Manual:Interworking Profiles: Difference between revisions

From MikroTik Wiki
Jump to navigation Jump to search
mNo edit summary
No edit summary
(20 intermediate revisions by 3 users not shown)
Line 1: Line 1:
{{Warning|This manual is moved to https://help.mikrotik.com/docs/display/ROS/Interworking+Profiles}}
{{Versions|v6}}
=Summary=
=Summary=
===Interworking===
===Interworking===
Interworking is the occurrence of two or more things working together. For devices to work successfully together information must be supplied from one to other. In order to supply more information between access points and client devices than in basic beacons and probe requests, in 2011 new protocol was made: IEEE Std 802.11u™-2011: Interworking with External Networks. With Interworking service network discovery and access point selection process can be enhanced. Client devices can have more criteria upon which to choose the network with which to associate.  
Interworking is the occurrence of two or more things working together. For a better Wireless network experience information about the network must be exchanged between Access Points and Wireless client devices, the information that can be found in basic Wireless beacons and probe requests is limited. For this reason, the IEEE 802.11u™-2011 (Interworking with External Networks) standard was created, that specifies how devices should exchange information between each other. Network discovery and Access Point selection process can be enhanced with the interworking service. Wireless client devices can have more criteria upon which they can choose the network with which to associate.
 
===Hotspot 2.0===
===Hotspot 2.0===
Hotspot 2.0 is a specification developed and owned by Wi-Fi Alliance. It was designed to enable a more cellular-like experience when connecting to Wi-Fi networks. In the attempt to increase wireless network security Hotspot 2.0 access points use mandatory WPA2 authentication.
Hotspot 2.0 is a specification developed and owned by the Wi-Fi Alliance. It was designed to enable a more cellular-like experience when connecting to Wi-Fi networks. In the attempt to increase Wireless network security Hotspot 2.0 access points use mandatory WPA2 authentication. Hotspot 2.0 relies on Interworking as well as adds some of its own properties and procedures.
 


Hotspot 2.0 relies tightly on interworking as well as ads some of its own properties and procedures.
Interworking profiles are implemented according to IEEE 802.11u and Hotspot 2.0 Release 1 specifications.
===Implementation===
In RouterOS implementation of Interworking and Hotspot 2.0 stick very closely to the technical specification.


=Configuration Properties=
=Configuration Properties=
<p id="shbox"><b>Sub-menu:</b> <code>/interface wireless interworking-profiles</code></p>
===Information elements in beacon and probe response===
Some information can be added to beacon and probe response packets with a Interworking element. Following parameters of a Interworking element can be configured:


{{Mr-arg-table-h
{{Mr-arg-table-h
Line 16: Line 23:
}}
}}


{{Mr-arg-table
|arg=3gpp
|type=octet string in hex
|default=
|desc=Cellular network advertisement information - country and network codes. This helps Hotspot 2.0 client in the selection of an access point to access 3GPP network. Please see 3GPP TS 24.302. (Annex H) for a format of this field. This value is sent ANQP response if queried.
}}
{{Mr-arg-table
{{Mr-arg-table
|arg=asra
|arg=asra
Line 29: Line 30:
}}
}}
{{Mr-arg-table
{{Mr-arg-table
|arg=authentication-types
|arg=esr
|type=dns-redirection:<code>url</code> {{!}} https-redirection:<code>url</code> {{!}} online-enrollment:<code>url</code> {{!}} terms-and-conditions:<code>url</code>
|type=yes {{!}} no
|default=
|default=no
|desc=This property is only effective when <b>asra</b> is set to <code>yes</code>. Value of <code>url</code> is optional and not needed if <code>dns-redirection</code> or <code>online-enrollment</code> is selected. To set the value of <code>url</code> to empty string use double quotes. Like:
|desc=Emergency services reachable (ESR). Set to <code>yes</code> in order to indicate that emergency services are reachable through the access point.
 
