Wifi Roaming / 802.11r breaks VoIP RTP Stream

Hello,
I have set up on a total of 4 identical SSIDs with 802.11k/v/r on a total of 2 devices, one on 2,4Ghz and one on 5 Ghz for each device. Both run version 24.10

The first device is my edge router, an Archer C7 V5, the other is an WRT1900ACS. The Archer runs the WAN over VLAN 7 as required by my isp, my LAN runs on VLAN 1, in between the 2 routers is a switch with a trunk for VLAN 7 and 1.

The problem is that VoIP calls drop the audio both ways more often than not when roaming from one device to another. This happens on LineageOS 22.1 with Linphone, baresip, Zoiper and on iOS with Zoiper.
If the VoIP client reassociates with the AP on which the call was initiated, the audio resumes as if nothing had happened. Using STUN and no STUN, forwarding the client SIP port from WAN to the LAN side did not mend the problem.
It sort of resembles the issue described here https://github.com/openwrt/openwrt/issues/11650
So i tried untagging every VLAN1 port, nothing changed.
I did notice that the WLAN LED on the initial AP, say e.g. the one on edge router, still blinks even though the STA roamed to the next AP, while the LED for VLAN1 would still blink while roaming in the other direction, if the initial AP is the WRT1900ACS. As if the stream is not being routed through the current AP.
I have a feeling this is a layer 2 problem, perhaps an FDB issue, but why is only VoIP affected by it when every other stream is seamless?
If i turn off the WLAN and switch to mobile data, the VoIP call never drops.
When i roam from 2,4 GHz to 5 GHz on the same AP all is fine.
Other streams such as iperf3 (server and client on the same LAN broadcast domain) on UDP or TCP, Signal calls, speedtest.net tests do not ever drop.
tcpdump before roaming

beforeroam493×398 75.5 KB

SRC Port on the left, DST on the right

any input is appreciated.

tcpdump after roaming

afterroam505×408 79 KB

Please post outputs of

ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/firewall

As a text enclosed in </> code block. Replace passwords and other secrets with ABC

on the edge router:

 ubus call system board
{
        "kernel": "6.6.73",
        "hostname": "XXXX",
        "system": "Qualcomm Atheros QCA956X ver 1 rev 0",
        "model": "TP-Link Archer C7 v5",
        "board_name": "tplink,archer-c7-v5",
        "rootfs_type": "squashfs",
        "release": {
                "distribution": "OpenWrt",
                "version": "24.10.0",
                "revision": "r28427-6df0e3d02a",
                "target": "ath79/generic",
                "description": "OpenWrt 24.10.0 r28427-6df0e3d02a",
                "builddate": "1738624177"
        }
}

/etc/config/network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fdee:0fbe:cdb3::/48'
        option packet_steering '0'

config device
        option name 'br-lan'
        option type 'bridge'
        option ipv6 '0'
        list ports 'eth0.1'

config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option ipaddr '192.168.2.1'
        option delegate '0'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option vid '1'
        option ports '0t 1t 2 3 4 5'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option ports '0t 1t'
        option vid '7'

config device
        option name 'eth0'
        option ipv6 '0'

config device
        option name 'eth0.1'
        option type '8021q'
        option ifname 'eth0'
        option vid '1'
        option ipv6 '0'

config device
        option name 'eth0.7'
        option type '8021q'
        option ifname 'eth0'
        option vid '7'
        option ipv6 '0'

config interface 'WAN'
        option proto 'pppoe'
        option device 'eth0.7'
        option username 'XXXXX'
        option password 'XXXX'
        option ipv6 '0'
        option peerdns '0'
        option delegate '0'
        list dns '1XXX'
        list dns '1XXX'

config device
        option name 'pppoe-WAN'
        option ipv6 '0'

config interface 'VPN'
        option proto 'none'
        option device 'tun0'
        option peerdns '0'
        list dns '192.168.2.6'
        list dns '192.168.2.1'
        option delegate '0'

config device
        option name 'tun0'
        option ipv6 '0'

config switch_vlan
        option device 'switch0'
        option vlan '3'
        option ports '0t 1t'
        option vid '3'

config device
        option type 'bridge'
        option name 'br-guest'
        list ports 'eth0.3'
        option ipv6 '0'

