Howto hostapd: Difference between revisions

From Vidalinux Wiki
Jump to navigation Jump to search
No edit summary
 
(25 intermediate revisions by the same user not shown)
Line 9: Line 9:
= configure wlan0 =
= configure wlan0 =
set wlan0 ip address:
set wlan0 ip address:
iw dev wlan0 set type managed
iw wlan0 set power_save off
ip link set dev wlan0 up
  ip addr add 192.168.10.1/24 dev wlan0
  ip addr add 192.168.10.1/24 dev wlan0
= install hostapd =
= install hostapd =
install latest version:
install latest version:
  yay -s hostapd-git
  yay -s hostapd-git
configuration for wifi6e on 6ghz:
configuration for wifi6e on 6ghz:
cat > /etc/hostapd/hostapd.conf << EOF
  ###################################################################
  ###################################################################
  # HostAPd configuration for WiFi-6e for a MEDIATEK mt7925 NIC    #
  # HostAPd configuration for WiFi-6e for a MEDIATEK mt7925 NIC    #
Line 24: Line 29:
  # - WME/WMM required                                              #
  # - WME/WMM required                                              #
  ###################################################################
  ###################################################################
#
# Posix Socket - (i.e. for hostapd_cli)
  ctrl_interface=/var/run/hostapd
  ctrl_interface=/var/run/hostapd
# driver interface
  driver=nl80211
  driver=nl80211
  # NIC to be configured
  # interface
  interface=wlan0
  interface=wlan0
  #device_name=wlan0
  # country code
# This WiFi NIC is a bridge slave...
#bridge=br0
wds_sta=1
# Logging
logger_stdout=-1
logger_stdout_level=0
logger_syslog=-1
logger_syslog_level=0
# Registry Domain configured by Country Code
  country_code=DE
  country_code=DE
  ieee80211d=1
  ieee80211d=1
  # Fulfill requirements for AP operation on 6GHz -- This is an INDOOR ONLY AP
  # ssid
ssid=mandulete
# wifi6e protocol ax mode
ieee80211ax=1
# indoor only ap
  he_6ghz_reg_pwr_type=0
  he_6ghz_reg_pwr_type=0
  # Expect this AP not to change its position and antenna alignment
  # multimedia extentions
stationary_ap=1
  wme_enabled=1
he_6ghz_rx_ant_pat=1
  wmm_enabled=1
# Activate beamforming capabilities
  # frecuency band and channel
he_mu_beamformer=1
  he_su_beamformee=1
  he_su_beamformer=1
  # Limit number of concurrent "clients" (stations) and do not restrict them by MAC address
max_num_sta=16
macaddr_acl=0
# Frequency band and channel selection for 6GHz WiFi-6e using 160MHz bandwidth
  hw_mode=a
  hw_mode=a
channel=1
  op_class=134
  op_class=134
channel=1
  he_oper_centr_freq_seg0_idx=15
  he_oper_centr_freq_seg0_idx=15
  # Configure for WiFi-6e protocol (AX mode) and set a BSS color
  # enforce management frame protection
  ieee80211ax=1
  ieee80211w=2
  he_bss_color=1
  beacon_prot=1
  # Enable Radar detection and DFS support if available
  # radar detection
  ieee80211h=1
  ieee80211h=1
  enable_background_radar=1
  enable_background_radar=1
  # Enforce Management Frame Protection (MFP) as required for WPA3
  # authentication
ieee80211w=2
beacon_prot=1
# Configure Ciphers, Re-Keying Intervals and Authentication Protocols for WPA3
  wpa=2
  wpa=2
  wpa_key_mgmt=SAE
  wpa_key_mgmt=SAE
Line 75: Line 63:
  rsn_pairwise=CCMP CCMP-256 GCMP GCMP-256
  rsn_pairwise=CCMP CCMP-256 GCMP GCMP-256
  group_mgmt_cipher=AES-128-CMAC
  group_mgmt_cipher=AES-128-CMAC
extended_key_id=1
  sae_password=vidalinux123
wpa_gmk_rekey=86400
  # wmm parameters  
wpa_group_rekey=86400
wpa_group_update_count=4
# Configure SSID and Passphrase
ssid=LinuxAP
  sae_password=testtest
  #  
# Wireless Multimedia Extensions (WME) and Wi-Fi Multimedia (WMM)
wme_enabled=1
wmm_enabled=1
#
# Default WMM parameters (IEEE 802.11 draft; 11-03-0504-03-000e):
# These parameters are used by the access point when transmitting frames to the clients.
# Low priority / AC_BK = background
  tx_queue_data3_aifs=7
  tx_queue_data3_aifs=7
  tx_queue_data3_cwmin=15
  tx_queue_data3_cwmin=15
Line 134: Line 109:
  wmm_ac_vo_txop_limit=47
  wmm_ac_vo_txop_limit=47
  wmm_ac_vo_acm=0
  wmm_ac_vo_acm=0
# Logging
logger_stdout=-1
logger_stdout_level=0
logger_syslog=-1
logger_syslog_level=0
# beamforming capabilities
he_mu_beamformer=1
he_su_beamformee=1
he_su_beamformer=1
EOF
settings for wifi7:
ieee80211be=1
disable_11be=0
eht_su_beamformer=1
eht_su_beamformee=1
eht_mu_beamformer=1
start hostapd deamon:
hostapd -t -d -P /var/run/wlan0.pid /etc/hostapd/hostapd.conf
= install dhcp server =
= install dhcp server =
install dhcp server package:
install dhcp server package:
Line 154: Line 148:
set iptables rules for sharing internet to wlan0:
set iptables rules for sharing internet to wlan0:
  cat > /usr/local/bin/sharenetwlan << EOF
  cat > /usr/local/bin/sharenetwlan << EOF
  #!/bin/bash
  #!/bin/bash
  iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -o eth0 -j MASQUERADE
  iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -o eth0 -j MASQUERADE
  iptables -A FORWARD -s 192.168.10.0/24 -o eth0 -j ACCEPT
  iptables -A FORWARD -s 192.168.10.0/24 -o eth0 -j ACCEPT
Line 165: Line 158:
execute script:
execute script:
  /usr/local/bin/sharenetwlan
  /usr/local/bin/sharenetwlan
= test speed =
 