<pre>authentication-types=online-enrollment:""</pre>
 
}}
}}
{{Mr-arg-table
{{Mr-arg-table
|arg=comment
|arg=hessid
|type=string
|type=MAC address
|default=
|default=
|desc=Short description of the profile
|desc=Homogenous extended service set identifier (HESSID). Devices that provide access to same external networks are in one homogenous extended service set. This service set can be identified by HESSID that is the same on all access points in this set. 6-byte value of HESSID is represented as MAC address. It should be globally unique, therefore it is advised to use one of the MAC address of access point in the service set.
}}
}}
{{Mr-arg-table
{{Mr-arg-table
|arg=connection-capabilities
|arg=internet
|type=number:number:closed{{!}}open{{!}}unknown
|type=yes {{!}} no
|default=
|default=yes
|desc=This option allows to provide information about allowed IP protocols and ports. This information can be provided in ANQP response. The first number represents the IP protocol number, the second number represents a port number.
|desc=Whether the internet is available through this connection or not. This information is included in the Interworking element.
*closed - set if protocol and port combination is not allowed;
*open - set if protocol and port combination is allowed;
*unknown - set if protocol and port combination is either open or closed.
Example:
<pre>connection-capabilities=6:80:open,17:5060:closed</pre>
Setting such value access point informs station, that is connecting, that HTTP(6 - TCP, 80 - HTTP) is allowed and VoIP (17 - UDP; 5060 - VoIP) is not allowed.
This property does not restrict or allow these protocols and ports, it only gives information to station device which is connecting to access point.
}}
}}
{{Mr-arg-table
{{Mr-arg-table
|arg=domain-names
|arg=network-type
|type=list of strings
|type=emergency-only {{!}} personal-device {{!}} private {{!}} private-with-guest {{!}} public-chargeable {{!}} public-free {{!}} test {{!}} wildcard
|default=
|default=wildcard
|desc=None or more fully qualified domain names (FQDN) that indicate the entity operating the hotspot. A station that is connecting to the access point can request this AQNP property and check if there is a suffix match with any of the domain names it has credentials to.
|desc=Information about network access type.
* <code>emergency-only</code> - a network dedicated and limited to accessing emergency services;
* <code>personal-device</code> - a network of personal devices. An example of this type of network is a camera that is attached to a printer, thereby forming a network for the purpose of printing pictures;
* <code>private</code> - network for users with user accounts. Usually used in enterprises for employees, not guests;
* <code>private-with-guest</code> - same as private, but guest accounts are available;
* <code>public-chargeable</code> - a network that is available to anyone willing to pay. For example, a subscription to Hotspot 2.0 service or in-room internet access in a hotel;
* <code>public-free</code> - network is available to anyone without any fee. For example, municipal network in city or airport Hotspot;
* <code>test</code> - network used for testing and experimental uses. Not used in production;
* <code>wildcard</code> - is used on Wireless clients. Sending probe request with a wildcard as network type value will make all Interworking Access Points respond despite their actual network-type setting.
A client sends a probe request frame with network-type set to value it is interested in. It will receive replies only from access points with the same value (except the case of wildcard).
}}
}}
{{Mr-arg-table
{{Mr-arg-table
|arg=esr
|arg=uesa
|type=yes {{!}} no
|type=yes {{!}} no
|default=no
|default=no
|desc=Emergency services reachable (ESR). Set to <code>yes</code> in order to indicate that emergency services are reachable through the access point.
|desc=Unauthenticated emergency service accessible (UESA).
* <code>no</code> - indicates that no unauthenticated emergency services are reachable through this Access Point;
* <code>yes</code> - indicates that higher layer unauthenticated emergency services are reachable through this Access Point.
}}
{{Mr-arg-table-end
|arg=venue
|type=venue
|default=unspecified
|desc=Specify the venue in which the Access Point is located. Choose the value from available ones. Some examples:
<pre>
venue=business-bank
venue=mercantile-shopping-mall
venue=educational-university-or-college
</pre>
}}
 
===ANQP elements===
 
Access network query protocol (ANQP). Not all necessary information is included in probe response and beacon frames. For client device to get more information before choosing access point to associate with ANQP is used. The Access Point can have stored information in multiple ANQP elements. Client device will use ANQP to query only for the information it is interested in. This reduces the time needed before association.
 
