Confidential Information® 2007 Xirrus, Inc. All Rights Reserved Xirrus Training - Wi-Fi Basics Hans Van Damme Senior Wifi Application Engineer Hans Van

Confidential Information ® 2007 Xirrus, Inc. All Rights Reserved

Xirrus TrainingXirrus Training- Wi-Fi Basics- Wi-Fi Basics

Hans Van DammeSenior Wifi Application EngineerHans Van DammeSenior Wifi Application Engineer

Confidential Information

® 2007 Xirrus, Inc. All Rights Reserved

Part A: Wi-Fi Basics#1: RF Basics

#2: Wi-Fi Standards #3: Wi-Fi Security#4: Wi-Fi Futures





3

#1: RF Propagation – Transmission#1: RF Propagation – TransmissionTransmission Basics

Radio Waves Travel at speed of lightRadios tune to specific frequency Data is modulated and encoded

Basic Radio Card ComponentsAntennaAmplifiers (Transmit and Receive)Radio Baseband (converts analog waves to digital “bits” )

Transmission BasicsRadio Waves

Travel at speed of lightRadios tune to specific frequency Data is modulated and encoded

Basic Radio Card ComponentsAntennaAmplifiers (Transmit and Receive)Radio Baseband (converts analog waves to digital “bits” )



4

#1: RF Propagation – Range#1: RF Propagation – RangeTransmission Basics

RangeOperating distance between two radios that wish to communicate

Access Point to StationStation to Station

Coverage Total area wherein radios can maintain connection to Access Point

Transmission BasicsRange

Operating distance between two radios that wish to communicateAccess Point to StationStation to Station

Coverage Total area wherein radios can maintain connection to Access Point



5

#1: RF Propagation – Inhibitors#1: RF Propagation – InhibitorsRange Inhibitors

Multi-pathInterference Attenuation

Range Inhibitors Multi-pathInterference Attenuation



6

#1: RF Propagation – Enhancers#1: RF Propagation – EnhancersRange Enhancers

Additional transmit powerBetter antenna gain Better receiver sensitivity

Range EnhancersAdditional transmit powerBetter antenna gain Better receiver sensitivity



7

#2: The RF Link – Range Dynamics#2: The RF Link – Range DynamicsFundamentals

RF Power is measured in dBm0dBm = 1 milliwatt of power+10dB = 10 times the power20dBm = 100milliwatts of power (FCC limit)-3dBm = ½ of a milliwatt of power

Signal Power Dissipation Inverse of the square of the distance

Signal Strength Expected power at receiverRSSI = Receive Signal Strength Indicator (dBm)

Path LossExpected Signal Loss between Two Receivers

Link BudgetTX Power + TX Antenna Gain – Path Loss + RX Antenna Gain = Expected Useable Signal at Receiver

FundamentalsRF Power is measured in dBm

0dBm = 1 milliwatt of power+10dB = 10 times the power20dBm = 100milliwatts of power (FCC limit)-3dBm = ½ of a milliwatt of power

Signal Power Dissipation Inverse of the square of the distance

Signal Strength Expected power at receiverRSSI = Receive Signal Strength Indicator (dBm)

Path LossExpected Signal Loss between Two Receivers

Link BudgetTX Power + TX Antenna Gain – Path Loss + RX Antenna Gain = Expected Useable Signal at Receiver



8

#2: The RF Link – SNR#2: The RF Link – SNRSignal to Noise Ratio (SNR)

Indicates how much useable signal is availableHigher data rates require higher SNR values

Signal to Noise Ratio (SNR)Indicates how much useable signal is availableHigher data rates require higher SNR values



9

#2: The RF Link – Capacity#2: The RF Link – CapacityRange versus Capacity

The greater the coverage area……the more wireless stations can be covered…the less bandwidth available to each user…the lower data rates will be at the edge…the more likely the chances of “hidden nodes”

Range versus CapacityThe greater the coverage area…

…the more wireless stations can be covered…the less bandwidth available to each user…the lower data rates will be at the edge…the more likely the chances of “hidden nodes”