on server machine install iperf3:
= speed test =
install iperf3 on server and client:
  pacman -Sy iperf3 --noconfirm
  pacman -Sy iperf3 --noconfirm
start iperf3 service on server:
start iperf3 service on server:
  iperf3 -s
  iperf3 -s
on client machine install iperf3:
on client connect to server using iperf3:
pacman -Sy iperf3 --noconfirm
then connect to server using iperf3:
  iperf3 -c 192.168.10.1 -p 5201
  iperf3 -c 192.168.10.1 -p 5201
you should see somehing like this:
Connecting to host 192.168.10.1, port 5201
[  5] local 192.168.10.34 port 39000 connected to 192.168.10.1 port 5201
[ ID] Interval          Transfer    Bitrate        Retr  Cwnd
[  5]  0.00-1.00  sec  128 MBytes  1.08 Gbits/sec    0  1.10 MBytes     
[  5]  1.00-2.00  sec  59.2 MBytes  497 Mbits/sec    1  1.32 MBytes     
[  5]  2.00-3.00  sec  47.0 MBytes  394 Mbits/sec    1  1.11 MBytes     
[  5]  3.00-4.00  sec  46.8 MBytes  392 Mbits/sec    3    908 KBytes     
[  5]  4.00-5.00  sec  49.1 MBytes  412 Mbits/sec    2  1.06 MBytes     
[  5]  5.00-6.00  sec  41.0 MBytes  344 Mbits/sec    2    631 KBytes     
[  5]  6.00-7.00  sec  92.1 MBytes  773 Mbits/sec    0    783 KBytes     
[  5]  7.00-8.00  sec  134 MBytes  1.13 Gbits/sec    0    962 KBytes     
[  5]  8.00-9.00  sec  129 MBytes  1.08 Gbits/sec    0    962 KBytes     
[  5]  9.00-10.00  sec  132 MBytes  1.11 Gbits/sec    0    962 KBytes     
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval          Transfer    Bitrate        Retr
[  5]  0.00-10.00  sec  859 MBytes  721 Mbits/sec    9            sender
[  5]  0.00-10.00  sec  857 MBytes  718 Mbits/sec                  receiver
iperf Done.
= enable 5ghz band support on intel wireless chips  =
download iwlwifi-lar-disable-dkms:
yay -G iwlwifi-lar-disable-dkms
edit pkgbuild change kernel based on your version:
pkgver=6.9.8
build package:
makepkg -si
edit /etc/default/grub:
GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3 quiet iwlwifi.lar_disable=Y"
commit changes:
grub-mkconfig -o /boot/grub/grub.cfg
mkinitcpio -P
= references =
= references =
* https://github.com/morrownr/USB-WiFi/tree/main/home/AP_Mode
* https://github.com/morrownr/USB-WiFi/tree/main/home/AP_Mode
* https://github.com/morrownr/USB-WiFi/blob/main/home/USB_WiFi_Chipsets.md
* https://github.com/morrownr/USB-WiFi/issues/431
* https://github.com/morrownr/USB-WiFi/issues/431
* https://variwiki.com/index.php?title=Wifi_NetworkManager#Creating_WiFi_AP
* https://variwiki.com/index.php?title=Wifi_NetworkManager#Creating_WiFi_AP
Line 182: Line 208:
* https://community.frame.work/t/guide-successful-wi-fi-7-802-11be-on-framework-13-amd-with-qualcomm-qcncm865-and-arch-linux/44723
* https://community.frame.work/t/guide-successful-wi-fi-7-802-11be-on-framework-13-amd-with-qualcomm-qcncm865-and-arch-linux/44723
* https://forum.openwrt.org/t/banana-bpi-r4-how-to-wnc7851-ncm865/197141/25
* https://forum.openwrt.org/t/banana-bpi-r4-how-to-wnc7851-ncm865/197141/25
* https://vyos.dev/T6320
* https://gist.github.com/iffa/290b1b83b17f51355c63a97df7c1cc60
* https://variwiki.com/index.php?title=Wifi_NetworkManager#Creating_WiFi_AP
* https://wiki.archlinux.org/title/Network_configuration/Wireless#Respecting_the_regulatory_domain
* https://superuser.com/questions/809282/wifi-5ghz-ap-mode-what-does-no-ir-means-and-can-i-bypass-it
* https://github.com/vanhoefm/hostap-wpa3
* https://wikidevi.wi-cat.ru/Main_Page
* https://www.netally.com/wifi-solutions/wifi-7-promises-to-achieve-up-to-46gbps-speeds/