{{Mr-arg-table-h
|prop=Property
|desc=Description
}}
}}
{{Mr-arg-table
{{Mr-arg-table
|arg=hessid
|arg=3gpp
|type=MAC address
|type=octet string in hex
|default=
|default=
|desc=Homogenous extended service set identifier (HESSID). Devices that provide access to same external networks are in one homogenous extended service set. This service set can be identified by HESSID that is the same on all access points in this set. 6-byte value of HESSID is represented as MAC address. It should be globally unique, therefore it is advised to use one of the MAC address of access point in the service set.
|desc=Cellular network advertisement information - country and network codes. This helps Hotspot 2.0 clients in the selection of an Access Point to access 3GPP network. Please see 3GPP TS 24.302. (Annex H) for a format of this field. This value is sent ANQP response if queried.
}}
}}
{{Mr-arg-table
{{Mr-arg-table
|arg=hotspot20
|arg=authentication-types
|type=yes {{!}} no
|type=dns-redirection:<code>url</code> {{!}} https-redirection:<code>url</code> {{!}} online-enrollment:<code>url</code> {{!}} terms-and-conditions:<code>url</code>
|default=yes
|default=
|desc=Indicate Hotspot 2.0 capability of the access point.
|desc=This property is only effective when <var>asra</var> is set to <code>yes</code>. Value of <code>url</code> is optional and not needed if <code>dns-redirection</code> or <code>online-enrollment</code> is selected. To set the value of <code>url</code> to empty string use double quotes. For example:
<pre>authentication-types=online-enrollment:""</pre>
}}
}}
{{Mr-arg-table
{{Mr-arg-table
|arg=hotspot20-dgaf
|arg=connection-capabilities
|type=yes {{!}} no
|type=number:number:closed{{!}}open{{!}}unknown
|default=yes
|default=
|desc=Downstream Group-Addressed Forwarding (DGAF). Whether to disable or enable multicast and broadcast frames to clients.
|desc=This option allows to provide information about the allowed IP protocols and ports. This information can be provided in ANQP response. The first number represents the IP protocol number, the second number represents a port number.
*yes - enable multicast and broadcast frames to clients;
* <code>closed</code> - set if protocol and port combination is not allowed;
*no - disable multicast and broadcast frames to clients.
* <code>open</code> - set if protocol and port combination is allowed;
When disabled each client gets its own group temporal key (GTK), which is safer than if everyone used the same.
* <code>unknown</code> - set if protocol and port combination is either open or closed.
Example:
<pre>connection-capabilities=6:80:open,17:5060:closed</pre>
Setting such a value on an Access Point informs the Wireless client, which is connecting to the Access Point, that HTTP (6 - TCP, 80 - HTTP) is allowed and VoIP (17 - UDP; 5060 - VoIP) is not allowed.
This property does not restrict or allow usage of these protocols and ports, it only gives information to station device which is connecting to Access Point.
}}
}}
{{Mr-arg-table
{{Mr-arg-table
|arg=internet
|arg=domain-names
|type=yes {{!}} no
|type=list of strings
|default=yes
|default=
|desc=Weather internet is available through this connection or not. This information is included in the interworking element.
|desc=None or more fully qualified domain names (FQDN) that indicate the entity operating the Hotspot. A station that is connecting to the Access Point can request this AQNP property and check if there is a suffix match with any of the domain names it has credentials to.
}}
}}
{{Mr-arg-table
{{Mr-arg-table
Line 100: Line 128:
|default=not-available
|default=not-available
|desc=Information about what IPv4 address and access are available.
|desc=Information about what IPv4 address and access are available.
*not-available - Address type not available;
* <code>not-available</code> - Address type not available;
*public - public IPv4 address available;
* <code>public</code> - public IPv4 address available;
*port-restricted - port-restricted IPv4 address available;
* <code>port-restricted</code> - port-restricted IPv4 address available;
*single-nated - single NATed private IPv4 address available;
* <code>single-nated</code> - single NATed private IPv4 address available;
*double-nated - double NATed private IPv4 address available;
* <code>double-nated</code> - double NATed private IPv4 address available;
*port-restricted-single-nated -port-restricted IPv4 address and single NATed IPv4 address available;
* <code>port-restricted-single-nated</code> -port-restricted IPv4 address and single NATed IPv4 address available;
*port-restricted-double-nated - port-restricted IPv4 address and double NATed IPv4 address available;
* <code>port-restricted-double-nated</code> - port-restricted IPv4 address and double NATed IPv4 address available;
*unknown - availability of the address type is not known.
* <code>unknown</code> - availability of the address type is not known.
}}
}}
{{Mr-arg-table
{{Mr-arg-table
Line 114: Line 142:
|default=not-available
|default=not-available
|desc=Information about what IPv6 address and access are available.
|desc=Information about what IPv6 address and access are available.
*not-available - Address type not available;
* <code>not-available</code> - Address type not available;
*available - address type available;
* <code>available</code> - address type available;
*unknown - availability of the address type is not known.
* <code>unknown</code> - availability of the address type is not known.
}}
{{Mr-arg-table
|arg=name
|type=string
|default=
|desc=Name of interworking profile.
}}
{{Mr-arg-table
|arg=network-type
|type=emergency-only {{!}} personal-device {{!}} private {{!}} private-with-guest {{!}} public-chargeable {{!}} public-free {{!}} test {{!}} wildcard
|default=wildcard
|desc=Information about network access type.
*emergency-only - a network dedicated and limited to accessing emergency services;
*personal-device - a network of personal devices. An example of this type of network is a camera attaching to a printer, thereby forming a network for the purpose of printing pictures;
*private - network for users with user accounts. Usually used in enterprises for employees, not guests;
*private-with-guest - same as private, but guest accounts are available;
*public-chargeable - a network that is available to anyone willing to pay. For example, a subscription to Hotspot 2.0 service or in-room internet access in a hotel;
*public-free - network is available to anyone without any fee. For example, municipal network in city or airport hotspot;
*test - network used for testing and experimental uses. Not used in production;
*wildcard - is used on wireless clients. Sending probe request with a wildcard as network type value will make all interworking access points respond despite their actual network-type setting.
A client sends a probe request frame with network-type set to value it is interested in. It will receive replies only from access points with the same value (except the case of wildcard).
}}
{{Mr-arg-table
|arg=operational-classes
|type=list of numbers
|default=
|desc=Information about other available bands of the same ESS.
}}
{{Mr-arg-table
|arg=operator-names
|type=string:lang
|default=
|desc=Set operator name. Language must be specified for each operator name entry.
Operator-names parameter consists of zero or more duples that contain Operator Name and Language Code:
<pre>
operator-names=BestOperator:eng,MejorOperador:es
</pre>
The Language Code field value is a two or three-character 8 language code selected from ISO-639.
}}
}}
{{Mr-arg-table
{{Mr-arg-table
Line 177: Line 167:
|desc=Organization identifier (OI) usually are 24-bit is unique identifiers like organizationally unique identifier (OUI) or company identifier (CID). In some cases, OI is longer for example OUI-36.
|desc=Organization identifier (OI) usually are 24-bit is unique identifiers like organizationally unique identifier (OUI) or company identifier (CID). In some cases, OI is longer for example OUI-36.
A subscription service provider (SSP) can be specified by its OI.
A subscription service provider (SSP) can be specified by its OI.
<code>roaming-ois</code> property can contain zero or more SSPs OIs whose networks are accessible via this AP.  
<var>roaming-ois</var> property can contain zero or more SSPs OIs whose networks are accessible via this AP.  
Length of OI should be specified before OI itself. For example, to set E4-8D-8C and 6C-3B-6B:
Length of OI should be specified before OI itself. For example, to set E4-8D-8C and 6C-3B-6B:
<pre>
<pre>
roaming-ois=03E48D8C036C3B6B
roaming-ois=E48D8C,6C3B6B
</pre>
</pre>
}}
{{Mr-arg-table-end
|arg=venue-names
|type=string:lang
|default=
|desc=Venue name can be used to provide additional info on the venue. It can help the client to choose a proper Access Point.
Venue-names parameter consists of zero or more duple that contain Venue Name and Language Code:
<pre>
venue-names=CoffeeShop:eng,TiendaDeCafe:es
</pre>
The Language Code field value is a two or three-character 8 language code selected from ISO-639.
}}
===Hotspot 2.0 ANQP elements===
Hotspot 2.0 specification introduced some additional ANQP elements. These elements use an ANQP vendor specific element ID. Here are available properties to change these elements.
{{Mr-arg-table-h
|prop=Property
|desc=Description
}}
{{Mr-arg-table
|arg=hotspot20
|type=yes {{!}} no
|default=yes
|desc=Indicate Hotspot 2.0 capability of the Access Point.
}}
}}
{{Mr-arg-table
{{Mr-arg-table
|arg=uesa
|arg=hotspot20-dgaf
|type=yes {{!}} no
|type=yes {{!}} no
|default=no
|default=yes
|desc=Unauthenticated emergency service accessible (UESA).
|desc=Downstream Group-Addressed Forwarding (DGAF). Sets value of DGAF bit to indicate whether multicast and broadcast frames to clients are disabled or enabled.
