I would like to try IEEE 802.11r and see if it helps. In theory it shouldn't because there is no roaming, but the signal strength changes often, no idea why, could be external influences.
The situation is, that most devices support WPA3, some WPA2 only and some do not work with sae-mixed or work only sometimes with sae-mixed.
How would you configure such a situation with 802.11r, at least to find out if 802.11r helps a little bit.
At the moment I have different SSIDs for wpa2 and wpa3.
802.11r is only useful if you have multiple APs. Don’t even play with it if you only have 1 AP. Disable/remove all 802.11r config elements.
As for sae-mixed - there are a lot of client devices which just don’t work properly with this mode. You should use either wpa3 or wpa2, but not mixed mode.
If you want your more modern devices to use wpa3 but still need wpa2 compatibility, set up 2 distinct ssids, one with wpa3 and the other with wpa2.
Yes I have multiple APs, very close together. I would like to test with 2, but no problem to activate more. I have disabled APs, which are used to give devices a wireless connection, which have ethernet only.
Yes I know and the question is what to do with them. I could connect them to another AP with WPA2 only. At the moment of testing I ignore this devices and think about it later, if I discover 802.11r makes sense, although not expected.
A short time ago, I had -100dBm in 5m distance. Reboot of the router didn't help, tried it a few times, it happened after I increased tx-power. After I changed to another AP and changed back, I have -50dBm.
Does this mean, if I want 802.11r I have to setup 2 SSID, 1 for WPA2 and 1 for WPA3 and both with roaming? Doesn't this reduce speed, if I use separate SSID?
I also noticed with mix, the tx-power must be higher than with separated SSIDs.
Done already, can be activated with a click. I want to find out, how to get a better connection and ignore at the moment the devices, which do not work.
Do you think 802.11s could help better in this case? I am trying to optimize tx-power manually at the moment. -50dBm difference in a short time is really crazy.
very close together usually means roaming isn't relevant. You'd certainly need very low power levels on each to make it even plausible for roaming to be considered.
how close is "very close together"?
Well, you don't need another AP -- you can use the same AP and broadcast a second SSID.
Like sae-mixed, 802.11r also has its share of problems. It is not a magic bullet. The most important thing about roaming is actually setting up the devices in strategic locations and tuning the radios accordingly (power levels and channels) such that the clients are encouraged to roam by nature of the RF design of the environment, rather than the use of 802.11k/r/v. Roaming is a client side operation. The use of 802.11k/r/v can actually make some clients refuse to work properly on a network. My personal opinion is to avoid 802.11k/r/v unless there is a specific reason you need to implement it.
It seems you are confusing and/or conflating 802.11r and WPA2/WPA3/mixed mode. They're 2 entirely different things.
Running multiple SSIDs on a single radio does have a theoretical impact on performance, but it is actually so small as to be negligible. So in practice, no impact will be noticed running one vs several SSIDs.
I'm not sure why you would think this to be the case (or under what conditions you observed it). The encryption methods have nothing to do with the RF peformance.
You may be experiencing this if you've got a bunch of APs that are not configured with the same encryption methods, especially in close proximity to each other -- this would purely come down to the fact that you might be trying to force a client device to connect to a specific AP on which you are running those experiments, thus requiring that power to be higher to make it most attractive to the client (or to simply overcome the noise of the other ones).
Chances are that at least some of the devices that fail to operate properly with sae-mixed will also choke on 802.11r and vice versa.
again, an entirely different standard that has nothing to do with roaming. 802.11s is the mesh standard -- used exclusively for the wireless backhaul between APs. If you're using a wired connection for your APs (always better than wireless), you don't need 802.11s.
One of the things that is happening here is that you have too many variables that you're playing with and you are either misunderstanding or misapplying the standards. It is best to start with the KISS principle and start with WPA2 + classical roaming (i.e. well placed APs with ethernet backhaul that are properly tuned) -- the performance here can be really good when done properly. From there, you can experiment with WPA2+WPA3 mixed mode vs 2 independent SSIDs with WPA2 and WPA3 (one each). And then once you have that figured out, you can try 802.11r if you're so inclined. 802.11s should only be part of the equation if you must setup a wireless backhaul between your APs.
