I am trying to configure IEEE 802.11s Wi-Fi mesh network with Simultaneous Authentication of Equals (SAE) security. Specifically I want to use batman-adv as routing protocol instead default HWMP protocol. It is possible if mesh_fwding parameter of the Wi-Fi mesh network is set to 0 (0 means that HWMP routing and forwarding is turned off). Obviously it is a bad idea to allow batman-adv and HWMP work simultaneously in the network.
I use AuthSAE project to implement SAE security. But every time I manually launch AuthSAE security on, AuthSAE sets mesh_fwding parameter of my mesh network to 1 back again (i.e. AuthSAE turns HWMP routing and forwarding on again every time it starts working). I use Raspberry PI 3 with Raspbian 10 (Linux 4.19). My /etc/network/interfaces file looks like:
auto mesh0
iface mesh0 inet manual
pre-up iw dev wlan0 interface add mesh0 type mp mesh_id MESH_NETWORK
pre-up iw dev mesh0 set channel 11
post-up ifconfig mesh0 mtu 1532
auto bat0
iface bat0 inet static
address 10.0.0.1
netmask 255.255.255.0
pre-up batctl if add mesh0
post-up iw mesh0 set mesh_param mesh_fwding=0
I launch AuthSAE as follows:
meshd-nl80211 -c /usr/local/etc/authsae.cfg -o /var/log/meshd.log -B
The part of /usr/local/etc/authsae.cfg file is shown below:
sae:
{
debug = 480;
password = "thisisreallysecret";
group = [19, 26, 21, 25, 20];
blacklist = 5;
thresh = 5;
lifetime = 3600;
};
meshd:
{
meshid = "MESH_NETWORK";
interface = "mesh0";
passive = 0;
mediaopt = 1;
band = "11g";
channel = 11;
htmode = "none";
mcast-rate = 12;
};
My Wi-Fi mesh network works well with SAE, but always sets mesh_fwding parameter to 1 every time AuthSAE starts working. I can set mesh_fwding to 0 back again and it continues working well. So, my question is:
I know that SAE was introduced in IEEE 802.11s standard, but I did not find that SAE requires HWMP being turned on. Does SAE really requires HWMP? How can I configure SAE in IEEE 802.11s mesh network based on batman-adv without turning mesh_fwding parameter on?