config device
        option name 'eth0.3'
        option type '8021q'
        option ifname 'eth0'
        option vid '3'
        option ipv6 '0'

config interface 'guest'
        option proto 'static'
        option device 'br-guest'
        option ipaddr '192.168.3.1'
        option netmask '255.255.255.0'
        option delegate '0'
        option defaultroute '0'

config route
        option interface 'lan'
        option target '172.16.16.0/24'
        option gateway '192.168.2.9'

cat /etc/config/wireless

config wifi-device 'radio0'
        option type 'mac80211'
        option path 'pci0000:00/0000:00:00.0'
        option channel '149'
        option band '5g'
        option htmode 'VHT80'
        option cell_density '0'
        option country 'DE'

config wifi-iface 'default_radio0'
        option device 'radio0'
        option network 'lan'
        option mode 'ap'
        option ssid 'MYWLAN'
        option encryption 'psk2+ccmp'
        option hidden '1'
        option dtim_period '3'
        option key 'XXXXXX'
        option ieee80211r '1'
        option mobility_domain '1111'
        option ft_over_ds '0'
        option ft_psk_generate_local '1'
        option wpa_disable_eapol_key_retries '1'
        option reassociation_deadline '20000'
        option ieee80211k '1'
        option bss_transition '1'
        option nasid '909A4A1ADD0C'
        option disassoc_low_ack '0'
        option wnm_sleep_mode '1'
        option wnm_sleep_mode_no_keys '1'

config wifi-device 'radio1'
        option type 'mac80211'
        option path 'platform/ahb/18100000.wmac'
        option channel '1'
        option band '2g'
        option htmode 'HT40'
        option country 'DE'
        option cell_density '0'
        option noscan '1'

config wifi-iface 'wifinet1'
        option device 'radio0'
        option mode 'ap'
        option ssid 'GUEST'
        option encryption 'psk2+ccmp'
        option hidden '1'
        option dtim_period '3'
        option key 'XXXXXX'
        option ieee80211r '1'
        option mobility_domain '3333'
        option ft_over_ds '0'
        option ft_psk_generate_local '1'
        option network 'GUEST'
        option wpa_disable_eapol_key_retries '1'
        option isolate '1'
        option macaddr '72:54:CB:C1:3B:71'
        option reassociation_deadline '20000'
        option ieee80211k '1'
        option bss_transition '1'
        option nasid '7254CBC13B71'
        option disassoc_low_ack '0'
        option wnm_sleep_mode '1'
        option wnm_sleep_mode_no_keys '1'

config wifi-iface 'wifinet2'
        option device 'radio1'
        option mode 'ap'
        option ssid 'MYWLAN'
        option encryption 'psk2+ccmp'
        option hidden '1'
        option dtim_period '3'
        option ieee80211r '1'
        option mobility_domain '1111'
        option ft_over_ds '0'
        option ft_psk_generate_local '1'
        option wpa_disable_eapol_key_retries '1'
        option network 'lan'
        option key 'XXXXXX'
        option reassociation_deadline '20000'
        option ieee80211k '1'
        option bss_transition '1'
        option nasid '909A4A1ADD0D'
        option disassoc_low_ack '0'
        option wnm_sleep_mode '1'
        option wnm_sleep_mode_no_keys '1'

config wifi-iface 'wifinet3'
        option device 'radio1'
        option mode 'ap'
        option ssid 'GUEST'
        option encryption 'psk2+ccmp'
        option hidden '1'
        option isolate '1'
        option dtim_period '3'
        option key 'XXXXXX'
        option ieee80211r '1'
        option mobility_domain '3333'
        option ft_over_ds '0'
        option ft_psk_generate_local '1'
        option wpa_disable_eapol_key_retries '1'
        option network 'GUEST'
        option macaddr '16:81:8F:7C:20:4E'
        option reassociation_deadline '20000'
        option ieee80211k '1'
        option bss_transition '1'
        option nasid '16818F7C204E'
        option disassoc_low_ack '0'
        option wnm_sleep_mode '1'
        option wnm_sleep_mode_no_keys '1'

 cat /etc/config/firewall

config defaults
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option synflood_protect '1'
        option flow_offloading '1'
        option flow_offloading_hw '1'

