Wifi roaming on the move redux

It has been nearly six years with a netbook and five since I last wrote about wifi roaming from the bus to stay on irc without a costly celluar link during the daily commute.  Since then, some readers have asked me to share my refinements to the method in a followup post. So here it is.

The software

On the server:

  • openssh-server
  • screen
  • irssi

On the client:

  • screen
  • wpasupplicant
  • isc-dhcp-client
  • openssh-client
  • openbox
  • sudo & gksudo (optional)
  • urxvt
  • wavemon (optional)
  • three shell scripts (provided below)

Putting it together: on the client

Make sure if you have a wireless manager installed (such as NetworkManager) it is configured to skip your wireless interface, disabled entirely, or if possible, removed. Set up /etc/wpa_supplicant/wpa_supplicant.conf and /etc/network/interfaces for roaming, as per the instructions in /usr/share/doc/wpasupplicant/README.modes.gz. Don’t forget to add yourself to the netdev group if you are not in it already.

In /etc/wpa_supplicant/wpa_supplicant.conf, list common names of open networks. Normally the catch-all network that associates with any essid, i.e. the first stanza below, works well. However, occasionally the strongest signal is neither one of the common networks nor an easily accessible network (e.g. web portals), so having a list of common open networks helps to quickly select from among those instead. The more you travel, the more of these will discover and add. Just use reconfigure from wpa_cli to reload your edited list each time you add a new one.

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
network={
        key_mgmt=NONE
}
network={
        ssid="default"
        key_mgmt=NONE
}
network={
        ssid="linksys"
        key_mgmt=NONE
}
...

Since you’ll be using ssh repeatedly to connect and it has to be fast, make sure your server is set up to accept your key and use ssh-add so that you only have to enter your ssh key password once.

You can tweak isc-dhcp-client to make connections faster. In /etc/dhcp/dhclient.conf, use:

backoff-cutoff 1;
initial-interval 1;

Here are a few scripts I wrote to facilitate quick roaming from one open AP to another and reconnect to irssi running in screen, to break a connection and try the next one, and to recover from occasional lockups (more about that later).

~/bin/screen_reconnect

This is a script to reconnect continuously via ssh to a screen session:

#!/bin/sh
reset
while ! ssh -t 10.9.8.7 'screen -UDr' 2>/dev/null ; do echo -n "." ; sleep .1 ; done

Just substitute the IP of your own server here. Using an IP instead of domain name makes the connection faster because a DNS lookup is not required.

~/bin/wifi_reassociate

This script closes any open ssh sessions and informs wpa_supplicant to attempt to connect again.

#/bin/sh
/sbin/wpa_cli rea
killall ssh >/dev/null 2>&1

~/bin/wifi_killall

This optional, somewhat ugly script addresses an issue I hope you never have. On my ASUS Eee PC 1001PX, occasionally scanning stops. When this happens, and I have never figured out why, apparently ACPI events are blocked. At this point wifi becomes unusable and ACPI sleep is inhibited. By trial and error I found that if you bring down the interface, kill all network-related processes, and bring it up again, ACPI events are unblocked and wifi is usable once more (and any pending request to sleep will finally happen). The script requires sudo, and to use the openbox key binding, gksudo.

#/bin/sh
sudo ifdown wlan0
# in case any of these are hung
sudo killall dhclient3
sudo killall wpa_cli
sudo killall wpa_action
sudo killall wpa_supplicant
# in case any of these are *really* hung
sleep 1
sudo killall -9 dhclient3
sudo killall -9 wpa_cli
sudo killall -9 wpa_action
sudo killall -9 wpa_supplicant
sudo dhclient -r
sudo ifup wlan0

Openbox

Since certain actions need to be performed repeatedly and quickly, it is useful to have hotkeys bound in your window manager to the scripts. In ~/.config/openbox/rc.xml, key bindings for <alt>-r to reassociate and <alt>-d to disconnect a hung connection would look like:

  
<keyboard>
  <!-- My keybindings -->
  <keybind key="A-R">
    <action name="Execute">
        <execute>/home/synrg/bin/wifi_reassociate</execute>
    </action>
  </keybind>
  <keybind key="A-D">
    <action name="Execute">
        <execute>gksudo /home/synrg/bin/wifi_killall</execute>
    </action>
  </keybind>
</keyboard>

Putting it together: on the server

There is very little to do here. Just start screen, and start irssi in screen. Running screen on the client as well as the server means you should either bind the screen meta keys to a different key sequence on each system, or else learn to press meta twice to pass through meta to the server screen as needed. I use the latter approach. Alternatively, you could use a tabbed terminal on the client, or separate terminals per client process instead of screen. This is a matter of personal taste.

Ready to roam

Here is a typical setup for roaming on the bus:

In a terminal (I use urxvt), first ssh-add, then start screen with these three processes running in separate virtual terminals:

  • /sbin/wpa_cli
  • screen_reconnect
  • wavemon (optional)

March of the dots

Most of the commute, just enjoy watching the dots march by, waiting for a new connection. If you estimate a connection is unusable, press <alt>-r to reassociate immediately, giving the next network a chance. If the connection is already firmly established, this might not work on the first try. If the dots don’t resume immediately, wait a bit and press it again. This might take a few tries.