*no - indicate that no unauthenticated emergency services are reachable through this AP;
* <code>yes</code> - multicast and broadcast frames to clients are enabled;
*yes - indicate that higher layer unauthenticated emergency services are reachable through this AP.  
* <code>no</code> - multicast and broadcast frames to clients are disabled.
To disable multicast and broadcast frames set <code>multicast-helper=full</code>.
}}
}}
{{Mr-arg-table
{{Mr-arg-table
|arg=venue
|arg=operational-classes
|type=venue
|type=list of numbers
|default=unspecified
|default=
|desc=Specify the venue in which the access point is located. Choose the value from available ones. Some examples:
|desc=Information about other available bands of the same ESS.
<pre>
venue=business-bank
venue=mercantile-shopping-mall
venue=educational-university-or-college
</pre>
}}
}}
{{Mr-arg-table
{{Mr-arg-table
|arg=venue-names
|arg=operator-names
|type=string:lang
|type=string:lang
|default=
|default=
|desc=Venue name can be used to provide additional info on the venue. It can help the client to choose a proper access point.
|desc=Set operator name. Language must be specified for each operator name entry.
Venue-names parameter consists of zero or more duples that contain Venue Name and Language Code:
Operator-names parameter consists of zero or more duple that contain Operator Name and Language Code:
<pre>
<pre>
venue-names=CoffeeShop:eng,TiendaDeCafe:es
operator-names=BestOperator:eng,MejorOperador:es
</pre>
</pre>
The Language Code field value is a two or three-character 8 language code selected from ISO-639.
The Language Code field value is a two or three-character 8 language code selected from ISO-639.
Line 217: Line 230:
|type=yes {{!}} no
|type=yes {{!}} no
|default=no
|default=no
|desc=Whether the access point or network is at its max capacity. If set to yes no additional mobile devices will be permitted to associate to the AP.
|desc=Whether the Access Point or the network is at its max capacity. If set to <code>yes</code> no additional mobile devices will be permitted to associate to the AP.
}}
}}
{{Mr-arg-table
{{Mr-arg-table
Line 223: Line 236:
|type=number
|type=number
|default=0
|default=0
|desc=The downlink speed of WAN connection set in kbps. If downlink speed is not known, set to 0.
|desc=The downlink speed of the WAN connection set in kbps. If the downlink speed is not known, set to 0.
}}
}}
{{Mr-arg-table
{{Mr-arg-table
Line 229: Line 242:
|type=number
|type=number
|default=0
|default=0
|desc=The downlink load of WAN connection measured over <code>wan-measurement-duration</code>. Values from 0 to 255.
|desc=The downlink load of the WAN connection measured over <code>wan-measurement-duration</code>. Values from 0 to 255.
*0 - unknown;
* <code>0</code> - unknown;
*255 - 100%.
* <code>255</code> - 100%.
}}
}}
{{Mr-arg-table
{{Mr-arg-table
Line 237: Line 250:
|type=number
|type=number
|default=0
|default=0
|desc=Duration during which <code>wan-downlink-load</code> and <code>wan-uplink-load</code> are measured. Value is a numeric value from 0 to 65535 representing tenths of seconds.
|desc=Duration during which <var>wan-downlink-load</var> and <code>wan-uplink-load</code> are measured. Value is a numeric value from 0 to 65535 representing tenths of seconds.
*0 - not measured;
* <code>0</code> - not measured;
*10 - 1 second;
* <code>10</code> - 1 second;
*65535 - 1 hour 49 minutes or more.
* <code>65535</code> - 1 hour 49 minutes or more.
}}
}}
{{Mr-arg-table
{{Mr-arg-table
Line 246: Line 259:
|type=down {{!}} reserved {{!}} test {{!}} up
|type=down {{!}} reserved {{!}} test {{!}} up
|default=reserved
|default=reserved
|desc=Information about the status of access points WAN connection. The value <code>reserved</code> is not used.
|desc=Information about the status of the Access Point's WAN connection. The value <code>reserved</code> is not used.
}}
}}
{{Mr-arg-table
{{Mr-arg-table
Line 252: Line 265:
|type=yes {{!}} no
|type=yes {{!}} no
|default=no
|default=no
|desc=Weather WAN link is symmetric (upload and download speeds are the same) or not.
|desc=Weather the WAN link is symmetric (upload and download speeds are the same) or not.
}}
}}
{{Mr-arg-table
{{Mr-arg-table
Line 258: Line 271:
|type=number
|type=number
|default=0
|default=0
|desc=The uplink speed of WAN connection set in kbps. If uplink speed is not known set to 0.
|desc=The uplink speed of the WAN connection set in kbps. If the uplink speed is not known set to 0.
}}
}}
{{Mr-arg-table
{{Mr-arg-table-end
|arg=wan-uplink-load
|arg=wan-uplink-load
|type=number
|type=number
|default=0
|default=0
|desc=The uplink load of WAN connection measured over <code>wan-measurement-duration</code>. Values from 0 to 255.
|desc=The uplink load of th WAN connection measured over <var>wan-measurement-duration</var>. Values from 0 to 255.
*0 - unknown;
* <code>0</code> - unknown;
*255 - 100%.
* <code>255</code> - 100%.
}}
 
