WAX202, max number of SSIDs

Hardware Questions and Recommendations
1

I'm wondering if anyone out there with a WAX202 is running with more than 3 SSIDs? The marketing material says "upto 3", but I'd like to have a setup with at least 1 more, ideally 3 more than that. Is the "upto 3" the hardware limit, or is that just a limit within their own UI, and openwrt will be able to configure more? Other limits I've seen seem to be 4/8/16 so 3 seems like an unusual number, so I'm hoping it is not hardware limited to that.

Alternatively is there are other openwrt compatible equipment people could recommend (ideally something that could be picked up in Australia). Main criteria:

  • 4 or more SSIDs I can assign VLANs to.
  • Would prefer to get away with only one wifi unit, in 100 square metre apartment, so distances are not massive, and no more than 2 walls/doors (nothing brick) between any two rooms. However likely to be a lot of interference as in a highrise building with 200+ apartments with about 7-10 apartments per floor.
  • Acting as dumb ap, so no routing required. I have a x86 mini-pc I'll be installing openwrt on for routing, and waiting for managed switch (Zyxel GS1900-16) to arrive from US which will also run openwrt.
  • Would prefer ax on both 2.4 and 5 ghz bands. I was also considering Unifi Lite 6, but the lack of 2.4 ax has turned me off a little as there are some rooms in the apartment that will be furthest from the AP where 2.4 ax might be more useful than 5, so this factor leads me to prefer the WAX202, although I like the form factor of the Unifi lite 6).
  • Relatively attractive, which means most likely internal antennas, will sit in a highly visible area in living area, and something that looks like a 6 legged scorpion that has rolled onto its back isn't a good fit. Have a Deco X20 that can do AP mode, but the total lack of configurability has rendered it mostly useless in my current network redesign plan (only two SSIDs, and no VLAN capability). Looks good and I've been very happy with the coverage, just the least flexible management UI I've seen on any wifi device.
  • Uplink WAN speed is low (100/40), but a) I'm planning for that to change and b) I still appreciate fast networking on internal network, so would still prefer as close to 1 gigabit capability as possible, at least while sitting near the AP, but this isn't a hard requirement at the moment, but being able to match a faster uplink without upgrading again later would be a bonus.
  • On somewhat of a budget (after overspending on other bits of the network :slight_smile: ), probably $100-$150 USD top of the range, but happy to go with something I can get second hand to fit better hardware into that range.
2

iw list will show you the exact capabilities and supported interface combinations (just be aware that what's supported at most does not necessarily work best).

2 Likes
3

Thanks, unfortunately I don't have the device yet, wanted to check on the limit before buying, but if someone else with a WAX202 could report the result of the iw list comment, that would be great!

4

Here it is, it lloks like 4 SSIDs max are allowed.

