DEV Community

Darius Juodokas
Darius Juodokas

Posted on • Updated on

Building my own (new) Linux router. WiFi card properties and their explanations (iw phy)

So, long story short, I'm trying to set up my new Linux-based WiFi router. This time I got a mini-PC with a proper PCIe so I could harness the full power of Wi-Fi cards (instead of messing around with USB dongles).

Setting up the WIFI AP is not that difficult if everything works OOTB (OutOfTheBox), but sometimes it just doesn't. In this endeavour iw is the go-to tool to figure out what's happening and to make things right. Simply put, iw is a CLI tool to access the wireless card's settings. iw phy allows us to see what these settings are.

Every time I have to dive into this output I feel like a 5-year-old at a chemistry lab - I have no clue what to look at and what means what. This time I decided to figure each line out with the help of ChatGPT, Google Bard and some manual googling. Bear in mind, that I'm not a wifi-savvy person and I only changed ChatGPT's responses with manual Google searches that felt "weak" to me, but I don't believe I've detected all of them.

FTR: my Wi-Fi card is: Intel 8265NGW

Here's the full output.

# iw phy
Wiphy phy0                                     ## name/ID of the device: phy0
        wiphy index: 0                         ## index of the device: 0 (hence phy*0*)
        max # scan SSIDs: 20                   ## during a scan, this card can detect up to 20 SSIDs (Wi-Fi devices)
        max scan IEs length: 422 bytes         ## during scan, this card can receive up to 422b of InformationElements (IE) from each SSID/device. Examples of IEs: SSID, supported data rates (1Mbps, 6Mbps, etc.), BSSID (MAC), security information (WPA2-PSK, WPA3-Enterprise, etc.), channel and frequency information, vendor-specific (proprietary) information, country code (specifies which Wi-Fi channels are allowed for use), signal strength (dBm) and noise levels (dB) (to assess signal quality), HighThroughput capabilities, extended capabilities, etc. -- all this information must fit within 422 bytes
        max # sched scan SSIDs: 20             ## this card can schedule periodic scans for up to 20 different Wi-Fi networks. During each scheduled scan cycle, it will send scan requests for these 20 SSIDs to detect and update information about those networks
        max # match sets: 11                   ## match set is a collection of conditions or criteria that a Wi-Fi device uses to determine which network to connect to when multiple Wi-Fi networks are available. Each match set can include specific parameters like SSID (network name), security type, signal strength, and other network characteristics. This card can evaluate up to 11 match sets
        Retry short limit: 7                   ## short frames typically carry less data and are used for low-data-rate transmissions or control purposes in a Wi-Fi network. If a short frame transmission fails (e.g., due to interference or collisions), the Wi-Fi device will make up to 7 retry attempts before considering the transmission as failed.
        Retry long limit: 4                    ## long frames usually carry more extensive data, such as data packets or larger information payloads. If a long-frame transmission fails, the Wi-Fi device will make up to 4 retry attempts before deeming the transmission unsuccessful
                                               ## These retry limits are part of the error recovery mechanism in Wi-Fi networks. They are designed to improve the chances of successfully transmitting frames in noisy or congested environments by allowing multiple retry attempts. After reaching the retry limit without a successful transmission, the Wi-Fi device typically backs off and may choose a different channel or adjust its transmission parameters. 
                                               ## These values are configurable in Wi-Fi devices to some extent, but they are often set to specific defaults by Wi-Fi standards and the device's firmware. The purpose of these retry limits is to strike a balance between maximizing successful transmissions and avoiding excessive network congestion due to repeated retries.
        Coverage class: 0 (up to 0m)           ## this device's driver says the device's coverage range is 0 meters (very small). I don't know why it says so. It can be increased with `iw phy0 set distance <meters>`. However, increasing coverage also increases ACK timeouts (physical distance is longer so the signal may take longer to travel), effectively reducing throughput
        Device supports RSN-IBSS.              ## RSN (Robust Security Network) is a set of security protocols and mechanisms used in Wi-Fi networks to provide robust security features, including data encryption, authentication, and data integrity protection. RSN is often associated with the WPA2 (Wi-Fi Protected Access 2) security standard, which is widely used to secure Wi-Fi communications. IBSS (Independent Basic Service Set) is a mode of operation in Wi-Fi where devices communicate with each other directly in an ad-hoc or peer-to-peer manner, without the need for a central access point (AP). In an IBSS network, devices connect directly to each other without the infrastructure of a traditional Wi-Fi network
        Device supports AP-side u-APSD.        ## it means that the access point (AP) is capable of managing u-APSD (unscheduled Automatic Power Save Delivery) for connected Wi-Fi clients. In other words, the AP can control and optimize the power-saving features for connected devices, allowing them to enter and exit power-saving mode as needed. APSD is a mechanism that allows Wi-Fi devices to enter a power-saving mode when they are not actively transmitting or receiving data. It helps conserve battery life in devices like laptops and smartphones, improves QoS
        Supported Ciphers:                     ## encryption algorithms that a Wi-Fi device or network supports for securing wireless communications. These cyphers are used to encrypt data to protect it from unauthorized access or interception. Different Wi-Fi security protocols support various ciphers
                * WEP40 (00-0f-ac:1)           ## WEP (Wired Equivalent Privacy) encryption protocol with a 40-bit key length and a specific hexadecimal identifier (00-0f-ac:1). WEP supports different key lengths, with 40-bit and 104-bit being common options. A longer key is generally more secure than a shorter one, but WEP's security weaknesses are not solely due to key length
                * WEP104 (00-0f-ac:5)          ## WEP (Wired Equivalent Privacy) encryption protocol with a 104-bit key length and a specific hexadecimal identifier (00-0f-ac:5). 
                * TKIP (00-0f-ac:2)            ## refers to a specific configuration of the TKIP (Temporal Key Integrity Protocol) encryption protocol with a specific hexadecimal identifier (00-0f-ac:2). TKIP is used in WPA standard, which is considered outdated and insecure. It's better to look for AES (CCMP)-based standard support, like WPA2 or WPA3
                * CCMP-128 (00-0f-ac:4)        ## CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) encryption protocol with 128-bit encryption key (which is a strong level of encryption; CCMP can also support 256-bit keys) and a specific hexadecimal identifier (00-0f-ac:4)
                * CMAC (00-0f-ac:6)            ## CMAC is a cryptographic algorithm used for message authentication and integrity verification. It is a type of MAC (Message Authentication Code) algorithm that uses a block cypher, such as AES (Advanced Encryption Standard), to generate authentication codes for messages.
        Available Antennas: TX 0x3 RX 0x3      ## this card has 4 antennas available: 2 for transmitting (TX) and 2 for receiving (RX) a signal. This is a binary addition. 0x1 = left, 0x2 = right, 0x3 = left & right
        Configured Antennas: TX 0x3 RX 0x3     ## this card is configured to use all 4 antennas it has available: 2 for transmitting (TX) and 2 for receiving (RX) a signal
        Supported interface modes:             ## different operating modes or configurations that a network interface or wireless adapter is capable of supporting. These modes determine how the network interface interacts with the network and the types of functions it can perform. Different network interfaces may support various interface modes, depending on their capabilities and intended use
                 * IBSS                        ## Ad-Hoc (IBSS) mode allows devices to connect directly to each other in a peer-to-peer manner without the need for a central access point (AP). It's commonly used for creating ad-hoc networks for file sharing or gaming
                 * managed                     ## this mode is often used for standard client devices like laptops and smartphones. In "Managed" mode, the device connects to a wireless access point (AP) to access the network
                 * AP                          ## this card can function as an Access Point, allowing it to create its own wireless network to which other devices can connect. This mode is used to set up Wi-Fi hotspots.
                 * AP/VLAN                     ## dynamic wireless VLANs ("dynamic VLAN" in hostapd) using MAC address RADIUS authentication. This must be a fairly common scenario - trusted clients (e.g. laptops) with a recognised MAC address join the trusted LAN, whereas anything else (mobile phones, Amazon Echo etc.) go into an untrusted "Hot LAN" with Internet access but not much else. This avoids having to have multiple SSIDs on the wireless AP
                 * monitor                     ## in "Monitor" mode, the network interface passively captures and analyzes wireless traffic without actively participating in a network. This mode is often used for network monitoring, packet analysis, and security testing.
                 * P2P-client                  ## in P2P-client mode, a device operates as a client in a Wi-Fi Direct group. It connects to another device that is functioning as a group owner (P2P-GO) to establish a direct peer-to-peer connection. This mode is similar to how a client device connects to a traditional wireless access point (AP) in a standard Wi-Fi network but in the context of Wi-Fi Direct
                 * P2P-GO                      ## a P2P-GO device is essentially the group leader or access point in a Wi-Fi Direct group. It creates and manages the Wi-Fi Direct group, allowing other devices to connect to it. P2P-GO devices facilitate direct communication between multiple P2P-client devices, enabling peer-to-peer interactions within the group. This mode is useful when one device needs to act as a central point for communication among multiple P2P devices, similar to an access point in a traditional Wi-Fi network
                 * P2P-device                  ## P2P-device mode refers to a Wi-Fi Direct-enabled device that is capable of participating in peer-to-peer connections. This mode is a general designation for devices that can either act as P2P-clients or, in some cases, become P2P-GO devices if needed. P2P-devices can discover and connect to other Wi-Fi Direct-capable devices in the vicinity, regardless of whether they are operating as P2P-GO or P2P-clients
        Band 1:                                ## a specific frequency band within the radio spectrum that is used for wireless communication. The radio spectrum is divided into various frequency bands, each with its own characteristics and applications. In other words, "Band 1" == "Frequency Range 1" (2.4GHz/5GHz/6GHz/...)
                Capabilities: 0x11ef           ## 
                        RX LDPC                ## Low-Density Parity-Check is used for validating integrity of received data streams. This is particularly important in scenarios where the wireless channel may introduce errors or noise during transmission. LDPC can help mitigate these issues and ensure that the received data is as accurate as possible
                        HT20/HT40              ## High Throughput w/ 20MHz/40MHz bandwidth channels. HT20 is the most widely used, mostly in the 2.4GHz band, and HT40 allows to double the throughput. However, it can potentially lead to increased interference and reduced compatibility with older Wi-Fi devices, as it may overlap with neighboring channels, so use it carefully in wifi-crouded areas
                        SM Power Save disabled ## "SM Power Save" (SM stands for Station Management) can be useful in situations where low latency and immediate responsiveness are more critical than power conservation. For example, in real-time applications like online gaming or voice-over-IP (VoIP) calls, you might want to keep "SM Power Save" disabled to ensure minimal delay in data transmission
                        RX HT20 SGI            ## SGI (Short Guard Interval) is enabled for data reception on the 20MHz band. SGI is a short duration of time inserted between symbols or transmissions to avoid interference and overlap. A short guard interval is a more advanced and efficient technique for managing the guard time between symbols. While it can increase throughput, in congested areas ISI (Inter-Symbol-Interference) can increase creating more faulty transmissions and effectively reducing throughput.
                        RX HT40 SGI            ## SGI (Short Guard Interval) is enabled for data reception on the 40MHz band. SGI is a short duration of time inserted between symbols or transmissions to avoid interference and overlap. A short guard interval is a more advanced and efficient technique for managing the guard time between symbols. While it can increase throughput, in congested areas ISI (Inter-Symbol-Interference) can increase creating more faulty transmissions and effectively reducing throughput.
                        TX STBC                ## "Transmit Space-Time Block Coding" is a coding technique used to enhance the robustness of data transmission. STBC involves transmitting multiple copies of the same data symbol across multiple antennas and at different time instants. This redundancy allows the receiver to better recover the transmitted data even in the presence of interference, signal fading, or other impairments. This technique is especially valuable in wireless communication standards that support multiple-input, multiple-output (MIMO) technology, where both the transmitter and receiver have multiple antennas. When "TX STBC" is enabled, the transmitting device (which has multiple antennas) sends multiple versions of the same data symbol, often at slightly different times and with specific phase shifts. The receiving device (which may also have multiple antennas) can use these multiple copies of the transmitted symbol to improve the accuracy of data recovery. STBC is particularly useful in scenarios with fading channels, where the signal strength and quality can vary rapidly due to obstacles or interference. 