10

#1 and #2: RF – Best Practices#1 and #2: RF – Best PracticesRecommendations

Gain is good: use high gain antenna systems Receiver sensitivity is important

Use better radio chipsets if possible

Design coverage for signal strengths of at least -70dBm or betterSNR of at least 20dB is desired = 36Mbps or better data ratesUse multiple radios to provide capacity for larger spaces

RecommendationsGain is good: use high gain antenna systems Receiver sensitivity is important

Use better radio chipsets if possible

Design coverage for signal strengths of at least -70dBm or betterSNR of at least 20dB is desired = 36Mbps or better data ratesUse multiple radios to provide capacity for larger spaces

Array Controller+ Wireless Switch

Radio Modules

High GainSectoredAntennas









12

#3: 802.11a/b/g – Overview#3: 802.11a/b/g – Overview

802.11bRatified in 1999Operates in 2.4GHz spectrumData Rates: 1, 2, 5.5, 11Mbps

802.11aRatified in 1999Operates in 5GHz spectrumData Rates: 6, 9, 12, 18, 24, 36, 48, 54Mbps

802.11gRatified in 2003Operates in 2.4GHz spectrumData Rates: 1, 2, 5.5, 11, 6, 9, 12, 18, 24, 36, 48, 54MbpsBackward compatible with 802.11b

802.11bRatified in 1999Operates in 2.4GHz spectrumData Rates: 1, 2, 5.5, 11Mbps

802.11aRatified in 1999Operates in 5GHz spectrumData Rates: 6, 9, 12, 18, 24, 36, 48, 54Mbps

802.11gRatified in 2003Operates in 2.4GHz spectrumData Rates: 1, 2, 5.5, 11, 6, 9, 12, 18, 24, 36, 48, 54MbpsBackward compatible with 802.11b



13

#3: 802.11a/b/g – Client / AP Interaction#3: 802.11a/b/g – Client / AP InteractionContention Management

Clients join the network by an authentication/association process. All wireless devices must follow specific rules for transmitting to avoid and mitigate collisions on the medium (‘the air’).

Contention ManagementClients join the network by an authentication/association process. All wireless devices must

follow specific rules for transmitting to avoid and mitigate collisions on the medium (‘the air’).



14

#3: 802.11a/b/g – Best Practices#3: 802.11a/b/g – Best Practices

Recommendations802.11b-only is nearly unavailable802.11b/g is end of life Buy 802.11a/b/g adapters at a minimumBetter yet, buy 802.11a/b/g/n adapters

Recommendations802.11b-only is nearly unavailable802.11b/g is end of life Buy 802.11a/b/g adapters at a minimumBetter yet, buy 802.11a/b/g/n adapters



15

#4: 802.11 Channels – Capacity / Allocation#4: 802.11 Channels – Capacity / AllocationNon-overlapping Channels

802.11a = 23

802.11b/g = 3

Total Capacity802.11a = 1.24Gbps

802.11g = 162Mbps

802.11g (w / 11b) = 42Mbps

802.11b = 33Mbps

Non-overlapping Channels802.11a = 23

802.11b/g = 3

Total Capacity802.11a = 1.24Gbps

802.11g = 162Mbps

802.11g (w / 11b) = 42Mbps

802.11b = 33Mbps

802.11a

802.11g

802.11b



16

#4: 802.11 Channels – Cell Planning #4: 802.11 Channels – Cell Planning 802.11b/g Channels Available = 3

Distance to cell with same channel is less than a single cellSensitive to co-channel interference (from other

cells on the same channel)If energy is weak, seen as interferenceIf energy is strong, stations will deferBleed-over retards higher data ratesGreatly reduces overall network capacity

802.11a Channels Available = 23High Performance: 8 times the capacityFar less interference from cells on same channelMore channels to avoid interference

802.11b/g Channels Available = 3Distance to cell with same channel is less than a

single cellSensitive to co-channel interference (from other

cells on the same channel)If energy is weak, seen as interferenceIf energy is strong, stations will deferBleed-over retards higher data ratesGreatly reduces overall network capacity

802.11a Channels Available = 23High Performance: 8 times the capacityFar less interference from cells on same channelMore channels to avoid interference