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        list network 'lan'

config zone
        option name 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option masq '1'
        option mtu_fix '1'
        list network 'WAN'
        option forward 'REJECT'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option src_ip 'fc00::/6'
        option dest_ip 'fc00::/6'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'
        option enabled '0'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'
        option enabled '0'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'
        option enabled '0'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'
        option enabled '0'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'
        option enabled '0'

config rule
        option name 'Support-UDP-Traceroute'
        option src 'wan'
        option dest_port '33434:33689'
        option proto 'udp'
        option family 'ipv4'
        option target 'REJECT'
        option enabled '0'

config include
        option path '/etc/firewall.user'

config redirect
        option target 'DNAT'
        option src 'wan'
        option name 'RealVNC'
        list proto 'tcp'
        option src_dport 'VNC'
        option dest_ip '1XXX'
        option dest_port 'VNC'
        option dest 'lan'
        option reflection '0'

config rule
        option name 'VPN'
        option src 'wan'
        option dest_port 'VPNport'
        option target 'ACCEPT'
        option family 'ipv4'
        list proto 'udp'

config forwarding
        option src 'VPN'
        option dest 'wan'

config zone
        option name 'VPN'
        list network 'VPN'
        option forward 'ACCEPT'
        option input 'REJECT'
        option output 'ACCEPT'

config rule
        option name 'VPNDNSloc'
        list proto 'udp'
        option src 'VPN'
        option dest_port portnumber
        option target 'ACCEPT'
        option family 'ipv4'
        list dest_ip '192.168.2.1'
        list dest_ip '172.16.16.1'

config rule
        option name 'VPN-VNC'
        list proto 'tcp'
        option src 'VPN'
        option dest 'lan'
        option dest_port 'VNC'
        option target 'ACCEPT'
        option family 'ipv4'
        list dest_ip 'XXX'
        list dest_ip 'XXX'
        list dest_ip 'XXXX'
        list dest_ip '1XXXX'

config rule
        option name 'MYWLAN allow DHCP DNS'
        list proto 'udp'
        option src 'MYWLAN'
        option dest_port '53 67 68'
        option target 'ACCEPT'

config rule
        option name 'MYWLAN allow DHCP DNS'
        list proto 'udp'
        option src 'MYWLAN'
        option dest_port portnumber
        option target 'ACCEPT'
        option family 'ipv4'
        option dest 'lan'
        list dest_ip '192.168.2.6'

config rule
        option name 'VPNnoLAN'
        option src 'VPN'
        option target 'REJECT'
        option dest 'lan'
        list proto 'all'

config redirect
        option dest 'lan'
        option target 'DNAT'
        option name 'VPNXXUDP-WRT'
        list proto 'udp'
        option src 'wan'
        option src_dport portnumber
        option dest_ip 'XXXX
        option dest_port 'VPNport'

config redirect
        option dest 'lan'
        option target 'DNAT'
        option name 'VPNportnumberUDP-WRT'
        list proto 'udp'
        option src 'wan'
        option src_dport 'portnumber'
        option dest_ip '1XXX'
        option dest_port 'VPNport'

config redirect
        option target 'DNAT'
        option name 'VPNUDPloc'
        list proto 'udp'
        option src 'wan'
        option src_dport portnumber
        option dest_port 'VPNport'
        option reflection_src 'external'
        option enabled '0'

config redirect
        option target 'DNAT'
        option name 'VPNportnumberUDPloc'
        list proto 'udp'
        option src 'wan'
        option src_dport 'portnumber'
        option dest_port 'VPNport'
        option enabled '0'

config rule
        option name 'VPNtoDevice'
        option src 'VPN'
        option target 'REJECT'
        list proto 'all'

config redirect
        option dest 'lan'
        option target 'DNAT'
        option name 'SyncThing'
        list proto 'tcp'
        option src 'wan'
        option src_dport 'syncthingport'
        option dest_ip 'XXXX'
        option dest_port 'syncthingport'
        option enabled '0'

config redirect
        option dest 'lan'
        option target 'DNAT'
        option name 'ORPort'
        list proto 'tcp'
        option src 'wan'
        option src_dport 'portnumber'
        option dest_ip 'XXXX'
        option dest_port 'portnumber'
        option reflection '0'

