Hello!Ubiquiti UniFi AC Pro to OpenWrt 23.05.5 and all look like good. But sometimes youtube music on Samsung Android Tablet via Wifi take some lags for 3-5 secods. It look like music slowing down playing speed. And after 3-5 secods recover normal work.
Summary
I have Intenet service provider 3BB with guaranted speed 300Mbit/sec.
What Can be wrong?
P.S. Before flashing my AP to OpenWRT all was fine...
Two things to do:
Does the issue manifest if you connect your computer via ethernet to your router? Please test this, and then use the same computer to test on wifi.
Let's look at your config. starting with the AP.
Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall
I can't connect Tablet to Ethernet via cable. No port for this.
root@ddweed:~# ubus call system board
{
"kernel": "5.15.167",
"hostname": "ddweed.wifi",
"system": "Qualcomm Atheros QCA956X ver 1 rev 0",
"model": "Ubiquiti UniFi AC Pro",
"board_name": "ubnt,unifiac-pro",
"rootfs_type": "squashfs",
"release": {
"distribution": "OpenWrt",
"version": "23.05.5",
"revision": "r24106-10cc5fcd00",
"target": "ath79/generic",
"description": "OpenWrt 23.05.5 r24106-10cc5fcd00"
}
}
root@ddweed:~# cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd60:c37b:9001::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0.1'
config interface 'lan'
option device 'br-lan'
option proto 'dhcp'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '0t 2 3'
option vid '1'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '0t 2t'
option vid '256'
config switch_vlan
option device 'switch0'
option vlan '3'
option ports '0t 2t'
option vid '512'
config switch_vlan
option device 'switch0'
option vlan '4'
option ports '0t 2t'
option vid '192'
config device
option type 'bridge'
option name 'br-free'
list ports 'eth0.512'
config device
option type 'bridge'
option name 'br-backup'
option bridge_empty '1'
config device
option type 'bridge'
option name 'br-ddweed'
list ports 'eth0.192'
option bridge_empty '1'
config device
option type 'bridge'
option name 'br-panka'
list ports 'eth0.256'
option bridge_empty '1'
config interface 'free'
option proto 'dhcp'
option device 'br-free'
option force_link '1'
option dns_metric '10'
option metric '10'
config interface 'backup'
option proto 'static'
option device 'br-backup'
option ipaddr '192.168.190.1'
option netmask '255.255.255.0'
option defaultroute '0'
option delegate '0'
config interface 'ddweed'
option proto 'dhcp'
option device 'br-ddweed'
option dns_metric '20'
option metric '20'
option delegate '0'
root@ddweed:~# cat /etc/config/wireless
ewall
config wifi-device 'radio0'
option type 'mac80211'
option path 'pci0000:00/0000:00:00.0'
option channel '52'
option band '5g'
option htmode 'VHT80'
option cell_density '0'
option country 'PH'
config wifi-iface 'default_radio0'
option device 'radio0'
option network 'lan'
option mode 'ap'
option ssid 'THE COVE PUB WIFI'
option encryption 'sae-mixed'
option key '***'
option wpa_disable_eapol_key_retries '1'
option ieee80211k '1'
option time_advertisement '2'
option time_zone '<+07>-7'
option wnm_sleep_mode '1'
option wnm_sleep_mode_no_keys '1'
option bss_transition '1'
option proxy_arp '1'
config wifi-device 'radio1'
option type 'mac80211'
option path 'platform/ahb/18100000.wmac'
option channel '3'
option band '2g'
option htmode 'HT40'
option cell_density '0'
config wifi-iface 'default_radio1'
option device 'radio1'
option network 'lan'
option mode 'ap'
option ssid 'THE COVE PUB WIFI'
option encryption 'sae-mixed'
option key '***'
option wpa_disable_eapol_key_retries '1'
option ieee80211k '1'
option time_advertisement '2'
option time_zone '<+07>-7'
option wnm_sleep_mode '1'
option wnm_sleep_mode_no_keys '1'
option bss_transition '1'
option proxy_arp '1'
config wifi-iface 'wifinet2'
option device 'radio0'
option mode 'ap'
