Need option to specify wifi regulatory domain

[ubuntu-server-builder]

This bug was originally filed in Launchpad as LP: #1951586

Launchpad details

affected_projects = ['netplan', 'network-manager', 'netplan.io (Ubuntu)', 'network-manager (Ubuntu)', 'netplan.io (Ubuntu Jammy)', 'network-manager (Ubuntu Jammy)', 'netplan.io (Ubuntu Kinetic)', 'network-manager (Ubuntu Kinetic)']
assignee = None
assignee_name = None
date_closed = 2021-12-01T16:25:23.647767+00:00
date_created = 2021-11-19T13:36:18.741333+00:00
date_fix_committed = None
date_fix_released = None
id = 1951586
importance = undecided
is_complete = True
lp_url = https://bugs.launchpad.net/cloud-init/+bug/1951586
milestone = None
owner = bos
owner_name = Floris
private = False
status = invalid
submitter = bos
submitter_name = Floris
tags = ['fr-1932', 'iso-testing', 'raspi-image', 'wifi']
duplicates = []

Launchpad user Floris(bos) wrote on 2021-11-19T13:36:18.741333+00:00

It would be nice if netplan offered an option to specify the wifi regulatory domain (country code).

For devices such as the Raspberry Pi you are currently advertising that users can simply setup Ubuntu Server headless by putting the wifi configuration details in cloudinit/netplan's "network-config" on the FAT partition of the SD card: https://ubuntu.com/tutorials/how-to-install-ubuntu-on-your-raspberry-pi#3-wifi-or-ethernet
But an option to set the wifi country code there does not seem to exist, so may not work.

[ubuntu-server-builder]

Launchpad user James Falcon(falcojr) wrote on 2021-12-01T16:25:16.135587+00:00

Since cloud-init's network v2 support is just straight pass-through to netplan, there doesn't seem to be anything for cloud-init to do here. I'm marking this invalid for cloud-init, but feel free to change the status back to new if I'm missing something.

[ubuntu-server-builder]

Launchpad user Lukas Märdian(slyon) wrote on 2021-12-16T10:05:26.420861+00:00

I am not sure if netplan (i.e. the network definition of a specific WiFi interface) is the correct place to handle this. The regulatory domain is a global concept that is being handled in the kernel and affects all radio devices, like WiFi and Bluetooth. If we change that on a single wifi interface definition, it will have side-effects on other radios.

crda is being used for that global setting and it can be configured in /etc/default/crda, e.g.:

$ cat /etc/default/crda
REGDOMAIN=GB

Then there are drivers (like iwlwifi), that do it on their own way or do "Location Aware Regulatory" (LAR) and ignore any hints the kernel might pass to them.

What's the output of iw reg get on the Raspberry Pi?

Having a configuration setting in netplan, we could certainly instruct wpa_supplicant to pass a country=GB hint to the kernel (similar to using iw reg set GB manually`), but that would not work for all drivers and would have side-effects on other radios. Also, this could only be implemented for the networkd/wpa_supplicant backend renderer, as NetworkManager does not support setting a regulatory domain manually AFAICT.

https://wireless.wiki.kernel.org/en/developers/Regulatory

[ubuntu-server-builder]

Launchpad user Floris(bos) wrote on 2021-12-16T10:40:00.079780+00:00

Since cloud-init's network v2 support is just straight pass-through to netplan, there doesn't seem
to be anything for cloud-init to do here.

I tagged cloud-init just in case, as I was already expecting it to turn it into a discussion whether this belongs in Netplan, or is more a global localization like setting.

Using a post-install script to patch /etc/default/crda is problematic, because post-install scripts are executed so late.
Also does not seem to work with write_files in practice (not sure why, thought that did was executed early).
And since different operating systems put the setting in different files, some abstraction instead of OS specific commands would be preferable anyway.

===

The regulatory domain is a global concept that is being handled in the kernel and affects all radio
devices, like WiFi and Bluetooth.

Are you sure it is the kernel that is treating this as a global thing, and not just your implementation?

Other distributions (like RPI OS) set the country in wpa_supplicant.conf instead of your /etc/default/crda, and think you can have a different wpa_supplicant.conf per adapter.
And "iw reg get" also shows it per adapter (phy) in addition to global.

BTW on the Ubuntu 21.10 aarch64 Pi image it always seems to show as UNSET even if I do set /etc/default/crda and reboot, which may be another bug.

==
max@ubuntupi:~$ cat /etc/default/crda

Set REGDOMAIN to a ISO/IEC 3166-1 alpha2 country code so that iw(8) may set

the initial regulatory domain setting for IEEE 802.11 devices which operate

on this system.

Governments assert the right to regulate usage of radio spectrum within

their respective territories so make sure you select a ISO/IEC 3166-1 alpha2

country code suitable for your location or you may infringe on local

legislature. See `/usr/share/zoneinfo/zone.tab' for a table of timezone

descriptions containing ISO/IEC 3166-1 alpha2 country codes.

REGDOMAIN=GB
max@ubuntupi:~$ iw reg get
global
country 00: DFS-UNSET
(2402 - 2472 @ 40), (N/A, 20), (N/A)
(2457 - 2482 @ 20), (N/A, 20), (N/A), AUTO-BW, PASSIVE-SCAN
(2474 - 2494 @ 20), (N/A, 20), (N/A), NO-OFDM, PASSIVE-SCAN
(5170 - 5250 @ 80), (N/A, 20), (N/A), AUTO-BW, PASSIVE-SCAN
(5250 - 5330 @ 80), (N/A, 20), (0 ms), DFS, AUTO-BW, PASSIVE-SCAN
(5490 - 5730 @ 160), (N/A, 20), (0 ms), DFS, PASSIVE-SCAN
(5735 - 5835 @ 80), (N/A, 20), (N/A), PASSIVE-SCAN
(57240 - 63720 @ 2160), (N/A, 0), (N/A)

phy#0
country 99: DFS-UNSET
(2402 - 2482 @ 40), (6, 20), (N/A)
(2474 - 2494 @ 20), (6, 20), (N/A)
(5140 - 5360 @ 160), (6, 20), (N/A)
(5460 - 5860 @ 160), (6, 20), (N/A)

==

[ubuntu-server-builder]

Launchpad user Dave Jones(waveform) wrote on 2021-12-16T12:46:51.440183+00:00

I am not sure if netplan (i.e. the network definition of a specific WiFi interface) is the
correct place to handle this. The regulatory domain is a global concept that is being
handled in the kernel and affects all radio devices, like WiFi and Bluetooth. If we change
that on a single wifi interface definition, it will have side-effects on other radios.

Even if it is a global setting (as floris has pointed out, iw reg lists it per phy), surely that's the common use-case? If someone really needs different regions for different radio devices (on one system!) then we could declare that "too complex, out of scope" and leave it to them to configure externally to netplan.

BTW on the Ubuntu 21.10 aarch64 Pi image it always seems to show as UNSET even if I do set
/etc/default/crda and reboot, which may be another bug.

That's odd -- I've just tried the same on a jammy development install and it's persisting happily across reboots. I'll flash a fresh impish image and see if I can replicate (I'll file a separate bug if I can).

[ubuntu-server-builder]

Launchpad user Lukas Märdian(slyon) wrote on 2021-12-16T16:30:14.974307+00:00

If we make this a (potentially global?) netplan setting, we'd want to also update /etc/default/crda on 'netplan generate' probably.

[ubuntu-server-builder]

Launchpad user Jerry Vonau(jvonau) wrote on 2021-12-22T11:00:47.139572+00:00

https://bugs.launchpad.net/ubuntu/+source/linux-firmware/+bug/1862760

[ubuntu-server-builder]

Launchpad user Dave Jones(waveform) wrote on 2022-01-24T21:00:45.241949+00:00

Worth noting that crda is now "obsolete" and has been replaced with wireless-regdb (LP: #1958918), read directly by the kernel. I need to dig into how this is configured instead (if the existing "iw" command is no longer valid, quite a bit of documentation will need changing!)