root@a1:~# iw list
Wiphy phy1
	wiphy index: 1
	max # scan SSIDs: 4
	max scan IEs length: 2190 bytes
	max # sched scan SSIDs: 0
	max # match sets: 0
	Retry short limit: 7
	Retry long limit: 4
	Coverage class: 0 (up to 0m)
	Device supports AP-side u-APSD.
	Device supports T-DLS.
	Available Antennas: TX 0x3 RX 0x3
	Configured Antennas: TX 0x3 RX 0x3
	Supported interface modes:
		 * IBSS
		 * managed
		 * AP
		 * AP/VLAN
		 * monitor
		 * mesh point
		 * P2P-client
		 * P2P-GO
	Band 2:
		Capabilities: 0x9ff
			RX LDPC
			HT20/HT40
			SM Power Save disabled
			RX Greenfield
			RX HT20 SGI
			RX HT40 SGI
			TX STBC
			RX STBC 1-stream
			Max AMSDU length: 7935 bytes
			No DSSS/CCK HT40
		Maximum RX AMPDU length 65535 bytes (exponent: 0x003)
		Minimum RX AMPDU time spacing: 4 usec (0x05)
		HT TX/RX MCS rate indexes supported: 0-15
		VHT Capabilities (0x339939b1):
			Max MPDU length: 7991
			Supported Channel Width: neither 160 nor 80+80
			RX LDPC
			short GI (80 MHz)
			TX STBC
			SU Beamformer
			SU Beamformee
			MU Beamformer
			MU Beamformee
			RX antenna pattern consistency
			TX antenna pattern consistency
		VHT RX MCS set:
			1 streams: MCS 0-9
			2 streams: MCS 0-9
			3 streams: not supported
			4 streams: not supported
			5 streams: not supported
			6 streams: not supported
			7 streams: not supported
			8 streams: not supported
		VHT RX highest supported: 0 Mbps
		VHT TX MCS set:
			1 streams: MCS 0-9
			2 streams: MCS 0-9
			3 streams: not supported
			4 streams: not supported
			5 streams: not supported
			6 streams: not supported
			7 streams: not supported
			8 streams: not supported
		VHT TX highest supported: 0 Mbps
		VHT extended NSS: not supported
		HE Iftypes: managed
			HE MAC Capabilities (0x08011a000040):
				+HTC HE Supported
				Trigger Frame MAC Padding Duration: 2
				OM Control
				Maximum A-MPDU Length Exponent: 3
				A-MSDU in A-MPDU
			HE PHY Capabilities: (0x44700e120d00f30e423f00):
				HE40/HE80/5GHz
				242 tone RUs/5GHz
				Device Class: 1
				LDPC Coding in Payload
				HE SU PPDU with 1x HE-LTF and 0.8us GI
				NDP with 4x HE-LTF and 3.2us GI
				STBC Tx <= 80MHz
				STBC Rx <= 80MHz
				DCM Max Constellation: 2
				DCM Max Constellation Rx: 2
				SU Beamformee
				Beamformee STS <= 80Mhz: 3
				Codebook Size SU Feedback
				Codebook Size MU Feedback
				Triggered CQI Feedback
				Partial Bandwidth Extended Range
				Partial Bandwidth DL MU-MIMO
				PPE Threshold Present
				Power Boost Factor ar
				HE SU PPDU & HE PPDU 4x HE-LTF 0.8us GI
				Max NC: 1
				20MHz in 40MHz HE PPDU 2.4GHz
				DCM Max BW: 1
				Longer Than 16HE SIG-B OFDM Symbols
				Non-Triggered CQI Feedback
				TX 1024-QAM
				RX 1024-QAM
				RX Full BW SU Using HE MU PPDU with Compression SIGB
				RX Full BW SU Using HE MU PPDU with Non-Compression SIGB
			HE RX MCS and NSS set <= 80 MHz
				1 streams: MCS 0-11
				2 streams: MCS 0-11
				3 streams: not supported
				4 streams: not supported
				5 streams: not supported
				6 streams: not supported
				7 streams: not supported
				8 streams: not supported
			HE TX MCS and NSS set <= 80 MHz
				1 streams: MCS 0-11
				2 streams: MCS 0-11
				3 streams: not supported
				4 streams: not supported
				5 streams: not supported
				6 streams: not supported
				7 streams: not supported
				8 streams: not supported
			PPE Threshold 0x39 0x1c 0xc7 0x71 0x1c 0x07 
		EHT Iftypes: managed
			EHT MAC Capabilities (0x0000):
			EHT PHY Capabilities: (0x0000000000000000):
			EHT MCS/NSS: (0x):
			EHT bw <= 80 MHz, max NSS for MCS 8-9: Rx=0, Tx=0
			EHT bw <= 80 MHz, max NSS for MCS 10-11: Rx=0, Tx=0
			EHT bw <= 80 MHz, max NSS for MCS 12-13: Rx=0, Tx=0
		HE Iftypes: AP
			HE MAC Capabilities (0x00051a081044):
				+HTC HE Supported
				TWT Responder
				BSR
				OM Control
				Maximum A-MPDU Length Exponent: 3
				BQR
				A-MSDU in A-MPDU
				OM Control UL MU Data Disable RX
