Context Navigation

Changes between Version 1 and Version 2 of wireless/wifi

Timestamp:: 11/30/2017 06:11:03 PM (6 years ago)
Author:: Bobby Jones
Comment:: Added information previously on Yocto/Wireless that was recovered via wayback machine.

Legend:

: Unmodified
: Added
: Removed
: Modified

wireless/wifi

-              v1
+              v2
   - stable release tarballs: http://w1.fi/hostapd/
   - git git://w1.fi/srv/git/hostap.git (cgit: http://hostap.epitest.fi/cgit/hostap/)
+==== Access Point Configuration (AP) ====
+By default the Yocto BSP is configured to enable a Wireless Access Point.
+The 'hostap-daemon' package provides the [https://web.archive.org/web/20170123050000/http://wireless.kernel.org/en/users/Documentation/hostapd hostapd] application which configures the radio for AP mode using configuration from /etc/hostapd.conf.
+You will need to configure /etc/hostapd.conf to specify important details such as:
+* interface
+* driver type (the default is nl80211 which is used for all modern mac80211 drivers)
+* bridge config
+* ssid
+* channel
+* encryption
+The default {{{/etc/hostapd.conf}}} file contains detailed documentation and you can find more info [http://wireless.kernel.org/en/users/Documentation/hostapd here]. However, because every wireless cards' capabilities are vastly different from one another, Gateworks has written a script to help ascertain a proper {{{hostapd.conf}}} file. Though not 100% of the functionality mentioned in the [https://web.archive.org/web/20170123050000/http://wireless.kernel.org/en/users/Documentation/hostapd hostapd documentation] is supported, it does help the user create a {{{hostapd.conf}}} file specific to their wireless card.
+This script, named {{{hostapd-conf}}}, is included in our latest Yocto 1.8/Master branches. To read over the script, please click [https://web.archive.org/web/20170123050000/https://github.com/Gateworks/meta-gateworks/blob/master/recipes-support/hostapd-conf/hostapd-conf/hostapd-conf here].
+Usage is as follows:
+{{{#!bash
+root@ventana:~# ./hostapd-conf
+hostapd-conf [OPTIONS] <iface> <ssid> <channel> [<htmode>] [<passphrase>]
+Options:
+ --help           - This help
+ --br-name <name> - Name of bridge
+ --wds <0|1>      - Enable WDS
+ --version        - Print this version: v1.0
+Example:
+ Print channel information for wlan0 and exit:
+  hostapd-conf wlan0
+ State wlan0 SSID is 'myssid', on channel 6 with WPA2 passphrase "nowayinside":
+  hostapd-conf wlan0 myssid 6 nowayinside
+ State wlan0 is in named bridge br0, enable WDS, SSID 'myssid', channel 6,
+ in HT20(802.11n), with WPA2 passphrase "nowayinside":
+  hostapd-conf --br-name=br0 --wds=1 wlan0 myssid 6 HT20 nowayinside
+}}}
+Below are some usage cases for this script. In these examples, a WLE900VX radio was used. Note, any information that isn't apparent in the below script may be found via the {{{iw phy phy<n> info}}} command.
