Android Wifi断开问题分析和802.11原因码

Android Wifi连接和断链分析思路。

1.密码错误导致的连接失败

2.关联被拒绝

3.热点未回复AUTH_RSP或者STA未收到 AUTH_RSP

4.热点未回复ASSOC_RSP或者STA未收到ASSOC_RSP

5.DHCP FAILURE

6.发生roaming

7.AP发送了DEAUTH帧导致断开连接

8.被AP踢出，这个原因需要sniffer log分析

下面详细介绍。

1.密码错误导致的连接失败

1.1

其实有时候并不是用户真的输入了错误密码，有可能WIFI底层驱动存在异常。

可以查一下WIFI配置文件中保存的AP密码是否与期望值一致。

wpa_supplicant: wlan0: WPA: 4-Way Handshake failed - pre-shared key may be incorrect
wpa_supplicant: wlan0: CTRL-EVENT-SSID-TEMP-DISABLED id=0 ssid="inhub" aut

1.2 在4WAY_HANDSHAKE阶段由于密码错误、丢帧或者弱信号丢包导致WRONG_KEY：

密码错误在4WAY_HANDSHAKE阶段中的2/4次握手会显示wrong key。如果已经连接过则显示

I/wpa_supplicant(19043): wlan0: CTRL-EVENT-SSID-TEMP-DISABLED id=1 ssid="inhub" auth_failures=1 duration=5 reason=WRONG_KEY。

丢帧导致连接断开：

wlan: [24597:E :PE ] limHandleMissedBeaconInd: 2121: Sending EXIT_BMPS_IND to SME due to Missed beacon from FW

信号弱导致断开：

I/wpa_supplicant(31023): wlan0: CTRL-EVENT-DISCONNECTED bssid=c8:3a:35:2b:71:30 reason=0
E/WifiStateMachine( 821): NETWORK_DISCONNECTION_EVENT in connected state BSSID=c8:3a:35:2b:71:30 RSSI=-89 freq=2437 was debouncing=false reason=0 ajst=0

reason=0表示因为信号弱而断开。

2.关联被拒绝

2.1

wpa_supplicant: wlan0: CTRL-EVENT-ASSOC-REJECT status_code=1
wpa_supplicant: wlan0: Request to deauthenticate - bssid=00:00:00:00:00:00 pending_bssid=00:00:00:00:00:00 reason=3 state=ASSOCIATING
wpa_supplicant: wpa_driver_nl80211_disconnect(reason_code=3)

2.2 在ASSOCIATING阶段由于丢包导致ASSOC REJECT

Line 15551: 03-10 15:42:04.953 884 884 I wpa_supplicant: wlan0: CTRL-EVENT-DISCONNECTED bssid=f4:2a:7d:7c:65:df reason=3 locally_generated=1
Line 15552: 03-10 15:42:04.959 884 884 W wpa_supplicant: nl80211: Was expecting local disconnect but got another disconnect event first
Line 18957: 03-10 15:42:07.363 884 884 I wpa_supplicant: wlan0: Trying to associate with f4:2a:7d:7c:65:df (SSID='inhub' freq=2412 MHz)
Line 18965: 03-10 15:42:08.372 884 884 I wpa_supplicant: wlan0: CTRL-EVENT-ASSOC-REJECT bssid=f4:2a:7d:7c:65:df status_code=1
Line 18991: 03-10 15:42:08.693 884 884 I wpa_supplicant: wlan0: Trying to associate with f4:2a:7d:7c:65:df (SSID='inhub' freq=2412 MHz)

上面日志分析

CTRL-EVENT-DISCONNECTED bssid=f4:2a:7d:7c:65:df reason=3 ==>这是系统下断线的
重连后有看到CTRL-EVENT-ASSOC-REJECT==>有可能跟网络有关,

若是当前环境下WiFi 比较多(2.4G环境比较糟,干扰较大，有可能某一方收发不好导致),

若是一直都出现CTRL-EVENT-ASSOC-REJECT导致连线不上，最好找WiFi 方案商帮忙协助确认一下是否是WiFi端的问题？

3.热点未回复AUTH_RSP或者STA未收到 AUTH_RSP

正常情况下，STA发送AUTH request后，会收到一个AUTH_RSP，即正确情况下，内核LOG中会有如下两行打印，异常情况下，仅有第一行。

这种情况下，可以用其他设备接入AP，看是否存在同样的问题，则基本判断出是否为热点问题。

4,20619,2759068545,-;AUTH - Send AUTH request seq#1 (Alg=0)...
4,20620,2759170874,-;AUTH - Receive AUTH_RSP seq#2 to me (Alg=0, Status=0)

