notes

1

Brought to you by

Welcome to CWNA –

Certified Wireless Network

Administrator

Objectives

In this video…

• About Your Instructor and Train Signal

• What’s Covered in this Course

About your Instructor and Train Signal

About Ed Liberman

• CWNT, CWNA, MCT, MCP, MCSA, MCSE, MCDST, MCTS, MCITP, A+, NET+, SERVER+

• Have worked in technology for about 20 years

• Have been certified and instructing IT for over 10 years

• Volunteer time in my local community as a math tutor for struggling grade school children

About Train Signal

• Casual Training Method

• Scenario-Based Training

2

What’s Covered in this Course

2. WLAN Standards

3. RF Fundamentals

4. RF Math

5. Antennas

6. RF Regulatory Domains

7. Wireless LAN Operation

8. Power over Ethernet (PoE)

9. 802.11 Service Sets

10. WLAN Analysis

11. Medium Access

12. 802.11n Amendment

13. Site Surveying

14. Basic WLAN Security

Videos…

What’s Covered in this Course

1. Network Topologies

2. OSI Model

3. TCP/IP Fundamentals

4. Network Devices

5. Network Security

Bonus Videos…

Are you ready to get started?

Let’s go!!!

3

Brought to you by

Introduction to

WLAN Standards

Objectives

In this video…

• Discuss the standards organizations responsible for shaping the 802.11 Wireless LAN protocol

• Learn how standards compliance is enforced for 802.11 WLAN vendors• Examine the 802.11 standard and various amendments• Discuss additional networking standards that are commonly used to

enhance 802.11 WLANs

IEEE

www.ieee.org

•Institute of Electrical and Electronics Engineers

•ISO (International Organization for Standardization)

•OSI Model

4

Wi-Fi Alliance®

Cross-vendor standards compliance and

interoperability testing organization

www.wi-fi.com

IEEE 802.11 Working Groups

• Original standard created in 1997 and modified in 1999

• Various amendments and supplements were rolled into a new standard called 802.11-2007

• Amendments not rolled into the -2007 standard are still called by their amendment name (e.g. 802.11n)

http://grouper.ieee.org/groups/802/11/QuickGuide_IEEE_802_WG_and_Activities.htm

802.11 Amendments

• Since the 802.11 amendment names are still used in the market, it’s advantageous to understand how each amendment modified the 802.11 standard.

• When the 802.11-2007 standard was ratified, many amendments became obsolete because their content was now part of the new standard.

5

802.11 Amendments

• 802.11a specifies use of OFDM technology using the 5 GHz UNII bands

• Obsolete: Rolled into 802.11-2007

• 802.11b specifies HR-DSSS using the 2.4 GHz band and is backwards compatible with DSSS


802.11 Amendments

• 802.11g specifies use of OFDM technology in the 2.4 GHz ISM band and offers backwards compatibility with HR/DSSS and DSSS


• Transmit Power Control (TPC)• Dynamic Frequency Selection (DFS)• UNII band spectrum management enhancement• Obsolete: Rolled into 802.11-2007

802.11 Amendments

• Specified multiple QoS mechanisms that can interoperate with legacy (non-QoS aware) devices


• Strong authentication with 802.1X/EAP and Preshared keys

• Strong encryption using CCMP/AES• Obsolete: Rolled into 802.11-2007

6

802.11 Amendments

• Changes to the 802.11 MAC and PHY to conform with new Japanese 4.9 and 5 GHz bands


• Defines physical layer requirements to extend 802.11 to new regulatory domains (countries)


• Adds MAC bridging functionality to 802.11 WLANs• Obsolete: Rolled into 802.11-2007

Active 802.11 Amendments

• Enhancements to the 802.11 MAC layer to minimize the amount of time data connectivity between the Station (STA) and the Distribution System (DS) is absent during a Basic Service Set (BSS) transition while maintaining strong security

• 802.11n offers data rates up to 600 Mbps (theoretical) and throughput in excess of 100 Mbps in both the 2.4 GHz ISM and 5 GHz UNII bands using MIMO technology.


• The amendment enables interoperable formation and operation of an ESS Mesh and allows for alternative path selection based on application requirements

• Defines Radio Resource Measurement enhancements to provide interfaces to higher layers for radio and network measurements.

7


• Supports communication between vehicles and the roadside and between vehicles while operating at speeds up to a maximum of 200 km/h for communication ranges up to 1000 meters

• Provides a set of performance metrics enabling measuring and predicting the performance of 802.11 WLAN devices and networks

• This is a recommended practice, not actually an amendment


• Amends the 802.11 MAC and PHY to enable Interworking with external networks

• Provides wireless network management enhancements to the 802.11 PHY and MAC to extend prior work in radio measurement to enable a complete and coherent upper layer interface for managing 802.11 devices in wireless networks


• Provides enhancements to the IEEE 802.11 MAC layer to make available mechanisms that enable data integrity, data origin authenticity, replay protection, and data confidentiality for selected IEEE 802.11 management frames

8

Related Standards: 802.1X

• Provides a framework for authenticating users connecting to a (W)LAN port

• Calls for 3 roles:

– Supplicant

– Authenticator

– Authentication Server

… is for Port-based Access Control

• Defines an authentication

framework which supports

multiple authentication methods

• There are many EAP

authentication protocols used in

802.11 WLANs… is for Extensible

Authentication Protocol

Related Standards: EAP

Related Standards: 802.3-2005, Clause 33

• Support for optionally powering a

10BASE-T,100BASE-TX, or

1000BASE-T DTE device via the

Power Interface (PI) using physical

layers

… is for Power-over-Ethernet

9

Related Standards: RADIUS

• A protocol for carrying authentication, authorization, and configuration information between an authenticator (WLAN Controller or AP) and an authentication server (RADIUS Server) for the purpose of authenticating users and optionally assigning them to roles.

