From: Jouni Malinen (jkmaline_at_cc.hut.fi)
Date: 2002-09-02 17:05:22 UTC
On Wed, Aug 28, 2002 at 02:35:28PM -0500, Aron Silverton wrote:
> The first EAP Request packet from the authenticator/AP to the supplicant
> is of size 1778. This packet size is correct. This exceeds the MTU
> of an Ethernet interface, but not the maximum payload for an 802.11b
> frame. I eventually figured to increase the MTU of my wlan0 interface
> to 1800 and was able to get working.
Yes, that can be a problem since EAPOL frames cannot be fragmented between Supplicant and Authenticator, but the packets between Authenticator and Authentication Server can be much longer. I did not run into this (probably due to certificate size being small enough).
> What is the best way to determine an appropriate MTU for a wlan
> interface and where should it be set? Would it be possible or more
> appropriate for either the hostap driver or the authenticator code to
> control this via socket options as needed?
In most cases the higher MTU between station and AP does not make big a difference since the next hop from the AP to wired net has a smaller MTU anyway. I don't see any problem in setting this to maximum, but the driver is defaulting to the normal Ethernet MTU (1500). Stations just better be prepared to receive longer packets.. Though, if the IEEE 802.1X frames get larger than 1500 bytes, it does not really matter much whether it is the AP or the station dropping it.
User space programs can certainly set this if they consider it to be useful (with SIOCSIFMTU ioctl). Actually, I just changed hostapd to set the MTU of wlan#ap device to larger value to allow >1500 EAPOL frames for IEEE 802.1X. This MTU change does not affect data frames since they use wlan# interface.
-- Jouni Malinen PGP id EFC895FA