[HN Gopher] Recommended settings for Wi-Fi routers and access po...
___________________________________________________________________
Recommended settings for Wi-Fi routers and access points
Author : butz
Score : 243 points
Date : 2022-07-30 10:25 UTC (12 hours ago)
(HTM) web link (support.apple.com)
(TXT) w3m dump (support.apple.com)
| prophesi wrote:
| Another recommendation I'd add is appending "_optout_nomap" to
| your SSID name. That will let you opt out of both Microsoft and
| Google's access point data collection.
| kartugestu wrote:
| is the "_optout" part of "_optout_nomap" required? i thought
| "_nomap" is sufficient.
| https://support.google.com/maps/answer/1725632?hl=en#zippy=%...
| kartugestu wrote:
| ah _optout is microsoft i did not know that.
| prophesi wrote:
| Yeah I only learned about it recently. And apparently
| "_nomap" _has_ to be at the end of the SSID. A weird system
| for something that should be opt-in anyways.
| sinuhe69 wrote:
| One negative side-effect of the same SSID policy is you might not
| be able to share your WiFi password by simply putting your
| devices close to each other. Ordinarily, Apple devices can share
| WiFi password easily by putting an already set up device close to
| a new one. But if they are momentarily connected to different
| networks (frequencies), even though they have the same SSID and
| same password, Apple software will see them (correctly) as on two
| different networks so the password will not be shared even when
| the password is the same on both networks. I don't know if the
| automatic band switching is any better than the manual one but I
| find this issue is quite a hassle.
| exikyut wrote:
| This might actually be completely fixable by borrowing the
| trick Bluetooth-less Wi-Fi lightbulbs use for pairing.
|
| To pair, the lightbulb's ESP8266 (or cheaper equivalent) sits
| with its Wi-Fi radio in monitor mode - not authenticated to
| anything, just watching All The Packets flying back and forth -
| and the smartphone sprays crafted packets to 255.255.255.255
| with specific lengths (Wi-Fi encryption does not alter packet
| length), where the length of each packet taken in sequence then
| interpreted as ASCII represents the encoded setup packet
| containing the target SSID and password. (Of course that setup
| packet is plaintext and I was able to vacuum up your password *
| _sad exploding brain_ * D:)
|
| Apple could do the same basic idea here: have the connected
| iPhone spray a magic packet sequence to 255.255.255.255,
| representing say an OTP-esque nonce or similar sort of thing
| that is communicated to the non-connected iPhone OOB (eg
| Bluetooth or cellular). If the non-connected iPhone can see
| this sequence fly past in monitor mode, then ultimately it's on
| the same network even if the SSID is different.
|
| ...Or at least this all works if you can associate packet X,
| with length Y, *with SSID Z*. If you can't localize the
| sequence to an SSID without being authenticated this doesn't
| work.
| VogonPoetry wrote:
| I believe that Apple uses something similar to their
| "Handoff" mechanism, described in the "Apple Platform
| Security Guide" [1]. This uses Bluetooth Low Energy out of
| band paring to establish a shared key. I believe it uses the
| same identity keys as iMessage to establish the shared key -
| so you can only offer to share the WiFi password with someone
| you've been talking to over iMessage and you will see the
| name of the person you are going to share it with. Sharing
| the WiFi password is secure from eavesdroppers.
|
| The Bluetooth-less mechanism for WiFi only is an absolutely
| terrible idea and implementation. It actively leaks the
| network password to anyone listening. I refuse (and return)
| any device that requires me to connect it to my IOT network
| in this way. One can usually detect if this is the setup
| mechanism by looking at the instructions: (1) Download an
| App, (2) do something to the bulb (power cycles usually) (3)
| Setup happens automatically! I think some network stacks
| don't let non-privileged apps send broadcast addresses, so
| perhaps the scope of this damaged mechanism is limited.
|
| It is better if the ESP8266 is put into a low power Access
| Point (AP) mode and configure that way - but due to this
| (usually) not being an encrypted WiFi session, there is also
| a risk of leaking the network secret unless a way to do a
| secure key exchange is bootstrapped in the html form or API.
| Both of these are possible if Javascript is enabled or via an
| App API. The instructions for doing this might also include
| downloading an App, but it also ought to require finding and
| connecting to a setup AP first.
|
| I guess the best way to kill the "leak the password"
| mechanism is for a better mechanism to be created and
| incorporated into something like Tasmota or other public IOT
| ESP8266 codebase so it can be copied.
|
| [1] https://help.apple.com/pdf/security/en_US/apple-platform-
| sec...
| gruez wrote:
| >But if they are momentarily connected to different networks
| (frequencies), even though they have the same SSID and same
| password, Apple software will see them (correctly) as on two
| different networks so the password will not be shared even when
| the password is the same on both networks.
|
| I don't get it, how is this an issue? If both devices are
| already connected to the same SSID, then both devices already
| have the password. Why would you need to share passwords?
| jzwinck wrote:
| One is connected and logged on. The other sees the same-named
| network and is not logged on yet because it doesn't know the
| password. Two different senses of "connected."
| woqe wrote:
| Multiple non-unique SSIDs (name) can exist within a single
| router. More extremely, you and your neighbor can have the
| same SSID on two different routers.
| [deleted]
| jimmaswell wrote:
| Does this mean Apple devices whine at you for joining open
| networks at grocery stores etc?
| JoBrad wrote:
| There's a notice saying it's unprotected.
| justusthane wrote:
| Unfortunately the only way I've been able to get my HomePod Minis
| to work reliably is to disable the 5Ghz band completely and only
| have 2.4 -- even when they're in the same room as the AP!
|
| Having two separate SSIDs and joining them to the 2.4GHz SSID
| also works, but it's kind of a pain and you lose certain
| functionality if they aren't on the same SSID as your iPhone.
| psydvl wrote:
| I have in my router options possibility to choose what Gz
| should device connect to: for example, old notebook I connect
| to 2.4 only. Maybe you should enable same for homepod?
| rcarmo wrote:
| The SSID should't matter if they are on the same IP address
| space. Make sure your router isn't handing out different DHCP
| ranges for each SSID or frequency range.
| incogitomode wrote:
| Interesting to read you have issues with your HomePod Mini.
| Mine has been stable, however all my (7) original HomePods had
| constant issues connecting starting around OS 14.5 / 15. I have
| to imagine it's related to AirPlay 2.
|
| I went through two different WiFi-6 networks, in every possible
| configuration, with no luck. Cumulatively I must have spent
| 20-30 hours debugging the networks, and finally happened upon
| something that works, albeit with caveats. I got two Eero Pro 6
| access points, and disabled band steering -- it was an
| experimental setting at the time -- and everything worked! I've
| since re-enabled the setting and immediately have issues so I
| feel confident saying band steering is the issue.