[ubuntu-server-builder]

Launchpad user Jerry Vonau(jvonau) wrote on 2022-01-24T21:43:47.319639+00:00

My understanding is that only wpa_supplicant and iw are able to set the regdb country code.

[ubuntu-server-builder]

Launchpad user Floris(bos) wrote on 2022-01-24T22:08:28.878543+00:00

if the existing "iw" command is no longer valid, quite a bit of documentation will need changing!

"iw" itself is not in the crda package.
However the script that reads and applies /etc/default/crda do is.

So perhaps just let netplan set country code in wpa_supplicant.conf and don't bother with /etc/default/crda ?!

[ubuntu-server-builder]

Launchpad user Jerry Vonau(jvonau) wrote on 2022-01-24T22:14:56.215552+00:00

While I have your ear can I suggest adding rng-tools, fake-hwclock, and haveged to the RPi images please.

[ubuntu-server-builder]

Launchpad user Dave Jones(waveform) wrote on 2022-01-24T22:30:36.287321+00:00

A quick response to jvonau above (to avoid getting side-tracked): the best place to suggest that would be to file a ticket against one of those packages and tag it "raspi-image" (which should bring it to my attention); I can add the other packages as "also affected". However, from a brief look, none of those packages are in "main" and therefore can't be added to official images without going through the full MIR process (which would need a pretty strong justification -- which is not to say there isn't one, just to make you aware of the requirement).

[ubuntu-server-builder]

Launchpad user Dave Jones(waveform) wrote on 2022-01-26T15:45:08.709977+00:00

On the subject of crda being deprecated, the situation appears to be as follows:

• The "iw" application, more specifically the "iw reg set" command will continue to operate as normal, but (as before), this is an ephemeral setting that will need re-setting on every boot

• The "/etc/default/crda" file will no longer be available as a persistent store of the regulatory region

• The formerly deprecated "cfg80211.ieee80211_regdom" kernel command line argument was at some point re-enabled to act as if "iw" (or some other userspace application) were configuring the region. Thus, it could be used as a (rather hacky) means of persisting the region

For example, on the Pi, in lieu of any other solution, I'll likely be recommending that people add "cfg80211.ieee80211_regdom=GB" (or the appropriate country code) to "/boot/firmware/cmdline.txt".

The assumption from the kernel side seems to be that persisting this is "something for the desktop to handle", which seems pretty sensible given that one of the queries in almost any desktop setup (including ours) is "where are you?" from which we derive the timezone but could equally derive the regulatory region (I note we don't currently appear to -- perhaps this bug should affect ubiquity too?).

Obviously, however, that doesn't deal with things like the server images. Personally, I think this only bolsters the case for adding the configuration to netplan or cloud-init. Unless we want to add a separate mechanism for persisting the regulatory domain, and then have to ensure that it is set sufficiently early that whatever wifi configuration is performed by netplan/cloud-init is done with the correct regulatory domain in force?

[ubuntu-server-builder]

Launchpad user Launchpad Janitor(janitor) wrote on 2022-01-26T16:17:11.864166+00:00

Status changed to 'Confirmed' because the bug affects multiple users.

[ubuntu-server-builder]

Launchpad user Jerry Vonau(jvonau) wrote on 2022-01-27T07:41:26.888020+00:00

The assumption from the kernel side seems to be that persisting this is "something for the desktop to handle", which seems pretty sensible given that one of the queries in almost any desktop setup (including ours) is "where are you?" from which we derive the timezone but could equally derive the regulatory region (I note we don't currently appear to -- perhaps this bug should affect ubiquity too?).

This rings a bell, working from memory with wireshark I think NetworkManager does a double connect, first to grab the country code then the actual wpa_supplicant/dhcp exchange. Dan Williams would be the one to ask.

[ubuntu-server-builder]

Launchpad user Dave Jones(waveform) wrote on 2022-05-06T09:38:23.788839+00:00

@jvonau I just came back to this while trawling through my still-open bug list and had a look at what happens on the desktop. At least on our Pi desktop images (using NetworkManager), no wifi regulatory domain gets set at all (at least on my local network). Just in case it made any difference, I also tried switching on "location services", but there was no effect on the regulatory domain.

It appears that the effort to make NetworkManager (or more broadly, the GNOME desktop) location aware stalled some considerable time ago 1 2 3

Also, I don't see any option to manually set the regulatory domain in the UI. Now that crda's gone in jammy, and "iw" isn't seeded on the desktop image (for the Pi at least; is the PC any different?) there's effectively no way for the user to set the wifi regulatory domain (something that's fairly important ... legal stuff and all that) "out of the box" either via the GUI or via the command line.

I've added the info the jammy release notes, and I'm going to add a few targets here as this clearly needs some work on several fronts, presumably netplan for servers and NetworkManager for desktops.

[ubuntu-server-builder]