                        RX STBC 1-stream       ## the receiving device is configured to use Space-Time Block Coding (STBC) to improve the reception of one data stream. STBC involves sending multiple copies of the same data symbol across multiple antennas and at different times, allowing the receiver to better recover the transmitted data. "1-stream" suggests that the receiver is focused on improving the reception of a single data stream using STBC. The use of STBC can enhance the reliability of data reception, particularly in scenarios where the wireless channel experiences interference, signal fading, or other impairments. "1-stream" indicates that the receiver is configured to receive one data stream. In MIMO technology, a "stream" refers to an independent data transmission or reception path. MIMO systems can have multiple streams, allowing for simultaneous data transmission and reception on multiple spatial paths.
                        Max AMSDU length: 3839 bytes ## an A-MSDU is essentially a way to group multiple data packets (MSDUs) into a single larger frame before transmitting them over the wireless network. This aggregation can offer several benefits, including: Efficiency (aggregating multiple data packets into one frame can reduce the overhead associated with individual packet headers and improve the overall efficiency of data transmission), Reduced Airtime Usage (by transmitting fewer frames with larger payloads, the network can use airtime more efficiently, which can lead to increased throughput), Lower Latency (aggregation can also reduce the latency associated with transmitting multiple small packets, as they are combined into a single frame). In this case, the maximum A-MSDU length is specified as 3839 bytes, which is relatively large and can be useful for optimizing data transmission efficiency in networks that support such frame sizes
                        DSSS/CCK HT40          ## DSSS (Direct Sequence Spread Spectrum) and CCK (Complementary Code Keying), combined with HT40. DSSS is a modulation and encoding technique used in wireless communication. It is an older technology primarily associated with the 802.11b standard, one of the early Wi-Fi standards. DSSS spreads the signal across a wider frequency band by using a pseudorandom spreading code. This technique helps improve the resistance to interference and provides a more robust communication link. CCK is another modulation and encoding technique used in wireless communication, primarily associated with the 802.11b and 802.11g standards. CCK is an improvement over the original DSSS modulation, providing higher data rates and improved performance. DSSS/CCK HT40 could be a legacy configuration, as on modern devices (802.11n and later) more efficient modulation and encoding techniques are used that offer higher data rates, such as those used in 802.11n (HT) or 802.11ac (VHT) (e.g. OFDM, QAM)
                Maximum RX AMPDU length 65535 bytes (exponent: 0x003) ## This specifies the maximum size or length of an A-MPDU frame that can be received within the wireless network. In this case, the maximum length is specified as 65535 bytes. WiFi protocol allows the sender to aggregate multiple AMSDU (also referred to as MPDUs) units into a single AMPDU while allowing CRC checks and retries for each AMSDU within an AMPDU. Thus the WiFi protocol allows us to achieve higher MAC efficiency by transmitting AMPDUs while limiting PERs (Packet Error Rates) and re-transmissions at the AMSDU level. 
                Minimum RX AMPDU time spacing: 4 usec (0x05)          ## This parameter sets the minimum amount of time that should elapse between the reception of consecutive A-MPDU frames - minimum 4 µs (microseconds)
                HT Max RX data rate: 300 Mbps                         ## the maximum data rate achievable when receiving data in HT mode. It's a measure of the device's ability to receive data packets at a rate of 300 megabits per second. 300 Mbps rate is typically associated with devices that support two spatial streams and a 40 MHz channel width. The use of multiple spatial streams and wider channel bandwidths allows for higher data rates. The actual achievable data rate in a Wi-Fi network can vary based on factors such as signal strength, interference, the capabilities of the wireless access point or router, and the quality of the wireless connection. The maximum data rate specified here serves as a theoretical upper limit and may not be sustained under all conditions.
                HT TX/RX MCS rate indexes supported: 0-15             ## the device supports MCS (Modulation and Coding Scheme) rate indexes ranging from 0 to 15. MCS rate indexes define specific combinations of modulation and coding schemes that determine the data rate at which data can be transmitted and received wirelessly. Each MCS rate index corresponds to a particular combination of modulation and coding. In other words, this device can use any of the 16 available MCS rate indexes for both transmission (TX) and reception (RX). MCS index 0 corresponds to the lowest data rate with the simplest modulation and coding. MCS index 15 corresponds to the highest data rate with the most advanced modulation and coding. These MCS rate indexes allow the device to adapt its data rate dynamically based on the current wireless conditions, including signal strength, interference, and noise. When network conditions are favourable, the device can use higher MCS rate indexes to achieve higher data rates, and when conditions are challenging, it can use lower MCS rate indexes for better reliability.
                Bitrates (non-HT):             ## devices that support non-HT (i.e. predating the High Throughput (802.11n) standard) data rates are typically backwards-compatible with older Wi-Fi standards to ensure connectivity with legacy devices and networks. However, when newer devices communicate with each other and with modern Wi-Fi access points, they often use the High Throughput (HT) mode, which offers higher data rates and improved performance.
                        * 1.0 Mbps
                        * 2.0 Mbps (short preamble supported)         ## short preamble is a feature that reduces the preamble length in Wi-Fi frames, allowing for faster transmission but with slightly reduced robustness
                        * 5.5 Mbps (short preamble supported)
                        * 11.0 Mbps (short preamble supported)
                        * 6.0 Mbps
                        * 9.0 Mbps
                        * 12.0 Mbps
                        * 18.0 Mbps
                        * 24.0 Mbps
                        * 36.0 Mbps
                        * 48.0 Mbps
                        * 54.0 Mbps
                Frequencies:                   ## specific radio frequencies or channels used for wireless communication. These frequencies are typically allocated within certain frequency bands by regulatory authorities to avoid interference and ensure the proper functioning of wireless devices
                        * 2412 MHz [1] (22.0 dBm)   ## Frequency: 2412 MHz, Channel Number: 1, Power Level: 22.0 dBm
                        * 2417 MHz [2] (22.0 dBm)
                        * 2422 MHz [3] (22.0 dBm)
                        * 2427 MHz [4] (22.0 dBm)
                        * 2432 MHz [5] (22.0 dBm)
                        * 2437 MHz [6] (22.0 dBm)
                        * 2442 MHz [7] (22.0 dBm)
                        * 2447 MHz [8] (22.0 dBm)
                        * 2452 MHz [9] (22.0 dBm)
                        * 2457 MHz [10] (22.0 dBm)
                        * 2462 MHz [11] (22.0 dBm)
                        * 2467 MHz [12] (22.0 dBm)
                        * 2472 MHz [13] (22.0 dBm)
                        * 2484 MHz [14] (disabled)  ## the "disabled" status means that this specific channel (Channel 14) is not available for use or is not currently enabled. In many regions, Channel 14 is not part of the standard Wi-Fi channel allocation and may have regulatory restrictions. The availability and usage of Channel 14 may vary by country or region
        Band 2:                                ## a specific frequency band within the radio spectrum that is used for wireless communication. The radio spectrum is divided into various frequency bands, each with its own characteristics and applications. In other words, "Band 1" == "Frequency Range 1" (2.4GHz/5GHz/6GHz/...)
                Capabilities: 0x11ef           ## 
                        RX LDPC                ## Low-Density Parity-Check is used for validating the integrity of received data streams. This is particularly important in scenarios where the wireless channel may introduce errors or noise during transmission. LDPC can help mitigate these issues and ensure that the received data is as accurate as possible
                        HT20/HT40              ## High Throughput w/ 20MHz/40MHz bandwidth channels. HT20 is the most widely used, mostly in the 2.4GHz band, and HT40 allows to double the throughput. However, it can potentially lead to increased interference and reduced compatibility with older Wi-Fi devices, as it may overlap with neighbouring channels, so use it carefully in wifi-crowded areas
                        SM Power Save disabled ## "SM Power Save" (SM stands for Station Management) can be useful in situations where low latency and immediate responsiveness are more critical than power conservation. For example, in real-time applications like online gaming or voice-over-IP (VoIP) calls, you might want to keep "SM Power Save" disabled to ensure minimal delay in data transmission
                        RX HT20 SGI            ## SGI (Short Guard Interval) is enabled for data reception on the 20MHz band. SGI is a short duration of time inserted between symbols or transmissions to avoid interference and overlap. A short guard interval is a more advanced and efficient technique for managing the guard time between symbols. While it can increase throughput, in congested areas ISI (Inter-Symbol-Interference) can increase creating more faulty transmissions and effectively reducing throughput.
                        RX HT40 SGI            ## SGI (Short Guard Interval) is enabled for data reception on the 40MHz band. SGI is a short duration of time inserted between symbols or transmissions to avoid interference and overlap. A short guard interval is a more advanced and efficient technique for managing the guard time between symbols. While it can increase throughput, in congested areas ISI (Inter-Symbol-Interference) can increase creating more faulty transmissions and effectively reducing throughput.
                        TX STBC                ## "Transmit Space-Time Block Coding" is a coding technique used to enhance the robustness of data transmission. STBC involves transmitting multiple copies of the same data symbol across multiple antennas and at different time instants. This redundancy allows the receiver to better recover the transmitted data even in the presence of interference, signal fading, or other impairments. This technique is especially valuable in wireless communication standards that support multiple-input, multiple-output (MIMO) technology, where both the transmitter and receiver have multiple antennas. When "TX STBC" is enabled, the transmitting device (which has multiple antennas) sends multiple versions of the same data symbol, often at slightly different times and with specific phase shifts. The receiving device (which may also have multiple antennas) can use these multiple copies of the transmitted symbol to improve the accuracy of data recovery. STBC is particularly useful in scenarios with fading channels, where the signal strength and quality can vary rapidly due to obstacles or interference.
                        RX STBC 1-stream       ## the receiving device is configured to use Space-Time Block Coding (STBC) to improve the reception of one data stream. STBC involves sending multiple copies of the same data symbol across multiple antennas and at different times, allowing the receiver to better recover the transmitted data. "1-stream" suggests that the receiver is focused on improving the reception of a single data stream using STBC. The use of STBC can enhance the reliability of data reception, particularly in scenarios where the wireless channel experiences interference, signal fading, or other impairments. "1-stream" indicates that the receiver is configured to receive one data stream. In MIMO technology, a "stream" refers to an independent data transmission or reception path. MIMO systems can have multiple streams, allowing for simultaneous data transmission and reception on multiple spatial paths.
                        Max AMSDU length: 3839 bytes ## an A-MSDU is essentially a way to group multiple data packets (MSDUs) into a single larger frame before transmitting them over the wireless network. This aggregation can offer several benefits, including: Efficiency (aggregating multiple data packets into one frame can reduce the overhead associated with individual packet headers and improve the overall efficiency of data transmission), Reduced Airtime Usage (by transmitting fewer frames with larger payloads, the network can use airtime more efficiently, which can lead to increased throughput), Lower Latency (aggregation can also reduce the latency associated with transmitting multiple small packets, as they are combined into a single frame). In this case, the maximum A-MSDU length is specified as 3839 bytes, which is relatively large and can be useful for optimizing data transmission efficiency in networks that support such frame sizes
                        DSSS/CCK HT40          ## DSSS (Direct Sequence Spread Spectrum) and CCK (Complementary Code Keying), combined with HT40. DSSS is a modulation and encoding technique used in wireless communication. It is an older technology primarily associated with the 802.11b standard, one of the early Wi-Fi standards. DSSS spreads the signal across a wider frequency band by using a pseudorandom spreading code. This technique helps improve the resistance to interference and provides a more robust communication link. CCK is another modulation and encoding technique used in wireless communication, primarily associated with the 802.11b and 802.11g standards. CCK is an improvement over the original DSSS modulation, providing higher data rates and improved performance. DSSS/CCK HT40 could be a legacy configuration, as on modern devices (802.11n and later) more efficient modulation and encoding techniques are used that offer higher data rates, such as those used in 802.11n (HT) or 802.11ac (VHT) (e.g. OFDM, QAM)
