User Tools

Site Tools


doc:uci:wireless

Wireless configuration

The wireless UCI configuration is located in /etc/config/wireless. Learn about the entire IEEE 802.11 "wireless" subsystem.

Note1: By default the wireless is OFF. You can turn it on in the /etc/config/wireless by changing disabled 1 to disabled 0
In UCI CLI you do this with:
uci set wireless.@wifi-device[0].disabled=0; uci commit wireless; wifi
Note2: If your device contains multiple radios (e.g. some dual-band devices), then you'll need to enabled each device in-turn - list disabled devices with
uci show wireless | grep disabled
Note3: In case your image does not contain the driver for your wireless chipset, simply install them with opkg and proceed with Regenerate Configuration.

Sections

A typical wireless config file contains at least one wifi device specifying general radio properties like channel, driver type and txpower and one wifi interface defining a wireless network on top of the radio device.

Wifi Devices

The wifi-device refer to physical radio devices present on the system. The options present in this section describe properties common across all wireless networks on this radio interface, such as channel or antenna selection.

In most cases there is only one radio adapter present on the device, so only one such section is defined, however on multi-radio hardware there may be multiple wifi-device sections - each referring to a different adapter.

A minimal wifi-device declaration may look like the example below. Note that identifiers and options may vary for different chipset types or drivers.

config 'wifi-device' 'wl0'
        option 'type'    'broadcom'
        option 'channel' '6'

  • wl0 is the internal identifier for the wireless adapter
  • broadcom specifies the chipset/driver type
  • 6 is the wireless channel the device operates on

The possible options for device sections are listed in the table below. Note that not all options are used for all chipset/driver types, refer to the comments for further details.

Common Device Options

Name Type Required Default Description
type string yes (autodetected) The type is determined on firstboot during the initial radio device detection - it is usually not required to change it. Used values are broadcom on brcm47xx, or mac80211 for b43, ath5k and ath9k
phy string no/yes (autodetected) Specifies the radio phy associated to this section. If present, it is usually autodetected and should not be changed.
macaddr MAC address yes/no (autodetected) Specifies the radio adapter associated to this section, it is not used to change the device mac but to identify the underlying interface.
ifname string no (driver default) Specifies a custom name for the wifi interface, which is otherwise automatically named.
disabled boolean no 0 Disables the radio adapter if set to 1. Removing this option or setting it to 0 will enable the adapter
channel integer or "auto" yes auto Specifies the wireless channel to use. "auto" defaults to the minimum channel available
hwmode string no (driver default) Selects the wireless protocol to use, possible values are 11b, 11g, and 11a (note that 11ng and 11na are not available options, see ticket 17541)
txpower integer no (driver default) Specifies the transmission power in dBm
diversity boolean no 1 Enables or disables the automatic antenna selection by the driver
rxantenna integer no (driver default) Specifies the antenna for receiving, the value may be driver specific, usually it is 1 for the first and 2 for the second antenna. Specifying 0 enables automatic selection by the driver if supported. This option has no effect if diversity is enabled
txantenna integer no (driver default) Specifies the antenna for transmitting, values are identical to rxantenna
distance integer no (driver default) Distance between the ap and the furthest client in meters.
country varies no (driver default) Specifies the country code, affects the available channels and transmission powers. For type broadcom a two letter country code is used (EN or DE). The madwifi driver expects a numeric code.
country_ie boolean no 1 if country is set, otherwise 0 Enables IEEE 802.11d country IE (information element) advertisement in beacon and probe response frames. This IE contains the country code and channel/power map. Requires country.
require_mode string no none (ap mode) Set the minimum mode that connecting clients need to support to be allowed to connect. Supported values: g = 802.11g, n = 802.11n, ac = 802.11ac
log_level integer no 2 Set the log_level. Supported levels are: 0 = verbose debugging, 1 = debugging, 2 = informational messages, 3 = notification, 4 = warning

MAC80211 Device Options

:!: The options below are only used by the mac80211 driver (type mac80211).