Launchpad user Jerry Vonau(jvonau) wrote on 2022-05-06T15:01:12.755073+00:00

Connection via NetworkManager to AP

2993 May 6 09:55:54 124-u2204-desk NetworkManager[641]: [1651845354.5017] device (wlp2s0): Activation: starting connection '181-rpi4-64bit-raspios-LARGE' (9a51eba2-3723-4750-8a72-aa2e4c723140)
2994 May 6 09:55:54 124-u2204-desk NetworkManager[641]: [1651845354.5083] audit: op="connection-add-activate" uuid="9a51eba2-3723-4750-8a72-aa2e4c723140" name="181-rpi4-64bit-raspios-LARGE" pid=1342 uid=1000 result="success"
2995 May 6 09:55:54 124-u2204-desk NetworkManager[641]: [1651845354.5173] device (wlp2s0): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'managed')
2996 May 6 09:55:54 124-u2204-desk NetworkManager[641]: [1651845354.5309] device (wlp2s0): state change: prepare -> config (reason 'none', sys-iface-state: 'managed')
2997 May 6 09:55:54 124-u2204-desk NetworkManager[641]: [1651845354.5364] device (wlp2s0): Activation: (wifi) connection '181-rpi4-64bit-raspios-LARGE' requires no security. No secrets needed.
2998 May 6 09:55:54 124-u2204-desk NetworkManager[641]: [1651845354.5365] Config: added 'ssid' value '181-rpi4-64bit-raspios-LARGE'
2999 May 6 09:55:54 124-u2204-desk NetworkManager[641]: [1651845354.5366] Config: added 'scan_ssid' value '1'
3000 May 6 09:55:54 124-u2204-desk NetworkManager[641]: [1651845354.5366] Config: added 'bgscan' value 'simple:30:-70:86400'
3001 May 6 09:55:54 124-u2204-desk NetworkManager[641]: [1651845354.5367] Config: added 'key_mgmt' value 'NONE'
3002 May 6 09:55:54 124-u2204-desk NetworkManager[641]: [1651845354.5508] device (wlp2s0): supplicant interface state: disconnected -> scanning
3003 May 6 09:55:54 124-u2204-desk NetworkManager[641]: [1651845354.5509] device (p2p-dev-wlp2s0): supplicant management interface state: disconnected -> scanning
3004 May 6 09:55:55 124-u2204-desk wpa_supplicant[683]: wlp2s0: SME: Trying to authenticate with 02:72:82:96:ac:1e (SSID='181-rpi4-64bit-raspios-LARGE' freq=2437 MHz)
3005 May 6 09:55:55 124-u2204-desk kernel: [ 686.915199] wlp2s0: authenticate with 02:72:82:96:ac:1e
3006 May 6 09:55:55 124-u2204-desk kernel: [ 686.919826] wlp2s0: send auth to 02:72:82:96:ac:1e (try 1/3)
3007 May 6 09:55:55 124-u2204-desk kernel: [ 686.922147] wlp2s0: authenticated
3008 May 6 09:55:55 124-u2204-desk wpa_supplicant[683]: wlp2s0: Trying to associate with 02:72:82:96:ac:1e (SSID='181-rpi4-64bit-raspios-LARGE' freq=2437 MHz)
3009 May 6 09:55:55 124-u2204-desk NetworkManager[641]: [1651845355.1109] device (wlp2s0): supplicant interface state: scanning -> authenticating
3010 May 6 09:55:55 124-u2204-desk NetworkManager[641]: [1651845355.1111] device (p2p-dev-wlp2s0): supplicant management interface state: scanning -> authenticating
3011 May 6 09:55:55 124-u2204-desk kernel: [ 686.929202] wlp2s0: associate with 02:72:82:96:ac:1e (try 1/3)
3012 May 6 09:55:55 124-u2204-desk wpa_supplicant[683]: wlp2s0: Associated with 02:72:82:96:ac:1e
3013 May 6 09:55:55 124-u2204-desk kernel: [ 686.937597] wlp2s0: RX AssocResp from 02:72:82:96:ac:1e (capab=0x401 status=0 aid=1)
3014 May 6 09:55:55 124-u2204-desk kernel: [ 686.938943] wlp2s0: associated
3015 May 6 09:55:55 124-u2204-desk kernel: [ 686.940900] IPv6: ADDRCONF(NETDEV_CHANGE): wlp2s0: link becomes ready
3016 May 6 09:55:55 124-u2204-desk NetworkManager[641]: [1651845355.1276] device (wlp2s0): supplicant interface state: authenticating -> associating
3017 May 6 09:55:55 124-u2204-desk NetworkManager[641]: [1651845355.1277] device (p2p-dev-wlp2s0): supplicant management interface state: authenticating -> associating
3018 May 6 09:55:55 124-u2204-desk wpa_supplicant[683]: wlp2s0: CTRL-EVENT-CONNECTED - Connection to 02:72:82:96:ac:1e completed [id=0 id_str=]
3019 May 6 09:55:55 124-u2204-desk wpa_supplicant[683]: wlp2s0: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
3020 May 6 09:55:55 124-u2204-desk wpa_supplicant[683]: wlp2s0: CTRL-EVENT-REGDOM-CHANGE init=COUNTRY_IE type=COUNTRY alpha2=US
3021 May 6 09:55:55 124-u2204-desk NetworkManager[641]: [1651845355.1389] device (wlp2s0): supplicant interface state: associating -> completed
3022 May 6 09:55:55 124-u2204-desk NetworkManager[641]: [1651845355.1390] device (wlp2s0): Activation: (wifi) Stage 2 of 5 (Device Configure) successful. Connected to wireless network "181-rpi4-64bit-raspios-LARGE"
3023 May 6 09:55:55 124-u2204-desk NetworkManager[641]: [1651845355.1391] device (p2p-dev-wlp2s0): supplicant management interface state: associating -> completed
3024 May 6 09:55:55 124-u2204-desk NetworkManager[641]: [1651845355.1457] device (wlp2s0): state change: config -> ip-config (reason 'none', sys-iface-state: 'managed')
3025 May 6 09:55:55 124-u2204-desk NetworkManager[641]: [1651845355.1504] dhcp4 (wlp2s0): activation: beginning transaction (timeout in 45 seconds)
3026 May 6 09:55:55 124-u2204-desk avahi-daemon[636]: Joining mDNS multicast group on interface wlp2s0.IPv6 with address fe80::8b52:89de:a53d:e20f.
3027 May 6 09:55:55 124-u2204-desk avahi-daemon[636]: New relevant interface wlp2s0.IPv6 for mDNS.
3028 May 6 09:55:55 124-u2204-desk avahi-daemon[636]: Registering new address record for fe80::8b52:89de:a53d:e20f on wlp2s0.*.
3029 May 6 09:55:55 124-u2204-desk wpa_supplicant[683]: wlp2s0: CTRL-EVENT-SIGNAL-CHANGE above=1 signal=-21 noise=9999 txrate=72200
3030 May 6 09:55:55 124-u2204-desk kernel: [ 686.987544] wlp2s0: Limiting TX power to 30 (30 - 0) dBm as advertised by 02:72:82:96:ac:1e
3031 May 6 09:55:58 124-u2204-desk NetworkManager[641]: [1651845358.3182] dhcp4 (wlp2s0): state changed new lease, address=172.18.118.149
3032 May 6 09:55:58 124-u2204-desk avahi-daemon[636]: Joining mDNS multicast group on interface wlp2s0.IPv4 with address 172.18.118.149.
3033 May 6 09:55:58 124-u2204-desk avahi-daemon[636]: New relevant interface wlp2s0.IPv4 for mDNS.
3034 May 6 09:55:58 124-u2204-desk avahi-daemon[636]: Registering new address record for 172.18.118.149 on wlp2s0.IPv4.
3035 May 6 09:55:58 124-u2204-desk dbus-daemon[640]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.8' (uid=0 pid=641 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined")
3036 May 6 09:55:58 124-u2204-desk NetworkManager[641]: [1651845358.3303] device (wlp2s0): state change: ip-config -> ip-check (reason 'none', sys-iface-state: 'managed')
3037 May 6 09:55:58 124-u2204-desk systemd[1]: Starting Network Manager Script Dispatcher Service...
3038 May 6 09:55:58 124-u2204-desk dbus-daemon[640]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
3039 May 6 09:55:58 124-u2204-desk systemd[1]: Started Network Manager Script Dispatcher Service.
3040 May 6 09:55:58 124-u2204-desk NetworkManager[641]: [1651845358.3644] device (wlp2s0): state change: ip-check -> secondaries (reason 'none', sys-iface-state: 'managed')
3041 May 6 09:55:58 124-u2204-desk NetworkManager[641]: [1651845358.3649] device (wlp2s0): state change: secondaries -> activated (reason 'none', sys-iface-state: 'managed')
3042 May 6 09:55:58 124-u2204-desk NetworkManager[641]: [1651845358.3793] device (wlp2s0): Activation: successful, device activated

Disconnection from AP

3098 May 6 09:58:44 124-u2204-desk kernel: [ 856.512766] wlp2s0: deauthenticating from 02:72:82:96:ac:1e by local choice (Reason: 3=DEAUTH_LEAVING)
3099 May 6 09:58:44 124-u2204-desk wpa_supplicant[683]: wlp2s0: CTRL-EVENT-DISCONNECTED bssid=02:72:82:96:ac:1e reason=3 locally_generated=1
3100 May 6 09:58:44 124-u2204-desk wpa_supplicant[683]: wlp2s0: CTRL-EVENT-DSCP-POLICY clear_all
3101 May 6 09:58:44 124-u2204-desk wpa_supplicant[683]: wlp2s0: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
3102 May 6 09:58:44 124-u2204-desk NetworkManager[641]: [1651845524.7590] device (wlp2s0): supplicant interface state: completed -> disconnected
3103 May 6 09:58:44 124-u2204-desk NetworkManager[641]: [1651845524.7590] device (p2p-dev-wlp2s0): supplicant management interface state: completed -> disconnected
3104 May 6 09:58:44 124-u2204-desk NetworkManager[641]: [1651845524.7594] device (wlp2s0): state change: deactivating -> disconnected (reason 'new-activation', sys-iface-state: 'managed')

Note:

CTRL-EVENT-REGDOM-CHANGE changes as the connection is toggled on and off. Think everything is fine on that front. I think all the variables for wpa_supplicant.conf are passed across dbus from NetworkManager, I can't seem to find any temporary file within /run/ that has any mention of the wifi connection.

Think the easiest path would be for netplan's systemd-network backend to populate wpa_supplicant.conf with a country_code entry from within the 'wifis' section of the yamal file, that would be the equivalent to how RaspOS handles setting up it's wpa_supplicant.conf file.

