Changes between Version 1 and Version 2 of wireless/wifi


Ignore:
Timestamp:
11/30/2017 06:11:03 PM (23 months ago)
Author:
Bobby Jones
Comment:

Added information previously on Yocto/Wireless that was recovered via wayback machine.

Legend:

Unmodified
Added
Removed
Modified
  • wireless/wifi

    v1 v2  
    217217  - stable release tarballs: http://w1.fi/hostapd/
    218218  - git git://w1.fi/srv/git/hostap.git (cgit: http://hostap.epitest.fi/cgit/hostap/)
     219
     220==== Access Point Configuration (AP) ====
     221By default the Yocto BSP is configured to enable a Wireless Access Point.
     222
     223The 'hostap-daemon' package provides the [https://web.archive.org/web/20170123050000/http://wireless.kernel.org/en/users/Documentation/hostapd hostapd] application which configures the radio for AP mode using configuration from /etc/hostapd.conf.
     224
     225You will need to configure /etc/hostapd.conf to specify important details such as:
     226
     227* interface
     228* driver type (the default is nl80211 which is used for all modern mac80211 drivers)
     229* bridge config
     230* ssid
     231* channel
     232* encryption
     233
     234The default {{{/etc/hostapd.conf}}} file contains detailed documentation and you can find more info [http://wireless.kernel.org/en/users/Documentation/hostapd here]. However, because every wireless cards' capabilities are vastly different from one another, Gateworks has written a script to help ascertain a proper {{{hostapd.conf}}} file. Though not 100% of the functionality mentioned in the ​[https://web.archive.org/web/20170123050000/http://wireless.kernel.org/en/users/Documentation/hostapd hostapd documentation] is supported, it does help the user create a {{{hostapd.conf}}} file specific to their wireless card.
     235
     236This script, named {{{hostapd-conf}}}, is included in our latest Yocto 1.8/Master branches. To read over the script, please click ​[https://web.archive.org/web/20170123050000/https://github.com/Gateworks/meta-gateworks/blob/master/recipes-support/hostapd-conf/hostapd-conf/hostapd-conf here].
     237
     238Usage is as follows:
     239{{{#!bash
     240root@ventana:~# ./hostapd-conf
     241hostapd-conf [OPTIONS] <iface> <ssid> <channel> [<htmode>] [<passphrase>]
     242
     243Options:
     244 --help           - This help
     245 --br-name <name> - Name of bridge
     246 --wds <0|1>      - Enable WDS
     247 --version        - Print this version: v1.0
     248
     249Example:
     250 Print channel information for wlan0 and exit:
     251  hostapd-conf wlan0
     252
     253 State wlan0 SSID is 'myssid', on channel 6 with WPA2 passphrase "nowayinside":
     254  hostapd-conf wlan0 myssid 6 nowayinside
     255
     256 State wlan0 is in named bridge br0, enable WDS, SSID 'myssid', channel 6,
     257 in HT20(802.11n), with WPA2 passphrase "nowayinside":
     258  hostapd-conf --br-name=br0 --wds=1 wlan0 myssid 6 HT20 nowayinside
     259}}}
     260
     261Below are some usage cases for this script. In these examples, a WLE900VX radio was used. Note, any information that isn't apparent in the below script may be found via the {{{iw phy phy<n> info}}} command.