4.热点未回复ASSOC_RSP或者STA未收到ASSOC_RSP

异常情况下，STA端不会有下面的第二行日志打印。

[ 2854.218696] ASSOC - Send ASSOC request...
[ 2854.238083] PeerAssocRspAction():ASSOC - receive ASSOC_RSP to me (status=0)

5.DHCP FAILURE

四次握手成功但是获取IP地址失败：

WifiConfigStore:  message=DHCP FAILURE

正常情况下的流程如下：

DhcpClient: Broadcasting DHCPDISCOVER
DhcpClient: Received packet: 10:c7:53:71:ae:7c OFFER, ip /192.168.236.146, mask /255.255.255.0, DNS servers: /192.168.236.1 , gateways [/192.168.236.1] lease time 86400, domain null
DhcpClient: Got pending lease: IP address 192.168.236.146/24 Gateway 192.168.236.1  DNS servers: [ 192.168.236.1 ] Domains  DHCP server /192.168.236.1 Vendor info null lease 86400seconds
DhcpClient: Broadcasting DHCPREQUEST ciaddr=0.0.0.0 request=192.168.236.146 serverid=192.168.236.1
DhcpClient: Received packet: 10:c7:53:71:ae:7c ACK: your new IP /192.168.236.146, netmask /255.255.255.0, gateways [/192.168.236.1] DNS servers: /192.168.236.1 , lease time 86400
DhcpClient: Confirmed lease: IP address 192.168.236.146/24 Gateway 192.168.236.1  DNS servers: [ 192.168.236.1 ] Domains  DHCP server /192.168.236.1 Vendor info null lease 86400 seconds

6.发生roaming

当前连接AP1信号太弱，此时又扫描到了已连接过的AP2，AP2的信号强度更好，则会断开AP1，连接AP2，这一系列动作就叫roaming。 

如下列中，断开了与10:0e:0e:20:66:15热点的连接，连接到了10:0e:0e:20:5e:6d热点。

wpa_supplicant: nl80211: Associated on 2422 MHz
wpa_supplicant: nl80211: Associated with 10:0e:0e:20:66:15
wpa_supplicant: nl80211: Drv Event 47 (NL80211_CMD_ROAM) received for wlan0
wpa_supplicant: nl80211: Roam event
wpa_supplicant: nl80211: Associated on 2472 MHz
wpa_supplicant: nl80211: Associated with 10:0e:0e:20:5e:6d

日志2

I/WifiHAL (28360): event received NL80211_CMD_ROAM, vendor_id = 0x0
I/wpa_supplicant(28064): wlan0: CTRL-EVENT-CONNECTED - Connection to c4:14:3c:29:47:25 completed [id=0 id_str=]
I/WifiHAL (28360): event received NL80211_CMD_ROAM, vendor_id = 0x0
I/wpa_supplicant(28064): wlan0: CTRL-EVENT-CONNECTED - Connection to c4:14:3c:29:47:05 completed [id=0 id_str=]
I/WifiHAL (28360): event received NL80211_CMD_ROAM, vendor_id = 0x0
I/wpa_supplicant(28064): wlan0: CTRL-EVENT-CONNECTED - Connection to 1c:1d:86:e9:e2:85 completed [id=0 id_str=]

7.AP发送了DEAUTH帧导致断开连接

此时可以连接其他AP测试一下，进而判断是否是刚才这个AP的问题

[ 1555.321037] (1)[3319:tx_thread][wlan] Rx Deauth frame from BSSID=[aa:63:df:4c:db:c2]
[ 1555.321093] (1)[3319:tx_thread][wlan] Reason code = 7