[ubuntu-server-builder]

Launchpad user Dave Jones(waveform) wrote on 2022-05-09T10:38:26.456537+00:00

I'm not entirely convinced NetworkManager is working correctly this regard? I was checking the wifi regulatory domain with "iw reg get" which consistently shows UNSET both globally and for phy#0 under the desktop for Pi images:

$ iw reg get
global
country 00: DFS-UNSET
(2402 - 2472 @ 40), (N/A, 20), (N/A)
(2457 - 2482 @ 20), (N/A, 20), (N/A), AUTO-BW, PASSIVE-SCAN
(2474 - 2494 @ 20), (N/A, 20), (N/A), NO-OFDM, PASSIVE-SCAN
(5170 - 5250 @ 80), (N/A, 20), (N/A), AUTO-BW, PASSIVE-SCAN
(5250 - 5330 @ 80), (N/A, 20), (0 ms), DFS, AUTO-BW, PASSIVE-SCAN
(5490 - 5730 @ 160), (N/A, 20), (0 ms), DFS, PASSIVE-SCAN
(5735 - 5835 @ 80), (N/A, 20), (N/A), PASSIVE-SCAN
(57240 - 63720 @ 2160), (N/A, 0), (N/A)

phy#0
country 99: DFS-UNSET
(2402 - 2482 @ 40), (6, 20), (N/A)
(2474 - 2494 @ 20), (6, 20), (N/A)
(5140 - 5360 @ 160), (6, 20), (N/A)
(5460 - 5860 @ 160), (6, 20), (N/A)

Still, perhaps "iw" doesn't know about changes that wpa_supplicant makes? On a freshly flashed jammy pi desktop card, I get the following output when looking for REGDOM in the wpa_supplicant logs:

$ journalctl -u wpa_supplicant -g REGDOM
-- Boot 732bf3d726d543d4985f9e8ded5b5dc3 --
May 09 11:19:54 miss-piggy wpa_supplicant[727]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD

The "WORLD" region is presumably consistent with "UNSET" so it doesn't look like NetworkManager or wpa_supplicant is setting things correctly there. I wondered if perhaps it this only works on some APs? So here's the output from my regular development Pi. This also runs the jammy desktop, but it's not a freshly flashed image -- it's been upgraded thru every release since hirsute so it's probably a bit crufty -- but it has travelled with me to various places so it's seen a few different access points (it spends most of its time on ethernet at home though, so the lack of lots of REGDOM changes is not too surprising):

-- Boot 3342ed4b84f14e6a8f7b900d240b2c4d --
-- Boot d9087ec569c64e258d9b0a39d5d51c81 --
-- Boot b4c27a9655d747d48fc16329f73ad596 --
-- Boot d431767f6d89494bba39cc9ab9bce969 --
Sep 29 00:09:43 kermit wpa_supplicant[1081]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
-- Boot 345a7579a52147aea56af3152178c199 --
Sep 29 09:28:02 kermit wpa_supplicant[1077]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
-- Boot 624126fce6cc45abad47cb42b9ac256f --
-- Boot e424d65195804a6eae2f948ee1e4ef38 --
-- Boot 77fb125a0ecc4df985d5317cd536b54a --
-- Boot da38e67821874b3fa66a330acf17f18c --
-- Boot 02be9377913d4886b21988b903d1b4cd --
-- Boot 8a6dc8a10b0f42689056adacb374d269 --
-- Boot 85bbc4cfc473439a899e467a2debb201 --
-- Boot fa07d0686c68401696caf2b3e4c402dd --
Jan 14 15:09:22 kermit wpa_supplicant[87530]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
-- Boot 9e7e7bf75790439bbc2e72371a14c8ab --
-- Boot a70d0f3889794224a7bf370998aaf7dd --
-- Boot bd314e15c8f1415eb75c9950129edd5b --
-- Boot c54489d0e45b4318b1b07d88bdaff7ea --
-- Boot 370a4871b0ec43f9a1b58cab78ac875c --
-- Boot 4756c93714f247009f5b93f228925455 --
-- Boot 884e307c2a13455b9fbb913e0a0f0c29 --
-- Boot bad77d689f714ca88d38f498cd8bfa2b --
-- Boot 1cf2c96be69748afa60489603ef8b771 --
-- Boot 09375e4eaaf94141a8cfe904bc303989 --
-- Boot 8fa2bdfb2e6e4ad0abeda9b3a79ac37a --
-- Boot 6c23de48f7a748d995cce77b9a908d3f --
-- Boot 364f760176b54df5b3fcaa5b978f3e70 --
-- Boot ff656412414f4c7880079f7bbf07400a --
-- Boot ebb1115d58724cf9bd544028d01c6e96 --
-- Boot 5c85c03736934ed6a2426544f5f98b88 --
-- Boot 6051d9f10827419996db1bfa376ec562 --
-- Boot 4996ddb853a248268b27e93adff373e1 --
-- Boot 0b7927e93a38434683395e88d202a8e1 --
Feb 14 09:57:26 kermit wpa_supplicant[1030]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
-- Boot 08038d28c346496eb7884859c306ca4c --
-- Boot b2c62ed0866d4618ac058670dbaae672 --
Feb 17 01:37:49 kermit wpa_supplicant[1032]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
-- Boot 5a2883f8ce074e748e9a94beaf72f123 --
-- Boot ec2157fa46fa48a3ba3445bfa7fe4b1b --
-- Boot e2dbc92b2764473eb8d65a1f7e6df5df --
-- Boot ec2157fa46fa48a3ba3445bfa7fe4b1b --
-- Boot e2dbc92b2764473eb8d65a1f7e6df5df --
-- Boot a8ef52e6c63949cea168ea8c1d06d148 --
Feb 23 10:43:59 kermit wpa_supplicant[1027]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
-- Boot 319081b9562a4c20aa1560a4fe998f19 --
-- Boot 4d3841cc1dbb4906a4465dd2122f64a8 --
Feb 26 18:18:07 kermit wpa_supplicant[1048]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=USER type=COUNTRY alpha2=DE
-- Boot 8729c7f4e1ae45dcbece9aeceb9b19cb --
-- Boot 8034051089274a34ba65bc96d749a9b7 --
-- Boot 8729c7f4e1ae45dcbece9aeceb9b19cb --
Mar 03 10:07:39 kermit wpa_supplicant[1040]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
-- Boot 8034051089274a34ba65bc96d749a9b7 --
Mar 11 11:20:39 kermit wpa_supplicant[1040]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
-- Boot dcd973755091479b9be508eaf11667dd --
-- Boot b0c3f4f9a2d64a8a959844ad1773e6c1 --
-- Boot e0fc49c4dc894233b0541b66700b5fb3 --
-- Boot 1f2be083fe2e42849d9e869c1fbcde92 --
-- Boot 76ecf6d5e894408dae933c7a598e1ae9 --
-- Boot 5fcfbff4b29f4f2ab527c36f61594d03 --
-- Boot 15f5817168b84c3b9a5dcfa0f23c5543 --
-- Boot 44d914f21c4444d582947dceb31f3afe --
-- Boot 238dbb8b62164482a60147f2a6282025 --
-- Boot 9c66088689b641cd9c414320f6996fb0 --
-- Boot d1cc9ac5cd304da8828bc78ff04d2281 --
Apr 01 11:31:13 kermit wpa_supplicant[1070]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
-- Boot 42f146dbf914494698554783a15c5f0c --
-- Boot 381cd6a085d34a969a12b0f70f494649 --
-- Boot 58ca2d99d67641a8b31b0df25ae37644 --
Apr 07 22:54:56 kermit wpa_supplicant[1086]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
-- Boot 5a5eea05df5f43f292419c5c983cf14d --
-- Boot 136d1be22bf0465a8f275a3b921a1a38 --
-- Boot a054dd8d8fe7425cb8c3d28c27ef1786 --
-- Boot 8f7d36b281744f7f9753abe546db7cf9 --
-- Boot 890cf4c9b93540bc83440d7773416828 --
-- Boot f159c0c4c67b4468882374ce194da806 --
-- Boot 59124b1e8b87434ca38c4e3278367ea4 --
-- Boot cc7d8831649d4936a66f200b363890bd --
-- Boot 2e9a85dc69194973a1fd95a55537bec1 --
-- Boot cf0bca78a10f4d40b27e12f8930db7ed --
-- Boot 95e066d50b9a4f468eafcfcb4403bf0a --
-- Boot d6b96bc9d2da48bb9410dab66a35de2c --
-- Boot 6a1885e322674da689e6ab03812834d5 --
-- Boot 265f11639efe4f6888de3c26bbcb24ec --
-- Boot 5b96ffce43504e61ba66aca930e18c57 --
-- Boot f8ca9d9135d24950ba805e2a261fec17 --
-- Boot 866d560e03ec4262969b751ea7edcca1 --
-- Boot 1a517bf700c14e4c80c33303f42b9e1e --
-- Boot e85bdc80cb364b0195c7fec08597b4f2 --
-- Boot 65488c22c3c0439aa928aaabcfd87181 --
-- Boot c63d9371838e4c95beaa3a4c3d9c38c2 --
-- Boot 66e65c4fc40946eea75112666829870a --

So the upgraded image never sets "GB" either, but it did correctly figure out I'd dragged it into Germany (DE) for the engineering sprint in late February! Still, after that it was back to "WORLD" back in blighty.

