LLMpediaThe first transparent, open encyclopedia generated by LLMs

hostapd

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: OpenWrt Hop 5
Expansion Funnel Raw 78 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted78
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
hostapd
Namehostapd
DeveloperJouni Malinen
Released2005
Operating systemLinux, FreeBSD, OpenBSD
LicenseISC

hostapd hostapd is a userspace daemon for wireless access point and authentication services. It provides IEEE 802.11 access point functionality, IEEE 802.1X/WPA/WPA2/WPA3 authentication, and RADIUS integration for network access control. The project is widely used in embedded systems, enterprise networks, and research environments, and is maintained in collaboration with contributors from the Linux kernel, FreeBSD, OpenBSD, and wireless chipset vendors.

Overview

hostapd implements the control plane for operating a wireless access point on platforms such as Linux kernel, FreeBSD, and OpenBSD. It interoperates with kernel-level components like the mac80211 stack, vendor drivers such as ath9k, brcmfmac, and iwlwifi, and userspace tools including wpa_supplicant, NetworkManager, and ConnMan. The daemon enables integration with authentication systems like RADIUS and directory services such as OpenLDAP and Microsoft Active Directory. hostapd is frequently referenced in projects from organizations including Intel Corporation, Qualcomm, Google, and Red Hat.

Features and Protocol Support

hostapd supports standards and extensions including IEEE 802.11 management, IEEE 802.1X authentication, and WPA-family protocols such as WPA, WPA2, and WPA3. It implements encryption suites including CCMP, TKIP, and SAE for password-authenticated key exchange. For enterprise authentication it supports EAP methods like EAP-TLS, EAP-PEAP, EAP-TTLS, EAP-FAST, and EAP-SIM and integrates with backend servers such as FreeRADIUS and Microsoft NPS. Additional features include Hotspot 2.0/Passpoint, IEEE 802.11r fast roaming, IEEE 802.11w management frame protection, multiple SSID/multi-BSS operation, and support for VLAN tagging interoperating with IEEE 802.1Q switches.

Architecture and Components

hostapd’s architecture separates frontend control logic from backend driver interfaces and authentication modules. It uses driver interfaces such as NL80211 to communicate with the Linux kernel and may use vendor-specific driver APIs for chipsets by Marvell, Broadcom, and Atheros. The authentication path delegates EAP processing to internal modules or external RADIUS backends like FreeRADIUS; certificate management relies on standards from bodies including IETF and IEEE. The control interface exposes management operations through a control socket consumed by tools like iw, wpa_cli, and configuration frameworks from systemd and OpenWrt.

Configuration and Management

hostapd is configured via a plaintext configuration file and runtime control via a UNIX-domain control interface. Typical deployment integrates with init systems and network managers such as systemd, OpenWrt, Debian, and Ubuntu Server packaging. Administrators commonly combine hostapd configuration with DHCP servers like ISC DHCP or dnsmasq and bridging via Linux bridge or Open vSwitch for complex topologies found in deployments by Cisco Systems and Juniper Networks. Logging and diagnostics link into syslog implementations from rsyslog and systemd-journald for monitoring and incident response.

Security and Authentication

hostapd implements industry-standard security protocols and cryptographic primitives approved by standards bodies like IEEE and specifications from IETF. It supports certificate-based authentication interoperable with X.509 infrastructures and PKI systems used by enterprises such as Microsoft Corporation and Oracle Corporation. For modern Wi‑Fi security it supports SAE and WPA3 features employed by vendors including Apple Inc., Samsung Electronics, and Cisco Systems. Integration with AAA ecosystems uses RADIUS servers like FreeRADIUS and directory services like OpenLDAP or Microsoft Active Directory to enforce policies and accounting in deployments ranging from universities such as Massachusetts Institute of Technology to enterprises like Google.

Use Cases and Deployment

hostapd is used in consumer routers, enterprise access points, testbeds, and embedded platforms. Projects such as OpenWrt, DD-WRT, and LEDE Project incorporate hostapd to deliver configurable SSID, security, and roaming features. Research testbeds at institutions such as University of California, Berkeley and Carnegie Mellon University use hostapd for wireless experiments. Commercial appliance vendors including Netgear, Linksys, and TP-Link may use adaptations or similar stacks in firmware. Cloud and virtualization environments leverage hostapd with virtual interfaces in platforms produced by VMware, Inc. and Proxmox VE for service chaining and lab emulation.

Development and Licensing

hostapd is written primarily in the C programming language and maintained under the ISC license with contributions from individuals and corporations. The codebase is hosted in distributed version control systems alongside related projects like wpa_supplicant and interacts with the Linux Wireless community and kernel maintainers such as those at Intel Corporation and The Linux Foundation. Development follows issue tracking and patch review practices used in projects like git and integrates contributions from open-source communities including GitHub mirrors and mailing lists associated with wireless-regdb and crda. The permissive ISC license facilitates inclusion in commercial products from vendors including Broadcom Inc., Qualcomm Atheros, and Marvell Technology Group.

Category:Wireless networking software