Wi-Fi Network Roaming

The layout of the home is strange, and the location of the router is relatively biased, so in some places, wifi cannot be covered. I want to add another WIFI router to achieve seamless roaming. This article is the knowledge point learned.

Background Knowledge

802.11 k/v/r enables devices and APs(Access Points) to take advantage of established industry standards to improve user roaming experience.
The 802.11 k/v/r protocol is implemented in software and does not involve hardware, so it needs the support of both APs and devices.

  • Advantages: Do not change hardware, only need to update Firmware to APs/devices, low cost
  • Disadvantages: Different manufacturers’ devices support the 802.11 k/v/r protocol differently, so the roaming effects are also different.

802.11 k (Neighbor Reports)

Wireless Access Points (APs) that support 802.11k are able to provide Neighbor Reports to devices. Neighbor Reports contain information about neighboring access points and allows the device to have a better understanding of its surroundings. Devices takes advantage of this capability by shortening the list of channels that the device needs to scan before finding a neighboring AP to roam to.

802.11v (BSS Transition Management Frames)

APs that support 802.11v can now direct devices to roam to another AP that it deems will provide a better WLAN experience for the device. Devices can now accept and respond to these Basic Service Set (BSS) Transition Management frames, leading to improved WLAN quality when connected to a network that supportsi 802.11v.

802.11r (Fast BSS Transition)

802.11r (Fast BSS Transition) defines the interaction details of STAs when roaming between different APs in the same mobile domain (MD), and provides a standard for fast BSS transition. The implementation of 802.11r fast roaming is:

  1. When the STA associates the APs in the MD for the first time, the master session key (MSK) obtained through 802.1x authentication is used, because the key is shared by the authenticator and the applicant, also known as the pairwise master key PMK. R1KH_ID calculates different PMK_R1 to distribute to other APs in the MD;
  2. When the STA switches APs, the STA directly uses the PMK_R1 sent to the target AP to negotiate the pairwise temporary key (PTK) and group temporary key (GTK) to shorten the roaming switching time and avoid repeating the time-consuming 802.1. x certification.

The 802.11r protocol mainly describes four parts: key management, FT initialization association, fast handover, and new information elements.

Plan of Roaming

There are AC + AP schemes, as well as the recently popular Mesh scheme.


This scheme relies on the AC controller.

Low-cost AC/AP solutions use culling mode for roaming. That is, after the AC issues parameters such as power / channel / password for the AP, it actively removes weak device under the AP to force the device to find the AP again.

  • Advantages: In the coverage area of APs, there is no need to wait for the device or user to actively switch APs with good signals. No matter where the device equipment is, it can be connected to the AP with the best signal quality.
  • Disadvantages: causing the device to be temporarily disconnected from the network.

The expensive AC/AP solution, in addition to the weak signal rejection mode, also has load balancing, 802.11 k/v/r protocols, and so on, so that the device can continue to network during the AP switching process.


Seamless roaming is based on the 802.11 k/v/r protocol and automatic deployment of APs.
The advantage is that the networking and deployment are more flexible, which can be used for wireless backhaul or plugged in network cables for wired backhaul.
The disadvantage is that different device have different roaming effects, such as iPhone’s complete implementation of 802.11 k/v/r, so it has the best roaming effect. There are too many Android phone versions, some do not support the 802.11 k/v/r protocol at all, and some only support some protocols, so some mobile phones have poor roaming effects, and some have good roaming effects.

Today’s Mesh routers generally have one primary and one secondary. The primary route has some AC functions. It pushes WLAN related parameters for the secondary route through a specific protocol, eliminating the need to manually configure the secondary route.

Qualcomm Chip

The Wi-Fi SON introduced by Qualcomm is to use 802.11 k/v/r to achieve roaming.

Therefore, as long as the router is a Qualcomm solution and manufacturers have purchased Qualcomm’s roaming rights, then they can use 802.11 k/v/r to achieve seamless roaming.

For example, Netgear R7800 is a router of Qualcomm scheme. It supports 802.11 k/v.
R7800 Roaming
Two R7800s with original firmware, one is router mode, the other is in AP mode, Wifi is set to the same parameters, both are in “routing address / debug.htm”. Check 802.11k to enable seamless roaming Already.
Or other routers do the main routing and turn off WIFI. The two R7800s turn on the AP mode and turn on 802.11k to achieve seamless roaming.