It depends, it can be 2m between walls or 5m in a room. I am checking the strength with a mobile phone. 2m distance between walls can bei -20dBm difference.
I am unsure here, if I loose power using the same physical device. Every router is configured in 6 variants.
2.4GHz
5 GHz
WPA2
WPA3
mixed
I can disable and enable them as I want.
I have an upstream-router which runs with 2.4GHz. WDS-clients are connected with 2.4GHz. The APs in the wds-client run with 5GHz. At the moment every AP has its own SSID.
Next test will be with 1 SSID for every AP with 5GHz, but with WPA2 and WPA3, there will be 2 SSID.
That is what I thought until now. My sitiuation is the opposite of roaming.
Normally you walk through a house and you changes automatically the AP because the signal gets weaker. Here the signal changes a lot and I think it could help to change the AP on the same place, when the signal gets weaker.
Thanks for this clarification.
When I watch the signal with the phone, I see a noticable difference between WPA2 and WPA3, once WPA2 is stronger, the next time WPA3.
I am dreaming of this, unfortunately not in all parts of the house. In the places where it is needed most, I have to use WDS-clients.
Unfortunately I have to use 2 or more. I tried to reduce it to 2, earlier there have been more. Then there are min. 3 devices with no AP, but are connected to the upstream server too. Typical example. AV-receiver without ethernet or very bad wifi. There is no need to make another AP with these devices, they are too close to the AP, but too "far" away to make an ethernet connection from the AP..
This is too close to really do anything with roaming. I would recommend working with only a single AP to start -- unplug all the others. (how many are there, btw)?
You don't.
Again, lots of variables here. Obviously it is common for 2.4G+5G radios to be used at the same time, but the idea is that you want to understand the impact of your settings in a controlled configuration by minimizing variables. So run one radio (either 2.4 or 5) with one SSID, and change the encryption modes. All other APs should be powered off entirely. Then see which devices are happy with WPA3 and which ones will tolerate mixed mode (WPA2 should be universal). You can identify what devices work properly and if there is a performance difference for each of the modes. Then you'll also be able to determine which ones do not perform properly. Then you can try a single AP + single radio + 2 SSIDs (WPA2 and WPA3 encrypted, one each) and see how things perform. Then change to the other radio and do the same set of experiments.
Roaming requires that all APs use the same SSID + encryption type + passphrase.
Also you need to be aware of the impact that your multiple APs (especially in close proximity to each other) have on each other... simple analogy: it's relatively easy to have a conversation when you're the only two people in a room. But fill that room up with dozens of people also having conversations and it can be hard to hear each other.
What is your goal? 802.11r doesn't sound applicable here at all.
Yes, this is physics. And when things are properly tuned, the clients should generally roam seamlessly.
I don't understand what this means.
You should measure it by actual throughput (using iperf or openspeedtest or something, running locally on a device on your network -- ideally one that is wired and powerful enough to serve 1Gbps speedtests).
Furthermore, you should do this with only one AP connected and all of your experiments should be performed with the same physical device (one AP, one or more client devices) -- with several APs in close proximity, your signal variability may be related to spectrum congestion (this can also be true of your neighbors' APs which you cannot control) and/or connecting to an unintended AP in your own network.
Ok... you can consider powerline adapters as a method of getting better performance. But again, you need to start simple.
You are probably causing yourself a ton of extra work here. You must be very methodical. Start with one AP only and determine how you want to set it up (encryption type, etc.). Then you can add another and tune the radios accordingly (you need to also ensure that the physical position of the device is adequately far from the first AP to be useful).
What does this mean?
I don't understand this, either.
I'd recommend that you take some time to watch this:
This was my situation the last years.
I can surf the forum, but for watching videos from a dvb-stream speed can be ok, but is not always. If you do not understand what I mean, have a quick search for enigma dvb.
That is why I reduced them to 2 in 1 floor. I want to mention, that there are other floors, but these are connected with an ethernet cable to the AP, so no problem. I can see these AP in the 1st floor with low level.