|
| Since then Eero has updated the setting to include AP switching
| and it's called "client steering". So, unfortunately, to have
| my HomePods connect I sacrifice AP handoff and have to toggle
| wifi if I move my laptop to the other end of the apartment.
|
| There are quite a few folks who have brought this up in an
| Apple issue, and I have a friend in Tucson -- where radio
| interference isn't an issue -- with the same problem.
| chevman wrote:
| Funny timing. Was helping my father in law troubleshoot his WiFi
| this weekend and came across this article.
|
| All his wireless printers and his really old iPad (I think gen 1
| or 2) refused to connect suddenly a couple weeks ago. No apparent
| changes or new devices on his network.
|
| Turned out Comcast pushed an update to his wireless gateway that
| enabled 'managed security functionality'. Part of this included
| forcing WPA3 security on all devices.
|
| Once I figured out how to set it back to WPA2 for the 2.4 ghz
| network, all the old devices reconnected.
|
| Good times :)
| jms703 wrote:
| I don't think WPA3 is totally ready for widespread use (yet)
| due to older IoT devices. I'm not even totally sure what
| problem it solves, so I should probably read up on it.
| cronix wrote:
| This is one of the main reasons I bought my own docsis 3 router
| for about $100 6 years ago. Comcast doesn't have access to it.
| The other bonus is you save a lot of money over the years by
| not having to rent it from Comcast, every month for the
| lifetime of your service. It pays for itself the first year.
| You give up pay per view/on-demand which never affected me, but
| something to consider if he uses that. I think you can still
| get ppv but have to call in or something and can't just order
| it using the remote, but my memory on that is foggy since I
| never use ppv. They make good Christmas presents and saving the
| FIL money always builds up the brownie bank :)
| sveiss wrote:
| If you're with Comcast, then it's very likely they do have
| access to the modem, even if you own it.
|
| A cable modem is somewhat "trusted" from the perspective of
| the network: cable is physically a shared medium, and a
| malfunctioning or malicious devices can disrupt service for
| everyone on the same physical cable segment. There's no way
| for an ISP to remotely cut off a bad device.
|
| This means cable ISPs demand tight control of the equipment
| connected to their network, including remote configuration
| and firmware updates. Comcast enforce this by limiting
| activation to a list of approved devices, and there's a
| certificate-based scheme to try and prevent spoofing an
| approved device.
|
| Historically, the cable modem also enforced download and
| upload speed limits as well, giving ISPs another reason to
| keep modems under tight control, but I don't know if that's
| still the case.
|
| If you distrust Comcast, then you should treat your DOCSIS
| device as hostile even if you own it, and put it behind a
| router you do control instead of using a combined
| modem/router.
| max51 wrote:
| if he only paid 100$ for a modem and it was brand new, it
| likely wasn't an all-in-one station like what large ISPs
| are trying to push. Cheaper/dumber modems severely limit
| the amount of control Comcast have and how much they can
| fuck up your network with a bad update. They can't mess up
| your wifi settings if the box they control doesn't even
| have a wireless radio on it.
|
| "dumb" modems are a lot more reliable simply because there
| is nothing for them to patch inside. It doesn't have a
| complex OS running a wide range of services that need
| regular updates (managing a TV, wifi, file sharing, etc.).
| matthew-wegner wrote:
| _simply because there is nothing for them to patch
| inside_
|
| Cable ISPs still regularly push firmware to compatible
| modems on their network, standalone or combo
| modem/router, rented or owned
|
| If it runs on their network, they have the ability to
| flash it (and they do)
|
| It's a lot less control than your wifi/router settings,
| obviously, but it's still a thing
| sveiss wrote:
| Yeah, if it's just a modem with a separate router that's
| fine, but I think you can get an entry level all in one
| for around $100 now?
|
| I see at least one on Amazon, but it's hard to tell if
| it's refurbished, which most at that price point are.
| teaearlgraycold wrote:
| You'd think they'd have some kind of migration system to detect
| if there are devices on the network that are lost after the
| switch over and revert if so.
| daed wrote:
| You are clearly not a Comcast customer.
| teaearlgraycold wrote:
| Sonic Fiber!
| CharlesW wrote:
| This is a brilliant idea. It makes me wonder if there are any
| user-friendly network scanners that do snapshot diffs.
| kzrdude wrote:
| This is the first time I ever heard of WPA3 existing. Does it
| exist under any other name?
| matsemann wrote:
| Have Apple devices become better "citizens" lately? Remember at
| Uni they for some time banned Apple devices, as they would mess
| up DHCP by reusing stale IP assignments to make it seem quicker
| to connect or so.
|
| Edit: found a discussion from the time
| https://news.ycombinator.com/item?id=2755461
| neilalexander wrote:
| This isn't unique to Apple, I believe Windows also does this
| and there is even an RFC explaining the concept.
|
| Also it's not so much that it deliberately "messes up"
| anything, it's more that a DHCP server shouldn't tell a client
| device that it holds an address for a certain amount of time
| and then either not honour it or forget that state. It's a
| reasonable thing for a client to resume using an address if
| there is time still left on the lease and wasn't told otherwise
| and the ARP collision detection mechanism is supposed to detect
| conflicts before it becomes an issue.
|
| Unfortunately, DHCP implementations in the wild vary in quality
| considerably and the people administering them don't
| necessarily understand the inner workings of DHCP all that well
| either, because as long as it hands out addresses, they
| normally don't ever need to.
| simondotau wrote:
| Such a ridiculous complaint, after all, it's not like there's a
| worldwide shortage of non-routable IPs. Just make your network
| address space large enough that your DHCP server is rarely, if
| ever, reassigning the same IP address more than once. I see so
| many network operators desperate to "right size" their IP
| ranges when they could just allocate a /18 or /16 or even
| larger.
|
| Microsoft and Apple might not be following the DHCP spec
| correctly, but they're breaking it for the right reasons.
| Offering very long lease times is one way to increase apparent
| network responsiveness to your end users. Give devices an IP
| address for weeks or even months if you can. Why not?
| londons_explore wrote:
| Lots of routers start choking when they have more than a few
| thousand DHCP leases.
|
| Often, they do compute hungry things periodically with every
| entry in the DHCP lease table - like for example tracking
| download and upload bandwidth and bytes transferred per
| client every second using some low performance python script.
|
| This has become especially bad since most devices started
| using a new mac address for every connection. It means an
| apple device going in and out of range of a wifi point all
| night can easily create thousands of leases, all active for 7
| days or whatever the default (and often unconfigurable) lease
| time is.