17

#4: 802.11 Channels – Interference Issues #4: 802.11 Channels – Interference Issues 802.11b/g uses the 2.4 GHz ISM band

Common devices cause interferenceBluetooth devicesCordless phonesMicrowave ovensX10 wireless video camerasHAM radio operators

Interference collides with the intended signalTransmissions are garbled and data packets are retransmittedReduced end-user throughput and increased latency of data traversing the RF network

802.11a uses the 5GHz UNII bandRelatively interference free

802.11b/g uses the 2.4 GHz ISM bandCommon devices cause interference

Bluetooth devicesCordless phonesMicrowave ovensX10 wireless video camerasHAM radio operators

Interference collides with the intended signalTransmissions are garbled and data packets are retransmittedReduced end-user throughput and increased latency of data traversing the RF network

802.11a uses the 5GHz UNII bandRelatively interference free



18

#4: Channels – Best Practices#4: Channels – Best PracticesRecommendations

Graduate to the 5GHz spectrum (802.11a now, 802.11n next) to achieve:8X increased capacitySignificantly reduced interferenceSimplified channel planning

Use multiple radios on different channels in a given cell to increase capacityLimit the number of users per radio to about 12-15Lower this limit if using voice to about 8-10

RecommendationsGraduate to the 5GHz spectrum (802.11a now, 802.11n next) to achieve:

8X increased capacitySignificantly reduced interferenceSimplified channel planning

Use multiple radios on different channels in a given cell to increase capacityLimit the number of users per radio to about 12-15Lower this limit if using voice to about 8-10



19

#5: 802.11 Networking – Client Connection #5: 802.11 Networking – Client Connection Client Association

Clients join the Wi-Fi infrastructure through an authentication/association processProbe Requests/Responses sent periodically by stations to update information about wireless

environment

Client AssociationClients join the Wi-Fi infrastructure through an authentication/association processProbe Requests/Responses sent periodically by stations to update information about wireless

environment



20

#5: 802.11 Networking – SSIDs#5: 802.11 Networking – SSIDsSSIDs

Clients associate to an SSID (Service Set Identifier) – a label that uniquely defines a virtual Wi-Fi network, similar to a VLAN on a wired network. SSIDs can operate across:

Multiple APsMultiple channelsMultiple radios

SSIDsClients associate to an SSID (Service Set Identifier) – a label that uniquely defines a virtual Wi-Fi

network, similar to a VLAN on a wired network. SSIDs can operate across:

Multiple APsMultiple channelsMultiple radios



21

#5: 802.11 Networking – Roaming#5: 802.11 Networking – RoamingScanning

Wi-Fi client radios continually scan the air to detect available networks (SSIDs) within range, maintaining information about each

RoamingAfter a Wi-Fi client associates with a radio/SSID, it remains connected to that radio unless it determines there is another one with a better signal strengthIf the signal strength is above a certain threshold, the client will switch (roam) to that new radio

ScanningWi-Fi client radios continually scan the air to detect available networks (SSIDs) within range, maintaining information about each

RoamingAfter a Wi-Fi client associates with a radio/SSID, it remains connected to that radio unless it determines there is another one with a better signal strengthIf the signal strength is above a certain threshold, the client will switch (roam) to that new radio



22

#5: 802.11 Networking – Best Practices#5: 802.11 Networking – Best PracticesRecommendations

Use separate SSIDs to partition different groups of users, each with their corresponding security level, QoS level, access restrictions, etc.Tie each SSID to its own VLAN in the wired networkKeep the number of different SSIDs to a minimum – usually 2-3Do not use disabled SSID broadcasting as security – anyone with a wireless sniffer can detect the SSIDDo not use default SSIDs – change them to something not associated with your organization’s nameAdjust station driver settings to control roaming behavior

RecommendationsUse separate SSIDs to partition different groups of users, each with their corresponding security level, QoS level, access restrictions, etc.Tie each SSID to its own VLAN in the wired networkKeep the number of different SSIDs to a minimum – usually 2-3Do not use disabled SSID broadcasting as security – anyone with a wireless sniffer can detect the SSIDDo not use default SSIDs – change them to something not associated with your organization’s nameAdjust station driver settings to control roaming behavior



