Who exactly is responsible for FT on the client with linux? wpa_supplicant, networkmanager or the kernel module or...??
I was pretty sure that setting key_mgmt=FT-PSK would do it but thats not the case:
ctrl_interface=/run/wpa_supplicant
ctrl_interface_group=wheel
update_config=1
p2p_disabled=1
network={
ssid="docmax-net"
psk="xxxx"
key_mgmt=FT-PSK
}
ChatGPT confirms that wpa_supplicant is responsible:
On Linux, the wpa_supplicant daemon is responsible for managing the wireless interface and providing fast roaming capabilities. The daemon connects to the wireless access point using the WiFi Protected Access (WPA) or WiFi Protected Access II (WPA2) protocol and handles the authentication and encryption process. It also uses the IEEE 802.11r standard for fast roaming, which allows for a faster and smoother transition between access points.
And further...:
There are a few ways to check if a Linux WiFi client supports and has enabled the 802.11r standard for fast roaming.
One way is to check the wireless interface's capabilities using the iw list command. This command will provide detailed information about the wireless interface, including the supported standards and features. Look for the section labeled "Supported extended features" and check for "802.11r Fast BSS Transition (FT)".
Another way to check if the client is currently using the 802.11r standard is to use the wpa_cli command-line tool. You can use the command wpa_cli status to check the current wireless connection information, Look for "ft_used=1" in the output, which indicates that the client is currently using the 802.11r standard.
You can also check the the logs of the wpa_supplicant daemon, if the client is able to connect to an access point that supports 802.11r, the logs will show "FT: Over-the-Air FT is used" and also you can check the logs to see if the client is able to perform a fast transition between access points.
It's important to note that support for 802.11r on the client side depends on the wireless driver and the version of the Linux distribution, if the client does not support it, the above commands will not return any information about the standard.
My output:
docmax@steamdeck: ~ $ sudo wpa_cli status
Selected interface 'wlan0'
bssid=00:37:b7:2c:23:85
freq=5660
ssid=docmax-net
id=0
mode=station
wifi_generation=5
pairwise_cipher=CCMP
group_cipher=CCMP
key_mgmt=FT-PSK
wpa_state=COMPLETED
ip_address=192.168.1.112
address=90:e8:68:9f:b2:41
uuid=16bdd81e-5dff-54c7-9f5a-e1ce8b582097
ieee80211ac=1
No "FT: Over-the-Air FT is used" in the logs, nor ft_used=1
Here is the log of a WORKING device. Went to another room and back:
(However, there is no explicit line saying that FT is used)
Jan 18 12:08:56 gpdwinmax2 systemd[1]: Starting WPA supplicant...
Jan 18 12:08:56 gpdwinmax2 systemd[1]: Started WPA supplicant.
Jan 18 12:08:56 gpdwinmax2 wpa_supplicant[658]: Successfully initialized wpa_supplicant
Jan 18 12:09:00 gpdwinmax2 wpa_supplicant[658]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=DRIVER type=COUNTRY alpha2=DE
Jan 18 12:09:00 gpdwinmax2 wpa_supplicant[658]: wlan0: SME: Trying to authenticate with 00:37:b7:2c:23:85 (SSID='docmax-net' freq=5660 MHz)
Jan 18 12:09:00 gpdwinmax2 wpa_supplicant[658]: wlan0: Trying to associate with 00:37:b7:2c:23:85 (SSID='docmax-net' freq=5660 MHz)