… is for Remote Authentication Dial In User Service(… not just for dial-up anymore …)

Review

In this video we discussed:

• The standards organizations responsible for shaping the 802.11 Wireless LAN protocol.

• How standards compliance is enforced for 802.11 WLAN vendors.• The 802.11 standard and various amendments.• Additional networking standards that are commonly used to enhance

802.11 WLANs

Brought to you by

RF Fundamentals

10

Objectives

• Physical aspects of RF propagation

• Types of losses and attenuation that affect

RF communications

• Types of modulation and coding schemes

(MCS) used for 802.11 communications

• How channels and bandwidth are related to

each other in wireless networks

• Types of Spread Spectrum used in 802.11

networking

In this video...

Sine Waves

Current Flow

11

Photons

Wavelength

Frequency

Lower Frequency

Higher Frequency

12

Wavelength & Frequency

• Wavelength and Frequency are inverselyrelated through these formulas:

• f is frequency;

• is wavelength;

• c is the speed of

light—about 300,000

km/s

Wavelength Calculation

• 2.45 GHz = 4.82 inches (12.24 cm)

• 5.775 GHz = 2.04 inches (5.19 cm)

Formulas to calculate RF wavelengths:

Wavelength (in.) = 11.811/Frequency (GHz)

Wavelength (cm) = 30/Frequency (GHz)

Amplitude (Power Level)

Original Signal

Amplitude Increased

13

Phase

Signals 180 degrees out of phase

Phase is a relationship between two signals based on when their alternating current levels are rising and falling.

RF Loss

Loss as seen by an

Oscilloscope

Peak Amplitude before Loss

Peak Amplitude after Loss

Loss of DSSS as seen by a

spectrum analyzer

Loss – the main signal decreases in amplitude

(size or intensity) due to external

interference or attenuation.

RF Loss: Reflection

Reflection - occurs when an RF signal bounces off of a smooth, non-

absorptive surface, changing the direction of the signal.

14

RF Loss: Refraction

Refraction - occurs when an RF

signal changes speed and is bent

while moving between media of

different densities. How much this

happens depends on the Refraction

Index of each medium.

RF Loss: Diffraction

Diffraction – a change in

the direction (bending)

and intensity of a group

of waves after passing by

the edge of an obstacle.

RF Loss: Scattering

Scattering - occurs when the RF signal strikes an uneven surface

causing the signal to be scattered in such a fashion that the

resultant signals are less significant than the original signal.

15

RF Loss: Absorption

Absorption - occurs when the RF

signal striking an object is

absorbed into the material of the

object in such a manner that it

does not pass through, reflect off,

or bend around the object.

Interference (corruption)

Basic Types of Modulation

• Amplitude Modulation– A method of combining an

information signal and an RF carrier by varying the amplitude (power) of the carrier wave in proportion to the information signal

• Frequency Modulation– A method of combining an

information signal and an RF carrier by varying the frequency of the carrier wave in proportion to the information signal

• Phase Modulation– A method of combining an

information signal and an RF carrier by varying the phase of the carrier wave in proportion to the information signal

16

DSSS and HR/DSSS MCS

Spreading

Code

Modulation

Technology

Data

Rate

2.4 GHz

DSSS &

HR/DSSS

Barker Code DBPSK 1 Mbps

Barker Code DQPSK 2 Mbps

CCK DQPSK 5.5 Mbps

CCK DQPSK 11 Mbps

OFDM MCS

Coding

Technique

Modulation

Technology

Convolution

Code Ratio

Data

Rate

OFDM DBPSK 1/2 *6 Mbps

OFDM DBPSK 3/4 9 Mbps

OFDM DQPSK 1/2 *12 Mbps

OFDM DQPSK 3/4 18 Mbps

OFDM 16QAM 1/2 *24 Mbps

OFDM 16QAM 3/4 36 Mbps



* The standard requires support for these data rates

Spectral Mask: DSSS & HR/DSSS

17

Spectral Mask: OFDM

Clause 17 (802.11a) and 19 (802.11g) OFDM

transmissions both use this spectral mask.

2.4 GHz ISM Band and Channels

The 2.4 GHz ISM band has 14 channels, 11 of

which are available in the U.S. regulatory

domain.

Non-overlapping HR/DSSS channels are

highlighted.

UNII Bands and Channels

Bands are divided into channels as shown

36 40 44 48 52 56 60 64

(lower) (middle) (extended) (upper)

18

DSSS Coding

X

=

“symbol”

“Barker” sequence

Result of multiplication

Symbol time ts

“1” “0”

Chip time tc

With an 11 chip spreading code, the required transmit channel

bandwidth increases from 1 MHz to 11 MHz however 802.11 uses 22

MHz channels to improve receiver synchronization procedures.

