IV Index and LPN devices that leave mesh

Hi,

Alex Ross said:

How can I be sure I'm sending out a secure beacon?

I highly doubt there could be any issue there, but if you could sniff the network traffic (e.g. nRF Sniffer) or provision a DK into the network with a mesh applicaiton logging network activity.

Alex Ross said:

Essentially I have a switch that when triggered, the client sends a notification over mesh to the server. This works, I can see the message come in on the server. However, sending messages down to the client are being ignored.

This sounds a bit weird. How are the messages addressed? Are the proper appkeys bound to the models and used for the publication? I agree, if messages go one way this is most likely not an IV Index issue.

For confirmation of my assumptions, the LPN is what you refer to as the client, and the gateway is what you refer to as the server? What mesh models are you using?

Regards,
Terje

"I highly doubt there could be any issue there, but if you could sniff the network traffic (e.g. nRF Sniffer) or provision a DK into the network with a mesh applicaiton logging network activity."

I'll try both of these things. I can add another client and output what it sees. Can you tell me what function triggers the secure update so I can add a log output?


"This sounds a bit weird. How are the messages addressed? Are the proper appkeys bound to the models and used for the publication? I agree, if messages go one way this is most likely not an IV Index issue.

For confirmation of my assumptions, the LPN is what you refer to as the client, and the gateway is what you refer to as the server? What mesh models are you using?"

Correct, client = LPN.

In the nRF Mesh app I can refresh TTL, and I've verify they've subscribed to the correct groups and publish to the correct group. I even see it add itself as a friend to the server, however nothing I do seems to make it's way down to it. 

I'll try out the nRF Sniffer and see what I can find. My other thought was to override the IV index to something higher and see if I can trigger an IV update in test mode that way.

The model is based off of the generic on off but modified for an 8 byte message.

It's worked pretty well for a while now, it just seems occasionally something really weird happens and the messages get rejected in some fashion. 

Okay so now I'm getting somewhere.

I overrode a client's IV index to be 42 (within). This caused by server to update to IV index 42 as well, now I can see all of my nodes again (friendship succeeded, I see them all), however, even the client can't send a message to the server anymore. When they're both fresh, no problem, however once the IV update happens, the two are unable to send messages to each other anymore (I have verified with a log output message that the IV index is correct and matches.) 

The other funny part is that once I have the IV index "hacked" I can no longer get the TTL information from the app either. That is to say:

-Start with default IV on server, TTL can be loaded in nRF Mesh App
-Provision, things look good, TTL refresh still works
-"Hack" IV to match locked up friends
-Now the server is friends with the locked up clients, however button presses aren't working
-TTL loading doesn't work either
-It seems as though it's stuck in NET_STATE_IV_UPDATE_IN_PROGRESS mode as well 

Basically I need a way to hack the IV index in the most expected of ways such that the TTL refresh in the app still works. I also have the client in the same configuration, and again, I can't load the TTL. It almost seems as though an IV index of any non zero value and the app doesn't work with it. 

Does the nRF Mesh app for iOS have it's own IV index?

Any suggestions? 

I'm pretty convinced me screwing with the IV index is messing with the sequence number and now nothing gets through anywhere 

Should I open up a new issue for this?