|
| You soon run out of IP's, and even if you don't, you run into
| the aformentioned performance issues.
| simondotau wrote:
| > _Lots of routers start choking when they have more than a
| few thousand DHCP leases._
|
| If someone is running a network of that scale with a dinky
| little router that chokes at the prospect of remembering a
| few thousand leases, DHCP really is the least of their
| problems.
|
| > _an apple device going in and out of range of a wifi
| point all night can easily create thousands of leases, all
| active for 7 days or whatever the default (and often
| unconfigurable) lease time is._
|
| This doesn't happen. That's not how it works.
|
| > _You soon run out of IP 's_
|
| "Running out" of non-routable IPs isn't a risk, it's a
| choice.
| oarsinsync wrote:
| > Lots of routers start choking when they have more than a
| few thousand DHCP leases.
|
| You don't need to run DHCP services on your router. If
| you're running large infrastructure, arguably, you
| shouldn't, and should instead run a DHCP server on a
| server, and leave your router's resources for routing.
|
| > This has become especially bad since most devices started
| using a new mac address for every connection. It means an
| apple device going in and out of range of a wifi point all
| night can easily create thousands of leases
|
| Apple MAC address privacy generates a random MAC per SSID.
| It doesn't generate a new random MAC every time it
| reconnects to the same SSID. This would be pretty terrible
| as far as user experience goes too if they did.
| londons_explore wrote:
| > It doesn't generate a new random MAC every time it
| reconnects to the same SSID.
|
| By default, it does. That's to prevent people like
| McDonald's tracking your device from restaurant to
| restaurant as they all have the same SSID
| neilalexander wrote:
| Details on the Apple implementation:
| https://support.apple.com/en-gb/HT211949
|
| In short, Wi-Fi scans use a randomised MAC, connections
| to a known network can reuse the same private MAC for up
| to 6 weeks, can fall back to the device MAC if all else
| fails.
| serf wrote:
| >Why not?
|
| parent said it caused network issues at their university.
|
| pretty cut & dry 'why not?' included.
|
| >Microsoft and Apple might not be following the DHCP spec
| correctly, but they're breaking it for the right reasons.
|
| these groups are both large enough to influence whatever
| specs they need to without out-right breaking them, in many
| ways they're the ones least responsible in doing so, as they
| often times shape the specifications themselves. If they need
| the spec to include arbitrarily long leases let's ask them to
| propose that to the spec rather than being OK with certain
| groups violating things.
|
| Violated specs is exactly the kind of thing that that
| trickles down to unintended and unexpected user experience.
| simondotau wrote:
| > _parent said it caused network issues at their
| university._
|
| No, the parent's university's apparent problem was that
| their DHCP was reallocating IP addresses soon after expiry.
| Dramatically increasing the pool size and the lease time
| wasn't the problem, it's the solution.
| freedomben wrote:
| You're not wrong, but I'm saddened at this attitude. IMHO
| the tech giants already have so much power/ability to
| shape/force the standards to suit their own practices.
| The attitude of "Apple should be able to violate the
| standard all they want and it should be on network
| operators to accommodate them" is wildly empowering to
| the elephant over the ant.
| encryptluks2 wrote:
| I'm surprised hiding the SSID makes it less secure? Or they just
| saying it isn't worth the inconvenience?
| cesarb wrote:
| If you hide the SSID, your phone or laptop has to ask for that
| specific SSID in a probe request every time it scans for nearby
| networks, even when it's nowhere near your router. If you don't
| hide the SSID, your phone or laptop can just ask for the
| wildcard SSID in the probe requests, or even passively listen
| for the periodic beacons. That is: if you hide your SSID, not
| only you're announcing to everyone around you all the time your
| SSID, but also it doesn't hide it very well, since the SSID is
| still sent in plaintext in the probe request every time your
| devices attempt to connect to your router.
| nullify88 wrote:
| These days I just disable 2.4ghz completely since all our devices
| support 5ghz and we have enough (2) access points around the
| house to give a good signal anywhere.
| julianlam wrote:
| That's fortunate, what usable range do you see with your 5GHz
| network? I find the range is pretty dismal even with a wood
| frame and drywall house. My AP can be right below me and the
| signal is only perhaps 50%
|
| Wifi Analyzer will show the signal as coming from 30+ meters
| away when it is only about 4m (with multiple walls and floors
| in between)
| nullify88 wrote:
| WiFiMan reports -85db and 80m when 3 floors down on the
| opposite side of the house from 1 Ubiquiti U6 Mesh. We have a
| second U6 Mesh to cover this area and users roam between the
| two when on the second floor where we are most of the time.
|
| The house is detached, very open plan, and doesn't have many
| solid walls. We also have traditional wall radiators, I
| imagine the lack of underfloor heating and foil insulations
| allows wifi to travel further between floors.
| londons_explore wrote:
| Insulated walls often have foil backed insulation which is
| really good at blocking wifi. Even with devices the same side
| of the wall, the foil makes nice constructive and destructive
| interference patterns that mean a device that's working great
| can lose all signal if you move it a few inches.
|
| I really wish insulation makers would use a different backing
| material - the supposed reflectivity of the foil doesn't
| really add much to the insulation properties anyway.
| gorpy7 wrote:
| It's more common in roofs than walls. but is becoming more
| common on both. As people continue to take house
| performance more seriously, more aspects are being
| addressed. unsurprisingly, foil reflects radiant heat gain
| when you're trying to cool. maybe directly from the sun and
| that emitted from hot siding.
| elric wrote:
| > the supposed reflectivity of the foil doesn't really add
| much to the insulation properties anyway
|
| Can you elaborate on that? Seems hard to believe. There are
| many kinds of insulation without foil, and the foil backed
| variants tend to be more expensive. It's hard to imagine
| that we'd be making the stuff like that without a good
| reason.
| londons_explore wrote:
| Foil backing is normally used on polyurethane foams, and
| is necessary to give the panel sufficient structural
| rigidity during manufacture.
|
| One could use a plastic film instead though, or even
| corrugated cardboard.
|
| The effectiveness of the film for insulation depends on
| many things.
|
| Energy is lost through radiation, conduction and
| convection. At every layer of a house wall, the
| contribution of those effects varies widely.
|
| _Within_ the panel, radiation has near zero impact,
| because the foam material is directly in contact with the
| foil.
|
| _Outside_ the panel, the foil _might_ have a benefit.
| The benefit would be maximized if there was a multi-
| millimeter air gap, followed by a very hot surface
| (Radiation doesn 't scale linearly with temperature).