Name Type Required Default Description
path string no (none) Alternative to phy used to identify the device based paths in /sys/devices
htmode string no (driver default) Specifies the channel width in 802.11n and 802.11ac mode, possible values are:
HT20 (single 20MHz channel),
HT40- (2x 20MHz channels, primary/control channel is upper, secondary channel is below)
HT40+ (2x 20MHz channels, primary/control channel is lower, secondary channel is above).
HT40 (2x 20Mz channels, auto selection of upper or lower secondary channel on versions 14.07 and above).
NONE (disables 802.11n rates and enforce the usage of legacy 802.11 b/g/a rates)
VHT20 / VHT40 / VHT80 / VHT160 (channel width in 802.11ac, extra channels are picked according to the specification)
Cf. why.can.t.i.use.ht40.with.channel.11 and http://hostap.epitest.fi/cgit/hostap/tree/hostapd/hostapd.conf (search for HT40) in the web page.
:!: See HT (high throughput) capabilities below for options to customize high-throughput modes
chanbw integer no 20 Specifies a narrow channel width, possible values are: 5 (5MHz channel), 10 (10MHz channel) or 20 (20MHz channel).
:!: Only supported by the ath9k/ath5k driver (since Attitude Adjustment)
noscan boolean no 0 Do not scan for overlapping BSSs in HT40+/- mode.
:!: Turning this on will violate regulatory requirements!
beacon_int integer no 100 (hostapd default) Set the beacon interval. This is the time interval between beacon frames, measured in units of 1.024 ms. hostapd permits this to be set between 15 and 65535. This option only has an effect on ap and adhoc wifi-ifaces.
basic_rate list no (hostapd/driver default) Set the supported basic rates. Each basic_rate is measured in kb/s. This option only has an effect on ap and adhoc wifi-ifaces.
ht_coex integer no 0 Disable honoring 40 MHz intolerance in coexistence flags of stations (since Chaos Calmer)
frag integer no (none) Fragmentation threshold
rts integer no (driver default) Override the RTS/CTS threshold
antenna_gain integer no 0 Reduction in antenna gain from regulatory maximum in dBi

Broadcom Device Options

:!: The options below are only used by the proprietary Broadcom driver (type broadcom).

Name Type Required Default Description
frameburst boolean no 0 Enables Broadcom frame bursting if supported
maxassoc integer no (driver default) Limits the maximum allowed number of associated clients
slottime integer no (driver default) Slot time in milliseconds

Madwifi Device Options

:!: The following options are only used by the Madwifi driver (type atheros).

Name Type Required Default Description
softled boolean no 1 Enables software based LED control in the driver
outdoor boolean no 0 Enables outdoor channels in the 5GHz band
regdomain number no (driver default) Overrides the regulatory domain setting
antenna string no (driver default) Selects the antenna, possible values are vertical for internal vertical polarization, horizontal for internal horizontal polarization or external to use the external antenna connector
:!: Only used on the Ubiquiti NanoStation device family instead of the rxantenna/txantenna settings.

Wifi Networks

A complete wireless configuration contains at least one wifi-iface section per adapter to define a wireless network on top of the hardware. Some drivers support multiple wireless networks per device:

  • broadcom if the core revision is greater or equal 9 (see dmesg | grep corerev)
  • madwifi always supports multiple networks
  • mac80211 STA mode is supported. STA and AP at the same time is supported as well.

A minimal example for a wifi-iface declaration is given below.

config 'wifi-iface'
        option 'device'     'wl0'
        option 'network'    'lan'
        option 'mode'       'ap'
        option 'ssid'       'MyWifiAP'
        option 'encryption' 'psk2'
        option 'key'        'secret passphrase'

  • wl0 is the identifier for the underlying radio hardware
  • lan specifies the network interface the wifi is attached to.
  • ap is the operation mode, Access Point in this example
  • MyWifiAP is the broadcasted SSID
  • psk2 specifies the wireless encryption method, WPA2 PSK here
  • secret passphrase is the secret WPA passphrase

Common Interface Options

The most common configuration option for wifi-iface sections are listed below.

