WLAN

Wireless LAN (WLAN) is a technology based on the IEEE 802.11 standard that operates at the physical and data link layers of the OSI model which allows the connection of wireless devices. In OSDX, the WLAN configuration is defined by two elements, Controllers and Interfaces. Controllers model the physical related characteristics of the wireless link while interfaces focus on the logical ones.

Regulatory domains 

A regulatory domain defines a set of restrictions applicable to WLAN capable devices. Due to the existing regulations, all OSDX WLAN capable devices are shipped with predefined regulatory domain that cannot be changed through of configuration. The following table shows all the regulatory domains supported by OSDX devices.

Regulatory domain	Default country	Description
`etsi`	`ES`	European Telecommunications Standards Institute
`fcc`	`US`	Federal Communications Commission
`nom`	`MX`	Norma Oficial Mexicana
`row`	`IL`	Rest of the world

Use the following table to find out the regulatory domain that applies for your target country.

Country list:

Country code	Country name	Regulatory domain
`NA`	Namibia	`row`
`AF`	Afghanistan	`row`
`AL`	Albania	`etsi`
`DZ`	Algeria	`row`
`AS`	American Samoa	`row`
`AD`	Andorra	`etsi`
`AI`	Anguilla	`row`
`AR`	Argentina	`row`
`AM`	Armenia	`row`
`AW`	Aruba	`row`
`AU`	Australia	`row`
`AT`	Austria	`etsi`
`AZ`	Azerbaijan	`row`
`BS`	Bahamas	`row`
`BH`	Bahrain	`row`
`BD`	Bangladesh	`row`
`BB`	Barbados	`row`
`BY`	Belarus	`row`
`BE`	Belgium	`etsi`
`BZ`	Belize	`row`
`BM`	Bermuda	`row`
`BT`	Bhutan	`row`
`BO`	Bolivia	`row`
`BA`	Bosnia and Herzegovina	`etsi`
`BR`	Brazil	`row`
`BN`	Brunei Darussalam	`row`
`BG`	Bulgaria	`etsi`
`BF`	Burkina Faso	`row`
`KH`	Cambodia	`row`
`CA`	Canada	`row`
`KY`	Cayman Islands	`row`
`CF`	Central African Republic	`row`
`TD`	Chad	`row`
`CL`	Chile	`row`
`CN`	China	`row`
`CX`	Christmas Island	`row`
`CO`	Colombia	`row`
`CR`	Costa Rica	`row`
`HR`	Croatia	`etsi`
`CY`	Cyprus	`etsi`
`CZ`	Czechia	`etsi`
`DK`	Denmark	`etsi`
`DM`	Dominica	`row`
`DO`	Dominican Republic	`row`
`EC`	Ecuador	`row`
`EG`	Egypt	`row`
`SV`	El Salvador	`row`
`EE`	Estonia	`etsi`
`ET`	Ethiopia	`row`
`FI`	Finland	`etsi`
`FR`	France	`etsi`
`GF`	French Guiana	`row`
`PF`	French Polynesia	`row`
`GE`	Georgia	`row`
`DE`	Germany	`etsi`
`GH`	Ghana	`row`
`GR`	Greece	`etsi`
`GL`	Greenland	`row`
`GD`	Grenada	`row`
`GP`	Guadeloupe	`row`
`GU`	Guam	`row`
`GT`	Guatemala	`row`
`GY`	Guyana	`row`
`HT`	Haiti	`row`
`HN`	Honduras	`row`
`HK`	Hong Kong	`row`
`HU`	Hungary	`etsi`
`IS`	Iceland	`etsi`
`IN`	India	`row`
`ID`	Indonesia	`row`
`IQ`	Iraq	`row`
`IE`	Ireland	`etsi`
`IL`	Israel	`row`
`IT`	Italy	`etsi`
`CI`	Cote D’Ivoire	`row`
`JM`	Jamaica	`row`
`JP`	Japan	`row`
`JO`	Jordan	`row`
`KZ`	Kazakhstan	`row`
`KE`	Kenya	`row`
`KR`	Republic of Korea	`row`
`KW`	Kuwait	`row`
`LV`	Latvia	`etsi`
`LB`	Lebanon	`row`
`LS`	Lesotho	`row`
`LI`	Liechtenstein	`etsi`
`LT`	Lithuania	`etsi`
`LU`	Luxembourg	`etsi`
`MO`	Macau	`row`
`MK`	North Macedonia	`etsi`
`MW`	Malawi	`row`
`MY`	Malaysia	`row`
`MV`	Maldives	`row`
`MT`	Malta	`etsi`
`MH`	Marshall Islands	`row`
`MQ`	Martinique	`row`
`MR`	Mauritania	`row`
`MU`	Mauritius	`row`
`YT`	Mayotte	`row`
`MX`	Mexico	`nom`
`FM`	Federated States of Micronesia	`row`
`MD`	Republic of Moldova	`etsi`
`MC`	Monaco	`etsi`
`MN`	Mongolia	`row`
`ME`	Montenegro	`etsi`
`MA`	Morocco	`row`
`NP`	Nepal	`row`
`NL`	Netherlands	`etsi`
`NZ`	New Zealand	`row`
`NI`	Nicaragua	`row`
`NG`	Nigeria	`row`
`NO`	Norway	`etsi`
`MP`	Northern Mariana Islands	`row`
`OM`	Oman	`row`
`PK`	Pakistan	`row`
`PW`	Palau	`row`
`PA`	Panama	`row`
`PG`	Papua New Guinea	`row`
`PY`	Paraguay	`row`
`PE`	Peru	`row`
`PH`	Philippines	`row`
`PL`	Poland	`etsi`
`PT`	Portugal	`etsi`
`PR`	Puerto Rico	`row`
`QA`	Qatar	`row`
`RE`	Reunion	`row`
`RO`	Romania	`etsi`
`RU`	Russia Federation	`row`
`RW`	Rwanda	`row`
`BL`	Saint Barthelemy	`row`
`KN`	Saint Kitts and Nevis	`row`
`LC`	Saint Lucia	`row`
`MF`	Saint Martin	`row`
`PM`	Saint Pierre and Miquelon	`row`
`VC`	Saint Vincent and the Grenadines	`row`
`WS`	Samoa	`row`
`SA`	Saudi Arabia	`row`
`SN`	Senegal	`row`
`RS`	Serbia	`etsi`
`SG`	Singapore	`row`
`SK`	Slovakia	`etsi`
`SI`	Slovenia	`etsi`
`ZA`	South Africa	`row`
`ES`	Spain	`etsi`
`LK`	Sri Lanka	`row`
`SR`	Suriname	`row`
`SE`	Sweden	`etsi`
`CH`	Switzerland	`etsi`
`TW`	Taiwan	`row`
`TZ`	Tanzania	`row`
`TG`	Togo	`row`
`TH`	Thailand	`row`
`TT`	Trinidad and Tobago	`row`
`TN`	Tunisia	`row`
`TR`	Turkey	`etsi`
`TC`	Turks and Caicos	`row`
`UG`	Uganda	`row`
`UA`	Ukraine	`row`
`AE`	United Arab Emirates	`row`
`GB`	United Kingdom	`etsi`
`US`	United States of America	`fcc`
`UY`	Uruguay	`row`
`UZ`	Uzbekistan	`row`
`VU`	Vanuatu	`row`
`VE`	Venezuela	`row`
`VN`	Vietnam	`row`
`VI`	Virgin Islands	`row`
`WF`	Wallis and Futuna	`row`
`YE`	Yemen	`row`
`ZW`	Zimbabwe	`row`