Asus ACRH17, Linksys (leader) EA7500 / EA8300 / EA9000 and other high-pass routers, both can achieve seamless roaming under the original firmware.

Roaming Experience

  1. Proper RF planning and layout is the first element of seamless roaming. To ensure continuous coverage of signals, the design of overlapping areas can adapt to mobile device roaming thresholds, adjacent AP channels should be staggered, and so on.

  2. 802.11 k/v is mainly used in large-scale commercial deployment scenarios. 802.11r is only effective for 802.1x-certified enterprise networks. The PSK authentication speed in home scenarios is already very fast, so as long as you have a reasonable layout and planning, Roaming handover will basically not be disconnected. If 802.11r is supported, the roaming handover process will be almost non-perceived.

  3. End-device support for 802.11 k/v/r.

  • The iOS device triggers a roaming threshold of -70dbm. When the signal strength is greater than -65dbm, the 5G band is preferentially connected.
    When deciding on a roaming target AP, if there is currently data transmission, select an AP with a signal strength 8dbm higher than the current AP. If there is no data transmission, select an AP with 12dbm higher.
  • iPhone 4s and later devices support 802.11 k/r,iPhone 5s and later devices support 802.11v
  • macOS dosen’t support 802.11 k/r
  • Windows 10 supports 802.11 k/v if allowed by the hardware and 802.11r on 802.1x certified networks
  • Samsung supports 802.11 k/v/r since Note8.
  • The mobile phone made by china is unknown.
  1. OpenWrt only needs to set the 802.11r Fast Transition option to enable 802.11r.
    In a PSK-certified network, the ft_over_ds option is meaningless because the information required for authentication is generated locally at the AP and does not involve communication between APs. (Update: there is still a difference in looking at the log. An error will be reported for ft_over_ds = 1, although it has no practical impact. It is recommended to set ft_over_ds = 0)
  2. Whether it is the same AP or different APs, they can achieve 802.11r fast switching between 5G and 2.4G bands.
  3. The APP Wi-Fi Magic Box roaming test is not very reliable, or it depends on the actual performance of the app in the real environment. To know whether the 802.11r fast switching is performed, the most accurate method is to look at the logs. OpenWrt adds a line option log_level ‘0’ under config wifi-device in /etc/config/wireless to enable detailed logging.
    The log for 802.11r fast handoff looks like this:
    Tue Jun 11 14:56:32 2019 daemon.debug hostapd: wlan1: STA 14:d0:0d:32:1a:58 IEEE 802.11: binding station to interface 'wlan1'
    Tue Jun 11 14:56:32 2019 daemon.debug hostapd: wlan1: STA 14:d0:0d:32:1a:58 IEEE 802.11: authentication OK (FT)
    Tue Jun 11 14:56:32 2019 daemon.debug hostapd: wlan1: STA 14:d0:0d:32:1a:58 MLME: MLME-AUTHENTICATE.indication(14:d0:0d:32:1a:58, FT)
    Tue Jun 11 14:56:32 2019 daemon.debug hostapd: wlan1: STA 14:d0:0d:32:1a:58 IEEE 802.11: association OK (aid 2)
    Tue Jun 11 14:56:32 2019 daemon.info hostapd: wlan1: STA 14:d0:0d:32:1a:58 IEEE 802.11: associated (aid 2)
    Tue Jun 11 14:56:32 2019 daemon.notice hostapd: wlan1: AP-STA-CONNECTED 14:d0:0d:32:1a:58
    Tue Jun 11 14:56:32 2019 daemon.debug hostapd: wlan1: STA 14:d0:0d:32:1a:58 MLME: MLME-REASSOCIATE.indication(14:d0:0d:32:1a:58)
    Tue Jun 11 14:56:32 2019 daemon.debug hostapd: wlan1: STA 14:d0:0d:32:1a:58 IEEE 802.11: binding station to interface 'wlan1'
    Tue Jun 11 14:56:32 2019 daemon.debug hostapd: wlan1: STA 14:d0:0d:32:1a:58 WPA: event 6 notification
    Tue Jun 11 14:56:32 2019 daemon.debug hostapd: wlan1: STA 14:d0:0d:32:1a:58 WPA: FT authentication already completed - do not start 4-way handshake