Am I looking in the wrong place for REGDOM events? Is there another wpa_supplicant instance that's setting things correctly? Or perhaps there's some setting I'm missing? (although that sounds unlikely given it did correctly figure out Germany).

[ubuntu-server-builder]

Launchpad user Jerry Vonau(jvonau) wrote on 2022-05-09T14:13:11.007284+00:00

I wondered if perhaps it this only works on some APs?

That is the impression that I get, the country code info is part of the management frames transmitted by the AP, could be unsupported, not configured, or mis-configured.

grep wpa may6.txt
May 6 09:04:57 box wpa_supplicant[810]: wlan0: WPS-PBC-ACTIVE
May 6 09:05:34 box wpa_supplicant[810]: wlan0: Trying to associate with SSID 'BELL188'
May 6 09:05:36 box wpa_supplicant[810]: wlan0: Associated with 2c:79:d7:05:5e:0e
May 6 09:05:36 box wpa_supplicant[810]: wlan0: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
May 6 09:05:36 box wpa_supplicant[810]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=COUNTRY_IE type=COUNTRY alpha2=CA
May 6 09:05:45 box wpa_supplicant[810]: wlan0: CTRL-EVENT-DISCONNECTED bssid=2c:79:d7:05:5e:0e reason=15
May 6 09:05:45 box wpa_supplicant[810]: wlan0: WPA: 4-Way Handshake failed - pre-shared key may be incorrect
May 6 09:05:45 box wpa_supplicant[810]: wlan0: CTRL-EVENT-SSID-TEMP-DISABLED id=0 ssid="BELL188" auth_failures=1 duration=10 reason=WRONG_KEY
May 6 09:05:45 box wpa_supplicant[810]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
May 6 09:05:45 box wpa_supplicant[810]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=USER type=COUNTRY alpha2=US
May 6 09:06:58 box wpa_supplicant[810]: wlan0: Trying to associate with SSID 'BELL188'
May 6 09:07:01 box wpa_supplicant[810]: wlan0: Associated with 2c:79:d7:05:5e:0e
May 6 09:07:01 box wpa_supplicant[810]: wlan0: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
May 6 09:07:01 box wpa_supplicant[810]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=COUNTRY_IE type=COUNTRY alpha2=CA
May 6 09:07:10 box wpa_supplicant[810]: wlan0: CTRL-EVENT-DISCONNECTED bssid=2c:79:d7:05:5e:0e reason=15
May 6 09:07:10 box wpa_supplicant[810]: wlan0: WPA: 4-Way Handshake failed - pre-shared key may be incorrect
May 6 09:07:10 box wpa_supplicant[810]: wlan0: CTRL-EVENT-SSID-TEMP-DISABLED id=0 ssid="BELL188" auth_failures=1 duration=10 reason=WRONG_KEY
May 6 09:07:10 box wpa_supplicant[810]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
May 6 09:07:10 box wpa_supplicant[810]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=USER type=COUNTRY alpha2=US
May 6 09:07:32 box wpa_supplicant[810]: wlan0: Trying to associate with SSID 'BELL188'
May 6 09:07:35 box wpa_supplicant[810]: wlan0: Associated with 2c:79:d7:05:5e:0e
May 6 09:07:35 box wpa_supplicant[810]: wlan0: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
May 6 09:07:35 box wpa_supplicant[810]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=COUNTRY_IE type=COUNTRY alpha2=CA
May 6 09:07:44 box wpa_supplicant[810]: wlan0: CTRL-EVENT-DISCONNECTED bssid=2c:79:d7:05:5e:0e reason=15
May 6 09:07:44 box wpa_supplicant[810]: wlan0: WPA: 4-Way Handshake failed - pre-shared key may be incorrect
May 6 09:07:44 box wpa_supplicant[810]: wlan0: CTRL-EVENT-SSID-TEMP-DISABLED id=0 ssid="BELL188" auth_failures=1 duration=10 reason=WRONG_KEY
May 6 09:07:44 box wpa_supplicant[810]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
May 6 09:07:44 box wpa_supplicant[810]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=USER type=COUNTRY alpha2=US
May 6 09:08:10 box wpa_supplicant[810]: wlan0: Trying to associate with SSID 'BELL188'
May 6 09:08:13 box wpa_supplicant[810]: wlan0: Associated with 2c:79:d7:05:5e:0e
May 6 09:08:13 box wpa_supplicant[810]: wlan0: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
May 6 09:08:13 box wpa_supplicant[810]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=COUNTRY_IE type=COUNTRY alpha2=CA
May 6 09:08:21 box wpa_supplicant[810]: wlan0: CTRL-EVENT-DISCONNECTED bssid=2c:79:d7:05:5e:0e reason=3 locally_generated=1
May 6 09:08:21 box wpa_supplicant[810]: wlan0: WPA: 4-Way Handshake failed - pre-shared key may be incorrect
May 6 09:08:21 box wpa_supplicant[810]: wlan0: CTRL-EVENT-SSID-TEMP-DISABLED id=0 ssid="BELL188" auth_failures=1 duration=10 reason=WRONG_KEY
May 6 09:08:21 box wpa_supplicant[810]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
May 6 09:08:21 box wpa_supplicant[810]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=USER type=COUNTRY alpha2=US
May 6 09:08:28 box wpa_supplicant[810]: wlan0: Trying to associate with SSID 'BELL188'
May 6 09:08:31 box wpa_supplicant[810]: wlan0: CTRL-EVENT-DISCONNECTED bssid=2c:79:d7:05:5e:0e reason=3 locally_generated=1
May 6 09:08:31 box wpa_supplicant[810]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
May 6 09:08:31 box wpa_supplicant[810]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=USER type=COUNTRY alpha2=US
May 6 09:09:08 box wpa_supplicant[810]: wlan0: Trying to associate with SSID 'SHAW-DB6690'
May 6 09:09:11 box wpa_supplicant[810]: wlan0: Associated with 00:fc:8d:db:66:98
May 6 09:09:11 box wpa_supplicant[810]: wlan0: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
May 6 09:09:11 box wpa_supplicant[810]: wlan0: CTRL-EVENT-REGDOM-CHANGE init=COUNTRY_IE type=COUNTRY alpha2=US
May 6 09:09:11 box wpa_supplicant[810]: wlan0: WPA: Key negotiation completed with 00:fc:8d:db:66:98 [PTK=CCMP GTK=TKIP]
May 6 09:09:11 box wpa_supplicant[810]: wlan0: CTRL-EVENT-CONNECTED - Connection to 00:fc:8d:db:66:98 completed [id=0 id_str=]

Should be part of the 'beacon' info. https://howiwifi.com/2020/07/13/802-11-frame-types-and-formats/ has a good overview. I discovered this exchange while observing 'on the wire' with wireshark.

Am I looking in the wrong place for REGDOM events? Is there another wpa_supplicant instance that's setting things correctly?