===Other Properties===
 
{{Mr-arg-table-h
|prop=Property
|desc=Description
}}
 
{{Mr-arg-table
|arg=comment
|type=string
|default=
|desc=Short description of the profile
}}
}}
{{Mr-arg-table-end
|arg=name
|type=string
|default=
|desc=Name of the Interworking profile.
}}
=See also=
* [[Manual:Interface/Wireless | Wireless manual]]
[[Category:Manual]]
[[Category:Wireless]]

Revision as of 10:17, 21 May 2021


Version.png

Applies to RouterOS: v6

Summary

Interworking

Interworking is the occurrence of two or more things working together. For a better Wireless network experience information about the network must be exchanged between Access Points and Wireless client devices, the information that can be found in basic Wireless beacons and probe requests is limited. For this reason, the IEEE 802.11u™-2011 (Interworking with External Networks) standard was created, that specifies how devices should exchange information between each other. Network discovery and Access Point selection process can be enhanced with the interworking service. Wireless client devices can have more criteria upon which they can choose the network with which to associate.

Hotspot 2.0

Hotspot 2.0 is a specification developed and owned by the Wi-Fi Alliance. It was designed to enable a more cellular-like experience when connecting to Wi-Fi networks. In the attempt to increase Wireless network security Hotspot 2.0 access points use mandatory WPA2 authentication. Hotspot 2.0 relies on Interworking as well as adds some of its own properties and procedures.


Interworking profiles are implemented according to IEEE 802.11u and Hotspot 2.0 Release 1 specifications.