                Maximum RX AMPDU length 65535 bytes (exponent: 0x003)   ## this specifies the maximum size or length of an A-MPDU frame that can be received within the wireless network. In this case, the maximum length is specified as 65535 bytes. WiFi protocol allows the sender to aggregate multiple AMSDU (also referred to as MPDUs) units into a single AMPDU while allowing CRC checks and retries for each AMSDU within an AMPDU. Thus the WiFi protocol allows us to achieve higher MAC efficiency by transmitting AMPDUs while limiting PERs (Packet Error Rates) and re-transmissions at the AMSDU level.
                Minimum RX AMPDU time spacing: 4 usec (0x05)            ## this parameter sets the minimum amount of time that should elapse between the reception of consecutive A-MPDU frames - minimum 4 µs (microseconds)
                HT Max RX data rate: 300 Mbps                           ## the maximum data rate achievable when receiving data in HT mode. It's a measure of the device's ability to receive data packets at a rate of 300 megabits per second. 300 Mbps rate is typically associated with devices that support two spatial streams and a 40 MHz channel width. The use of multiple spatial streams and wider channel bandwidths allows for higher data rates. The actual achievable data rate in a Wi-Fi network can vary based on factors such as signal strength, interference, the capabilities of the wireless access point or router, and the quality of the wireless connection. The maximum data rate specified here serves as a theoretical upper limit and may not be sustained under all conditions.
                HT TX/RX MCS rate indexes supported: 0-15               ## the device supports MCS (Modulation and Coding Scheme) rate indexes ranging from 0 to 15. MCS rate indexes define specific combinations of modulation and coding schemes that determine the data rate at which data can be transmitted and received wirelessly. Each MCS rate index corresponds to a particular combination of modulation and coding. In other words, this device can use any of the 16 available MCS rate indexes for both transmission (TX) and reception (RX). MCS index 0 corresponds to the lowest data rate with the simplest modulation and coding. MCS index 15 corresponds to the highest data rate with the most advanced modulation and coding. These MCS rate indexes allow the device to adapt its data rate dynamically based on the current wireless conditions, including signal strength, interference, and noise. When network conditions are favourable, the device can use higher MCS rate indexes to achieve higher data rates, and when conditions are challenging, it can use lower MCS rate indexes for better reliability.
                VHT Capabilities (0x039071b0): ## VHT (Very High Throughput) capabilities of a wireless networking device, particularly in the context of the 802.11ac or 802.11ax (Wi-Fi 5 or Wi-Fi 6) standard. This notation provides information about the device's VHT capabilities encoded in a hexadecimal (hex) format. 0x039071b0 is a hexadecimal value that encodes various VHT capabilities and parameters. Each digit and group of digits in this hexadecimal value represents a specific capability or setting. To interpret it, you would need to decode the individual bits and fields according to the Wi-Fi standard's specifications
                        Max MPDU length: 3895  ## the maximum MPDU (MAC Protocol Data Unit) length supported by this device in 3895 bytes. Simply put, this device can "speak" in max 3895 B long packets
                        Supported Channel Width: neither 160 nor 80+80 ## the device does not support the wider channel widths of 160 MHz or 80+80 MHz. These wider channel widths are typically associated with high-speed data transmission in the 5 GHz band and are part of the 802.11ac and 802.11ax standards. 160 MHz: A channel width of 160 MHz allows for very high data rates but requires a relatively clean and interference-free wireless environment. It provides a wide frequency range for data transmission. 80+80 MHz: This refers to a channel width configuration where two 80 MHz channels are bonded together to form a wider 160 MHz channel. It also supports high data rates but requires careful channel planning and low interference. The device's inability to support these wider channel widths may be due to hardware limitations or regulatory restrictions
                        RX LDPC                ## Low-Density Parity-Check is used for validating the integrity of received data streams. This is particularly important in scenarios where the wireless channel may introduce errors or noise during transmission. LDPC can help mitigate these issues and ensure that the received data is as accurate as possible
                        short GI (80 MHz)      ## "short Guard Interval" (GI) operates on the 80MHz channel width. It reduces the duration of the guard interval compared to a standard or long guard interval. By reducing the guard interval duration, more data can be transmitted in the same amount of time, increasing the effective data rate. This configuration is commonly associated with high-speed data transmission in modern Wi-Fi standards such as 802.11ac (Wi-Fi 5) and 802.11ax (Wi-Fi 6)
                        TX STBC                ## Transmit Space-Time Block Coding" is a coding technique used to enhance the robustness of data transmission. STBC involves transmitting multiple copies of the same data symbol across multiple antennas and at different time instants. This redundancy allows the receiver to better recover the transmitted data even in the presence of interference, signal fading, or other impairments. This technique is especially valuable in wireless communication standards that support multiple-input, multiple-output (MIMO) technology, where both the transmitter and receiver have multiple antennas. When "TX STBC" is enabled, the transmitting device (which has multiple antennas) sends multiple versions of the same data symbol, often at slightly different times and with specific phase shifts. The receiving device (which may also have multiple antennas) can use these multiple copies of the transmitted symbol to improve the accuracy of data recovery. STBC is particularly useful in scenarios with fading channels, where the signal strength and quality can vary rapidly due to obstacles or interference.
                        SU Beamformee          ## Single-User Beamformee refers to a single user device or client that is the target of a beamforming transmission from the wireless access point or transmitter. Beamforming is a technique used to focus the wireless signal in the direction of the target device, improving signal strength and quality for that specific device.
                        MU Beamformee          ## Multi-User Beamformee refers to multiple user devices or clients that are collectively the targets of a beamforming transmission. Beamforming technology is used to simultaneously improve signal strength and quality for multiple devices in different directions, allowing for better performance in a multi-user environment.
                VHT RX MCS set:                ## This set specifies the MCS (Modulation and Coding Scheme) rates that a wireless device or access point can use to receive (RX) data in the VHT (associated with the 802.11ac (Wi-Fi 5) and 802.11ax (Wi-Fi 6) standards) mode. It includes a range of MCS values, typically from the lowest supported MCS (lower data rate) to the highest supported MCS (higher data rate). MCS defines the combination of modulation and coding used to transmit and receive data wirelessly. Higher MCS values typically represent higher data rates with more complex modulation and coding schemes. For example, a VHT RX MCS set might include values such as MCS 0 (lowest data rate) to MCS 9 (highest data rate) for 802.11ac. Each MCS value represents a specific combination of modulation and coding that allows for data transmission at a particular rate.
                        1 streams: MCS 0-9     ## when the device receives data using a single spatial stream, it supports MCS rates ranging from 0 to 9. Each MCS value corresponds to a specific combination of modulation and coding that allows for data transmission at a particular rate. As you go from MCS 0 to MCS 9, the data rate generally increases
                        2 streams: MCS 0-9     ## when the device receives data using two spatial streams, it also supports MCS rates ranging from 0 to 9. This provides flexibility for higher data rates when using multiple spatial streams, as compared to a single stream.
                        3 streams: not supported ## the device does not support three (or more) spatial streams for receiving data in the VHT mode. Three or more spatial streams are often used to achieve even higher data rates, but this device is limited to supporting up to two streams.
                        4 streams: not supported
                        5 streams: not supported
                        6 streams: not supported
                        7 streams: not supported
                        8 streams: not supported
                VHT RX highest supported: 0 Mbps ## the device's highest supported receive data rate in Very High Throughput (VHT) mode is reported as 0 Mbps. This seems to be a contradiction or an anomaly. Could be a driver bug
                VHT TX MCS set:                ## This set specifies the MCS (Modulation and Coding Scheme) rates that a wireless device or access point can use to transmit (TX) data in the VHT (associated with the 802.11ac (Wi-Fi 5) and 802.11ax (Wi-Fi 6) standards) mode. It includes a range of MCS values, typically from the lowest supported MCS (lower data rate) to the highest supported MCS (higher data rate). MCS defines the combination of modulation and coding used to transmit and receive data wirelessly. Higher MCS values typically represent higher data rates with more complex modulation and coding schemes. For example, a VHT RX MCS set might include values such as MCS 0 (lowest data rate) to MCS 9 (highest data rate) for 802.11ac. Each MCS value represents a specific combination of modulation and coding that allows for data transmission at a particular rate.
                        1 streams: MCS 0-9     ## when the device transmits data using a single spatial stream, it supports MCS rates ranging from 0 to 9. Each MCS value corresponds to a specific combination of modulation and coding that allows for data transmission at a particular rate. As you go from MCS 0 to MCS 9, the data rate generally increases
                        2 streams: MCS 0-9     ## when the device transmits data using two spatial streams, it also supports MCS rates ranging from 0 to 9. This provides flexibility for higher data rates when using multiple spatial streams, as compared to a single stream.
                        3 streams: not supported ## the device does not support three (or more) spatial streams for transmitting data in the VHT mode. Three or more spatial streams are often used to achieve even higher data rates, but this device is limited to supporting up to two streams.
                        4 streams: not supported
                        5 streams: not supported
                        6 streams: not supported
                        7 streams: not supported
                        8 streams: not supported
                VHT TX highest supported: 0 Mbps ## the device's highest supported transmitted data rate in Very High Throughput (VHT) mode is reported as 0 Mbps. This seems to be a contradiction or an anomaly. Could be a driver bug
                Bitrates (non-HT):             ## devices that support non-HT (i.e. predating the High Throughput (802.11n) standard) data rates are typically backwards-compatible with older Wi-Fi standards to ensure connectivity with legacy devices and networks. However, when newer devices communicate with each other and with modern Wi-Fi access points, they often use the High Throughput (HT) mode, which offers higher data rates and improved performance.
                        * 6.0 Mbps
                        * 9.0 Mbps
                        * 12.0 Mbps
                        * 18.0 Mbps
                        * 24.0 Mbps
                        * 36.0 Mbps
                        * 48.0 Mbps
                        * 54.0 Mbps
                Frequencies:                                                ## frequencies this device can operate in. Frequencies are assigned to particular channels, hence the format: {FREQ} MHz [{CHAN}] ({STRENGTH} dBm) ({..FLAGS}). Flags refer to restrictions applied to each channel. Restrictions can be either enforced by the manufacturer (hardware), the driver or the user (configurable). Configurable restrictions mostly are linked to the country the device operates in, as each country may have its own restrictions. See `iw reg get` below
                        * 5180 MHz [36] (22.0 dBm) (no IR)                  ## on channel 36 this device operates in 5180MHz frequency at 22.0dBm strength. There's a "no IR" (no InitiatingRadiation) flag applied to this channel, meaning the device cannot initiate radiation on this frequency, meaning it cannot act as an AP on channel 36.
                        * 5200 MHz [40] (22.0 dBm) (no IR)
                        * 5220 MHz [44] (22.0 dBm) (no IR)
                        * 5240 MHz [48] (22.0 dBm) (no IR)
                        * 5260 MHz [52] (22.0 dBm) (no IR, radar detection) ## on channel 52 this device operates in 5260MHz frequency at 22.0dBm strength. There are two flags restricting this channel: "no IR" (see above, chan. 36) and "radar detection". The RadarDetection flag means that DFS restrictions apply to this frequency. These are regulatory restrictions and a subject to jurisdiction/country regulations. Not all devices support DFS. Effectively, channel 52 cannot be used for AP due to the "no IR" flag; even if this restriction wasn't there, the AP would have to operate in a more complicated DSF mode, assuming it is supported by the hardware/firmware/driver.