option ssid 'THE COVE PUB FREE WIFI'
option encryption 'owe'
option ieee80211w '1'
option network 'free'
option ieee80211k '1'
option time_advertisement '2'
option time_zone '<+07>-7'
option wnm_sleep_mode '1'
option wnm_sleep_mode_no_keys '1'
option bss_transition '1'
option proxy_arp '1'
config wifi-iface 'wifinet3'
option device 'radio1'
option mode 'ap'
option ssid 'THE COVE PUB FREE WIFI'
option encryption 'owe'
option ieee80211w '1'
option network 'free'
option ieee80211k '1'
option time_advertisement '2'
option time_zone '<+07>-7'
option wnm_sleep_mode '1'
option wnm_sleep_mode_no_keys '1'
option bss_transition '1'
option proxy_arp '1'
config wifi-iface 'wifinet4'
option device 'radio0'
option mode 'ap'
option ssid 'DD Weed'
option encryption 'none'
option network 'ddweed'
option ieee80211k '1'
option time_advertisement '2'
option time_zone '<+07>-7'
option wnm_sleep_mode '1'
option wnm_sleep_mode_no_keys '1'
option bss_transition '1'
option proxy_arp '1'
config wifi-iface 'wifinet5'
option device 'radio1'
option mode 'ap'
option ssid 'DD Weed'
option encryption 'none'
option network 'ddweed'
option ieee80211k '1'
option time_advertisement '2'
option time_zone '<+07>-7'
option wnm_sleep_mode '1'
option wnm_sleep_mode_no_keys '1'
option bss_transition '1'
option proxy_arp '1'
config wifi-iface 'wifinet6'
option device 'radio1'
option mode 'ap'
option ssid 'BackUp-51F9CD'
option encryption 'sae'
option key 'backup'
option network 'backup'
root@ddweed:~# cat /etc/config/dhcp
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option cachesize '1000'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option nonwildcard '1'
option localservice '1'
option ednspacket_max '1232'
option filter_aaaa '0'
option filter_a '0'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
option ignore '1'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config dhcp 'backup'
option interface 'backup'
option start '100'
option limit '150'
option leasetime '12h'
option force '1'
root@ddweed:~# cat /etc/config/firewall
config defaults
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option synflood_protect '1'
config zone
option name 'lan'
list network 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option masq '1'
config zone
option name 'free'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
list network 'free'
option masq '1'
config zone
option name 'backup'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list network 'backup'
config zone
option name 'ddweed'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
list network 'ddweed'
option masq '1'
config forwarding
option src 'backup'
option dest 'ddweed'
config forwarding
option src 'backup'
option dest 'free'
config forwarding
option src 'backup'
option dest 'lan'
config forwarding
option src 'lan'
option dest 'backup'
config forwarding
option src 'lan'
option dest 'ddweed'
config rule
option name 'From ROUTER'
option target 'ACCEPT'
option src '*'
list proto 'all'
list src_ip '192.168.1.1'
list src_ip '192.168.192.1'
list src_ip '192.168.12.1'
There's a lot going on that is theoretically not necessary here.... for example, is your main router handling all the routing? If so, you don't need the vast majority of the stuff you have in the firewall and a whole bunch of stuff that exists in the network config file...
Then, you have 802.11k enabled which can cause problems, as may sae-mixed mode encryption. Further, there are a whole bunch of uncommon (and likely problematic) wifi settings. I'd recommend that you make a backup, then delete the /etc/config/wifi file and then issue the wifi command to regenerate the base file. From there, don't make any changes except for the SSID names, encryption type (use WPA2 or WPA3 only), passphrase, and network association. And obviously enable the SSIDs. Then test again.