I know, because I do not move, when watching video e.g. But I learned somethings are weird here from time to time, so I said I could try it out.
I am guessing. If phones move around in the house, it changes when the signal gets weaker. So maybe there could be a situation, where the phone is always on the same place, but the strength of the APs change. I see this again and again. 10-20dbM can change in a short time. Normally the signal is constant, so the signal gets weaker when people move around / roam. Here is the opposite. The signal of the AP is not constant, so I thought it could make sense, if the AP is changed, when the signal gets too weak, Just an idea for testing.
As described before. Maybe brainstorming only.
I did a lot testing with iperf(2) and iperf3 between openwrt devices and the original Fritzbox. The speed can be 50kbs - 13Mbs. That is my problem. If the speed would be constant low, ok, that is the situation, but if it changes dramatically, I don't understand,
The best idea was to change partially to 5GHz. Before I used 2.4GHz only because I am far away from the maximum of 2.4GHz. Now I connect from the upstream server to the WDS-client with 2.4GHz, but a mobile phone, eg. connects with 5GHz.
My neighbors are far away. Signal below -80dBm. So the problem are my own devices or something else external. A few hours I noticed a situation, which is very strange. TX-power was at 9. distance AP phone about 120cm. It got more worse, so I increased to 15. In the meantime I reduced to 1 with a better signal. I don't understand why such things happen and that is why I am testing.
Tried a few, more worse.
Yes and this is one reason, why I am playing with tx-power. I try to have a weak signal from another AP. WIth the example above, with TX power 1 this is at the moment (!) enough for this room. The phone says -50-60 dBm, the neighbour room says -80dBm. But I have to do iperf-tests again, to find out the bottle neck.
I have a lot devices, which have ethernet, but no wifi or very bad wifi. To improve this, I use extender.
Here is an example: https://www.amazon.co.uk/Upgrade-Builtin-DVB-S2X-Satellite-Receiver/dp/B091NB5825/
You see ethernet at the backside, but you need an extra wifi dongle, which has a lot problems, it is better to use an extender, which I do. Unfortunately I cannot connect via ethernet cable. So I use devices like ZyXEL WSM20 for this. Don't know how much devices like the WSM20 I will use, 3 minimum as wireless backhaul, have 7 bought, but some are connected via ethernet.
The house and the family is big.
Thank you for the video.
BTW I powered a brand new unconfigured Asus RT-AX53U router without openwrt on. The signal is damned strong, stronger then all my other devices. Runs with 40MHz, where I had no chance with my old openwrt routers. Maybe my devices are simply too old. But I took the decision already to exchange my old routers like the Archer C7.
I want to give you an example with iperf.At the moment it is fantastic with my situation.
Iperf-Server and iperf-client are both wireless wds-clients.
root@X1860-B1:~# iperf3 -c 192.168.178.19
Connecting to host 192.168.178.19, port 5201
[ 5] local 192.168.178.17 port 56474 connected to 192.168.178.19 port 5201
[ ID] Interval Transfer Bitrate Retr Cwnd
[ 5] 0.00-1.00 sec 2.00 MBytes 16.8 Mbits/sec 8 112 KBytes
[ 5] 1.00-2.00 sec 1.75 MBytes 14.7 Mbits/sec 2 123 KBytes
[ 5] 2.00-3.00 sec 2.25 MBytes 18.9 Mbits/sec 10 134 KBytes
[ 5] 3.00-4.00 sec 2.00 MBytes 16.8 Mbits/sec 12 141 KBytes
[ 5] 4.00-5.00 sec 2.00 MBytes 16.8 Mbits/sec 0 153 KBytes
[ 5] 5.00-6.00 sec 1.50 MBytes 12.6 Mbits/sec 0 160 KBytes
[ 5] 6.00-7.00 sec 2.00 MBytes 16.8 Mbits/sec 12 165 KBytes
[ 5] 7.00-8.00 sec 1.88 MBytes 15.7 Mbits/sec 0 175 KBytes
[ 5] 8.00-9.00 sec 1.25 MBytes 10.5 Mbits/sec 37 67.9 KBytes
[ 5] 9.00-10.00 sec 1.50 MBytes 12.6 Mbits/sec 8 58.0 KBytes
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bitrate Retr
[ 5] 0.00-10.00 sec 18.1 MBytes 15.2 Mbits/sec 89 sender
[ 5] 0.00-10.01 sec 17.8 MBytes 14.9 Mbits/sec receiver
iperf Done.