|
| The foil also has a downside for insulatitive
| properties... The aluminium the foil is made out of
| conducts heat very well. That means if part of the wall
| is leaking some heat (for example has a nail through it),
| then the foil will spread that head sideways through the
| wall, increasing overall losses, sometimes dramatically.
| b3morales wrote:
| The "good" reason is often that the seller can talk the
| buyer into a higher price for the extra "feature". It can
| even be higher _marginally_ : i.e. insulation costs $0.50
| to manufacture, and they can sell it for $1; adding foil
| costs an additional $0.15 but now they can charge $1.50.
| This is common, even pervasive, with consumer pricing.
| janandonly wrote:
| Not sure I agree with Apple's recommendations.
| don't give your 2.4GHz and 5GHz bands different names.
|
| I purposefully did set different names for these two band. I also
| _only_ gave all my devices the password for the 5GHz band.
| Because latency is lower on that band.
|
| I cannot disable 2.4GHz band because my old WiFi printer doesn't
| support the 5GHz but if it wasn't for that I would disable it
| altogether.
| orev wrote:
| I feel like the concept of using different names for each band
| is like the old habits where people would disable auto-speed
| negotiation on Ethernet. It used to cause a problem when it
| first came out, but all of those issues were solved long ago,
| and yet it has become lore for most network admins. It's
| finally going away since 1Gb _requires_ auto-speed, however I
| have no doubt many would still be disabling it if they could.
|
| Same with the WiFi names. If systems can't handle auto
| switching to the correct band, then fix those systems. Devices
| can easily handle roaming between different APs with the same
| SSID, and this should be no different.
|
| Edit: I do see the point of doing it if you want to control the
| band usage, however I think that should be a special case and
| not considered the "standard" way to do things for regular
| people.
| fnordpiglet wrote:
| I separate them because things often do poor band choosing
| and things too far from an AP are using 5ghz when they should
| be picking 2.4 at that range. By separating I can choose
| which band I want this thing based on the coverage topology.
| Fwiw I've never found band steering to work well.
|
| Finally I also selectively put devices into 2.4 just to keep
| my 5 band clearer.
| yakkityyak wrote:
| Devices should have settings to explicitly prefer or only
| allow certain bands for a given SSID. Again it's a device
| problem.
| legulere wrote:
| The problem with the 5 GHz band is that it can be turned off
| any time because of radar:
| https://en.wikipedia.org/wiki/Dynamic_frequency_selection
| simoncion wrote:
| Only certain slices of it. The article you linked to mentions
| the frequencies in the US that must use DFS. This table in
| the article _it_ links to goes into much more detail. <https:
| //en.wikipedia.org/wiki/List_of_WLAN_channels#4.9%E2%8...>
|
| Look for the cells that contain "DFS" to see on which
| channels APs are required to channel hop if they believe they
| have heard radar.
|
| In my personal experience, channel hopping works fine.
| exikyut wrote:
| Ooooh. Now I wanna find out how I can fly over an area with a
| drone and make pictures like the example!
|
| On a somewhat smaller, more theoretical note, I wonder what
| "a radar signal" is as far as a Wi-Fi SoC is concerned.
| Sounds like the wild-west, much-trickier-to-block counterpart
| to the old deauth packet attack. At least the FCC/etc can get
| shouty if needed...
|
| Edit: Oh, right, it only goes offline if channel selection is
| manual. And presumably radar only uses the one band (?) so
| you couldn't flood it out or play cat and mouse.
|
| Hmph, this is actually well designed. Given that this
| requires pretending to be a radar you might as well switch to
| a smaller pot of hot water and just get a 5.8GHz signal
| jammer.
| Avamander wrote:
| It's actually really annoying that it shows a permanent Privacy
| Warning for disabling "Private WiFi address" you can't disable on
| trustworthy networks. Apple you don't know, so stop speculating,
| mkay.
|
| The rest is nice though, bad configurations finally display a
| warning. People harden their WiFi configurations which is nice.
| JoBrad wrote:
| Agreed. It would be nice if you could specify a network add
| your home network, and private address would just be disabled
| there.
| newsclues wrote:
| Please make a modern airport base station.
| spamboy wrote:
| Seriously, this. I run an enterprise grade Meraki deployment
| (router and access point) with all the 802.11ax bells and
| whistles. I have 8 HomePods/minis in a ~1000 sq ft space. They
| can reliably play music all synced up maybe... 20% of the time?
| It'd be really great if Apple just provided an AP that would
| drive them without issues.
| hjuutilainen wrote:
| Two more useful and related Apple KB articles:
|
| macOS wireless roaming for enterprise customers
| https://support.apple.com/en-us/HT206207
|
| About wireless roaming for enterprise
| https://support.apple.com/en-us/HT203068
| exikyut wrote:
| This is an offtopic side-track/distraction, but I've been
| _completely_ thrown by the masking in the screenshots and
| example CSV dump.
|
| The first thing I'm distracted by in the expanded Wi-Fi menu in
| the first link is "Address: xx:x0:00:00:x0:00:00". wHaT wErE
| tHe 'x's bEfOrE?? Why mask out the first 11/2 octets of the MAC
| when the first 3 octets are manufacturer-specific and (IIUC)
| would have been one of Apple's prefixes, and given that the
| assignment is apparently random1 this would practically have
| leaked absolutely nothing. Next, the first half of the 5th
| octet is an 'x'. wHy??//? what does it mean
|
| Further down in the menu we have... OwO what's this(tm), a IP
| address? "010.101.0.10"? Do I briefly switch to octal to parse
| that first octet? Pretty impressed the Mac in question is the
| network's router though - especially given it's a Wi-Fi
| network. Oh - sorry, you got a bit of sarcasm on you there, let
| me get it off :P
|
| Then we have the scan window further down in the same article.
| OK, so the distribution of noughts and crosses :) is apparently
| correlated with the security setting (the protocols are all
| over the place and seem to represent different routers). I
| honestly don't get it.
|
| Moving onto the next article, ...oh no the 'X's have gotten
| angry and are now in UPPERCASE! I wonder where
| "01:01:00:01:XX:01" is??? "10:01:10:01:X0:10" looks positively
| scary.
|
| A small tangent is required to remark about how _everything
| that has ever happens on an iPhone happens at 09:41_ really has
| gone so far as to be unrealistic. The original idea was just to
| have the marketing materials acknowledge when iPhone went live
| at WWDC. These screenshots with the "scan result: 09:41:45 AM"
| are absurd, both because iOS 11 did not exist back then, and
| because it would not be possible to practically do a network
| scan and deployment at the exact same nanosecond the OS you're
| supposedly supposed to be using is being debuted. The one event
| categorically predates the other. Hmph.