Xirrus Array TrainingXirrus Array Training

30 Minute Break 30 Minute Break









25

#6: Authentication – Standards#6: Authentication – StandardsIEEE 802.11i defines the security provisions for Wi-Fi, including:

AuthenticationEncryption and Key Management

Commercial implementations of 802.11i are most commonly referred to by the Wi-Fi Alliance’s terminology, which they certify:

WPA and WPA2 = Wi-Fi Protected Access (2)



26

#6: Authentication – 802.11i Security#6: Authentication – 802.11i Security802.11i

Ratified in 2004Provides much stronger security than the original 802.11 standard (WEP)Uses IEEE 802.1X authentication (Pre-shared Key (PSK) version for SOHO use only)

Four primary phases:

802.11iRatified in 2004Provides much stronger security than the original 802.11 standard (WEP)Uses IEEE 802.1X authentication (Pre-shared Key (PSK) version for SOHO use only)

Four primary phases:



27 27

#6: Authentication – Fundamentals#6: Authentication – FundamentalsWhat is Authentication?

Validates the identity of a user or device (you are who you say you are)

Executes mutually between the client and AP / infrastructure

802.11i authentication based on the 802.1x standard

Benefits Encryption key management

Password expiration and change (Microsoft)

Prevents Man in the Middle attacks and connecting to rogue APs

Provides Accounting and Audit information of every connection

Allows extended control of end usersTime of Day Access

Guest Access

What is Authentication?Validates the identity of a user or device (you are who you say you are)

Executes mutually between the client and AP / infrastructure

802.11i authentication based on the 802.1x standard

Benefits Encryption key management

Password expiration and change (Microsoft)

Prevents Man in the Middle attacks and connecting to rogue APs

Provides Accounting and Audit information of every connection

Allows extended control of end usersTime of Day Access

Guest Access



28 28

#6: Authentication – Infrastructure#6: Authentication – InfrastructureTypical Infrastructure

Authentication server can interface with Directory Services Central use of policies and permissionsAuthenticator can enforce policies at the edge (i.e. what VLAN a user should use)

Typical InfrastructureAuthentication server can interface with Directory Services Central use of policies and permissionsAuthenticator can enforce policies at the edge (i.e. what VLAN a user should use)

Authenticator

EthernetSwitch

Active Directory LDAP Server

AuthenticationServer

AuthenticatorAuthenticator

Supplicant



29 29

#6: Authentication – Wi-Fi Authentication#6: Authentication – Wi-Fi AuthenticationWi-Fi Authentication Framework

In a wired environment, user has to gain physical access to a port

In a wireless environment, it is much easier to gain access to the medium

802.11i makes use of 802.1x

Adapts EAP (used for port-level control of a wired network) to wireless

Authenticator (Access Point) provides multiple virtual ports, one per user

Key Exchange

Faster Roaming

Wi-Fi Authentication FrameworkIn a wired environment, user has to gain

physical access to a port

In a wireless environment, it is much easier to gain access to the medium

802.11i makes use of 802.1x

Adapts EAP (used for port-level control of a wired network) to wireless

Authenticator (Access Point) provides multiple virtual ports, one per user

Key Exchange

Faster Roaming



30 30

#6: Authentication – Wi-Fi Authentication#6: Authentication – Wi-Fi AuthenticationExtensible Authentication Protocol (EAP) TypesExtensible Authentication Protocol (EAP) Types



31

#6: Authentication – Best Practices#6: Authentication – Best PracticesRecommendations

Don’t compromise – for enterprise-grade security, use 802.11i / WPA2 and RADIUS for strongest security

RADIUS is FREE with Windows 2000, 2003 Server (Microsoft IAS)See Xirrus website for installation guidance: http://www.xirrus.com/library/wifitools.html

RADIUS can interface with Active Directory or other directory servicesFree RADIUS also can be used

Use PEAP with MSCHAPv2 for easiest administration (no client certificates required)Use authentication to enforce other access policiesEnsure replication and availability of Authentication Server