     262
     263===== Step 0 : Scan Available Options =====
     264
     265To view all channels/frequencies and HT modes that can emit radiation on a specified interface, indicate just the interface:
     266{{{#!bash
     267root@ventana:~# ./hostapd-conf wlan0
     268ERROR: SSID is empty
     269
     270Available Channel Information on phy0
     271=====================================
     272Band 1:
     273Channel  Freq  Allowed HT Modes
     2740        0000  HT20 HT40 HT40+ HT40-
     2751        2412  HT20 HT40 HT40+
     2762        2417  HT20 HT40 HT40+
     2773        2422  HT20 HT40 HT40+
     2784        2427  HT20 HT40 HT40+
     2795        2432  HT20 HT40 HT40+ HT40-
     2806        2437  HT20 HT40 HT40+ HT40-
     2817        2442  HT20 HT40 HT40+ HT40-
     2828        2447  HT20 HT40 HT40+ HT40-
     2839        2452  HT20 HT40 HT40+ HT40-
     28410       2457  HT20 HT40 HT40-
     28511       2462  HT20 HT40 HT40-
     286
     287Band 2:
     288Channel  Freq  Allowed HT Modes
     2890        0000  HT20 HT40 HT40+ HT40- VHT20 VHT40 VHT80
     29036       5180  HT20 HT40 HT40+ VHT20 VHT40 VHT80
     29140       5200  HT20 HT40 HT40- VHT20 VHT40 VHT80
     29244       5220  HT20 HT40 HT40+ VHT20 VHT40 VHT80
     29348       5240  HT20 HT40 HT40- VHT20 VHT40 VHT80
     294149      5745  HT20 HT40 HT40+ VHT20 VHT40 VHT80
     295153      5765  HT20 HT40 HT40- VHT20 VHT40 VHT80
     296157      5785  HT20 HT40 HT40+ VHT20 VHT40 VHT80
     297161      5805  HT20 HT40 HT40- VHT20 VHT40 VHT80
     298165      5825  HT20 HT40 HT40+ VHT20 VHT40 VHT80
     299}}}
     300===== Step 1 : Configure Access Point =====
     301
     302'''2.4GHz 802.11g'''
     303
     304To create a {{{hostapd.conf}}} file in the 2.4GHz range, using 802.11g technology:
     305{{{#!bash
     306root@ventana:~# ./hostapd-conf wlan0 test-ssid 6
     307Settings:
     308 IFACE:   wlan0
     309 PHY:     phy0
     310 SSID:    test-ssid
     311 CHANNEL: 6
     312 FREQ:    2437
     313 BANDS:   1 2
     314 HWMODE:  g
     315
     316Written to hostapd-phy0.conf
     317root@ventana:~# cat hostapd-phy0.conf
     318# For more options, please visit the following:
     319#  http://linuxwireless.org/en/users/Documentation/hostapd/
     320driver=nl80211
     321logger_syslog=-1
     322logger_syslog_level=2
     323logger_stdout=-1
     324logger_stdout_level=2
     325# a=5GHz, g=2.4GHz
     326hw_mode=g
     327# channel=0 turns on ACS survey
     328channel=6
     329# Please take the following into consideration:
     330# Country code (ISO/IEC 3166-1). Used to set regulatory domain.
     331# Set as needed to indicate country in which device is operating.
     332# This can limit available channels and transmit power.
     333#country_code=US
     334# Enable IEEE 802.11d. This advertises the country_code and the set of allowed
     335# channels and transmit power levels based on the regulatory limits. The
     336# country_code setting must be configured with the correct country for
     337# IEEE 802.11d functions.
     338# (default: 0 = disabled)
     339#ieee80211d=1
     340# Enable IEEE 802.11h. This enables radar detection and DFS support if
     341# available. DFS support is required on outdoor 5 GHz channels in most countries
     342# of the world. This can be used only with ieee80211d=1.
     343# (default: 0 = disabled)
     344#ieee80211h=1
     345interface=wlan0
     346ctrl_interface=/var/run/hostapd
     347ctrl_interface_group=0
     348disassoc_low_ack=1
     349preamble=1
     350wmm_enabled=1
     351macaddr_acl=0
     352auth_algs=1
     353ignore_broadcast_ssid=0
     354ssid=test-ssid
     355ieee80211n=0
     356ieee80211ac=0
     357}}}
     358'''5.8GHz 802.11ac'''
     359
     360To create a {{{hostapd.conf}}} file in the 5GHz range, using 802.11ac technology, plus WPA2 encryption:
     361{{{#!bash
     362root@ventana:~# ./hostapd-conf wlan0 test-ssid 157 VHT80 nowayinside
     363Settings:
     364 IFACE:      wlan0
     365 PHY:        phy0
     366 SSID:       test-ssid
     367 CHANNEL:    157
     368 FREQ:       5785
     369 BANDS:      1 2
     370 HWMODE:     a
     371 HTMODE:     VHT80
     372 PASSPHRASE: nowayinside
     373
     374Written to hostapd-phy0.conf
     375root@ventana:~# cat hostapd-phy0.conf
     376# For more options, please visit the following:
     377#  http://linuxwireless.org/en/users/Documentation/hostapd/
     378driver=nl80211
     379logger_syslog=-1
     380logger_syslog_level=2
     381logger_stdout=-1
     382logger_stdout_level=2
     383# a=5GHz, g=2.4GHz
     384hw_mode=a
     385# channel=0 turns on ACS survey
     386channel=157
     387# Please take the following into consideration:
     388# Country code (ISO/IEC 3166-1). Used to set regulatory domain.