|
| OK, moving to the bottom of this article we get the...
| notascreenshotsoapparentlytheartdepartmentcantseeit(tm) CSV
| data. With confusion inside(c)! Firstly, unfortunately I don't
| know how to do a "this SSID _and_ this SSID within 10km of each
| other " search, so I don't know if ACES and Cuba are actually
| real, but what I _can_ say is that while the first listed MAC
| address turns out to be invalid (makes sense), the second and
| third entries are Apple-prefixed - _which doesn 't make any
| sense since this is supposed to be a list of access points, not
| client devices_ - but in any case, _both MACs are valid and
| resolve to a street address_ - wat, apple? u ok? - and while
| the second MAC only has one entry, the third has a location
| history that includes an address <10 meters away from the
| second one. Hi developer who gets around!
|
| 1 https://apple.stackexchange.com/questions/49948/differentiat.
| .., http://www.coffer.com/mac_find/?string=apple
| exabrial wrote:
| How does the carrier wifi network thing work? Some sort of radius
| auth?
| andix wrote:
| Funny thing about WPA3: it works with all my devices (including a
| 12 year old think pad x201s), but only on Linux. On windows they
| all can't do WPA3, because the cards are ,,unsupported for WPA3".
| oneplane wrote:
| The difference is probably in the way WPA is handled; WPA
| Supplicant can be made to work with any radio module that
| supports passing through the authentication and encryption. But
| Windows doesn't use WPA Supplicant and instead relies on each
| manufacturer to make sure their driver either has its own WPA
| Supplicant or uses on-chip authentication and encryption in the
| WiFi module itself.
|
| The big difference between them is that on Linux it will work,
| but heavy traffic will eat CPU cycles. On Windows it simply
| might not work at all, but when it does, and if the driver is
| not written by 1000 monkeys on typewriters, it can offload a
| lot of heavy lifting to the WiFi ASIC.
|
| I'd say that in all cases, the WiFi chip manufacturers are to
| blame, but the software fallback that WPA supplicant provides
| should really be the lowest bar any device or OS should be able
| to pass.
| spookthesunset wrote:
| I did not know that the system could push the encryption and
| auth up to the CPU. Always assumed the card did all the heavy
| lifting.
|
| Very interesting!
| zekica wrote:
| Only authentication will not be offloaded, actual data
| encryption still is.
|
| The only exception is if your driver doesn't support
| management frame protection (802.11w). Then, if your AP has
| 11w enabled or you are using WPA3, it will use software
| encryption.
|
| ath9k, ath10k, ath11k, ath9k_htc, ath6kl, brcmfmac, brcmsmac,
| iwlwifi, iwlegacy, mt76, mwifiex, mwl8k, rtl8xxxu, all
| rtl8xxxe drivers support 11w, while some others: rt2xxxpci
| rt2xxxusb, ipw2200, carl9170 don't.
| oneplane wrote:
| In the old days we needed a lot of tricks because firmware
| loading either didn't work or we didn't have the firmware
| binaries yet, so even (IIRC) ath9k didn't utilise on-ASIC
| for everything. But that was in the B (and maybe G) days.
| vetinari wrote:
| > but only on Linux
|
| Are you using wpa_supplicant 2.9? Do not update to 2.10!
|
| I had the same experience with 2.9, but with 2.10, I cannot
| connect at all, not even with WPA2 (with WPA2+3 Transitional on
| the AP). Downgraded back to 2.9 and it works again.
| exikyut wrote:
| 1. Why?! (Yelled in wpa_supplicant's general direction, not
| yours)
|
| 2. What error messages were you seeing in wpa_cli, out of
| curiosity?
| vetinari wrote:
| https://bugzilla.opensuse.org/show_bug.cgi?id=1195395
|
| https://bugzilla.redhat.com/show_bug.cgi?id=2050840
|
| Reading through the opensuse bugzilla I tried again, and it
| works! NetworkManager 1.38+ needed. It is interesting, that
| the fix is in NetworkManager (https://bugzilla.opensuse.org
| /show_bug.cgi?id=1195395#c47).
| jlarocco wrote:
| Interesting. I had the hardest time getting wpa_supplicant
| working on a new Debian install last weekend, and eventually
| gave up and switched to iwd, which was new to me, but worked
| immediately
|
| Checking now, I have wpa_supplicant 2.10, so I wonder how
| much of my problem was due to that.
|
| iwd's been great so far - I'm no expert so maybe there are
| technical advantages, but I don't see any reason to go back
| to wpa_supplicant.
| glowingly wrote:
| I bypassed WPA supplicant on Tumbleweed, and manually setup
| the connection.
|
| I did think it was rather odd that my WiFi AP stopped
| allowing my linux laptop to connect, even though it worked
| right before I moved from Fedora -> Tumbleweed. But even a
| new Fedora live ISO (I guess all Fedora ISOs are live by
| default) was unable to connect.
|
| Eventually figured it was the current version of WPA
| Supplicant at fault, not the WiFi AP, and not the HW in my
| laptop. But it is somewhat annoying when something that
| worked just an hour ago, flatly doesn't.
| pantalaimon wrote:
| Does it work with iwd?
| vetinari wrote:
| Yes, but WPA2-only, just like Windows.
| andix wrote:
| No idea. I use Ubuntu. And it just works. That's what I want,
| and I prefer not to know more ;)
| deepsun wrote:
| Good for you, but on this site curiosity is explicitly
| encouraged.
| gjs278 wrote:
| haupt wrote:
| I hope this isn't a preview of the future chaos in store for
| anybody trying to use a device not certified by MS for use with
| Windows.
| andix wrote:
| In this case it is not certified by Intel, the WiFi card
| manufacturer.
| haupt wrote:
| I see, thank you.
| wildekek wrote:
| Most problems with Apple products and WiFi are related to
| multicast settings. Not a single word about it in the article.
| muppetman wrote:
| Care to elaborate? My experience, limited though it is, seems
| to point more to DTIM interval. Which wifi setting that impacts
| multicast do you mean?
| tinus_hn wrote:
| Probably it's igmp snoop, which kind of a protocol violation.
| It's understandable because multicast over WiFi is really a
| problem, especially if you're transmitting a TV stream, but
| if the snoop implementation is poor or out of date you'll end
| up breaking anything based on mDNS/Bonjour, so pretty much
| Apple build the last decade, and it's difficult to diagnose.
|
| If you have TV based on multicast, put it on a separate VLAN
| so it doesn't end up spreading over your whole lan.