config redirect
        option dest 'lan'
        option target 'DNAT'
        option name 'obfs4'
        list proto 'tcp'
        option src 'wan'
        option src_dport 'obfs4port'
        option dest_ip 'XXXX'
        option dest_port 'obfs4port'

config redirect
        option target 'DNAT'
        option name 'Redirect DNS to Pi-hole'
        option src 'lan'
        option src_dport portnumber
        option dest_ip '192.168.2.6'
        option dest_port portnumber
        option src_ip '!192.168.2.6'
        list src_mac '!90:9A:4A:1A:DD:0D'
        option src_dip '!192.168.2.1'
        option reflection '0'
        list proto 'udp'
        option dest 'lan'

config nat
        option name 'prevent unexpected DNS MYWLAN'
        list proto 'udp'
        option src 'MYWLAN'
        option dest_port portnumber
        option target 'MASQUERADE'
        option dest_ip '!192.168.2.6'

config nat
        option name 'prevent unexpected DNS'
        option src 'lan'
        option dest_ip '192.168.2.6'
        option target 'MASQUERADE'
        list proto 'udp'
        option dest_port portnumber
        option src_ip '192.168.2.0/24'

config rule
        option name 'block 853'
        option src '*'
        option dest 'wan'
        option dest_port '853'
        option target 'REJECT'
        list src_ip '!192.168.2.6'
        list src_ip '!192.168.2.1'
        list src_ip '192.168.3.1'

config redirect
        option dest 'lan'
        option target 'DNAT'
        option src 'VPN'
        option src_dport portnumber
        option dest_ip '192.168.2.1'
        option dest_port portnumber
        option reflection '0'
        option name 'catch VPN DNS'
        list proto 'udp'
        option src_dip '!172.16.16.1'

config nat
        option name 'prevent unexpected DNS VPN'
        list proto 'udp'
        option src 'VPN'
        option dest_ip '!172.16.16.1'
        option dest_port portnumber
        option target 'MASQUERADE'

config rule
        option name 'block hardcoded DNS IP'
        option src '*'
        option dest '*'
        option target 'REJECT'
        list proto 'all'
        list dest_ip '8.8.8.8'
        list dest_ip '4.4.4.4'
        list dest_ip '1.1.1.1'
        list dest_ip '9.9.9.9'
        list dest_ip '8.8.4.4'

config zone
        option name 'MYWLAN'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        list network 'MYWLAN'

config forwarding
        option src 'MYWLAN'
        option dest 'wan'

config redirect
        option target 'DNAT'
        option name 'catch MYWLAN DNS'
        list proto 'udp'
        option src 'MYWLAN'
        option src_dip '192.168.3.1'
        option src_dport portnumber
        option dest_port portnumber
        option dest_ip '192.168.2.6'
        option dest 'lan'
        option family 'ipv4'

config redirect
        option target 'DNAT'
        option name 'catch MYWLAN DNS'
        list proto 'udp'
        option src 'MYWLAN'
        option src_dip '!192.168.3.1'
        option src_dport portnumber
        option dest_port portnumber
        option dest_ip '192.168.2.1'

i also have VLAN3 for a guest WLAN running, obviously bogus values for port numbers and IPs are obfuscation of the real ports for paranoia reasons

tcp dump while roaming from 2,4 GHz to 5 Ghz on the edge router

roaming_edge856×239 77.6 KB

all tcpdumps are captured on the edge router

tcp dump while roaming from 2,4 GHz to 5 Ghz on the ERT1900ACS, captured on the edge router

roaming_wrt836×269 91.8 KB

Stop posting pictures.

Hardware offload totally prevents roaming. For 30s to be accurate.

I tried disabling hardware offloading and it didn't fix it. It only made my internet slow as molasses.
Besides, roaming works perfectly with anything but VoIP with HW offloading turned on. I get " auth_alg=ft" in the logs for my phone and "auth_alg=open" for some stations that don't need roaming.

For testing purposes, is there a way to change that 30s to something in the hundred milisecond range?

Meanwhile i tried roaming in the guest WLAN (internally on VLAN 3, tagged on the trunk along with VLAN1 and VLAN 7) and it worked both ways. While i was on the WRT1900ACS my phone's IP and MAC did appear both as the source and destination in frames tagged VLAN 3.

