[VOL-3583] BBSim replies to unexpected EAPOL packets - OpenCORD JIRA

XML

Word

Printable

Details

Type: Bug
Status: Resolved (View Workflow)
Priority: Low
Resolution: Fixed
Affects Version/s: VOLTHA v2.5
Fix Version/s: VOLTHA v2.10
Component/s: bbsim
Labels:
- onf

Story Points:
3
Epic Link:
Scale and Performance Tasks
Sprint:
VOLTHA 2.10 - Sprint 1

Description

This happenend in ONOS:

default/onos-onos-classic-2[onos-classic]: 01:13:29.058 DEBUG [AaaManager] EAP packet: EAPOL_START from dev/port: of:00000a0a0a0a0a00/49200 with MacAddress 2E:60:00:0C:03:00
default/onos-onos-classic-2[onos-classic]: 01:13:39.513 DEBUG [AaaManager] EAP packet: EAPOL_PACKET ATTR_IDENTITY from dev/port: of:00000a0a0a0a0a00/49200 with MacAddress 2E:60:00:0C:03:00
default/onos-onos-classic-2[onos-classic]: 01:14:39.819 DEBUG [AaaManager] EAP packet: EAPOL_START from dev/port: of:00000a0a0a0a0a00/49200 with MacAddress 2E:60:00:0C:03:00
default/onos-onos-classic-2[onos-classic]: 01:14:40.536 DEBUG [AaaManager] EAP packet: EAPOL_PACKET ATTR_MD5 from dev/port: of:00000a0a0a0a0a00/49200 with MacAddress 2E:60:00:0C:03:00
default/onos-onos-classic-2[onos-classic]: 01:14:41.520 DEBUG [AaaManager] EAP packet: EAPOL_PACKET ATTR_IDENTITY from dev/port: of:00000a0a0a0a0a00/49200 with MacAddress 2E:60:00:0C:03:00
default/onos-onos-classic-2[onos-classic]: 01:14:43.365 DEBUG [AaaManager] EAP packet: EAPOL_PACKET ATTR_MD5 from dev/port: of:00000a0a0a0a0a00/49200 with MacAddress 2E:60:00:0C:03:00

and caused authentication to be refused by radius.

The issue is that during the first exchange ONOS was busy and took more that a minute to send the "EAP MD5 Challenge Request" packet back to BBSim. At that point BBSim had reset the EAPOL state machine thus it shouldn't have replied to that packet.

at 01:13:29 BBSim sends "EAP Start"
at 01.13.39 BBSim sends "EAP Identity Response"

and so far everything is fine * at 01:14:39 BBSim times out and sends a new "EAP Start"

at 01.14:40 BBSim receives an "EAP MD5 Challenge Request" and responds (this packet was triggered after the Identity sent at 13:39, we should have dropped this packet)
at 01:14:41 bbsim sends an "EAP Identity Response" (as a result of the second "EAP Start")
at 01:14:43 BBSim responds at the second "EAP MD5 Challenge Request", but this is refused by Radius

BBSim should check the current state in the EAPOL state machine and drop any rogue packet it receives

Most likely a similar issue is present in the DHCP state machine

Attachments

Options
- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

Gerrit Reviews

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Elia Battiston

Reporter:: Matteo Scandolo

Watchers:: 2 Start watching this issue

Dates

Created:: 2020/10/21 10:32 AM

Updated:: 2022/01/10 10:46 AM

Resolved:: 2022/01/10 10:46 AM

Gerrit Reviews

There are no open Gerrit changes

Show There is 1 closed Gerrit change

Hide There is 1 closed Gerrit change

[VOL-3583] Reject unexpected EAPOL packets: Gerrit Review: