Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 901
  • Last Modified:

Wirless connection dropping frequently

Here's my setup:

TL-WN721N USB adapter. This uses:

goose@vaio:/tmp$ lsmod | grep ath
ath9k_htc              43082  0 
ath9k_common           12648  1 ath9k_htc
ath9k_hw              311433  2 ath9k_common,ath9k_htc
ath                    17114  3 ath9k_hw,ath9k_common,ath9k_htc
mac80211              171389  1 ath9k_htc
cfg80211              113445  3 mac80211,ath,ath9k_htc
usbcore               104555  7 ehci_hcd,uhci_hcd,btusb,ath9k_htc,uvcvideo,usbhid

Open in new window

My router is BT Home Hub 4 (Type A) | Software version 4.7.5.1.83.8.130.1.17 | Last updated 08/12/13 (the latest firmware)
This is its wireless config:
config 1config 2
The problem is that the wireless connection drops frequently with the following coming up when that happens in /var/log/messages

Mar 10 08:54:34 vaio wpa_supplicant[2590]: wlan1: WPA: Group rekeying completed with cc:33:bb:12:a7:fc [GTK=TKIP]

Open in new window


I've got an idea what could be causing this but don't want to bias you diagnosticians by mentioning it. Even if i'm right, i'm not sure of a good solution.

What do you think can be done?
0
CEHJ
Asked:
CEHJ
  • 24
  • 16
  • 8
  • +1
3 Solutions
 
masnrockCommented:
Try to see what happens if you get rid of encryption on the wireless network. If that stablizes things, try using WPA instead of WPA2. If things stay stable then it is possible that your wireless card is not playing nice with WPA2.

Have you made sure that your wireless adapter is using the latest available driver? You could even try using a more generic driver (for the chipset rather than the card itself)
0
 
CEHJAuthor Commented:
OK,  i think perhaps i'm going to mention my 'theory' such as it is. I have a suspicion that TKIP could be a problem. As i understand it, and here i could easily be wrong, TKIP was introduced as a partial patch to earlier protocols such as WEP, the idea being to 'roll' the key to prevent cracking. The next part of the theory is that BT don't want to break too many wireless drivers by using the more up-to-date AES. I think it's conceivable that my driver/adapter could have a problem with TKIP. So that's the theory and i have little evidence for it.

Disabling encryption could be a good test and of course if it works better, it wouldn't go against the above theory.
0
 
Craig BeckCommented:
TKIP was designed for WPAv1.  Your router is using WPAv2 with TKIP though so I'd guess that's the problem.

Although TKIP is supported by WPAv2 it doesn't play nice with all devices.  You should either use WPA/TKIP or WPA2/AES.  I don't think you get the option to choose AES or TKIP though on the BT HomeHub (I have a HH3), so you can only really go with WPA.  That should force the HH to use TKIP although it's not guaranteed.

The problem with using WPA/TKIP is that you can't get the 802.11n data-rates.  You must use AES for 802.11n to work.
0
Identify and Prevent Potential Cyber-threats

Become the white hat who helps safeguard our interconnected world. Transform your career future by earning your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

 
CEHJAuthor Commented:
Although TKIP is supported by WPAv2 it doesn't play nice with all devices.
So you think my theory could be correct? ;)
I don't think you get the option to choose AES or TKIP though on the BT HomeHub (I have a HH3)
You're not saying that you (personally) do get to choose AES are you?
so you can only really go with WPA.  That should force the HH to use TKIP although it's not guaranteed
I'm confused - i thought we want to avoid TKIP..?
0
 
Craig BeckCommented:
So you think my theory could be correct? ;)
I think you are on the right track.

You're not saying that you (personally) do get to choose AES are you?
No.  I'm not at home and can't access my HH3, but I seem to remember that you don't get the option to choose the encryption.  What I mean is that I can't be 100% sure.

I'm confused - i thought we want to avoid TKIP..?
That's not what I'm saying exactly...

Your HH4 is set to use WPA2 only.  That means that ONLY AES should be used, but you're clearly using TKIP.  TKIP was designed for WPA1 not WPA2, therefore the fact that TKIP is being used with WPA2 might be the issue.  If we force the HH4 to use WPA1 it should also force it to use TKIP only.  That would be a good combination (WPA and TKIP) so you shouldn't get issues like you are now with WPA2 and TKIP.
0
 
CEHJAuthor Commented:
TKIP was designed for WPA1 not WPA2, therefore the fact that TKIP is being used with WPA2 might be the issue.  
OK, so i think you're saying that it's not necessarily TKIP per se that's the problem, but TKIP mixed with WPA2 (please correct me if i'm wrong)
I'll switch to WPA(1) only and see if that helps
0
 
Craig BeckCommented:
OK, so i think you're saying that it's not necessarily TKIP per se that's the problem, but TKIP mixed with WPA2
Bingo! :-)
0
 
CEHJAuthor Commented:
NUpdate: i'm going to try the following. I think i originally eschewed the n setting as i guessed that another household device wouldn't support n, so if im right about that (i'll find out later) then i'll go with Plan A

N

Aargh! Still getting

Mar 10 18:03:07 vaio wpa_supplicant[2590]: wlan1: WPA: Group rekeying completed with cc:33:bb:12:a7:fc [GTK=TKIP]

Open in new window


Going to reboot HH
0
 
Craig BeckCommented:
Don't bother trying the 40MHz option.  At 2.4GHz that won't work with most devices now as everyone agreed that using 40MHz channels would use too much of the frequency band and cause unnecessary interference.  That means that a lot of devices don't support 40MHz channels at 2.4GHz so you might see worse performance, or no connection at all.