Checking with iperf2:
root@X1860-B1:~# iperf -c 192.168.178.19
------------------------------------------------------------
Client connecting to 192.168.178.19, TCP port 5001
TCP window size: 16.0 KByte (default)
------------------------------------------------------------
[ 1] local 192.168.178.17 port 38580 connected with 192.168.178.19 port 5001
[ ID] Interval Transfer Bandwidth
[ 1] 0.0000-10.3670 sec 23.3 MBytes 18.8 Mbits/sec
For me this is a fantastic value, because I see sometimes values below 1Mbit/s while changing nothing.
On the other side, transferring a few TB to a PC takes days.
A few minutes later from the PC.
iperf -c 192.168.178.19
------------------------------------------------------------
Client connecting to 192.168.178.19, TCP port 5001
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[ 1] local 192.168.178.70 port 34212 connected with 192.168.178.19 port 5001
[ ID] Interval Transfer Bandwidth
[ 1] 0.0000-10.6241 sec 9.75 MBytes 7.70 Mbits/sec
or with iperf3, where the pc is client:
$ iperf3 -c 192.168.178.19
Connecting to host 192.168.178.19, port 5201
[ 5] local 192.168.178.70 port 50036 connected to 192.168.178.19 port 5201
[ ID] Interval Transfer Bitrate Retr Cwnd
[ 5] 0.00-1.00 sec 834 KBytes 6.83 Mbits/sec 2 46.7 KBytes
[ 5] 1.00-2.00 sec 1.25 MBytes 10.5 Mbits/sec 0 62.2 KBytes
[ 5] 2.00-3.00 sec 547 KBytes 4.48 Mbits/sec 7 50.9 KBytes
[ 5] 3.00-4.00 sec 912 KBytes 7.47 Mbits/sec 0 62.2 KBytes
[ 5] 4.00-5.00 sec 730 KBytes 5.98 Mbits/sec 11 50.9 KBytes
[ 5] 5.00-6.00 sec 1.25 MBytes 10.5 Mbits/sec 0 66.5 KBytes
[ 5] 6.00-7.00 sec 730 KBytes 5.98 Mbits/sec 3 55.1 KBytes
[ 5] 7.00-8.00 sec 1.25 MBytes 10.5 Mbits/sec 0 69.3 KBytes
[ 5] 8.00-9.00 sec 730 KBytes 5.98 Mbits/sec 4 56.6 KBytes
[ 5] 9.00-10.00 sec 1.43 MBytes 11.9 Mbits/sec 0 72.1 KBytes
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bitrate Retr
[ 5] 0.00-10.00 sec 9.54 MBytes 8.00 Mbits/sec 27 sender
[ 5] 0.00-10.03 sec 9.12 MBytes 7.63 Mbits/sec receiver
iperf Done.
If you want more details let me know.
That is the speed to the AP of the PC. The PC is connected via ethernet to a wireless WDS-device.
iperf -c 192.168.178.24
------------------------------------------------------------
Client connecting to 192.168.178.24, TCP port 5001
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[ 1] local 192.168.178.70 port 48312 connected with 192.168.178.24 port 5001
[ ID] Interval Transfer Bandwidth
[ 1] 0.0000-10.0500 sec 932 MBytes 778 Mbits/sec
20Mbps is really slow unless you're on 802.11g or early n hardware. And if you're seeing massive variability, it's time to really go back to basics -- 1 AP with an RF scan to determine the best channel to use. A computer wired to the network on one side with iperf3, and then the other wireless (actually, ideally you'd test both wired to start to make sure you don't have issues there).
Tested again from the pc.