     389# Set as needed to indicate country in which device is operating.
     390# This can limit available channels and transmit power.
     391#country_code=US
     392# Enable IEEE 802.11d. This advertises the country_code and the set of allowed
     393# channels and transmit power levels based on the regulatory limits. The
     394# country_code setting must be configured with the correct country for
     395# IEEE 802.11d functions.
     396# (default: 0 = disabled)
     397#ieee80211d=1
     398# Enable IEEE 802.11h. This enables radar detection and DFS support if
     399# available. DFS support is required on outdoor 5 GHz channels in most countries
     400# of the world. This can be used only with ieee80211d=1.
     401# (default: 0 = disabled)
     402#ieee80211h=1
     403interface=wlan0
     404ctrl_interface=/var/run/hostapd
     405ctrl_interface_group=0
     406disassoc_low_ack=1
     407preamble=1
     408wmm_enabled=1
     409macaddr_acl=0
     410auth_algs=1
     411ignore_broadcast_ssid=0
     412# Put a 3 here if you want both WPA/WPA2
     413wpa=2
     414wpa_passphrase=nowayinside
     415wpa_key_mgmt=WPA-PSK
     416wpa_pairwise=TKIP
     417rsn_pairwise=CCMP
     418ssid=test-ssid
     419ieee80211n=1
     420ht_capab=[HT40+][LDPC][SHORT-GI-20][SHORT-GI-40][TX-STBC][RX-STBC1][DSSS_CCK-40]
     421ieee80211ac=1
     422vht_oper_chwidth=1
     423vht_oper_centr_freq_seg0_idx=155
     424vht_capab=[RXLDPC][SHORT-GI-80][TX-STBC-2BY1][RX-ANTENNA-PATTERN][TX-ANTENNA-PATTERN][RX-STBC1][MAX-MPDU-11454][MAX-A-MPDU-LEN-EXP7]
     425}}}
     426===== Step 2 : Copy Access Point Configuration =====
     427
     428After the {{{hostapd-<phy>.conf}}} file has been created and any edits have been made (if any), you may either:
     429
     4301. Copy the {{{hostapd-phy.conf}}} file over {{{/etc/hostapd.conf}}} and restart hostapd, noting that {{{/etc/network/interfaces}}} isn't configuring the wlan interface automatically (e.g. make sure no {{{auto wlan0}}} exists in {{{/etc/network/interfaces}}})
     431{{{#!bash
     432mv /etc/hostapd.conf /etc/hostapd.conf.bak # Backup original hostapd.conf file
     433cp hostapd-phy0.conf /etc/hostapd.conf
     434/etc/init.d/hostapd restart
     435}}}
     4361. Run hostapd using this new conf file, knowing that the settings won't persist over a new boot:
     437{{{#!bash
     438root@ventana:~# /etc/init.d/hostapd stop
     439root@ventana:~# hostapd -B hostapd-phy0.conf
     440Configuration file: hostapd-phy0.conf
     441[ 1825.468968] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
     442wlan0: interface state UNINITIALIZED->HT_SCAN
     443[ 1825.636135] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
     444}}}
     445At this point your wlan0 interface should be up and authenticating with WiFi clients and the next step is to configure IP networking (below).
     446
     447==== Routed Access Point ====
     448
     449A routed Access Point is used when you want the wireless network to have its own DHCP server and network. In this case traffic is routed across the WAN (Wide Area Network) interface (ie eth0) and WLAN (Wireless Local Area Network) interface (ie wlan0). This is the typical configuration for a wireless access point.
