What are vendor-specific TLVs with 00,10,18 OUI for?

Chris Phoenix cphoenix at gmail.com
Mon Feb 6 01:55:36 EST 2012


Two devices - a cell phone with a Huawei chip, and an iPad - send a
vendor-specific TLV as part of their Authenticate request packet.

The TLV is 0xdd, 0x09, 0x00, 0x10, 0x18, 0x02, 0x00, 0x00, 0x01, 0x00,
0x00. WireShark says this is a Broadcom TLV, type 2, length 9.

My Belkin router sends a TLV with the same OUI, but type 1 and length 6.
0xdd, 0x06, 0x00, 0x10, 0x18, 0x01, 0x00, 0x00,

I can't find anywhere in wpa_supplicant that this TLV could be
generated. And I can't find anywhere online that documents it.

My supplicant/driver, using a Wi2Wi chip, will connect to my Belkin in
WPA mode. But it will not connect to my boss's AirPort in WPA mode;
the Auth packet is simply ignored despite repeated sends. His iPad
will connect to his AirPort. The only difference between the Auth
packets is that my packet doesn't have the "Broadcom" TLV.

Can anyone tell me what this TLV is for, and how to generate it properly?

Thanks,
Chris

-- 
Chris Phoenix
cphoenix at gmail.com
650-776-5195


More information about the HostAP mailing list