DSSS Coding

OFDM FEC Coding

19

Objectives

• The physical aspects of RF propagation.

• The different types of losses and attenuation

that affect RF communications.

• The different types of modulation and coding

schemes (MCS) used for 802.11

communications.

• How channels and bandwidth are related to

each other in wireless networks

• The different types of Spread Spectrum used

in 802.11 networking.


Brought to you by

RF Math

Objectives

• RF units of measure

• Basic RF math

• RF signal measurements

• Link budgets

In this video…

20

Inverse Square Law

Free Space Path Loss (FSPL)

Units of Measure

• mW - milliwatt

• dB - decibel

• dBi – decibel relative to an isotropic radiator

• dBm – decibel relative to a milliwatt

Units

21

Rule of 10s and 3s

-40

dBm

-30

dBm

-20

dBm

-10

dBm0

dBm

+10

dBm+20

dBm

+30

dBm+40

dBm

100

nW

1

uW10

uW

100

uW1

mW

10

mW100

mW

1,000

mW

10,000

mW

-12

dBm

-9

dBm

-6

dBm

-3

dBm

0

dBm

+3

dBm

+6

dBm

+9

dBm+12

dBm

62.5

uW125

uW

250

uW

500

uW

1

mW

2

mW4

mW

8

mW

16

mW

RF Numbers: Infinitely Large to Infinitesimally Small

• Voyager 1 was launched in 1977

• It is currently 9+ billion miles from Earth

• Voyager communicates continuously to Earth with an X-band (8.4 GHz) transmitter

• The received signal is billions of times less powerful than the transmitted signal

Conversion Chart dBm/mW

0 dBm 1.0 mW 11 dBm 12.6 mW 22 dBm 158.5 mW








8 dBm 6.3 mW 19 dBm 79.4 mW 30 dBm 1000 mW

9 dBm 7.9 mW 20 dBm 100.0 mW 40 dBm 10000 mW

10 dBm 10.0 mW 21 dBm 125.9 mW 43 dBm 19952.6

mW

22

Gains and Losses

AbsoluteAmplitude

in dBm

RelativeAmplitude

in dB

RelativeFrequency

Frequency

2X Amplification (Rule of 3s)

Amplifier #1

Signal Level In: 1

Signal Level Out: 2

Amplifier #2

Signal Level In: 2

Signal Level Out: 4

Amplifier #3

Signal Level In: 4

Signal Level Out: 8

+3 dB+3 dB

+3 dB

2X Attenuation (Rule of 3s)

Attenuator #1

Signal Level In: 8

Signal Level Out: 4

Attenuator #2

Signal Level In: 4

Signal Level Out: 2

Attenuator #3

Signal Level In: 2

Signal Level Out: 1

-3 dB-3 dB -3 dB

23

10X Amplification (Rule of 10s)

Amplifier #1

Signal Level In: 1

Signal Level Out: 10

Amplifier #2

Signal Level In: 10


Amplifier #3

Signal Level In: 100


+10 dB+10 dB +10 dB

10X Attenuation (Rule of 10s)

Attenuator #1



Attenuator #2



Attenuator #3

Signal Level In: 10

Signal Level Out: 1

-10 dB-10 dB -10 dB

RF Math: Problem

24

Receiver Sensitivity

Receiver sensitivity

varies by device

and manufacturer.

In this example you

can see that this

radio is capable of

clearly

distinguishing very

small signals from

the noise floor.

Example:

Signaling

Rate

Receiver

Sensitivity

Threshold

11 Mbps -82 dBm

5.5 Mbps -87 dBm

2 Mbps -91 dBm

1 Mbps -94 dBm

Equivalent Isotropically Radiated Power (EIRP)

Will the link work?

16.5 dBm28.5 dBm-75.5 dBm-63.5 dBm

-67 dBm

25

Review

• Different RF units of measure.

• How to do basic RF math.

• Different RF signal measurements.

• How to calculate link budgets.


Brought to you by

Antennas

Objectives

• Antenna Polarization and Gain

• Types of antennas and antenna systems

commonly used in 802.11 WLANs

• Antenna implementation and safety

• Antenna accessories

In this video…

26

Isotropic Radiator

Visualizing Beam Patterns

Polarization of an Antenna

27

Understanding Polarization

Passive Gain

Low Gain Omni Antennas

28

High Gain Omni Antennas

Indoor Range ExtenderGain = 5 dBi

H Beam = 360°V Beam = 15°

Omni Gain = 4 dBi


Slim OmniGain = 12 dBi


Compact OmniGain = 8.5 dBiH Beam = 360°V Beam = 15°

Omni Antenna Examples

Mini-Mobile Magnetic Mount

Gain = 3 dBiH Beam = 360°V Beam = 30°

Omni ProfessionalGain = 15 dBi


Images: 2007www.hyperlinktech.com

Outdoor Range Extenderwith Magnetic Base


Omni Antenna Examples

Compact Ceiling Mount OmniGain = 3 dBi


Compact Ceiling Mount OmniGain = 3.5 dBi H Beam = 360°V Beam = 90°

Compact Tri-band Ceiling Mount Omni



29

Semi-Directional Antennas: Patch/Panel

Outdoor Directional Panel WLAN Antenna Gain = 15.5 dBi

H Beam = 25° V Beam = 25°


Patch Antennas

Single element patch

antennas may increase the RF

signal from 3-8 dBi. Multiple

element patch antennas may

increase the RF signal from

12-18 dBi.