+===== Step 0 : Scan Available Options =====
+To view all channels/frequencies and HT modes that can emit radiation on a specified interface, indicate just the interface:
+{{{#!bash
+root@ventana:~# ./hostapd-conf wlan0
+ERROR: SSID is empty
+Available Channel Information on phy0
+=====================================
+Band 1:
+Channel  Freq  Allowed HT Modes
+        0000  HT20 HT40 HT40+ HT40-
+        2412  HT20 HT40 HT40+
+        2417  HT20 HT40 HT40+
+        2422  HT20 HT40 HT40+
+        2427  HT20 HT40 HT40+
+        2432  HT20 HT40 HT40+ HT40-
+        2437  HT20 HT40 HT40+ HT40-
+        2442  HT20 HT40 HT40+ HT40-
+        2447  HT20 HT40 HT40+ HT40-
+        2452  HT20 HT40 HT40+ HT40-
+       2457  HT20 HT40 HT40-
+       2462  HT20 HT40 HT40-
+Band 2:
+Channel  Freq  Allowed HT Modes
+        0000  HT20 HT40 HT40+ HT40- VHT20 VHT40 VHT80
+       5180  HT20 HT40 HT40+ VHT20 VHT40 VHT80
+       5200  HT20 HT40 HT40- VHT20 VHT40 VHT80
+       5220  HT20 HT40 HT40+ VHT20 VHT40 VHT80
+       5240  HT20 HT40 HT40- VHT20 VHT40 VHT80
+      5745  HT20 HT40 HT40+ VHT20 VHT40 VHT80
+      5765  HT20 HT40 HT40- VHT20 VHT40 VHT80
+      5785  HT20 HT40 HT40+ VHT20 VHT40 VHT80
+      5805  HT20 HT40 HT40- VHT20 VHT40 VHT80
+      5825  HT20 HT40 HT40+ VHT20 VHT40 VHT80
+}}}
+===== Step 1 : Configure Access Point =====
+'''2.4GHz 802.11g'''
+To create a {{{hostapd.conf}}} file in the 2.4GHz range, using 802.11g technology:
+{{{#!bash
+root@ventana:~# ./hostapd-conf wlan0 test-ssid 6
+Settings:
+ IFACE:   wlan0
+ PHY:     phy0
+ SSID:    test-ssid
+ CHANNEL: 6
+ FREQ:    2437
+ BANDS:   1 2
+ HWMODE:  g
+Written to hostapd-phy0.conf
+root@ventana:~# cat hostapd-phy0.conf
+# For more options, please visit the following:
+#  http://linuxwireless.org/en/users/Documentation/hostapd/
+driver=nl80211
+logger_syslog=-1
+logger_syslog_level=2
+logger_stdout=-1
+logger_stdout_level=2
+# a=5GHz, g=2.4GHz
+hw_mode=g
+# channel=0 turns on ACS survey
+channel=6
+# Please take the following into consideration:
+# Country code (ISO/IEC 3166-1). Used to set regulatory domain.
+# Set as needed to indicate country in which device is operating.
+# This can limit available channels and transmit power.
+#country_code=US
+# Enable IEEE 802.11d. This advertises the country_code and the set of allowed
+# channels and transmit power levels based on the regulatory limits. The
+# country_code setting must be configured with the correct country for
+# IEEE 802.11d functions.
+# (default: 0 = disabled)
+#ieee80211d=1
+# Enable IEEE 802.11h. This enables radar detection and DFS support if
+# available. DFS support is required on outdoor 5 GHz channels in most countries
+# of the world. This can be used only with ieee80211d=1.
+# (default: 0 = disabled)
+#ieee80211h=1
+interface=wlan0
+ctrl_interface=/var/run/hostapd
+ctrl_interface_group=0
+disassoc_low_ack=1
+preamble=1
+wmm_enabled=1
+macaddr_acl=0
+auth_algs=1
+ignore_broadcast_ssid=0
+ssid=test-ssid
+ieee80211n=0
+ieee80211ac=0
+}}}
+'''5.8GHz 802.11ac'''
+To create a {{{hostapd.conf}}} file in the 5GHz range, using 802.11ac technology, plus WPA2 encryption:
+{{{#!bash
+root@ventana:~# ./hostapd-conf wlan0 test-ssid 157 VHT80 nowayinside
+Settings:
+ IFACE:      wlan0
+ PHY:        phy0
+ SSID:       test-ssid
+ CHANNEL:    157
+ FREQ:       5785
+ BANDS:      1 2
+ HWMODE:     a
+ HTMODE:     VHT80
+ PASSPHRASE: nowayinside
+Written to hostapd-phy0.conf
+root@ventana:~# cat hostapd-phy0.conf
+# For more options, please visit the following:
+#  http://linuxwireless.org/en/users/Documentation/hostapd/
+driver=nl80211
+logger_syslog=-1
+logger_syslog_level=2
+logger_stdout=-1
+logger_stdout_level=2
+# a=5GHz, g=2.4GHz
+hw_mode=a
+# channel=0 turns on ACS survey
+channel=157
+# Please take the following into consideration:
+# Country code (ISO/IEC 3166-1). Used to set regulatory domain.
