Development of Wifi (qcom-ac) over Wireless

I finally got to the point to open another thread on this I recently often thought about. I have a system with several cAP-ACs running ROS 7.15.3 stable but not with the standard wireless drivers, more with the wifi-qcom-ac driver. I switched over to have WPA3 encryption and FT.
As I faced many issues with not getting FT set up to work with android phones properly I disabled the WPA3 encryption and after still not facing any improvements in the transitions (or getting “roamed” log msgs) I don’t see any advantage of the qcom-ac driver.
Rather I face the immense disadvantage of configuring vlans manually on each cAP.

What are your opinions on this? Is it worth switching back to the old wireless driver which instead worked very reliably? When not using WPA3 and FT there should be no other constraints.
The only think that stops me from doing this is that I’m not sure whether or when MT will maybe abandon the old driver.

Without a doubt…use the wifi-qcom-ac driver. I have zero problems with Android and FT (as well as WPA3, I just disabled WPA3 for the time being). It all comes to configuration, you might want to give us the opportunity to help you get it to work.

/export show-sensitive file=anynameyoulike

Remove serial and any other private info and post in between code tags by using the </> button.

So here’s my CAPsMANv2 configuration export, maybe you have an idea what I configured wrong:

# 2024-09-18 20:31:34 by RouterOS 7.15.3
# model = RB3011UiAS

/interface wifi channel
add band=2ghz-n disabled=no frequency=2300-7300 name=channel2 width=20mhz
add band=5ghz-n disabled=no name=channel5 skip-dfs-channels=all width=20mhz
/interface wifi interworking
add disabled=no internet=yes ipv4-availability=single-nated ipv6-availability=available name=interworking1 network-type=private-with-guest wan-status=up
/interface wifi security
add authentication-types=wpa2-psk connect-priority=0/1 disabled=no name=securityFON passphrase=blablupp wps=disable
add authentication-types=wpa2-psk connect-priority=0/1 disabled=no ft=yes ft-over-ds=yes name=securityWIRELESS passphrase=blablupp wps=disable
add authentication-types=wpa2-psk connect-priority=0/1 disabled=no encryption="" name=securitySMARTHOME passphrase=blablupp wps=disable
add disabled=no name=securityGUEST passphrase=blablupp
/interface wifi configuration
add disabled=no name=cfg2SMARTHOME security=securitySMARTHOME ssid=smarthome.robtor.de
add disabled=no name=cfg2FON security=securityFON ssid=fon.robtor.de
add disabled=no name=cfg2GUEST-bar security=securityGUEST ssid="Bar Wifi Gast"
add disabled=no name=cfg5GUEST-bar security=securityGUEST ssid="Bar Wifi Gast"
/interface wifi steering
add disabled=no name=steeringWIRELESS neighbor-group=wg-wireless rrm=yes wnm=yes
/interface wifi configuration
add channel=channel2 country=Germany disabled=no mode=ap name=cfg2WIRELESS security=securityWIRELESS ssid=lan.robtor.de steering=steeringWIRELESS
add channel=channel5 country=Germany disabled=no interworking=interworking1 mode=ap name=cfg5WIRELESS security=securityWIRELESS security.ft=yes .ft-over-ds=yes ssid=lan.robtor.de steering=steeringWIRELESS
/interface wifi
add configuration=cfg2WIRELESS disabled=no name=2G radio-mac=18:FD:74:6F:80:CA
add configuration=cfg2SMARTHOME disabled=no mac-address=1A:FD:74:6F:80:CA master-interface=2G name=2G2
add configuration=cfg2FON disabled=no mac-address=1A:FD:74:6F:80:CB master-interface=2G name=2G3
add configuration=cfg2GUEST-bar disabled=no mac-address=1A:FD:74:6F:80:CC master-interface=2G name=2G4
add configuration=cfg2WIRELESS disabled=no name=2G5 radio-mac=48:8F:5A:E3:70:BB
add configuration=cfg2SMARTHOME disabled=no mac-address=4A:8F:5A:E3:70:BB master-interface=2G5 name=2G6
add configuration=cfg2FON disabled=no mac-address=4A:8F:5A:E3:70:BC master-interface=2G5 name=2G7
add configuration=cfg2GUEST-bar disabled=no mac-address=4A:8F:5A:E3:70:BD master-interface=2G5 name=2G8
add configuration=cfg2WIRELESS disabled=no name=2G9 radio-mac=48:A9:8A:E8:E3:0E
add configuration=cfg2SMARTHOME disabled=no mac-address=4A:A9:8A:E8:E3:0E master-interface=2G9 name=2G10
add configuration=cfg2FON disabled=no mac-address=4A:A9:8A:E8:E3:0F master-interface=2G9 name=2G11
add configuration=cfg2GUEST-bar disabled=no mac-address=4A:A9:8A:E8:E3:10 master-interface=2G9 name=2G12
add configuration=cfg2WIRELESS disabled=no name=2G13 radio-mac=C4:AD:34:47:60:E2
add configuration=cfg2SMARTHOME disabled=no mac-address=C6:AD:34:47:60:E2 master-interface=2G13 name=2G14
add configuration=cfg2FON disabled=no mac-address=C6:AD:34:47:60:E4 master-interface=2G13 name=2G15
add configuration=cfg2GUEST-bar disabled=no mac-address=C6:AD:34:47:60:E5 master-interface=2G13 name=2G16
add configuration=cfg5WIRELESS disabled=no name=5G radio-mac=C4:AD:34:47:60:E3
add configuration=cfg5GUEST-bar disabled=no mac-address=C6:AD:34:47:60:E3 master-interface=5G name=5G2
add configuration=cfg5WIRELESS disabled=no name=5G3 radio-mac=18:FD:74:6F:80:CB
add configuration=cfg5GUEST-bar disabled=no mac-address=1A:FD:74:6F:80:CD master-interface=5G3 name=5G4
add configuration=cfg5WIRELESS disabled=no name=5G5 radio-mac=48:8F:5A:E3:70:BC
add configuration=cfg5GUEST-bar disabled=no mac-address=4A:8F:5A:E3:70:BE master-interface=5G5 name=5G6
add configuration=cfg5WIRELESS disabled=no name=5G7 radio-mac=48:A9:8A:E8:E3:0F
add configuration=cfg5GUEST-bar disabled=no mac-address=4A:A9:8A:E8:E3:11 master-interface=5G7 name=5G8
/interface wifi capsman
set ca-certificate=WiFi-CAPsMAN-CA-CC2DE07B26A7 certificate=WiFi-CAPsMAN-CC2DE07B26A7 enabled=yes interfaces=vlan-MANAGEMENT package-path=usb2/dude/files/packages require-peer-certificate=yes upgrade-policy=\
    none
/interface wifi provisioning
add action=create-enabled comment="cAP-03 Bar" disabled=no identity-regexp=cAP-03 master-configuration=cfg2WIRELESS name-format=2G slave-configurations=cfg2SMARTHOME,cfg2FON,cfg2GUEST-bar supported-bands=\
    2ghz-n
add action=create-enabled comment="cAP-03 Bar" disabled=no identity-regexp=cAP-03 master-configuration=cfg5WIRELESS name-format=5G slave-configurations=cfg5GUEST-bar supported-bands=5ghz-ac
add action=create-enabled comment=cAP-ALL disabled=no master-configuration=cfg2WIRELESS name-format=2G slave-configurations=cfg2SMARTHOME,cfg2FON,cfg2GUEST-bar supported-bands=2ghz-n
add action=create-enabled comment=cAP-ALL disabled=no master-configuration=cfg5WIRELESS name-format=5G slave-configurations=cfg5GUEST-bar supported-bands=5ghz-ac