Patch/Panel Antenna Examples

Dual Cable / Dual Diversity Flat Patch Gain = 11 dBi

H Beam = 60° V Beam = 30°Diversity

Smoke-Detector Round Patch Gain = 8 dBi


Directional Patch Range Extender Gain = 8 dBi



30

Patch/Panel Antenna Examples

Flat Patch Gain = 14 dBi


Heavy Duty Panel Gain = 18 dBi


Mini Panel Gain = 12 dBi



Horizontally Polarized Sector Panel Gain = 14 dBi H Beam = 90°V Beam = 20°

Sector Panel Gain = 17 dBi H Beam = 120°V Beam = 6.5°

Sector Panel Antennas


Sectorized Antenna System

31

Dual 180°Dual-Antenna Array

Gain = 15 dBiH Beam = 180° each

V Beam = 10°

Tri 120°Tri-Antenna Array

Gain = 14 dBiH Beam = 120° each

V Beam = 15°

Sectorized Antenna Systems


Quad 90°Quad-Antenna

Array Gain = 17 dBiH Beam = 90°

each

Semi-Directional Antennas: Yagi

Yagi Antennas

Radome Yagi Gain = 9 dBi H Beam = 60°V Beam = 60°

Radome YagiGain = 14 dBi H Beam = 30°V Beam = 30°

Diversity

Radome YagiGain = 12 dBiH Beam = 45°V Beam = 45°


32

Highly-Directional Antennas: Parabolic Dish or Grid

Dish Gain Examples:

25 cm – 15 dBi1m x 50 cm – 24 dBi1m full – 27 dBi2m full – 31 dBi3m full – 37 dBi

High Performance Parabolic Dish Gain = 28 dBiH Beam = 6°V Beam = 6°


Dish/Grid Antennas

Backfire WLAN Directional Antenna

Gain = 14 dBi H Beam = 25°V Beam = 25°

Mini-Reflector Grid Gain = 15 dBi H Beam = 16°V Beam = 21°

RemovableRadome


Dish/Grid Antennas

Parabolic Dish Gain = 20.5 dBiH Beam = 14°V Beam = 14°

Reflector Grid Gain = 30 dBiH Beam = 5.3°V Beam = 5.3°


33

Antenna Mounting Accessories

60 Degree Tilt and Swivel Bracket

Window Mount Kit

Heavy Duty Standoff Mount


Antenna Mounting Examples

Mini Panel WLAN Antenna with Mast-Mounting Hardware

Backfire WLAN Directional Antenna with Mast-Mounting hardware

Compact Omni-directional Antenna with Mast-Mounting Hardware


Antenna Mounting Examples

Horizontally Polarized Sector Panel

with Mast-Mounting HardwareSectorized Antenna Array

with Tri-Sector Mounting Hardware

Radome Yagi Antenna with 60 Degree Tilt and Swivel

Mounting Hardware


34

Voltage Standing Wave Ratio

Antenna Characteristics

When choosing an antenna, evaluation of the following points is highly recommended:

• Gain

• Beam widths (horizontal and vertical)

• Rear lobe coverage

• Polarization

• Cost

• Intended use

• Manufacturer

• Impedance, VSWR, and other electrical characteristics

• Attached cable and connector types

• Available mounting gear

Simple Diversity Systems

Tip:

Diversity antennas should not be used to provide coverage in two different areas.

35

Diversity Transmit Systems

Line-of-Sight (LoS)

Fresnel Zone

36

Fresnel Zone

1FZ

2FZStrongest Signal

(Point Source)

Tx Rx

1FZ

2FZ

What a person with RF goggles sees from the side

What the Receiver sees when looking at the Transmitter

1FZ

If antenna gain changes, FZ size

does not change because the FZ

is based only on distance and

frequency.

Calculating 1FZ Size & Minimum Clearance

To calculate the Height (Radius) of the First Fresnel Zone:

H = Height (Radius) of the First Fresnel Zone (in feet)

D = Distance between the antennas (in miles)

F = Frequency in GHz

F

DH

42.72

Calculating 1FZ Size & Minimum Clearance

To calculate Fresnel Zone minimum clearance (60% of

entire 1FZ):

H = Height (Radius) of 60% of the First Fresnel Zone (in feet)

D = Distance between the antennas (in miles)


F

DH

43.43

37


• FSPL is always the single greatest loss factor in an

RF system

• When the Fresnel Zone is blocked:

– Raise the antenna tower(s)

– Remove obstacles

Clear Line-of-Sight

(no Fresnel Zone

obstructions)

required to assure

FSPL calculation is

correct



To calculate Free Space Path Loss where

the distance between antennas is

measured in kilometers:

Lp = 32.4 + (20 log10 F) + (20 log10 D)

Lp = free-space path loss between

antennas (in dB)

F = frequency in MHz

D = path length in kilometers

To calculate Free Space Path Loss where

the distance between antennas is

measured in miles:

Lp = 36.6 + (20 log10 F) + (20 log10 D)

Lp = free-space path loss between

antennas (in dB)

F = frequency in MHz

D = path length in miles

38

Earth Bulge

Calculating Antenna Height for Links >7 miles

H = Height of earth bulge (in feet)

D = Distance between antennas (in miles)


To calculate additional antenna height

required to compensate for curvatureTo calculate minimum antenna height

required to compensate for curvature

H = Height of earth bulge (in feet)

D = Distance between antennas (in miles)


8

2

43.43

DF

DH

8

2

DH

Antenna Downtilt

39

Antenna Safety

http://www.sitesafe.com

Read factory manuals

Do not touch an active antenna surface

Avoid metal obstructions

Consider professional installers

Avoid power lines

Use grounding rods

RF Health and Safety Classes

Antenna Accessories: RF Cables

FCC Part 15.204

Amendment

• Recent FCC Regulations now

allow the use of third party

antennas

FCC Regulations

• Proprietary connectors are still

required

Proprietary Connectors

• Home built systems are still

prohibited

Home Built Systems

40

Antenna Accessories: Pigtail Cables

Antenna Accessories: Pigtail Cables

Pigtails are short RF cable

adapters with a common or

generic connector-type on

one end and a

―Proprietary‖ connector-

type on the other end.

Pigtails are used to allow

generic antennas to be

connected to various

WLAN cards.

Common RF Connectors


41

Lightning Arrestors

Lightning arrestors use bi-metal

conductors or gas discharge tubes to

sense incoming over-voltages induced by

nearby lightning strikes and shunt the

current to earth ground. Lightning

arrestors cannot fully protect against a

direct lightning strike.

Gas discharge tube protectors feature

easily replaced gas tube elements,

multi-strike capability and bi-

directional protection.

Coaxial Gas Discharge Tube Surge Protectors

Lightning Protection

Review

• Antenna Polarization and Gain

• Different types of antennas and antenna

systems commonly used in 802.11 WLANs

• Antenna implementation and safety

• Different antenna accessories


42

Brought to you by

RF Regulatory Domains

Objectives

• International, regional, and local RF spectrum management organizations

• RF channels in the unlicensed 2.4 GHz and 5 GHz frequency ranges as designated by the European Radiocommunications Commission (ERC) and the U.S. Federal Communications Commission (FCC)

• View specific examples of how power output limitations are enforced by the FCC for Point-to-Multipoint (PtMP) and Point-to-Point (PtP) wireless connections

In this video…

International RF Spectrum Management Hierarchy

International Telecommunications Union

– Radiocommunication Sector (ITU-R)

http://www.itu.int/ITU-R/

43

Regional Spectrum Management Groups - CITEL

• InterAmerican

Telecommunication

commission (CITEL)

• ITU-R Administrative Region

―A‖

• http://www.citel.oas.org

AntiguaBarbudaArgentinaBahamasBarbadosBelizeBolivia

ColombiaCosta RicaCubaDominicaEcuadorEl SalvadorGrenada

HondurasJamaicaMexicoNicaraguaPanamaParaguayPeru

Saint Vincent the GrenadinesSurinameTrinidad & TobagoUruguayVenezuelaUnited States of America

Regional Spectrum Management Groups - CEPT

• European Conference of

Postal and

Telecommunications

Administration (CEPT)

• ITU-R Administrative

Region ―B‖

• http://www.cept.org

AlbaniaAndorraAustriaAzerbaijanBelarusBelgiumBosnia & HerzegovinaBulgaria

Czech RepublicDenmarkEstoniaFinlandFranceGermanyGreeceHungary

ItalyLatviaLiechtensteinLithuaniaLuxembourgMaltaMoldovaMonaco

Serbia & MontenegroSlovakiaSloveniaSpainSwedenSwitzerlandthe former Yugoslav Republic of Macedonia

Regional Spectrum Management Groups - RCC

• Regional Commonwealth

in the field of

Communications (RCC)


Region ―C‖

• http://www.rcc.org

ArmeniaBelarusBulgariaGeorgiaMoldovaRussia

44

Regional Spectrum Management Groups - ATU

• African

Telecommunications

Union (ATU)


Region ―D‖

• http://www.atu-

uat.org

North Africa:AlgeriaEgyptLibyaMoroccoTunisiaMauritania

East Africa:ComorosDjiboutiEthiopiaKenyaMadagascarMauritiusSomalia

West Africa:BeninBurkina FasoCote d’IvoireGambiaGhanaGuinea

Southern Africa:LesothoMalawiSouth AfricaSwazilandZambiaZimbabwe

Central Africa:AngolaBurundiCameroonCentral African Rep.ChadCongoDemocratic Rep. of Congo

Central Africa:Guinea BissouLiberiaMaliNigerNigeriaSenegalSierra Leone

Regional Spectrum Management Groups - APT

• Asia-Pacific

Telecommunity


Region ―E‖

• http://www.aptsec.org

AfghanistanAustraliaBangladeshBhutanBruneiDarussalamChina

IranJapanKorea DPRKorea, Rep.Lao PDRMalaysiaMaldives

MyanmarNauruNepalNew ZealandPakistanPalauPapua New Guinea

Sri LankaThailandTongaVietnamAssociate Members:Cook IslandsHong Kong

Examples of Local RF Regulatory Bodies

Japan

(MKK)