+# Set as needed to indicate country in which device is operating.
+# This can limit available channels and transmit power.
+#country_code=US
+# Enable IEEE 802.11d. This advertises the country_code and the set of allowed
+# channels and transmit power levels based on the regulatory limits. The
+# country_code setting must be configured with the correct country for
+# IEEE 802.11d functions.
+# (default: 0 = disabled)
+#ieee80211d=1
+# Enable IEEE 802.11h. This enables radar detection and DFS support if
+# available. DFS support is required on outdoor 5 GHz channels in most countries
+# of the world. This can be used only with ieee80211d=1.
+# (default: 0 = disabled)
+#ieee80211h=1
+interface=wlan0
+ctrl_interface=/var/run/hostapd
+ctrl_interface_group=0
+disassoc_low_ack=1
+preamble=1
+wmm_enabled=1
+macaddr_acl=0
+auth_algs=1
+ignore_broadcast_ssid=0
+# Put a 3 here if you want both WPA/WPA2
+wpa=2
+wpa_passphrase=nowayinside
+wpa_key_mgmt=WPA-PSK
+wpa_pairwise=TKIP
+rsn_pairwise=CCMP
+ssid=test-ssid
+ieee80211n=1
+ht_capab=[HT40+][LDPC][SHORT-GI-20][SHORT-GI-40][TX-STBC][RX-STBC1][DSSS_CCK-40]
+ieee80211ac=1
+vht_oper_chwidth=1
+vht_oper_centr_freq_seg0_idx=155
+vht_capab=[RXLDPC][SHORT-GI-80][TX-STBC-2BY1][RX-ANTENNA-PATTERN][TX-ANTENNA-PATTERN][RX-STBC1][MAX-MPDU-11454][MAX-A-MPDU-LEN-EXP7]
+}}}
+===== Step 2 : Copy Access Point Configuration =====
+After the {{{hostapd-<phy>.conf}}} file has been created and any edits have been made (if any), you may either:
+. Copy the {{{hostapd-phy.conf}}} file over {{{/etc/hostapd.conf}}} and restart hostapd, noting that {{{/etc/network/interfaces}}} isn't configuring the wlan interface automatically (e.g. make sure no {{{auto wlan0}}} exists in {{{/etc/network/interfaces}}})
+{{{#!bash
+mv /etc/hostapd.conf /etc/hostapd.conf.bak # Backup original hostapd.conf file
+cp hostapd-phy0.conf /etc/hostapd.conf
+/etc/init.d/hostapd restart
+}}}
+. Run hostapd using this new conf file, knowing that the settings won't persist over a new boot:
+{{{#!bash
+root@ventana:~# /etc/init.d/hostapd stop
+root@ventana:~# hostapd -B hostapd-phy0.conf
+Configuration file: hostapd-phy0.conf
+[ 1825.468968] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
+wlan0: interface state UNINITIALIZED->HT_SCAN
+[ 1825.636135] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
+}}}
+At this point your wlan0 interface should be up and authenticating with WiFi clients and the next step is to configure IP networking (below).
+==== Routed Access Point ====
+A routed Access Point is used when you want the wireless network to have its own DHCP server and network. In this case traffic is routed across the WAN (Wide Area Network) interface (ie eth0) and WLAN (Wireless Local Area Network) interface (ie wlan0). This is the typical configuration for a wireless access point.