                                                                            ## DFS-enabled Wi-Fi access points (APs) continuously monitor the frequency band they are operating in (usually the 5 GHz band) for radar signals. Radar systems, including weather radar and military radar, use this same frequency band for their operations. When a DFS-enabled AP detects a radar signal on its operating channel, it takes specific actions to avoid interference with the radar system. The AP immediately stops transmitting on the detected channel to avoid interfering with the radar signal. This is critical because radar systems operate at much higher power levels than Wi-Fi devices and can be disrupted by Wi-Fi transmissions. After vacating the channel, the AP selects a new channel from a DFS channel list. This list typically includes channels that are not in use by radar systems and are considered safe for Wi-Fi operation. Once the AP has switched to a new channel, it can resume normal Wi-Fi operation, including serving client devices and transmitting data.
                        * 5280 MHz [56] (22.0 dBm) (no IR, radar detection)
                        * 5300 MHz [60] (22.0 dBm) (no IR, radar detection)
                        * 5320 MHz [64] (22.0 dBm) (no IR, radar detection)
                        * 5340 MHz [68] (disabled)                          ## channel 68 with 5340MHz frequency is disabled and cannot be used on this device
                        * 5360 MHz [72] (disabled)
                        * 5380 MHz [76] (disabled)
                        * 5400 MHz [80] (disabled)
                        * 5420 MHz [84] (disabled)
                        * 5440 MHz [88] (disabled)
                        * 5460 MHz [92] (disabled)
                        * 5480 MHz [96] (disabled)
                        * 5500 MHz [100] (22.0 dBm) (no IR, radar detection)
                        * 5520 MHz [104] (22.0 dBm) (no IR, radar detection)
                        * 5540 MHz [108] (22.0 dBm) (no IR, radar detection)
                        * 5560 MHz [112] (22.0 dBm) (no IR, radar detection)
                        * 5580 MHz [116] (22.0 dBm) (no IR, radar detection)
                        * 5600 MHz [120] (22.0 dBm) (no IR, radar detection)
                        * 5620 MHz [124] (22.0 dBm) (no IR, radar detection)
                        * 5640 MHz [128] (22.0 dBm) (no IR, radar detection)
                        * 5660 MHz [132] (22.0 dBm) (no IR, radar detection)
                        * 5680 MHz [136] (22.0 dBm) (no IR, radar detection)
                        * 5700 MHz [140] (22.0 dBm) (no IR, radar detection)
                        * 5720 MHz [144] (22.0 dBm) (no IR, radar detection)
                        * 5745 MHz [149] (22.0 dBm) (no IR)
                        * 5765 MHz [153] (22.0 dBm) (no IR)
                        * 5785 MHz [157] (22.0 dBm) (no IR)
                        * 5805 MHz [161] (22.0 dBm) (no IR)
                        * 5825 MHz [165] (22.0 dBm) (no IR)
                        * 5845 MHz [169] (disabled)
                        * 5865 MHz [173] (disabled)
                        * 5885 MHz [177] (disabled)
                        * 5905 MHz [181] (disabled)
        Supported commands:                    ## a list of commands supported by this device. Basically, it's a list of things you can do with this network card. These commands provide a wide range of functionality for managing and configuring wireless networking on a Linux system. They are typically used with utilities like `iw`, `wpa_supplicant`, or other wireless management tools to control various aspects of wireless networking, including connecting to Wi-Fi networks, configuring access points, and managing mesh networks, among other tasks
                 * new_interface               ## create a new wireless network interface
                 * set_interface               ## configure settings for a wireless network interface
                 * new_key                     ## create a new encryption key for securing wireless communication
                 * start_ap                    ## start an access point (AP) for creating a Wi-Fi hotspot
                 * new_station                 ## add a new station (client) to an access point or wireless network
                 * new_mpath                   ## create a new mesh path for mesh networking
                 * set_mesh_config             ## configure settings for a mesh network
                 * set_bss                     ## configure settings for a Basic Service Set (BSS), which represents a single wireless network
                 * authenticate                ## authenticate a client device to the network
                 * associate                   ## associate a client device with the network
                 * deauthenticate              ## deauthenticate a client device from the network
                 * disassociate                ## disassociate a client device from the network
                 * join_ibss                   ## join an Independent Basic Service Set (IBSS), often used for ad-hoc wireless networking
                 * join_mesh                   ## join a mesh network
                 * remain_on_channel           ## request to remain on a specific channel for a certain duration
                 * set_tx_bitrate_mask         ## configure a bitmask for selecting transmit data rates
                 * frame                       ## send a custom frame or packet over the wireless network
                 * frame_wait_cancel           ## send a custom frame and wait for a response or cancel it
                 * set_wiphy_netns             ## set the wireless network namespace for a device
                 * set_channel                 ## set the operating channel for a wireless interface
                 * start_sched_scan            ## start a scheduled Wi-Fi scan
                 * probe_client                ## probe a client device on the network
                 * set_noack_map               ## configure the No Acknowledgment (NoAck) map to improve performance
                 * register_beacons            ## register custom beacon frames for broadcasting
                 * start_p2p_device            ## start a peer-to-peer (P2P) device for Wi-Fi Direct communication
                 * set_mcast_rate              ## set the multicast rate for data transmission
                 * connect                     ## connect to a wireless network
                 * disconnect                  ## disconnect from a wireless network
                 * channel_switch              ## switch the operating channel of a wireless interface
                 * set_qos_map                 ## set Quality of Service (QoS) mapping settings
                 * add_tx_ts                   ## add a transmission timestamp
                 * set_multicast_to_unicast    ## configure multicast-to-unicast conversion
        WoWLAN support:                        ## Wake-on-Wireless-LAN (WoWLAN) capabilities and features supported by a network interface or wireless device. WoWLAN allows a computer or device to remain in a low-power state while still being able to wake up or respond to specific network-related events. These WoWLAN features are useful for scenarios where you want a device to conserve power but still be responsive to network activity or specific network events. For example, it can be valuable for laptops or mobile devices to save battery power while remaining connected to a network, waking up only when needed for network-related tasks or communication.
                 * wake up on disconnect       ## the device can wake up from a low-power state when it disconnects from a wireless network.
                 * wake up on magic packet     ## the device can wake up in response to a "magic packet," which is a specially formatted network packet that is used to wake up a sleeping or powered-off device remotely
                 * wake up on pattern match, up to 20 patterns of 16-128 bytes,
                   maximum packet offset 0 bytes    ## the device can wake up when it detects specific patterns in incoming network traffic. It supports up to 20 patterns of 16-128 bytes each, with a maximum packet offset of 0 bytes.
                 * can do GTK rekeying         ## the device can perform Group Temporal Key (GTK) rekeying, which is a security feature for maintaining encryption keys in a wireless network
                 * wake up on GTK rekey failure     ## the device can wake up when there is a failure in the GTK rekeying process, which may be related to security issues or key rotation
                 * wake up on EAP identity request  ## the device can wake up when it receives an Extensible Authentication Protocol (EAP) identity request, often used in the authentication process for secure network access
                 * wake up on 4-way handshake  ## the device can wake up when it detects a 4-way handshake, which is part of the process of establishing a secure connection in WPA/WPA2-protected networks
                 * wake up on rfkill release   ## the device can wake up when the hardware or software rfkill (radio frequency kill) switch is released or disabled, allowing the device's radio to be re-enabled
                 * wake up on network detection, up to 11 match sets ## the device can wake up when it detects specific network-related events or conditions. It supports up to 11 match sets for network detection
        software interface modes (can always be added): ## 
                 * AP/VLAN                     ## dynamic wireless VLANs ("dynamic VLAN" in hostapd) using MAC address RADIUS authentication. This must be a fairly common scenario - trusted clients (e.g. laptops) with a recognised MAC address join the trusted LAN, whereas anything else (mobile phones, Amazon Echo etc.) goes into an untrusted "Hot LAN" with Internet access but not much else. This avoids having to have multiple SSIDs on the wireless AP
                 * monitor                     ## in "Monitor" mode, the network interface passively captures and analyzes wireless traffic without actively participating in a network. This mode is often used for network monitoring, packet analysis, and security testing.
        valid interface combinations:          ## allowable combinations of different interface modes for a wireless network interface. These combinations are defined based on the capabilities and limitations of the hardware and the wireless driver. These restrictions are in place to ensure that the operation of the wireless interfaces is within the capabilities of the hardware and to prevent conflicts or excessive interference that could degrade network performance. For example, a typical configuration might involve one network interface in managed mode for connecting to a Wi-Fi network, one in AP mode for creating a hotspot, and one in P2P client or P2P-GO mode for Wi-Fi Direct communication
                 * #{ managed } <= 1, #{ AP, P2P-client, P2P-GO } <= 1, #{ P2P-device } <= 1,
                   total <= 3, #channels <= 2  ## `#{ managed } <= 1`: This part indicates that there can be a maximum of one network interface in "managed" mode. Managed mode is the typical client mode used for connecting to Wi-Fi networks. `#{ AP, P2P-client, P2P-GO } <= 1`: This part specifies that there can be a maximum of one network interface in any of the following modes: Access Point (AP), Peer-to-Peer (P2P) client mode, or P2P Group Owner (P2P-GO) mode. These modes are often associated with creating or participating in Wi-Fi networks. `#{ P2P-device } <= 1`: This part states that there can be a maximum of one network interface in P2P device mode. P2P device mode is used for Wi-Fi Direct communication between devices. `total <= 3`: The total number of network interfaces across all modes should not exceed three. This means that you can have up to three network interfaces in various modes simultaneously. `#channels <= 2`: The total number of different Wi-Fi channels used by all interfaces should not exceed two. This is likely in consideration of channel availability and potential interference issues.
        HT Capability overrides:               ## these properties allow to configure specific parameters related to High Throughput (HT) capabilities for a wireless network interface. These settings can be used to modify or override default behaviour and fine-tune the behaviour of the HT features
                 * MCS: ff ff ff ff ff ff ff ff ff ff ## each value (ff) corresponds to a Modulation and Coding Scheme index, which represents a specific combination of modulation and coding used for data transmission. Specifying specific MCS rates allows to control the allowed data rates for transmissions
                 * maximum A-MSDU length       ## this parameter allows to set the maximum length of an Aggregated MAC Service Data Unit (A-MSDU), which is a frame aggregation technique used to improve efficiency in data transmission
                 * supported channel width     ## this setting allows you to specify the supported channel width. Channel width determines how much frequency spectrum is allocated for data transmission. We can configure this parameter to support specific channel widths, such as 20 MHz or 40 MHz.
                 * short GI for 40 MHz         ## "GI" stands for "Guard Interval," which is a time interval between symbols to prevent interference and signal overlap. This parameter enables or disables the use of a short Guard Interval (GI) when using a 40 MHz channel width. A short GI can improve data transmission efficiency by reducing the GI duration.
                 * max A-MPDU length exponent  ## this parameter sets the maximum length of an Aggregated MAC Protocol Data Unit (A-MPDU), which is another frame aggregation technique. We can configure this parameter to control the maximum size of A-MPDU frames.
                 * min MPDU start spacing      ## this parameter specifies the minimum spacing between the start of consecutive MPDUs (MAC Protocol Data Units) in an A-MPDU. It can be configured to meet specific requirements or constraints of the wireless network.
        Device supports TX status socket option.                         ## supports SO_WIFI_STATUS option, defined in Linux kernel's `/usr/include/asm-generic/socket.h`. This option allows to access packet delivery information (e.g. ACK timestamp)
        Device supports HT-IBSS.                                         ## the device can create or join ad-hoc wireless networks that take advantage of the enhanced data rates and features provided by the 802.11n standard. High Throughput Independent Basic Service Set (HT-IBSS) is an extension of the traditional Independent Basic Service Set (IBSS) mode, which is commonly known as ad-hoc mode. In ad-hoc mode, devices can connect to each other directly without the need for a central access point (AP). HT-IBSS mode is commonly used in scenarios where devices need to communicate with each other in a peer-to-peer fashion without relying on a centralized access point. This mode is suitable for applications like file sharing, gaming, or communication between devices in a temporary or ad-hoc network. 
