-
Notifications
You must be signed in to change notification settings - Fork 7.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ESP32 STA deauth frame causing reconnect issues (IDFGH-6544) #8192
Comments
If you want to test this on arduino, be sure to turn off autoreconnect or you will be fighting 2 things as there is a async state issue in there. |
Hi @tablatronix , can we have the complete capture to understand the issue better? |
First assoc succeeds, second fails |
@tablatronix Reason code 2 means: |
Sure let me check those and see if I am not capturing, this is a reboot not sleep. this is a popular issue in arduino , 3 years old hundreds of comments. |
qos and acks are in capture.. |
@tablatronix From the capture,We can see that the sta is getting deauthed because there is a shift in beacon time.I see that there is multiple BSSID and couple of beacons have not been transmitted by the AP after STA comes out of power save.since there is a time shift now the STA will not be able to see the consecutive beacons and eventually will scan again and go for reconnect. scan starts from pkt 24709.Once there is probe-response from AP,STA will send deauth and associate again as expected pkt(26849). |
Beacon interval in 1024 ms,but we see a 2053 ms difference.To confirm if this is causing the issue,Can you disable the power save on esp32 and check, Also if you have captures during other instance of disconnect ,can you pls share them. we can verify if this is the case every time. |
What other instance of disconnect are you interested in? Not sure I understand, this is every time device is reset, well every other time, as the ap goes back and forth with the sta state tracking toggle like. I will capture a bunch of stuff and make a new test so you can see it better. |
I wrote some new tests and found something that agrees with a timing issue, This only occurs on hardware resets, not soft resets, what could that imply ? |
Well here is me hardware reseting every 10 seconds, its clear that every second boot fails with auth fail. Hope it helps figure something out.. Not sure what beacons have to do with it as it is not intermittent or random, its the same over and over, but it didn't do this on older IDFs, I will roll back and capture those too, hence why I thought the teardown was changing this behavior now. |
Here is a capture from every_other_hardware_reset_3_2_3.pcapng.zip and the ino #include <rom/rtc.h>
#include <WiFi.h>
#include <esp_wifi.h>
#include <ESPmDNS.h>
long start = 0;
uint16_t reboot = 10000;
void setup(){
delay(1000);
Serial.begin(115200);
Serial.setDebugOutput(true);
Serial.println("Starting...");
// size_t freeHeap = heap_caps_get_free_size(MALLOC_CAP_8BIT);
// DEBUGGER("Free heap: ", freeHeap);
Serial.println("ESP-IDF version: " + (String) esp_get_idf_version());
// WiFi.mode(WIFI_STA);
// WiFi.printDiag(Serial);
// btStop();
WiFi.setSleep(false);
WiFi.setAutoReconnect(false);
WiFi.begin("SSID","PASS");
uint8_t res = WiFi.waitForConnectResult();
Serial.println(res);
Serial.println(WiFi.status());
Serial.println((String)((WiFi.status()== WL_CONNECTED)? "CONNECTED" : "NOT CONECTED"));
Serial.println((String)millis());
start = millis();
}
void loop(){
if(millis()-start > reboot){
// ESP.restart(); // doesn't work, issue only present on hardware reboots.
