[arch-general] hostapd + ap_isolate
arch at eckner.net
Fri Oct 22 20:36:11 UTC 2021
-----BEGIN PGP SIGNED MESSAGE-----
I'm running a software accesspoint with hostapd for several years now.
Since some weeks, clients cannot talk to each other directly anymore, also
IPv6 broke (the latter might be related, but I'm currently trying to solve
the former issue). Unfortunately, I cannot assure, that both happened at
the same time. Also, I cannot correlate it to any updates or config
The tech stack is:
+ hostapd (spans two wifi: a normal and a guest net)
+ dhcpd (for ipv4)
+ radvd (for ipv6)
+ iptables (for routing)
ipv4 works fine in the following directions:
+ from access point to any client and vice versa
+ from any client to any permitted target beyond the access point
but it fails between wifi clients directly.
The only config change, which I did within the last 6 months, is adding
the second wifi on wlp0s12_0. However, I'm pretty sure, that at least IPv6
was not immediately broken.
Ipv4-routes and -addresses on the clients look fine, tcpdump shows no
packages when trying to ping other wifi clients (is it normal to not see
outgoing packages in case of failure? - seems strange, but was the same,
when pinging some bogus address from the access point).
Originally, I added "ap_isolate=1" to the config of wlp0s12_0 to isolate
guest wifi clients from each other - and I'm pretty sure, I did test it,
and it did work (and did not break connectivity between wlp0s12 clients).
However, during testing now, I even removed that directive without
Does anyone have an idea, where else I could look?
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the arch-general