Scale for peak loadingRemote location considerations

RecommendationsDon’t compromise – for enterprise-grade security, use 802.11i / WPA2 and RADIUS for strongest security

RADIUS is FREE with Windows 2000, 2003 Server (Microsoft IAS)See Xirrus website for installation guidance: http://www.xirrus.com/library/wifitools.html

RADIUS can interface with Active Directory or other directory servicesFree RADIUS also can be used

Use PEAP with MSCHAPv2 for easiest administration (no client certificates required)Use authentication to enforce other access policiesEnsure replication and availability of Authentication Server

Scale for peak loadingRemote location considerations



32

#7: Encryption – Encryption Basics#7: Encryption – Encryption Basics

What is Encryption?Wi-Fi data is easily captured and viewed if passed in the clear

Username/passwords, email headers, and message contents are all vulnerable

Encryption changes data to make it unintelligible to an unauthorized userEncryption mathematically alters the original data using a key to

encrypt/decrypt the data

The Key Is the KeyThe key is a unique value only known by sender/receiver and

used by the encryption algorithm to change the original informationThe longer the key, the harder to break

A 40 bit key has 240 combinations = 1.1 x 1012 = 1.1 trillionA 128 bit key has 2128 combinations = 3.4 x 1038 = 340 undecillion

What is Encryption?Wi-Fi data is easily captured and viewed if passed in the clear

Username/passwords, email headers, and message contents are all vulnerable

Encryption changes data to make it unintelligible to an unauthorized userEncryption mathematically alters the original data using a key to

encrypt/decrypt the data

The Key Is the KeyThe key is a unique value only known by sender/receiver and

used by the encryption algorithm to change the original informationThe longer the key, the harder to break

A 40 bit key has 240 combinations = 1.1 x 1012 = 1.1 trillionA 128 bit key has 2128 combinations = 3.4 x 1038 = 340 undecillion



33

#7: Encryption – Protocols#7: Encryption – ProtocolsAES/CCMP encryption (AES is the encryption standard adopted by the US government) provides the best data confidentiality for Wi-FiTKIP encryption provides a decent alternative for older, non-AES capable hardwareWEP encryption is dead – easily cracked with readily available software in just minutes



34

#7: Encryption – Key Management#7: Encryption – Key ManagementKey Management

Master Key is the starting point, and is originated:Dynamically via RADIUSStatically from Pre-Shared Key (PSK)

Transient (temporal) keys are derived from the master and used to encrypt the dataChanged per packet to provide best security

Key ManagementMaster Key is the starting point, and is originated:

Dynamically via RADIUSStatically from Pre-Shared Key (PSK)

Transient (temporal) keys are derived from the master and used to encrypt the dataChanged per packet to provide best security



35

#7: Encryption – Best Practices#7: Encryption – Best PracticesRecommendations

Use WPA2 Enterprise (AES/CCMP encryption) for best security

Use WPA/WPA2 Personal only in SOHO environmentsUse random, hard-to-guess passphrases of 20+ ASCII charactersUpdate passphrases periodically and if employee leaves, laptops lost, etc.

Don’t use WEP if at all possible – it is only barely better than nothingUse only for legacy and embedded devices if no other optionRefresh keys periodically and use filtering/firewalling to limit access

Use Open for guest or public access networks WPA/2 not practical since one must configure the supplicant (client)Internally, segregate guest traffic, routing/VLAN it away from corporate assetsExternally, require road warriors connecting to corporate assets to use a VPN

Use separate SSIDs mapped to VLANs for different security types to logically separate usersUse 802.1Q/p VLAN segregation and prioritization as wireless traffic enters the wired network

RecommendationsUse WPA2 Enterprise (AES/CCMP encryption) for best security

Use WPA/WPA2 Personal only in SOHO environmentsUse random, hard-to-guess passphrases of 20+ ASCII charactersUpdate passphrases periodically and if employee leaves, laptops lost, etc.

