Adding 802.1x features to a switch driver

Stefan Rompf stefan at loplof.de
Thu Aug 10 05:40:47 EDT 2006


Am Mittwoch, 9. August 2006 14:29 schrieb Florian Fainelli:

> First of all, thank you very much for this great software. I am planning on
> adding 802.1x features to an existing switch driver (bcm53xx/adm6996 used
> by OpenWrt), basically, if a user is not authenticated, the port is shut
> down.
>
> Is there anything I should look for, be aware of ? Is there an example
> somewhere ? How far can I be inspired by the wired driver ?

The adm6996 used by WRT54 is a six port switch. AFAIR this chip does not allow 
limiting traffic to ethernet types, but is able to use VLANs. The WRT54 CPU 
has an internal ethernet port that is connected to one of the switch ports 
and receives tagged VLANs.

From a first glance, you will need to put the external ports into separate 
VLANs in unauthenticated state, handle EAPOL processing there and reconfigure 
the ports into the shared vLAN after success. 802.1x reauthentication may be 
unavailable in this setup.

Stefan



More information about the HostAP mailing list