Significant BSSID change

I'm trying to set up a WiFi network with a custom BSSID.

While minor MAC/BSSID address change works fine, significant one cause an error.


# ifconfig open2 down
# ifconfig open2 hw ether 00:de:ad:c0:de:00
ifconfig: SIOCSIFHWADDR: Invalid argument


# ip l set open2 down
# ip link set dev open2 address 00:de:ad:c0:de:00
RTNETLINK answers: Invalid argument


config wifi-iface 'open2'
        option ifname 'open2'
        option device 'radio2'
        option network 'open'
        option mode 'ap'
        option ssid 'open'
        option macaddr '00:de:ad:c0:de:00'
        option encryption 'none'
# hostapd -dd /var/run/hostapd-phy1.conf 
Configuration file: /var/run/hostapd-phy1.conf
main2: interface state UNINITIALIZED->COUNTRY_UPDATE
Using interface main2 with hwaddr <HW> and ssid "main-2"
Failed to add BSS (BSSID=00:de:ad:c0:de:00)
Interface initialization failed

miwifi-mini mt7620 ramips 19.07.1 r10911-c155900f66

Have you tried with a valid locally administered MAC address?

1 Like

Even Original MAC + 10 doesn't work:

# ifconfig open2
open2     Link encap:Ethernet  HWaddr <CROPPED>:F3

Trying to set mac to <CROPPED>:F0 - <CROPPED>:F7 works fine. <CROPPED>:F8 causes the same error.

Moreover, looks like any other value except original_prefix:F0-F7 is not possible.

Set the first byte to x2, x6, xA, or xE (in other words, bit 1 is set). That flags it as a locally administered MAC.

MACs without that bit set should comply with the OUI system to ensure they are globally unique. The manufactuer sets these.

1 Like
# ifconfig open2 hw ether 02:de:ad:c0:de:00
ifconfig: SIOCSIFHWADDR: Invalid argument

Perhaps your hardware does not allow this?

rt2800-soc is used for 2.4GHz in miwifi-mini, and it depends on mac80211 so it's SoftMAC, isn't it?
Can hardware make a limitation for SoftMAC?
How to check this limitation?

mt76 is used for 5GHz on miwifi-mini. I can modify 5GHz mac significantly. But can not set fa:de:ad:c0:de:01 and fa:de:ad:c0:de:02 for two 5GHz interfaces bridged together, but I can set fa:de:ad:c0:de:01 and fe:de:ad:c0:de:01 (ie last part must be equal)

I think this is part of some standard I do not remember right now, and all MACs on the same radio have to be consecutive, but I am not sure.

The mt76 driver (and others) imposes restrictions on which BSSIDs can be set.
Theoretically one should be able to query /sys/class/ieee80211/phyX/address_mask and /sys/class/ieee80211/phyX/addresses to query the BSSID restrictions but it appears as if mt76 does not properly populate these.

Are these restrictions hardware or software ones?

According to another dev I asked, it is a hardware limitation. The hardware uses a bit field internally to track the used BSSIDs. Due to that, it is only possible to set BSSIDs in the range phy base address .. phy base address + 16. So in practice you can only use /sys/class/ieee80211/phy0/macaddress and 16 subsequent BSSIDs.