			HE PHY Capabilities: (0x04200e920f01af08000c00):
				HE40/HE80/5GHz
				LDPC Coding in Payload
				NDP with 4x HE-LTF and 3.2us GI
				STBC Tx <= 80MHz
				STBC Rx <= 80MHz
				DCM Max Constellation: 2
				DCM Max Constellation Rx: 2
				SU Beamformer
				SU Beamformee
				MU Beamformer
				Beamformee STS <= 80Mhz: 3
				Sounding Dimensions <= 80Mhz: 1
				Codebook Size SU Feedback
				Codebook Size MU Feedback
				Triggered SU Beamforming Feedback
				Triggered MU Beamforming Feedback
				Partial Bandwidth Extended Range
				PPE Threshold Present
				Max NC: 1
				TX 1024-QAM
				RX 1024-QAM
			HE RX MCS and NSS set <= 80 MHz
				1 streams: MCS 0-11
				2 streams: MCS 0-11
				3 streams: not supported
				4 streams: not supported
				5 streams: not supported
				6 streams: not supported
				7 streams: not supported
				8 streams: not supported
			HE TX MCS and NSS set <= 80 MHz
				1 streams: MCS 0-11
				2 streams: MCS 0-11
				3 streams: not supported
				4 streams: not supported
				5 streams: not supported
				6 streams: not supported
				7 streams: not supported
				8 streams: not supported
			PPE Threshold 0x39 0x1c 0xc7 0x71 0x1c 0x07 
		EHT Iftypes: AP
			EHT MAC Capabilities (0x0000):
			EHT PHY Capabilities: (0x0000000000000000):
			EHT MCS/NSS: (0x):
			EHT bw <= 80 MHz, max NSS for MCS 8-9: Rx=0, Tx=0
			EHT bw <= 80 MHz, max NSS for MCS 10-11: Rx=0, Tx=0
			EHT bw <= 80 MHz, max NSS for MCS 12-13: Rx=0, Tx=0
		HE Iftypes: mesh point
			HE MAC Capabilities (0x00011a000040):
				+HTC HE Supported
				OM Control
				Maximum A-MPDU Length Exponent: 3
				A-MSDU in A-MPDU
			HE PHY Capabilities: (0x04200c0000000000008000):
				HE40/HE80/5GHz
				LDPC Coding in Payload
				STBC Tx <= 80MHz
				STBC Rx <= 80MHz
			HE RX MCS and NSS set <= 80 MHz
				1 streams: MCS 0-11
				2 streams: MCS 0-11
				3 streams: not supported
				4 streams: not supported
				5 streams: not supported
				6 streams: not supported
				7 streams: not supported
				8 streams: not supported
			HE TX MCS and NSS set <= 80 MHz
				1 streams: MCS 0-11
				2 streams: MCS 0-11
				3 streams: not supported
				4 streams: not supported
				5 streams: not supported
				6 streams: not supported
				7 streams: not supported
				8 streams: not supported
		EHT Iftypes: mesh point
			EHT MAC Capabilities (0x0000):
			EHT PHY Capabilities: (0x0000000000000000):
			EHT MCS/NSS: (0x):
			EHT bw <= 80 MHz, max NSS for MCS 8-9: Rx=0, Tx=0
			EHT bw <= 80 MHz, max NSS for MCS 10-11: Rx=0, Tx=0
			EHT bw <= 80 MHz, max NSS for MCS 12-13: Rx=0, Tx=0
		Frequencies:
			* 5180 MHz [36] (23.0 dBm)
			* 5200 MHz [40] (23.0 dBm)
			* 5220 MHz [44] (23.0 dBm)
			* 5240 MHz [48] (23.0 dBm)
			* 5260 MHz [52] (20.0 dBm) (radar detection)
			* 5280 MHz [56] (20.0 dBm) (radar detection)
			* 5300 MHz [60] (20.0 dBm) (radar detection)
			* 5320 MHz [64] (20.0 dBm) (radar detection)
			* 5500 MHz [100] (26.0 dBm) (radar detection)
			* 5520 MHz [104] (26.0 dBm) (radar detection)
			* 5540 MHz [108] (26.0 dBm) (radar detection)
			* 5560 MHz [112] (26.0 dBm) (radar detection)
			* 5580 MHz [116] (26.0 dBm) (radar detection)
			* 5600 MHz [120] (26.0 dBm) (radar detection)
			* 5620 MHz [124] (26.0 dBm) (radar detection)
			* 5640 MHz [128] (26.0 dBm) (radar detection)
			* 5660 MHz [132] (26.0 dBm) (radar detection)
			* 5680 MHz [136] (26.0 dBm) (radar detection)
			* 5700 MHz [140] (26.0 dBm) (radar detection)
			* 5720 MHz [144] (13.0 dBm) (radar detection)
			* 5745 MHz [149] (13.0 dBm)
			* 5765 MHz [153] (13.0 dBm)
			* 5785 MHz [157] (13.0 dBm)
			* 5805 MHz [161] (13.0 dBm)
			* 5825 MHz [165] (13.0 dBm)
			* 5845 MHz [169] (13.0 dBm)
			* 5865 MHz [173] (13.0 dBm)
	valid interface combinations:
		 * #{ IBSS } <= 1, #{ AP, mesh point } <= 16, #{ managed } <= 19,
		   total <= 19, #channels <= 1, STA/AP BI must match, radar detect widths: { 20 MHz (no HT), 20 MHz, 40 MHz, 80 MHz, 160 MHz }