It's the right place but wpa_supplicant has to interact with a variety wifi chipsets with varying firmware/drivers in play, would not surprise me if things are not consistent across the board. There also the difference between NetworkManger 'user connections'/'system connections' but that should not matter as NM passes the wifi info to wpa_supplicant directly.

[ubuntu-server-builder]

Launchpad user Dave Jones(waveform) wrote on 2022-05-09T21:34:41.726084+00:00

Should be part of the 'beacon' info. https://howiwifi.com/2020/07/13/802-11-frame-types-and-formats/ has a good overview. I discovered this exchange while observing 'on the wire' with wireshark.

Thanks for the link; lots of useful stuff there!

I wondered if perhaps it this only works on some APs?

That is the impression that I get, the country code info is part of the management frames transmitted by the AP, could be unsupported, not configured, or mis-configured.

Okay, to my mind that brings us back to "need option to specify wifi regulatory domain". It seems the situation with netplan/networkd is "there's no option", and in NetworkManager is "there's no option, but sometimes it'll magically work anyway" (although you'll need to go digging in the logs to confirm that :)

[ubuntu-server-builder]

Launchpad user Sebastien Bacher(seb128) wrote on 2022-05-31T14:19:42.223743+00:00

The issue has been nominated for network-manager on jammy which put it on the desktop rls list but it's unclear for us why that is consider a rls issue in the LTS and what's the intended priority? Could you provide a bit more explanation of the impact and what do you expect to be changed?

[ubuntu-server-builder]

Launchpad user Dave Jones(waveform) wrote on 2022-05-31T16:55:55.452481+00:00

I'll take a shot at responding to @seb128's questions:

Why is this a rls issue in the LTS?

Prior to jammy, the crda database was in userland, and the crda package provided a means (via editing /etc/default/crda) to persist the wireless region across reboots. From jammy onwards, the regulatory database is now baked into the kernel, and the crda package is gone (from Debian upstream and from Ubuntu). There is now no mechanism to set the wifi regulatory region that will persist across reboots on either server or desktop (iw reg set is transitory).

It appears (see comments 16 thru 19 above) that under some circumstances, with some APs that wpa-supplicant does correctly determine the wifi region, and sets it automatically (though the user has no way of knowing this other than digging through wpa-supplicant's logs). However, I'm not convinced this is terribly reliable -- it's apparently never worked for me at home or at various friends houses, and only once worked when I travelled to Germany for a sprint.

There is currently (in jammy onwards) one hacky way of ensuring the region is set on each reboot (from comment 12 above): set "cfg80211.ieee80211_regdom" on the kernel command line. Obviously this isn't terribly user friendly!

That covers the deficiency, which is new to jammy, but why is setting the regulatory region particularly important? In the 2.4GHz band 1, there's a "world" region which covers the vast majority of the available bands (1 thru 11). So for older wifi hardware, defaulting to the "world" region doesn't result in much limitation (though it does mean European users can't use bands 12 or 13, and Japanese users don't get their wonderfully separate band 14).

However, the 5GHz band 2 is a considerably different story. For starters, there's a great deal more variation in which channels are available in which regions. Moreover, certain channels have specific limitations in certain regions. Some require radar detection or mitigation mechanisms to ensure that 5GHz capable wifi devices don't interfere with certain radar applications 3. Others require that certain channels are strictly for indoor use only. Leaving one's wifi device in the "world/unset" state for 5GHz typically results in a more limited experience than it does for 2.4GHz devices 4.

Then, of course, there's the legal aspect. I'm not qualified to comment on the relevant regulations around the globe but the section "Helping compliance by allowing to change regulatory domains" under 5 contains some interesting notes on the fact that wifi devices have both a "programmed" regulatory domain and a "selected" region (the latter is affected by crda) which can only enhance restrictions. That said, this is likely important from a legal perspective for those travelling with wifi capable equipment between countries with differing regulatory requirements.

What's the intended priority?

Given this relates to legal requirements in many jurisdictions (again, I'm not qualified to comment on these specifically, but I don't think there's any argument that legal restrictions are at least present), would suggest this should be a reasonably high priority. The counter-point would be: it would appear there's been never been a graphical interface for setting this and (I presume?) no jurisdiction has ever complained about this.

However, the fact that the 5GHz experience (which is becoming more and more common) is, in certain jurisdictions, significantly affected by lacking this setting (because without setting the regulatory region, users in such regions can't access a large number of channels) would also suggest a reasonably high priority to me.

What's the impact?

Hopefully covered in the prior sections.

What do we expect to be changed?

At a bare minimum some mechanism for persisting a selected wifi regulatory domain is required, both on server images (via netplan) and desktop images (via network manager). During boot, some mechanism should restore the wifi regulatory domain from this persistent location.

There's some nuance here over whether an AP's broadcast region (if any) should take precedence over the persistent setting, and when exactly the restoration of the setting should occur (i.e. particularly in the server case, whether wifi should only be enabled strictly after restoration of this setting). There's probably more questions around this setting I'm not thinking of too. Suggestions welcome!

Beyond the bare minimum, some "nice to have" suggestions:

1. It would probably be useful for the desktop user to have some mechanism to see what wifi regulatory domain is currently in force (other than trawling log files). Arguably server users already have this via "iw". Desktop users could also install and use "iw", but personally I'd also like to see this info under the wifi settings (almost everything else related to wifi doesn't require command line interaction, so I don't see why this should be any different).

2. During ubiquity's initial setup, when location is selected for timezone, could wifi regulatory region also be implicitly set from this selection? Or should this be an explicitly separate setting? (or an option on the location selection; "do you want to set your wifi region to this location too?"). Obviously this suggestion isn't relevant to the server case, but the equivalent there would be some mechanism for netplan to provide a setting for first boot.

3. The timezone can automatically update based on geolocation; should the wifi region follow this? I don't think this is relevant for the server case (it's a reasonable assumption that servers don't regularly move and, if they are moved, that the server admin could adjust the configuration manually, presumably via netplan), but it seems a natural extension to the desktop case (given automatic timezone changing is already baked in).

[ubuntu-server-builder]

Launchpad user Sebastien Bacher(seb128) wrote on 2022-05-31T18:32:25.983093+00:00

Thanks for the details Dave, there is also a feature request upstream for network manager on https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/960

[ubuntu-server-builder]

Launchpad user Sebastien Bacher(seb128) wrote on 2022-05-31T18:51:36.631305+00:00

extra questions, when you wrote

it's apparently never worked for me at home or at various friends houses, and only once worked when I travelled to Germany for a sprint.

is that having a visible impact for users? like was your computer not able to connect to some access point? if that's the consequence of the issue it is a bit surprising that we got no user report of the type of 'my laptop isn't able to connect to my AP anymore since the upgrade to the new LTS' no? or is the issue somehow specific to raspi devices?

[ubuntu-server-builder]

Launchpad user Sebastien Bacher(seb128) wrote on 2022-05-31T19:24:34.835518+00:00

upstream replied

'''
NetworkManager does currently nothing at all about this.

crda binaries were deprecated, but because there is an alternative mechanism (wireless-regdb?), isn't it?

It could be maybe added to NetworkManager, if somebody sends a patch. But it's not actually clear to me that this is really NetworkManager's task. Maybe it is, but what are the arguments for that?
'''

[ubuntu-server-builder]

Launchpad user Dave Jones(waveform) wrote on 2022-06-01T10:38:14.122225+00:00

it's apparently never worked for me at home or at various friends
houses, and only once worked when I travelled to Germany for a
sprint.

is that having a visible impact for users? like was your computer
not able to connect to some access point?

Personally, I've never encountered issues with WiFi on a Pi. However,
firstly it's worth noting the vast majority of pis around my house are
connected via ethernet and, secondly that my broadband connection
typically hovers around 60-80Mbps, so the 54Mbps max bandwidth of
802.11g is "fast enough" that anything more wouldn't be noticed
anyway.