Thx. You mean this?
root@router:~# cat /etc/sysctl.d/99-nf-conntrack-fix.conf
net.netfilter.nf_conntrack_udp_timeout=300
net.netfilter.nf_conntrack_udp_timeout_stream=60
brada4
February 14, 2025, 7:08am
7
you can add params to sysctl.conf
I has do that all. This options as results of experinments....
brada4
February 14, 2025, 7:12am
9
Helped me, 300s is longest i found in http3 servers namely jetty
What experiments? Seems like you got yourself into a position where things are not working well, so what and how were you testing to arrive at these settings?
There's a lot there that is extremely odd or potentially problematic... for example, I'd recommend removing all of this:
And not using sae-mixed, instead using either WPA2 or WPA3 only.:
Spider84:
ieee80211k
I turned only now for checking tha t this not apply any changes
Right now I has switched MIXED off and turned on only WPA2 (because some devices, lot of them don't support SAE
psherman
February 14, 2025, 7:52am
12
psherman
February 14, 2025, 8:20pm
13
Trying to firewall UDP.433 for all clients so this force YouTube to use TCP (confirmed by tcpdump)
Using AP last days with next settings. Lags are exists. (Backup interface for configre AP localy)
root@ddweed:~# cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd60:c37b:9001::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0.1'
config interface 'lan'
option device 'br-lan'
option proto 'dhcp'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '0t 2 3'
option vid '1'
config device
option type 'bridge'
option name 'br-backup'
option bridge_empty '1'
config interface 'backup'
option proto 'static'
option device 'br-backup'
option ipaddr '192.168.190.1'
option netmask '255.255.255.0'
option defaultroute '0'
option delegate '0'
root@ddweed:~# cat /etc/config/wireless
config wifi-device 'radio0'
option type 'mac80211'
option path 'pci0000:00/0000:00:00.0'
option channel '52'
option band '5g'
option htmode 'VHT80'
option cell_density '0'
option country 'PA'
config wifi-iface 'default_radio0'
option device 'radio0'
option network 'lan'
option mode 'ap'
option ssid 'THE COVE PUB WIFI'
option encryption 'psk2+ccmp'
option key '***'
config wifi-device 'radio1'
option type 'mac80211'
option path 'platform/ahb/18100000.wmac'
option channel '3'
option band '2g'
option htmode 'HT40'
option cell_density '0'
option country 'PA'
config wifi-iface 'default_radio1'
option device 'radio1'
option network 'lan'
option mode 'ap'
option ssid 'THE COVE PUB WIFI'
option encryption 'psk2+ccmp'
option key '***'
config wifi-iface 'wifinet6'
option device 'radio1'
option mode 'ap'
option ssid 'BackUp-51F9CD'
option encryption 'sae'
option key 'backup113162'
option network 'backup'
root@ddweed:~# cat /etc/config/dhcp
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option cachesize '1000'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option nonwildcard '1'
option localservice '1'
option ednspacket_max '1232'
option filter_aaaa '0'
option filter_a '0'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config dhcp 'backup'
option interface 'backup'
option start '100'
option limit '150'
option leasetime '12h'
option force '1'
root@ddweed:~# cat /etc/config/firewall
config defaults
option input 'DROP'
option output 'ACCEPT'
option forward 'DROP'
config zone
option name 'lan'
list network 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'DROP'
config zone
option name 'backup'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list network 'backup'
So. You will laught but.... problem was not in Wifi.
KOA
February 27, 2025, 6:44pm
16
Change you Wifi Channel.
Bluetooth, Zigbee and WiFi 2.4GHz all use 2.4Ghz band.
I tried all channels in 2.4 GHz (with 20/40 MHz widths). There was always lag. Only switching off 2.4 GHz helped. That's not important now. I replaced that AP with another one, and everything works fine. The new AP also runs OpenWRT. I suspect a problem with the Wi-Fi implementation in the Wi-Fi driver of the problematic AP.
system
March 10, 2025, 2:23am
19
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.
