Networking - Jiri Brejcha

Wi-Fi 7 on Windows 11

The other week I tested Wi-Fi 7 on Linux. It worked great. Let’s see how Intel BE200 Wi-Fi 7 adapter performs on Windows 11 23H2.

Intel NUC 12th generation with Intel BE200 Wi-Fi 7 adapter

Drivers

Download and install latest driver from Intel’s website. Windows Update itself won’t install any driver, so some manual steps are required. I originally tested driver version 23.20.0.4, and now updated to 23.30.0.6.

Setup

We are using TP-Link Deco BE85 BE19000 consumer Wi-Fi 7 router connected to a 10 Gigabit iperf3 server running on MacBook connected via OWC 10 GbE to Thunderbolt adapter. We have done this on Linux before, so let’s see how the same Wi-Fi adapter performs on Windows.

Performance

On the router, we have configured and verified 320 MHz wide Wi-Fi 7 channel. But when we connect the Windows client, looking at the data rate, it is surprisingly low – if you forgive me calling 2882 Mbps ‘low’ 😊 Considering that the NUC is about 1 meter away from the router, I would expect ~5 Gbps data rate. So what’s going on here?

Connected Wi-Fi 7 client, but low data rate

Interestingly enough, it is the same data rate as we see when connected using 5 GHz 160 MHz channel. Yes, I know, that’s a no-no in Wi-Fi design. We are just testing here.

Hmm, 160 MHz wide 5 GHz channel gives us the same data rate

netsh wlan show interfaces command output

Since Windows doesn’t expose the channel width in the UI, we don’t quite know what is happening on the air. Let’s generate some 6 GHz traffic, and check using Oscium’s WiPry Clarity tri-band spectrum analyser. I love this little USB tool. In this example I use a WLAN Pi as a Remote Sensor. It scans for Wi-Fi networks and streams spectrum information to WiFi Explorer Pro on Mac.

WLAN Pi Remote Sensor with Oscium WiPry Clarity scanning 6 GHz

Windows client is using 160 MHz instead of 320 MHz

Bingo! Apparently, on Windows Intel BE200 uses 160 MHz channel width and doesn’t support 320 MHz wide channel. That halves our data rate and throughput. I wish Windows made channel width more obvious in the UI. Intel BE200 adapter supports 320 MHz wide channels on Linux without a sweat, so hopefully it will get fixed in a future Intel driver or Windows release.

Updated: Apparently, I didn’t read Intel’s release notes closely enough, my bad 😊 Intel BE200 adapter on Windows 11 is only able to use Wi-Fi 6E today. Windows 11 will introduce Wi-Fi 7 support in a future update. Since Wi-Fi 6E supports channel widths up to 160 MHz, that’s why we are not being able to use full 320 MHz channel width. What really confused me was the “Protocol: Wi-Fi 7 (802.11be)” misleading Wi-Fi network status reported by Windows. Thank you Ben for spotting the note in Intel’s documentation.

What does that translate to? Lower data rate and lower throughput. I would expect download and upload to be around 2.5 Gbps using 320 MHz wide channel. With the latest Intel driver 23.30.0.6, we get 1.71 Gbps TCP download speed with 16 parallel streams, and upload of 2.17 Gbps. But only the upper 160 MHz half of the 320 MHz wide channel is used.

1.71 Gbps TCP download speed with 16 parallel streams

Upload TCP speed 2.17 Gbps with 16 streams

I also ran a quick Speedtest.net test (I know it is not a proper throughput testing tool) on a 900/900 Mbps WAN link.

On a Linux Wi-Fi 7 client, I measured nearly 890/890 Mbps. Original Intel driver 23.20.0.4 performed 383/818 Mbps. The latest Intel driver 23.30.0.6 delivered more symmetric numbers, and results were closer to the actual WAN link speed.

Speedtest.net speeds using the latest 23.30.0.6 Intel driver

Summary

Wi-Fi worked well, but application speeds including Speedtest.net and other tools performed quite poorly and subjectively ‘felt slow’. iperf3 test showed higher performance, but the main problem for the purpose of a throughput test is that the adapter only uses 160 MHz out of the available 320 MHz.

