Who Is On Your WiFi

WiFi routers/APs provide GUI to check devices connected to your network. I prefer CLI that returns more information. Routers/APs using Broadcom chips come with a command line utility called wl which allows users to set and check many aspects of WiFi functionalities. Other chip vendors shall have a similar tool but below we focus on Broadcom.

To see a list of connected devices,

$ wl -i eth1 assoclist

assoclist XX:XX:XX:92:XX:98

-i specifies the interface. On my RT-AC56U, eth1 is the 2.4GHz network. The command returns MAC addresses of connected devices.

To get detailed information about this device,

$ wl -i eth1 sta_info XX:XX:XX:92:XX:98

 STA XX:XX:XX:92:XX:98:
	 rateset [ 1 2 5.5 6 9 11 12 18 24 36 48 54 ]
	 idle 21 seconds
	 in network 14891407 seconds
	 flags 0x2e13b: BRCM WME PS N_CAP AMPDU MIMO-PS
	 HT caps 0x100:  STBC-Rx
	 tx data pkts: 28575451
	 tx data bytes: 21786367231
	 tx ucast pkts: 14225795
	 tx ucast bytes: 12224295434
	 tx mcast/bcast pkts: 14349656
	 tx mcast/bcast bytes: 9562071797
	 tx failures: 10038
	 rx data pkts: 24295358
	 rx data bytes: 10566915366
	 rx ucast pkts: 11463815
	 rx ucast bytes: 714453268
	 rx mcast/bcast pkts: 12831543
	 rx mcast/bcast bytes: 9852462098
	 rate of last tx pkt: 1000 kbps
	 rate of last rx pkt: 65000 kbps
	 rx decrypt succeeds: 15912316
	 rx decrypt failures: 22
	 tx data pkts retried: 46878
	 tx data pkts retry exhausted: 10038
	 per antenna rssi of last rx data frame: -29 -31 0 0
	 per antenna average rssi of rx data frames: -27 -28 0 0
	 per antenna noise floor: -84 -77 0 0

The first line that catches my attention is "in network 14891407 seconds". This indicates the duration of the device being connected to the WiFi network. This particular case translates to 172 days 8 hours 30 minutes 7 seconds! The device is my 3rd-gen Apple TV. It basically keeps connected forever without any hiccup since the AP was previously rebooted.

The line below indicates the connection state, "AUTHENTICATED ASSOCIATED AUTHORIZED". A client initiates authentication and association in two phases to the AP. When authentication and then association pass, the client is authenticated and associated. I couldn't find a definition for "authorised" in 802.11 standards. Is it a Broadcom terminology?

The next few lines are flags, HT caps and VHT caps. We will come back to them.

Then we have many lines of transmit (tx) and receive (rx) statistics. The direction is defined as "tx" sending from AP to the client. All these numbers are accumulative and persistent as long as the AP is not rebooted! Even though portable clients may join and disconnect from the network many times.

Among tx/rx statistics, I find rx decrypt failures, tx data pkts retried and tx failures interesting. Receive seems performing very well with only 22 packets that cannot be decrypted (maybe due to noisy channel). Transmit is also very good though not as good as receive. tx failures (10038) is about 21% of tx data pkts retried (46878) which in turn is only a tiny fraction of total tx packets. Given the AP is 2x2 and 3rd-gen Apple TV is 1x1, no surprise here that the AP performs better at rx than tx with respect to this client. Anyhow my radio environment seems mild and both devices demonstrate outstanding performance.

Also worth point out rate of last tx pkt and rate of last rx pkt are the physical link rates as of last tx/rx. The very last three lines are the signal and noise levels.

Common flags, HT caps & VHT caps

Flags, HT caps (802.11n) and VHT caps (802.11ac) indicate additional features supported by connected devices. These functionalities are considered optional for implementation in 802.11 standards.

40MHz: indicates support of 40MHz bandwidth in 2.4GHz band.

SGI20: indicates support of short guard interval (SGI) in 20MHz bandwidth on 2.4GHz band. Short guard interval improves throughput a bit.

SGI40: indicates support of SGI in 40MHz bandwidth on 2.4GHz.

SGI80: indicates support of SGI in 80MHz bandwidth on 5GHz.

AMPDU: indicates support of MAC Protocol Data Unit (MPDU) aggregation which is a key feature in 802.11n and carried forward to 802.11ac. It increases throughput at the expense of possibly a bit more jitter in packet delivery. Personally I would use it if no hiccup experienced in your real-time applications such as WiFi Calls.

AMSDU: indicates support of MAC Service Data Unit (MSDU) aggregation. Similar to AMPDU but one sub-layer up. One MPDU could contain multiple MSDU. Consumer WiFi routers/APs may include a checkbox "Optimize AMPDU aggregation" in advanced wireless settings. For example, in ASUSWRT it translates to flip the NVRAM variable, wl_ampdu_mpdu. Under the hood, I suspect the wireless driver may well enable both AMSDU and AMPDU if applicable.

LDPC: indicates support of using low-density parity-check code (LDPC) to transmit data over a noisy channel. LDPC isn't new. Unrelated but worth point out LDPC is a new star in the 5G mobile network since it's selected as the encoding scheme for data channel in eMBB (enhanced mobile broadband) scenario (simply put smartphones).

MIMO-PS: MIMO Power Save mode e.g. if a device supports 2x2, it may only use 1x1 for tx/rx small data to preserve battery.

N_CAP: indicates support of 802.11n.

PS: Power Save mode. The original power conservation scheme defined in 802.11? I see this flag on iPhone 6. Apple has good reputation in managing WiFi's power consumption in its mobile devices. According to this study though, the benefit of PS is minimal.

STBC-Rx, STBC-Tx: space-time block code (STBC) improves reliability of data transfer over a noisy channel. STBC-Rx indicates the device is able to receive STBC encoded data. STBC-Tx indicates ability to transmit STBC encoded data.

SU-BFR: indicates support of single-user beamformer. In 802.11 standards, a beamformer is a transmitter who can send in beamform.

SU-BFE: indicates support of single-user beamformee. A beamformee is a receiver who can receive in beamform. A beamformee may not be able to send as a beamformer.

MU-BFE, MU-BFR: indicates support of multi-user equivalent of beamformee and beamformer capabilities.

VHT_CAP: indicates support of 802.11ac.

WME: Wireless Multimedia Extension (WME) implements QoS over (and only over) RF communication.

comments powered by Disqus