You could try configuring your PC/Laptop's wireless profile manually.  This will let you specify WPA1 only on the HH and WPA1 and TKIP on the laptop.
0
 
CEHJAuthor Commented:
So far, it doesn't seem any worse ;)

The following are the (gui) options i have for Network Manager

Conf options
0
 
Craig BeckCommented:
OK you may not (probably) be connecting at 802.11n rates then.

Hmmm you can't specify the encryption there either?
0
 
CEHJAuthor Commented:
No, that's the lot
0
 
Craig BeckCommented:
Is there a different driver you could use that gives you the options?
0
 
masnrockCommented:
WPA2 uses AES by default, whereas WPA used TKIP. And yes, as each encryption method was introduced, it was meant to address previously found flaws in the previous schemes. It is possible that your wireless devices do not support things quite right, or that something needs an update.
0
 
CEHJAuthor Commented:
It's all a bit puzzling. Something seems to be 'sticking to' TKIP. I haven't yet seen a driver other than the kernel module in use as shown above. That's not to say it doesn't exist but i get the feeling it ought to 'just work'
0
 
Craig BeckCommented:
You're right - it 'ought' to work, and it does sometimes, but some devices follow the standards better than others.  Unfortunately I don't think the HH4 is one of those devices which adheres too well, in an attempt to maximize compatibility.

Do you have a smartphone you can try?
0
 
CEHJAuthor Commented:
Do you have a smartphone you can try?
Afraid not - mine's as dumb as hell

It must be said that another laptop here with the same OS (not too sure about the wireless chipset) doesn't have any problem with the HH4
0
 
Craig BeckCommented:
That makes me think even more that it's a driver thing.

Have you had a look here...?

http://wireless.kernel.org/en/users/Drivers/ath9k_htc
0
 
gheistCommented:
WPA(1) group rekey is a security measure to protect against weaknesses in TKIP protocol
And documentation says you can choose between
NOTHING
WEP
WPA1
WPA2
WPA1 and 2

Actually if you choose (tha very insecure) WEP linux will rekey every few seconds and your router will heat up considerably.
0
 
CEHJAuthor Commented:
Have you had a look here...?

http://wireless.kernel.org/en/users/Drivers/ath9k_htc
Yes. As you can see though, that's what i'm currently using
0
 
gheistCommented:
Try to set WPA2-only on access point, that is the only secure config nowadays.
0
 
CEHJAuthor Commented:
Yes, that's what the AP is currently set to
0
 
gheistCommented:
Weird, it should not provide TKIP then
Maybe ther is some super-duper advanced setting altering between AES/TKIP/Both ?
0
 
CEHJAuthor Commented:
Hmm. Maybe there's something that could be done with wpa-supplicant?
0
 
gheistCommented:
For yout network in /etc/wpa_supplicant.conf

# aka WPA2
mode=RSN
#aka AES
pairwise=CCMP
group=CCMP
0
 
masnrockCommented:
Which Linux distro are you using?
0
 
CEHJAuthor Commented:
For yout network in /etc/wpa_supplicant.conf

Looks promising!

Which Linux distro are you using?
Debian Wheezy + XFCE
0
 
masnrockCommented:
Well actually, you should be good to go once you use gheist's post if you're using WPA2 only. Otherwise, you need to switch to WPA + WPA2, which does allow for the usage of TKIP for compatibility's sake. And as craigbeck cited, you would not be able to get N speeds with anything below WPA2, unless you turned off security completely. Have you also checked for patches for your OS? They might have fixed that option at least.
0
 
gheistCommented:
depends. if you have networkmanager running then you need to use nm-applet in xfce to set network options.
0
 
CEHJAuthor Commented:
What i'd like to do is experiment a little with wpa_cli before i try setting a file-based config. As it happens, the only wpa_supplicant.conf on my system is one used by dbus and certainly looks nothing like the man example configs
0
 
CEHJAuthor Commented:
then you need to use nm-applet in xfce to set network options.
Certainly looks that way unless i hack it to override it
0
 
gheistCommented:
you can experiment with nm-applet, in worst case remove network definition and connect again...
0
 
CEHJAuthor Commented:

you can experiment with nm-applet, in worst case remove network definition and connect again...