     450
     451For this you need:
     452
     453* the WAN (Wide Area Network) interface (ie eth0) should have an IP configuration from the WAN segment from the upstream Internet provider
     454* the WLAN network interface (ie wlan0) should be assigned a static address on a private network
     455* A DHCP server (ie dnsmasq) configured to serve a private IP address range on the WLAN network interface (ie wlan0)
     456* Network Address Translation (NAT) routing configuration using Linux iptables and Linux kernel netfilter support
     457* ip forwarding enabled in kernel
     458
     459Configuration:
     460
     4611. configure your WAN and WLAN interfaces in /etc/network/interfaces. Here we will use eth0 as our WAN configured to obtain IP configuration via DHCP from the upstream provider and wlan0 as our WLAN configured with a DHCP server for a private subnet on the 10.0.0/24 network:
     462{{{#!bash
     463cat << EOF > /etc/network/interfaces
     464# WAN interface
     465auto eth0
     466iface eth0 inet dhcp
     467
     468# WLAN interface
     469auto wlan0
     470iface wlan0 inet static
     471        address 10.0.0.1
     472        netmask 255.255.255.0
     473
     474# NAT configuration via iptables
     475post-up iptables-restore < /etc/iptables.ipv4.nat
     476EOF
     477}}}
     4781. configure dnsmasq. Here we will configure it to serve addresses on the 10.0.0/24 network with a pool of 190 addresses from .10 to .200 with a 2hour lease:
     479{{{#!bash
     480cat << EOF > /etc/dnsmasq.conf
     481interface=wlan0
     482dhcp-range=10.0.0.10,10.0.0.200,2h
     483EOF
     484}}}
     4851. configure Linux NAT routing. We will do this for the current boot and use that configuration to store hooks for subsequent reboots:
     486{{{#!bash
     487# enable forwarding on bootup
     488echo net.ipv4.ip_forward=1 >> /etc/sysctl.conf
     489
     490# configure NAT via iptables and then save its config to the restore script
     491iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
     492iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
     493iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT
     494iptables-save > /etc/iptables.ipv4.nat
     495chmod +x /etc/iptables.ipv4.nat
     496}}}
     4971. restart networking and enable forwarding (or sync and reboot at this point instead):
     498{{{#!bash
     499/etc/init.d/networking restart
     500echo 1 > /proc/sys/net/ipv4/ip_forward
     501}}}
     502==== Bridged Access Point ====
     503
     504A bridged Access Point is used to provide an a Wireless Access Point on a LAN that already has a DHCP server and creates a bridge between the LAN interface and the WIFI interface such that wireless client DHCP requests will be bridged to the LAN and answered from there.
     505
     506For this you need:
     507
     508* bridge-utils package
     509* CONFIG_BRIDGE support in kernel (default in our Yocto kernel)
     510* ip forwarding enabled in kernel
     5111. create a bridge between your wifi interface and your lan interface. For example, assuming wlan0 and eth0:
     512{{{#!bash
     513# create a bride and add interfaces to it
     514brctl addbr br0
     515brctl addif br0 eth0
     516brctl addif br0 wlan0
     517# bring it up
     518ifconfig br0 up
     519# use DHCP to assign IP info
     520udhcpc -i br0
     521}}}
     522 * Note that you can use /etc/network/interfaces to bring up and configure the bridge, but if you are using a fairly limited ifup/ifdown (like busybox) you will probably need to create the bridge first (ie in an init script prior to networking coming up)
     5231. enable IP forwarding:
     524 {{{#!bash
     525echo 1 > /proc/sys/net/ipv4/ip_forward
     526}}}
     527 * you can enable IP forwarding on bootup with:
     528  {{{#!bash
     529echo net.ipv4.ip_forward=1 >> /etc/sysctl.conf
     530}}}
     531Note that if your intention is to also create a wireless client bridge where a wireless client connection is bridging its wireless to a local Ethernet network you will need to enable WDS/4-addr header parsing on both the Access Point and the Client. To do this on the Access Point, add the following to {{{/etc/hostapd.conf}}}:
     532{{{#!bash
     533wds_sta=1
     534}}}
     535Alternatively, if using the {{{hostapd-conf}}} script, an option exists to enable this feature via {{{--wds=1}}}.
     536
     537===== Troubleshooting =====
     538If encountering issues:
     539
     540* ensure both hostapd and wpa_supplicant are not both trying to manage the interface (ie you have it configured for both AP and Client mode)
     541* ensure your client can see the AP (ie {{{iw dev wlan0}}} scan for a Linux client, or use a wireless scanner such as 'Wifi Analyzer' on an Android device)
     542* For client mode ensure the kernel shows that you are associated with the AP. You should see {{{wlan0: associated}}} in the kernel messages
     543* check your encryption settings
     544* if you can ping between the AP and the client directly but not get through them:
     545 * check your routing configuration (ie via {{{route -n}}} on Linux) and make sure you have a proper gateway
     546 * if trying to bridge wireless to ethernet networks ensure 'both' the AP and the Client have 4addr header parsing enabled
     547* if DNS resolution is not occurring first make sure you can ping the nameserver by IP
    219548
    220549=== wpa-supplicant ===