I always have a WG connection live on my phone, and often when roaming between my two APs, the connection will drop. Sometimes it doesn't come back at all until I manually disconnect and reconnect, sometimes it comes back after waiting for a few minutes; rarely, does it seamlessly continue to work without any noticeable drop. The reason the disruptions are brought to my notice is while roaming, a YouTube podcast might be playing on NewPipe or music on a streaming app (both over VPN). For context, I'll describe three things: the WG client apps, my current Wi-Fi setup and couple scenarios where WG didn't drop while roaming.
I've tried three different WireGuard apps, and they behaved identically on raoming:
- official WireGuard Android app (Go implementation)
- Cloudflare's 220.127.116.11 for its Warp service
- Proton VPN
On the WG client, I have the configuration files for the Warp and Proton VPN services.
For my Wi-Fi setup, there are two APs, with same SSID and WPA3:
- Belkin RT3200; also the router, broadcasting 802.11b/g/n and ac/ax/n on the 2.4GHz and 5GHz radios respectively
- TP-Link Archer C7 v5; only broadcasting 802.11ac/n on 5GHz, 2.5GHz radio disabled
While I'd love to have a 5GHz-only environment, there are devices which responds abysmally at certain locations whereas other operate just fine. Without 802.11r, roaming on my device seemed to work fine (besides the WG issue), but I don't remember checking how fast it switched or if it retained same IP while switching APs.
I've enabled 802.11r on all SSIDs, and it seems to function fine; I don't know specific apps that might be used to confirm its enablement, but I've observed on WiFIAnalyzer (from F-Droid), that AP switching does seem to happen fast enough, and it retains the same IP while roaming.
Finally, with the WG apps I mentioned, I have experience roaming in other enterprise network deployments where WG connection never dropped. I've either streamed or talked over VoIP in those networks over the active VPN connection. Of the enterprise networks, I know for a fact that one of them was a Cisco-based deployment (gathered from the captive portal) and the other is Xiaomi-based (I know of the AP installation).
I know this was a lengthy write up just to describe the context and my experience, but would any of you happen to know how to figure out the issue? It's not really a deal-breaker for me, it's quite annoying but certainly functional, and I'm all into not having proprietary blackboxes anywhere. At the same time if there's a solution, I'd love for it to work flawlessly.