Register frame match - hexdump(len=0): [NULL]
nl80211: Register frame type=0x20 nl_handle=0x7f9098de9fe0
nl80211: Register frame match - hexdump(len=0): [NULL]
nl80211: Register frame type=0xa0 nl_handle=0x7f9098de9fe0
nl80211: Register frame match - hexdump(len=0): [NULL]
nl80211: Register frame type=0xc0 nl_handle=0x7f9098de9fe0
nl80211: Register frame match - hexdump(len=0): [NULL]
nl80211: Register frame type=0xd0 nl_handle=0x7f9098de9fe0
nl80211: Register frame match - hexdump(len=0): [NULL]
nl80211: Register frame type=0x40 nl_handle=0x7f9098de9fe0
nl80211: Register frame match - hexdump(len=0): [NULL]
Could not set interface wlan_guest flags (UP): Device or resource busy
netlink: Operstate: linkmode=0, operstate=6
nl80211: Set mode ifindex 8 iftype 2 (STATION)
nl80211: Unsubscribe mgmt frames handle 0x7f9098de9fe0 (AP teardown)
nl80211 driver initialization failed.
wlan_georg: Flushing old station entries
wlan_georg: Deauthenticate all stations
nl80211: CMD_FRAME freq=2412 wait=0 no_cck=0 no_ack=0 offchanok=0
nl80211: Frame TX command accepted; cookie 0xffff8800d859d500
wpa_driver_nl80211_set_key: ifindex=6 alg=0 addr=(nil) key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_nl80211_set_key: ifindex=6 alg=0 addr=(nil) key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_nl80211_set_key: ifindex=6 alg=0 addr=(nil) key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_nl80211_set_key: ifindex=6 alg=0 addr=(nil) key_idx=3 set_tx=0 seq_len=0 key_len=0
netlink: Operstate: linkmode=0, operstate=6
nl80211: Set mode ifindex 6 iftype 2 (STATION)
nl80211: Unsubscribe mgmt frames handle 0x7f9098de3f70 (AP teardown)
|
My kernel is
| Code: |
uname -a
Linux zerberus 3.14.5-hardened-r2-router #16 SMP PREEMPT Mon Jun 30 21:52:27 CEST 2014 x86_64 AMD G-T40E Processor AuthenticAMD GNU/Linux
|
Profile hardened/linux/amd64/no-multilib *
So ... what todo?
Last edited by schorsch_76 on Wed Jul 02, 2014 6:30 pm; edited 1 time in total |
|
| Back to top |
|
|
schorsch_76
Guru
Joined: 19 Jun 2012
Posts: 450
|
| Posted: Wed Jul 02, 2014 6:15 pm Post subject: |
|
|
I basicly had the same results as Aiken. I tried both ssids on the same channel, same "success" as abouve.
I attached a usb stick which can do AP, reconfigured to this device name and it did start both ssids. This means for me ..
for config:
a) No extrem wrong config
b) Might be some "finetuning" would allow it
hardware:
a) possible hardware limitation
My hardware offers AP/VLAN too. Maybe i can seperate these two ssids by VLAN.
| Code: |
Supported interface modes:
* IBSS
* managed
* AP
* AP/VLAN
* monitor
|
|
|
| Back to top |
|
|
Aiken
Apprentice
Joined: 22 Jan 2003
Posts: 239
Location: Toowoomba/Australia
|
| Posted: Wed Jul 02, 2014 9:17 pm Post subject: |
|
|
| szatox wrote: | | Quote: | | I do not have any wlanX in INTERFACES. All of mine are INTERFACES="br0" |
what chipset you're using there? How is it possible for hostapd to use bridge instead of wireless device? Are you sure you actually use that hostapd? (like, you know, if you launch and forget it, it doesn't mean you use it)
|
I am not using br0 as the wireless device. Depending on the which computer br0 is either eth0 or eth0 + eth1, normal wired interfaces. I am using wlan0 and occasionally also wlan1 which include ath5k, ath9k_htc, rt2800usb and if really desperate rtl8192cu.
I view INTERFACES as interfaces that need to be configured before hostapd is started not necessarily the device(s) hostapd will be using for wireless. With the 6 (2 always) computers that do or can act as access point there is nothing to configure with wlan0 or wlan1 before starting hostapd but there is with br0. Need the bridge active so hostapd can add the wireless interfaces to it. There is nothing for the init system to do with wlan0 and wlan1 as hostapd does the configuration at run time.
All I need is the wireless interfaces to exist and that is taken care of during the hardware detect phase of boot.
_________________
Beware the grue. |
|
| Back to top |
|
|
Aiken
Apprentice
Joined: 22 Jan 2003
Posts: 239
Location: Toowoomba/Australia
|
| Posted: Wed Jul 02, 2014 9:46 pm Post subject: |
|
|
| Aiken wrote: |
The 2 devices I have been playing with are ath9k_htc and rt2800usb. Neither of them are allowing the actual device and the virtual device to be up at the same time. Eventually found my rtl8192cu wifi adaptors and same problem. The ath5k on my laptop is a different matter. Just had 2 ssid off the 1 device working.
|
I looks like kernel version has something to do with it. With the wifi devices where I could not bring up the actual device and the virtual at the same time iw list reported "interface combinations are not supported". Trying a newer kernel the rtl81902cu stayed the same, the ath9k_htc and rt2800usb started working with this stuff. Using the ath9k_htc as an example it reported the above on 3.6.9 and with 3.15.2 it reports
| Code: |
valid interface combinations:
* #{ managed, P2P-client } <= 2, #{ AP, P2P-GO } <= 2,
total <= 2, #channels <= 1
|
and I can bring up 2 interfaces based on it. With the others I was testing with up to 6.
_________________
Beware the grue. |
|
| Back to top |
|
|
schorsch_76
Guru
Joined: 19 Jun 2012
Posts: 450
|
| Posted: Tue Jul 08, 2014 4:05 pm Post subject: |
|
|
I finally found an solution. I did change the hostapd.conf to
| Code: |
cat /etc/hostapd/hostapd.conf
interface=wlan0
# Tell hostapd what your new MAC address is
bssid=02:xx:xx:xx:xx:70
driver=nl80211
ssid=my-secured-ssid
channel=1
hw_mode=g
channel=1
ctrl_interface=/var/run/hostapd
ctrl_interface_group=0
ignore_broadcast_ssid=0
ieee80211n=1
wpa=2
wpa_passphrase=test12345678
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP CCMP
rsn_pairwise=CCMP
bss=wlan0_0
ssid=unsecured
bssid=02:xx:xx:xx:xx:71
|
and i did exchange the wlan card to an
| Code: |
05:00.0 Network controller: Qualcomm Atheros AR93xx Wireless Network Adapter (rev 01)
Subsystem: Apple Inc. AirPort Extreme
Kernel driver in use: ath9k
Kernel modules: ath9k
|
You can find it if you search for "Atheros AR9380 AR5BXB112 Mini PCIe". I came to this card as i did look in the dd-wrt table. It seems that it can manage up to 7 access points |
|
| Back to top |
|
|
|
Networking & Security