8.被AP踢出，这个原因需要sniffer log分析

reason=2，reason=7，reason=15代表被AP踢出，在kernel log中可以找到对应的deauth信息。

I/wpa_supplicant(28064): wlan0: CTRL-EVENT-DISCONNECTED bssid=c4:14:3c:29:47:05 reason=7
wlan: [28055:E :PE ] limProcessDeauthFrame: 144: Received Deauth frame for Addr: 44:a4:2d:52:bc:a5 (mlm state = eLIM_MLM_LINK_ESTABLISHED_STATE, sme state = 12 systemrole = 3) with reason code 7 from c4:14:3c:29:47:05
I/wpa_supplicant(28064): wlan0: CTRL-EVENT-DISCONNECTED bssid=1c:1d:86:e9:e2:85 reason=15
wlan: [28055:E :PE ] limProcessDeauthFrame: 144: Received Deauth frame for Addr: 44:a4:2d:52:bc:a5 (mlm state = eLIM_MLM_LINK_ESTABLISHED_STATE, sme state = 12 systemrole = 3) with reason code 15 from 1c:1d:86:e9:e2:85
I/wpa_supplicant(28064): wlan0: CTRL-EVENT-DISCONNECTED bssid=c4:14:3c:29:47:25 reason=2
wlan: [28055:E :PE ] limProcessDeauthFrame: 144: Received Deauth frame for Addr: 44:a4:2d:52:bc:a5 (mlm state = eLIM_MLM_LINK_ESTABLISHED_STATE, sme state = 12 systemrole = 3) with reason code 2 from c4:14:3c:29:47:25

其他情况后续补充。

附录：

802.11 Association Status, 802.11 Deauth Reason codes

802.11 Association Status, 802.11 Deauth Reason codes - Cisco Community

802.11 Association Status Codes

Code	802.11 definition	Explanation
0	Successful
1	Unspecified failure	For example : when there is no ssid specified in an association request
10	Cannot support all requested capabilities in the Capability Information field	Example Test: Reject when privacy bit is set for WLAN not requiring security
11	Reassociation denied due to inability to confirm that association exists	NOT SUPPORTED
12	Association denied due to reason outside the scope of this standard	Example : When controller receives assoc from an unknown or disabled SSID
13	Responding station does not support the specified authentication algorithm	For example, MFP is disabled but was requested by the client.
14	Received an Authentication frame with authentication transaction sequence number out of expected sequence	If the authentication sequence number is not correct.
15	Authentication rejected because of challenge failure
16	Authentication rejected due to timeout waiting for next frame in sequence
17	Association denied because AP is unable to handle additional associated stations	Will happen if you run out of AIDs on the AP; so try associating a large number of stations.
18	Association denied due to requesting station not supporting all of the data rates in the BSSBasicRateSet parameter	Will happen if the rates in the assoc request are not in the BasicRateSet in the beacon.
19	Association denied due to requesting station not supporting the short preamble option	NOT SUPPORTED
20	Association denied due to requesting station not supporting the PBCC modulation option	NOT SUPPORTED
21	Association denied due to requesting station not supporting the Channel Agility option	NOT SUPPORTED
22	Association request rejected because Spectrum Management capability is required	NOT SUPPORTED
23	Association request rejected because the information in the Power Capability element is unacceptable	NOT SUPPORTED
24	Association request rejected because the information in the Supported Channels element is unacceptable	NOT SUPPORTED
25	Association denied due to requesting station not supporting the Short Slot Time option	NOT SUPPORTED
26	Association denied due to requesting station not supporting the DSSS-OFDM option	NOT SUPPORTED
27-31	Reserved	NOT SUPPORTED
32	Unspecified, QoS-related failure	NOT SUPPORTED
33	Association denied because QAP has insufficient bandwidth to handle another QSTA	NOT SUPPORTED
34	Association denied due to excessive frame loss rates and/or poor conditions on current operating channel	NOT SUPPORTED
35	Association (with QBSS) denied because the requesting STA does not support the QoS facility	If the WMM is required by the WLAN and the client is not capable of it, the association will get rejected.
36	Reserved in 802.11	This is used in our code ! There is no blackbox test for this status code.
37	The request has been declined	This is not used in assoc response; ignore
38	The request has not been successful as one or more parameters have invalid values	NOT SUPPORTED
39	The TS has not been created because the request cannot be honored; however, a suggested TSPEC is provided so that the initiating QSTA may attempt to set another TS with the suggested changes to the TSPEC	NOT SUPPORTED
40	Invalid information element, i.e., an information element defined in this standard for which the content does not meet the specifications in Clause 7	Sent when Aironet IE is not present for a CKIP WLAN
41	Invalid group cipher	Used when received unsupported Multicast 802.11i OUI Code
42	Invalid pairwise cipher
43	Invalid AKMP
44	Unsupported RSN information element version	If you put anything but version value of 1, you will see this code.
45	Invalid RSN information element capabilities	If WPA/RSN IE is malformed, such as incorrect length etc, you will see this code.
46	Cipher suite rejected because of security policy	NOT SUPPORTED
47	The TS has not been created; however, the HC may be capable of creating a TS, in response to a request, after the time indicated in the TS Delay element	NOT SUPPORTED
48	Direct link is not allowed in the BSS by policy	NOT SUPPORTED
49	Destination STA is not present within this QBSS	NOT SUPPORTED
50	The Destination STA is not a QSTA	NOT SUPPORTED
51	Association denied because the ListenInterval is too large	NOT SUPPORTED
200 (0xC8)	Unspecified, QoS-related failure. Not defined in IEEE, defined in CCXv4	Unspecified QoS Failure. This will happen if the Assoc request contains more than one TSPEC for the same AC.
201 (0xC9)	TSPEC request refused due to AP’s policy configuration (e.g., AP is configured to deny all TSPEC requests on this SSID). A TSPEC will not be suggested by the AP for this reason code. Not defined in IEEE, defined in CCXv4	This will happen if a TSPEC comes to a WLAN which has lower priority than the WLAN priority settings. For example a Voice TSPEC coming to a Silver WLAN. Only applies to CCXv4 clients.
202 (0xCA)	Association Denied due to AP having insufficient bandwidth to handle a new TS. This cause code will be useful while roaming only. Not defined in IEEE, defined in CCXv4
203 (0xCB)	Invalid Parameters. The request has not been successful as one or more TSPEC parameters in the request have invalid values. A TSPEC SHALL be present in the response as a suggestion. Not defined in IEEE, defined in CCXv4	This happens in cases such as PHY rate mismatch. If the TSRS IE contains a phy rate not supported by the controller, for example. Other examples include sending a TSPEC with bad parameters, such as sending a date rate of 85K for a narrowband TSPEC.