When it comes to recommended channel width in real world, it depends. 80 MHz or 40 MHz wide channels are most likely the best place to start depending on your circumstances and region.

For reference: Disable 6 GHz on Intel BE200 adapter

If you are performing tests on an SSID that has multiple bands enabled, and you want to force the client to drop off 6 GHz and join using a 5 GHz channel instead, Intel BE200 driver has the option to disable the 6 GHz band.

10 Gigabit Ethernet on Intel NUC

Earlier this week, I tested a 10 Gigabit Ethernet M.2 network adapter on Raspberry Pi 5, and it didn’t quite cut it. Mainly due to limited PCIe Gen 2 performance. Now, the question is can this 10 Gigabit adapter actually push 10 Gbps of traffic at all?

To find out, we are going to slightly reconfigure this Intel NUC 12th generation mini PC. It has an M.2 M-key slot for NVMe drive. Let’s use this slot for our 10 GbE adapter. And we will boot Windows 11 off an external USB SSD drive.

Intel NUC with 10 GbE adapter connected to 10 GbE switch

Install Windows 11 23H2 version on a USB SSD drive, boot Windows, run Windows Update, voila!

Windows Update installed latest driver automatically

With default iperf3 settings we get 6.44 Gbps/7.93 Gbps in the downlink and uplink direction respectively. Not bad, but is that it? Of course not.

I don’t really want to enable Jumbo frames as it’s not always possible to enable Jumbo frame support end-to-end, especially if part of the network doesn’t support it or isn’t under your management. Fortunately, 8 parallel TCP streams in iperf3 do the trick for us. We get 9.48 Gbps download speed.

In the upstream direction from this NUC to my MacBook with 10 GbE adapter, we also get 9.48 Gbps. I am happy. You? 😉

Summary

After all, this 10 GbE M.2 network adapter is indeed capable of pushing 9.48 Gbps of traffic in either direction. But! It is not really a good choice for a system like Intel NUC. I can’t pop the lid back on, the heatsink is too tall. Frankly, I can’t recommend this adapter at all. It runs hot at 84° Celsius in idle.

If you are looking for a daily driver, and your system supports Thunderbolt, get yourself this OWC 10GbE to Thunderbolt adapter. Here is my test. It works out of the box on Windows (I tested this Intel NUC 12th Gen) and macOS (I tested MacBook Pro M1 and M2). Interestingly, it uses the same chip as the above M.2 adapter. Just compare the two products and their heatsink sizes. The AQC107 keeps the main CPU utilisation very low, but it produces a significant amount of heat.

OWC 10 GbE to Thunderbolt network adapter connected to Intel NUC

OWC 10 GbE to Thunderbolt network adapter connected to MacBook

10 Gigabit Ethernet on Raspberry Pi 5

Raspberry Pi 5 comes with PCI Express connection and a number of HATs (hardware attached on top) and Bottoms (the opposite of that) are now available for sale. That unlocks some very exciting options. Let’s see how fast can a 10 Gigabit Ethernet adapter on Raspberry Pi 5 go, shall we?

Pineberry’s HatDrive! Bottom proved to be really handy for converting Pi’s PCIe connection to M.2 M-key format. My Kalea-Informatique 10 Gigabit adapter uses exactly that, so that’s a match. Why did I choose this adapter? Very unscientifically this time – it was the first readily available and I was in a fail-fast mood :)

10 GbE adapter connected to Raspberry Pi 5

Pineberry HatDrive! Bottom board with 10 GbE network adapter

Detail of the AQC107 chip powering the network adapter

Enable PCIe port on Raspberry Pi 5

First things first. We need to enable the PCIe connector on the Pi.

sudo nano /boot/firmware/config.txt

# Enable the port
dtparam=pciex1

# Configure PCIe Gen
dtparam=pciex1_gen=2

Build custom Linux kernel and include the Aquantia driver module

Vanilla Raspberry Pi OS doesn’t include the Aquantia AQC107 kernel module. So we need to burn a micro SD card with a vanilla Raspberry Pi OS Bookworm image, boot the Pi 5 and build a customised kernel.