	HT Capability overrides:
		 * MCS: ff ff ff ff ff ff ff ff ff ff
		 * maximum A-MSDU length
		 * supported channel width
		 * short GI for 40 MHz
		 * max A-MPDU length exponent
		 * min MPDU start spacing
	max # scan plans: 1
	max scan plan interval: -1
	max scan plan iterations: 0
	Supported extended features:
		* [ VHT_IBSS ]: VHT-IBSS
		* [ RRM ]: RRM
		* [ BEACON_RATE_LEGACY ]: legacy beacon rate setting
		* [ BEACON_RATE_HT ]: HT beacon rate setting
		* [ BEACON_RATE_VHT ]: VHT beacon rate setting
		* [ FILS_STA ]: STA FILS (Fast Initial Link Setup)
		* [ CQM_RSSI_LIST ]: multiple CQM_RSSI_THOLD records
		* [ CONTROL_PORT_OVER_NL80211 ]: control port over nl80211
		* [ ACK_SIGNAL_SUPPORT ]: ack signal level support
		* [ TXQS ]: FQ-CoDel-enabled intermediate TXQs
		* [ SCAN_RANDOM_SN ]: use random sequence numbers in scans
		* [ SCAN_MIN_PREQ_CONTENT ]: use probe request with only rate IEs in scans
		* [ CAN_REPLACE_PTK0 ]: can safely replace PTK 0 when rekeying
		* [ AIRTIME_FAIRNESS ]: airtime fairness scheduling
		* [ AQL ]: Airtime Queue Limits (AQL)
		* [ CONTROL_PORT_NO_PREAUTH ]: disable pre-auth over nl80211 control port support
		* [ DEL_IBSS_STA ]: deletion of IBSS station support
		* [ SCAN_FREQ_KHZ ]: scan on kHz frequency support
		* [ CONTROL_PORT_OVER_NL80211_TX_STATUS ]: tx status for nl80211 control port support
		* [ FILS_DISCOVERY ]: FILS discovery frame transmission support
		* [ UNSOL_BCAST_PROBE_RESP ]: unsolicated broadcast probe response transmission support
		* [ BEACON_RATE_HE ]: HE beacon rate support (AP/mesh)
		* [ BSS_COLOR ]: BSS coloring support
		* [ RADAR_BACKGROUND ]: Radar background support
Wiphy phy0
	wiphy index: 0
	max # scan SSIDs: 4
	max scan IEs length: 2200 bytes
	max # sched scan SSIDs: 0
	max # match sets: 0
	Retry short limit: 7
	Retry long limit: 4
	Coverage class: 0 (up to 0m)
	Device supports AP-side u-APSD.
	Device supports T-DLS.
	Available Antennas: TX 0x3 RX 0x3
	Configured Antennas: TX 0x3 RX 0x3
	Supported interface modes:
		 * IBSS
		 * managed
		 * AP
		 * AP/VLAN
		 * monitor
		 * mesh point
		 * P2P-client
		 * P2P-GO
	Band 1:
		Capabilities: 0x9ff
			RX LDPC
			HT20/HT40
			SM Power Save disabled
			RX Greenfield
			RX HT20 SGI
			RX HT40 SGI
			TX STBC
			RX STBC 1-stream
			Max AMSDU length: 7935 bytes
			No DSSS/CCK HT40
		Maximum RX AMPDU length 65535 bytes (exponent: 0x003)
		Minimum RX AMPDU time spacing: 4 usec (0x05)
		HT TX/RX MCS rate indexes supported: 0-15
		HE Iftypes: managed
			HE MAC Capabilities (0x08011a000040):
				+HTC HE Supported
				Trigger Frame MAC Padding Duration: 2
				OM Control
				Maximum A-MPDU Length Exponent: 3
				A-MSDU in A-MPDU
			HE PHY Capabilities: (0x22700e120d00f30e423f00):
				HE40/2.4GHz
				242 tone RUs/2.4GHz
				Device Class: 1
				LDPC Coding in Payload
				HE SU PPDU with 1x HE-LTF and 0.8us GI
				NDP with 4x HE-LTF and 3.2us GI
				STBC Tx <= 80MHz
				STBC Rx <= 80MHz
				DCM Max Constellation: 2
				DCM Max Constellation Rx: 2
				SU Beamformee
				Beamformee STS <= 80Mhz: 3
				Codebook Size SU Feedback
				Codebook Size MU Feedback
				Triggered CQI Feedback
				Partial Bandwidth Extended Range
				Partial Bandwidth DL MU-MIMO
				PPE Threshold Present
				Power Boost Factor ar
				HE SU PPDU & HE PPDU 4x HE-LTF 0.8us GI
				Max NC: 1
				20MHz in 40MHz HE PPDU 2.4GHz
				DCM Max BW: 1
				Longer Than 16HE SIG-B OFDM Symbols
				Non-Triggered CQI Feedback
				TX 1024-QAM
				RX 1024-QAM
				RX Full BW SU Using HE MU PPDU with Compression SIGB
				RX Full BW SU Using HE MU PPDU with Non-Compression SIGB
			HE RX MCS and NSS set <= 80 MHz
				1 streams: MCS 0-11
				2 streams: MCS 0-11
				3 streams: not supported
				4 streams: not supported
				5 streams: not supported
				6 streams: not supported
				7 streams: not supported
				8 streams: not supported
			HE TX MCS and NSS set <= 80 MHz
				1 streams: MCS 0-11
				2 streams: MCS 0-11
				3 streams: not supported
				4 streams: not supported
