Uninterrupted WiFi: Roaming (Fast Transition)


The marketing term "mesh WiFi" often refers to the desire for a WiFi that simply works everywhere in the house. But what actually is a mesh WiFi? And what is really needed for WiFi to work everywhere and even when switching from one receiving station to another? My setup consists of two access points, which as a unit provide a single WiFi SSID. As access points I use devices from different manufacturers and OpenWrt as firmware. The access points provide uninterrupted reception when I move from one floor to another and switch to a slower 2.4GHz connection when I leave the 5GHz reception range, so that the WiFi works best everywhere. I explain my settings in detail at the end of the article.

Mesh WiFi

The term mesh WiFi is not clearly defined, yet it refers to multiple WiFi devices that together provide a single WiFi. Classic mesh WiFi systems usually also communicate with each other via WiFi, which is not suitable for all circumstances. As an example, LAN cabling between different floors of a building could often ensure a faster and more stable connection between WiFi access points.

What do I really need for an uninterrupted WiFi?

What most people expect with the term mesh WiFi is actually the 802.11r Fast Basic Service Set (BSS) Transition feature: the basis for allowing clients to move from one WiFi access point to another as quickly as possible: without interruption. Depending on the hardware used, the access points can be connected to each other via a wide variety of connections, such as WiFi, PowerLine or LAN cabling. The decision as to which access point is used for the connection lies with the client. Even though current devices together with access points and 802.11r already have very good roaming functionality, their behavior can be further optimized when 802.11k and 802.11v (seamless roaming: access point and band steering) are used.

How does 802.11r work?

In the case of multiple access points with the same SSID and key, the end device decides when to switch to another access point with better reception. When an end device connects to a WiFi, it must first authenticate itself and get an IP address from the DHCP server, which takes a little time. Normally, when switching from one access point to another, the device would have to go through the entire login process again and stop data traffic until the connection is complete. The 802.11r standard simplifies the connection process by shortening the login process when switching from one access point to another. Time-consuming tasks are eliminated. Without the need to fetch a new IP address from the DHCP server, the process of switching from one access point to another can be reduced to the point where the connection change results in no noticeable interruption.

What is Seamless Roaming?

The term seamless roaming is often used to describe the seamless change from one radio cell to the next. In addition to the 802.11r standard, the 802.11k and 802.11v standards are usually used, which provide clients with information about neighboring WiFi access points so that they can make better decisions about the connection.

What is Access Point Steering?

Access Point Steering is a router function that monitors all WiFi access points and their connected end devices and actively informs the end devices if another access point can provide a significantly better connection. Technically, Access Point Steering is based on the 802.11r, 802.11k and 802.11v standards.

What is Band Steering?

Two different frequency bands are used for WiFi: 2.4GHz and 5GHz. The 5GHz band delivers higher data throughput than the older 2.4GHz band, but has a shorter range. Band steering is a router feature that helps devices use the most appropriate frequency band for the connection, providing the most throughput and the best connection quality.

My setup: seamless WiFi reception over 2 floors with 3 different access points.

The two floors of my house are separated by a concrete ceiling, which makes it impossible to place a single WiFi access point in such a way that it can provide sufficient WiFi reception everywhere. Since the router of my provider offers only limited possibilities, I deactivated the WiFi on it and use the device purely for the Internet connection. The WiFi on the first floor is supplied by an additional router. I have placed this router centrally on the first floor and an additional access point in the living room. To improve the WiFi reception on the second floor, I placed another access point in the front hall. The devices are connected via LAN cabling, similar to the following experimental setup:

See also: Cabling, Variant 2

I use an aging but still fast Linksys WRT3200ACM as a router and a relatively new and relatively cheap Netgear WAC104 and an old Netgear EX3700 as access points. I have installed the latest OpenWrt firmware on all three devices: 23.05.3. I have also successfully put several TP-Link RE650 v2 and Zyxel NWA50AX into operation for other WLANs. If I need another access point in the future, for example to improve reception in the basement, I can use any hardware with OpenWrt support for that, see: OpenWrt hardware recommendation - available devices 2024.

In the article "LAN & WiFi in the home network: the ultimate guide" I simply enabled 802.11r in the OpenWrt options, which already allows an uninterrupted switch from one reception zone to another. Furthermore, enabling 802.11k and using a Client Steering Deamon can help the devices to always use the best connection if possible.