git clone --depth=1 --branch rpi-6.8.y https://github.com/raspberrypi/linux
cd linux/
sudo apt install flex bison aptitude -y
sudo aptitude install libssl-dev
make bcm2712_defconfig

Edit the config file:

sudo nano .config

Add these 2 lines to .config file:

CONFIG_AQTION=m
CONFIG_AQUANTIA_PHY=m

Trigger customised kernel build on the Pi. This will take some time, so bear with us, please.

sudo make -j4 Image.gz modules dtbs
sudo make modules_install
sudo cp -v arch/arm64/boot/dts/broadcom/*.dtb /boot/firmware/
sudo cp -v arch/arm64/boot/dts/overlays/*.dtb* /boot/firmware/overlays/
sudo cp -v arch/arm64/boot/dts/overlays/README /boot/firmware/overlays/
KERNEL=kernel_2712
sudo cp -v arch/arm64/boot/Image.gz /boot/firmware/$KERNEL.img
uname -a
sudo reboot

After reboot, the LED light on the network adapter should come to life and we can capture first impressions.

Temperature

First thing you will likely notice is how hot this network adapter runs. It runs at 85° Celsius in idle which is slightly worrying and you can literally burn your fingers if you are not careful. Thumbs down on the thermal design front.

Under load, surprisingly, it ‘only’ runs 0.5° warmer.

How fast can it go then?

Raspberry Pi 5 officially supports PCIe Gen 1 and Gen 2. It is not certified for Gen 3.

PCIe Gen 1 mode

In this slowest mode, I got 1.71 Gbps/1.53 Gbps iperf3 TCP results with standard iperf3 settings. No jumbo frames, no other tweaks.

PCIe Gen 2 mode

Again, with standard iperf3 settings, I measured 3.44 Gbps/3.04 Gbps TCP throughput between 2 computers both connected to 10 Gbps switch ports via 10 GbE Full Duplex.

In idle conditions, this setup draws 7.5 W, and 8.9 W under 10GbE adapter iperf3 -R load (3.45 Gbps). Using more iperf3 parallel streams (the -P parameter) did not help at all.

PCIe Gen 3 mode

The adapter supports PCIe Gen 3, but it doesn’t work with the Pi. The Pi is not certified for Gen 3, so I can’t say anything bad about this. The Ethernet adapter is not recognised in Gen 3 mode, and no interface is present in ip a. Sometimes the Pi will fail to boot.

According to dmesg, the Pi forced Gen 2 mode:

brcm-pcie 1000110000.pcie: link down
brcm-pcie 1000120000.pcie: Forcing gen 2

Forcing PCIe Gen 2 mode athough Gen 3 has been configured

I powered my Pi from M2 MacBook USB-C port. So I thought, I might be running into under-voltage issues. I tested the official Raspberry Pi 27 W (5 V * 5 A) AC power and it made no difference.

Did you upgrade Raspberry Pi 5 firmware?

Yes, I did. It is running the latest version available as of March 2024.

Low CPU utilisation

One feature I really enjoyed is the extremely low CPU utilisation under load. I saw slower 2.5 GbE adapters hammer CPU with interrupts, but that’s not the case for this NIC. AQC107 does really good job at keeping the CPU cool.

Low Raspberry Pi 5 CPU load under network load

Cable analytics

Marvell supports Cable Diagnostics feature which uses TDR to measure cable length and detect Ethernet cable for defects. Unfortunately, it doesn’t seem to be supported on the AQC107 chip.

Can you get 10 Gbps out of this adapter at all?

I am glad you asked. How does an Intel NUC with this 10 GbE adapter sound? I’ve just tested it, here you go.

Summary

The high operating temperature really makes this adapter something I can’t recommend. With maximum throughput below 3.5 Gbps, I think you would be better off choosing a 2.5 Gigabit Ethernet adapter, which runs cool and delivers 2.35 Gbps/2.35 Gbps throughput.