TELEC 33B

TELEC ARIB STD-T71

Canada ISC RSS-210

Europe

(ETSI)

ETS 300.328

ETS 301.893

USA FCC (47 CFR) Part

15C, Section 15.247

FCC (47 CFR) Part

15C, Section 15.407

China RRL/MIC

Notice 2003-13

Israel MOC

Singapore IDA/

TS SSS Issue 1

Taiwan PDT

45

Channel

Number

Frequency

(GHz)Americas EMEA Israel* China Japan

2.4 GHz ISM Band

1 2.412 x x x x x

2 2.417 x x x x x

3 2.422 x x x x x

4 2.427 x x x x x

5 2.432 x x x x x

6 2.437 x x x x x

7 2.442 x x x x x

8 2.447 x x x x x

9 2.452 x x x x x

10 2.457 x x x x x

11 2.462 x x x x x

12 2.467 x x x

13 2.472 x x x

14 2.484 x

*Israel allows channels 5-13 outdoors, but 1-13 indoors.

5 GHz Unlicensed Bands

Americas / EMEA UNII-1 Band

(5.15 - 5.25)

4 36

40

44

48

5180

5200

5220

5240

Americas / EMEA UNII-2 Band

(5.25 - 5.35)

4 52

56

60

64

5260

5280

5300

5320

Americas / EMEA UNII-2e Band

(5.470 - 5.725)

11 100, 104, 108,

112, 116, 120,

124, 128, 132,

136, 140

5500, 5520, 5540,

5560, 5580, 5600,

5620, 5640, 5660,

5680, 5700

Americas /

EMEA (with

restrictions)

UNII-3 Band

(5.725 - 5.825)

4 149

153

157

161

5745

5765

5785

5805

Americas ISM

(5.725 - 5.850)

1 165 5825

Band (GHz)Regulatory

DomainCenter FrequencyChannel Number# of Channels

FCC 2.4 GHz PtMP Rules

Referred to as ―1:1 Rule‖

46


PtMP EIRP in the 2.4 GHz band may not exceed 36 dBm





47







48

Americas / EMEA 5 GHz Band Rules

FCC 5 GHz PtMP Rules: UNII-1

1:1 Rule applies to UNII-1 band



FCC power output rules for the UNII-2e band

(5.470 – 5.725 GHz) are identical to rules for the

UNII-2 band (5.250 – 5.350 GHz)

49



FCC 2.4 GHz PtP Rules

Referred to as ―3:1 Rule‖ 36 dBm = 4 Watts


3:1 Rule applies to 2.4 GHz PtP connections38 dBm = 6.3 Watts

50


3:1 Rule applies to 2.4 GHz PtP connections40 dBm = 10 Watts





51


46 dBm = 40 Watts3:1 Rule applies to 2.4 GHz PtP connections




50 dBm = 100 Watts3:1 Rule applies to 2.4 GHz PtP connections

52



FCC 5 GHz PtP Rules: UNII-3

PtP rules for the UNII-1, UNII-2, and UNII-2e band are the SAME as for PtMP

Review

• International, regional, and local RF spectrum management organizations

• RF channels in the unlicensed 2.4 GHz and 5 GHz frequency ranges as designated by the European Radiocommunications Commission (ERC) and the U.S. Federal Communications Commission (FCC)

• Specific examples of how power output limitations are enforced by the FCC for Point-to-Multipoint (PtMP) and Point-to-Point (PtP) wireless connections


53

Brought to you by

Wireless LAN Operation

Objectives

• WLAN Hardware Devices• WLAN Software• Ad Hoc & Infrastructure Connectivity Operation• WLAN Management Systems (WNMS)• WLAN Controller Deployments• WLAN Profiles• AP Modes• Bridging & Repeating• Evolution of WLAN Architecture

In this video…

WLAN Radios

CardBusCompact Flash (CF)

Secure Digital (SDIO)

Universal Serial Bus (USB) Mini PCIe

PCI BusMini PCI Express Card

54

Client Utilities

Enterprise-Class Client Utilities

Some client utilities

are more robust

than others. Look

for authentication

and encryption

support that meets

the needs of your

implementation.

Access Points

55

Access Points as MAC Bridges

Frame Forwarding Between Physical Interfaces

Ad Hoc Mode

56

Infrastructure Mode

Wireless Network Management Systems (WNMS)

A WNMS can be used to

manage single- or multi-

vendor infrastructures

consisting of autonomous

APs, WLAN controllers

with lightweight APs,

WLAN Arrays, mesh

networks, or all of the

above.

WLAN Controllers

57

WLAN Controller: Core

WLAN Controller: Distribution

WLAN Controller: Access

58

WLAN Profiles

ESSID

Controller Capacity

Blah

QoS

VLAN

Security

Remote Office WLAN Controllers

Wireless Workgroup Bridges

59

Workgroup Bridges

Wireless Bridges

Bridging Repeaters

60

Access Point: Root Mode

Access Point: Repeater ModeWireless Distribution System

(WDS)

Point-to-Point (PtP) Connections

61

Point-to-Point Bridging

Point-to-Multipoint (PtMP) Connections

Point-to-Multipoint Bridging

62

Line-of-Sight (LoS)

LoS

Near

LoS

Non

LoS

Wireless Residential Gateways

Wireless VPN Routers

63

Enterprise Encryption Gateways (EEGs)

EEGs are sometimes

called Security

Controllers

Using EEGs

WLAN Arrays

64

WLAN Arrays

Location Tracking

Real-Time Location

Services (RTLS) is

widely used in

today’s market.