Name Type Required Default Description
device string yes (first device id) Specifies the used wireless adapter, must refer to one of the defined wifi-device sections
mode string yes ap Selects the operation mode of the wireless network interface controller (some are supported simultaneously by some drivers):
ap for Access Point,
sta for managed (client) mode,
adhoc for Ad-Hoc,
wds for static WDS,
monitor for monitor mode,
mesh for IEEE 802.11s mesh mode
:!: mesh mode only supported by mac80211
disabled boolean no 0 When set to 1, wireless network is disabled.
ssid string yes OpenWrt The broadcasted SSID of the wireless network (for managed mode the SSID of the network you're connecting to)
bssid string no (driver default) Override the BSSID of the network, only applicable in adhoc or sta mode. In wds mode specifies the BSSID of another AP to create WDS with.
hidden boolean no 0 Turns off SSID broadcasting if set to 1
isolate boolean no 0 (ap mode) Isolate wireless clients from each other. May not be supported in the original Backfire release for mac80211
wmm boolean no 1 Enables WMM (802.11e) support. Required for 802.11n support
network string yes lan Specifies the network interface to attach the wireless to. :!: Most wireless drivers do not support bridging in client mode (see Bridged Client Mode Issues and relayclient, as well as notes on specific devices, e.g. wl500gp and tplink wr841nd), the wifi interface cannot be attached to networks that are creating a bridge or already have switches interfaces connected, if the wifi interface uses the mode 'sta'.
encryption string no none Wireless encryption method. none for an open network, wep for WEP, psk for WPA-PSK, or psk2 for WPA2-PSK. See the WPA modes table for additional possible values.
For an access point in WEP mode, the default is "open system" authentication. Use wep+shared for "shared key" authentication (less secure), wep+open to explicitly use "open system," or wep+mixed to allow either. wep+mixed is only supported by hostapd.
key integer or string no (none) In any WPA-PSK mode, this is a string that specifies the pre-shared passphrase from which the pre-shared key will be derived. If a 64-character hexadecimal string is supplied, it will be used directly as the pre-shared key instead.
In WEP mode, this can be an integer specifying which key index to use (key1, key2, key3, or key4.) Alternatively, it can be a string specifying a passphrase or key directly, as in key1.
In any WPA-Enterprise AP mode, this option has a different interpretation.
key1 string no (none) WEP passphrase or key #1 (selected by the index in key). This string is treated as a passphrase from which the WEP key will be derived. If a 10- or 26-character hexadecimal string is supplied, it will be used directly as the WEP key instead.
key2 string no (none) WEP passphrase or key #2 (selected by the index in key), as in key1.
key3 string no (none) WEP passphrase or key #3 (selected by the index in key), as in key1.
key4 string no (none) WEP passphrase or key #4 (selected by the index in key), as in key1.
maclist list no (none) List of space separated list of MAC addresses to put into the mac filter (list of lists)
iapp_interface string no (none) Specifies a network interface to be used for 802.11f (IAPP) - only enabled when defined.
rsn_preauth boolean no 0 Allow preauthentication for WPA2-EAP networks (and advertise it in WLAN beacons). Only works if the specified network interface is a bridge.
maxassoc integer no (hostapd/driver default) Specifies the maximum number of clients to connect.
macaddr mac address no (hostapd/driver default) Overrides the MAC address used for the wifi interface.
wds boolean no 0 This sets 4-address mode
:!: See the WPA tables below for a full listing of WPA related options used for WPA2 Enterprise (802.1x)
:!: See the WPS Options below for a full listing of Wi-Fi Protected Setup options.

MAC80211 Interface Options

:!: The options in the table below are specific to interfaces using a device of type mac80211.

Name Type Required Default Description
doth boolean no 1 Enables 802.11h support.
mesh_id string no (none) The Mesh ID as defined in IEEE 802.11s. If set, the wireless interface will join this mesh network when brought up. If not, it is necessary to invoke iw <iface> mesh join <mesh_id> to join a mesh after the interface is brought up.
macfilter string no disable Specifies the mac filter policy, disable to disable the filter, allow to treat it as whitelist or deny to treat it as blacklist. (since r25105)
short_preamble boolean no 1 Set optional use of short preamble (since r35565)
dtim_period integer no 2 (hostapd default) Set the DTIM (delivery traffic information message) period. There will be one DTIM per this many beacon frames. This may be set between 1 and 255. This option only has an effect on ap wifi-ifaces.
max_listen_int integer no 65535 (hostapd default) Set the maximum allowed STA (client) listen interval. Association will be refused if a STA attempts to associate with a listen interval greater than this value. This option only has an effect on ap wifi-ifaces.
mcast_rate integer no (driver default) (adhoc mode) Sets the fixed multicast rate, measured in kb/s.
start_disabled boolean no 0 Start AP BSS with beacons disabled (defaults to 1 for second BSS onwards)
powersave boolean no 0 (sta mode) Enable dynamic power management.
ieee80211w integer no 0 Enables MFP (802.11w) support (0 = disabled, 1 = optional, 2 = required).
:!: Only supported by the ath9k driver (since 10.03)
ieee80211w_max_timeout integer no (hostapd default) Specifies the 802.11w Association SA Query maximum timeout.
:!: Only supported by the ath9k driver (since 10.03)
ieee80211w_retry_timeout integer no (hostapd default) Specifies the 802.11w Association SA Query retry timeout .
:!: Only supported by the ath9k driver (since 10.03)

Madwifi Interface Options

:!: The options in the table below are specific to interfaces using a device of type atheros.

