News items for tag wifi - Koos van den Hout

For the first time I brought my new personal laptop to a place where I could use eduroam wireless network. This gave some trouble, eduroam did not work out of the box. I had to set the authentication method to 'Protected EAP (PEAP)' and set the inner authentication correct. And I had to set the CA-Certificate to check. If you don't set it, network manager settings will ask if you are sure, but if you say you are sure the net result in the background is that the request for a valid certificate is set but there is no certificate set to check against, resulting in the connection not working.

The wireless card of the weather station computer in the shed is dual-band but with only a 2.4 GHz capable antenna. Since the house access-point is configured to support both 2.4 GHz and 5 GHz channels the system sometimes selects the 5 GHz access and keeps having serious packet loss. I looked at ways to convince the driver to select 2.4 GHz channels only but found none, but then I found out wpa_supplicant can do this. But I configure wpa_supplicant through wpa-* options in /etc/network/interfaces so I had to find out how to configure it using those. The manpages for the interfaces file is very limited on the wpa-* options, but I found an explanation that a lot of wpa_supplicant options are supported, including the one to select frequencies. The sneaky part is that the option in wpa_supplicant.conf is freq_list and the option in /etc/network/interfaces is wpa-freq-list. A rather complete list can be found at Where can I find a full list of wpa-* options for the interfaces file? - superuser.com. So now I have in /etc/network/interfaces:

auto wlan0
iface wlan0 inet dhcp
        wpa-ssid default
        wpa-psk VerySecret
        wpa-freq-list 2412 2417 2422 2427 2432 2437 2442 2452 2457 2462 2467 2472

The ideal solution is to order a dual-band (2.4 GHz and 5 GHz) antenna.

Update: Noticeable absent are channels 12 and 13 which are available for regulatory domain NL but are not listed when I ask the driver for available channels:

koos@ritchie:~$ /sbin/iwlist wlan0 chann
wlan0     19 channels in total; available frequencies :
          Channel 01 : 2.412 GHz
          Channel 02 : 2.417 GHz
          Channel 03 : 2.422 GHz
          Channel 04 : 2.427 GHz
          Channel 05 : 2.432 GHz
          Channel 06 : 2.437 GHz
          Channel 07 : 2.442 GHz
          Channel 08 : 2.447 GHz
          Channel 09 : 2.452 GHz
          Channel 10 : 2.457 GHz
          Channel 11 : 2.462 GHz
          Channel 36 : 5.18 GHz
          Channel 40 : 5.2 GHz
          Channel 44 : 5.22 GHz
          Channel 48 : 5.24 GHz
          Channel 52 : 5.26 GHz
          Channel 56 : 5.28 GHz
          Channel 60 : 5.3 GHz
          Channel 64 : 5.32 GHz
          Current Frequency:2.462 GHz (Channel 11)

And now I wonder why those are missing.

For an upcoming demonstration about security I plan to play with sniffing insecure wireless networks.

I currently have a 'WiFi Pineapple' to play with which makes this quite easy. I created an open wireless network with the SSID of a very popular open network which should be 'attractive' to the visitors of the demonstration and I play with tools to show what can be found in the passing datastream.

First of all dsniff for decoding usernames/passwords in a lot of open protocols, like:

dsniff: listening on
-----------------
01/21/16 21:54:47 tcp xx.yy.zz.60683 -> ftp3.xs4all.net.21 (ftp)
USER ftp
PASS koos@

-----------------
01/21/16 22:05:49 tcp xx.yy.zz.35913 -> pop.xs4all.nl.110 (pop3)
USER bestaatniet
PASS weetikniet

It took me a while to get dsniff working: it does not 'see' connections that originate on the system it is running on, which was my 'preferred' way to test it.

And a more visual one: driftnet for picking out all images from passing traffic. It's a strong visual thing when you see the images from a site you visit popping up in another screen.

