Page MenuHomeVyOS Platform

WiFi: Enable support for 6GHz AccesPoints
Closed, ResolvedPublicFEATURE REQUEST

Description

Since the last major overhaul (see: T452), newer WiFi standards have been established and hardware is becoming available to the open market.

This feature request shall concentrate on implementing WiFi Access Points on the 6GHz band. To ease development, the focus should be on implementing WiFi-6e (IEEE 802.11ax for 6GHz).

Reasoning:

  • Implementing WiFi-6e (IEEE 802.11ax for 6GHz only) would be less complicated than adding yet another set of flags (HE) to the current set of WiFi configurations covering HT and VHT. In hostapd, WiFi-6e is done differently and requires a different set of settings.
  • The 6GHz band offers a vast improvement on bandwidth in many countries where the 5GHz bands are severely regulated (such as in Europe). While on 6GHz one may easily achieve throughput of more than 1GBit/sec, this is almost not possible on 5GHz, making development effort for 5GHz questionable.
  • Later implementations for WiFi-7 (IEEE 802.11be) would be similar to WiFi-6e. WiFi-7 would also use 6GHz, but is not limited to that band by standard IEEE 802.11be.

Suggested testbeds:

I have done some prior research on what hardware might be available to implement this. These were my results so far:

  • Atheros ath11k devices might be available on some places - however, I could not find a source in Europe for a decent device.
  • MEDIATEK Filogic 330 (mt7922e) and Filogic 630 (mt7916e) are available and support WiFi-6e AP mode on 6GHz. Sources below. I was able to set up a 6GHz AP based on Debian Trixie (Kernel 6.7) and connect to that AP, however, the connection was instable at first and only held for a minute or so. This time was enough to run iperf3 which yielded throughput of more than 100 MBytes/sec on that prototype. I used both, a mt7916e and mt7922e module as AP on a PC-Engines APU3. Instability issues have since been eradicated and the WiFi-6e AP is now as stable as WiFi-5 in VyOS 1.5.

Sources:

Hardware may be fetched from the sources below.

TODOs:

[x] Acquire a suitable NIC and make a testbed
[x] Find a stable hostapd.conf for WiFi-6e
[x] Implement new settings to vyos-1x
[x] Test thoroughly and bugfixes
[x] Issue PR against upstream vyos-1x (https://github.com/vyos/vyos-1x/pull/3524)
[x] Issue PR againsst upstream vyos-documentation (https://github.com/vyos/vyos-documentation/pull/1471)

where:
[ ]: TODO; [o] in-the-works; [x] complete

Configurations:

While I'll be working on this topic I will subsequently add results to this post. The config below provides a stable AP. Throughput remains acceptable even behind one wall and is on par with 5GHz WiFi-5 through two walls (no steel reinforcement).

Rough throughput measurements for 6GHz at 160MHz bandwidth:

no walls100 - 150 MByte/s
one wall60 - 100 MByte/s
two walls30 - 60 MByte/s

My /etc/hostapd/hostapd-wifi6e.conf - start AP using hostapd -t -d -P /var/run/wlan0.pid /etc/hostapd/hostapd-wifi6e.conf

