Posted: Thu Jan 21, 2021 15:28 Post subject: Advanced settings for repeater bridge with VAP on 5GHz
Hey Guys,
I have a Asus RT-AC68U running DD-WRT v3.0-r45493 std (01/19/21).
I have it connecting to an AP ( ea8500 also running dd-wrt) on the wl1 interface as a repeater bridge. I have a wl1.1 VAP interface with the same SSID. A maximum of 4 clients connect to the wl1.1 VAP. I have one wired connection to the repeater bridge for a windows desktop.
After I disabled encryption and using only MAC Filters the entire setup is now able to operate as expected.
The problem is that for some unknown reason several ( 3-4x ) times per day the connection rate performance between the AP and RB gradually deteriorates down to an unusable level.As a note I tested and I observe the poor performance on both the VAP connected clients and the the wired desktop as well.
A reboot of the RB restores the connection to full performance.
Any suggestions on what I could adjust to prevent the loss of performance over time\usage that I see now? Any settings that jump out I should change?
These are the setting on the Asus RT-AC68U
wl0 Interface - Disabled.
wl1 Interface
Wireless Mode: Repeater Bridge
Wireless Network Mode: AC/N-Mixed
Wireless Network Name (SSID)OF AP on wlan1
Explicit Beamforming: Disabled
Implicit Beamforming: Disabled
Airtime fairness: Enabled
Wireless Security Disabled
Wireless MAC Filter: Enabled - Permit only the clients listed
wl1.1 VAP Interface:
Wireless Network Name (SSID)OF AP on wlan1
Wireless MAC Filter: Enabled - Permit only the clients listed
Here's the wireless stats on the RB after 20 minutes of uptime
Wireless Status - Interface wl1
Radio - Radio is On
Mode - Repeater Bridge
Network - AC/N-Mixed
SSID - (SSID)OF AP on wlan1
Channel - 153 + 155
TX Power - Auto
Rate - 1300 Mbit/s
Encryption - Interface wl1 - Disabled
Connected Clients - 1
Wireless Packet Info
Received (RX)100% 162765 OK, no error
Transmitted (TX) 100% 51949 OK, 3 errors
Load Average 0.01, 0.03, 0.00
Temperatures CPU 71.4 °C / WL1 51.1 °C
Note: I have reviewed these fixes from the DDWRT Virtual Access Point Public.doc document. However they do not seem applicable or to address my specific issue. Perhaps I am wrong
"From approximately mid 2018 VAP's on Broadcom units are problematic, you cannot connect or do not get an IP address. There are workarounds :
1) When VAP is not working at boot; workaround startup command Administrationn/Commands, Save as Startup:
sleep 10; stopservice nas; stopservice wlconf; startservice wlconf; startservice nas;
2) Alternative way to get VAP working: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=317181
3) An other user reports the following workaround (save as startup):
sleep 4; stopservice cron; stopservice wlconf; wlconf eth1 up; wlconf eth2 up; startservice cron;
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=319412
4)This one is from @Redhawk (guaranteed to work ):
sleep 20; stopservice nas; wlconf eth1 down; wlconf eth2 down; wlconf eth1 up; wlconf eth2 up; startservice nas" _________________ Location (urban) - 1x Linksys EA8500 (AP wlan0 & wlan1 enabled)
1x Asus 68u (Repeater Bridge w/VAP) - wl0 disabled
1x Asus 87u (Client Bridge) - wl1 disabled
You should have two Atheros based routers and run WDS.
Yes. Which part did you believe is relevant to the slow degradation of a link rate between my RB and AP? Right now all I know is that a reboot of the RB solves the issue for several hours.
The one item I do see is in the Repeater Bridge NOTES:
"Repeater Bridge on Broadcom [also Atheros Client Bridge (routed)] is generally not a good solution, as it is not a true bridge (BS from the .de forum). It should be fine for internet access with few clients, but more clients or more complicated networking is likely to cause trouble, since MAC addresses will not transverse its bridge."
It seems to be more related to the issue I observed with wireless security WPA2 enabled and multicast and IoT devices not working, which I worked around by using no security and only MAC Filters. Like I said when it's working, it's working great.