Configuration Properties

Sub-menu: /interface wireless interworking-profiles

Information elements in beacon and probe response

Some information can be added to beacon and probe response packets with a Interworking element. Following parameters of a Interworking element can be configured:

Property Description
asra (yes | no; Default: no) Additional Steps Required for Access. Set to yes, if a user should take additional steps to access the internet, like the walled garden.
esr (yes | no; Default: no) Emergency services reachable (ESR). Set to yes in order to indicate that emergency services are reachable through the access point.
hessid (MAC address; Default: ) Homogenous extended service set identifier (HESSID). Devices that provide access to same external networks are in one homogenous extended service set. This service set can be identified by HESSID that is the same on all access points in this set. 6-byte value of HESSID is represented as MAC address. It should be globally unique, therefore it is advised to use one of the MAC address of access point in the service set.
internet (yes | no; Default: yes) Whether the internet is available through this connection or not. This information is included in the Interworking element.
network-type (emergency-only | personal-device | private | private-with-guest | public-chargeable | public-free | test | wildcard; Default: wildcard) Information about network access type.
  • emergency-only - a network dedicated and limited to accessing emergency services;
  • personal-device - a network of personal devices. An example of this type of network is a camera that is attached to a printer, thereby forming a network for the purpose of printing pictures;
  • private - network for users with user accounts. Usually used in enterprises for employees, not guests;
  • private-with-guest - same as private, but guest accounts are available;
  • public-chargeable - a network that is available to anyone willing to pay. For example, a subscription to Hotspot 2.0 service or in-room internet access in a hotel;
  • public-free - network is available to anyone without any fee. For example, municipal network in city or airport Hotspot;
  • test - network used for testing and experimental uses. Not used in production;
  • wildcard - is used on Wireless clients. Sending probe request with a wildcard as network type value will make all Interworking Access Points respond despite their actual network-type setting.
A client sends a probe request frame with network-type set to value it is interested in. It will receive replies only from access points with the same value (except the case of wildcard).
uesa (yes | no; Default: no) Unauthenticated emergency service accessible (UESA).
  • no - indicates that no unauthenticated emergency services are reachable through this Access Point;
  • yes - indicates that higher layer unauthenticated emergency services are reachable through this Access Point.
venue (venue; Default: unspecified) Specify the venue in which the Access Point is located. Choose the value from available ones. Some examples:
venue=business-bank
venue=mercantile-shopping-mall
venue=educational-university-or-college

ANQP elements

Access network query protocol (ANQP). Not all necessary information is included in probe response and beacon frames. For client device to get more information before choosing access point to associate with ANQP is used. The Access Point can have stored information in multiple ANQP elements. Client device will use ANQP to query only for the information it is interested in. This reduces the time needed before association.

Property Description
3gpp (octet string in hex; Default: ) Cellular network advertisement information - country and network codes. This helps Hotspot 2.0 clients in the selection of an Access Point to access 3GPP network. Please see 3GPP TS 24.302. (Annex H) for a format of this field. This value is sent ANQP response if queried.
authentication-types (dns-redirection:url | https-redirection:url | online-enrollment:url | terms-and-conditions:url; Default: ) This property is only effective when asra is set to yes. Value of url is optional and not needed if dns-redirection or online-enrollment is selected. To set the value of url to empty string use double quotes. For example:
authentication-types=online-enrollment:""
connection-capabilities (number:number:closed|open|unknown; Default: ) This option allows to provide information about the allowed IP protocols and ports. This information can be provided in ANQP response. The first number represents the IP protocol number, the second number represents a port number.
  • closed - set if protocol and port combination is not allowed;
  • open - set if protocol and port combination is allowed;
  • unknown - set if protocol and port combination is either open or closed.

Example:

connection-capabilities=6:80:open,17:5060:closed

Setting such a value on an Access Point informs the Wireless client, which is connecting to the Access Point, that HTTP (6 - TCP, 80 - HTTP) is allowed and VoIP (17 - UDP; 5060 - VoIP) is not allowed.