Trouble is, that won't let me do much (see total options for security above)
0
 
gheistCommented:
gnome-network-manager is the control panel with all options (there is no LXDE equivalent, so LXDE gives gnome variant as own child)
0
 
CEHJAuthor Commented:
network-manager-gnome is the package i have installed. It contains nm-applet (screenshot shown above)
0
 
gheistCommented:
you have network configurator in menu where you can force WPA2 and AES
0
 
CEHJAuthor Commented:
THIS post (an intricate screenshot ;)) shows the only security config options i currently have
0
 
gheistCommented:
On OpenSUSE/kde i have dialog automatic/tkip/aes-ccmp when i select wpa/wpa2 psk
0
 
masnrockCommented:
Could you show us the contents of your existing config file?
0
 
CEHJAuthor Commented:
Could you show us the contents of your existing config file?
There isn't one as such - only the dbus one. This is how wpa-supplicant is launched:
 /sbin/wpa_supplicant -u -s -O /var/run/wpa_supplicant

Open in new window

which is mysterious in itself as most of those switches are not even in my man page

fwiw, i attach the dbus file
wpa-supplicant.conf.txt
0
 
gheistCommented:
it should be /etc/wpa_supplicant.conf or something like that.
0
 
CEHJAuthor Commented:
But i've already said - it doesn't exist on my system
0
 
gheistCommented:
Connections are under /etc/NetworkManager/system-connections
man 5 nm-settings has following:
(it did not copy/paste well, but if you press /CCMP in manual page it gets right one)
0
 
CEHJAuthor Commented:
Well done! Here it is

[connection]
id=BTHub4-CK85
uuid=3d2bde2a-bd3f-40e1-94fe-597093681f50
type=802-11-wireless
timestamp=1391261393

[802-11-wireless]
ssid=BTHub4-CK85
mode=infrastructure
mac-address=54:E6:FC:88:7C:42
security=802-11-wireless-security

[802-11-wireless-security]
key-mgmt=wpa-psk
psk=XXXXXXXXXXXXXXXX

[ipv4]
method=auto

[ipv6]
method=ignore
ip6-privacy=2

Open in new window

0
 
gheistCommented:
This will force WPA2+AES:

[802-11-wireless-security]
key-mgmt=wpa-psk
psk=XXXXXXXXXXXXXXXX
proto=rsn
pairwise=ccmp
group=ccmp
0
 
CEHJAuthor Commented:
I can't find any corroboration in man pages. These seem to be the only ones i have:

goose@vaio:/tmp$ lc NetworkManager | grep man
/usr/share/man/man5/NetworkManager.conf.5.gz
/usr/share/man/man8/NetworkManager.8.gz
goose@vaio:/tmp$ lc NetworkManager | grep man
/usr/share/man/man5/NetworkManager.conf.5.gz
/usr/share/man/man8/NetworkManager.8.gz
goose@vaio:/tmp$ lc nm- | grep man
/usr/share/man/man1/nm-applet.1.gz
/usr/share/man/man1/nm-online.1.gz
/usr/share/man/man1/nm-tool.1.gz
/usr/share/man/man5/nm-system-settings.conf.5.gz

Open in new window

0
 
gheistCommented:
OpenSUSE:
$ apropos NetworkManager
NetworkManager (8)   - network management daemon
NetworkManager.conf (5) - NetworkManager configuration file
nm-online (1)        - ask NetworkManager whether the network is connected
nm-settings (5)      - Description of settings and parameters of NetworkManager
nm-system-settings.conf (5) - Deprecated NetworkManager configuration file
nm-tool (1)          - utility to report NetworkManager state and devices
nmcli (1)            - command - line tool for controlling NetworkManager

"lc" is mono licence compiler, no idea how it functions on ubuntu
0
 
CEHJAuthor Commented:
http://manpages.ubuntu.com/manpages/saucy/man5/nm-settings.5.html

Perhaps?

Mar 14 00:00:51 vaio wpa_supplicant[2591]: wlan1: WPA: Group rekeying completed with cc:33:bb:12:a7:fc [GTK=TKIP]

Open in new window

still happening after new settings
0
 
gheistCommented:
Fro the suse's mouth: (client has b43 card, server ralink, server is openwrt, and does not use TKIP or WPA1 as configured.

As you see WPA is used as name for  WPA2.

wlan0: WPA: Key negotiation completed with aa:bb:cc:dd:ee:ff [PTK=CCMP GTK=CCMP]
0
 
CEHJAuthor Commented:
I'm beginning to think that part of my kit, perhaps nm, perhaps wpa_, perhaps both, is not able to support this. I think missing gui options should be a signal that they're not going to be honoured if they're forced into config files. And that's what's happening - nm simply creates a new config file without my forced settings when a new session is created.
0
 
gheistCommented:
try to edit file with nm stopped?
0
 
CEHJAuthor Commented:
Thanks folks. Pretty unfathomable. It could be partly due to my poor quality router.
0
 
gheistCommented:
Try some friends' USB wifi card...
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

  • 24
  • 16
  • 8
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now