Jan 18 12:09:00 gpdwinmax2 wpa_supplicant[658]: wlan0: Associated with 00:37:b7:2c:23:85
Jan 18 12:09:00 gpdwinmax2 wpa_supplicant[658]: wlan0: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
Jan 18 12:09:00 gpdwinmax2 wpa_supplicant[658]: wlan0: WPA: Key negotiation completed with 00:37:b7:2c:23:85 [PTK=CCMP GTK=CCMP]
Jan 18 12:09:00 gpdwinmax2 wpa_supplicant[658]: wlan0: CTRL-EVENT-CONNECTED - Connection to 00:37:b7:2c:23:85 completed [id=0 id_str=]
Jan 18 12:09:00 gpdwinmax2 wpa_supplicant[658]: wlan0: CTRL-EVENT-SIGNAL-CHANGE above=1 signal=-46 noise=9999 txrate=108000
Jan 18 12:14:57 gpdwinmax2 wpa_supplicant[658]: wlan0: CTRL-EVENT-SIGNAL-CHANGE above=1 signal=-42 noise=9999 txrate=300000
Jan 18 12:15:01 gpdwinmax2 wpa_supplicant[658]: wlan0: CTRL-EVENT-SIGNAL-CHANGE above=1 signal=-42 noise=9999 txrate=300000
Jan 18 12:15:06 gpdwinmax2 wpa_supplicant[658]: wlan0: CTRL-EVENT-SIGNAL-CHANGE above=0 signal=-74 noise=9999 txrate=150000
Jan 18 12:15:08 gpdwinmax2 wpa_supplicant[658]: wlan0: CTRL-EVENT-SIGNAL-CHANGE above=0 signal=-76 noise=9999 txrate=150000
Jan 18 12:15:09 gpdwinmax2 wpa_supplicant[658]: wlan0: SME: Trying to authenticate with 2c:91:ab:51:ce:2a (SSID='docmax-net' freq=5580 MHz)
Jan 18 12:15:10 gpdwinmax2 wpa_supplicant[658]: BSSID 2c:91:ab:51:ce:2a ignore list count incremented to 2, ignoring for 10 seconds
Jan 18 12:15:10 gpdwinmax2 wpa_supplicant[658]: wlan0: SME: Trying to authenticate with 2c:91:ab:51:ce:29 (SSID='docmax-net' freq=2437 MHz)
Jan 18 12:15:10 gpdwinmax2 wpa_supplicant[658]: wlan0: Trying to associate with 2c:91:ab:51:ce:29 (SSID='docmax-net' freq=2437 MHz)
Jan 18 12:15:11 gpdwinmax2 wpa_supplicant[658]: wlan0: Associated with 2c:91:ab:51:ce:29
Jan 18 12:15:11 gpdwinmax2 wpa_supplicant[658]: wlan0: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
Jan 18 12:15:11 gpdwinmax2 wpa_supplicant[658]: wlan0: WPA: Key negotiation completed with 2c:91:ab:51:ce:29 [PTK=CCMP GTK=CCMP]
Jan 18 12:15:11 gpdwinmax2 wpa_supplicant[658]: wlan0: CTRL-EVENT-CONNECTED - Connection to 2c:91:ab:51:ce:29 completed [id=0 id_str=]
Jan 18 12:15:11 gpdwinmax2 wpa_supplicant[658]: wlan0: CTRL-EVENT-SIGNAL-CHANGE above=1 signal=-47 noise=9999 txrate=52000
Jan 18 12:15:13 gpdwinmax2 wpa_supplicant[658]: wlan0: CTRL-EVENT-SIGNAL-CHANGE above=1 signal=-42 noise=9999 txrate=144400
Jan 18 12:15:55 gpdwinmax2 wpa_supplicant[658]: wlan0: CTRL-EVENT-DISCONNECTED bssid=2c:91:ab:51:ce:29 reason=4 locally_generated=1
Jan 18 12:15:55 gpdwinmax2 wpa_supplicant[658]: BSSID 2c:91:ab:51:ce:29 ignore list count incremented to 2, ignoring for 10 seconds
Jan 18 12:15:55 gpdwinmax2 wpa_supplicant[658]: wlan0: SME: Trying to authenticate with 00:37:b7:2c:23:85 (SSID='docmax-net' freq=5660 MHz)
Jan 18 12:15:55 gpdwinmax2 wpa_supplicant[658]: wlan0: Trying to associate with 00:37:b7:2c:23:85 (SSID='docmax-net' freq=5660 MHz)
Jan 18 12:15:55 gpdwinmax2 wpa_supplicant[658]: wlan0: Associated with 00:37:b7:2c:23:85
Jan 18 12:15:55 gpdwinmax2 wpa_supplicant[658]: wlan0: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
Jan 18 12:15:55 gpdwinmax2 wpa_supplicant[658]: wlan0: WPA: Key negotiation completed with 00:37:b7:2c:23:85 [PTK=CCMP GTK=CCMP]
Jan 18 12:15:55 gpdwinmax2 wpa_supplicant[658]: wlan0: CTRL-EVENT-CONNECTED - Connection to 00:37:b7:2c:23:85 completed [id=0 id_str=]