Name Type Required Default Description
doth boolean no 0 Enables 802.11h support.
ar boolean no 0 Enables AR support
bgscan boolean no 0 Enables background scanning
bursting boolean no 0 Enables frame bursting
compression boolean no 0 Enables hardware compression
ff boolean no 0 Enables fast frames
frag integer no (none) Fragmentation threshold
minrate integer no (driver default) Limit the minimum rate used
maxrate integer no (driver default) Limit the maximum rate used
nosbeacon boolean no 0 Disables the hardware beacon timer, only applicable in Managed mode
sw_merge boolean no 0 Disables the hardware beacon timer, only applicable in IBSS mode
probereq boolean no 1 Enables probe responses (AP will not appear in wifi scans if disabled)
rate integer no (driver default) Use a fixed rate
rts integer no (driver default) Override the RTS/CTS threshold
turbo boolean no 0 Enables turbo mode
uapsd boolean no 0 Enables Unscheduled Automatic Power Save Delivery (UAPSD)
wds boolean no 0 Enables Lazy-WDS, only applicable in Access Point or Managed mode
wdssep boolean no 0 Separates WDS clients from each other
xr boolean no 0 Enables XR support, only applicable in Managed mode
mcast_rate integer no (driver default) Sets the fixed multicast rate, measured in kb/s. (for mode adhoc)

Broadcom Interface Options

:!: The options in the table below are specific to interfaces using a device of type broadcom.

Name Type Required Default Description
doth boolean no 0 Enables 802.11h support.

WPA Modes

Besides the WPA mode, the encryption option also specifies the group and peer ciphers to use. To override the cipher, the value of encryption must be given in the form mode+cipher. See the listing below for possible combinations. If the hwmode of the interface is set to ng or na, then the CCMP cipher is always added to the list.

Value WPA Version Ciphers
psk2+tkip+ccmp
psk2+tkip+aes
WPA2 Personal (PSK) TKIP, CCMP
psk2+tkip WPA2 Personal (PSK) TKIP
psk2+ccmp
psk2+aes
psk2
WPA2 Personal (PSK) CCMP
psk+tkip+ccmp
psk+tkip+aes
WPA Personal (PSK) TKIP, CCMP
psk+tkip WPA Personal (PSK) TKIP
psk+ccmp
psk+aes
psk
WPA Personal (PSK) CCMP
psk-mixed+tkip+ccmp
psk-mixed+tkip+aes
WPA/WPA2 Personal (PSK) mixed mode TKIP, CCMP
psk-mixed+tkip WPA/WPA2 Personal (PSK) mixed mode TKIP
psk-mixed+ccmp
psk-mixed+aes
psk-mixed
WPA/WPA2 Personal (PSK) mixed mode CCMP
wpa2+tkip+ccmp
wpa2+tkip+aes
WPA2 Enterprise TKIP, CCMP
wpa2+ccmp
wpa2+aes
wpa2
WPA2 Enterprise CCMP
wpa2+tkip WPA2 Enterprise TKIP
wpa+tkip+ccmp
wpa+tkip+aes
WPA Enterprise TKIP, CCMP
wpa+ccmp
wpa+aes
WPA Enterprise CCMP
wpa+tkip
wpa
WPA Enterprise TKIP
wpa-mixed+tkip+ccmp
wpa-mixed+tkip+aes
WPA/WPA2 Enterprise mixed mode TKIP, CCMP
wpa-mixed+tkip WPA/WPA2 Enterprise mixed mode TKIP
wpa-mixed+ccmp
wpa-mixed+aes
wpa-mixed
WPA/WPA2 Enterprise mixed mode CCMP

WPA Enterprise (Access Point)

Listing of Access Point related options for WPA Enterprise. Basic WPA Enterprise configuration instructions

Name Default Description
server (none) RADIUS server to handle client authentication
port 1812 RADIUS port
key (none) Shared RADIUS secret
wpa_group_rekey 600 WPA Group Cipher rekeying interval in seconds
:!: The options below are for hostapd (not the Broadcom nas authenticator)
auth_server (none) RADIUS authentication server to handle client authentication
auth_port 1812 RADIUS authentication port
auth_secret (none) Shared authentication RADIUS secret
auth_cache 0 Disable or enable PMKSA and Opportunistic Key Caching
acct_server (none) RADIUS accounting server to handle client authentication
acct_port 1813 RADIUS accounting port
acct_secret (none) Shared accounting RADIUS secret
nasid (none) NAS ID to use for RADIUS authentication requests
ownip (none) NAS IP Address to use for RADIUS authentication requests - introduced in r40934
dae_client (none) Dynamic Authorization Extension client. This client can send "Disconnect-Request" or "CoA-Request" packets to forcibly disconnect a client or change connection parameters.
dae_port 3799 Port the Dynamic Authorization Extension server listens on.
dae_secret (none) Shared DAE secret.
dynamic_vlan 0 Dynamic VLAN assignment
vlan_naming 1 VLAN Naming
vlan_tagged_interface (none) VLAN Tagged Interface
vlan_bridge (none) VLAN Bridge Naming Scheme - added in r43473

:!: The dae options were introduced in r37734

:!: To enable Dynamic Authorization Extensions, both dae_client and dae_secret must be set.

