Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
linux_router:wifi [2025-03-30 Sun wk13 13:17] – [/etc/config/uhttpd] baumkplinux_router:wifi [2025-10-18 Sat wk42 11:25] (current) – [Wifi Router / Access Points] baumkp
Line 1: Line 1:
 +{{tag>linux router wifi "wifi router" "access point"}}
 ======Wifi Router / Access Points====== ======Wifi Router / Access Points======
 I prefer to run higher quality wifi access points (AP) than the all in one type routers.   My current router is X86 based running Linux Nftables on bare metal and Bind9 and Kea as well as some other services in Docker on a VM. I prefer to run higher quality wifi access points (AP) than the all in one type routers.   My current router is X86 based running Linux Nftables on bare metal and Bind9 and Kea as well as some other services in Docker on a VM.
  
-My house is reasonably large,single level, so I run 2 wifi APs connected via Ethernet for better overall coverage.  The AP Ethernet connection is a technically better simpler solution that so call Mesh wifi, which effectively are wifi repeater solution.  The modern mesh solutions tend to use a separate mesh radio band for the interconnection which is more performance than the old fashion in band AP range extenders that were in band.  The AP Ethernet solution generally has the best performance in terms of latency and reliability compared to any wifi solution. Ethernet speed is also usually much more reliable and ultimately faster, although this depends upon the equipment. Also this solution was available many years before the "Mesh router solutions" were popularized.  The biggest reason the Mesh Wifi routers are popular is they to not need ethernet cables to be run.  They can simply be placed and powered from local power connectors.+My house is reasonably large,single level, so I run 2 wifi APs connected via Ethernet for better overall coverage.  The AP Ethernet connection is a technically better simpler solution that so call Mesh wifi, which effectively are wifi repeater solution.  The modern mesh solutions tend to use a separate mesh radio band for the interconnection which is more performant than the old fashion AP range extenders that were in band.  The AP Ethernet solution generally has the best performance in terms of latency and reliability compared to any wifi solution. Ethernet speed is also usually much more reliable and ultimately faster, although this depends upon the equipment. Also this solution was available many years before the "Mesh router solutions" were popularized.  The biggest reason the Mesh Wifi routers are popular is they to not need ethernet cables to be run.  They can simply be placed and powered from local power connectors.
  
 Wifi performance is generally oversold.  For example, a 3200Mb/s connection 5GHz ac connection is the best theoretical band width real life speeds are normally much lower.  Also wifi bandwidth is shared between clients, so if you have 2 clients using the 5GHz ac the theoretical 3200Mb/s is more likely to be maximum 1600Mb/s.  The wifi speed is also very sensitive to distance between the wifi router and the client and any walls in between. The wifi speed is also very sensitive to radio interference, in particular from other neighboring wifi routers in dense urban areas.  I use to turn on my microwave oven and my wifi 2.4GHz connection would drop out!  The actual achievable speeds are more complex than this, however the key point is that the advertised speeds are very-very optimistic.  Wifi performance is generally oversold.  For example, a 3200Mb/s connection 5GHz ac connection is the best theoretical band width real life speeds are normally much lower.  Also wifi bandwidth is shared between clients, so if you have 2 clients using the 5GHz ac the theoretical 3200Mb/s is more likely to be maximum 1600Mb/s.  The wifi speed is also very sensitive to distance between the wifi router and the client and any walls in between. The wifi speed is also very sensitive to radio interference, in particular from other neighboring wifi routers in dense urban areas.  I use to turn on my microwave oven and my wifi 2.4GHz connection would drop out!  The actual achievable speeds are more complex than this, however the key point is that the advertised speeds are very-very optimistic. 
Line 14: Line 15:
 =====Wi-Fi Extender/Repeater with Bridged AP over Ethernet===== =====Wi-Fi Extender/Repeater with Bridged AP over Ethernet=====
 I always setup my Wifi Routers as Wifi Access Points (AP) using an Ethernet uplink only, also know as "Dump AP" or "Bridged AP" Effectively the AP becomes an extension of my LAN and all the providing the Wifi functionality, all DNS, DHCP, firewalling, NAT functions occur in the upstream Ethernet wired Router. I always setup my Wifi Routers as Wifi Access Points (AP) using an Ethernet uplink only, also know as "Dump AP" or "Bridged AP" Effectively the AP becomes an extension of my LAN and all the providing the Wifi functionality, all DNS, DHCP, firewalling, NAT functions occur in the upstream Ethernet wired Router.
 +
 +802.11r is fast transition from one AP to another in the same mobility domain (i.e. faster authentication when you roam from one AP to another)
 +802.11k/v is band steering (i.e. help the client device to find a nearby AP that it would consider roaming to or "stimulate" a device to roam if an AP is saturated)
  