After that i jumped back on my usual WLAN, roaming and VOIP worked fine in both directions, while i was on the WRT1900ACS my phone's IP and MAC did appear both as the source and destination in frames tagged VLAN 1.

Comparing the tcpdumps from when roaming worked as descrbed above and the second picture i posted in the thread ("tcpdump after roaming", VoIP broken), there is a difference in that the phone IP and MAC did not appear as a source when roaming broke VoIP, only as a destination while on the WRT1900CS.

All of this while having changed no config at all.

Please post result links wired at 3 offload levels.
https://www.waveform.com/tools/bufferbloat

Appreciate your literary effort, but c7v5 or ath79 platform in general does not support any hardware offload.

11r will freeze traffic for .3s, one will certainly hear roaming click.

What id seen in logread around roaming?

My general recommendation is to avoid 802.11r as well as k and v. They tend to cause more problems than they solve.

Make sure you have the same SSID for both 2.4 and 5G radios, and make sure you've tuned it such that neighboring APs are on non-overlapping channels and the power is adjusted (down/lower-power) to provide the best environment for the client devices to roam base on their own local logic.

the WRT1900ACS:

ubus call system board
{
        "kernel": "6.6.73",
        "hostname": "ZXXXX",
        "system": "ARMv7 Processor rev 1 (v7l)",
        "model": "Linksys WRT1900ACS",
        "board_name": "linksys,wrt1900acs",
        "rootfs_type": "squashfs",
        "release": {
                "distribution": "OpenWrt",
                "version": "24.10.0",
                "revision": "r28427-6df0e3d02a",
                "target": "mvebu/cortexa9",
                "description": "OpenWrt 24.10.0 r28427-6df0e3d02a",
                "builddate": "1738624177"
        }
}

cat /etc/config/network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fdc3:b754:3cc0::/48'
        option packet_steering '2'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'
        list ports 'lan4'
        list ports 'wan'
        option ipv6 '0'
        option bridge_empty '1'

config interface 'lan'
        option device 'br-lan.1'
        option proto 'static'
        option ipaddr '192.168.2.9'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option gateway '192.168.2.1'
        list dns '192.168.2.6'
        list dns '192.168.2.1'

config interface 'VPN'
        option proto 'none'
        option device 'tun0'
        option delegate '0'

config bridge-vlan
        option device 'br-lan'
        option vlan '1'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'
        list ports 'lan4'
        list ports 'wan:t'

config device
        option name 'br-lan.1'
        option type '8021q'
        option ifname 'br-lan'
        option vid '1'
        option ipv6 '0'

config bridge-vlan
        option device 'br-lan'
        option vlan '3'
        list ports 'wan:t'

config device
        option type 'bridge'
        option name 'br-GUEST'
        list ports 'br-lan.3'
        option ipv6 '0'

config device
        option name 'br-lan.3'
        option type '8021q'
        option ifname 'br-lan'
        option vid '3'
        option ipv6 '0'

config interface 'GUEST'
        option proto 'static'
        option device 'br-GUEST'
        option ipaddr '192.168.3.2'
        option netmask '255.255.255.0'
        option gateway '192.168.3.1'
        option defaultroute '0'

 cat /etc/config/wireless

config wifi-device 'radio0'
        option type 'mac80211'
        option path 'soc/soc:pcie/pci0000:00/0000:00:01.0/0000:01:00.0'
        option country 'DE'
        option cell_density '0'
        option htmode 'VHT80'
        option band '5g'
        option channel '40'

config wifi-iface 'default_radio0'
        option device 'radio0'
        option network 'lan'
        option mode 'ap'
        option ssid 'MYWLAN'
        option encryption 'psk2+ccmp'
        option hidden '1'
        option key 'XXXXXX'
        option wpa_disable_eapol_key_retries '1'
        option dtim_period '3'
        option ieee80211r '1'
        option mobility_domain '1111'
        option ft_over_ds '0'
        option ft_psk_generate_local '1'
        option reassociation_deadline '20000'
        option ieee80211k '1'
        option bss_transition '1'
        option nasid '00259C13BC88'
        option disassoc_low_ack '0'
        option wnm_sleep_mode '1'
        option wnm_sleep_mode_no_keys '1'