+For this you need:
+* the WAN (Wide Area Network) interface (ie eth0) should have an IP configuration from the WAN segment from the upstream Internet provider
+* the WLAN network interface (ie wlan0) should be assigned a static address on a private network
+* A DHCP server (ie dnsmasq) configured to serve a private IP address range on the WLAN network interface (ie wlan0)
+* Network Address Translation (NAT) routing configuration using Linux iptables and Linux kernel netfilter support
+* ip forwarding enabled in kernel
+Configuration:
+. configure your WAN and WLAN interfaces in /etc/network/interfaces. Here we will use eth0 as our WAN configured to obtain IP configuration via DHCP from the upstream provider and wlan0 as our WLAN configured with a DHCP server for a private subnet on the 10.0.0/24 network:
+{{{#!bash
+cat << EOF > /etc/network/interfaces
+# WAN interface
+auto eth0
+iface eth0 inet dhcp
+# WLAN interface
+auto wlan0
+iface wlan0 inet static
+        address 10.0.0.1
+        netmask 255.255.255.0
+# NAT configuration via iptables
+post-up iptables-restore < /etc/iptables.ipv4.nat
+EOF
+}}}
+. configure dnsmasq. Here we will configure it to serve addresses on the 10.0.0/24 network with a pool of 190 addresses from .10 to .200 with a 2hour lease:
+{{{#!bash
+cat << EOF > /etc/dnsmasq.conf
+interface=wlan0
+dhcp-range=10.0.0.10,10.0.0.200,2h
+EOF
+}}}
+. configure Linux NAT routing. We will do this for the current boot and use that configuration to store hooks for subsequent reboots:
+{{{#!bash
+# enable forwarding on bootup
+echo net.ipv4.ip_forward=1 >> /etc/sysctl.conf
+# configure NAT via iptables and then save its config to the restore script
+iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
+iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
+iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT
+iptables-save > /etc/iptables.ipv4.nat
+chmod +x /etc/iptables.ipv4.nat
+}}}
+. restart networking and enable forwarding (or sync and reboot at this point instead):
+{{{#!bash
+/etc/init.d/networking restart
+echo 1 > /proc/sys/net/ipv4/ip_forward
+}}}
+==== Bridged Access Point ====
+A bridged Access Point is used to provide an a Wireless Access Point on a LAN that already has a DHCP server and creates a bridge between the LAN interface and the WIFI interface such that wireless client DHCP requests will be bridged to the LAN and answered from there.
+For this you need:
+* bridge-utils package
+* CONFIG_BRIDGE support in kernel (default in our Yocto kernel)
+* ip forwarding enabled in kernel
+. create a bridge between your wifi interface and your lan interface. For example, assuming wlan0 and eth0:
+{{{#!bash
+# create a bride and add interfaces to it
+brctl addbr br0
+brctl addif br0 eth0
+brctl addif br0 wlan0
+# bring it up
+ifconfig br0 up
+# use DHCP to assign IP info
+udhcpc -i br0
+}}}
+ * Note that you can use /etc/network/interfaces to bring up and configure the bridge, but if you are using a fairly limited ifup/ifdown (like busybox) you will probably need to create the bridge first (ie in an init script prior to networking coming up)
+. enable IP forwarding:
+ {{{#!bash
+echo 1 > /proc/sys/net/ipv4/ip_forward
+}}}
+ * you can enable IP forwarding on bootup with:
+  {{{#!bash
+echo net.ipv4.ip_forward=1 >> /etc/sysctl.conf
+}}}
+Note that if your intention is to also create a wireless client bridge where a wireless client connection is bridging its wireless to a local Ethernet network you will need to enable WDS/4-addr header parsing on both the Access Point and the Client. To do this on the Access Point, add the following to {{{/etc/hostapd.conf}}}:
+{{{#!bash
+wds_sta=1
+}}}
+Alternatively, if using the {{{hostapd-conf}}} script, an option exists to enable this feature via {{{--wds=1}}}.
+===== Troubleshooting =====
+If encountering issues:
+* ensure both hostapd and wpa_supplicant are not both trying to manage the interface (ie you have it configured for both AP and Client mode)
+* ensure your client can see the AP (ie {{{iw dev wlan0}}} scan for a Linux client, or use a wireless scanner such as 'Wifi Analyzer' on an Android device)
+* For client mode ensure the kernel shows that you are associated with the AP. You should see {{{wlan0: associated}}} in the kernel messages
+* check your encryption settings
+* if you can ping between the AP and the client directly but not get through them:
+ * check your routing configuration (ie via {{{route -n}}} on Linux) and make sure you have a proper gateway
+ * if trying to bridge wireless to ethernet networks ensure 'both' the AP and the Client have 4addr header parsing enabled
+* if DNS resolution is not occurring first make sure you can ping the nameserver by IP
 === wpa-supplicant ===