Changing selected networks on the fly

Use wpa_cli when you need to do some fine-tuning of network selections on the fly. While normally you can just watch the march of the dots until a connection is acquired, sometimes you can improve your chances of connecting to a good network by manually controlling the selected candidate networks here.

For example, by watching the speed of the bus relative to known “good” APs, you can predict which networks are more likely to succeed. Rather than connect to any arbitrary network, you might select a specific one by id, and then later when it goes out of range, revert to the original configuration, e.g.

> select_network 5
...
> reconfigure

You can use tab-completion in wpa_cli to type these commands quickly or else just abbreviate the commands.

Another common scenario is when you pass through a business area with many captive portal hotspots. These rarely make good choices because they either require a password not known to you or else you can’t click through “I agree” in time before the bus moves on. In this case, you might just disable the catch-all stanza and let the common open network stanzas you listed (“default”, “linksys”, etc.) do the work:

> disable_network 1

Become a type ahead wizard

While running, a continuous stream of periods fills the screen, which provides you with a highly visible cue that no available APs are in range. When the movement stops, you know a connection is being attempted.

While waiting to connect, you can type ahead any comments you want to make in the current irssi window (taking care to remember which one you are in!) While having periods interspersed in what you type may be disorienting at first, you get used to it.

There is a point when a connection is first established and ssh is accepting input, but anything you type can no longer be seen while you’re typing. Depending on whether the connection was completely successful or not, what you type now may or may not finally be sent. For best results, only type ahead before the dots stop moving.

Eventually you can become skilled enough at this to type ahead a comment in one channel, switch channels with /win # and continue typing ahead in the new channel, all buffered until the next few seconds (or even fraction of a second) of connection time.

Fine-tune antenna direction with wavemon

When the bus has come to a standstill, you may find wavemon useful to pull in a weak signal. Because wavemon has continuously updated signal level and link quality bars, you can use it to fine-tune the antenna position. Just turn your laptop until the bars are at their maximum.

Captive portals

I have not figured out how to do any automation for this, so it really is a crapshoot, as it is likely the bus has moved on by the time you’ve managed to manually navigate the login through a captive portal. But in rush hour, you may have the luxury of time to connect to these as you pass them. I have recently learned about the CoovaFX Firefox plugin which automates logins to captive portals. I’m going to give it a try to see if it helps. Update: I can’t recommend this plugin, as it is not compatible with Iceweasel >= 23.0. Also, the standard it is based on, WISPr, appears to have an uncertain future. That, coupled with the fact that the plugin appears to not be open source means I’m still looking for alternatives.

Summary

If all of this sounds a bit nuts to you, well, it probably is. But after half a decade enjoying free access to irc from the bus, it all seems perfectly natural to me! If you try this method and like it, please let me know in the comments. Likewise, if you have any improvements to the process or scripts, please share them!

4 thoughts on “Wifi roaming on the move redux”

  1. Wouldn’t it be simpler to use Tinc VPN + Mosh + Tmux? In case of captive portals, there is always a iodine :)

  2. Tmux vs. Screen does not make things any simpler, just different. I ran a trial of tmux a while back and spent more time trying to make it look and feel like screen than I did actually enjoying any benefits. Ultimately, I went back to screen again.

    I also briefly looked at Mosh. Unless I’ve misunderstood the purpose of Mosh, it is intended for high latency / high packet loss, but that does not extend to sporadic (a few seconds or fraction of a second every several minutes) connectivity in a 20 to 30 minute long commute. I need my screen-oriented UI for irssi to be completely repainted to reflect latest conversations in channel when I finally re-establish a connection. Have you tested this with Mosh?

    I’m not sure what Tinc VPN adds to the mix that ssh doesn’t already give me. Would you please explain?

    And finally, as for Iodine, yes, I know about tunneling over DNS, but I want the maximum bandwidth available to me in the tiny slices of connection time that I end up with. I’m not so much interested in circumventing such portals as simply automatically logging into them. Increasingly, many of these are not password-protected, but merely want you to click through an “I agree” each time. I find that tedious.

    Thanks for your ideas, though. And if you get any of these to work better than my setup, please let me know!

  3. As for Tmux and Screen, it is of course a matter of taste. I started with Screen and then switched to Tmux, never looked back :)
    Mosh can handle connection breaks that last much longer than few seconds: once I’ve opened Mosh session on my laptop, disconnected it, and connected it after few hours, and voila – session has been restored, but you have to have the same IP as before. And this is Tinc for (not to mention extra security layer) – as for P2P VPN, you need to assign private address for your host in VPN network and this address stays the same between reconnections, so when you start your journey, you have to start Tinc daemon and open Mosh session. After Wi-Fi reconnection, you only need to restart Tinc daemon.
    I know that on some public networks VPN ports are blocked, that is why i suggested Iodine, but you’re right, it’s really slow. The question is, is it fast enough for Irssi? :)
    I don’t have idea (yet), how to automate the rest of the process (roaming Wi-Fi connections), but your setup is really clever :)

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>