:!: (Dynamic) VLAN Support added in r41872

WPA Enterprise (Client)

Listing of Client related options for WPA Enterprise.

Name Default Description
eap_type (none) Defines the EAP protocol to use, possible values are tls for EAP-TLS and peap or ttls for EAP-PEAP
auth MSCHAPV2 "auth=PAP"/PAP/MSCHAPV2 - Defines the phase 2 (inner) authentication method to use, only applicable if eap_type is peap or ttls
identity (none) EAP identity to send during authentication
password (none) Password to send during EAP authentication
ca_cert (none) Specifies the path the CA certificate used for authentication
client_cert (none) Specifies the client certificate used for the authentication
priv_key (none) Specifies the path to the private key file used for authentication, only applicable if eap_type is set to tls
priv_key_pwd (none) Password to unlock the private key file, only works in conjunction with priv_key

:!: When using WPA Enterprise type PEAP with Active Directory Servers, the "auth" option must be set to "auth=MSCHAPV2" or "auth=PAP"

     option auth 'auth=MSCHAPV2'
or
     option auth 'auth=PAP'

WPS Options

Listing of Wi-Fi Protected Setup related options.

:!: Support for WPS is provided by packages wpad and hostapd-utils. Default package wpad-mini is not enough.

:!: WPS is possible only when encryption PSK is selected.

:!: Some package is not correctly generated and hostapd_cli doesn't support command wps_pushbutton. See this thread for further details.
Fixed with changeset 33393.

Name Type Required Default Description
wps_config list no (none) List of configuration methods.
Available methods: usba ethernet label display ext_nfc_token int_nfc_token nfc_interface push_button keypad virtual_display physical_display virtual_push_button physical_push_button.
Supported methods: push_button.
wps_device_name string no OpenWrt AP User-friendly description of device; up to 32 octets encoded in UTF-8.
wps_device_type string no 6-0050F204-1 Primary device type. Examples:
1-0050F204-1 (Computer / PC)
1-0050F204-2 (Computer / Server)
5-0050F204-1 (Storage / NAS)
6-0050F204-1 (Network Infrastructure / AP)
wps_label boolean no 0 Enable label configuration method.
wps_manufacturer string no openwrt.org The manufacturer of the device (up to 64 ASCII characters).
wps_pushbutton boolean no 0 Enable push-button configuration method.
wps_pin string no none The PIN to use with WPS-PIN (only in external registrar mode?)

Minimal steps needed to get WPS running:

  • Add option wps_pushbutton '1' to a config wifi-iface section that is configured for WPA2-PSK in /etc/config/wireless
  • opkg update
  • opkg remove wpad-mini
  • opkg install wpad hostapd-utils
  • reboot

After rebooting, instead of pushing the WPS button, you can manually initiate the WPS process (which is safer than using the button if it doubles as a reset button, like on the TL-WR1043ND v2 e.g.):

hostapd_cli wps_pbc

When using WPS-PIN:

  • Add option wps_label '1' to a config wifi-iface section that is configured for WPA2-PSK in /etc/config/wireless
  • opkg update
  • opkg remove wpad-mini
  • opkg install wpad hostapd-utils
  • reboot

After rebooting, the WPS PIN needs to be given to hostapd each time a station tries to connect. The PIN may NOT be used multiple times, as an active attacker can recover half of it during each try. The "any" keyword can be replaced by the specific stations EUUID, as printed in hostapd log.

hostapd_cli wps_pin any $PIN

Fast BSS transition Options

:!: The options in the table below only work with type mac80211 in trunk, since r45051.