Have you tested any other 10 GbE adapter? Did you get better results? Did you find any 2.5 Gbps Ethernet adapter that supports Cable Diagnostics? I am all ears.

Special thanks

Thanks to Luke Jenkins for exploring and sharing the kernel build instructions. Also, thanks to the WLAN Pi team. You can buy the team a coffee using this link.

Throughput speed test of the fastest tp-link and Devolo Magic 2 Wi-Fi power line adapters (PLC)

I am in the market of buying a new pair of power line adapters. Power line is a great alternative or complement to Ethernet and Wi-Fi. It provides low latency and jitter and is very flexible and easy to install.

The current tp-link TL-PA6010 adapters have served me well, but they are now reaching their maximum throughput. So, I decided to get a new pair of the fastest adapters on the market (Devolo Magic 2 Wi-Fi) and also a pair of the best adapters from tp-link (TL-PA9020P). These will be used to connect my home office and lab networks to my router.

Since there are multiple brands offering a variety of products with a variety of advertised speeds, I am curious to see if the more expensive adapters are worth the premium price, what real throughput they would provide and if and how much a passthrough socket improves the power line speed.

Left to right: Devolo Magic 2 Wi-Fi, tp-link TL-PA9020P, tp-link PL-PA6010 (not sold anymore, this would be an equivalent)

Specification

I tested my current low-end adapters and two new high-speed ones:

Throughput, ping, jitter, power and Wi-Fi tests

Power line speeds vary and depend on the distance between the two adapters, your electrical wiring and interference. Please take the numbers below as relative ones, which would allow you to compare how these adapters perform under the same conditions and in the same setup.

All throughput numbers below were TCP measurements taken by iPerf3 running on a WLAN Pi (a single-board computer with 1 Gbps Ethernet) and the client was my MacBook with 1 Gbps USB-C Ethernet adapter. There were no intermediate network devices between them:

MacBook iPerf3 client <-> PLC1 <-> PLC2 <-> WLAN Pi iPerf3 server

The average download speed (measured 5 times at each of the locations in my house) ranges from 13% to 26% of the advertised speeds and goes nowhere near them. With £16 per 100 Mbps, the cheapest adapter seems to be the best value for money, unless you need higher speed and are willing to pay for it. It also is the most power efficient.

Devolo Magic 2 proved to the be the fastest solution with 331 Mbps average download speeds, while TL-PA9020P provided slightly better upload speeds than Devolo.

Each of the parameters (i.e. Download average) consisted of five iPerf3 tests in each location and I then computed the average values:

Built-in Wi-Fi access point

Devolo Magic 2 Wi-Fi remote adapter comes with a built-in dual-band 802.11ac Wi-Fi AP (not just a repeater as some of the cheaper adapters), but it is unstable and resets the power line connection every single time I connect and generate some traffic. I used the latest firmware available in July 2020. If a built-in Wi-Fi is a must-have for you, do NOT buy this adapter. Wait until it gets fixed or look for alternatives.

This is what happens. The SSID is broadcast, a Wi-Fi client can associate to the AP, but when the iPerf test starts, the client gets disconnected and power line connection is torn down for 10 seconds or so and then re-establishes. I was able to reproduce this bug every single time and it was not just one-off random problem.

On the positive note, it supports 2.4 GHz only, 2.4 + 5 GHz or 5 GHz only modes. It does not let you change channel width on 5 GHz though and always uses 80 MHz, which may sound like a good idea in a small town, but it is a disaster in a shared building with many other access points and neighbours present.

If high-speed power line without Wi-Fi is what you are after, then the Magic 2 non-Wi-Fi model could be a good option for you.

Passthrough socket

Passthrough socket allows you to plug an electrical appliance to the power line adapter without generating the socket your adapter is plugged into unusable. Cheaper adapters usually do not provide this.

The other benefit is that adapters with passthrough socket use filters to suppress noise coming from the connected electrical appliance and this improves speed by 13% – 15%.