This property does not restrict or allow usage of these protocols and ports, it only gives information to station device which is connecting to Access Point.
domain-names (list of strings; Default: ) None or more fully qualified domain names (FQDN) that indicate the entity operating the Hotspot. A station that is connecting to the Access Point can request this AQNP property and check if there is a suffix match with any of the domain names it has credentials to.
ipv4-availability (double-nated | not-available | port-restricted | port-restricted-double-nated | port-restricted-single-nated | public | single-nated | unknown; Default: not-available) Information about what IPv4 address and access are available.
  • not-available - Address type not available;
  • public - public IPv4 address available;
  • port-restricted - port-restricted IPv4 address available;
  • single-nated - single NATed private IPv4 address available;
  • double-nated - double NATed private IPv4 address available;
  • port-restricted-single-nated -port-restricted IPv4 address and single NATed IPv4 address available;
  • port-restricted-double-nated - port-restricted IPv4 address and double NATed IPv4 address available;
  • unknown - availability of the address type is not known.
ipv6-availability (available | not-available | unknown; Default: not-available) Information about what IPv6 address and access are available.
  • not-available - Address type not available;
  • available - address type available;
  • unknown - availability of the address type is not known.
realms (string:eap-sim|eap-tls|not-specified; Default: ) Information about supported realms and the corresponding EAP method.
realms=example.com:eap-tls,foo.ba:not-specified
realms-raw (octet string in hex; Default: ) Set NAI Realm ANQP-element manually.
roaming-ois (octet string in hex; Default: ) Organization identifier (OI) usually are 24-bit is unique identifiers like organizationally unique identifier (OUI) or company identifier (CID). In some cases, OI is longer for example OUI-36.

A subscription service provider (SSP) can be specified by its OI. roaming-ois property can contain zero or more SSPs OIs whose networks are accessible via this AP. Length of OI should be specified before OI itself. For example, to set E4-8D-8C and 6C-3B-6B:

roaming-ois=E48D8C,6C3B6B
venue-names (string:lang; Default: ) Venue name can be used to provide additional info on the venue. It can help the client to choose a proper Access Point.

Venue-names parameter consists of zero or more duple that contain Venue Name and Language Code:

venue-names=CoffeeShop:eng,TiendaDeCafe:es
The Language Code field value is a two or three-character 8 language code selected from ISO-639.

Hotspot 2.0 ANQP elements

Hotspot 2.0 specification introduced some additional ANQP elements. These elements use an ANQP vendor specific element ID. Here are available properties to change these elements.

Property Description
hotspot20 (yes | no; Default: yes) Indicate Hotspot 2.0 capability of the Access Point.
hotspot20-dgaf (yes | no; Default: yes) Downstream Group-Addressed Forwarding (DGAF). Sets value of DGAF bit to indicate whether multicast and broadcast frames to clients are disabled or enabled.
  • yes - multicast and broadcast frames to clients are enabled;
  • no - multicast and broadcast frames to clients are disabled.
To disable multicast and broadcast frames set multicast-helper=full.
operational-classes (list of numbers; Default: ) Information about other available bands of the same ESS.
operator-names (string:lang; Default: ) Set operator name. Language must be specified for each operator name entry.

Operator-names parameter consists of zero or more duple that contain Operator Name and Language Code:

operator-names=BestOperator:eng,MejorOperador:es
The Language Code field value is a two or three-character 8 language code selected from ISO-639.
wan-at-capacity (yes | no; Default: no) Whether the Access Point or the network is at its max capacity. If set to yes no additional mobile devices will be permitted to associate to the AP.
wan-downlink (number; Default: 0) The downlink speed of the WAN connection set in kbps. If the downlink speed is not known, set to 0.
wan-downlink-load (number; Default: 0) The downlink load of the WAN connection measured over wan-measurement-duration. Values from 0 to 255.
  • 0 - unknown;
  • 255 - 100%.
wan-measurement-duration (number; Default: 0) Duration during which wan-downlink-load and wan-uplink-load are measured. Value is a numeric value from 0 to 65535 representing tenths of seconds.
  • 0 - not measured;
  • 10 - 1 second;
  • 65535 - 1 hour 49 minutes or more.
wan-status (down | reserved | test | up; Default: reserved) Information about the status of the Access Point's WAN connection. The value reserved is not used.
wan-symmetric (yes | no; Default: no) Weather the WAN link is symmetric (upload and download speeds are the same) or not.
wan-uplink (number; Default: 0) The uplink speed of the WAN connection set in kbps. If the uplink speed is not known set to 0.
wan-uplink-load (number; Default: 0) The uplink load of th WAN connection measured over wan-measurement-duration. Values from 0 to 255.
  • 0 - unknown;
  • 255 - 100%.

Other Properties

Property Description
comment (string; Default: ) Short description of the profile
name (string; Default: ) Name of the Interworking profile.

See also