Name Type Required Default Description
ieee80211r boolean no 0 Enables fast BSS transition (802.11r) support.
nasid string yes (none) PMK-R0 Key Holder identifier (dot11FTR0KeyHolderID).
1 to 48 octet identifier.
mobility_domain string no 4f57 Mobility Domain identifier (dot11FTMobilityDomainID, MDID)
MDID is used to indicate a group of APs (within an ESS, i.e., sharing the same SSID) between which a STA can use Fast BSS Transition.
2-octet identifier as a hex string.
r0_key_lifetime integer no 10000 Default lifetime of the PMK-RO in minutes [1-65535].
r1_key_holder string no 00004f577274 PMK-R1 Key Holder identifier (dot11FTR1KeyHolderID).
6-octet identifier as a hex string.
reassociation_deadline integer no 1000 Reassociation deadline in time units (TUs / 1.024 ms) [1000-65535]
r0kh string no (none) List of R0KHs in the same Mobility Domain.
format: <MAC address>,<NAS Identifier>,<128-bit key as hex string>
This list is used to map R0KH-ID (NAS Identifier) to a destination MAC address when requesting PMK-R1 key from the R0KH that the STA used during the Initial Mobility Domain Association.
r1kh string no (none) List of R1KHs in the same Mobility Domain.
format: <MAC address>,<R1KH-ID>,<128-bit key as hex string>
This list is used to map R1KH-ID to a destination MAC address when sending PMK-R1 key from the R0KH. This is also the list of authorized R1KHs in the MD that can request PMK-R1 keys.
pmk_r1_push boolean no 0 Whether PMK-R1 push is enabled at R0KH.

Inactivity Timeout Options

Name Type Required Default Description
disassoc_low_ack boolean no 1 Disassociate stations based on excessive transmission failures or other indications of connection loss. This depends on the driver capabilities and may not be available with all drivers.
max_inactivity integer no 300 Station inactivity limit in seconds: If a station does not send anything in ap_max_inactivity seconds, an empty data frame is sent to it in order to verify whether it is still in range. If this frame is not ACKed, the station will be disassociated and then deauthenticated. See ap_max_inactivity in hostapd.conf for more information.
skip_inactivity_poll boolean no 0 The inactivity polling can be disabled to disconnect stations based on inactivity timeout so that idle stations are more likely to be disconnected even if they are still in range of the AP.
max_listen_interval integer no 65535 Maximum allowed Listen Interval (how many Beacon periods STAs are allowed to remain asleep).

See hostapd.conf for more information.

Configuring Encryption

OpenWrt supports WPA/WPA2 PSK ("WPA Personal"), 802.11i ("WPA Enterprise") and WEP encryption. The used encryption protocol is defined per network in the wifi-iface sections of the wireless configuration.

All encryption settings can also be changed via the LuCI (Network > Wifi).

→ Read more...

Start/Stop Wireless

Wireless interfaces are brought up and down with the wifi command. To (re)start the wireless after a configuration change, use wifi, to disable the wireless, run wifi down. In case your platform carries multiple wireless devices it is possible to start or run down each of them individually by making the wifi command be followed by the device name as a second parameter. Note: The wifi command has an optional first parameter that defaults to 'up' , i.e. start the device. To make the second parameter indeed a second parameter it is mandatory to give a first parameter which can be anything except down. E.g. to start the interface wlan2 issue: wifi up wlan2; to stop that interface: wifi down wlan2. If the platform has also e.g. wlan0 and wlan1 these will not be touched by stopping or starting wlan2 selectively.

Regenerate Configuration

To rebuild the configuration file, e.g. after installing a new wireless driver, remove the existing wireless configuration (if any) and use the wifi detect command with stdout redirected to the /etc/config/wireless file:

rm -f /etc/config/wireless wifi detect > /etc/config/wireless

wifi detect gives UCI configuration entries for all installed interfaces that do not have UCI entries in /etc/config/wireless. So you can remove /etc/config/wireless and run the above again to reset your wifi configuration.

40 MHz channel width (up to 300 Mbps) for 802.11n devices ONLY

The default max channel with of 20MHz supports a max speed of 130Mbps. Increasing this to 40MHz will increase the maximum theoretical speed to 300Mbps.

The catch is that in areas with a lot of wifi traffic (and Bluetooth etc. which share the same radio frequencies), 40MHz may decrease your overall speed. Devices should detect interference when using 40MHz , and drop back to 20MHz. YMMV.

Edit the file /etc/config/wireless, and restart the wifi AP by executing the following commands…

  uci set wireless.radio0.htmode=HT40+  # or: HT40- if using channel 11
  uci commit wireless; wifi

Note that option 'htmode' should be set to either HT40+ (for channels 1-7) or HT40- (for channels 5-11) or simply HT40 on versions >= to 14.07. You have to use WPA2 encryption with AES.

For an explanation of the HT40+ vs. HT40- options, and other related information (e.g. for use of 5GHz band channels) see: http://hostap.epitest.fi/cgit/hostap/tree/hostapd/hostapd.conf.

HT (high throughput) capabilities

When using the mac80211 device, you can choose to enable/disable a number of high-throughput capabilities by setting any of the following options in the wifi-device section. Most capabilities are detected and enabled by default (in Barrier Breaker or later).