Notably, this also means I don't use bonded 5GHz channels in my home
setup. The reason I mention this is that, over the last few years
there's been a slow (but steady) drum-beat of complaints about WiFi on
the Pi when using Ubuntu 13 (some of those are comments from
the same bug, but it seems to be one that people land on when googling
this for Ubuntu).

if that's the consequence of the issue it is a bit surprising that
we got no user report of the type of 'my laptop isn't able to
connect to my AP anymore since the upgrade to the new LTS' no? or is
the issue somehow specific to raspi devices?

The complaint usually isn't "I can't connect to my AP anymore". It's
usually "my WiFi connection is slow" (which is obviously a much harder
problem to debug and address) but this does appear to be a problem
specific to the Pi.

Mostly though, this comes up on IRC, and it's a safe bet that the
person involved has a 5GHz setup, sometimes with bonded channels.
Obviously bonded channel setups require more (typically adjacent)
channels and this makes them particularly susceptible to poor
performance when the region code hasn't been set (and the channels, or
channel mitigations are limited). With pure 5GHz APs (no 2.4GHz
channels at all) we've also had reports of no connectivity.

One other (anecdotal) observation is that despite RaspiOS having a
considerably larger installed base of Ubuntu on the Pi, WiFi issues
rarely crop up there. Notably, RaspiOS prompts for a wifi regulatory
region in its first time setup. There are several other differences,
but under the covers we're using the same firmware, and wpa-supplicant
is ultimately in charge of the WiFi connection on both OS'.

Given 5GHz setups are only likely to become more common in future
(802.11ac, which the Pi 3+ and 4 are compatible with, is notably 5GHz
only 5) my suspicion is this will only become more important in the
coming years.

[ubuntu-server-builder]

Launchpad user Dave Jones(waveform) wrote on 2022-06-01T11:31:16.102378+00:00

It could be maybe added to NetworkManager, if somebody sends a
patch. But it's not actually clear to me that this is really
NetworkManager's task. Maybe it is, but what are the arguments for
that?

I could be glib, and say "because the kernel says so 1". However, I
suspect that's not a great reason :)

A more complete argument would be: it appears that, where possible,
wifi region selection is handled automatically by interpreting
information from the AP's beacon. However, that appears to be sparsely
implemented (at best) and in the (extremely common) event that an AP
doesn't advertise its region, it's up to the user to manage this
themselves (where/when needed; as noted above, in 2.4GHz setups this
usually doesn't matter that much).

All the underlying pieces are in place for the user to do so. Nothing
is lacking in wpa-supplicant regarding this (iwd does lack a direct
option for the wifi region but it appears "use ieee80211_regdom or iw
to override the automatic selection" is the answer there), so it's
"simply" a matter of exposing this configuration via their preferred
UI.

Command line users already have the tools to do this (iw), although
they notably lack a persistence mechanism for now. But GUI users have
... nothing. No means of querying, adjusting, or persisting this
setting.

Why NetworkManager?

This setting could arguably go under "Language and Region". It is
quite literally a region setting after all. And I'm still of the
opinion that, at least initially, it should be set from the region
selection during first-time setup.

But consider the debugging scenario: I've travelled from the UK to
Germany and, in the place I'm working, I'm having trouble with wifi
connectivity or performance. What settings do I look at first? The
wifi settings, almost certainly. If I were to see that my wifi region
was "unset" or "UK" I'd likely adjust that to "DE" and see if that
fixes things.

To me at least, it does seem to make sense for this to go under the
wifi settings (which are presumably the purview of NetworkManager?).

[ubuntu-server-builder]

Launchpad user Sebastien Bacher(seb128) wrote on 2022-06-01T11:43:51.281720+00:00

@dave, do you want to maybe add your input directly to the upstream report?

[ubuntu-server-builder]

Launchpad user Dave Jones(waveform) wrote on 2022-06-01T12:03:16.289324+00:00

Sure -- I'll try not to drown them in verbiage :)

[ubuntu-server-builder]

Launchpad user Lukas Märdian(slyon) wrote on 2022-06-01T13:03:12.328815+00:00

Thank you for all the background information, Dave!

I've drafted a PR at upstream netplan, to allow setting the regulatory domain via wpa_supplicant.conf as well as setting it "globally" via 'iw reg set XX', using a systemd service unit. This way it should work for any backend (networkd/wpasupplicant/iwd/NetworkManager), but of course it would be nice if upstream NM would provide an option that we could set from within netplan.

canonical/netplan#281

[ubuntu-server-builder]

Launchpad user Launchpad Janitor(janitor) wrote on 2022-08-18T23:54:14.180520+00:00

This bug was fixed in the package netplan.io - 0.105-0ubuntu1

---

netplan.io (0.105-0ubuntu1) kinetic; urgency=medium

• New upstream release: 0.105
  • Add support for VXLAN tunnels (net: introduce is_ip_address function #288), LP: #1764716
  • Add support for VRF devices (sources/tests/test_init: drop use of deprecated inspect.getargspec #285), LP: #1773522
  • Add support for InfiniBand (IPoIB) (CiTestCase: stop using and remove sys_exit helper #283), LP: #1848471
  • Allow key configuration for GRE tunnels (tools: use python3 #274), LP: #1966476
  • Allow setting the regulatory domain (lp-to-git-users: adding killermoehre #281), LP: #1951586
  • Documentation improvements & restructuring (.travis.yml: allow 30 minutes of inactivity in cloud tests #287)
  • Add meson build system (set_passwords: avoid chpasswd on BSD #268)
  • Add abigail ABI compatibility checker (bsd: boottime does not depend on the libc soname #269)
  • Update of Fedora RPM spec (Delete cla.yml #264)
  • CI improvements (Delete HACKING.rst #265, setup.py: drop NIH check_output implementation #282)
  • Netplan set uses the consolidated libnetplan YAML parser (releases.yaml: quote the Ubuntu version numbers #254)
  • Refactor ConfigManager to use the libnetplan YAML parser (.travis.yml: drop stale comment #255)
  • New netplan_netdef_get_filepath API (util: read_cc_from_cmdline handle urlencoded yaml content #275)
  • Improve NetworkManager device management logic (HACKING.rst: add links to new Code Review Process doc #276), LP: #1951653
    Bug fixes:
  • Fix apply netdev rename/create race condition (Ubuntu/devel #260), LP: #1962095
  • Fix try timeout (cc_apt_configure/util: combine search_for_mirror implementations #271), LP: #1967084
  • Fix infinite timeouts in ovs-vsctl (test_oracle,DataSourceOracle: sort imports #266), Closes: #1000137
  • Fix offload options using tristate setting (cc_disk_setup: fix RuntimeError #270), LP: #1956264
  • Fix rendering of NetworkManager passthrough WPA (Add lp-to-git mapping for kgarloff #279), LP: #1972800
  • Fix CLI crash on LibNetplanException (CiTestCase: remove now-unneeded parse_and_read helper method #286)
  • Fix NetworkManager internal DHCP client lease lookup (Ubuntu/xenial #284), LP: #1979674
• Update symbols file for 0.105
• d/patches/: Drop patches, applied upstream
• d/p/autopkgtest-fixes.patch: Refresh
• d/control: bump Standards-Version, no changes needed
• d/control, d/tests/control: suggest/add iw for setting a regulatory domain
• d/control: merge with Debian, dropping deprecated versioned depends
• d/control: Update Vcs-* tags for Ubuntu
• d/watch: sync with Debian
• d/u/metadata: sync with Debian
• d/tests: partially merge with Debian

-- Lukas Märdian slyon@ubuntu.com Thu, 18 Aug 2022 14:53:33 +0200

[ubuntu-server-builder]

Launchpad user John Neffenger(jgneff) wrote on 2023-04-13T15:54:57.689276+00:00

is that having a visible impact for users? like was your computer not able to connect to some access point?

Yes. I just hit this problem on my new Raspberry Pi 400 with Ubuntu.

The Raspberry Pi OS dated February 21, 2023, based on Debian 11 (bullseye), sets my Wi-Fi region code to Canada during installation, and everything works fine.