Don’t use WEP if at all possible – it is only barely better than nothingUse only for legacy and embedded devices if no other optionRefresh keys periodically and use filtering/firewalling to limit access

Use Open for guest or public access networks WPA/2 not practical since one must configure the supplicant (client)Internally, segregate guest traffic, routing/VLAN it away from corporate assetsExternally, require road warriors connecting to corporate assets to use a VPN

Use separate SSIDs mapped to VLANs for different security types to logically separate usersUse 802.1Q/p VLAN segregation and prioritization as wireless traffic enters the wired network



36

Hands-On #3: Associate with SecurityHands-On #3: Associate with SecurityAssociate to the Xirrus Array with PSK

Double click the wireless icon in your system traySelect the “xirrus-wpa-psk” network from the listSelect “Connect”Enter passphrase (PSK) = xirrusarray

Associate to the Xirrus Array with PSKDouble click the wireless icon in your system traySelect the “xirrus-wpa-psk” network from the listSelect “Connect”Enter passphrase (PSK) = xirrusarray



37

#8: Wi-Fi Threats – Types#8: Wi-Fi Threats – TypesThreats to a corporate Wi-Fi network can come from many places:

1. Unauthorized APs – rogues, evil twins2. Unauthorized connections – ad hocs, neighbor APs3. Unauthorized clients – intruders, guests4. Misconfigured APs – no security, defaults5. Eavesdropping6. Forgery and replay

Threats to a corporate Wi-Fi network can come from many places:1. Unauthorized APs – rogues, evil twins2. Unauthorized connections – ad hocs, neighbor APs3. Unauthorized clients – intruders, guests4. Misconfigured APs – no security, defaults5. Eavesdropping6. Forgery and replay



38

#8: Wi-Fi Threats – Mitigation Techniques#8: Wi-Fi Threats – Mitigation Techniques

Tarpits use sensor radios to pull clients away from unauthorized/rogue APsTarpits use sensor radios to pull clients away from unauthorized/rogue APs

Sensor radios scan airwaves; signal strength data used to locate attackers



39

#8: Wi-Fi Threats – Best Practices#8: Wi-Fi Threats – Best PracticesNetwork Infrastructure

Proactively audit AP configurations for changesUse VLANs to segregate Wi-Fi traffic on the wired networkUse firewall filters, ACLs to restrict traffic to the wired networkUse routing to limit reachable IP addresses, ports, etc.

Wireless StationsUse VPNs for offsite accessEnsure use of personal firewalls, anti-virus softwareCentrally-administer Wi-Fi settings

Intrusion Detection/Intrusion Prevention Systems (IDS/IPS)Dedicate threat sensor radios to continuously monitor the air and feed an IDS/IPS systemAutomatically block unauthorized wireless activity

Network InfrastructureProactively audit AP configurations for changesUse VLANs to segregate Wi-Fi traffic on the wired networkUse firewall filters, ACLs to restrict traffic to the wired networkUse routing to limit reachable IP addresses, ports, etc.

Wireless StationsUse VPNs for offsite accessEnsure use of personal firewalls, anti-virus softwareCentrally-administer Wi-Fi settings

Intrusion Detection/Intrusion Prevention Systems (IDS/IPS)Dedicate threat sensor radios to continuously monitor the air and feed an IDS/IPS systemAutomatically block unauthorized wireless activity









41

#9: 802.11n – Standards#9: 802.11n – StandardsWi-Fi Industry Still Young and Growing

IEEE Task Groups are still in full swing 802.11n (High Throughput) 802.11v (Wireless Network Management) 802.11w (Protected Management Frames)802.11s (MESH Networking)VHT (Very High Throughput Study Group)

Wi-Fi Industry Still Young and GrowingIEEE Task Groups are still in full swing

802.11n (High Throughput) 802.11v (Wireless Network Management) 802.11w (Protected Management Frames)802.11s (MESH Networking)VHT (Very High Throughput Study Group)



42

#9: 802.11n – Data Rates#9: 802.11n – Data RatesRange and Data Rates

Longer Range or Higher Data RatesWi-Fi Certified data rates 300Mpbs Most compatible with 802.11aBackwards compatible with 802.11bg Future rates up to 600Mbps specified YOUR MILEAGE WILL VARY!

Range and Data RatesLonger Range or Higher Data RatesWi-Fi Certified data rates 300Mpbs Most compatible with 802.11aBackwards compatible with 802.11bg Future rates up to 600Mbps specified YOUR MILEAGE WILL VARY!