That said however this comment does makes me wonder if I should try a test by setting up the same RB setup but with another chipset other than Broadcom. I do have a Marvell wrt1900ac laying around I could swap in. _________________ Location (urban) - 1x Linksys EA8500 (AP wlan0 & wlan1 enabled)
1x Asus 68u (Repeater Bridge w/VAP) - wl0 disabled
1x Asus 87u (Client Bridge) - wl1 disabled
I swapped out the Asus 68u for the wrt1900ac as a test.
I made one change to the config. I set the wrt1900 network mode as a CB instead of a RB.
It's all connected and online, working as expected. However the same result occurred. It took 12 hours ( about twice as long as before) but the link speed went down to <1mbps and I had to reboot. After a reboot ,the connection returns to full speed. _________________ Location (urban) - 1x Linksys EA8500 (AP wlan0 & wlan1 enabled)
1x Asus 68u (Repeater Bridge w/VAP) - wl0 disabled
1x Asus 87u (Client Bridge) - wl1 disabled
Over a number of years I have run WNDR4500's, RT N66U's and R7000's where one acts as the AP and one acts as the RB and have never had this problem.
I am currently running an R7000 as an AP and an R7000 as an RB. Try this as you can always change back.
WL0 as the RB but don't also create a WL0 VAP. WL0 Security Mode WPA2-PSK and CCMP-128 (AES) with the same WPA key as the EA8500 (Check the EA8500 is also set as WPA2-PSK and CCMP-128 (AES))
WL1 as an AP (don't create a VAP) with an SSID different to the EA8500's SSID and wireless security the same as above. Use whatever WPA key you want, you can even use the same as the EA8500's as long as the SSID is different.
I have never used MAC filters so disable for now and reinstate later once you have seen what happens.
If the above set-up works ok you can then fiddle and change things around as much as you want because at least you have a working starting point.
(The connection for the clients of the AC68U is the AP you have done on WL1).
My thoughts on the three items you raise are below. Thanks again.
wl0 vs. wl1
The wl1 radio on the Asus is the only option to meet the link performance needed. ~1300Mbit/s connection rate
The wl0 radio on the Asus does not meet the link performance needed. ~450Mbit/s connection rate
MAC Filter vs. Wireless Security
My research for Repeater bridges on dd-wrt lead me to have to use the MAC filter in place of a wifi security. This is done to workaround the issues related to bridging on dd-wrt (Broadcom)and MAC addressing traversing the bridge. I have some IoT devices connecting to the VAP that required the multicast traffic to have the MAC traffic reaching all segments of the network correctly. This "fix" is the recommended fix specifically for this problem by the community.
Because I use no wireless security, the type of WPA and the keys in use etc. are not applicable to this use case.
A unique VAP SSID value vs. not
Lastly your suggestion about using a unique value for my VAP SSID. I would agree with your suggestion however this use case see's several IoT devices that are SSID aware and require that all of their devices be connected to the same SSID in order to operate correctly. _________________ Location (urban) - 1x Linksys EA8500 (AP wlan0 & wlan1 enabled)
1x Asus 68u (Repeater Bridge w/VAP) - wl0 disabled
1x Asus 87u (Client Bridge) - wl1 disabled
Is it easy for you to physically swop the EA8500 with the AC68U and have the EA8500 as the RB and the AC68U as the AP for a couple of days to test things?
Reason for this is that I have in the past had different routers work better. I.E. for me having a WNDR4500 as the AP and an RT N66U as the RB worked better than vica versa. It even worked better than having two RT N66U's running.
Or if you have a spare router lying around set that up in basic RB mode with no VAP's just to see what happens over a few days. Reason for this is to try and work out if it is a hardware issue.
Ignore that about swapping routers I forgot you had already done it unless it is easy for you to use the WRT as the AP to take the EA8500 out of the equation for a bit.
Ignore that about swapping routers I forgot you had already done it unless it is easy for you to use the WRT as the AP to take the EA8500 out of the equation for a bit.
Thanks again.
Yes I can easily swap in the wrt1900 for the ea8500. However there is a very high sensitivity to interruptions to the wifi right now. I will have to wait for an approved outage window. _________________ Location (urban) - 1x Linksys EA8500 (AP wlan0 & wlan1 enabled)
1x Asus 68u (Repeater Bridge w/VAP) - wl0 disabled
1x Asus 87u (Client Bridge) - wl1 disabled