				5 streams: not supported
				6 streams: not supported
				7 streams: not supported
				8 streams: not supported
			PPE Threshold 0x39 0x1c 0xc7 0x71 0x1c 0x07 
		EHT Iftypes: managed
			EHT MAC Capabilities (0x0000):
			EHT PHY Capabilities: (0x0000000000000000):
			EHT MCS/NSS: (0x):
			EHT bw=20 MHz, max NSS for MCS 0-7: Rx=0, Tx=0
			EHT bw=20 MHz, max NSS for MCS 8-9: Rx=0, Tx=0
			EHT bw=20 MHz, max NSS for MCS 10-11: Rx=0, Tx=0
			EHT bw=20 MHz, max NSS for MCS 12-13: Rx=0, Tx=0
		HE Iftypes: AP
			HE MAC Capabilities (0x00051a081044):
				+HTC HE Supported
				TWT Responder
				BSR
				OM Control
				Maximum A-MPDU Length Exponent: 3
				BQR
				A-MSDU in A-MPDU
				OM Control UL MU Data Disable RX
			HE PHY Capabilities: (0x02200e920f01af08000c00):
				HE40/2.4GHz
				LDPC Coding in Payload
				NDP with 4x HE-LTF and 3.2us GI
				STBC Tx <= 80MHz
				STBC Rx <= 80MHz
				DCM Max Constellation: 2
				DCM Max Constellation Rx: 2
				SU Beamformer
				SU Beamformee
				MU Beamformer
				Beamformee STS <= 80Mhz: 3
				Sounding Dimensions <= 80Mhz: 1
				Codebook Size SU Feedback
				Codebook Size MU Feedback
				Triggered SU Beamforming Feedback
				Triggered MU Beamforming Feedback
				Partial Bandwidth Extended Range
				PPE Threshold Present
				Max NC: 1
				TX 1024-QAM
				RX 1024-QAM
			HE RX MCS and NSS set <= 80 MHz
				1 streams: MCS 0-11
				2 streams: MCS 0-11
				3 streams: not supported
				4 streams: not supported
				5 streams: not supported
				6 streams: not supported
				7 streams: not supported
				8 streams: not supported
			HE TX MCS and NSS set <= 80 MHz
				1 streams: MCS 0-11
				2 streams: MCS 0-11
				3 streams: not supported
				4 streams: not supported
				5 streams: not supported
				6 streams: not supported
				7 streams: not supported
				8 streams: not supported
			PPE Threshold 0x39 0x1c 0xc7 0x71 0x1c 0x07 
		EHT Iftypes: AP
			EHT MAC Capabilities (0x0000):
			EHT PHY Capabilities: (0x0000000000000000):
			EHT MCS/NSS: (0x):
			EHT bw=20 MHz, max NSS for MCS 0-7: Rx=0, Tx=0
			EHT bw=20 MHz, max NSS for MCS 8-9: Rx=0, Tx=0
			EHT bw=20 MHz, max NSS for MCS 10-11: Rx=0, Tx=0
			EHT bw=20 MHz, max NSS for MCS 12-13: Rx=0, Tx=0
		HE Iftypes: mesh point
			HE MAC Capabilities (0x00011a000040):
				+HTC HE Supported
				OM Control
				Maximum A-MPDU Length Exponent: 3
				A-MSDU in A-MPDU
			HE PHY Capabilities: (0x02200c0000000000008000):
				HE40/2.4GHz
				LDPC Coding in Payload
				STBC Tx <= 80MHz
				STBC Rx <= 80MHz
			HE RX MCS and NSS set <= 80 MHz
				1 streams: MCS 0-11
				2 streams: MCS 0-11
				3 streams: not supported
				4 streams: not supported
				5 streams: not supported
				6 streams: not supported
				7 streams: not supported
				8 streams: not supported
			HE TX MCS and NSS set <= 80 MHz
				1 streams: MCS 0-11
				2 streams: MCS 0-11
				3 streams: not supported
				4 streams: not supported
				5 streams: not supported
				6 streams: not supported
				7 streams: not supported
				8 streams: not supported
		EHT Iftypes: mesh point
			EHT MAC Capabilities (0x0000):
			EHT PHY Capabilities: (0x0000000000000000):
			EHT MCS/NSS: (0x):
			EHT bw=20 MHz, max NSS for MCS 0-7: Rx=0, Tx=0
			EHT bw=20 MHz, max NSS for MCS 8-9: Rx=0, Tx=0
			EHT bw=20 MHz, max NSS for MCS 10-11: Rx=0, Tx=0
			EHT bw=20 MHz, max NSS for MCS 12-13: Rx=0, Tx=0
		Frequencies:
			* 2412 MHz [1] (20.0 dBm)
			* 2417 MHz [2] (20.0 dBm)
			* 2422 MHz [3] (20.0 dBm)
			* 2427 MHz [4] (20.0 dBm)
			* 2432 MHz [5] (20.0 dBm)
			* 2437 MHz [6] (20.0 dBm)
			* 2442 MHz [7] (20.0 dBm)
			* 2447 MHz [8] (20.0 dBm)
			* 2452 MHz [9] (20.0 dBm)
			* 2457 MHz [10] (20.0 dBm)
			* 2462 MHz [11] (20.0 dBm)
			* 2467 MHz [12] (20.0 dBm)
			* 2472 MHz [13] (20.0 dBm)
			* 2484 MHz [14] (disabled)
	valid interface combinations:
		 * #{ IBSS } <= 1, #{ AP, mesh point } <= 16, #{ managed } <= 19,
		   total <= 19, #channels <= 1, STA/AP BI must match, radar detect widths: { 20 MHz (no HT), 20 MHz, 40 MHz, 80 MHz, 160 MHz }