43

#9: 802.11n – Capacity#9: 802.11n – Capacity

802.11n Capacity26 channels * 150Mbps = 3.9 Gbps

(23) 5GHz channels + (3) 2.4GHz channels

802.11a Capacity23 channels * 54Mbps = 1.2 Gbps

802.11g Capacity3 channels * 54Mbps = 162 Mbps

802.11b Capacity3 channels * 11Mbps = 33 Mbps

802.11n Capacity26 channels * 150Mbps = 3.9 Gbps

(23) 5GHz channels + (3) 2.4GHz channels

802.11a Capacity23 channels * 54Mbps = 1.2 Gbps

802.11g Capacity3 channels * 54Mbps = 162 Mbps

802.11b Capacity3 channels * 11Mbps = 33 Mbps

150



#9: 802.11n – Physical Layer (Radio)#9: 802.11n – Physical Layer (Radio)

Classic 802.11 Transmitter Data Stream sent out of one antennaBest antenna on receiver selected

Classic 802.11 Transmitter Data Stream sent out of one antennaBest antenna on receiver selected



#9: 802.11n – 802.11n and MIMO#9: 802.11n – 802.11n and MIMO802.11n and MIMO and Signal Processing

Multiple antennasGreatly Improves receiver sensitivity (ability to hear)

802.11n and MIMO and Signal ProcessingMultiple antennasGreatly Improves receiver sensitivity (ability to hear)



46

#9: 802.11n – Obtaining Higher Data Rates#9: 802.11n – Obtaining Higher Data Rates

Spatial MultiplexingSource data stream split and sent over

separate antennas at the same timeRecombined at receiver using MIMO

signal processingDoubles, triples, or quadruples the

data rate depending on the number of transmit antennas used

Channel BondingIncreasing the Bandwidth

Bonds two 20MHz channels to a 40MHz channel Slightly more than doubles the bandwidthPhased channel operation: ability to jump between 20 and 40Mhz channels

Spatial MultiplexingSource data stream split and sent over

separate antennas at the same timeRecombined at receiver using MIMO

signal processingDoubles, triples, or quadruples the

data rate depending on the number of transmit antennas used

Channel BondingIncreasing the Bandwidth

Bonds two 20MHz channels to a 40MHz channel Slightly more than doubles the bandwidthPhased channel operation: ability to jump between 20 and 40Mhz channels



47

#9: 802.11n – MAC Improvements#9: 802.11n – MAC ImprovementsReducing Overhead Improves Efficiency

Frame AggregationBlock ACKsReduced Inter-frame spacing

Reducing Overhead Improves EfficiencyFrame AggregationBlock ACKsReduced Inter-frame spacing



48

#9: 802.11n – Client Requirements#9: 802.11n – Client RequirementsWhat will my end users require if I install 802.11n APs?

Possibly nothingToday’s 802.11abg will interoperate with 802.11n Access Points

802.11n improves either side of the link (Access Point or Station)

Standard 802.11abg will obtain better throughput up to today’s data rates. Higher data rates can only be obtained when you have 802.11n on both sides of link

Phase in 802.11n stations when standard is ratifiedDon’t have to do a mass swap-out of existing

devices

What will my end users require if I install 802.11n APs?

Possibly nothingToday’s 802.11abg will interoperate with 802.11n Access Points

802.11n improves either side of the link (Access Point or Station)

Standard 802.11abg will obtain better throughput up to today’s data rates. Higher data rates can only be obtained when you have 802.11n on both sides of link

Phase in 802.11n stations when standard is ratifiedDon’t have to do a mass swap-out of existing

devices



49

#9: 802.11n – Cell Sizes#9: 802.11n – Cell SizesWhat about cell sizes – will I need to change the location of APs?