| NobodyNada wrote:
| Do you happen to have any resources/tools/ideas on how to
| troubleshoot this? I'm having issues with mDNS sometimes
| just not working on a network I maintain. I can run
| Wireshark on two devices and see that one is sending out
| mDNS queries and the other isn't receiving them at all.
|
| It's not just mDNS though; all multicast traffic is
| affected (sometimes ARP doesn't even work, and I can't ping
| the other device by IP).
| klabb3 wrote:
| I've had an issue where mdns transmit would cease after X
| minutes uptime on windows. Nothing even shows up in
| Wireshark. I'm still not sure why but I'm assuming the
| NIC driver for windows didn't like it. Switching from
| wifi to ethernet fixed the problem. Switching to Linux
| (same machine) also fixed the problem.
|
| Oh and it was only certain multicast udp that was
| affected. Regular ip broadcast still worked.
| qzw wrote:
| I've tried using the same SSID for 2.4Ghz and 5Ghz but find that
| some devices (my kids' Fire tablets, for example) end up hanging
| on to a weak 5Ghz connection when they would've been better off
| switching to 2.4Ghz. But if the bands have different SSIDs, I can
| at least easily force them to switch manually.
| yakkers wrote:
| I've had mixed results depending on devices -- my Apple devices
| tend to hop between bands and APs quite excellently.
|
| On the other end, I've got a Nintendo Switch which stubbornly
| sticks to the first AP / band (I'm running a few APs with the
| same SSID/PSK) combination it grabbed onto during network
| setup. Even if I move completely out of range of the AP/band it
| grabbed onto it'll refuse to acknowledge other APs/bands until
| you run network setup again.
|
| Everything else I deal with tends to be much closer to the
| former than the latter, thankfully. I don't use non-standard
| stuff like UniFi band steering, as it is known to cause issues
| due to non-standard behaviour.
| jquery wrote:
| Turning off Unifi Band steering was key to fixing my
| moonlight home streaming setup. That and disabling 2.4Ghz
| entirely for the network I use to stream on. Also manually
| picking the fastest channel by checking each one individually
| and testing it. Now I can stream 4k VR @ 72 hz no problem.
| Haven't had to touch my router settings since doing this.
|
| My situation is so many nearby unique Wi-Fi networks, >160
| detectable by my router alone. Lends itself to interference
| issues if not done perfectly.
| andix wrote:
| Nintendo Switch wifi is the worst. Mine is places 2m next to
| the router and can only do around 25 mbits. All other devices
| I own do at least 200-500 mbits.
| germinalphrase wrote:
| The entire Nintendo wifi/online experience is so poor.
| andix wrote:
| Yeah, I only use it for downloading games.
|
| I think the Switch is the wrong console if you want to
| play online. It's made for playing offline/mobile and
| playing with friends on split screen. And it's awesome
| for that.
| sgarman wrote:
| I know but splatoon is so awesome. I really wish there
| was a PC version.
| exikyut wrote:
| * _Sound of Googling_ *
|
| -> https://github.com/Ryujinx/Ryujinx-Games-
| List/issues/703
| jquery wrote:
| This happens to be the only way for some of us to play
| region-locked games like Tsukihime.
| dundarious wrote:
| Agreed, I had to go wired to get any kind of decent
| connection, and then I'm behind CGNAT so I can't play Mario
| Kart 8 with it (for that game, I just use my phone as a
| hotspot and suffer).
| jquery wrote:
| Yeah, it takes its sweet time downloading large games. I
| get about 40mbps. On the upside, Switch games tend to be
| much smaller than their next-gen counterparts.
|
| The key to a happy Switch life is a large micro sd card.
| Fortunately even 1tb are affordable now.
| jon_adler wrote:
| My Ubiquiti WAPs support band steering with a minimum signal
| strength setting for 5Ghz. Perhaps you could upgrade to get a
| better experience?
| geoduck14 wrote:
| I use that feature on my Dream Machine. It doesn't really
| help. My laptop will still hop on the wrong band or AP, or my
| phone will drop off if I'm in the back yard. Meh
| mijoharas wrote:
| I had a minimum rssi set for an ubiquiti access points 5ghz
| channel. The client would just keep reconnecting to the 5ghz
| channel and getting kicked immediately. I had to manually
| lock that device to a specific band and access point.
| Insanely bad software on the client and very frustrating.
| vetinari wrote:
| The decision is always client side, just like with roaming.
|
| There are ways to influence the client, which is basically
| what Ubiquiti is doing (and the client can ignore), and the
| last resort is to always kick the client once the signal is
| below some threshold.
| fullstop wrote:
| They can be configured to kick the client off if rssi falls
| below a given level. It's a poor man's 802.11r.
| mijoharas wrote:
| I outlined some problems with a client when doing this
| [0]. Very frustrating.
|
| [0] https://news.ycombinator.com/item?id=32288095
| presto8 wrote:
| In addition to band steering (which is moving between bands
| on the same AP), there is also Wi-Fi EasyMesh[1] which allows
| multiple APs to coordinate with each other (over wired or
| wireless backhaul) to steer STAs (clients) between APs.
| However, the Ubiquiti AP is not certified for EasyMesh[2].
|
| [1] https://www.wi-fi.org/discover-wi-fi/wi-fi-easymesh
|
| [2] https://www.wi-fi.org/content/search-page?keys=ubiquiti
| NickRandom wrote:
| It is often the _device_ that needs better band steering
| abilities and the Access Point can't do much to force the
| issue.
|
| Or did you mean that the GP should upgrade both their WAP AND
| all of the their connecting equipment?
| [deleted]
| ArtWomb wrote:
| And what's this Wifi 6 business? Am still upgrading devices to
| 5! Is there a new 802.11x standard? If service is (barely) 1
| gig, and most end users dont notice degrading, why bother?
|
| Everyone also recommends the eero wifi mesh. But I'm hesitant.
| There's probably a hack to turn a jetson nano or rpi4 into a
| repeater ;)
| andix wrote:
| I see wifi 6 as a mature version of wifi 5. It provides
| similar features, but is just much more reliable.
| Avamander wrote:
| > If service is (barely) 1 gig, and most end users dont
| notice degrading, why bother?
|
| Because there's really more to it than just raw bandwidth.
|
| Either with the new protocol itself or with the new hardware
| that supports the protocol, you'll get other improvements
| besides raw bandwitdh. A WiFi 6 AP in this case should in
| theory provide you better security (WPA3, PMF1), antenna
| design2, power savings3, lower latency and lower
| interference4.
|
| There are other improvements as well that might now be
| included with new AP's, but as they're not mandatory to
| implement it depends on the AP. Just like PMF was an optional
| feature with previous WiFi.