config wifi-device 'radio1'
        option type 'mac80211'
        option path 'soc/soc:pcie/pci0000:00/0000:00:02.0/0000:02:00.0'
        option channel '6'
        option band '2g'
        option htmode 'HT40'
        option country 'DE'
        option cell_density '0'
        option noscan '1'
        option txpower '20'

config wifi-iface 'default_radio1'
        option device 'radio1'
        option network 'lan'
        option mode 'ap'
        option ssid 'MYWLAN'
        option encryption 'psk2+ccmp'
        option hidden '1'
        option key 'XXXXXX'
        option ieee80211w '0'
        option wpa_disable_eapol_key_retries '1'
        option dtim_period '3'
        option ieee80211r '1'
        option mobility_domain '1111'
        option ft_over_ds '0'
        option ft_psk_generate_local '1'
        option reassociation_deadline '20000'
        option ieee80211k '1'
        option bss_transition '1'
        option nasid '00259C13BC87'
        option skip_inactivity_poll '1'
        option disassoc_low_ack '0'
        option short_preamble '0'
        option wnm_sleep_mode '1'
        option wnm_sleep_mode_no_keys '1'

config wifi-iface 'wifinet2'
        option device 'radio0'
        option mode 'ap'
        option ssid 'GUEST'
        option encryption 'psk2+ccmp'
        option hidden '1'
        option dtim_period '3'
        option key 'XXXXXX'
        option ieee80211r '1'
        option mobility_domain '3333'
        option ft_over_ds '0'
        option ft_psk_generate_local '1'
        option network 'GUEST'
        option wpa_disable_eapol_key_retries '1'
        option isolate '1'
        option macaddr 'B2:E2:A0:35:16:C8'
        option reassociation_deadline '20000'
        option ieee80211k '1'
        option bss_transition '1'
        option nasid 'B2E2A03516C8'
        option disassoc_low_ack '0'
        option wnm_sleep_mode '1'
        option wnm_sleep_mode_no_keys '1'

config wifi-iface 'wifinet3'
        option device 'radio1'
        option mode 'ap'
        option ssid 'GUEST'
        option encryption 'psk2+ccmp'
        option hidden '1'
        option dtim_period '3'
        option key 'XXXXXX'
        option ieee80211r '1'
        option mobility_domain '3333'
        option ft_over_ds '0'
        option ft_psk_generate_local '1'
        option network 'Guest'
        option isolate '1'
        option macaddr 'A2:75:E7:43:8E:10'
        option reassociation_deadline '20000'
        option ieee80211k '1'
        option bss_transition '1'
        option nasid 'A275E7438E10'
        option disassoc_low_ack '0'

Please post result links wired at 3 offload levels.

HW offloading enabled: https://www.waveform.com/tools/bufferbloat?test-id=bfa42cd2-1137-44d5-a255-31c204f945bb

Software offload: https://www.waveform.com/tools/bufferbloat?test-id=9d2f3844-4385-4af1-8f87-269e1f89304b

No offload: https://www.waveform.com/tools/bufferbloat?test-id=60220694-17d4-450e-8f5e-fc5a4479959f

c7v5 or ath79 platform in general does not support any hardware offload.

I am a bit confused now, what causes the around 400 Mbps difference in throughput when i turn HW acceleration off?
I remember a time on the earlier few 23.x versions when it was indeed completely impossible to get more than 200 Mbps, there was a huge thread about it somewhere here, then a later version fixed...whatever that was.

11r will freeze traffic for .3s, one will certainly hear roaming click

When it works it works flawlessly, no click. When it's broken it's broken both ways, no audio. I simply can't tell what triggers the switch from working to not working.
BTW, sometimes (or actually always?) when the audio drops after roaming, triggering a reconnection to the SIP server fails, whereas it would succeed during a properly functioning call.