$ iperf -c 192.168.178.19
------------------------------------------------------------
Client connecting to 192.168.178.19, TCP port 5001
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[ 1] local 192.168.178.70 port 53386 connected with 192.168.178.19 port 5001
[ ID] Interval Transfer Bandwidth
[ 1] 0.0000-10.4316 sec 12.5 MBytes 10.1 Mbits/sec
Raised from 7.70 Mbits/sec to 10.1 Mbits/sec. For my situation these are good values.
I shouldn't. Can I check this what openwrt uses.
Connection between iperf-testserver and client is 5 GHz. Connection to the WDS-upstream-server is 2.4GHz.
Involved devices for the test between the AP:
Server:
Client:
PC:
Neighbour networks with 5 GHz are invisible, with 2.4GHz neighbours are very weak, below -75dbM, normally -80-90dbM. So when someething influences me, it are my own openwrt devices.
The wireless WDS-clients are on channel 11. Guest network with an own router is channel 6 and ISP-Fritzbox is on channel 1. Foreign devices are rarely on channel 11.
Test between Netgear R7800 (WDS-Upstream, connected via ethernet)
root@R7800:~# iperf3 -s
-----------------------------------------------------------
Server listening on 5201
-----------------------------------------------------------
Accepted connection from 192.168.178.19, port 43374
[ 5] local 192.168.178.13 port 5201 connected to 192.168.178.19 port 43388
[ ID] Interval Transfer Bitrate
[ 5] 0.00-1.00 sec 10.9 MBytes 90.8 Mbits/sec
[ 5] 1.00-2.00 sec 12.1 MBytes 102 Mbits/sec
[ 5] 2.00-3.00 sec 10.3 MBytes 86.7 Mbits/sec
[ 5] 3.00-4.00 sec 12.4 MBytes 104 Mbits/sec
[ 5] 4.00-5.00 sec 12.4 MBytes 104 Mbits/sec
[ 5] 5.00-6.00 sec 11.9 MBytes 99.6 Mbits/sec
[ 5] 6.00-7.00 sec 12.1 MBytes 101 Mbits/sec
[ 5] 7.00-8.00 sec 12.6 MBytes 106 Mbits/sec
[ 5] 8.00-9.00 sec 13.5 MBytes 113 Mbits/sec
[ 5] 9.00-10.00 sec 13.0 MBytes 109 Mbits/sec
[ 5] 10.00-10.03 sec 349 KBytes 82.9 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bitrate
[ 5] 0.00-10.03 sec 121 MBytes 102 Mbits/sec receiver
-----------------------------------------------------------
Never saw such high values.
Test between Netgear R7800 and PC;
Server listening on 5201
-----------------------------------------------------------
Accepted connection from 192.168.178.70, port 54228
[ 5] local 192.168.178.13 port 5201 connected to 192.168.178.70 port 54236
[ ID] Interval Transfer Bitrate
[ 5] 0.00-1.00 sec 2.16 MBytes 18.1 Mbits/sec
[ 5] 1.00-2.00 sec 1.99 MBytes 16.7 Mbits/sec
[ 5] 2.00-3.00 sec 1.85 MBytes 15.5 Mbits/sec
[ 5] 3.00-4.00 sec 1.66 MBytes 13.9 Mbits/sec
[ 5] 4.00-5.00 sec 1.88 MBytes 15.7 Mbits/sec
[ 5] 5.00-6.00 sec 2.02 MBytes 17.0 Mbits/sec
[ 5] 6.00-7.00 sec 2.18 MBytes 18.3 Mbits/sec
[ 5] 7.00-8.00 sec 2.13 MBytes 17.9 Mbits/sec
[ 5] 8.00-9.00 sec 1.88 MBytes 15.8 Mbits/sec
[ 5] 9.00-10.00 sec 1.81 MBytes 15.2 Mbits/sec
[ 5] 10.00-10.06 sec 96.2 KBytes 14.6 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bitrate
[ 5] 0.00-10.06 sec 19.7 MBytes 16.4 Mbits/sec receiver
-----------------------------------------------------------
Server listening on 5201
-----------------------------------------------------------
No idea, why the PC uses a dynamic IP now. It should be static.