 =====/etc/config/uhttpd===== =====/etc/config/uhttpd=====
Line 48: Line 52:
  option commonname 'OpenWrt'</code>  option commonname 'OpenWrt'</code>
 ++++ ++++
 +I copy my main '*.local.kptree.net' cer/crt and key files from LetsEncrypt to the openWRT machines /etc/uhttpd.crt and key files using 'scp' from the machine remote to the openWRT machines. Install sftp-server with ''opkg update'' and ''opkg install openssh-sftp-server''.
 +  *''scp .config/certificates/'*.local.kptree.net.key' root@wifi-ap1.local.kptree.net:/etc/uhttpd.key'' to copy across the key
 +  *''scp .config/certificates/'*.local.kptree.net.cer' root@wifi-ap1.local.kptree.net:/etc/uhttpd.crt'' to copy across the certificate
 +I have a separate script that extracts the various certificates key from Traefik combined certificate file that I need to use on my mail server, that is mentioned elsewhere on my wiki.
 +
 +After the certificates are updated the router must be rebooted or the uhttpd module restarted:
 +  *ssh into the router ''%%ssh root@wifi-ap1.local.kptree.net%%'' and run ''%%/etc/init.d/uhttpd restart%%''
 +  *'Or run the command in ssh: '%%ssh root@wifi-ap0.local.kptree.net "/etc/init.d/uhttpd restart"%%''
 +
 +=====homepage widget=====
 +[[https://gethomepage.dev/widgets/services/openwrt/|Homepage openwrt widget]] instructions.
 +
 +Note that after upgrading these wifi router APs openwrt software from version 24.10.0 to 24.10.2 the ACL files were lost and had to be recreated.  The user definition was not lost.
 +
 +
  
 ====References==== ====References====
Line 54: Line 73:
     *[[https://openwrt.org/toh/netgear/wax206|Netgear WAX206]]     *[[https://openwrt.org/toh/netgear/wax206|Netgear WAX206]]
     *[[https://forum.openwrt.org/t/wax206-newbie-advice/213085|https://forum.openwrt.org/t/wax206-newbie-advice/213085]]     *[[https://forum.openwrt.org/t/wax206-newbie-advice/213085|https://forum.openwrt.org/t/wax206-newbie-advice/213085]]
-    *[[https://openwrt.org/docs/guide-user/network/wifi/wifiextenders/bridgedap|Wi-Fi Extender/Repeater with Bridged AP over Ethernet]] +    *[[https://openwrt.org/docs/guide-user/start|User guide]] 
-    *[[https://openwrt.org/docs/guide-quick-start/sshadministration|SSH access for newcomers]] +      *[[https://openwrt.org/docs/guide-user/installation/generic.flashing|Installing OpenWrt]] 
-    *[[https://openwrt.org/docs/guide-user/luci/getting_rid_of_luci_https_certificate_warnings|get rid of https certificate warnings]]+      *[[https://openwrt.org/docs/guide-user/network/wifi/wifiextenders/bridgedap|Wi-Fi Extender/Repeater with Bridged AP over Ethernet]] 
 +      *[[https://openwrt.org/docs/guide-user/network/wifi/routedap|Routed AP]] 
 +      *[[https://openwrt.org/docs/guide-quick-start/sshadministration|SSH access for newcomers]] 
 +      *[[https://openwrt.org/docs/guide-user/luci/getting_rid_of_luci_https_certificate_warnings|get rid of https certificate warnings]] 
 +      *[[https://openwrt.org/docs/guide-user/installation/generic.sysupgrade|Upgrading OpenWrt firmware using LuCI and CLI]] 
 +    *[[https://oldwiki.archive.openwrt.org/doc/howto/firstlogin|OpenWrt – First Login]]
  
 [[https://dd-wrt.com/support/documentation/|dd-wrt]], [[https://www.myopenrouter.com/article/transform-netgear-ex6200-wi-fi-router-dd-wrt|Transform the NETGEAR EX6200 into a Wi-Fi Router with DD-WRT]] [[https://dd-wrt.com/support/documentation/|dd-wrt]], [[https://www.myopenrouter.com/article/transform-netgear-ex6200-wi-fi-router-dd-wrt|Transform the NETGEAR EX6200 into a Wi-Fi Router with DD-WRT]]