Prerequisite: OpenWrt-Wpad Full

To be able to use all WiFi features of OpenWrt, I replaced wpad-basic-wolfssl with the full version: wpad.


WLAN settings:

The bash commands for the WLAN settings presented here can also be easily set via the terminal, see:OpenWRT WLAN FT configuration - Generate online 

The same SSID, encryption and key should be used on all access points for both 2.4GHz and 5GHz. The WLAN name can be found in the tab: "General Setup"

The security settings and the WLAN password are set in the "Wireless Security" tab:

In my setup, I use WPA2-PSK and AES as encryption. Setting the encryption to "auto" caused problems with certain clients.

The country code should also be set in the device settings:

Background: With the default setting Country Code: "driver default", I was unable to activate the WLAN interface on one of the access points.

The status "disabled" only changed after setting the country code on one of my APs.

Advanced Settings: DTIM Interval 1,2 or 3?

If DTIM Interval 1 is used, the AP sends additional information about the WLAN network via broadcast and multicast frames with each beacon. The standard DTIM interval of OpenWrt is 2. Apple recommends a DTIM interval of 3 for their devices, as a higher value has a positive effect on standby power consumption. Certain manufacturers use a DTIM interval of 1 for the 2.4GHz network and an interval of 3 for the 5GHz network.

WLAN roaming settings

If not already done, 802.11r Fast Transition should be activated in the WLAN settings of all interfaces with the same WLAN key:

It is also important that the same mobility domain, in the form of a 4-digit hex code, is stored on all access points. Since OpenWrt specifies "4f57" as the default value on all devices, the mobility domain does not have to be specified.

"FT over the Air" should be used instead of "FT over DS" so that Apple devices also work without problems. The "Generate PMK locally" setting is recommended for WPA2 and "FT over the Air". Alternatively, "Generate PMK locally" can be deactivated if R0 and R1 key lists are used, see: OpenWrt: Generate external R0 and R1 key holders - online.If you prefer UCI commands in the terminal, you should take a look at the online helper: OpenWRT WLAN FT-Konfiguration - Online generieren

As already described in the article LAN & WLAN in the home network: the ultimate guide, activating the "802.11r Fast Transition" option is sufficient for the devices to connect without interruption when switching from one reception zone to another. The responsibility for switching to a different reception zone lies purely with the end device. A so-called Client Steering Deamon can be set up for additional support from the router.

Client steering

The Client Steering Deamon exchanges connection information with the other access points and can actively intervene in the behavior of the WLAN clients. For OpenWrt there are two different Client Steering Deamon: usteer and dawn, both require the following settings in the WLAN settings.

(The menu items under Interface Configuration / WLAN Roaming for 802.11k only become visible after activating WPad-Full and restarting the router).

To use "usteer", simply install the "usteer" package of the same name:

Client Steering Daemon: usteer

"usteer" can be installed via terminal or via the GUI as a software package on all access points:

 opkg update && opkg install usteer luci-app-usteer

luci-app-usteer provides an overview in the GUI of which clients are currently connected to which access point, or via the "Hearing map": which client is visible on which access point. The client list also shows whether all access points are ready for WLAN reception:

For AP steering to work, Usteer requires at least one value for "signal_diff_threshold"

In addition, "roam_scan_snr" must be set so that client scans for roaming are triggered.

I have also set these two settings on my devices:

Usteer can also be restricted to a specific WLAN in the settings:

See also the official documentation and a corresponding discussion in the OpenWRT forum.

As an alternative to "usteer", "dawn" can also be used for seamless roaming. I tested dawn for a short time with the default settings: I only swapped the usteer packages: "usteer" and "luci-app-usteer" for "dawn" and "luci-app-dawn". Band steering worked a little better for me with dawn, but I find the GUI interface of Usteer much clearer.

Settings directly in the terminal

Although all relevant settings can also be set in the management interface in the latest OpenWrt versions, the terminal sometimes offers the option of setting the settings more quickly or transferring them from one device to another.

