I observe wifi station TX bandwidth to be reduced from 160MHz to 80MHz while the station is farther away versus it is closer to AP. I'm using "iw wlan0 station dump" command to check that. AP is forced to 160MHz and it actually use 160MHz for downlink for both cases. But the AX200 station is using 80MHz for uplink after the RSSI is lower than say about -60dBm.
I've checked this with Intel AX200 card. To confirm this is not a card related I also checked Broadcom Xeon 1200 card. Same here. Also a number of different AP was tested. All results are consistent.
Since Intel AX200 uses Intel proprietary Rate Control Algorithm "iwl-mvm-rs" and Broadcom use some other, I know the bandwidth limitation must be introduced by linux itself (mac80211 / cfg80211?). Which part it could be? Can I fix it to 160MHz?
This bandwidth reduction is probably the part of Rate Control Algorithm but the strange thing is that AP downlink bitrate is for example 500Mbits/s (160MHz) while in the same time uplink is 250Mbits/s (80MHz). On the closer locations the bitrate is the same e.g. 1000Mbits/s (160MHz) for both downlink and uplink. Thus this might be some kind of a bug to reduce the bandwidth too early.
Does anybody have the BLE Advertising Packet format that shows the relation (e.g. a hierarchy graph) among packet preamble, MAC address, and CRC fields? A graph that shows the length of bits for each field would be the best.
This is written in the Bluetooth Core
Specification https://www.bluetooth.com/specifications/specs/core-specification/ in the Link Layer chapter, section 2.1.
The advertising bluetooth device address is found in section 2.3.1.1 (ADV_IND).
I have a raspberry pi, a WLAN stick (Ralink Technology, Corp. RT5370) in monitor mode and tcpdump (+tshark) installed.
Now I want to read link layer packages from a WLAN wristband device that patients in a retirement home use. This device sends link layer data every second in order to be detected by access points using fingerprinting. The content of this packages is not important, only the RSSI values and the MAC of the device is needed.
With my rPi now I wants to detect when a patient is neat to its own flat door in order to open it automatically. For this, the Pi needs to receives this LLC packages so that I can use the associated RSSI value to calculate the distance.
Using Wireshark and Windows (Airpcap) I can read these LLC packages without problems. The output is for example:
35748 152.953461000 00:00:00_00:00:00 57:01:ff:00:00:00 LLC 62 I, N(R)=0, N(S)=0; DSAP NULL LSAP Individual, SSAP 0x1e Command
If I do the same thing on raspbian using tcpdump or tshark, I don't receive data at all.
tcpdump (command is sudo tcpdump llc -i wlan1) returns
tcpdump: 'llc' supported only on raw ATM
Looks like my linux/driver is not able to pass link layer data to tcpdump. How can I enable it?
Thank you for any hint
UPDATE
Thanks to Guy Harris I found a solution
sudo tcpdump -e -i wlan1 type data
returns all LLC packages and the -e value adds all types of mac. Output is something like this where TA is the MAC of the device. I parsed it using python line by line to get the data I needed
02:56:21.346146 11.0 Mb/s 2462 MHz 11b -53dB signal antenna 1 RA:01:40:96:00:00:03 (oui Unknown) TA:00:18:8e:40:62:03 (oui Unknown) DA:00:00:00:00:00:00 (oui Ethernet) SA:00:00:00:00:00:00 (oui Ethernet) LLC, dsap Null (0x00) Individual, ssap OSI (0xfe) Response, ctrl 0x0b: Unnumbered, 0b, Flags [Response], length 24
BR
Stefan
tcpdump: 'llc' supported only on raw ATM
First of all, the filter comes after all the command-line flags, including -i, so, if you're going to be capturing on wlan1 with a filter, what you want is
sudo tcpdump -i wlan1 {filter}
That's how tcpdump works - the filter comes after all the command-line flags and the arguments to those flags, including -i, -r, etc.
Second of all, "llc" means something very specific - from the "pcap-filter" man page (with older versions of libpcap and tcpdump, it's in the tcpdump man page, but the filter expressions aren't understood by tcpdump, they're understood by libpcap, the library tcpdump uses to capture and to read capture files):
llc True if the packet is an ATM packet, for SunATM on Solaris, and
is an LLC-encapsulated packet.
On 802.11, all 802.11 data frames have an 802.2 LLC header, so you want
tcpdump -i wlan1 type data
which will filter out management and control frames (which don't have 802.2 LLC headers).
When I run:
iwconfig wlan0 | grep -i quality
on my Raspberry Pi, with a wifi card installed, it reports back to me with:
Link Quality=99/100 Signal level=48/100 Noise level=0/100
How can I get iwconfig or some other network tool to report the signal level back to me in dBm instead of an arbitrary fraction?
It's a matter of the Network Interface Card or of the relatives Drivers.
To workaround you can use this simple formula I to do the conversion.
dbm=(fraction_of_total/2)-100
Of course is an approximation and results may vary from chipset to chipset but is how I solved.
You can alternatively find the correct Drivers if you know the wifi card is capable RSSI sampling. But that's usually not easy.
Is there any implementation or library that I can use to calculate the SNR (Signal noise ratio) of a wifi signal on a linux machine which is connected via an ad-hoc network?
I guess you can include <linux/wireless.h> and see what ioctl() returns on a SIOCGIWSPY.
The struct iw_quality will contain some of the information you are looking for: http://www.cs.fsu.edu/~baker/devices/lxr/http/source/linux/include/linux/wireless.h?v=2.6.11.8#L504
This is what iwlist does internally.
You can use iwlist command like this:
iwlist scan
It will produce some output like this:
wlan0 Scan completed :
Cell 01 - Address: XX:XX:XX:XX:XX:XX
Channel:11
Frequency:2.462 GHz (Channel 11)
Quality=59/70 Signal level=-51 dBm
Encryption key:on
...
May be you are interested in the reported "Quality".