From 13d99f2ff19e04d81442d7d61f497a7ba365c49c Mon Sep 17 00:00:00 2001 From: Alain Lamar Date: Sun, 2 Jun 2024 16:56:52 +0200 Subject: wireless: T6320: Document 802.11ax settings --- docs/configuration/interfaces/wireless.rst | 74 +++++++++++++++++++++++++++--- 1 file changed, 67 insertions(+), 7 deletions(-) (limited to 'docs') diff --git a/docs/configuration/interfaces/wireless.rst b/docs/configuration/interfaces/wireless.rst index df153763..8039b039 100644 --- a/docs/configuration/interfaces/wireless.rst +++ b/docs/configuration/interfaces/wireless.rst @@ -42,7 +42,8 @@ Wireless options .. cfgcmd:: set interfaces wireless channel Channel number (IEEE 802.11), for 2.4Ghz (802.11 b/g/n) channels range from - 1-14. On 5Ghz (802.11 a/h/j/n/ac) channels available are 0, 34 to 173 + 1-14. On 5Ghz (802.11 a/h/j/n/ac) channels available are 0, 34 to 173. + On 6GHz (802.11 ax) channels range from 1 to 233. .. cfgcmd:: set interfaces wireless country-code @@ -84,7 +85,14 @@ Wireless options Management Frame Protection (MFP) according to IEEE 802.11w -.. cfgcmd:: set interfaces wireless mode + .. note:: :abbr:`MFP (Management Frame Protection)` is required for WPA3. + +.. cfgcmd:: set interfaces wireless beacon-frame-protection + + + .. note:: This option requires :abbr:`MFP (Management Frame Protection)` to be enabled. + +.. cfgcmd:: set interfaces wireless mode Operation mode of wireless radio. @@ -93,6 +101,9 @@ Wireless options * ``g`` - 802.11g - 54 Mbits/sec (default) * ``n`` - 802.11n - 600 Mbits/sec * ``ac`` - 802.11ac - 1300 Mbits/sec + * ``ax`` - 802.11ax - exceeds 1GBit/sec + + .. note:: In VyOS, 802.11ax is only implemented for 6GHz as of yet. .. cfgcmd:: set interfaces wireless physical-device @@ -131,7 +142,9 @@ PPDU .. cfgcmd:: set interfaces wireless capabilities require-ht -.. cfgcmd:: set interfaces wireless capabilities require-hvt +.. cfgcmd:: set interfaces wireless capabilities require-vht + +.. cfgcmd:: set interfaces wireless capabilities require-he HT (High Throughput) capabilities (802.11n) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ @@ -149,6 +162,7 @@ HT (High Throughput) capabilities (802.11n) Supported channel width set. + * ``ht20`` - 20 MHz channel width * ``ht40-`` - Both 20 MHz and 40 MHz with secondary channel below the primary channel * ``ht40+`` - Both 20 MHz and 40 MHz with secondary channel above the primary @@ -297,6 +311,52 @@ VHT (Very High Throughput) capabilities (802.11ac) Station supports receiving VHT variant HT Control field +HE (High Efficiency) capabilities (802.11ax) +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +.. cfgcmd:: set interfaces wireless capabilities he antenna-pattern-fixed + + Tell the AP that antenna positions are fixed and will not change + during the lifetime of an association. + +.. cfgcmd:: set interfaces wireless capabilities he beamform + + + Beamforming capabilities: + + * ``single-user-beamformer`` - Support for operation as single user beamformer + * ``single-user-beamformee`` - Support for operation as single user beamformee + * ``multi-user-beamformer`` - Support for operation as single user beamformer + +.. cfgcmd:: set interfaces wireless capabilities he bss-color + + BSS coloring helps to prevent channel jamming when multiple APs use + the same channels. + + Valid values are 1..63 + +.. cfgcmd:: set interfaces wireless capabilities he + center-channel-freq + + HE operating channel center frequency - center freq 1 + (for use with 80, 80+80 and 160 modes) + + HE operating channel center frequency - center freq 2 + (for use with the 80+80 mode) + + must be within 1..233. For 80 MHz channels it should be channel + 6 + and for 160 MHz channels, it should be channel + 14. + +.. cfgcmd:: set interfaces wireless capabilities he channel-set-width + + must be one of: + + * ``131`` - 20 MHz channel width + * ``132`` - 40 MHz channel width + * ``133`` - 80 MHz