802.11n Capabilities

The following capabilities relate to 802.11n operation, and are enabled when the htmode option is set to any of HT20 HT40 HT40- HT40+ VHT20 VHT40 VHT80 or VHT160. Capabilities supported by a device can be queried with the iw list command, and are listed in the "Capabilities" section, refer to http://hostap.epitest.fi/cgit/hostap/tree/hostapd/hostapd.conf for a description of the options (search for ht_capab on that web page).

Name Type Default Capability Description
ldpc boolean 1 LDPC LDPC (Low-Density Parity-Check code) capability
greenfield boolean 0 GF Receive Greenfield - treats pre-80211n traffic as noise.
:!: Warning: this can cause significant congestion in mixed a/b/g/n environments; it is disabled by default for a reason.
short_gi_20 boolean 1 SHORT-GI-20 Short GI (guard interval) for 20 MHz
short_gi_40 boolean 1 SHORT-GI-40 Short GI for 40 MHz
tx_stbc integer 1 TX-STBC Transmit STBC (Space-Time Block Coding)
rx_stbc integer 3 RX-STBC1
RX-STBC12
RX-STBC123
Receive STBC: 1 - one spatial stream
2 - one or two spatial streams
3 - one, two, or three spatial streams
0 - disables capability
max_amsdu boolean 1 MAX-AMSDU-7935 Maximum A-MSDU length of 7935 octects (3839 octets if option set to 0)
dsss_cck_40 boolean 1 DSSS_CCK-40 DSSS/CCK Mode in 40 MHz allowed in Beacon, Measurement Pilot and Probe Response frames
ht_capab list (none) (none) :!: This option is ignored since r40682 (Barrier Breaker)
List of capabilities to enable on device, in the format [<capability>], eg [TX-STBC] (prior to Barrier Breaker, all capabilities were disabled when not listed)

802.11ac Capabilities

The following capabilities relate to 802.11ac operation, and are enabled when the htmode option is set to any of VHT20 VHT40 VHT80 or VHT160. Capabilities supported by the device can be queried with the iw list command and are listed in the "VHT Capabilities" section.

Name Type Default Capability Description
rxldpc boolean 1 RXLDPC Supports receiving LDPC coded pkts
short_gi_80 boolean 1 SHORT-GI-80 Supports reception of packets transmitted with TXVECTOR
params format equal to VHT and CBW = 80Mhz
short_gi_160 boolean 1 SHORT-GI-160 Supports reception of packets transmitted with TXVECTOR
params format equal to VHT and CBW = 160Mhz
tx_stbc_2by1 boolean 1 TX-STBC-2BY1 Supports transmission of at least 2x1 STBC
:!: currently ignored in trunk
su_beamformer boolean 1 SU-BEAMFORMER Single user beamformer
su_beamformee boolean 1 SU-BEAMFORMEE Single user beamformee
mu_beamformer boolean 1 MU-BEAMFORMER Supports operation as an MU beamformer
mu_beamformee boolean 1 MU-BEAMFORMEE Supports operation as an MU beamformee
vht_txop_ps boolean 1 VHT-TXOP-PS 0 = VHT AP doesn't support VHT TXOP PS (Power Save) mode (OR) VHT STA not in VHT TXOP PS mode
1 = VHT AP supports VHT TXOP PS mode (OR) VHT STA is in VHT TXOP power save mode
htc_vht boolean 1 HTC-VHT STA supports receiving a VHT variant HT Control field.
rx_antenna_pattern boolean 1 RX-ANTENNA-PATTERN Rx antenna pattern does not change during the lifetime of an association
tx_antenna_pattern boolean 1 TX-ANTENNA-PATTERN Tx antenna pattern does not change during the lifetime of an association
vht_max_a_mpdu_len_exp integer 7 MAX-A-MPDU-LEN-EXP<0-7> Indicates the maximum length of A-MPDU pre-EOF padding that the STA can recv
vht_max_mpdu integer 11454 MAX-MPDU-7991
MAX-MPDU-11454
Maximum MPDU length
rx_stbc integer 4 0 - not supported
1 - RX-STBC-1
2 - RX-STBC-12
3 - RX-STBC-123
4 - RX-STBC-1234
Supports reception of PPDUs using STBC
1 - one spatial stream
2 - one or two spatial streams
etc…
:!: currently used incorrectly in trunk
vht_link_adapt integer 3 VHT-LINK-ADAPT<0-3> TA supports link adaptation using VHT variant HT Control field
vht160 integer 2 VHT160
VHT160-80PLUS80
Supported channel widths
0 - 160MHz and 80+80 MHz not supported
1 - 160 MHz supported
2 - 160MHz and 80+80 MHz supported

DFS / Radar Detection

In many countries, operating WiFi devices on some or all channels in the 5GHz band requires radar detection and DFS (explanation). If you define a channel in your wireless config that requires DFS according to your country regulations, the 5GHz radio device won't start up unless OpenWRT is able to provide DFS support (i.e. it is both included and enabled). More technical details of the Linux implementation can be found here.