All information about the device regulatory domain can be obtained by mean of the following CLI command:

admin@osdx$ controllers wlan show regdomain

Regulatory Domain: etsi (European Telecommunications Standards Institute)
Allowed countries: AD,AL,AT,BA,BE,BG,CH,CY,CZ,DE,DK,EE,ES,FI,FR,GB,GR,HR,HU,IE,IS,IT,LI,LT,LU,LV,MC,MD,ME,MK,MT,NL,NO,PL,PT,RO,RS,SE,SI,SK,TR
  Default country: ES (Spain)

--------------------------------------------------------------------------------------------------------
  Freq. range                     Channels per bandwidth                  Max. EIRP        Flags
--------------------------------------------------------------------------------------------------------
2402MHz - 2482MHz  20MHz: 1,2,3,4,5,6,7,8,9,10,11,12,13                    20dBm      -
                   40MHz: 1,2,3,4,5,6,7,8,9,10,11,12,13
5170MHz - 5250MHz  20MHz: 36,40,44,48                                      23dBm      indoor
                   40MHz: 36,40,44,48
                   80MHz: 36,40,44,48
5250MHz - 5330MHz  20MHz: 52,56,60,64                                      23dBm      dfs,indoor
                   40MHz: 52,56,60,64
                   80MHz: 52,56,60,64
5490MHz - 5730MHz  20MHz: 100,104,108,112,116,120,124,128,132,136,140,144  30dBm      dfs,indoor/outdoor
                   40MHz: 100,104,108,112,116,120,124,128,132,136,140,144
                   80MHz: 100,104,108,112,116,120,124,128,132,136,140,144
5735MHz - 5875MHz  20MHz: 149,153,157,161,165,169,173                      14dBm      indoor/outdoor
                   40MHz: 149,153,157,161,165,169
                   80MHz: 149,153,157,161

Since the ROW domain groups countries with different regulations, it’s possible to filter out the results by country to see what is relevant in a specific area.