I then tried the Ubuntu 22.10 (Kinetic Kudu) 64-bit desktop image and could no longer find my 5-GHz Wi-Fi access point. It turns out that my 5-GHz Wi-Fi is on channel 149, which is available in Canada but not available when the country code is unset. Channel 149 is not permitted in Japan, Turkey, and South Africa. 1

Adding "cfg80211.ieee80211_regdom=CA" to the end of the following file solved the problem:

$ cat /boot/firmware/cmdline.txt
zswap.enabled=1 zswap.zpool=z3fold zswap.compressor=zstd dwc_otg.lpm_enable=0 console=tty1 root=LABEL=writable rootfstype=ext4 rootwait fixrtc quiet splash cfg80211.ieee80211_regdom=CA

It took me forever to find this bug report! The notes here are very helpful. I agree that it would be great to have the country code set automatically when the region is set at installation, and then again in the settings of the Wi-Fi configuration panels. That's certainly the first place I checked while trying to fix it.

[ubuntu-server-builder]

Launchpad user Dave Jones(waveform) wrote on 2023-04-13T18:29:58.080477+00:00

Given there doesn't seem much interest in fixing this from the network manager angle (and there's even a question as to whether that's the right place to fix this), I'm going to take a leaf out of the RaspiOS book, and see if I can persuade someone that the installer is the right place to fix this (or more specifically, the new installer, subiquity).

That's not going to do anything for lunar which won't be using subiquity on the raspi images, so I'll hold off on adding the project to the "affected" list until lunar's out, but it should be something I can try and push for in the m-animal cycle.

@jgneff many thanks for the additional report -- it's extremely useful to have stuff like this I can point to and say "look! It's actually a problem!"

[ubuntu-server-builder]

Launchpad user Jerry Vonau(jvonau) wrote on 2023-04-13T20:51:24.927299+00:00

Looking in the root directory of the first partition of the 23.04 beta image contains 'network-config' think this is a user setting file, forgot to set this while testing but I was using wired, as the file contains:

This file contains a netplan-compatible configuration which cloud-init will

apply on first-boot (note: it will not update the config after the first

boot). Please refer to the cloud-init documentation and the netplan reference

for full details:

https://netplan.io/reference

https://cloudinit.readthedocs.io/en/latest/topics/network-config.html

https://cloudinit.readthedocs.io/en/latest/topics/network-config-format-v2.html

Please note that the YAML format employed by this file is sensitive to

differences in whitespace; if you are editing this file in an editor (like

Notepad) which uses literal tabs, take care to only use spaces for

indentation. See the following link for more details:

https://en.wikipedia.org/wiki/YAML

Some additional examples are commented out below

network:
version: 2

ethernets:
eth0:
dhcp4: true
optional: true

wifis:

wlan0:

dhcp4: true

optional: true

access-points:

myhomewifi:

password: "S3kr1t"

myworkwifi:

password: "correct battery horse staple"

workssid:

auth:

key-management: eap

method: peap

identity: "me@example.com"

password: "passw0rd"

ca-certificate: /etc/my_ca.pem

regulatory-domain: GB

I'll use wifi for the next install and see how that goes.

[ubuntu-server-builder]

Launchpad user Dave Jones(waveform) wrote on 2023-04-13T21:48:33.751556+00:00

netplan added support for configuring the regulatory domain in kinetic and it works pretty nicely (it's one of the things I test before release). However, that's relying on cloud-init to inject the netplan configuration and that's only on the server images -- it's not a solution for the preinstalled desktop images.

Having said that ... it might be if cloud-init gets included in the preinstalled desktop images, but that's not happening in lunar as it caused other issues. Still, even if it did that's still a rather command-line / text-configuration-file interface that's nowhere near as "good" as having it integrated into the first time GUI setup (as RaspiOS does).

[ubuntu-server-builder]

Launchpad user Ubuntu QA Website(ubuntuqa) wrote on 2023-04-17T14:00:19.147376+00:00

This bug has been reported on the Ubuntu ISO testing tracker.

A list of all reports related to this bug can be found here:
https://iso.qa.ubuntu.com/qatracker/reports/bugs/1951586

[ubuntu-server-builder]

Launchpad user John Neffenger(jgneff) wrote on 2023-04-18T14:07:44.005555+00:00

I tried the preinstalled desktop image of Ubuntu 23.04 (Lunar Lobster) Beta last night. It has the same problem, as expected, but it was a bit tricky to fix it directly on the disk image.

There are two files called 'cmdline.txt', one in each of the disk's two partitions:

1. system-boot/cmdline.txt <-- Modify this one.
2. writable/boot/firmware/cmdline.txt <-- NOT this one.

The file is found as '/boot/firmware/cmdline.txt' when running, so I added the command-line argument to the second file. That's the wrong one, though. The partition labeled 'system-boot' is mounted as '/boot/firmware', hiding the directory with the same name on the second partition with the label 'writeable':

$ mount | grep boot
/dev/mmcblk0p1 on /boot/firmware type vfat (rw,relatime,fmask=0022,dmask=0022,
codepage=437,iocharset=ascii,shortname=mixed,errors=remount-ro)

The correct file to modify on the disk image is the first one, directly in the 'system-boot' partition.

By the way, you might wonder why I don't just change the access point's channels, but those high-end 5-GHz channels are the only ones that work well here. The 2.4-GHz channels are saturated by more than 150 access points nearby, and the same with the low-end 5-GHz channels. The high-end channels in Canada from 149 to 161 are far less occupied, fully available (not just for "indoors"), and don't have any Dynamic Frequency Selection (DFS) or Transmit Power Control (TPC) restrictions.

John

[ubuntu-server-builder]

Launchpad user Jerry Vonau(jvonau) wrote on 2023-04-18T17:11:40.477893+00:00

Circled back with the latest server image using rpi-imager to set the wifi credentials, wifi country does not get populated in network-config but adding that line in works fine.
https://bugs.launchpad.net/ubuntu/+source/rpi-imager/+bug/2016911

[ubuntu-server-builder]

Launchpad user Floris(bos) wrote on 2023-04-18T22:12:39.312991+00:00

Circled back with the latest server image using rpi-imager to set the wifi credentials, wifi country does not get populated

Imager does not fill in the 'regulatory-domain' field in network-config because the last time we tried that the existing Ubuntu editions in the Imager repository did not support the field yet, and reacted badly to it. As in error'ing out instead of just ignoring.

[ubuntu-server-builder]

Launchpad user Jerry Vonau(jvonau) wrote on 2023-04-21T13:53:48.094108+00:00

Imager does not fill in the 'regulatory-domain' field in network-config because the last time we tried that the existing Ubuntu editions in the Imager repository did not support the field yet, and reacted badly to it. As in error'ing out instead of just ignoring.

Might want to reconsider that position given the latest release of 22.04 posted on 2023-02-17
http://cdimage.ubuntu.com/ubuntu/releases/22.04/release/ubuntu-22.04.2-preinstalled-server-arm64+raspi.manifest contains netplan.io 0.105-0ubuntu2~22.04.1 which is offered by Imager as an install option.

[ubuntu-server-builder]

Launchpad user Floris(bos) wrote on 2023-04-21T14:21:07.668017+00:00

Might want to reconsider that position given the latest release of 22.04 posted on 2023-02-17
http://cdimage.ubuntu.com/ubuntu/releases/22.04/release/ubuntu-22.04.2-preinstalled-server-
arm64+raspi.manifest contains netplan.io 0.105-0ubuntu2~22.04.1 which is offered by Imager as an
install option.

Problem is you also still list Ubuntu 20.04 in your Imager repository file at: https://changelogs.ubuntu.com/raspi/os_list_imagingutility_ubuntu.json

Suggest you either toss any release that does not support 'regulatory-domain' from the repository first, or backport your fix to that as well.

[ubuntu-server-builder]

Launchpad user Jerry Vonau(jvonau) wrote on 2023-04-21T22:39:43.935479+00:00

Shoot, guess the wait will be for 20.04 to be updated.