Latest revision as of 01:45, 13 September 2024

network manager

set wlan0 to unmanaged by networkmanager:

cat > /etc/NetworkManager/conf.d/99-unmanaged-devices.conf << EOF
[keyfile]
unmanaged-devices=interface-name:wlan0
EOF

restart network manager:

systemctl restart NetworkManager

configure wlan0

set wlan0 ip address:

iw dev wlan0 set type managed
iw wlan0 set power_save off
ip link set dev wlan0 up
ip addr add 192.168.10.1/24 dev wlan0

install hostapd

install latest version:

yay -s hostapd-git

configuration for wifi6e on 6ghz:

cat > /etc/hostapd/hostapd.conf << EOF
###################################################################
# HostAPd configuration for WiFi-6e for a MEDIATEK mt7925 NIC     #
#                                                                 #
# Requirements for WiFi-6e (ieee80211ax) on 6GHz:                 #
# - WPA3 for authentication                                       #
# - SAE key management required for WPA3                          #
# - Management Frame Protection required for WPA3                 #
# - Radar awareness required for some RegDomains on 5GHz and 6GHz #
# - WME/WMM required                                              #
###################################################################
ctrl_interface=/var/run/hostapd
driver=nl80211

# interface
interface=wlan0
# country code
country_code=DE
ieee80211d=1
# ssid
ssid=mandulete
# wifi6e protocol ax mode
ieee80211ax=1
# indoor only ap
he_6ghz_reg_pwr_type=0
# multimedia extentions 
wme_enabled=1
wmm_enabled=1
# frecuency band and channel
hw_mode=a
channel=1
op_class=134
he_oper_centr_freq_seg0_idx=15
# enforce management frame protection
ieee80211w=2
beacon_prot=1
# radar detection
ieee80211h=1
enable_background_radar=1
# authentication
wpa=2
wpa_key_mgmt=SAE
auth_algs=1
rsn_pairwise=CCMP CCMP-256 GCMP GCMP-256
group_mgmt_cipher=AES-128-CMAC
sae_password=vidalinux123
# wmm parameters 
tx_queue_data3_aifs=7
tx_queue_data3_cwmin=15
tx_queue_data3_cwmax=1023
tx_queue_data3_burst=0
# Normal priority / AC_BE = best effort
tx_queue_data2_aifs=3
tx_queue_data2_cwmin=15
tx_queue_data2_cwmax=63
tx_queue_data2_burst=0
# High priority / AC_VI = video
tx_queue_data1_aifs=1
tx_queue_data1_cwmin=7
tx_queue_data1_cwmax=15
tx_queue_data1_burst=3.0
# Highest priority / AC_VO = voice
tx_queue_data0_aifs=1
tx_queue_data0_cwmin=3
tx_queue_data0_cwmax=7
tx_queue_data0_burst=1.5
# Quality of Service (QoS) parameters
# Low priority / AC_BK = background
wmm_ac_bk_cwmin=4
wmm_ac_bk_cwmax=10
wmm_ac_bk_aifs=7
wmm_ac_bk_txop_limit=0
wmm_ac_bk_acm=0
# Normal priority / AC_BE = best effort
wmm_ac_be_aifs=3
wmm_ac_be_cwmin=4
wmm_ac_be_cwmax=10
wmm_ac_be_txop_limit=0
wmm_ac_be_acm=0
# High priority / AC_VI = video
wmm_ac_vi_aifs=2
wmm_ac_vi_cwmin=3
wmm_ac_vi_cwmax=4
wmm_ac_vi_txop_limit=94
wmm_ac_vi_acm=0
# Highest priority / AC_VO = voice
wmm_ac_vo_aifs=2
wmm_ac_vo_cwmin=2
wmm_ac_vo_cwmax=3
wmm_ac_vo_txop_limit=47
wmm_ac_vo_acm=0
# Logging
logger_stdout=-1
logger_stdout_level=0
logger_syslog=-1
logger_syslog_level=0
# beamforming capabilities 
he_mu_beamformer=1
he_su_beamformee=1
he_su_beamformer=1
EOF