Controllers 

Physical-related parameters and common interface ones are configured by mean of the WLAN controllers. All WLAN controllers are pre-allocated during boot-up, meaning the creation and deletion actions are not supported. Depending on the characteristics of the associated radio module, some parameters will only accept a specific set values. OSDX provides a command that lists all the relevant information from the CLI.

admin@osdx$ controllers wlan show capabilities

Radio: wifi0
                  Type: physical
                   Phy: phy0
                 Bands: 5GHz
            Bandwidths: 20MHz,40MHz,80MHz
                 Modes: 802.11a,802.11n,802.11ac,802.11ax
    Supported channels: 36,40,44,48,52,56,60,64,100,104,108,112,116,120,124,128,132,136,140,144,149,153,157,161,165
       Spatial streams: 2
         Max. TX power: 16dBm (39.8mW)
         Max. stations: 64
       Max. interfaces: 3
       HT capabilities: SMPS-DYNAMIC,GF,TX-STBC,DSSS_CCK-40,LSIG-TXOP-PROT
      VHT capabilities: MAX-MPDU-11454,RXLDPC,TX-STBC-2BY1,RX-STBC-123,SU-BEAMFORMER,SU-BEAMFORMEE,SOUNDING-DIMENSION-2,MAX-A-MPDU-LEN-EXP7

Radio: wifi1
                  Type: virtual
            Base radio: wifi0
                 Bands: 2.4GHz
            Bandwidths: 20MHz,40MHz
                 Modes: 802.11g,802.11n,802.11ax
    Supported channels: 1,2,3,4,5,6,7,8,9,10,11,12,13,14
       HT capabilities: SMPS-DYNAMIC,GF,TX-STBC,DSSS_CCK-40,LSIG-TXOP-PROT
      VHT capabilities: MAX-MPDU-3895

A radio interface can be either virtual or physical. This provides an unified configuration interface in devices with a single phy sharing the same limitations (like the number of interfaces or stations) between all WLAN interfaces.

Auto-channel selection 

OSDX devices implements an automatic mechanism for selecting the best channel in an WLAN environment. The main purpose of this procedure is to avoid using channels with heavy utilization or interferences that may degrade the overall performance.

In order to select the best channel, the device must perform 5 scans in the configured band to gather enought survey date to make the decision. Then, an interference factor is built for each channel which will be later used to find the one with the lower value:

\[interference factor = 10^{(nf/2)} + \frac{time_{busy}}{({time_{active}-time_{rx}})} + 2^{(10^{(nf/10)}-10^{(nf_{min}/10)})}\]

Where:

noise floor or nf is the sum off all the noise sources of the channel.

minimum noise floor is the smaller noise floor observed during all measurements.

busy time is the time unable to transmit because the channel was busy (used by another device).

active time is time spent on channel during scan.

tx time is the time spent transmitting data.

Note that the coefficient of 2 reflects the way radiation decreases as the square of the distance from the antenna

Interfaces 

Network-specific parameters are configured under the interface wlan section, with phy and type being mandatory. The maximum number of interfaces allowed depends on the platform and can be checked using the show capabilities command described in the Controllers section.

Warning

Some restrictions apply to devices that use the nxp wireless driver. In such case, WLAN interfaces will be pre-allocated allowing only a specific phy and type when configured.

Interface	Phy	Band	Type
`wlan0`	`wifi0`	`5GHz`	`station`
`wlan1`	`wifi0`	`5GHz`	`access-point`
`wlan2`	`wifi0`	`5GHz`	`access-point`
`wlan3`	`wifi1`	`2.4GHz`	`station`
`wlan4`	`wifi1`	`2.4GHz`	`access-point`
`wlan5`	`wifi1`	`2.4GHz`	`access-point`

There are two types of WLAN interfaces supported by all wireless capable devices: access-point and station. These two types are described in the following sections.

Once the device has at least one interface configured on top of a controller, the status of the device can be check using the show status command.

admin@osdx# run controllers wlan show status

Radio: wifi0
    MAC Address: xx:xx:xx:xx:xx:xx
         Status: up
           Band: 5GHz
        Channel: 36
      Bandwidth: 20MHz
       Tx-Power: 16dBm

Radio: wifi1
    MAC Address: xx:xx:xx:xx:xx:xx
         Status: up
           Band: 2.4GHz
        Channel: 11
      Bandwidth: 20MHz
       Tx-Power: 16dBm

Access-point 

This type implements the infrastructure mode where wireless devices connect to an access-point that forwards the packets between the connected stations and the wired network. Note that the access-point is the center point for all communications (unlike what happens with the ad-hoc mode, where connections between stations are point-to-point).

Security

All OSDX WLAN capable devices support the following security modes for the access-point role:

mode	akms	security framework	unicast ciphers	pmf
none
WPA personal	`psk`	`wpav1`	`tkip` `aes-ccmp`
WPA2 personal	`psk` `ft-psk`	`rsn`	`tkip` `aes-ccmp`
WPA/WPA2 personal	`psk` `ft-psk`	`wpav1` `rsn`	`tkip` `aes-ccmp`
WPA3 personal	`psk-256` `sae` `ft-sae` `owe`	`rsn`	`aes-ccmp` `aes-ccmp-256` `aes-gcmp` `aes-gcmp-256`	`required`
WPA2/WPA3 personal	`psk` `psk-256` `ft-psk` `sae` `ft-sae` `owe-transition`	`rsn`	`aes-ccmp` `aes-ccmp-256` `aes-gcmp` `aes-gcmp-256`	`optional` `required` (if `owe-transition`)
WPA enterprise	`dot1x`	`wpav1`	`tkip` `aes-ccmp`
WPA2 enterprise	`dot1x` `ft-dot1x`	`rsn`	`tkip` `aes-ccmp`
WPA/WPA2 enterprise	`dot1x` `ft-dot1x`	`wpav1` `rsn`	`tkip` `aes-ccmp`
WPA3 enterprise	`dot1x-256` `cnsa`	`rsn`	`aes-ccmp` `aes-ccmp-256` `aes-gcmp` `aes-gcmp-256` (`cnsa`)	`required`
WPA2/WPA3 enterprise	`dot1x` `dot1x-256` `ft-dot1x`	`rsn`	`aes-ccmp` `aes-ccmp-256` `aes-gcmp` `aes-gcmp-256`	`optional`

Note that some security modes may call for additional parameters to be configured. On such cases, the CLI will report an error message to inform the user about the problem.

A complete list of examples can be found here

Station 

This type implements the station or client mode where the interface connects to an access point operating in infrastructure mode to provide connectivity through the air.

Client mode is configured via networks. A network is just a set of rules that is evaluated when looking for a valid target so the first valid one with the highest priority is used. The network priority is identified by mean of the index and is evaluated in descending order (1 being the highest priority and 16 the lowest). This configuration method gives the administrator a lot of flexibility when working in complex deployments allowing the interface to connect to different networks based on many conditions.

Warning

Note that only 1 interface in station mode per radio is supported in OSDX.

The security configuration is almost the same as the one described under the Access-point section. The only difference is that the owe-transition mode is not allowed, since it doesn’t make sense in station mode. For example, the following excerpt shows how to configure an interface in station mode using WPA3 personal security:

set interfaces wlan wlan0 phy wifi1
set interfaces wlan wlan0 type station network 1 security akm sae
set interfaces wlan wlan0 type station network 1 security pmf required
set interfaces wlan wlan0 type station network 1 security psk-passphrase 1234567890
set interfaces wlan wlan0 type station network 1 ssid test_24ghz

Eap methods MSCHAPv2, TTL, TTLS (with MD5, MSCHAPv2 and TTL) and PEAP (with MD5 with MSCHAPv2) are also supported. On the next example, a station will try to connect to a network with WPA3 Enterprise security using the TTLS-TTL EAP method (that is, a TTL tunnel with certificates). Make sure the device has the ca.pem, client.pem and client.key certificates in the /config/auth/certificates folder.

set interfaces wlan wlan0 phy wifi0
set interfaces wlan wlan0 type station network 1 security akm cnsa
set interfaces wlan wlan0 type station network 1 security ca-certificate 'running://auth/certificates/ca.pem'
set interfaces wlan wlan0 type station network 1 security client-certificate 'running://auth/certificates/client.pem'
set interfaces wlan wlan0 type station network 1 security client-private-key 'running://auth/certificates/client.key'
set interfaces wlan wlan0 type station network 1 security client-private-password whatever
set interfaces wlan wlan0 type station network 1 security eap-method ttls inner-method tls
set interfaces wlan wlan0 type station network 1 security framework rsn
set interfaces wlan wlan0 type station network 1 security identity user
set interfaces wlan wlan0 type station network 1 security pmf required
set interfaces wlan wlan0 type station network 1 ssid test_radius

WLAN

Regulatory domains 

Controllers 

Auto-channel selection 

Interfaces 

Access-point 

Station 

Examples 

Command Summary 

Configuration commands 

Operational commands 