	HT Capability overrides:
		 * MCS: ff ff ff ff ff ff ff ff ff ff
		 * maximum A-MSDU length
		 * supported channel width
		 * short GI for 40 MHz
		 * max A-MPDU length exponent
		 * min MPDU start spacing
	max # scan plans: 1
	max scan plan interval: -1
	max scan plan iterations: 0
	Supported extended features:
		* [ VHT_IBSS ]: VHT-IBSS
		* [ RRM ]: RRM
		* [ BEACON_RATE_LEGACY ]: legacy beacon rate setting
		* [ BEACON_RATE_HT ]: HT beacon rate setting
		* [ BEACON_RATE_VHT ]: VHT beacon rate setting
		* [ FILS_STA ]: STA FILS (Fast Initial Link Setup)
		* [ CQM_RSSI_LIST ]: multiple CQM_RSSI_THOLD records
		* [ CONTROL_PORT_OVER_NL80211 ]: control port over nl80211
		* [ ACK_SIGNAL_SUPPORT ]: ack signal level support
		* [ TXQS ]: FQ-CoDel-enabled intermediate TXQs
		* [ SCAN_RANDOM_SN ]: use random sequence numbers in scans
		* [ SCAN_MIN_PREQ_CONTENT ]: use probe request with only rate IEs in scans
		* [ CAN_REPLACE_PTK0 ]: can safely replace PTK 0 when rekeying
		* [ AIRTIME_FAIRNESS ]: airtime fairness scheduling
		* [ AQL ]: Airtime Queue Limits (AQL)
		* [ CONTROL_PORT_NO_PREAUTH ]: disable pre-auth over nl80211 control port support
		* [ DEL_IBSS_STA ]: deletion of IBSS station support
		* [ SCAN_FREQ_KHZ ]: scan on kHz frequency support
		* [ CONTROL_PORT_OVER_NL80211_TX_STATUS ]: tx status for nl80211 control port support
		* [ FILS_DISCOVERY ]: FILS discovery frame transmission support
		* [ UNSOL_BCAST_PROBE_RESP ]: unsolicated broadcast probe response transmission support
		* [ BEACON_RATE_HE ]: HE beacon rate support (AP/mesh)
		* [ BSS_COLOR ]: BSS coloring support
		* [ RADAR_BACKGROUND ]: Radar background support
root@a1:~#