Currently I have disabled WPA3 and didn’t care about FT.
Actually the FT and WPA3 would only be relevant for the “lan.robtor.de” network, and maybe for the fon network.

wifi interworking. Holy batman, that is not even documented.

I’m sticking with the legacy wireless drivers for this very reason. Really do need to either replace CAPsMAN with a better controller system or sort out the driver.

I really put some hope into this: http://forum.mikrotik.com/t/question-to-our-users-about-controllers/178791/1

Had an older install that I haven’t been able to replace the wireless.

The router had to be replaced. They also finally got a public IP. I wanted to use Wireguard and updated all the way up to current firmware …

Oops.

Still have cap ACs there

Updated to current firmware and just waited…

But the next morning I was getting complaints again about things not connecting.

Check caps-man and I see connected devices.

With all the yelling I didn’t bother… Disable all the radios for 10 seconds. Bring them back up. Everything connects again. Looks exactly the same to me. Then I moved over to Interfaces and actually saw traffic going out

“Wait .. whatever you did fixed it.”

Ugg…

Set a scheduler to disable the radios and renewable them every morning right before they open.

That’s worked for the last week.

Is this a wireless or wifi story?

It’s a reminder the daily “blink the radios”. Was still needed after switching to the new radio drivers.

So “wifi” (ac).

Which version of ROS do you run? I never had such issues with qcom-ac drivers. As at the beginning of this thread I had problems only with FT and WPA3.

And to not let this topic drift away, did anyone find some misconfiguration from me? Maybe with the connect-priority?

In general when having WPA3 enabled my phones do not roam between the APs. They stay connected even when having really poor connectivity. Ans switch over really late or even when re-enabling wifi on the phones.

Yeah, I don’t have such issues either with wifi-qcom-ac. But I do not have to deal with or support “enterprise” hardware. I have some devices that do not support FT (like an old ipad mini 2 or 3 with some iOS 9 or something) or devices that do not support enforced 802.11w. But no one sane would enforce either one in a “enterprise” environment either way. And I did not have a single case in over 6 months of wifi-qcom-ac where I had to “reboot the AP” so a client can connect again. Sounds more like a legend to be honest. But it may really have happened.

But gotsprings said: “was still needed”. So maybe this particular setup needed this daily reboots ever since. Even with legacy wireless. We don’t know and won’t find out. Let us know when you finally replaced the caps with Cambium gear.

So, anyone here who is experienced with qcom-ac & FT?
Is there sth obvious I have configured wrong?

7.15.3 No FT. WPA2

Actually what I said with my first post, just without switching back to old wireless.

I was only in the hope that maybe @erlinden could help

With the old driver the CAPs would stop accepting clients. No amount of futzing fixed it.

Rebooting worked.

But I found years ago when caps would stop passing traffic to a printer… I could disable the radio and reenable it. That would reconnect the printer and allow other clients on the 2.4 again.

With this install as its been there for years… I put in a “blink radios” schedule. Everyday, before the staff comes in… all radios blink off and back on. Not a power cycle.

Updated to ACv2 drivers and turned off the blink. 2 days later getting the calls that nothing connects. Hit the blink button… everything got back on line.

Yes I have told them that when they move… those radios are not coming with them.