|
| --
|
| 1 - Protected Management Frames (802.11w) simplified
| protection against deauth attacks. Could also mean it is
| enabled for WiFi 5 devices, previously a very
| enterprise/high-end only feature.
|
| 2 - The higher requirements of WiFi 6 will most likely mean
| that WiFi 5 clients will also reap some benefits. Lower
| packet loss, better range, actual MU-MIMO and better
| beamforming even individually might be a large step-up for
| some.
|
| 3 - Target Wake Time - scheduling better when targets wake up
|
| 4 - BSS coloring
| oneplane wrote:
| Repeaters and meshes are generally a bad idea, repeaters
| specifically.
|
| Unless you live in a large concrete bunker, having 1 or 2
| well-placed access points with wired connections is all you
| really have to invest in for most personal living scenarios.
| dzhiurgis wrote:
| Latest macbooks is a downgrade even when it got wifi6. Used
| to max out at 650mbps, now it's 450mbps
| methyl wrote:
| My MBP 16 m1 easily does 750mbps with Unifi 6 LR
| xyzzy_plugh wrote:
| WiFi 6 makes a big difference in congested environments, in
| my experience. In an urban office, clients of our WiFi 6 APs
| get roughly 2x throughput (~200-300mbps) than peers on 5.
| It's borderline impossible to saturate the uplink at max
| speeds for any network when there's congestion, but the
| improvements to client isolation are substantial IMO.
| hedora wrote:
| Eero is set up so that Amazon can snoop your local network,
| and/or use it to create a shadow network to defeat IoT air
| gaps. I assume they do, or at least will eventually.
|
| Look at how they've been behaving over time with Nest.
| vetinari wrote:
| Wifi is a shared medium; just because it can keep up with
| your service, doesn't mean it can keep up with yours and your
| neighbors services. Wifi 6 brings better modulation schemes
| and OFDMA support, which helps with multiple devices co-
| existing.
|
| Also, wifi is not just last hop to the internet. Don't you
| have services in your local network, like NAS?
| rektide wrote:
| It's not out-of-the-box perfect, but I've had decent luck using
| DAWN, which targets openwrt, to get decent bandsteering. I can
| always ssh in (I personally havent been interested in
| installing/trying the "luci" web interface) & move someone
| between bands if I need to. My understanding is it's typically
| thr network nit clients that is supposed to be in charge of
| bandsteering & that devices hanging on to what they lock on to
| is the norm, typical.
|
| Also, this setup works across & steers clients between my
| multiple access points!
|
| It's amazing being able to ssh in and see a map of what signals
| each AP sees. DAWN periodically asks clients to help map, so
| even if the AP's are on different bands, you can still compare
| what the signal would be if the node moved.
|
| We'ee finally living in a pretty good time for open source
| wifi. A pity how only a couple chips have support (select
| MediaTek and Qualcomm) but wow things have gotten much better.
|
| https://github.com/berlin-open-wireless-lab/DAWN
| Saris wrote:
| My Unifi APs have a minimum RSSI of -80dBm set on the 5ghz
| band, which helps a lot. Maybe your router/ap has that setting
| somewhere?
| guidedlight wrote:
| Your router needs to support 802.11k for devices to reliably
| switch between wifi networks using the same SSID.
|
| This is normally a feature offered by enterprise or pro-
| consumer equipment.
| oneplane wrote:
| Works fine without K or R, but then the client has to do more
| work and lots of client devices have bad software on them. On
| top of that, while K and R can help, even then it needs to
| work with the client to have all the benefits.
| xrisk wrote:
| openwrt offers this. Another reason to install it whenever
| you can!
| reaperducer wrote:
| Canon printers also can't handle 2.4 and 5 networks with the
| same SSID.
|
| The workaround is to give a spare 2.4 router the same SSID as
| your real router. turn off your real router. Connect the
| printer to the 2.4 router so it can be configured. Then put the
| spare router back in storage and turn your main router on
| again. The printer will then connect to the 2.4 signal of the
| main router.
|
| Really disappointed in Canon not being able to handle multiple
| SSIDs, and eero for disabling the feature of having different
| SSIDs for different frequencies.
| stordoff wrote:
| For Eero, there is now an option to disable 5GHz for ten
| minutes in order to connect some troublesome devices. It
| might work for connecting such a printer.
| andix wrote:
| I usually have the opposite issue, devices staying on (slow)
| 2,4 GHz directly next to the router. I would like to copy some
| files, and switching to 5 Ghz would vastly improve performance.
| But the device just doesn't.
|
| I solved it by just disabling 2,4 ghz and adding enough
| repeaters/APs so I have coverage everywhere.
| t0bia_s wrote:
| I solved few issues by disabling 5 Ghz. It won't work in next
| room anyway, walls are to strong. So there is no reason to
| have 5 Ghz on.
| spookthesunset wrote:
| I just create a dedicated 5ghz SSID and then a "mixed" SSID I
| can dump all the low bandwidth crap onto. All the laptops and
| phones live on the 5ghz and the rest can figure it out on
| their own.
| xuki wrote:
| This is the way. Everything on 5GHz, unique SSID for 2.4Ghz
| IOT devices and buy enough APs. Life is too short to debug
| wifi problems.
| andix wrote:
| Exactly. While I was using 2,4 GHz I had a lot of random
| issues. Probably faulty/bad WiFi devices from neighbours.
| Since I switched to 5 GHz they are all gone. The higher
| frequency is probably blocked by the walls enough, not to
| interfere.
| eBombzor wrote:
| If you live in an apartment please turn down the transmit power
| for the sake of everyone in the building.
| cmeacham98 wrote:
| > It's usually best to enable every mode offered by your router,
| rather then a subset of those modes. All devices, including older
| devices, can then connect using the fastest radio mode they
| support. This also helps reduce interference from nearby legacy
| networks and devices.
|
| Is this really the best advice? My (limited) understanding is
| that if a device connects with an older standard everyone gets
| slowed down by this. My router has a setting it calls "Airtime
| Fairness" that purports to combat this.
| zekica wrote:
| Airtime fairness helps a lot but if a 11b device connects, you
| automatically lose 1/3 of the throughput even when that device
| is not active. 11g can also slow down others but only a couple
| percent. Also, if you disable 11b rates you can have more SSID
| beacons (more networks) in parallel as the beacon is then
| transmitted at 6Mbps PSK instead of 1Mbps DSSS.
| tzs wrote:
| > Make sure that your device has Location Services turned on for
| Wi-Fi networking, because regulations in each country or region
| define the Wi-Fi channels and wireless signal strength allowed
| there.