As for looks, the WAX202 isn't pretty, the grey colour and the boxy shape recall 1990's PC hardware somewhat, it would look better in an office than a home and in fact Netgear markets it as a business AP.

I keep it behind a TV with about 6 cm. sticking up as the internal antennas are at the top. I also keep it with its back side facing the room for better cable management and looks, also as since OpenWrt 23.05 RC's the LAN LEDs can no longer be turned off and they're fairly big. But no, it isn't overly ugly :slight_smile: and it isn't as intrusive as an overturned eight legger.

I also have a Belkin RT1800 and it looks a lot better, it has the same hardware but worse antennas hence a shorter range. For a a 100 sqm. place the WAX202 would be better and it should cover it.

2 Likes
5

Thanks very much for posting the iw list output! (and your mini-review of your WAX202, and how you've placed it).

I did some reading on the max scan SSIDs, and it seems like this doesn't reflect that actual number of SSIDs that can be created , but rather a limit to the number of hidden SSIDs you can scan for. With 4 you can have 3 hidden SSIDs as you eat up one for the wildcard scan for the public SSIDs.

The latter numbers in valid interface combinations seems to be the ones I'm interested in, and looks like the limit for the AP number is the relevant one, so 16 SSIDs. This probably means 8 for 2.4ghz and 8 for 5 ghz based on my reading if you want your SSIDs to all work on both, which is more than enough for my needs. I'll probably try to squeeze into 4 as the overheads for the extra SSIDs start to eat into bandwidth fairly quickly it seems, which should be doable ( assuming my reading has not mislead me and the max scan is not the total limit of defineable SSIDs). The Belkin RT1800 is indeed slightly less ugly (at least to my eyes), but also a bit more expensive where I live, and if the internal antenna setup on wax202 is better, I'm inclined to go with that, as I'm trying to avoid needing multiple APs in the apartment.

Thanks again!

1 Like
6

You're welcome and good job with the research, I had thought it could handle max 4 SSIDs since I got it, and as I don't need more than 3 I never looked into it better.

7

Valid interface combinations, 19 managed ap, 16 mesh, 1 ibss.

19 ssids per radio

1 Like
8

Thanks for the clarification, that is a good deal more than I'd imagined!

9

Buy the WAX206 now, it has 2.5G uplink, and purchase from Japan Amazon (a lot cheaper even with shipping cost)

10

Thanks, the 2.5G port is tempting in terms of future proofing, but the WAX206 also has the downside of no AX on the 2.4ghz band, and right now I can probably use the AX more than the 2.5GB port.

11

But there is a good use case for 2.4GHz AX?
On my 206 I don't even use 2.4GHz for main WiFi, only leaving 2.4GHz for IoTs which don't need AX (not even AC)

12

My thinking (which may well be misguided) was that the AX on 2.4ghz might be useful for devices in parts ot the apartment which need to travel through walls, where 5ghz might struggle. These are phones or laptops, some of which support AX rather than the iOT devices, which largely (perhaps wholey) don't.

I could probably put some more effort into testing how well I'm doing on my existing Deco X20 network with AX devices when only offered 5ghz, as it is possible I'm worrying about a problem I don't have. I do know my previous AC1600 device did have issues with wall penetration to devices that are now doing fine on AX, but I'm not sure if the difference was down to AC vs AX or antenna or other issues on the old wifi router vs the new (and quite possibly the laptops/phones are all connecting fine on 5ghz on the Deco).

1 Like
13

At home I have another router with 2.4GHz AX support, when I go down 2 levels (router on 3F, me on 1F) the signal is so weak that it has to use 2.4GHz however link rate is also low that it couldn't go beyond the 802.11n link rate, which is OK for phones playing YouTube but not very good for laptop usage.

What I am planning to do is use ethernet to add one more router in between for SSID roaming but not going to think about 2.4GHz way.

14

Out of interest what material is the floor made out of between your levels?

15

There's iot devices specifically using 2.4ghz 802.11ax

16

Can I suggest looking into Individual per-passphrase Wifi VLANs using wpa_psk_file instead of using 7 SSIDs? It is not as easy, but if you are interested, I can make a short guide with all important bits for devices on 23.05.x with DSA as it finally works as expected.