###################################################################
# HostAPd configuration for WiFi-6e for a MEDIATEK mt7916 NIC     #
#                                                                 #
# Requirements for WiFi-6e (ieee80211ax) on 6GHz:                 #
# - WPA3 for authentication                                       #
# - SAE key management required for WPA3                          #
# - Management Frame Protection required for WPA3                 #
# - Radar awareness required for some RegDomains on 5GHz and 6GHz #
# - WME/WMM required                                              #
###################################################################
# 
# Posix Socket - (i.e. for hostapd_cli)
ctrl_interface=/var/run/hostapd
# driver interface
driver=nl80211
# NIC to be configured
interface=<wlan0..n>
device_name=802.11ax 6GHz
# This WiFi NIC is a bridge slave...
bridge=<br0..n>
wds_sta=1
# Logging
logger_stdout=-1
logger_stdout_level=0
logger_syslog=-1
logger_syslog_level=0
# Registry Domain configured by Country Code
country_code=<2-LETTER-COUNTRY-CODE>
ieee80211d=1
# Fulfill requirements for AP operation on 6GHz -- This is an INDOOR ONLY AP
he_6ghz_reg_pwr_type=0
# Expect this AP not to change its position and antenna alignment
stationary_ap=1
he_6ghz_rx_ant_pat=1
# Activate beamforming capabilities 
he_mu_beamformer=1
he_su_beamformee=1
he_su_beamformer=1
# Limit number of concurrent "clients" (stations) and do not restrict them by MAC address
max_num_sta=16
macaddr_acl=0
# Frequency band and channel selection for 6GHz WiFi-6e using 160MHz bandwidth
hw_mode=a
op_class=134
channel=1
he_oper_centr_freq_seg0_idx=15
# Configure for WiFi-6e protocol (AX mode) and set a BSS color
ieee80211ax=1
he_bss_color=<1..63>
# Enable Radar detection and DFS support if available
ieee80211h=1
enable_background_radar=1
# Enforce Management Frame Protection (MFP) as required for WPA3
ieee80211w=2
beacon_prot=1
# Configure Ciphers, Re-Keying Intervals and Authentication Protocols for WPA3
wpa=2
wpa_key_mgmt=SAE
auth_algs=1
rsn_pairwise=CCMP CCMP-256 GCMP GCMP-256
group_mgmt_cipher=AES-128-CMAC
extended_key_id=1
wpa_gmk_rekey=86400
wpa_group_rekey=86400
wpa_group_update_count=4
# Configure SSID and Passphrase
ssid=<SSID>
sae_password=<PASSPHRASE>
# 
# Wireless Multimedia Extensions (WME) and Wi-Fi Multimedia (WMM)
wme_enabled=1
wmm_enabled=1
#
# Default WMM parameters (IEEE 802.11 draft; 11-03-0504-03-000e):
# These parameters are used by the access point when transmitting frames to the clients.
# Low priority / AC_BK = background
tx_queue_data3_aifs=7
tx_queue_data3_cwmin=15
tx_queue_data3_cwmax=1023
tx_queue_data3_burst=0
# Normal priority / AC_BE = best effort
tx_queue_data2_aifs=3
tx_queue_data2_cwmin=15
tx_queue_data2_cwmax=63
tx_queue_data2_burst=0
# High priority / AC_VI = video
tx_queue_data1_aifs=1
tx_queue_data1_cwmin=7
tx_queue_data1_cwmax=15
tx_queue_data1_burst=3.0
# Highest priority / AC_VO = voice
tx_queue_data0_aifs=1
tx_queue_data0_cwmin=3
tx_queue_data0_cwmax=7
tx_queue_data0_burst=1.5
# Quality of Service (QoS) parameters
# Low priority / AC_BK = background
wmm_ac_bk_cwmin=4
wmm_ac_bk_cwmax=10
wmm_ac_bk_aifs=7
wmm_ac_bk_txop_limit=0
wmm_ac_bk_acm=0
# Normal priority / AC_BE = best effort
wmm_ac_be_aifs=3
wmm_ac_be_cwmin=4
wmm_ac_be_cwmax=10
wmm_ac_be_txop_limit=0
wmm_ac_be_acm=0
# High priority / AC_VI = video
wmm_ac_vi_aifs=2
wmm_ac_vi_cwmin=3
wmm_ac_vi_cwmax=4
wmm_ac_vi_txop_limit=94
wmm_ac_vi_acm=0
# Highest priority / AC_VO = voice
wmm_ac_vo_aifs=2
wmm_ac_vo_cwmin=2
wmm_ac_vo_cwmax=3
wmm_ac_vo_txop_limit=47
wmm_ac_vo_acm=0

I sometimes directly use wpa_supplicant to connect from STA (a laptop) as NetworkManager sometimes fails to detect and connect to the AP.

Here is my wpa_supplicant.conf. Connect using sudo wpa_supplicant -d -i <your-wifi-iface> -c /etc/wpa_supplicant/wpa_supplicant.conf. You can observe the process with wpa_cli status.

ctrl_interface=/run/wpa_supplicant
update_config=1
#ap_scan=0
country=<COUNTRY-CODE>
network={
  scan_freq=5955 5975 5995 6015 6035 6055 6075 6095 6115 6135 6155 6175 6195 6215 6235 6255 6275 6295 6315 6335 6355 6375 6395 6415
  ssid="<SSID-IDENTIFIER>"
  key_mgmt=SAE
  auth_alg=OPEN
  ieee80211w=2
  sae_password="<PASSPHRASE>"
}

Proposed VyOS configuration:

Here is what a proposed VyOS config for 802.11ax at 6GHz would look like.