What id seen in logread around roaming?

on the C7:

Thu Mar  6 21:07:15 2025 daemon.notice hostapd: phy0-ap0: AP-STA-DISCONNECTED 50:49:b0:89:1f:ac
Thu Mar  6 21:07:15 2025 kern.info kernel: [10761.662307] ath10k_pci 0000:00:00.0: mac flush vdev 0 drop 0 queues 0x1 ar->paused: 0x0  arvif->paused: 0x0
Thu Mar  6 21:07:15 2025 daemon.err hostapd: nl80211: kernel reports: key addition failed
Thu Mar  6 21:07:15 2025 daemon.info hostapd: phy0-ap0: STA 50:49:b0:89:1f:ac IEEE 802.11: associated (aid 1)
Thu Mar  6 21:07:15 2025 daemon.notice hostapd: phy0-ap0: AP-STA-CONNECTED 50:49:b0:89:1f:ac auth_alg=ft

on the WRT1900ACS

Thu Mar  6 20:59:32 2025 daemon.err hostapd: nl80211: kernel reports: key addition failed
Thu Mar  6 20:59:32 2025 daemon.info hostapd: phy0-ap0: STA 52:3a:fb:fe:5c:a1 IEEE 802.11: associated (aid 1)
Thu Mar  6 20:59:32 2025 daemon.notice hostapd: phy0-ap0: AP-STA-CONNECTED 52:3a:fb:fe:5c:a1 auth_alg=ft
Thu Mar  6 20:59:32 2025 daemon.notice hostapd: phy1-ap0: Prune association for 52:3a:fb:fe:5c:a1
Thu Mar  6 20:59:32 2025 daemon.notice hostapd: phy1-ap0: AP-STA-DISCONNECTED 52:3a:fb:fe:5c:a1
Thu Mar  6 21:00:02 2025 daemon.info hostapd: phy1-ap0: STA 52:3a:fb:fe:5c:a1 IEEE 802.11: deauthenticated due to inactivity (timer DEAUTH/REMOVE)
Thu Mar  6 21:06:58 2025 daemon.err hostapd: nl80211: kernel reports: key addition failed
Thu Mar  6 21:06:58 2025 daemon.info hostapd: phy0-ap0: STA 50:49:b0:89:1f:ac IEEE 802.11: associated (aid 2)
Thu Mar  6 21:06:58 2025 daemon.notice hostapd: phy0-ap0: AP-STA-CONNECTED 50:49:b0:89:1f:ac auth_alg=ft

Make sure you have the same SSID for both 2.4 and 5G radios, and make sure you've tuned it such that neighboring APs are on non-overlapping channels and the power is adjusted

The SSIDs are identical, all 4 on 4 different channels (1 and 149, respectively 6 and 40), the client does sometimes seem to stick to the WRT1900ACS longer than to the C7.

My general recommendation is to avoid 802.11r as well as k and v. They tend to cause more problems than they solve.

Imma try without them

I disabled k/v/r across the board, it didn't break the transition from one AP/freq to another and the VoIP calls were flawless. I will have to leave it like this for now and see if it exhibits the same spurious behaviour.
Fun fact, i have also used usteer at a point before starting this thread but i eventually had to give it up.

Thank you all for now!

I am still confused about the difference in performance related to the offloading, even though it is offtopic

Thats a red herring - a way to say "welcome back, i knew your key"

Unless you show measurements i am not able to believe you. My c7v5 makes 500-600Mbps depending on test with wan de-tagged. Not much space to lose 400ptd here.

With 802.11k/v/r disabled VoIP unfortunately still breaks sometimes.

Thats a red herring - a way to say "welcome back, i knew your key"

I assumed as much because i saw that in the logs both wen the audio dropped and didn't drop

Unless you show measurements i am not able to believe you.

HW offloading enabled https://www.speedtest.net/result/17471382824
SW offloading enabled https://www.speedtest.net/result/17471388499
No offloading https://www.speedtest.net/result/17471391583

Very strange, i get about same with hw and sw offloads. Next diagnostic - kerp conntrack -E | tee -a /tmp/ctlog and show state transitions around a&dio disconnect.

Can anyone make sense of the following:

The tcpdump on edge router shows only its WAN MAC and my ISP gateway's MAC when i initiate a call while connected to it and before any roaming is involved,

there is a clear back and forth between my phone as a source and destination, as well as the public IPs involved, indicative of NAT, while the audio is fine when i either initiate a call when connected to the Linksys or when i roam to it and the call is still OK,

after roaming from the Linksys back to the Archer it shows my phone's MAC and LAN IP in the destination but never as the source, during which time there is no audio and the call eventually terminates on its own, but this is not always the case at this point, because sometimes it seamlessly reverts back to showing shows only the WAN MAC and my ISP gateway's MAC as in the 1st paragraph, in which case the audio doesn't cut?