        Device supports SAE with AUTHENTICATE command                    ## this corresponds to `NL80211_FEATURE_SAE` wiphy feature. Related to WPA3 and WiFi 6
        Device supports low priority scan.                               ## Low-priority scans are a type of Wi-Fi scan that are performed with lower urgency or priority compared to regular or high-priority scans. During a low-priority scan, the device may prioritize tasks such as maintaining an existing network connection or conserving power over actively searching for new networks. Support for low-priority scans can be beneficial in scenarios where power efficiency, background network discovery, or coexistence with other wireless tasks is essential. It allows the device to manage scanning in a way that aligns with its operational priorities
        Device supports scan flush.                                      ## Scan flush refers to the ability to cancel or prematurely terminate an ongoing Wi-Fi scan. When a scan flush operation is initiated, any ongoing scans are halted, and the scanning process is interrupted
        Device supports per-vif TX power setting                         ## the device has the capability to adjust and configure the transmit (TX) power settings on a per-virtual interface (vif) basis. This feature allows for independent control of the transmission power for each virtual interface on the device
        P2P GO supports CT window setting                                ## the device can configure and adjust the CT (Channel Time) window setting. This feature allows the Group Owner to control how much time is allocated for channel-switching operations
        P2P GO supports opportunistic powersave setting                  ## this device can enable or configure opportunistic power-saving settings. Opportunistic power-saving is a feature designed to reduce power consumption in Wi-Fi devices when they are not actively transmitting or receiving data. Opportunistic power-saving is a mechanism in Wi-Fi networks that allows devices to enter a low-power sleep mode when they are not actively communicating over the network
        Driver supports full state transitions for AP/GO clients         ## 
        Driver supports a userspace MPM                                  ## this device can work with a userspace MPM (Multi-Path Manager) component. MPM is a networking feature that manages the aggregation of multiple paths or connections to optimize network performance and reliability. Userspace MPM can coordinate the use of multiple network interfaces or paths for various purposes, such as load balancing, failover, or improved throughput
        Driver/device bandwidth changes during BSS lifetime (AP/GO mode) ## this card can dynamically adjust its bandwidth or channel width during the lifetime of a Basic Service Set (BSS) in Access Point (AP) or Group Owner (GO) mode. The BSS encompasses the area covered by a single AP or GO, and it defines the network's operational characteristics. The network device can adjust its channel width or bandwidth in response to changing network conditions, usage patterns, or requirements. Wi-Fi networks can operate with different channel widths, including 20 MHz, 40 MHz, 80 MHz, and 160 MHz, depending on the specific Wi-Fi standard (e.g., 802.11n, 802.11ac, 802.11ax). Dynamic bandwidth adjustment allows the device to switch between these channel widths as needed. 
        Device adds DS IE to probe requests                              ## this card includes a DS (Distribution System) Information Element (IE) in the probe requests it sends during Wi-Fi scanning. A probe request is a message sent by a client device to discover nearby wireless networks. These requests are used by client devices to identify available access points (APs) and initiate the process of associating with a specific AP. It means that the client device includes information about the channel it is currently using in the probe requests it broadcasts. This information helps APs and other devices understand which channel the client is operating on
        Device can update TPC Report IE                                  ## this card can update or modify the TPC (Transmit Power Control) Report Information Element (IE) in its communication with other devices on a Wi-Fi network. The TPC Report IE is used to convey information about the device's transmit power control capabilities and settings. TPC allows devices to dynamically adjust their transmit power levels based on network conditions. It helps in optimizing the coverage, minimizing interference, and conserving power
        Device supports static SMPS                                      ## static SMPS (Spatial Multiplexing Power Save) is a power-saving mode in which the device uses a fixed spatial multiplexing mode for data transmission. Spatial multiplexing is a technique that allows multiple data streams to be transmitted simultaneously over different spatial channels (antennas) to improve data throughput. In Static SMPS, the device uses a predetermined spatial multiplexing mode, typically either "Spatial Multiplexing" (MIMO) or "Spatial Multiplexing, High Rate" (MIMO, HR), to transmit data. This mode is static because it remains fixed and does not change dynamically based on network conditions
        Device supports dynamic SMPS                                     ## dynamic SMPS (Spatial Multiplexing Power Save) is a power-saving mode in which the device can dynamically adjust its spatial multiplexing mode based on network conditions and data traffic. When network traffic is low or idle, the device may switch to a lower spatial multiplexing mode (e.g., from MIMO to SISO) to conserve power. When network traffic increases, the device may switch to a higher spatial multiplexing mode to improve data throughput. Dynamic SMPS allows the device to adapt its power-saving behaviour to the current network workload.
        Device supports WMM-AC admission (TSPECs)                        ## this card supports the use of Traffic Specification (TSPEC) as a part of the Wi-Fi Multimedia (WMM) Admission Control (AC) mechanism. WMM-AC is a quality of service (QoS) mechanism in Wi-Fi networks that allows for prioritization and management of different types of traffic based on their specific requirements. AC involves the process of determining whether a new traffic flow or stream can be admitted to the network without negatively impacting existing traffic flows. TSPEC allows a device or application to request specific QoS parameters for a new traffic flow. TSPECs provide detailed information about the traffic's characteristics, such as the desired data rate, traffic pattern, and timing requirements. Effectively, this card can receive and process TSPEC requests from other devices or applications; make TSPEC requests to request specific QoS parameters for its traffic flows; engage in the admission control process, which involves evaluating TSPEC requests to determine whether a new traffic flow can be admitted while maintaining QoS for existing flows
        Device supports configuring vdev MAC-addr on create.             ## this card can configure the MAC (Media Access Control) address for a virtual device (vdev) when creating or setting up that virtual device.  Vdev allows multiple logical interfaces to share a single physical network interface. This capability provides flexibility in network configuration by allowing you to specify the MAC address for virtual devices, which can be useful for various networking scenarios, including virtualization and network testing (MAC spoofing)
        Device supports randomizing MAC-addr in scans.                   ## Randomizing the MAC address during scans helps protect user privacy by making it more difficult for passive observers to track and profile a device based on its MAC address. MAC address randomization is a privacy enhancement because it prevents third parties, such as Wi-Fi access points and tracking entities, from consistently identifying and tracking a device based on its MAC address. Instead, the device generates a random MAC address for each scan. In some regions or jurisdictions, MAC address randomization may be required or recommended for compliance with privacy regulations.
        Device supports randomizing MAC-addr in sched scans.             ## Randomizing the MAC address during scans helps protect user privacy by making it more difficult for passive observers to track and profile a device based on its MAC address. MAC address randomization is a privacy enhancement because it prevents third parties, such as Wi-Fi access points and tracking entities, from consistently identifying and tracking a device based on its MAC address. Instead, the device generates a random MAC address for each scan. In some regions or jurisdictions, MAC address randomization may be required or recommended for compliance with privacy regulations.
        Device supports randomizing MAC-addr in net-detect scans.        ## Randomizing the MAC address during scans helps protect user privacy by making it more difficult for passive observers to track and profile a device based on its MAC address. MAC address randomization is a privacy enhancement because it prevents third parties, such as Wi-Fi access points and tracking entities, from consistently identifying and tracking a device based on its MAC address. Instead, the device generates a random MAC address for each scan. In some regions or jurisdictions, MAC address randomization may be required or recommended for compliance with privacy regulations.
        max # scan plans: 2                                              ## a scan plan refers to a predefined set of scanning parameters and behaviour that the device can use during Wi-Fi scans. Scans are performed by devices to discover available Wi-Fi networks, access points (APs), and other wireless devices in the vicinity. A scan plan consists of a set of parameters and rules that govern how a device conducts its scanning operations. These parameters include scan interval, scan duration, channels to scan, and more. Scan plans allow for flexibility in how scans are performed and can be used to optimize network discovery, power consumption, and scanning efficiency.
        max scan plan interval: 65535                                    ## 
        max scan plan iterations: 254                                    ## 
        Supported TX frame types:                                        ## 
                 * IBSS: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
                 * managed: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
                 * AP: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
                 * AP/VLAN: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
                 * mesh point: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
                 * P2P-client: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
                 * P2P-GO: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
                 * P2P-device: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
        Supported RX frame types:                                        ## 
                 * IBSS: 0x40 0xb0 0xc0 0xd0
                 * managed: 0x40 0xb0 0xd0
                 * AP: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
                 * AP/VLAN: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
                 * mesh point: 0xb0 0xc0 0xd0
                 * P2P-client: 0x40 0xd0
                 * P2P-GO: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
                 * P2P-device: 0x40 0xd0
        Supported extended features:                                     ## 
                * [ VHT_IBSS ]: VHT-IBSS                                 ## "VHT-IBSS" stands for Very High Throughput Independent Basic Service Set. This feature indicates that the device supports the use of VHT (Very High Throughput) in Independent Basic Service Set (IBSS) mode, also known as ad-hoc mode. VHT is an extension of the IEEE 802.11 standard that provides higher data rates and improved performance compared to earlier Wi-Fi standards. VHT-IBSS means that devices operating in ad-hoc mode can take advantage of these higher data rates.
                * [ RRM ]: RRM                                           ## "RRM" stands for Radio Resource Management. This feature indicates that the device supports Radio Resource Management capabilities. RRM encompasses a set of techniques and mechanisms used in Wi-Fi networks to optimize the allocation and utilization of radio resources, including channels and transmit power, to improve network performance and reliability. The support for Radio Resource Management (RRM) allows the device to participate in dynamic channel selection, transmit power control, and other optimization techniques that contribute to better network performance and reduced interference.
                * [ MU_MIMO_AIR_SNIFFER ]: MU-MIMO sniffer               ## the purpose of a MU-MIMO sniffer is to gather information about MU-MIMO communication, including the number of streams used, devices involved, and the efficiency of the transmissions.
                * [ SCAN_START_TIME ]: scan start timestamp              ## the exact timestamp at which a Wi-Fi scan operation was initiated by the device
                * [ BSS_PARENT_TSF ]: BSS last beacon/probe TSF          ## this card can record and provide information related to the TSF (Timestamp Synchronization Function) of the last beacon or probe response frame received from a specific BSS (Basic Service Set)
                * [ FILS_STA ]: STA FILS (Fast Initial Link Setup)
                * [ FILS_MAX_CHANNEL_TIME ]: FILS max channel attribute override with dwell time
                * [ ACCEPT_BCAST_PROBE_RESP ]: accepts broadcast probe response
                * [ OCE_PROBE_REQ_HIGH_TX_RATE ]: probe request TX at high rate (at least 5.5Mbps)
                * [ OCE_PROBE_REQ_DEFERRAL_SUPPRESSION ]: probe request tx deferral and suppression
                * [ CONTROL_PORT_OVER_NL80211 ]: control port over nl80211
                * [ TXQS ]: FQ-CoDel-enabled intermediate TXQs
                * [ EXT_KEY_ID ]: Extended Key ID support
                * [ CONTROL_PORT_NO_PREAUTH ]: disable pre-auth over nl80211 control port support
                * [ DEL_IBSS_STA ]: deletion of IBSS station support
                * [ SCAN_FREQ_KHZ ]: scan on kHz frequency support
                * [ CONTROL_PORT_OVER_NL80211_TX_STATUS ]: tx status for nl80211 control port support
Enter fullscreen mode Exit fullscreen mode