New messages in the wifi system logs, probably caused by the new TP-Link TL-WDR4300 access point:

[339796.577998] wlan0: associated
[339796.578154] cfg80211: Calling CRDA for country: NL
[339796.614689] cfg80211: Regulatory domain changed to country: NL
[339796.614711] cfg80211:  DFS Master region: ETSI
[339796.614722] cfg80211:   (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[339796.614739] cfg80211:   (2402000 KHz - 2482000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[339796.614754] cfg80211:   (5170000 KHz - 5330000 KHz @ 80000 KHz), (N/A, 2000 mBm)
[339796.614769] cfg80211:   (5490000 KHz - 5710000 KHz @ 80000 KHz), (N/A, 2700 mBm)
[339796.614785] cfg80211:   (57240000 KHz - 65880000 KHz @ 2160000 KHz), (N/A, 4000 mBm)
[339796.795070] wlan0: Limiting TX power to 23 (23 - 0) dBm as advertised by ..:..:..:..:..:..

Oh and another interesting thing about the new TP-Link TL-WDR4300. It does IPv6. If I read the docs correctly it can do DHCP6 with prefix delegation or tunnels. It even gives itself an IPv6 address on the LAN side when that side runs address advertising. But ...

$ telnet -6 ap 80
Trying 2001:980:14ca:2:ea94:f6ff:fe91:21b3...
telnet: Unable to connect to remote host: Connection refused

the webinterface isn't available via IPv6. Nothing in the device is available via IPv6 according to nmap.

I am used to new access-points showing up at home which make us change the channel from time to time, but after getting hickups in youtube video on a tablet for the second time in a week I decided it was time to go dual-band and higher speeds. Good advice was to look at the TP-Link TL-WDR4300 which is dual-radio dual-band with 802.11n support with mimo. The advertised 750 megabit is when you add 802.11n at 300 megabit on 2.4 GHz and 802.11n at 450 megabit on 5 GHz. I'm not setting up extra wide channels on 2.4 GHz since it is busy enough, so I won't be seeing 300 megabit on 2.4 GHz anyway. I set up the network SSID and security on 5 GHz exactly the same as on 2.4 GHz so devices can switch automatically.

The weather station computer in the shed also measures wifi signal strength, the difference is clear so the TP-Link also has a stronger signal on 2.4 GHz. The wireless card in the weather station computer can do 5 GHz, but its antenna is tuned for 2.4 GHz and there are multiple walls between the access-point and that antenna.

An interesting new message showing for the wireless config:

[2668364.843138] cfg80211: Calling CRDA to update world regulatory domain
[2668365.630995] cfg80211: World regulatory domain updated:
[2668365.631018] cfg80211:  DFS Master region: unset
[2668365.631029] cfg80211:   (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[2668365.631046] cfg80211:   (2402000 KHz - 2472000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[2668365.631062] cfg80211:   (2457000 KHz - 2482000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[2668365.631078] cfg80211:   (2474000 KHz - 2494000 KHz @ 20000 KHz), (N/A, 2000 mBm)
[2668365.631093] cfg80211:   (5170000 KHz - 5250000 KHz @ 80000 KHz), (N/A, 2000 mBm)
[2668365.631109] cfg80211:   (5735000 KHz - 5835000 KHz @ 80000 KHz), (N/A, 2000 mBm)
[2668365.631124] cfg80211:   (57240000 KHz - 63720000 KHz @ 2160000 KHz), (N/A, 0 mBm)
[2668365.632073] cfg80211: Calling CRDA for country: NL
[2668365.661681] cfg80211: Regulatory domain changed to country: NL
[2668365.661703] cfg80211:  DFS Master region: unset
[2668365.661715] cfg80211:   (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[2668365.661731] cfg80211:   (2402000 KHz - 2482000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[2668365.661747] cfg80211:   (5170000 KHz - 5330000 KHz @ 80000 KHz), (N/A, 2000 mBm)
[2668365.661763] cfg80211:   (5490000 KHz - 5710000 KHz @ 80000 KHz), (N/A, 2700 mBm)
[2668365.661778] cfg80211:   (57240000 KHz - 65880000 KHz @ 2160000 KHz), (N/A, 4000 mBm)

The message about DFS Master region is new to me, compared to the crda messages I saw last february.