Changing the settings directly via the terminal requires a connection with or another SSH client to all routers or access points, or to their IP address:

In the terminal, the WLAN settings can be edited with the following command:

vi /etc/config/wireless

To operate the VI terminal editor, see: VI Editor - Commands.

The settings can also be set via UCI commands in the terminal. Here are my current settings, including the option to customize them for your own setup using the online wizard: WLAN FT-Configuration - Generate Online

And: does it work? Checking the system log

When connecting for the first time, logging on to the access point looks like this: The smartphone logs in via a 4-way handshake and receives an IP address from the DHCP server:

OpenWrt hostapd: phy0-ap0: STA 11:22:33:44:55:00 IEEE 802.11: associated (aid 2)
OpenWrt hostapd: phy0-ap0: AP-STA-CONNECTED 11:22:33:44:55:00 auth_alg=open

OpenWrt hostapd: phy0-ap0: STA 11:22:33:44:55:00 RADIUS: starting accounting session 235E20F50584CA9B
OpenWrt hostapd: phy0-ap0: STA 11:22:33:44:55:00 WPA: pairwise key handshake completed (RSN)
OpenWrt hostapd: phy0-ap0: EAPOL-4WAY-HS-COMPLETED 11:22:33:44:55:00


OpenWrt dnsmasq-dhcp[1]: DHCPREQUEST(br-lan) 11:22:33:44:55:00
OpenWrt dnsmasq-dhcp[1]: DHCPACK(br-lan) 11:22:33:44:55:00 A53-von-Bernhard

OpenWrt hostapd: phy0-ap0: STA 11:22:33:44:55:00 IEEE 802.11: authenticated

The connections within range of a device and which of the access points the respective devices are connected to can also be displayed in the OpenWrt GUI "Network", "Usteer":

If another access point with better reception is within range, the device switches without noticeable interruption with an abbreviated login,

OpenWrtWZ usteer: usteer event=auth_req_accept node=hostapd.phy0-ap0 sta=11:22:33:44:55:00 signal=-62
OpenWrtWZ usteer: usteer event=assoc_req_accept node=hostapd.phy0-ap0 sta=11:22:33:44:55:00 signal=-64
OpenWrtWZ hostapd: phy0-ap0: STA 11:22:33:44:55:00 IEEE 802.11: associated (aid 1)
OpenWrtWZ hostapd: phy0-ap0: AP-STA-CONNECTED 11:22:33:44:55:00 auth_alg=ft

whereupon the connection to the original access point is disconnected:

OpenWrt hostapd: phy0-ap0: AP-STA-DISCONNECTED 11:22:33:44:55:00
OpenWrt hostapd: phy0-ap0: STA 11:22:33:44:55:00 IEEE 802.11: disassociated due to inactivity

Certain clients, especially non-mobile or older devices, may not be able to switch from one access point to another without a new 4-way handshake. Since stationary devices are not usually moved between reception zones, this should not normally cause any problems. If you want to use a specific access point for the devices, you can think about an additional Wi-Fi network for these devices:

In addition, separate WiFi identifiers for the different WiFi channels could be considered:

Separate WiFi identifier for 5Ghz?

The responsibility for switching from one AP to another or deciding which frequency band to use initially lies with the end device. Depending on the WLAN hardware installed and the driver used, the behavior of the devices may not always be optimal. The Steering Deamon can provide support at this point, but sometimes does not always make the best decisions. Especially when using 2.4GHz and 5GHz in the same mobility domain. The use of a separate WLAN identifier for 5GHz with its own mobility domain is often recommended as a solution. To ensure that the devices only connect to the 5GHz WLAN, "Automatically reconnect" can be deactivated on the mobile devices for all other WLAN networks.



When using the WiFi standards 802.11r/k/v, several access points can act as a common unit and provide the best possible WiFi reception. In addition to specific devices from one manufacturer, the standards can also be used with an open source firmware such as OpenWrt and devices from different manufacturers can be used: OpenWrt hardware recommendation - available devices 2024. For a simple setup in the terminal, see: OpenWrt WLAN FT-Configuration - Online Wizard


positive Bewertung({{pro_count}})
Rate Post:
{{percentage}} % positive
negative Bewertung({{con_count}})

THANK YOU for your review!

Questions / Comments

By continuing to browse the site, you agree to our use of cookies. More Details