Hi everyone
I have a little uncertainty regarding integrity checks in batman advanced. I was wondering which encapsulation does it.
The situation: - Ping to a batman node - Normal ping, no batman ping (nodes have an IP) - WPA2 active
ICMP should be encapsulated by IP, which is encapsulated by the Wi-Fi mac header. Now I know that batman advanced inserts it's own header. The question is, where exactly? Does it encapsulate the Wi-Fi mac and takes over the integrity check or not? Also, how does it behave in the case of enabled encryption? WPA2 has it's own integrity check.
The reason I ask, is that in Wireshark, it appears as ICMP when I sniff the traffic without encryption enabled.
It would be great, if someone could shed light in this affair! Thank you in advance!
Kind regards Patrick
On Friday 20 November 2015 15:42:36 Patrick Bosch wrote:
ICMP should be encapsulated by IP, which is encapsulated by the Wi-Fi mac header. Now I know that batman advanced inserts it's own header. The question is, where exactly? Does it encapsulate the Wi-Fi mac and takes over the integrity check or not? Also, how does it behave in the case of enabled encryption? WPA2 has it's own integrity check.
Layers:
4. ICMP 3. IP 2.5: batman-adv + the original ethernet header 2. Eth/WiFi/... 1. ...
So it just doesn't know about the encryption because the encryption + MIC happens at a lower layer.
The reason I ask, is that in Wireshark, it appears as ICMP when I sniff the traffic without encryption enabled.
Wireshark (especially 2.0) can dissect/parse the batman-adv headers/encapsulation. You should check the "Packet Details" view in wireshark to see the different headers and the payload.
Kind regards, Sven
b.a.t.m.a.n@lists.open-mesh.org
-
Patrick Bosch -
Sven Eckelmann