channel width + * ``134`` - 160 MHz channel width + * ``135`` - 80+80 MHz channel width + Wireless options (Station/Client) ================================= @@ -333,13 +393,13 @@ Resulting in Security ======== -:abbr:`WPA (Wi-Fi Protected Access)` and WPA2 Enterprise in combination with -802.1x based authentication can be used to authenticate users or computers -in a domain. +:abbr:`WPA (Wi-Fi Protected Access)`, WPA2 Enterprise and WPA3 Enterprise in +combination with 802.1x based authentication can be used to authenticate +users or computers in a domain. The wireless client (supplicant) authenticates against the RADIUS server (authentication server) using an :abbr:`EAP (Extensible Authentication -Protocol)` method configured on the RADIUS server. The WAP (also referred +Protocol)` method configured on the RADIUS server. The WAP (also referred to as authenticator) role is to send all authentication messages between the supplicant and the configured authentication server, thus the RADIUS server is responsible for authenticating the users. -- cgit v1.2.3 From 0839aa604ed8ba5f4dbe56eee2e984d32e55f8b3 Mon Sep 17 00:00:00 2001 From: Alain Lamar Date: Tue, 4 Jun 2024 13:14:29 +0200 Subject: wireless: T6320: Address linter issues --- docs/configuration/interfaces/wireless.rst | 58 ++++++++++++++++++++---------- 1 file changed, 40 insertions(+), 18 deletions(-) (limited to 'docs') diff --git a/docs/configuration/interfaces/wireless.rst b/docs/configuration/interfaces/wireless.rst index 8039b039..1930a1b9 100644 --- a/docs/configuration/interfaces/wireless.rst +++ b/docs/configuration/interfaces/wireless.rst @@ -7,9 +7,9 @@ WLAN/WIFI - Wireless LAN ######################## :abbr:`WLAN (Wireless LAN)` interface provide 802.11 (a/b/g/n/ac) wireless -support (commonly referred to as Wi-Fi) by means of compatible hardware. If your -hardware supports it, VyOS supports multiple logical wireless interfaces per -physical device. +support (commonly referred to as Wi-Fi) by means of compatible hardware. If +your hardware supports it, VyOS supports multiple logical wireless interfaces +per physical device. There are three modes of operation for a wireless interface: @@ -90,7 +90,8 @@ Wireless options .. cfgcmd:: set interfaces wireless beacon-frame-protection - .. note:: This option requires :abbr:`MFP (Management Frame Protection)` to be enabled. + .. note:: This option requires :abbr:`MFP (Management Frame Protection)` + to be enabled. .. cfgcmd:: set interfaces wireless mode @@ -248,10 +249,14 @@ VHT (Very High Throughput) capabilities (802.11ac) Beamforming capabilities: - * ``single-user-beamformer`` - Support for operation as single user beamformer - * ``single-user-beamformee`` - Support for operation as single user beamformee - * ``multi-user-beamformer`` - Support for operation as single user beamformer - * ``multi-user-beamformee`` - Support for operation as single user beamformer + * ``single-user-beamformer`` - Support for operation as + single user beamformer + * ``single-user-beamformee`` - Support for operation as + single user beamformee + * ``multi-user-beamformer`` - Support for operation as + multi user beamformer + * ``multi-user-beamformee`` - Support for operation as + multi user beamformee .. cfgcmd:: set interfaces wireless capabilities vht center-channel-freq @@ -276,7 +281,8 @@ VHT (Very High Throughput) capabilities (802.11ac) Enable LDPC (Low Density Parity Check) coding capability -.. cfgcmd:: set interfaces wireless capabilities vht link-adaptation +.. cfgcmd:: set interfaces wireless + capabilities vht link-adaptation VHT link adaptation capabilities @@ -288,7 +294,8 @@ VHT (Very High Throughput) capabilities (802.11ac) .. cfgcmd:: set interfaces wireless capabilities vht max-mpdu-exp - Set the maximum length of A-MPDU pre-EOF padding that the station can receive + Set the maximum length of A-MPDU pre-EOF padding that the