It looks like it is not a good idea to play with tx-power so 1 AP doesn't influence the other much.
Did iperf tests with both AP, 1 was fast like you see above, 1 was about 20Mbit/s. Set tx-power to default, it is now at 100Mbit/s.
I will check what happens, when I set all tx-power to default.
It looks like this is the solution. Tested from the pc.
$ iperf3 -c 192.168.178.13
Connecting to host 192.168.178.13, port 5201
[ 5] local 192.168.178.46 port 45404 connected to 192.168.178.13 port 5201
[ ID] Interval Transfer Bitrate Retr Cwnd
[ 5] 0.00-1.00 sec 12.2 MBytes 102 Mbits/sec 1 519 KBytes
[ 5] 1.00-2.00 sec 10.0 MBytes 83.9 Mbits/sec 2 410 KBytes
[ 5] 2.00-3.00 sec 10.0 MBytes 83.9 Mbits/sec 0 448 KBytes
[ 5] 3.00-4.00 sec 11.2 MBytes 94.4 Mbits/sec 0 469 KBytes
[ 5] 4.00-5.00 sec 11.2 MBytes 94.4 Mbits/sec 0 481 KBytes
[ 5] 5.00-6.00 sec 10.0 MBytes 83.9 Mbits/sec 0 485 KBytes
[ 5] 6.00-7.00 sec 11.2 MBytes 94.3 Mbits/sec 0 492 KBytes
[ 5] 7.00-8.00 sec 11.2 MBytes 94.4 Mbits/sec 0 508 KBytes
[ 5] 8.00-9.00 sec 12.5 MBytes 105 Mbits/sec 0 526 KBytes
[ 5] 9.00-10.00 sec 11.2 MBytes 94.4 Mbits/sec 0 543 KBytes
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bitrate Retr
[ 5] 0.00-10.00 sec 111 MBytes 93.1 Mbits/sec 3 sender
[ 5] 0.00-10.04 sec 108 MBytes 90.0 Mbits/sec receiver
iperf Done.
With iperf2:
$ iperf -c 192.168.178.13
------------------------------------------------------------
Client connecting to 192.168.178.13, TCP port 5001
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[ 1] local 192.168.178.46 port 38938 connected with 192.168.178.13 port 5001
[ ID] Interval Transfer Bandwidth
[ 1] 0.0000-10.2935 sec 110 MBytes 89.5 Mbits/sec
Testing the whole way to the ISP-Fritzbox, after enabling iperf at http://192.168.178.1/support.lua
iperf -c 192.168.178.1 -p4711
------------------------------------------------------------
Client connecting to 192.168.178.1, TCP port 4711
TCP window size: 85.0 KByte (default)
------------------------------------------------------------
[ 1] local 192.168.178.46 port 53182 connected with 192.168.178.1 port 4711
[ ID] Interval Transfer Bandwidth
[ 1] 0.0000-10.3190 sec 109 MBytes 88.5 Mbits/sec
I think it can be treated as solved or what do you think, still too slow?
I am unsure if this is the best solution.
All SSID are mine in 5Ghz.
W0 can be removed, It is the WDS-Upstream-router. IMHO the yellow SSID is too weak, so it is better to use 2.4GHz for upstream.
3 at the end of the SSID means WPA3, 2 at the end WPA2.
Blue and brown have the same SSID, 2 APs in 2 neighbour rooms. WPA3.
Green and violet belong together, same openwrt-devices in the 2 rooms, but WPA2
So is it better to use 1 SSID for the 2 AP or 2 different SSID with the same encryption?
If i have manual control, I see to which AP a phone is connected. I fear the AP could not be changed, if done automatically by the phone.
So i have now 2 SSIDs, 1 for WPA2 and 1 for WPA3 with 2 APs.
What do you think about different channels for each AP?
AP1:
AP2:
Or would it be better to use the same channel or other (higher) channels? I am totally free with choosing channels. I am the only 1 in the 5GHz band. Channel width is 80Mhz. Probably useless, if the uplink is from 2.4GHz. But neighbors outside the house are far away.