Note: Regulatory Domain configuration has been moved back to system wireless. Details are in T6318.

vyos@vyos# show system wireless 
 country-code de
[edit]
vyos@vyos# show interfaces wireless wlan1
 capabilities {
     he {
         antenna-pattern-fixed
         beamform {
             multi-user-beamformer
             single-user-beamformee
             single-user-beamformer
         }
         bss-color 13
         center-channel-freq {
             freq-1 15
         }
         channel-set-width 134
     }
 }
 channel 1
 description "802.11ax 6GHz"
 enable-bf-protection
 hw-id <your-MAC>
 ip {
     enable-proxy-arp
 }
 max-stations 16
 mgmt-frame-protection required
 mode ax
 physical-device phy1
 security {
     wpa {
         cipher CCMP
         cipher CCMP-256
         cipher GCMP
         cipher GCMP-256
         mode wpa3
         passphrase <your-strong-passphrase>
     }
 }
 ssid <your-ssid>
 stationary-ap
 type access-point
[edit]
vyos@vyos#

Quirks and Workarounds:

6GHz band is completely disabled in iw list. This may be the case if you try to use a MEDIATEK card on Linux 6.6.30 or 6.7.x or newer. There seems to be a lot going on in the Kernel's WiFi section right now. A new feature called "CLC (Country Location Control)" which must be disabled in the mt7921_common module to use the 6GHz band. Make a file /etc/modprobe.d/mt7921.conf containing options mt7921_common disable_clc=1. Source: https://community.frame.work/t/responded-amd-rz616-wifi-card-doesnt-work-with-6ghz-on-kernel-6-7/43226

Wireless Regulation Domain would not apply correctly. There seem to be issues with the current wireless-regdb packages delivered with VyOS. As of now, 5GHz channels would not allow access point operation (iw list showing no-ir on all channels) and 6GHz channels would be completely disabled. Also, switching country codes (iw reg set DE) would not have any effect. For now, I have this workaround:

  • Download and install wireless-regdb from the Ubuntu Packages page, and
  • (not needed anymore with newest 1.5-rolling) manually configure your regulatory domain as option for the cfg80211 module by editing /etc/modprobe.d/cfg80211.conf and adding this line: options cfg80211 ieee80211_regdom=DE

Throughput jitters on MT7922 cards. You might try to disable power management for that card by adding the line options mt7921e disable_aspm=Y to the file /etc/modprobe.d/mt7921.conf. This setting flattened out the valleys in my throughput graphs.

The NIC from AsiaRF would not fit into the standard APU2/3 case. The NIC comes with a heatsink of 10mm height. You must add this to your NIC, otherwise it will overheat quickly, especially when transmitting. Before mounting the heatsink to the NIC, take a piece of sandpaper and remove 1mm off the heatsink pins to allow a snug fit. There should be no pressure applied on the NIC when closing the lid, with the heatsink pins almost or just barely touching the lid. Be sure to have some 0.5mm thermal pad at hand. I used a 40mm x 40mm x 0.5mm piece of thermal pad and applied it between the NIC's shortened heatsink pins and the APU's enclosure cover, which then serves as a heat spreader. This keeps the NIC nice and cool.

Stock heatsink before modification:

unmodified-heatsink-top.jpeg (1×1 px, 512 KB)
unmodified-heatsink-bottom.jpeg (1×1 px, 296 KB)

PC Engines APU3 with integrated mt7916 mPCIe 3052 module by AsiaRF:

integration-01.jpeg (1×1 px, 319 KB)
integration-02.jpeg (1×1 px, 354 KB)
integration-03.jpeg (1×1 px, 240 KB)

Hint: I have drilled extra holes into the lid for antenna cables.

Details

Version
-
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Feature (new functionality)

Event Timeline

Viacheslav triaged this task as Wishlist priority.May 8 2024, 2:27 PM
alainlamar changed the task status from Open to Needs testing.May 26 2024, 9:26 PM
alainlamar claimed this task.
alainlamar updated the task description. (Show Details)
alainlamar updated the task description. (Show Details)
alainlamar updated the task description. (Show Details)
alainlamar changed the task status from Unknown Status to Resolved.Jul 21 2024, 8:44 PM
alainlamar updated the task description. (Show Details)