Location tracking

software may be

implemented as a

software-only

solution or as an

appliance solution.

Evolution of WLAN Architecture

65

Evolution of WLAN Architecture: Multi-Channel

Architecture (MCA)

Hexagonal tiling, often called ―channel re-use‖ is required for MCA

systems to avoid co-channel and adjacent channel interference. This

system has been used since the earliest days of WLAN deployments and

is still in use today by the majority of vendors.

Evolution of WLAN Architecture: Single Channel

Architecture (SCA)

Each WLAN operates interference free on a single channel. This allows dense

WLAN deployments using multiple channels. This is referred to as ―channel

spanning‖, ―channel blankets‖, and even ―channel stacking.‖

Wireless Mesh Networks

Wireless mesh routers communicate with each

other using proprietary layer 2 routing protocols,

forming a self-healing wireless infrastructure.

66

Review

• WLAN Hardware Devices• WLAN Software• Ad Hoc & Infrastructure Connectivity Operation• WLAN Management Systems (WNMS)• WLAN Controller Deployments• WLAN Profiles• AP Modes• Bridging & Repeating• Evolution of WLAN Architecture


Brought to you by

Power over Ethernet

(PoE)

Objectives

• The two standards currently available for PoE

• Recognize the two types of devices used in Power

over Ethernet (PoE)

• Recognize the differences between the two types of

Power Sourcing Equipment (PSE)

• How is power delivered using PoE

• The importance of planning to maximize the

efficiency of Power over Ethernet

In this video…

67

A Tale of Two Standards

• Formerly 802.3af

•15.4 Watts maximum

power

• Widely-deployed in a

number of industries

including 802.11 WLANs

802.3-2005, Clause 33

• Currently in Draft

• 59 Watts maximum

power

• Draft-compliant

equipment currently

available, but not

widely deployed

•Often called ―PoE Plus‖

802.3at

PoE Overview

Powered Device (PD)

Power Sourcing Equipment (PSE)

Powered Device (PD)

68

Power Sourcing Equipment

Endpoint – Switch with

integrated power-supplying

equipment

Midspan – Passthrough

device with integrated

power-supplying

equipment (single-port or

multi-port)

• To determine classification, the PSE applies up to 20.5 VDC to PD

• The PD Classification Signature is determined by the returning current

802.3af PD Classification Signature

802.3af PSE Power Classes & PD Power Consumption

Class Usage Power Output at the PSE Maximum Power Levels at

the Powered Device

0 Default 15.4W 0.44 W to 12.95 W

1 Optional 4.0 W 0.44 W to 3.84 W

2 Optional 7.0 W 3.84 W to 6.49 W

3 Optional 15.4 W 6.49 W to 12.95 W

4 Reserved for

Future Use

Treat as Class 0 Reserved for Future Use: A

class 4 signature cannot be

provided by a compliant

powered device

The power difference between PSE output power and PD maximum power draw is

due to the resistance of the Ethernet cable. Power that is allocated but not used

is wasted.

69

Where is the Power?

In a Midspan PSE

configuration, two

active pairs of

conductors carry the

Ethernet signal to the

end station (PD) …

… while the two unused

pairs are used to carry the

electrical power to the PD.

MDI – Medium Dependent Interface

PHY – Physical Layer Device

PI – Power Interface

PSE – Power Sourcing Equipment

In an Endpoint PSE

configuration, the

Ethernet signal and

electrical power both

travel on the same two

pairs.

802.3af Power Interface

Above cutaway cable was constructed specifically

to illustrate T568B conductor pinouts.

The generic term that refers to the

mechanical and electrical interface

between the PSE or PD and the

transmission medium.

Power is sent from the PSE to the PD

over the Ethernet cable (MDI)

Can use data lines

Orange Pair (Org/Wht and Org)

Green Pair (Grn/Wht and Grn)

Can use unused conductors

Blue Pair (Blu/Wht and Blu)

Brown Pair (Brn/Wht and Brn)

Power Interface

Note: Color code assumes use of T568B pinouts

PSE Endpoint Alternative A

SwitchPowered End

Station

Endpoint PSE – Alternative A

Endpoint PSE Alternative A uses the data conductors for electrical power

70

PSE Endpoint Alternative B

SwitchPowered End

Station

Endpoint PSE – Alternative B

Endpoint PSE Alternative B uses the spare conductors for electrical power

PSE Midspan

Midspan PSE – Alternative B

Midspan PSE -Alternative B uses the spare conductors for electrical power

• The PD must be able to accept power from the PSE using either Alternative A

or Alternative B

• The PD must be able to accept either electrical polarity that may be in use

by the PSE.