Pros and cons

Devolo Magic 2 Wi-Fi
+ Fastest average download speed
+ Comes with a mobile app and each unit has a management web GUI
– Built-in access point resets the whole unit and Wi-Fi is not usable
– It runs quite warm compared to the other two and is the largest

tp-link TL-PA9020P
+ Very good and symmetrical performance
+ Stable
– No built-in Wi-Fi
– Still quite expensive compared to the slower and cheaper units

tp-link TL-PA6010 (or similar)
+ Great value for money
+ Stable
– Relatively low speeds
– No passthrough socket, no Wi-Fi

And the winner is…

My personal preferences are very likely different from yours and that is fine. I am looking for symmetrical TCP throughput of at least 200 Mbps, ideally a passthrough socket support and all other features are nice to have.

Devolo Magic 2 Wi-Fi proves to be unstable as the built-in access point crashes the whole adapter and resets the power line connection. Its back side also becomes quite warm regardless the load.

So, I decided for tp-link TL-PA9020P. It is stable, does all I need it to do and both adapters come with 2 Ethernet ports which gives me flexibility to plug my own access point in or connect using wired Ethernet connection.

MSNswitch – ovládání elektrických zásuvek po síti

Na serveru Síťařina.cz právě vyšel článek a především video s praktickou ukázkou možností zařízení MSNswitch. Díky němu můžete na dálku spínat elektrické zásuvky přes lokální síť i internet. Mě osobně se tato krabička velmi zalíbila, a tak ji mohu doporučit i vám.

Rychlé otevření panelu Síťová připojení

Ve Windows Vista i Windows 7 byl ovládací panel Síťová připojení přesunut lehce pozadí. Pokud si nevybavujete jeho konkrétní podobu, napoví vám tento obrázek.

Panel obsahuje přehled všech síťových adaptérů v počítači. Díky němu můžeme pomocí grafického rozhraní Windows snadno měnit prakticky jakákoliv nastavení související se sítěmi. Chcete-li změnit IP adresu vaší síťové karty, provedete to zde, potřebujete-li zakázat bezdrátový síťový adaptér či změnit název nějakého připojení, opět jste zde na správné adrese.

Panel Síťová připojení můžete ve Windows XP najít ve výčtu ovládacích panelů. Nové verze Windows ovšem jeho přístupnost lehce komplikují a do cesty je nám postaven dialog Centrum sítí a sdílení. Ten sice shromažďuje vše týkající se sítí a sdílení souborů a složek na jednom místě, ale námi kýžený panel se skrývá až pod odkazem Spravovat síťová připojení v levém funkčním sloupci. Pokud tedy nyní chcete panel otevřít nezbyde než použít tuto cestu.

Otevření panelu

Pokud chcete Síťová připojení otevřít rychle a bez použití myši, vyzkoušejte tento způsob. Funguje ve všech operačních systémech Windows XP a novějších.

Otevřete menu Start a vyberte možnost Spustit (Win+R).
Do pole Otevřít napište „ncpa.cpl“. Ve Windows Vista a Windows 7 můžete psát přímo do vyhledávacího políčka vlevo dole v nabídce Start.

Tím přímo otevřete panel Síťová připojení. Ve skutečnosti systém na pozadí najde tento soubor v adresáři „C:\Windows\System32\ncpa.cpl“ a otevře jej.

Pokud síťová nastavení měníte často, mohl by se vám hodit následující tip. Vytvořte si na ploše či v nabídce Start zástupce panelu Síťová připojení.

Klikněte na ploše pravým tlačítkem myši a z kontextové nabídky zvolte Nový a dále vyberte Zástupce.
Do pole udávajícího umístění položky zadejte „C:\Windows\System32\ncpa.cpl“.
V dalším kroku zadejte název zástupce a klikněte na tlačítko dokončit.

Klávesová zkratka

Volitelným krokem je přiřazení klávesové zkratky takto vytvořenému zástupci. Tou pak můžete rychle spustit zástupce a tím otevřít panel Síťová připojení.