station can + receive .. cfgcmd:: set interfaces wireless capabilities vht short-gi <80 | 160> @@ -314,7 +321,8 @@ VHT (Very High Throughput) capabilities (802.11ac) HE (High Efficiency) capabilities (802.11ax) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -.. cfgcmd:: set interfaces wireless capabilities he antenna-pattern-fixed +.. cfgcmd:: set interfaces wireless + capabilities he antenna-pattern-fixed Tell the AP that antenna positions are fixed and will not change during the lifetime of an association. @@ -324,11 +332,15 @@ HE (High Efficiency) capabilities (802.11ax) Beamforming capabilities: - * ``single-user-beamformer`` - Support for operation as single user beamformer - * ``single-user-beamformee`` - Support for operation as single user beamformee - * ``multi-user-beamformer`` - Support for operation as single user beamformer + * ``single-user-beamformer`` - Support for operation as + single user beamformer + * ``single-user-beamformee`` - Support for operation as + single user beamformee + * ``multi-user-beamformer`` - Support for operation as single + user beamformer -.. cfgcmd:: set interfaces wireless capabilities he bss-color +.. cfgcmd:: set interfaces wireless + capabilities he bss-color BSS coloring helps to prevent channel jamming when multiple APs use the same channels. @@ -344,10 +356,11 @@ HE (High Efficiency) capabilities (802.11ax) HE operating channel center frequency - center freq 2 (for use with the 80+80 mode) - must be within 1..233. For 80 MHz channels it should be channel + 6 - and for 160 MHz channels, it should be channel + 14. + must be within 1..233. For 80 MHz channels it should be + channel + 6 and for 160 MHz channels, it should be channel + 14. -.. cfgcmd:: set interfaces wireless capabilities he channel-set-width +.. cfgcmd:: set interfaces wireless + capabilities he channel-set-width must be one of: @@ -413,6 +426,7 @@ The WAP in this example has the following characteristics: * Wireless channel ``1`` * RADIUS server at ``192.168.3.10`` with shared-secret ``VyOSPassword`` +.. stop_vyoslinter .. code-block:: none set interfaces wireless wlan0 address '192.168.2.1/24' @@ -426,6 +440,8 @@ The WAP in this example has the following characteristics: set interfaces wireless wlan0 security wpa radius server 192.168.3.10 key 'VyOSPassword' set interfaces wireless wlan0 security wpa radius server 192.168.3.10 port 1812 +.. start_vyoslinter + Resulting in .. code-block:: none @@ -491,6 +507,7 @@ about all wireless interfaces. Use this command to view operational status and details wireless-specific information about all wireless interfaces. +.. stop_vyoslinter .. code-block:: none vyos@vyos:~$ show interfaces wireless detail @@ -518,11 +535,14 @@ information about all wireless interfaces. TX: bytes packets errors dropped carrier collisions 183413 5430 0 0 0 0 +.. start_vyoslinter + .. opcmd:: show interfaces wireless This command shows both status and statistics on the specified wireless interface. The wireless interface identifier can range from wlan0 to wlan999. +.. stop_vyoslinter .. code-block:: none vyos@vyos:~$ show interfaces wireless wlan0 @@ -538,6 +558,8 @@ interface. The wireless interface identifier can range from wlan0 to wlan999. TX: bytes packets errors dropped carrier collisions 83413 430 0 0 0 0 +.. start_vyoslinter + .. opcmd:: show interfaces wireless brief -- cgit v1.2.3 From 99086ab972f18ad8e0da632b57606822f5057d69 Mon Sep 17 00:00:00 2001 From: Alain Lamar Date: Mon, 17 Jun 2024 23:12:36 +0200 Subject: wireless: T6320: Change 'beacon-frame-protection enable' to 'enable-bf-protection' --- docs/configuration/interfaces/wireless.rst | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/configuration/interfaces/wireless.rst b/docs/configuration/interfaces/wireless.rst index 1930a1b9..22e7d11f 100644 --- a/docs/configuration/interfaces/wireless.rst +++ b/docs/configuration/interfaces/wireless.rst @@ -87,8 +87,9 @@ Wireless options .. note:: :abbr:`MFP (Management Frame Protection)` is required for WPA3. -.. cfgcmd:: set interfaces wireless beacon-frame-protection - +.. cfgcmd:: set interfaces wireless enable-bf-protection + + Beacon Protection: management frame protection for Beacon frames. .. note:: This option requires :abbr:`MFP (Management Frame Protection)` to be enabled. -- cgit v1.2.3 From dcc1645e54fe6573efd8a2b808c9a7b8c9341652 Mon Sep 17 00:00:00 2001 From: Alain Lamar Date: Mon, 24 Jun 2024 14:32:22 +0200 Subject: wireless: T6320: Backport changes from T6318 --- docs/configuration/interfaces/wireless.rst | 31 ++++++++++++++++++++---------- 1 file changed, 21 insertions(+), 10 deletions(-) (limited to 'docs') diff --git a/docs/configuration/interfaces/wireless.rst b/docs/configuration/interfaces/wireless.rst index 22e7d11f..b7188f44 100644 --- a/docs/configuration/interfaces/wireless.rst +++ b/docs/configuration/interfaces/wireless.rst @@ -45,10 +45,10 @@ Wireless options 1-14. On 5Ghz (802.11 a/h/j/n/ac) channels available are 0, 34 to 173. On 6GHz (802.11 ax) channels range from 1 to 233. -.. cfgcmd:: set interfaces wireless country-code +.. cfgcmd:: set system wireless country-code Country code (ISO/IEC 3166-1). Used to set regulatory domain. Set as needed - to indicate country in which device is operating. This can limit available + to indicate country in which the box is operating. This can limit available channels and transmit power. .. note:: This option is mandatory in Access-Point mode. @@ -380,9 +380,9 @@ default physical device (``phy0``) is used. .. code-block:: none + set system wireless country-code de set interfaces wireless wlan0 type station set interfaces wireless wlan0 address dhcp - set interfaces wireless wlan0 country-code de set interfaces wireless wlan0 ssid Test set interfaces wireless wlan0 security wpa passphrase '12345678' @@ -390,11 +390,14 @@ Resulting in .. code-block:: none + system { + wireless { + country-code de + } + } interfaces { - [...] wireless wlan0 { address dhcp - country-code de security { wpa { passphrase "12345678" @@ -430,8 +433,8 @@ The WAP in this example has the following characteristics: .. stop_vyoslinter .. code-block:: none + set system wireless country-code de set interfaces wireless wlan0 address '192.168.2.1/24' - set interfaces wireless wlan0 country-code de set interfaces wireless wlan0 type access-point set interfaces wireless wlan0 channel 1 set interfaces wireless wlan0 mode n @@ -447,11 +450,15 @@ Resulting in .. code-block:: none + system { + wireless { + country-code de + } + } interfaces { [...] wireless wlan0 { address 192.168.2.1/24 - country-code de channel 1 mode n security { @@ -637,6 +644,7 @@ The WAP in this example has the following characteristics: .. code-block:: none + set system wireless country-code de set interfaces wireless wlan0 address '192.168.2.1/24' set interfaces wireless wlan0 type access-point set interfaces wireless wlan0 channel 1 @@ -645,18 +653,21 @@ The WAP in this example has the following characteristics: set interfaces wireless wlan0 security wpa mode wpa2 set interfaces wireless wlan0 security wpa cipher CCMP set interfaces wireless wlan0 security wpa passphrase '12345678' - set interfaces wireless wlan0 country-code de Resulting in .. code-block:: none + system { + wireless { + country-code de + } + } interfaces { [...] wireless wlan0 { address 192.168.2.1/24 channel 1 - country-code de mode n security { wpa { @@ -691,8 +702,8 @@ still put this card into AP mode using the following configuration: .. stop_vyoslinter .. code-block:: none + set system wireless country-code 'us' set interfaces wireless wlan0 channel '1' - set interfaces wireless wlan0 country-code 'us' set interfaces wireless wlan0 mode 'n' set interfaces wireless wlan0 physical-device 'phy0' set interfaces wireless wlan0 ssid 'VyOS' -- cgit v1.2.3