Wi-Fi roaming issues between access points

Indeed, a rescan of available APs makes the L5 switch to the one with the strongest signal. wpa_supplicant has a bgscan option where you can indicate at what signal level to initiate regular automatic scans. From the wpa_supplicant(5) sample configuration:

# bgscan: Background scanning
# wpa_supplicant behavior for background scanning can be specified by
# configuring a bgscan module. These modules are responsible for requesting
# background scans for the purpose of roaming within an ESS (i.e., within a
# single network block with all the APs using the same SSID). The bgscan
# parameter uses following format: "<bgscan module name>:<module parameters>"
# Following bgscan modules are available:
# simple - Periodic background scans based on signal strength
# send_btm_query > 0 means do this many BTM queries before attempting a scan.
# bgscan="simple:<short bgscan interval in seconds>:<signal strength threshold>:
# <long interval>[:<send_btm_query>]"
# bgscan="simple:30:-45:300"
# bgscan="simple:30:-45:300:3"
# learn - Learn channels used by the network and try to avoid bgscans on other
# channels (experimental)
# bgscan="learn:<short bgscan interval in seconds>:<signal strength threshold>:
# <long interval>[:<database file name>]"
# bgscan="learn:30:-45:300:/etc/wpa_supplicant/network1.bgscan"
# Explicitly disable bgscan by setting
# bgscan=""
#
# This option can also be set outside of all network blocks for the bgscan
# parameter to apply for all the networks that have no specific bgscan
# parameter.

802.11r Fast Transition helps with seamless transition from AP to AP. If your setup supports it, you can enable it in wpa_supplicant also, e.g. by setting FT-SAE instead of just SAE (WPA3):

# key_mgmt: list of accepted authenticated key management protocols
# WPA-PSK = WPA pre-shared key (this requires 'psk' field)
# WPA-EAP = WPA using EAP authentication
# IEEE8021X = IEEE 802.1X using EAP authentication and (optionally) dynamically
#	generated WEP keys
# NONE = WPA is not used; plaintext or static WEP could be used
# WPA-NONE = WPA-None for IBSS (deprecated; use proto=RSN key_mgmt=WPA-PSK
#	instead)
# FT-PSK = Fast BSS Transition (IEEE 802.11r) with pre-shared key
# FT-EAP = Fast BSS Transition (IEEE 802.11r) with EAP authentication
# FT-EAP-SHA384 = Fast BSS Transition (IEEE 802.11r) with EAP authentication
#	and using SHA384
# WPA-PSK-SHA256 = Like WPA-PSK but using stronger SHA256-based algorithms
# WPA-EAP-SHA256 = Like WPA-EAP but using stronger SHA256-based algorithms
# SAE = Simultaneous authentication of equals; pre-shared key/password -based
#	authentication with stronger security than WPA-PSK especially when using
#	not that strong password; a.k.a. WPA3-Personal
# FT-SAE = SAE with FT
# WPA-EAP-SUITE-B = Suite B 128-bit level
# WPA-EAP-SUITE-B-192 = Suite B 192-bit level
# OSEN = Hotspot 2.0 Rel 2 online signup connection
# FILS-SHA256 = Fast Initial Link Setup with SHA256
# FILS-SHA384 = Fast Initial Link Setup with SHA384
# FT-FILS-SHA256 = FT and Fast Initial Link Setup with SHA256
# FT-FILS-SHA384 = FT and Fast Initial Link Setup with SHA384
# OWE = Opportunistic Wireless Encryption (a.k.a. Enhanced Open)
# DPP = Device Provisioning Protocol
# If not set, this defaults to: WPA-PSK WPA-EAP

Next problem: L5 uses NetworkManager and not wpa_supplicant directly, so how to do all this with NetworkManager?

2 Likes

Thank you for the new insights.

I wish we could easily use wpa_supplicant.conf instead of whatever NetworkManager does.

I suspect this is something with how Linux in general deals with roaming. My Qubes OS laptop has the Atheros card (ath9k) and I have the same kind of problem. Of course, it is where I usually want to keep the laptop when I am cooking. It will sometimes switch from an AP with 4 signal bars to the one with 1-2 bars and stay stuck there without any data flowing in. My test laptop also with the ath9k booting into Windows or FreeBSD doesn’t show the same problem. (in FreeBSD I keep a very simple wpa_supplicant config).

The situation got much better in recent months. Now I am abroad and the house I am staying at has a simple access point, the ones that providers give away for free. No roaming. In some blind spots, the connection goes stale but never disconnects but also doesn’t resume when returning to a higher signal zone. I need to reconnect to the AP, but there’s no need to power cycle the card.

My new card should be with me in a few days and I am curious to see how it performs.

Overall, though, wifi has not been bothering me lately.

1 Like