I'm just spitballing here, but is it a breakdown in the NAT somewhere along the way?

There is no way to maintain "connection" jumping across NAT.

I want to make sure that we've got a key detail correct...

There appear to be 3 devices in this setup:

• ISP device
• Router
• Bridged AP

Is the following correct:

ISP device (bridge mode) > [PPPoE wan | router | lan + wifi] > [lan | AP | wifi]

I know there is a guest network active, too, but we can ignore that in the above topology. Although that does bring up one other thing to check -- when your device roams from one AP to the other, does it stay on the same network? If it happens to jump from lan > guest or guest > lan, that will break the connection for sure.

Anyway, is the above topology correct? Importantly, the ISP device does not have WiFi enabled or any other routing, just simply acting as a bridged modem. And the 2 other devices should be lan-lan connections.

 [NEW] udp      17 60 src=VOIPclientIP dst=voipRTPserver sport=47592 dport=13804 [UNREPLIED] src=voipRTPserver dst=myWANIP sport=13804 dport=47592
 [NEW] udp      17 60 src=VOIPclientIP dst=voipRTPserver sport=37275 dport=13805 [UNREPLIED] src=voipRTPserver dst=myWANIP sport=13805 dport=37275
 [UPDATE] udp      17 86400 src=VOIPclientIP dst=voipRTPserver sport=47592 dport=13804 src=voipRTPserver dst=myWANIP sport=13804 dport=47592 [OFFLOAD]
 [UPDATE] udp      17 180 src=VOIPclientIP dst=voipRTPserver sport=47592 dport=13804 src=voipRTPserver dst=myWANIP sport=13804 dport=47592 [OFFLOAD]

second attempt

 [NEW] udp      17 60 src=VoipClientIP dst=voipRTPserver sport=44307 dport=17802 [UNREPLIED] src=voipRTPserver dst= WAN IP sport=17802 dport=44307
 [NEW] udp      17 60 src=VoipClientIP dst=voipRTPserver sport=33188 dport=17803 [UNREPLIED] src=voipRTPserver dst=WAN IP sport=17803 dport=33188
 [UPDATE] udp      17 86400 src=VoipClientIP dst=voipRTPserver sport=44307 dport=17802 src=voipRTPserver dst=WAN IP sport=17802 dport=44307 [OFFLOAD]
 [UPDATE] udp      17 180 src=VoipClientIP dst=voipRTPserver sport=44307 dport=17802 src=voipRTPserver dst=WAN IPsport=17802 dport=44307 [OFFLOAD]

It just inconspicuously breaks when running conntrack and i hang up before it would do so on its own anyway. I can provide pics of SIP flows in wireshark for the working case and the broken one, they are certainly cleaner than what i posted before.

Not quite.
FTTH -> Media converter to copper (provided by the ISP) -> 802.11q capable switch with one port tagged for VLAN7 only (WAN, tag required by ISP) connected to the media converter, one trunk port on it for VLAN7, VLAN1(my LAN), VLAN3 (guest, can be ignored) that goes into the Archer with [PPPoE wan | router | lan + wifi] into a port tagged the same. Another port on the switch is tagged with VLAN1 and VLAN3 and that one goes into the Linksys with [lan | AP | wifi]

The Archer is non DSA and the Linksys is DSA. Firewall is active on the Linksys because i have a VPN server running there.

Roaming happens only within my own WLAN, the guest one does not autoconnect. Signal, speedtest, whatever else besides VoIP is unaffected.

Do you mean across a single NAT? Because there shouldn't be any double NAT going on in VLAN1. Does WAN masquerading apply for UDP too?

To any protocol, even icmp.

So now you have 2nd wifi router but c7v5 is at fault because something changes setting nic in promisc mode with tcpdump?
How many more routers you got?

I only have what i described, the breakdowns happen in an unpredictable manner no matter from what device i roam to the other, just as it is unpredictable whether it will work or not.