802.11 Deauth Reason Codes

Code	802.11 definition	Explanation
0	Reserved	NOT SUPPORTED
1	Unspecified reason	TBD
2	Previous authentication no longer valid	NOT SUPPORTED
3	station is leaving (or has left) IBSS or ESS	NOT SUPPORTED
4	Disassociated due to inactivity	Do not send any data after association;
5	Disassociated because AP is unable to handle all currently associated stations	TBD
6	Class 2 frame received from nonauthenticated station	NOT SUPPORTED
7	Class 3 frame received from nonassociated station	NOT SUPPORTED
8	Disassociated because sending station is leaving (or has left) BSS	TBD
9	Station requesting (re)association is not authenticated with responding station	NOT SUPPORTED
10	Disassociated because the information in the Power Capability element is unacceptable	NOT SUPPORTED
11	Disassociated because the information in the Supported Channels element is unacceptable	NOT SUPPORTED
12	Reserved	NOT SUPPORTED
13	Invalid information element, i.e., an information element defined in this standard for which the content does not meet the specifications in Clause 7	NOT SUPPORTED
14	Message integrity code (MIC) failure	NOT SUPPORTED
15	4-Way Handshake timeout	NOT SUPPORTED
16	Group Key Handshake timeout	NOT SUPPORTED
17	Information element in 4-Way Handshake different from (Re)Association Request/Probe Response/Beacon frame	NOT SUPPORTED
18	Invalid group cipher	NOT SUPPORTED
19	Invalid pairwise cipher	NOT SUPPORTED
20	Invalid AKMP	NOT SUPPORTED
21	Unsupported RSN information element version	NOT SUPPORTED
22	Invalid RSN information element capabilities	NOT SUPPORTED
23	IEEE 802.1X authentication failed	NOT SUPPORTED
24	Cipher suite rejected because of the security policy	NOT SUPPORTED
25-31	Reserved	NOT SUPPORTED
32	Disassociated for unspecified, QoS-related reason	NOT SUPPORTED
33	Disassociated because QAP lacks sufficient bandwidth for this QSTA	NOT SUPPORTED
34	Disassociated because excessive number of frames need to be acknowledged, but are not acknowledged due to AP transmissions and/or poor channel conditions	NOT SUPPORTED
35	Disassociated because QSTA is transmitting outside the limits of its TXOPs	NOT SUPPORTED
36	Requested from peer QSTA as the QSTA is leaving the QBSS (or resetting)	NOT SUPPORTED
37	Requested from peer QSTA as it does not want to use the mechanism	NOT SUPPORTED
38	Requested from peer QSTA as the QSTA received frames using the mechanism for which a setup is required	NOT SUPPORTED
39	Requested from peer QSTA due to timeout	NOT SUPPORTED
40	Peer QSTA does not support the requested cipher suite	NOT SUPPORTED
46-65535	46--65 535 Reserved	NOT SUPPORTED
98	Cisco defined	TBD
99	Cisco defined Used when the reason code sent in a deassoc req or deauth by the client is invalid – invalid length, invalid value etc	Example: Send a Deauth to the AP with the reason code to be invalid, say zero