And the lines referring to "regulatory" matters actually refer to country-specific legal requirements. The WiFi card can be set into a specific country's mode (with all the requirements linked to a country code) in order to apply all the country's regulations/restrictions.

In order to see which country is set to the card (and what regulations are applied to it) use the iw reg get command. To change the country, use the iw reg set CC command, where CC is CountryCode (LT, DE, US, etc.; 00 being "global")

# iw reg get
global                                                                   ## this regulatory domain information applies globally, meaning it is the default regulatory domain for your wireless network interface.
country LT: DFS-ETSI                                                     ## the country code, which in this case is "LT" (Lithuania), and also indicates that it follows the DFS (Dynamic Frequency Selection) rules set by ETSI (European Telecommunications Standards Institute).
        (2400 - 2483 @ 40), (N/A, 20), (N/A)                             ## the 2.4 GHz band, which ranges from 2400 MHz to 2483 MHz, with a channel width of 40 MHz. The numbers in parentheses indicate the maximum allowed transmit power (N/A here), the maximum EIRP (Equivalent Isotropically Radiated Power) limit (20 dBm), and any other special restrictions (N/A).
        (5150 - 5250 @ 80), (N/A, 23), (N/A), NO-OUTDOOR, AUTO-BW        ## for the 5 GHz band, the following is true for the 5150-5250 MHz frequency band: (1) the maximum channel bandwidth is 80 MHz; (2) the maximum transmit power is 23 dBm; (3) outdoor use of this band is not allowed; (4) the channel bandwidth is automatically selected by the device. The `(N/A, 23)` part of the line means that there is no transmit power limit for this band, but the device will not transmit at more than 23 dBm. This is because the regulatory domain in which the device is operating may have a lower transmit power limit. The `AUTO-BW` part of the line means that the device will automatically select the channel bandwidth based on the regulatory domain in which it is operating and the capabilities of the other devices on the network
        (5250 - 5350 @ 80), (N/A, 20), (0 ms), NO-OUTDOOR, DFS, AUTO-BW
        (5470 - 5725 @ 160), (N/A, 26), (0 ms), DFS                      ## the following is true for the 5470-5725 MHz frequency band: (1) the maximum channel bandwidth is 160 MHz; (2) the maximum transmit power is 26 dBm; (3) the device will listen for radar signals before using a channel in this band. The `(N/A, 26)` part of the line means that there is no transmit power limit for this band, but the device will not transmit at more than 26 dBm. This is because the regulatory domain in which the device is operating may have a lower transmit power limit. The `(0 ms)` part of the line means that the device will listen for radar signals for 0 milliseconds before using a channel in this band. This is because the 5470-5725 MHz frequency band is also used by radar systems, and the device needs to avoid interfering with them. The `DFS` part of the line means that the device will use Dynamic Frequency Selection (DFS) to detect and avoid radar signals. DFS is a protocol that allows Wi-Fi devices to use the 5470-5725 MHz frequency band without interfering with radar systems.
        (5725 - 5875 @ 80), (N/A, 13), (N/A)
        (5945 - 6425 @ 160), (N/A, 23), (N/A), NO-OUTDOOR
        (57000 - 66000 @ 2160), (N/A, 40), (N/A)