1 Like
17

That does sound complicated, but also very flexible , and avoids the network overhead issues with too many SSIDs, so I'd be than happy to give it a go if a guide was available.

I've ended up going with the WAX202, partly because of the 2.4ghz AX, but also it was the cheapest I could find that suited my needs that I could pick up locally, and I was in a hurry to start playing around with it.

Just for reference, my currently planned network setup looks like

Internet <-> VDSL Modem in bridge mode (probably a hacked DJA0231) <-> Router (x86 4 ethernet port Mini-PC running openwrt) <-> Switch (Zyxel GS1900-16) <-> WAP (WAX202)

(all of those have been ordered, but still waiting for delivery, the WAX202 should arrive tomorrow or the day after).

I was planning to go with 4 SSIDs in order to separate the wireless traffic into 4 vlans:
VLAN20 - iot no internet (no internet, only allow incoming from home assistant box)
VLAN30 - iot with internet (internet + incoming from HA box, this will also double as a guest network)
VLAN40 - Trusted family wireless (laptops, phones of family members)
VLAN50 - wireless management LAN to allow admin from my own laptop (Mac OS/X).

(I assume these 4 can be replaced with 1 SSID using the per-passphrase method of assigning VLANs to a single SSID, although I'm not clear how isolation works in that situation, as I'd like VLAN30 and VLAN20 to have no connectivity available between entities on the same VLAN, but still allow unisolated access between entities on VLAN40).

3 other wired VLANs on switch/router for untrusted windows PC, backup server and Home assistant (VLANs 10,11,12 respectively, the latter two machines running linux) port tagged on the switch. The VLAN 20 and VLAN 30 for iot wireless devices will also be used for wired devices based on port tags on the switch.

Plan for Firewall rules is something like this:
Blocking everything by default then:
VLAN 10,11,12,20,40 -> WAN Allowed (So vlan 30 blocked to internet)

VLAN 12 (HA) -> VLAN 20,VLAN 40 (so HA can connect to iOT devices)

VLAN 40 -> VLAN 12 (HA) (so trusted wireless devices can connect to HA).

VLAN 50 -> Everything allowed (i.e can connect to all vlans AND WAN)
My Phone -> My laptop allowed

I have a reasonable amount of networking experience, but almost exclusively at layer 3 and above, and there is a lot of layer 2 stuff going on here that I don't have a good grasp on yet. I don't have any recent experience with openwrt, and it is probably close to 15 years since I used it last, but I'm keen to move to a unified interface across my home network (as much as is practically possible anyway). I've toyed with the idea of using pfsense/opnsense on the firewall/router machine, but would prefer to keep the common UI, and I'm a lot more comfortable on linux than *BSD.

Seems like there is enough guides around on how to put what I want together, that I'll be mostly able to muddle through it myself, but I would definitely appreciate something that touches on the wpa_psk_file method of VLAN assignment, and of course any feedback on the above planned setup would be welcome.

18

Here is a short list of all important things that need to be done for this to work:

  • on the AP, a device that uses DSA:
    • set up the bridge to use VLAN filtering and include all ports including wan since you are going to be using it as a layer 2 bridge, not a router.
    • create the "interfaces" (networks) like you would have for separate SSIDs
    • configure /etc/config/wireless to include data for vlan_file and wpa_psk_file:
config wifi-station
        option iface 'default_radio0'
        option key 'iot_no_internet' # your key here
        option vid 20

config wifi-station
        option iface 'default_radio0'
        option key 'iot_internet' # your key here
        option vid 30

...

config wifi-vlan
        option iface default_radio0
        option name iotnonet
        option vid 20
        option network iotnonet

config wifi-vlan
        option iface default_radio0
        option name iotnet
        option vid 30
        option network iotnet

...

You need to add a section like this for all wpa2psk keys except the "main" one.

I think that this is all that's needed, but I'll do a test and let you know.

19

Thanks, that is more straightforward than I'd imagined. The WAX202 is due to arrive tomorrow, so I'll play around with your suggested settings then, although I'll probably need the managed switch and router/firewall to arrive to fully test it.

20

It is a bit more complicated if you care about 802.11r. Without 11r it should work in 21.02 or newer. 11r with multiple psk works only in 23.05.x or snapshot.

Also, using WPA3 SAE (configured separately) should work fine, but I haven't found a way to set that up in /etc/config/wireless