Firstly,As Im new to this place, I would like to say a big thanks to all WRT crew for this amazing work!

Im working on my college project, story short, I want to implement and test the infamous KRACK attack.
so the idea is to use 2 Raspberry pi's as a set up for 802.11r environment and than perform the rest.... and ideally make it happen.

While setting up the openWrt on Rpi3 I have encountered this problem. Im addressing my WAN interface with DHCP CLIENT  and it is picking up the address from my local router (192.168.1.0/24)  ... everything works fine, Im updating LEDE and getting all packages as I need, also ssh works fine

but the minute I add my LAN interface with static 10.10.10.0/24 as DHCP SERVER   ( I got the usb to rj45 for second lan port connection, it works perfect too)

when I add the LAN interface to this set up the interfaces are magically  (LAN AND WAN)  getting swapped, so LEDE sees my LAN as WAN ...

I cant really change the 192.168.1.0 as this is hooked up to my home box. Anyone knows what could cause this "behaviour". I was trying to play with iptables/firewalls but with no success.

and just to mention that Ive hooked up alfa card to LANs DHCP SERVER and It works perfect too.

Any ideas? Please help!

P.S Sorry for my English, hope everything make sense.

A.

It seems someone else also got a problem with network interfaces changing names since I found this github repository. (Not tested by me.)

https://github.com/borb/openwrt-persistent-net

It is an age-old problem of booting up with two USB devices and which one will be detected first.  Generally if you keep it plugged into the same port, the naming will stay the same.

802.11r requires a LAN between the two APs, you can't do what you are doing by routing them both separately.  Also it requires enterprise authentication.  When the KRACK story broke, it was noted that 802.11r is basically never found in home equipment.

The actual naming is fine, eth0 is my LAN and eth1(usb rj45) is my WAN and this corresponds to my physical wiring as it should be (its staying like that every time device gets rebooted)  but for some reason LEDE recognises my LAN as WAN so im loosing ssh and web access (this can be worked around but I feel that it shouldnt be need for that).(Also I did try to swap them, used LAN for the usb>rj45 but problem stays same) 

Sorry but I cant post any pictures here.

When I go to LEDE > STATUS > OVERVIEW > and under connected WAN I see my LAN instead of WAN,
and in my LEDE > NETWORK > INTERFACES everything is correct WAN is WAN and LAN is LAN. 

Would the fact that Im using 192.168.1.0 have impact on this? both of them are private networks tho.

KRACK: This is exactly what im building, 2 raspberries acting as two separate AP's hooked up on one lan (10.10.10.0/24) so the "victim" device can roam between the two. I want to try it with 802.11r flavour of KRACK as it doesn't require the MITM position. Yeah, I noticed that there will be a "another task" with setting up radius with 802.11r . Everything worked fine as far so Im sure that 802.11x should be pretty straight forward.

(Last edited by arti107 on 12 Mar 2018, 04:24)

In your physical settings wan should be attached to eth0 and lan to eth1 (or vice versa).  This should have things always working the same.

You should have only one connected to the Internet and doing all the routing, the other one would be linked to that first one by a cable on its LAN.  The second unit is a so called dumb AP extending the wifi coverage area.

I had forwarding enabled on both zones. It works perfect now, Thanks a mil!

For 802.11r RH0KH settings: the 128 bit key value works as "another password"  for internal use between the AP's? and it has nothing to do with actual key (passphrase) ? Im a bit confused here

Apparently I had this problem again! My Lan was listed as a Wan in "overview" section and in result it was obstructing the routing. I could not bypass the device with icmps etc. 

I had to delete the lan interface, let wan to "stick" to wan in the overview section and add lan int again to fix this issue. 

######## now ssh is not working (after adding iptables and other rulez)

I'm not sure what you are saying and how that would happen.

Check the physical settings to make sure that one Ethernet port is in wan (and only wan) and the other one is in lan (and only lan).  Having both in one network would cause problems.