}
Serial.print(".");
delay(100);
} |
Hi @tablatronix , what is the latest build on which you are seeing the issue? On the build on which issue is not seen,Deauth is not sent before assoc and hence there is no issue in re connection. |
Yup, pretty much what I was seeing hence the title, just wasn't sure how it was causing failures. I am using a UNIFI Nano HD AP, there are some others in the arduino thread that might have more types. I will have to do more testing to see what versions, but its been around a while, I have not tested staging yet though |
I believe I'm having the same issue. I'm using ESP-IDF directly and I'm synced to 5968bf6. I can see the wifi trying to connect and getting a deauth several times. The connection time went from 2s to 10-20-40s. Please find attached the filtered pcap file. The device is remote so I can only get the logs later tomorrow but the symptoms are similar to these logs over and over:
I have a mesh network:
My Sometimes a hard reboot fixes the issue but the device loses wifi later on. Thanks for the help. |
@csobrinho looks like a different issue, you seem to be getting deuths during and after EAPOL which is strange, seems like an unstable connection or a ton of packet loss also considering you are losing connection later, whereas this issue occurs every single time with the exact same timing at the same stage of negotiation before assoc. |
Portion of the logs:
|
I (21439) nwifi: Disconnected from Sobrinho, bssid: c6:f5:47:19:5c:64, reason: 2 Reasons Are AUTH EXPIRE and WIFI_REASON_CONNECTION_FAIL, more than likely unrelated, have you tried a different router, also your rssi is pretty bad Have you turned off sleep ? |
Hi tablatronix, thanks for the help. Yes, I'm using the |
@csobrinho |
Since it's reproducable, you can use "git bisect" to find the first bad commit. |
I can but my env is not setup to , it will take a while, its easier for someone that knows the idf to know when this was introduced and why. Platformio uses its own repo for esp32 releases, and using upstream doesn't always build |
Hi @tablatronix Can you pls try this patch. Also pls take the sniffer capture during association using this patch. |
Sure thing |
If I am using PIO can I do a normal clean and compile? |
here is a longer capture of 3 restarts, looks like that previous might be missing a capture not sure... Not seeing a deauth on the first after starting wireshark for some reason |
I'm wondering if espressif/esp32-wifi-lib@5a4e7d2 is related to this or not? |
huh? That commit says 2 days ago, so no. unrelated |
Hi @tablatronix,Thanks for the capture and the initial issue of AP not responding to Assoc req is solved. From the above capture ,we see that the AP sends deauth after auth and does not respond to assoc req. we see that the AP responds with the Assoc resp ,with a come back time of 1 sec.This is expected as PMF is enabled and the STA info is not cleared from the AP. But AP is not sending any SA query packets. |
AHHH yes, sorry, I had it off in my original test, but not in the IDF example I am now using for these.. |
It works with STA PMF off ESP-IDF v4.4-172-g730ca0ea43-dirty_PATCH3_pmfcapableFALSE.pcapng.zip Only issue I can think of is that the IDF says that PMF cannot be disabled on the S2. I can test all these things this week. Test PMF
|
I though below setting on STA should always work. Did I misunderstand something? |
It depends on the AP setting, both AP and STA have disabled, capable(optional), required. |
@tablatronix yes,Pls test with PMF setting on and pls provide the sniffer capture for the same. |
Sorry I have not had a chance to do more testing will try soon |
@tablatronix |
@nishanth-radja Is this patched in 4.4.1? Is this this issue?
If so can you tag this issue# in release |
@tablatronix No ,That is not the patch for the above mentioned issue. |
hi @nishanth-radja |
Anyone notice this fixed? I have not been working much on esp32 lately, I will do some testing, but I have not noticed this issue as much or seen increased or slow connection tries |
I haven't noticed it with the latest ESP32 frameworks, thankfully. Keeping my fingers crossed that it stays fixed! |
Environment
I am not yet up and running with an IDF example, as this was discovered downstream in arduino.
I finally had time to look into this long time issue and am trying to identify/resolve the 2-3 issues this is encompassing.
espressif/arduino-esp32#2501
Problem Description
The Frame in question
This change was made sometime in late 3.x SDK I think. I am assuming this is maybe from a CVE patch , but I cannot find the exact documentation for this, maybe someone can tip me off, most of the dos/injections are against enterprise WPA2, not WPA2 PSK shrug.. I am not wifi expert.
I am hoping PMF/WPA3 solves this.. I have not been able to confirm that yet.
The immediate issue is that this causes some APs to (within a timeout period of last assoc, so device resets mostly!) respond to these sta deauths with a deauth reasoncode 2 or some other bizarro responses, i have seen 4way fails etc.
The router response
This is my unifi nanohd ap sending a deauth back
Now there are 2 things going on here.
1.b Even with a workaround and reconnect, we are looking at connection times of 8-16 seconds over 1.6s in previous SDKs. Making bssid, and channel caching an absolute requirement now and YET STILL having double the connect times of 3-5s. Battery power devices be damned.. lol
refs#
espressif/arduino-esp32#2501 (comment)
The text was updated successfully, but these errors were encountered: