From 243117389cca916b2b9bd57a550f2a27a628ce15 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Thu, 15 Sep 2022 00:18:28 +0200 Subject: accesspoints: initial tests with 802.11r --- inventory/group_vars/chaos-at-home-ap/vars.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'inventory/group_vars/chaos-at-home-ap/vars.yml') diff --git a/inventory/group_vars/chaos-at-home-ap/vars.yml b/inventory/group_vars/chaos-at-home-ap/vars.yml index 83925639..c36ab953 100644 --- a/inventory/group_vars/chaos-at-home-ap/vars.yml +++ b/inventory/group_vars/chaos-at-home-ap/vars.yml @@ -10,6 +10,22 @@ accesspoint_wifi_channels: ch-ap1: 48 ch-ap2: 40 +accesspoint_wifi_mac_addr: + 2g: + ch-ap0: 18:e8:29:aa:43:c2 + ch-ap1: 18:e8:29:aa:44:07 + 5g: + ch-ap0: 18:e8:29:ab:43:c2 + ch-ap1: 18:e8:29:ab:44:07 + ch-ap2: 80:2a:a8:ee:f6:d5 + +accesspoint_80211r: + mobility_domain_base: + 2g: 0x2400 + 5g: 0x5000 + key_seed: "{{ vault_accesspoint_80211r.key_seed }}" + + accesspoint_zones: lan: "{{ network_zones.lan.wifi }}" iot: "{{ network_zones.iot.wifi }}" -- cgit v1.2.3 From fc7554763488b6a1c8e8b0a98ca274c345728ff4 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Thu, 15 Sep 2022 01:21:00 +0200 Subject: accesspoints/80211r: simplify setup since hostapd supports locally generated FT responses --- chaos-at-home/group_vars/chaos-at-home-ap.yml | 9 --------- inventory/group_vars/accesspoints/vars.yml | 13 ++----------- inventory/group_vars/chaos-at-home-ap/vars.yml | 14 ++------------ 3 files changed, 4 insertions(+), 32 deletions(-) delete mode 100644 chaos-at-home/group_vars/chaos-at-home-ap.yml (limited to 'inventory/group_vars/chaos-at-home-ap/vars.yml') diff --git a/chaos-at-home/group_vars/chaos-at-home-ap.yml b/chaos-at-home/group_vars/chaos-at-home-ap.yml deleted file mode 100644 index 3d179c52..00000000 --- a/chaos-at-home/group_vars/chaos-at-home-ap.yml +++ /dev/null @@ -1,9 +0,0 @@ -$ANSIBLE_VAULT;1.2;AES256;chaos-at-home -34343266646162383261313564646365393233643565356364386134663862646534383562336666 -6639633332613539663132383336343436396636306161370a323231653336376533636631373363 -36373865653863363338663762623164626631623739386561653935316430666132356662383863 -3666343965333939310a303530373037363636346639356561333264346466383462633533306538 -63373532636563333530333339306331343933383038633638346636326332366565306638376164 -65343761363162386331353731383437613462656538643638353464306230316662643366643561 -31623731366234666364343432373062336266336334366263333938623538393163333131636633 -65346230623634306362 diff --git a/inventory/group_vars/accesspoints/vars.yml b/inventory/group_vars/accesspoints/vars.yml index 3a11205c..3d9a8be2 100644 --- a/inventory/group_vars/accesspoints/vars.yml +++ b/inventory/group_vars/accesspoints/vars.yml @@ -106,17 +106,8 @@ accesspoint_wireless_ifaces_yaml: | {% if accesspoint_80211r is defined %} ieee80211r: '1' mobility_domain: '{{ '%04x' % (accesspoint_80211r.mobility_domain_base[band] + outer_loop.index0) }}' - nasid: '{{ accesspoint_wifi_mac_addr[band][inventory_hostname] | replace(':', '') }}' - ft_psk_generate_local: '0' - r1_key_holder: '{{ accesspoint_wifi_mac_addr[band][inventory_hostname] }}' - r0kh: - {% for ap in accesspoint_wifi_mac_addr[band] %} - - '{{ accesspoint_wifi_mac_addr[band][ap] }},{{ accesspoint_wifi_mac_addr[band][ap] | replace(':', '') }},{{ [accesspoint_80211r.key_seed,band,zone] | join(':') | wifi_80211r_key }}' - {% endfor %} - r1kh: - {% for ap in accesspoint_wifi_mac_addr[band] %} - - '{{ accesspoint_wifi_mac_addr[band][ap] }},{{ accesspoint_wifi_mac_addr[band][ap] }},{{ [accesspoint_80211r.key_seed,band,zone] | join(':') | wifi_80211r_key }}' - {% endfor %} + ft_over_ds: '1' + ft_psk_generate_local: '1' {% endif %} {% endfor %} {% endfor %} diff --git a/inventory/group_vars/chaos-at-home-ap/vars.yml b/inventory/group_vars/chaos-at-home-ap/vars.yml index c36ab953..1d613617 100644 --- a/inventory/group_vars/chaos-at-home-ap/vars.yml +++ b/inventory/group_vars/chaos-at-home-ap/vars.yml @@ -10,20 +10,10 @@ accesspoint_wifi_channels: ch-ap1: 48 ch-ap2: 40 -accesspoint_wifi_mac_addr: - 2g: - ch-ap0: 18:e8:29:aa:43:c2 - ch-ap1: 18:e8:29:aa:44:07 - 5g: - ch-ap0: 18:e8:29:ab:43:c2 - ch-ap1: 18:e8:29:ab:44:07 - ch-ap2: 80:2a:a8:ee:f6:d5 - accesspoint_80211r: mobility_domain_base: - 2g: 0x2400 - 5g: 0x5000 - key_seed: "{{ vault_accesspoint_80211r.key_seed }}" + 2g: 0xc240 + 5g: 0xc500 accesspoint_zones: -- cgit v1.2.3 From b4e72043367ba7f951e7dd4a35db1d1362f73b56 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Thu, 15 Sep 2022 01:56:10 +0200 Subject: chaos-at-home-ap: enable ntp --- inventory/group_vars/accesspoints/vars.yml | 8 ++------ inventory/group_vars/chaos-at-home-ap/vars.yml | 4 ++++ 2 files changed, 6 insertions(+), 6 deletions(-) (limited to 'inventory/group_vars/chaos-at-home-ap/vars.yml') diff --git a/inventory/group_vars/accesspoints/vars.yml b/inventory/group_vars/accesspoints/vars.yml index 3d9a8be2..f234beb3 100644 --- a/inventory/group_vars/accesspoints/vars.yml +++ b/inventory/group_vars/accesspoints/vars.yml @@ -301,13 +301,9 @@ openwrt_uci: - name: timeserver 'ntp' options: - enabled: '0' + enabled: '{{ accesspoint_ntp_servers is defined | ternary("1", "0") }}' enable_server: '0' - server: - - '0.lede.pool.ntp.org' - - '1.lede.pool.ntp.org' - - '2.lede.pool.ntp.org' - - '3.lede.pool.ntp.org' + server: "{{ accesspoint_ntp_servers | default([]) }}" - name: led options: diff --git a/inventory/group_vars/chaos-at-home-ap/vars.yml b/inventory/group_vars/chaos-at-home-ap/vars.yml index 1d613617..ad02ff07 100644 --- a/inventory/group_vars/chaos-at-home-ap/vars.yml +++ b/inventory/group_vars/chaos-at-home-ap/vars.yml @@ -21,6 +21,10 @@ accesspoint_zones: iot: "{{ network_zones.iot.wifi }}" +accesspoint_ntp_servers: + - '{{ network_zones.mgmt.prefix | ansible.utils.ipaddr(network_zones.mgmt.offsets["ch-router"]) | ansible.utils.ipaddr("address") }}' + + prometheus_scrape_endpoint: "{{ network_mgmt_zone.prefix | ansible.utils.ipaddr(network_mgmt_zone.offsets[inventory_hostname]) | ansible.utils.ipaddr('address') }}:9100" prometheus_exporters_default: - openwrt -- cgit v1.2.3 From afe35301120266675b157ce0ded2f42595d6a736 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Thu, 15 Sep 2022 04:26:44 +0200 Subject: accesspoints: test band steering using dawn --- inventory/group_vars/accesspoints/vars.yml | 30 ++++++++++++++++++++++++++ inventory/group_vars/chaos-at-home-ap/vars.yml | 3 +++ 2 files changed, 33 insertions(+) (limited to 'inventory/group_vars/chaos-at-home-ap/vars.yml') diff --git a/inventory/group_vars/accesspoints/vars.yml b/inventory/group_vars/accesspoints/vars.yml index 64792c40..af4a111e 100644 --- a/inventory/group_vars/accesspoints/vars.yml +++ b/inventory/group_vars/accesspoints/vars.yml @@ -109,6 +109,15 @@ accesspoint_wireless_ifaces_yaml: | ft_over_ds: '1' ft_psk_generate_local: '1' {% endif %} + {% if accesspoint_band_steering is defined %} + bss_transition: '1' + wnm_sleep_mode: '1' + time_advertisement: '2' + time_zone: 'CET-1CEST,M3.5.0,M10.5.0/3' + ieee80211k: '1' + rrm_neighbor_report: '1' + rrm_beacon_report: '1' + {% endif %} {% endfor %} {% endfor %} @@ -151,6 +160,14 @@ openwrt_packages_add: - libiwinfo-lua - libubus-lua +_accesspoint_band_steering_packages_extra_: + none: [] + dawn: + - dawn + +openwrt_packages_extra: "{{ _accesspoint_band_steering_packages_extra_[accesspoint_band_steering.kind | default('none')] }}" + + openwrt_mixin: /etc/sysctl.conf: content: | @@ -336,3 +353,16 @@ openwrt_uci: network: "{{ accesspoint_network_base + accesspoint_network_zones }}" wireless: "{{ accesspoint_wireless_devices + accesspoint_wireless_ifaces }}" + +## TODO: band_steering +# umdns: +# - name: umds +# options: +# jail: '1' +# network: +# - mgmt +# +# dawn: +# - name: network +# options: +# broadcast_ip: '{{ network_mgmt_zone.prefix | ansible.utils.ipaddr('broadcast') }}" diff --git a/inventory/group_vars/chaos-at-home-ap/vars.yml b/inventory/group_vars/chaos-at-home-ap/vars.yml index ad02ff07..b9d83e90 100644 --- a/inventory/group_vars/chaos-at-home-ap/vars.yml +++ b/inventory/group_vars/chaos-at-home-ap/vars.yml @@ -15,6 +15,9 @@ accesspoint_80211r: 2g: 0xc240 5g: 0xc500 +accesspoint_band_steering: + kind: dawn + accesspoint_zones: lan: "{{ network_zones.lan.wifi }}" -- cgit v1.2.3 From 258a25cb7a95cb8ca7d085449bcb6ba6fbb2dc6f Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Thu, 15 Sep 2022 20:16:43 +0200 Subject: accespoint/roaming: add usteer --- inventory/group_vars/accesspoints/vars.yml | 49 +++++++++++++++++--------- inventory/group_vars/chaos-at-home-ap/vars.yml | 2 +- 2 files changed, 34 insertions(+), 17 deletions(-) (limited to 'inventory/group_vars/chaos-at-home-ap/vars.yml') diff --git a/inventory/group_vars/accesspoints/vars.yml b/inventory/group_vars/accesspoints/vars.yml index af4a111e..14d881d5 100644 --- a/inventory/group_vars/accesspoints/vars.yml +++ b/inventory/group_vars/accesspoints/vars.yml @@ -85,9 +85,6 @@ accesspoint_wireless_devices_yaml: | {% endfor %} -## TODO: set up 802.11r see: -## * https://www.reddit.com/r/openwrt/comments/515oea/finally_got_80211r_roaming_working/ -## * https://gist.github.com/lg/998d3e908d547bd9972a6bb604df377b accesspoint_wireless_ifaces: "{{ accesspoint_wireless_ifaces_yaml | from_yaml }}" accesspoint_wireless_ifaces_yaml: | {% for zone in accesspoint_zones.keys() %} @@ -164,6 +161,8 @@ _accesspoint_band_steering_packages_extra_: none: [] dawn: - dawn + usteer: + - usteer openwrt_packages_extra: "{{ _accesspoint_band_steering_packages_extra_[accesspoint_band_steering.kind | default('none')] }}" @@ -306,7 +305,7 @@ openwrt_mixin: exit 0 -openwrt_uci: +openwrt_uci_base: system: - name: system options: @@ -354,15 +353,33 @@ openwrt_uci: network: "{{ accesspoint_network_base + accesspoint_network_zones }}" wireless: "{{ accesspoint_wireless_devices + accesspoint_wireless_ifaces }}" -## TODO: band_steering -# umdns: -# - name: umds -# options: -# jail: '1' -# network: -# - mgmt -# -# dawn: -# - name: network -# options: -# broadcast_ip: '{{ network_mgmt_zone.prefix | ansible.utils.ipaddr('broadcast') }}" +openwrt_uci_band_steering: "{{ openwrt_uci_band_steering_yaml | from_yaml }}" +openwrt_uci_band_steering_yaml: | + {% if accesspoint_band_steering is defined %} + {% if accesspoint_band_steering.kind == 'dawn' %} + umdns: + - name: umds + options: + jail: '1' + network: + - mgmt + + ## TODO: what are the minimal required settings here?? + dawn: + - name: network + options: + broadcast_ip: '{{ network_mgmt_zone.prefix | ansible.utils.ipaddr("broadcast") }}' + {% elif accesspoint_band_steering.kind == 'usteer' %} + usteer: + - name: usteer + options: + network: 'mgmt' + syslog: '1' + local_mode: '0' + ipv6: '0' + debug_level: '3' + {% endif %} + {% endif %} + + +openwrt_uci: "{{ openwrt_uci_base | combine(accesspoint_band_steering is defined | ternary(openwrt_uci_band_steering, {})) }}" diff --git a/inventory/group_vars/chaos-at-home-ap/vars.yml b/inventory/group_vars/chaos-at-home-ap/vars.yml index b9d83e90..f5502845 100644 --- a/inventory/group_vars/chaos-at-home-ap/vars.yml +++ b/inventory/group_vars/chaos-at-home-ap/vars.yml @@ -16,7 +16,7 @@ accesspoint_80211r: 5g: 0xc500 accesspoint_band_steering: - kind: dawn + kind: usteer accesspoint_zones: -- cgit v1.2.3 From 32b2e357d87a0256a4feb3f0a0cafc8809eeec78 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Thu, 15 Sep 2022 22:09:42 +0200 Subject: accesspoints: further simplify 80211r setup and some more usteer tests --- inventory/group_vars/accesspoints/vars.yml | 11 +++++++---- inventory/group_vars/chaos-at-home-ap/vars.yml | 15 +++++++-------- 2 files changed, 14 insertions(+), 12 deletions(-) (limited to 'inventory/group_vars/chaos-at-home-ap/vars.yml') diff --git a/inventory/group_vars/accesspoints/vars.yml b/inventory/group_vars/accesspoints/vars.yml index 14d881d5..cf8f390a 100644 --- a/inventory/group_vars/accesspoints/vars.yml +++ b/inventory/group_vars/accesspoints/vars.yml @@ -102,9 +102,7 @@ accesspoint_wireless_ifaces_yaml: | rsn_preauth: '1' {% if accesspoint_80211r is defined %} ieee80211r: '1' - mobility_domain: '{{ "%04x" % (accesspoint_80211r.mobility_domain_base[band] + outer_loop.index0) }}' - ft_over_ds: '1' - ft_psk_generate_local: '1' + mobility_domain: '{{ "%04x" % (accesspoint_80211r.mobility_domain_base + outer_loop.index0) }}' {% endif %} {% if accesspoint_band_steering is defined %} bss_transition: '1' @@ -377,7 +375,12 @@ openwrt_uci_band_steering_yaml: | syslog: '1' local_mode: '0' ipv6: '0' - debug_level: '3' + debug_level: '2' + assoc_steering: '1' + ssid_list: + {% for zone in accesspoint_band_steering.zones %} + - '{{ accesspoint_zones[zone].ssid }}' + {% endfor %} {% endif %} {% endif %} diff --git a/inventory/group_vars/chaos-at-home-ap/vars.yml b/inventory/group_vars/chaos-at-home-ap/vars.yml index f5502845..af4773f4 100644 --- a/inventory/group_vars/chaos-at-home-ap/vars.yml +++ b/inventory/group_vars/chaos-at-home-ap/vars.yml @@ -1,6 +1,11 @@ --- network_mgmt_zone: "{{ network_zones.mgmt }}" +accesspoint_zones: + lan: "{{ network_zones.lan.wifi }}" + iot: "{{ network_zones.iot.wifi }}" + + accesspoint_wifi_channels: 2g: ch-ap0: 1 @@ -11,17 +16,11 @@ accesspoint_wifi_channels: ch-ap2: 40 accesspoint_80211r: - mobility_domain_base: - 2g: 0xc240 - 5g: 0xc500 + mobility_domain_base: 0xca00 accesspoint_band_steering: kind: usteer - - -accesspoint_zones: - lan: "{{ network_zones.lan.wifi }}" - iot: "{{ network_zones.iot.wifi }}" + zones: "{{ accesspoint_zones | list }}" accesspoint_ntp_servers: -- cgit v1.2.3