bgscan not selecting best BSS
dcbw at redhat.com
Tue Nov 24 13:56:19 EST 2020
On Mon, 2020-11-23 at 22:12 +0000, Matt Brown wrote:
> I am trying to configure a device to connect to the best BSS where
> there are multiple BSS with the same SSID. I added the following
> configuration to my wpa_supplicant.conf file:
> The following is a debug log snipit:
> bgscan simple: scan result notification
> wlan0: Radio work 'scan'@0x1f091680 done in 4.125345 seconds
> wlan0: radio_work_free('scan'@0x1f091680): num_active_works --> 0
> wlan0: Scan results matching the currently selected network
> wlan0: 0: 11:11:11:11:11:11 freq=5785 level=-70 snr=22
> wlan0: 1: 22:22:22:22:22:22 freq=2437 level=-42 snr=47
> wlan0: Selecting BSS from priority group 5
> wlan0: 0: 11:11:11:11:11:11 ssid='test1' wpa_ie_len=0 rsn_ie_len=20
> caps=0x1531 level=-70 freq=5785
> wlan0: selected based on RSN IE
> wlan0: selected BSS 11:11:11:11:11:11 ssid='test1'
> Digging into the code I noticed that the bgscan_simple_notify_scan()
> function in bgscan_simple.c returns 0 which leaves the BSS selection
> to the "existing BSS/ESS selection routine." The normal BSS selection
> that takes place in the wpa_supplicant_pick_network() function in
> events.c just picks the first BSS in the scan list that matches the
> correct SSID, encryption type, etc. This single BSS gets passed to
> wpa_supplicant_need_to_roam() to determine if roaming should occur.
> This means that if there are two BSS with the same SSID it will not
> make an intelligent selection between the two which is what I assumed
> would be happening with the bgscan configuration.
> In my specific circumstance, this results in the 5GHz network being
> chosen as the "selected" BSS and then no roaming occurs even when the
> signal strength on the 2.4GHz network is far better.
> Is this a bug or expected behavior? If this is expected I will
> probably move forward with implementing a new bgscan module that
> chooses the BSS based off signal strength, throughput, etc.
Almost... bgscan_simple doesn't do anything with the *results* of the
scan, but it does trigger the scan at various times according to
timeouts and signal strength changes.
When the scan is done, an event is generated and it ends up
in _wpa_supplicant_event_scan_results(). What you're missing
(understandably, it's complicated) is that the function calls
wpa_supplicant_get_scan_results() at the top.
And that function sorts the scan results from best -> worst. So by the
time wpa_supplicant_pick_network() gets to pick the BSS and grabs the
first one, that first one is already the "best" BSS (theoretically).
Look for the wpa_scan_result_compar() function in scan.c.
There are a couple reasons why it might rank the 5GHz BSS first. But
you'd have to turn on the "excessive" logging level to figure that out,
so that dump_scan_res() prints out the detailed results.
Eg, questions like... does the 2.4GHz AP only advertise WPA1? Does your
driver set the "qual" member of the scan result?
More information about the Hostap