settings for wifi7:

ieee80211be=1
disable_11be=0
eht_su_beamformer=1
eht_su_beamformee=1
eht_mu_beamformer=1

start hostapd deamon:

hostapd -t -d -P /var/run/wlan0.pid /etc/hostapd/hostapd.conf

install dhcp server

install dhcp server package:

pacman -S dhcp

configure dhcp server:

shared-network DHCP {
       subnet 192.168.10.0 netmask 255.255.255.0 {
               range 192.168.10.100 192.168.10.10;
               option broadcast-address 192.168.10.255;
               option routers 192.168.10.1;
               option subnet-mask 255.255.255.0;
               option domain-name-servers 4.2.2.1, 4.2.2.2;
               default-lease-time 600;
               max-lease-time 7200;
 }
}

start dhcp server on wlan0 interface:

dhcpd wlan0

iptables rules

set iptables rules for sharing internet to wlan0:

cat > /usr/local/bin/sharenetwlan << EOF
#!/bin/bash
iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -o eth0 -j MASQUERADE
iptables -A FORWARD -s 192.168.10.0/24 -o eth0 -j ACCEPT
iptables -A FORWARD -d 192.168.10.0/24 -m state --state ESTABLISHED,RELATED -i eth0 -j ACCEPT
echo 1 >/proc/sys/net/ipv4/conf/all/forwarding
EOF

set permissions to script:

chmod +x /usr/local/bin/sharenetwlan

execute script:

/usr/local/bin/sharenetwlan

speed test

install iperf3 on server and client:

pacman -Sy iperf3 --noconfirm

start iperf3 service on server:

iperf3 -s

on client connect to server using iperf3:

iperf3 -c 192.168.10.1 -p 5201

you should see somehing like this:

Connecting to host 192.168.10.1, port 5201
[  5] local 192.168.10.34 port 39000 connected to 192.168.10.1 port 5201
[ ID] Interval           Transfer     Bitrate         Retr  Cwnd
[  5]   0.00-1.00   sec   128 MBytes  1.08 Gbits/sec    0   1.10 MBytes       
[  5]   1.00-2.00   sec  59.2 MBytes   497 Mbits/sec    1   1.32 MBytes       
[  5]   2.00-3.00   sec  47.0 MBytes   394 Mbits/sec    1   1.11 MBytes       
[  5]   3.00-4.00   sec  46.8 MBytes   392 Mbits/sec    3    908 KBytes       
[  5]   4.00-5.00   sec  49.1 MBytes   412 Mbits/sec    2   1.06 MBytes       
[  5]   5.00-6.00   sec  41.0 MBytes   344 Mbits/sec    2    631 KBytes       
[  5]   6.00-7.00   sec  92.1 MBytes   773 Mbits/sec    0    783 KBytes       
[  5]   7.00-8.00   sec   134 MBytes  1.13 Gbits/sec    0    962 KBytes       
[  5]   8.00-9.00   sec   129 MBytes  1.08 Gbits/sec    0    962 KBytes       
[  5]   9.00-10.00  sec   132 MBytes  1.11 Gbits/sec    0    962 KBytes       
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec   859 MBytes   721 Mbits/sec    9             sender
[  5]   0.00-10.00  sec   857 MBytes   718 Mbits/sec                  receiver

iperf Done.

enable 5ghz band support on intel wireless chips

download iwlwifi-lar-disable-dkms:

yay -G iwlwifi-lar-disable-dkms

edit pkgbuild change kernel based on your version:

pkgver=6.9.8

build package:

makepkg -si

edit /etc/default/grub:

GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3 quiet iwlwifi.lar_disable=Y"

commit changes:

grub-mkconfig -o /boot/grub/grub.cfg
mkinitcpio -P

references