I noticed in the logs of the weather station computer ritchie:

[770336.506717] cfg80211: Calling CRDA to update world regulatory domain
[770336.906545] cfg80211: World regulatory domain updated:
[770336.906567] cfg80211:   (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[770336.906585] cfg80211:   (2402000 KHz - 2472000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[770336.906602] cfg80211:   (2457000 KHz - 2482000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[770336.906619] cfg80211:   (2474000 KHz - 2494000 KHz @ 20000 KHz), (300 mBi, 2000 mBm)
[770336.906635] cfg80211:   (5170000 KHz - 5250000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[770336.906652] cfg80211:   (5735000 KHz - 5835000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)

But I'm in a specific country (the Netherlands) although the access-point is old enough to not transmit the regulatory domain information. I found out I can update the default in the client using:

root@ritchie:~# iw reg get
country 00: DFS-UNSET
        (2402 - 2472 @ 40), (3, 20)
        (2457 - 2482 @ 40), (3, 20), NO-IR
        (2474 - 2494 @ 20), (3, 20), NO-OFDM, NO-IR
        (5170 - 5250 @ 40), (3, 20), NO-IR
        (5735 - 5835 @ 40), (3, 20), NO-IR
root@ritchie:~# iw reg set NL
root@ritchie:~# iw reg get
country NL: DFS-UNSET
        (2402 - 2482 @ 40), (N/A, 20)
        (5170 - 5250 @ 40), (N/A, 20), NO-OUTDOOR
        (5250 - 5330 @ 40), (N/A, 20), NO-OUTDOOR, DFS
        (5490 - 5710 @ 40), (N/A, 27), DFS
        (57240 - 65880 @ 2160), (N/A, 40), NO-OUTDOOR

This changes maximum power, bandwidth and frequency ranges. And indeed in dmesg:

[770977.623611] cfg80211: Calling CRDA for country: NL
[770977.715887] cfg80211: Regulatory domain changed to country: NL
[770977.715909] cfg80211:   (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[770977.715926] cfg80211:   (2402000 KHz - 2482000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[770977.715941] cfg80211:   (5170000 KHz - 5250000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[770977.715957] cfg80211:   (5250000 KHz - 5330000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[770977.715972] cfg80211:   (5490000 KHz - 5710000 KHz @ 40000 KHz), (N/A, 2700 mBm)
[770977.715988] cfg80211:   (57240000 KHz - 65880000 KHz @ 2160000 KHz), (N/A, 4000 mBm)

Now I wonder about the flags... NO-IR = no initiating radiation the device may not transmit on a frequency until it has received beacons on the frequency. DFS = Dynamic Frequency Selection which is mainly avoiding collision on the 5 GHz wireless band with weather radars.

More information about this subject at Regulatory - Linux Wireless.

Ik vroeg me recent af wat het aanbod is in access-points voor thuis met dual-radio support, dus tegelijkertijd actief op 2.4 GHz en 5 GHz. Op de 5 GHz band is minder storing maar niet alle apparaten die wifi gebruiken ondersteunen 5 GHz. En 802.11n op 2.4 GHz doen is volgens mij asociaal omdat je dan helemaal andere netwerken in de buurt stoort.

Toevallig blijkt het agentschap telecom het met me eens te zijn: Met een combi-router ben je goed voorbereid op de Wi-Fi van de toekomst - Agentschap Telecom.

Dus liefst heb ik een access-point met dual-radio, 802.11n ondersteuning alleen op 5 GHz, WPA2 en niet te veel stroomgebruik. Het lijkt soms dat 2 access-points met verschillende settings wel eens goedkoper in aanschaf kunnen zijn dan eentje met al deze opties, alleen dan vast in stroomgebruik niet.

Gelijk na het bijwerken naar UTF-8 codering liep ik weer eens door het document Draadloos netwerk uitleg en installatie. Sommige links waren niet meer geldig en ik kon nog wat tekst verbeteren.