phy#0 (self-managed)                                                     ## the phy#0 device is managing its own regulatory settings
country 00: DFS-UNSET                                                    ## the country code is set to 00, which is a special code that indicates that the device is not configured to operate in a specific regulatory domain.
        (2402 - 2437 @ 40), (6, 22), (N/A), AUTO-BW, NO-HT40MINUS, NO-80MHZ, NO-160MHZ           ## the following is true for the 2402-2437 MHz frequency band: 
                                                                                                 ## - the maximum channel bandwidth is 40 MHz; 
                                                                                                 ## - the maximum transmit power is 22 dBm;
                                                                                                 ## - outdoor use of this band is allowed;
                                                                                                 ## - the channel bandwidth is automatically selected by the device [AUTO-BW];
                                                                                                 ## - HT40- is not allowed [NO-HT40MINUS]; HT40- is a Wi-Fi technology that allows for 40 MHz channels below the primary channel;
                                                                                                 ## - 80 MHz channels are not allowed [NO-80MHZ];
                                                                                                 ## - 160 MHz channels are not allowed [NO-160MHZ].
                                                                                                 ## The `(N/A)` part of the line means that the transmit power limit for this band is not specified by the regulatory domain.
        (2422 - 2462 @ 40), (6, 22), (N/A), AUTO-BW, NO-80MHZ, NO-160MHZ
        (2447 - 2482 @ 40), (6, 22), (N/A), AUTO-BW, NO-HT40PLUS, NO-80MHZ, NO-160MHZ            ## the following is true for the 2447-2482 MHz frequency band: 
                                                                                                 ## - the maximum channel bandwidth is 40 MHz;
                                                                                                 ## - the maximum transmit power is 22 dBm;
                                                                                                 ## - outdoor use of this band is allowed;
                                                                                                 ## - the channel bandwidth is automatically selected by the device [AUTO-BW];
                                                                                                 ## - HT40+ is not allowed [NO-HT40PLUS]; HT40+ is a Wi-Fi technology that allows for 40 MHz channels above the primary channel;
                                                                                                 ## - 80 MHz channels are not allowed [NO-80MHZ];
                                                                                                 ## - 160 MHz channels are not allowed [NO-160MHZ]; 160 MHz channels are the widest Wi-Fi channels that are currently available.
                                                                                                 ## The `(N/A)` part of the line means that the transmit power limit for this band is not specified by the regulatory domain.
        (5170 - 5190 @ 80), (6, 22), (N/A), NO-OUTDOOR, AUTO-BW, IR-CONCURRENT, NO-HT40MINUS, NO-160MHZ, PASSIVE-SCAN  ## the following is true for the 5170-5190 MHz frequency band:
                                                                                                                       ## - the maximum channel bandwidth is 80 MHz; 
                                                                                                                       ## - the maximum transmit power is 22 dBm; 
                                                                                                                       ## - outdoor use of this band is not allowed [NO-OUTDOOR];
                                                                                                                       ## - the channel bandwidth is automatically selected by the device [AUTO-BW];
                                                                                                                       ## - IR-CONCURRENT is enabled; IR-CONCURRENT is a feature that allows the device to use the same frequency band for both indoor and outdoor communication. This is useful for extending the coverage of a Wi-Fi network
                                                                                                                       ## - HT40- is not allowed [NO-HT40MINUS];
                                                                                                                       ## - 160 MHz channels are not allowed [NO-160MHZ];
                                                                                                                       ## - the device will only passively scan for channels in this band [PASSIVE-SCAN]; this means that the device will not send out any probe requests, but it will listen for beacon frames from other access points. This is useful for conserving battery power and reducing interference.
                                                                                                                       ## The `(6, 22)` part of the line means that there is no transmit power limit for this band, but the device will not transmit at more than 22 dBm. This is because the regulatory domain in which the device is operating may have a lower transmit power limit.
                                                                                                                       ## The `(N/A)` part of the line means that the device will not listen for radar signals before using a channel in the 5170-5190 MHz frequency band. This is because the regulatory domain in which the device is operating may not require it.
        (5190 - 5210 @ 80), (6, 22), (N/A), NO-OUTDOOR, AUTO-BW, IR-CONCURRENT, NO-HT40PLUS, NO-160MHZ, PASSIVE-SCAN
        (5210 - 5230 @ 80), (6, 22), (N/A), NO-OUTDOOR, AUTO-BW, IR-CONCURRENT, NO-HT40MINUS, NO-160MHZ, PASSIVE-SCAN
        (5230 - 5250 @ 80), (6, 22), (N/A), NO-OUTDOOR, AUTO-BW, IR-CONCURRENT, NO-HT40PLUS, NO-160MHZ, PASSIVE-SCAN
        (5250 - 5270 @ 80), (6, 22), (0 ms), DFS, AUTO-BW, NO-HT40MINUS, NO-160MHZ, PASSIVE-SCAN  ## the following is true for the 5250-5270 MHz frequency band:
                                                                                                  ## - the maximum channel bandwidth is 80 MHz;
                                                                                                  ## - the maximum transmit power is 22 dBm;
                                                                                                  ## - the device will listen for radar signals before using a channel in this band [DFS];
                                                                                                  ## - the channel bandwidth is automatically selected by the device [AUTO-BW];
                                                                                                  ## - HT40- is not allowed [NO-HT40MINUS];
                                                                                                  ## - 160 MHz channels are not allowed [NO-160MHZ];
                                                                                                  ## - the device will only passively scan for channels in this band [PASSIVE-SCAN].
                                                                                                  ## The `(0 ms)` part of the line means that the device will listen for radar signals for 0 milliseconds before using a channel in this band. This is because the 5250-5270 MHz frequency band is also used by radar systems, and the device needs to avoid interfering with them.
        (5270 - 5290 @ 80), (6, 22), (0 ms), DFS, AUTO-BW, NO-HT40PLUS, NO-160MHZ, PASSIVE-SCAN
        (5290 - 5310 @ 80), (6, 22), (0 ms), DFS, AUTO-BW, NO-HT40MINUS, NO-160MHZ, PASSIVE-SCAN
        (5310 - 5330 @ 80), (6, 22), (0 ms), DFS, AUTO-BW, NO-HT40PLUS, NO-160MHZ, PASSIVE-SCAN
        (5490 - 5510 @ 80), (6, 22), (0 ms), DFS, AUTO-BW, NO-HT40MINUS, NO-160MHZ, PASSIVE-SCAN
        (5510 - 5530 @ 80), (6, 22), (0 ms), DFS, AUTO-BW, NO-HT40PLUS, NO-160MHZ, PASSIVE-SCAN
        (5530 - 5550 @ 80), (6, 22), (0 ms), DFS, AUTO-BW, NO-HT40MINUS, NO-160MHZ, PASSIVE-SCAN
        (5550 - 5570 @ 80), (6, 22), (0 ms), DFS, AUTO-BW, NO-HT40PLUS, NO-160MHZ, PASSIVE-SCAN
        (5570 - 5590 @ 80), (6, 22), (0 ms), DFS, AUTO-BW, NO-HT40MINUS, NO-160MHZ, PASSIVE-SCAN
        (5590 - 5610 @ 80), (6, 22), (0 ms), DFS, AUTO-BW, NO-HT40PLUS, NO-160MHZ, PASSIVE-SCAN
        (5610 - 5630 @ 80), (6, 22), (0 ms), DFS, AUTO-BW, NO-HT40MINUS, NO-160MHZ, PASSIVE-SCAN
        (5630 - 5650 @ 80), (6, 22), (0 ms), DFS, AUTO-BW, NO-HT40PLUS, NO-160MHZ, PASSIVE-SCAN
        (5650 - 5670 @ 80), (6, 22), (0 ms), DFS, AUTO-BW, NO-HT40MINUS, NO-160MHZ, PASSIVE-SCAN
        (5670 - 5690 @ 80), (6, 22), (0 ms), DFS, AUTO-BW, NO-HT40PLUS, NO-160MHZ, PASSIVE-SCAN
        (5690 - 5710 @ 80), (6, 22), (0 ms), DFS, AUTO-BW, NO-HT40MINUS, NO-160MHZ, PASSIVE-SCAN
        (5710 - 5730 @ 80), (6, 22), (0 ms), DFS, AUTO-BW, NO-HT40PLUS, NO-160MHZ, PASSIVE-SCAN
        (5735 - 5755 @ 80), (6, 22), (N/A), AUTO-BW, IR-CONCURRENT, NO-HT40MINUS, NO-160MHZ, PASSIVE-SCAN
        (5755 - 5775 @ 80), (6, 22), (N/A), AUTO-BW, IR-CONCURRENT, NO-HT40PLUS, NO-160MHZ, PASSIVE-SCAN
        (5775 - 5795 @ 80), (6, 22), (N/A), AUTO-BW, IR-CONCURRENT, NO-HT40MINUS, NO-160MHZ, PASSIVE-SCAN
        (5795 - 5815 @ 80), (6, 22), (N/A), AUTO-BW, IR-CONCURRENT, NO-HT40PLUS, NO-160MHZ, PASSIVE-SCAN
        (5815 - 5835 @ 20), (6, 22), (N/A), AUTO-BW, IR-CONCURRENT, NO-HT40MINUS, NO-HT40PLUS, NO-80MHZ, NO-160MHZ, PASSIVE-SCAN
Enter fullscreen mode Exit fullscreen mode

