1 / 25

Integrated Congnitive Management System- Hostapd

2014 YU- ANTL Seminal. Integrated Congnitive Management System- Hostapd. Hyun dong Hwang Advanced Networking Technology Lab. (YU-ANTL) Dept. of Information & Comm. Eng, Graduate School, Yeungnam University, KOREA (Tel : + 82-53-810-3940; Fax : +82-53-810-4742

grady
Download Presentation

Integrated Congnitive Management System- Hostapd

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. 2014 YU-ANTL Seminal Integrated Congnitive Management System-Hostapd Hyun dong Hwang Advanced Networking Technology Lab. (YU-ANTL) Dept. of Information & Comm. Eng, Graduate School, Yeungnam University, KOREA (Tel : +82-53-810-3940; Fax : +82-53-810-4742 http://antl.yu.ac.kr/; E-mail : mch2d@hotmail.com)

  2. Outline • Integrated Cognitive Management System • Hostapd & Wpa_Supplicant • 802.11r Fast transition • Current procedure • Hostapd configuration • Reference

  3. Integrated Cognitive Management System • Integrated Cognitive Management System Topology

  4. Hostapd & Wpa_Supplicant • Hostapd • hostapd is a user space daemon for access point and authentication servers. It implements IEEE 802.11 access point management, • IEEE 802.1X/WPA/WPA2/EAP Authenticators, RADIUS client, EAP server, and RADIUS authentication server. • The current version supports Linux (Host AP, madwifi, mac80211-based drivers) and FreeBSD (net80211). • hostapd is designed to be a "daemon" program that runs in the background and acts as the backend component controlling authentication. • hostapdsupports separate frontend programs and an example text-based frontend, hostapd_cli, is included with hostapd.

  5. Hostapd & Wpa_Supplicant • Hostapd features • WPA-PSK (WIFI protected Access) • WPA with EAP (with integrated EAP server or an external RADIUS backend authentication server) ("WPA-Enterprise") • key management for CCMP, TKIP, WEP104, WEP40 • WPA and full IEEE 802.11i/RSN/WPA2 • RSN: PMKSA caching, pre-authentication • IEEE 802.11r • IEEE 802.11w • RADIUS accounting • RADIUS authentication server with EAP • Wi-Fi Protected Setup (WPS)

  6. Hostapd & Wpa_Supplicant • Wpa_supplicant • wpa_supplicant is a WPA Supplicant for Linux, BSD, Mac OS X, and Windows with support for WPA and WPA2 (IEEE 802.11i / RSN). • Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. • It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11 authentication/association of the wlan driver. • wpa_supplicant is designed to be a "daemon" program that runs in the background and acts as the backend component controlling the wireless connection. • wpa_supplicantsupports separate frontend programs and a text-based frontend (wpa_cli) and a GUI (wpa_gui) are included with wpa_supplicant.

  7. Hostapd & Wpa_Supplicant • Wpa_supplicant features • WPA-PSK ("WPA-Personal") • WPA with EAP (e.g., with RADIUS authentication server) ("WPA-Enterprise") • key management for CCMP, TKIP, WEP104, WEP40 • WPA and full IEEE 802.11i/RSN/WPA2 • RSN: PMKSA caching, pre-authentication • IEEE 802.11r • IEEE 802.11w • Wi-Fi Protected Setup (WPS)

  8. Current procedure • Current Problem • If do not using Bridge port, Wpa_clicommand ft_ds(run the Fast BSS Transition) is not transport to target AP • If using Bridge port, network DNS server not working

  9. 802.11r Fast transition • 802.11 Key Hierarchy

  10. 802.11r Fast transition • 802.11r Action Frame

  11. 802.11r Fast trasition • 802.11r FT Request Frame

  12. 802.11r Fast trasition • 802.11r FT Respone Frame

  13. 802.11r Fast transition • FT Confirm frame

  14. 802.11r Fast transition • FT ACK frame

  15. Over-the-DS FT Protocol authentication in an RSN

  16. Over-the-DS FT Protocol authentication in an RSN

  17. Current procedure • Test Topology AP Hostapd Hostapd _cli Bridge port Ethernet AP1 : Hostapd AP2 : Hostapd STA1 : WPA_Supplicant STA2 : WPA_Supplicant STA Wpa_ supplicant Wpa_cli

  18. Current topology • Network dirver : ath9k(NL80211) Ethernet Ethernet Ubuntu 12.04 LTS Kernel : 2.6.38-8-generic Hostapd 2.0 LAN CARD : TP-LINK TL WDN4800 Ubuntu 12.04 LTS Kernel : 2.6.38-8-generic Hostapd 2.0 LAN CARD : TP-LINK TL WDN4800 bridge Ubuntu 12.04 LTS Kernel : 2.6.38-8-generic Wpa_supplicant 2.0 LAN CARD : TP-LINK TL WDN4800

  19. Hostapd 2.0 • Ubuntu 12.04 일때 필수 설치 라이브러리 • libnl-1, libnl-2, libnl-1-dev, libnl-2-dev, bridge-utils, iw, openssl(libssl-dev) • Compat wireless module(for ath9k driver)은 더 이상 지원 안함 • Ubuntu 11.04일때는Compat wireless module을 이용한 ath9k설치가 필요 하지만 Hostapd 2.0의 openssl1.0.1f를 지원하지 안고 드라이버에 인증서가 설치가 안됨. • Hostapd 2.0 이상의 버전에서는 openssl1.01f이상의 버전 지원이 필수 • Iptable을 통한 포트 포워딩 • dhcp3-server를 설치하여 동적 네트워크 IP를 할당 및 후에 RSN구성

  20. Hostapd configuration • /etc/network/interface No Bridge Using Bridge

  21. Hostapd configuration • /etc/dhcp/dhcpd.conf : DHCP server 설정

  22. Hostapd configuration • /etc/default/isc-dhcp-server : DHCP server init script

  23. Hostapd configuration • 실행 Script 파일

  24. Hostapd configuration • Hostapd.conf

  25. Reference [1] 김진욱, 김영탁, “IEEE 802.11환경에서 Network Initiated Roaming 기반의 로드밸런싱을 이용한 인지형 무선 LAN 관리 시스 템”, JCCI, 2013. [2] IEEE Standard 802.11-2007, “Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specification,” June 2007. [3] Devin Akin, David Coleman, “Robust Security Network(RSN) Fast BSS Transition(FT)” white paper, Setember 2008 [4] http://hostap.epitest.fi/wpa_supplicant/devel/ [5] http://wireless.kernel.org/en/users/Documentation/hostapd

More Related