Jan 18 12:15:55 gpdwinmax2 wpa_supplicant[658]: wlan0: CTRL-EVENT-SIGNAL-CHANGE above=1 signal=-42 noise=9999 txrate=108000
Here is the non-working iw list output:
Supported extended features:
* [ RRM ]: RRM
* [ SET_SCAN_DWELL ]: scan dwell setting
* [ FILS_STA ]: STA FILS (Fast Initial Link Setup)
* [ CONTROL_PORT_OVER_NL80211 ]: control port over nl80211
* [ TXQS ]: FQ-CoDel-enabled intermediate TXQs
* [ SCAN_RANDOM_SN ]: use random sequence numbers in scans
* [ CAN_REPLACE_PTK0 ]: can safely replace PTK 0 when rekeying
* [ CONTROL_PORT_NO_PREAUTH ]: disable pre-auth over nl80211 control port support
* [ DEL_IBSS_STA ]: deletion of IBSS station support
* [ SCAN_FREQ_KHZ ]: scan on kHz frequency support
* [ CONTROL_PORT_OVER_NL80211_TX_STATUS ]: tx status for nl80211 control port support
And here the working one:
Supported extended features:
* [ VHT_IBSS ]: VHT-IBSS
* [ RRM ]: RRM
* [ MU_MIMO_AIR_SNIFFER ]: MU-MIMO sniffer
* [ SCAN_START_TIME ]: scan start timestamp
* [ BSS_PARENT_TSF ]: BSS last beacon/probe TSF
* [ FILS_STA ]: STA FILS (Fast Initial Link Setup)
* [ FILS_MAX_CHANNEL_TIME ]: FILS max channel attribute override with dwell time
* [ ACCEPT_BCAST_PROBE_RESP ]: accepts broadcast probe response
* [ OCE_PROBE_REQ_HIGH_TX_RATE ]: probe request TX at high rate (at least 5.5Mbps)
* [ CONTROL_PORT_OVER_NL80211 ]: control port over nl80211
* [ TXQS ]: FQ-CoDel-enabled intermediate TXQs
* [ ENABLE_FTM_RESPONDER ]: enable FTM (Fine Time Measurement) responder
* [ CONTROL_PORT_NO_PREAUTH ]: disable pre-auth over nl80211 control port support
* [ PROTECTED_TWT ]: protected Target Wake Time (TWT) support
* [ DEL_IBSS_STA ]: deletion of IBSS station support
* [ BEACON_PROTECTION_CLIENT ]: beacon prot. for clients support
* [ SCAN_FREQ_KHZ ]: scan on kHz frequency support
* [ CONTROL_PORT_OVER_NL80211_TX_STATUS ]: tx status for nl80211 control port support
ChatGPT judged both maybe right?
non-working:
Based on the output of the iw list command you provided, it appears that the wireless interface does not support the 802.11r standard for fast roaming. The output lists a number of supported extended features, but "802.11r Fast BSS Transition (FT)" is not among them. This means that the wireless interface is not capable of using the 802.11r standard to perform fast roaming between access points. It is worth noting that the presence of FILS (Fast Initial Link Setup) in the output, it may indicate that the wireless interface is capable of fast roaming using another standard.
working:
Based on the output of the iw list command you provided, it appears that the wireless interface does support the 802.11r standard for fast roaming. The output lists "FILS_STA" as one of the supported extended features. FILS (Fast Initial Link Setup) is a feature that allows for a fast transition between access points using the 802.11r standard for fast roaming. This means that the wireless interface is capable of using the 802.11r standard to perform fast roaming between access points. It is important to note that just because the wireless interface supports 802.11r, it doesn't necessarily mean that it is currently enabled or in use. You can check this by using the wpa_cli status command, or looking at the logs of the wpa_supplicant daemon.
So what do you think?