802.11n is not about higher transmit power, but about a better receiver (ability to listen)Plan to keep same AP locations if you have designed for 5GHz

802.11n cell will provide higher data rates and more user densityNeed to support legacy 11abg stations set the edgeEnterprise gear should automatically adjust cell sizes

Plan to redesign for 11n if you only have 2.4GHz (802.11bg)Do site survey for new locations

What about cell sizes – will I need to change the location of APs?802.11n is not about higher transmit power, but about a better receiver (ability to listen)Plan to keep same AP locations if you have designed for 5GHz

802.11n cell will provide higher data rates and more user densityNeed to support legacy 11abg stations set the edgeEnterprise gear should automatically adjust cell sizes

Plan to redesign for 11n if you only have 2.4GHz (802.11bg)Do site survey for new locations



50

#9: 802.11n – Best Practices#9: 802.11n – Best PracticesRecommendations

Client Devices Move away from 802.11b as it seriously degrades 802.11n (and 802.11g) performanceFold in new 802.11n client adapters that supports 5GHz (802.11a + 802.11n) for channel bondingAt least buy 802.11a/b/g adapters

Wired Network InfrastructurePull at least one Gigabit Ethernet connection to each Access Point location (Dual Gigabit is better)Implement switching as close to the edge as possible

Wireless NetworkBuy infrastructure gear that is upgradeable and provides local switching at the edgeUpgrade your sensor networks to 802.11nKeep cell sizes the same as you have today

Plan to support today’s 802.11a/b/g devicesMay need to resurvey if you just have 2.4GHz

Management and planning tools will need to comprehend 802.11n Should I Wait?

Start planning today! 802.11n is backwards compatible (improved PHY performance helps even today’s client devices)Buy modular and upgradeable infrastructure with a path to 802.11n

RecommendationsClient Devices

Move away from 802.11b as it seriously degrades 802.11n (and 802.11g) performanceFold in new 802.11n client adapters that supports 5GHz (802.11a + 802.11n) for channel bondingAt least buy 802.11a/b/g adapters

Wired Network InfrastructurePull at least one Gigabit Ethernet connection to each Access Point location (Dual Gigabit is better)Implement switching as close to the edge as possible

Wireless NetworkBuy infrastructure gear that is upgradeable and provides local switching at the edgeUpgrade your sensor networks to 802.11nKeep cell sizes the same as you have today

Plan to support today’s 802.11a/b/g devicesMay need to resurvey if you just have 2.4GHz

Management and planning tools will need to comprehend 802.11n Should I Wait?

Start planning today! 802.11n is backwards compatible (improved PHY performance helps even today’s client devices)Buy modular and upgradeable infrastructure with a path to 802.11n



51

#10: Architectures – The Future of Wi-Fi#10: Architectures – The Future of Wi-Fi“The only effective way to deliver high-performance Wi-Fi is to have a centrally managed intelligent edge network – just like your wired networks do”



52

#10: Architectures – Types#10: Architectures – TypesDistributed

Packet Processing at edgeControl plane at edgePolicy and security enforcement at edgeEncryption processing at edgeJust like Ethernet Switching Central management

Central Controller + Thin APsPacket Processing at coreControl plane at corePolicy and security enforcement at coreEncryption processing at coreCentral management

Centralized Processing Distributed Processing



53

#10: Architectures – Best Practices#10: Architectures – Best PracticesPreparing for Next Generation Wi-Fi

Be careful to understand latency and jitter that central controllers will create (especially for voice)Centralized controllers will require redundant units to avoid large points of failureBe wary of back end network bottlenecks for 802.11nRemote sites may be problematic for controllers located across a WANRecommendations:

Gigabit Ethernet connections are requiredLocally switch packets at edge (not deep into the network)Controllers should be integrated or local to Access Point

Preparing for Next Generation Wi-FiBe careful to understand latency and jitter that central controllers will create (especially for voice)Centralized controllers will require redundant units to avoid large points of failureBe wary of back end network bottlenecks for 802.11nRemote sites may be problematic for controllers located across a WANRecommendations:

Gigabit Ethernet connections are requiredLocally switch packets at edge (not deep into the network)Controllers should be integrated or local to Access Point



Questions?

Questions?

Documents

Confidential Information® 2007 Xirrus, Inc. All Rights Reserved Xirrus Training - Wi-Fi Basics Hans Van Damme Senior Wifi Application Engineer Hans Van