|
| That one surprised me.
|
| I'd have expected that there would be a field in the data
| broadcast from the router that identified what country's or
| region's regulations it is operating under, and that client
| devices designed to handle multiple multiple countries or regions
| would use that to select channels and power levels that are legal
| there.
| jeffbee wrote:
| There is. The wifi beacon frame contains regulatory
| information.
| https://www.oreilly.com/library/view/80211-wireless-networks...
|
| I also find it odd that Apple recommends this since users must
| disable location services on M1 mac mini systems to make the
| wifi work. It's just flat out broken and has been that way
| since they launched it.
| icebergonfire wrote:
| I don't want to invalidate your experience, but allow me to
| offer an anecdata counterpoint: Wifi works perfectly on my M1
| Mac Mini and has since day 1 (to the point I never bothered
| to wire it up), and I have location services enabled.
|
| I wonder what other variables are in play here that make it
| not work for you.
| jeffbee wrote:
| Not sure either but if you google it you'll see I'm not
| alone.
| tracnar wrote:
| A rogue AP could then trick devices into breaking regulations
| :)
| culopatin wrote:
| Is it actually good to have the same name for 2.4Ghz and 5Ghz
| SSIDs? Would devices always pick the 5Ghz if they can? I don't
| want to be connected to 2.4 all the time just because it might
| have a marginally better signal strength and be limited to 2.4Ghz
| speeds.
| oynqr wrote:
| The phone will pick 5GHz when it's both needed (the phone isn't
| asleep) and it is actually faster than 2.4GHz. Forcing 5GHz is
| bad when your phone is good at roaming.
| misterdata wrote:
| Some APs (eg Ubiquiti) can actually steer clients from one band
| to the other based on minimum RSSI and other parameters
| (including device compatibility, and you can exclude or force a
| band for individual devices), which prevents this from
| happening.
| the_mitsuhiko wrote:
| From my experience devices do a good job these days picking the
| better of the two options. I notice that there are quite a
| cases where in practice some devices get better performance by
| picking 2.4 than 5. In particular I have some devices that
| apparently learned to stay on 2.4 for longer because I move
| them more between the different access points than for instance
| my macbook.
| exitheone wrote:
| From my experience, both Android, Linux and Windows
| consistently fail to use the faster 5ghz WiFi when starting out
| on the 2.4ghz. That's why I still have two separate SSIDs at
| home.
| jwr wrote:
| I've been doing this for many years now with excellent results.
| Ubiquiti APs and mostly Apple devices, FWIW.
| muppetman wrote:
| Look up band-steering. There's many ways to make a client
| prefer 5Ghz.
| neilalexander wrote:
| My experience with using the same SSID for both bands is that
| _most_ devices will do the right thing, pick based on signal
| strength and will reevaluate that choice fairly often. However,
| a small number of devices (normally older or cheaper devices)
| will often stick to a band until they have no other choice.
|
| That said, a weaker 5GHz signal can sometimes still be better
| or more stable than a stronger 2.4GHz signal since the risk of
| interference in the 2.4GHz band is often much higher.
|
| I've never ever had enough of an issue to worry about it.
| n4bz0r wrote:
| If your AP has similar functionality, I've seen one trick (or
| hack, if you will) in Mikrotik talks [0] to make your devices
| pick 5Ghz over 2.4Ghz.
|
| TL;DW: Reduce 2.4Ghz AP's transmission power by approx 7db,
| that's the 'magic' number that should 'even' the APs out.
|
| I must say, though, never had an issue with devices picking a
| wrong band so far.
|
| [0] https://youtube.com/watch?v=JRbAqie1_AM&t=2054 (timestamp
| included)
| geoduck14 wrote:
| I have that problem _all_ the time. I have Ubiquity DreM
| Machine and an AP. My laptop in my office needs a solid
| connection for video calls. I routinely picks a "fast" 5Ghz
| that drops packets instead of a "slow" 2.4 Ghz that is
| "solid"
| n4bz0r wrote:
| That must be annoying. Here is another thing you could do
| if tweaking the AP isn't an option. I don't have a 5Ghz
| wireless adapter at hand, but from what I see on my 2.4Ghz
| one, you should be able to set 'Wireless Mode' in the
| adapter settings to 802.11ac (or 802.11ax if you're that
| fancy :) ) to force 5Ghz. I recall having an option to
| simply select the preferred band on some laptop adapters,
| too, so you can use it, if it's available, instead.
|
| I do that on Windows, but there must be something similar
| on Mac/Unix, too. I think these options are basically
| driver-related so the OS choice ultimately shouldn't
| matter.
|
| edit: ah, realized I misread the post. Thought the "I
| picks" was "it picks" :)
| toast0 wrote:
| Dropping transmission power on the APs helps a lot of clients
| make better roaming decisions anyway. I did it for my 2.4ghz
| aps and see a lot less of client barely communicating with a
| far away access point rather than switching.
| 1ncorrect wrote:
| I've configured dozens of networks over the past decade to use
| the same SSID for both bands, and have never observed a real
| world issue with myriad clients. The only tweak is sometimes
| the 2.4GHz Tx power needs to be dropped, but it's rare.
|
| Some locations I've had to create additional bespoke SSIDs for
| a specific band, but it's only because the customer has
| explicitly requested it because they think it matters.
| mleo wrote:
| Pretty much same experience.
|
| Weirdest bespoke network I have is one that only exists for
| an LG washing machine. It's network stack eventually gets
| corrupted when network isolation isn't enabled and receives
| some sort of broadcast packets.
| Terretta wrote:
| It is, but ...
|
| It's awkward enough in enough situations that self-configuring
| wifi routers or wifi mesh devices such as "Eero" gave up
| forcing both bands under one SSID and now have a special
| trouble-shooting mode where they disable the 5Ghz SSID in order
| to allow you to discover / configure craptacular IoT WiFi
| devices. Then it re-enables 5GHz after 15 minutes and the bad
| device will stick on 2.4.
| jrm4 wrote:
| Just got fiber to the home and they gave me a free Eero (and
| more or less imply to the non-power users "this is what you
| use now")
|
| Despite my old situation being an absurd mess of repeaters
| and powerline ethernet, it's still a better experience than
| the Eero. I went back to the old stuff.
|
| (ps, definitely don't want to knock Metronet. They've been
| GREAT so far. I've had NO troubles at all being a power user,
| i.e. getting Static IP and such set up)
| thedougd wrote:
| My Mac displays a permanent warning that my AP name isn't unique
| enough. Funny enough, I've never seen anyone else use it in the
| wild.
___________________________________________________________________
(page generated 2022-07-30 23:00 UTC)