Klikněte pravým tlačítkem na zástupce (ALT+ENTER) a z kontextového menu zvolte Vlastnosti.
Přepněte se do políčka Klávesová zkratka a stiskněte například trojhmat CTRL+ALT+S.
Po dokončení průvodce můžete vyvolat Síťová připojení pomocí zadané klávesové zkratky.

Vše se dá zvládnout prakticky bez použití myši. Na své si tedy jistě přijdou i klávesnicoví fajnšmekři.

Tipy

Podobným způsobem můžete ve Windows otevírat snad všechny ovládací panely. Přehled jejich názvů a příkazů pro jejich spuštění najdete v tomto příspěvku.

Nastavení IP protokolu (adresa, maska, brána,…) lze měnit i z příkazového řádku. Můj návod najdete tady.

Tento článek byl napsán pro časopis Computer.

Provoz 20000 paketů/s aneb server měl plodný den

Od technika telehousu, kde mám umístěn jeden ze svých serverů jsem se nedávno dozvěděl, že můj stroj má mimořádně “plodný” den a z nějakého důvodu generuje do sítě datový tok 20 000 paketů za sekundu. Po bližším ohledání jsme zjistili, že jde o multicast UDP provoz na cílovou IPv4 adresu 224.0.1.24. Pro případ, že se potkáte s něčím podobným vězte, že na vině může být služba WINS. V mém případě vytížila procesor téměř na 100% a vzdálené přihlášení na server přes RDP trvalo opravdu pekelně dlouho.

Podle materiálů, které jsem našel v dokumentaci, se jednotlivé WINS servery mezi sebou snaží pravidelně komunikovat a případně synchronizovat své databáze. Při tomto procesu nejspíše došlo k nějaké chybě a server tvrdohlavě hrnul provoz do sítě. Možná šlo o bezpečnostní problém viz odkaz na Microsoft KB níže. Služba WINS pro mě nebyla nijak podstatná, takže jsem ji zakázal. Od té doby se už podobné problémy neobjevily.

Několik faktů

Windows Small Business Server 2003 R2 Standard
Konfigurace se dvěma síťovými kartami (jedna do LAN, druhá do internetu) Server byl jediným WINS serverem v lokální síti
Protokol UDP, port 42
Cílová adresa IPv4 224.0.1.24
Poučení pro přístě: Co nepotřebuješ, zakaž a vypni:)

Informace

http://support.microsoft.com/kb/890710

Visual Trace Route – projděte si cestu internetem graficky

Příkazy tracert a traceroute patří mezi jedny z nejfrekventovanějších síťových příkazů. Ano, jsou jednoduché, poskytnou jasný výpis, výstup si můžete přesměrovat do textového souboru a tak dále. Co ale rozhodně neumí, je dopřát uživateli informaci o geografickém umístění jednotlivých routerů.

Právě tento další rozměr přináší webová služba Visual Trace Route. Určíte ke které adrese si přejete zjistit cestu a nástroj ji vypíše v textové podobě a zároveň ji hezky graficky postupně zobrazuje do mapy, dokud nedosáhne cíle. Vy si pak můžete trasu v klidu projít a udělat si představu, kudy vaše pakety tečou. Využívá přitom geografickou databázi IP adres.

Po zadání cílové adresy spustíte trasování pomocí tlačítka Host Trace nebo Proxy Trace. Host Trace spustí trasování ze serveru yougetsignal.com. Proxy Trace naproti tomu trasuje z vaší IP adresy, přes server yougetsignal.com do zadaného cíle. Škoda jen, že není možné trasovat přímo.

Pobavila mě situace, kdy jsem z domácího počítače z Prahy trasoval server umístěný v tomtéž městě. Pakety nabraly zpočátku směr na Varšavu, posléze putovaly Evropou, aby se pak vrátily zpět do Prahy:)

Visual Trace Route: http://www.yougetsignal.com/tools/visual-tracert/
Webový nástroj pro zjištění polohy IP adresy: http://www.yougetsignal.com/tools/network-location/