DFS works as follows in Linux: The driver (e.g. ath9k) detects radar pulses and reports this to nl80211 where the information is processed. If a series of pulses matches one of the defined radar patterns, this will be reported to the user space application (e.g. hostapd) which in turn reacts by switching to another channel.

DFS and radar detection is fully supported in Chaos Calmer. On Barrier Braker, it may be necessary to replace the default wpad-mini package with wpad (the full-featured package) or hostapd and wpa-supplicant (you may wish to use a wired connection to the access point to carry out these changes).

If you compile OpenWRT yourself, you need to set

CONFIG_PACKAGE_ATH_DFS=y
to enable DFS support. Without it, DFS-requiring channels cannot be used. At least for the ath9k driver you may also need to set
CONFIG_ATH_USER_REGD=y
whereas this option must not be set when using ath10k driver due to a bug (see http://wireless.kernel.org/en/users/Drivers/ath10k → Limitations 3/3 ).

Now the following configuration selects channel 104 which needs DFS support as implicitly stated with country code DE:

config wifi-device  radio0
	option type     mac80211
	option channel  104
	option hwmode	11a
	option path	'pci0000:00/0000:00:00.0'
	option htmode	HT20
	option country 'DE'

config wifi-iface
	option device   radio0
	option network  lan
	option mode     ap
	option ssid     OpenWrt
	option encryption none

You can check the country (regulatory domain) your WiFi card thinks it must conform to with

iw reg get

If in doubt, double check your hostapd-phy.conf to make sure it contains the following values, and that your country code is set:

country_code=DE
ieee80211n=1
ieee80211d=1
ieee80211h=1
hw_mode=a

If radar detection is working, DFS channels will show up like this (here for Belgium, iw phy1 info output trimmed):

		Frequencies:
			* 5220 MHz [44] (17.0 dBm)
			* 5240 MHz [48] (17.0 dBm)
			* 5260 MHz [52] (20.0 dBm) (radar detection)
			  DFS state: usable (for 2155257 sec)
			  DFS CAC time: 60000 ms
			* 5280 MHz [56] (20.0 dBm) (radar detection)
			  DFS state: usable (for 2155257 sec)
			  DFS CAC time: 60000 ms

:!: When DFS is on, there will be a delay before the interface is enabled (e.g. after reboot) - during this time period (often 60 seconds, and determined by local regulations) luci will report the interface is disabled. This time period is used to detect the presence of other signals on the channel (Channel Availability Check Time). This process can be monitored with:

logread -f

:!: DFS with ath9k only supports 20MHz channel width (n.b. ath9k with a AR9580 + Chaos Calmer r47065 works with DFS and 40MHz channels - so this 20MHz restriction may be limited to certain ath9k chips or chip versions only).

If you select a channel that requires DFS in your country, and enable HT40, this may result in the DFS start_dfs_cac() failed error (visible with logread):

Configuration file: /var/run/hostapd-phy1.conf
wlan1: interface state UNINITIALIZED->COUNTRY_UPDATE
wlan1: interface state COUNTRY_UPDATE->HT_SCAN
wlan1: interface state HT_SCAN->DFS
wlan1: DFS-CAC-START freq=5680 chan=136 sec_chan=-1, width=0, seg0=0, seg1=0, cac_time=60s
DFS start_dfs_cac() failed, -1
Interface initialization failed
wlan1: interface state DFS->DISABLED
wlan1: AP-DISABLED
hostapd_free_hapd_data: Interface wlan1 wasn't started

Changing your configuration to HT20 should resolve this.

DFS for IBSS / Ad-Hoc Mode

DFS is supported in AP / master mode in ath9k in Barrier Breaker (TODO: since svn ??? ). Patches for IBSS / Ad-Hoc mode were posted in linux-wireless mailing list: 2013-09-03 [PATCH 0/4] add IBSS-DFS support.

Output of iw phy <5ghz> info (trimmed)

		Frequencies:
			* 5220 MHz [44] (15.0 dBm)
			* 5240 MHz [48] (15.0 dBm)
			* 5260 MHz [52] (15.0 dBm) (radar detection)
			  DFS state: usable (for 2731982 sec)
			* 5280 MHz [56] (15.0 dBm) (radar detection)
			  DFS state: usable (for 2731982 sec)

Troubleshooting

Examples

doc/uci/wireless.txt · Last modified: 2016/06/16 10:51 by sshambar