So, if I run iw reg set LT I should be able to set the card in a Lithuanian mode, effectively applying LT-specific regulations. Unfortunately, the iw reg set command only changes the global section and has no effect on the phy#0 one.

The fact that phy0 claims to be self-managed suggests that it attempts to do things automatically. And that's where is the problem. My card is Intel-based, and its driver uses LAR (Location Aware Regulatory) to automatically detect and apply regional settings to the card. The automation is quite straight forward: look what others are doing and do it yourself. Basically, LAR listens to WiFi beacons transmitted by surrounding APs and looks into them to see what country code they are operating with. And then it sets the same country code. But have you ever run an airodump-ng scan in your apartment/house to see what country codes do the surrounding devices broadcast? I did. I found lots of WiFi APs, and none of them were broadcasting LT (that's where I live - Lithuania): some were DE, some were US, some - CN, but most of them were nomads, i.e. not broadcasting any country code inside their beacons. It's very likely that in an environment like this Intel LAR gets confused and just falls back to the restrictive - Global mode, meaning "no IR". This effectively disallows any of the 5GHz channels to be used for AP (either disabled or with the NO_IR flag). A simple workaround is to unload the iwlwifi module and reload it with LAR disabled: modprobe iwlwifi lar_disable=1. Unfortunately, Intel removed this ability around 2019/2020 and, since Intel maintain their Linux driver themselves (and not the community) and pushes it directly to the Linux kernel's source code, there is nothing we can do at this point. I cannot use this (or any Intel-based) Wi-Fi card as a 5GHz AP on Linux.

So I guess I better go shopping for another vendor's WiFi5/6 card that doesn't use Intel's chipset :/

P.S. The airodump-ng scan is easy to carry out.

# systemctl stop NetworkManager
# iwconfig wlan0 mode monitor   ## wlan0 - that's your WiFi interface's; change it to whatever is in your setup
# airodump-ng --beacons wlan0 --manufacturer --uptime --band a -w /tmp/wifi_dump_5GHz.pcap
# ## ↑↑ let it run for a while
# airodump-ng --beacons wlan0 --manufacturer --uptime -w /tmp/wifi_dump_2GHz.pcap
# ## ↑↑ let it run for a while
# 
# ## Now reenable your wifi interface - back to normal mode
# ifconfig wlan0 down
# iwconfig wlan0 mode managed
# ifconfig wlan0 up
# systemctl restart NetworkManager
Enter fullscreen mode Exit fullscreen mode

Then open the cap files with Wireshark, find Beacon frames and see what country code they broadcast.

Image description

References

Written with StackEdit.

Top comments (0)