802.3af PD Pinout

71

High Density PoE Requires Planning

Each 802.3af-compliant 48-port PoE line card requires 739.2 W if all ports are active

at default class (15.4W)

High-density PoE requires high-power feeds and much

cooling

Two of these power

supplies will be in

operation in a single

switch, yielding a total of

~72,000 BTUs per hour at

capacity per switch

Each of these power

supplies radiates ~36,000

BTUs per hour at capacity

Use of Management Protocols

72

Where PoE is used in WLANs

WLAN controllers

Ethernet switches

Access Points

Midspan Injectors

Non-WLAN uses of PoE

Smart Card readersGas detectors

IP PhonesRFID readersClocks

IP Cameras

PoE Diagnostics

PoE Diagnostic Devices

73

Powering 802.11n

Dual 802.3af Ports

802.3af Port, upgradeable

to 802.3at

802.3af Port, proprietary

enhancement

Proprietary AC Power Plug

Review

• The two standards currently available for PoE

• Recognize the two types of devices used in Power

over Ethernet (PoE)

• The differences between the two types of Power

Sourcing Equipment (PSE)

• How is power delivered using PoE

• The importance of planning to maximize the

efficiency of Power over Ethernet


Brought to you by

802.11 Service Sets

74

Objectives

In this video…

• The three types of service sets defined for use within 802.11 WLANs

• 802.11 authentication and association• 802.11 network infrastructure• Roaming within a WLAN• Load-balancing as a method to improve

congestion in WLANs

802.11 Service Sets

Independent Basic Service Set

• IBSS

• Ad Hoc

• Peer-to-Peer

75

IBSS Process

IBSS Process

Basic Service Set (BSS)

76

BSS Selection

Some client utilities allow

the user to configure the

client to join:

____________________

Only an IBSS network

Only a BSS network

Any network

The more ―automatic‖ the BSS selection is,

the higher the security risk.

Extended Service Set

The Network Infrastructure

Infrastructure: The infrastructure includes the distribution system medium (DSM), access point

(AP), and portal entities. It is also the logical location of distribution and integration service

functions of an extended service set (ESS). An infrastructure contains one or more APs and zero

or more portals in addition to the distribution system (DS).

77

Integration Service

Integration Service: The

service that enables

delivery of medium access

control (MAC) service data

units (MSDUs) between the

distribution system (DS)

and an existing, non-IEEE

802.11 local area network

(via a portal).

Distribution System

Distribution System: A system used to interconnect a set

of basic service sets (BSSs) and integrated LANs to create

an extended service set (ESS).

Wireless Distribution System (WDS)

78

802.11 State Machine

Joining a Service Set – State 1 (Discovery)

Joining a Service Set – State 1 (Discovery)

79

Joining a Service Set – State 1 (Open System Auth)

Joining a Service Set – State 1 (Shared Key Auth)

Joining a Service Set – State 2 (Association)

80

802.1X/EAP Authentication –State 3 (all frames)

Disassociation

Note: Disassociation is always successful,

from the sender’s perspective. The receiver

is not required to respond. That’s why

Disassociation is known as a Notification,

not a Request.

Deauthentication

81

Roaming (BSS Transition)

Load Balancing

Review


• The three types of service sets defined for use within 802.11 WLANs

• 802.11 authentication and association• 802.11 network infrastructure• Roaming within a WLAN• Load-balancing as a method to improve

congestion in WLANs

82

Brought to you by

Basic WLAN Analysis

Objectives

• Protocol Analysis

• 802.11 Frame Types– Data Frames

– Control Frames

– Management Frames

• Protection Mechanisms

• Power Saving Operations

• Transmission Rates

In this video…

WLAN Protocol Analyzers

83

Handheld Protocol Analyzers

Handheld Protocol Analyzers

AirMagnet Handheld

Fluke OptiView III

BV Systems Yellowjacket

Tamosoft CommView for Wi-Fi PPC

802.11 Frame Format

Carry Data• Simple Data• QoS Data• Data + CF-Ack• QoS Data + CF-Ack• Data + CF-Poll• QoS Data + CF-Poll• Data + CF-Ack + CF-Poll• QoS Data + CF-Ack + CF-

Poll

Data Frames

Two types of Data frames:

• First group is used to carry data

• Second group does not carry data

Do Not Carry Data

• Null

• QoS Null

• CF-Ack

• CF-Poll

• QoS CF-Poll

• CF-Ack + CF-Poll

• QoS CF-Ack + CF-Poll

84

Null Frames

Control Frames

1

2

3

PS-Poll

Used to request data frames in Power Save mode

4

5

CF-End, CF-End+CF-Ack

Used to signal the end of a service period

Ack, CF-End+CF-Ack, BlockAck, BlockAckReq

Used to acknowledge or request acknowledgement of correctly received frames

RTS, CTS

Used to reserve the RF medium

Control Wrapper

Used to carry any other control frame together with an HTC field

Hidden Node - Obstructions

85

Hidden Node – Signal Strength

Hidden Node – Signaling Methods

Using RTS/CTS

86

RTS/CTS Exchange

Without RTS/CTS With RTS/CTS

RTS/CTS Exchange – cont’d

Protection Mechanisms

Is there an 802.11b station

associated with this 802.11g AP?

Should this AP tell the 802.11g

stations associated with it to use

protection mechanisms?

87

Power Management Modes

Some client utilities let

the user configure how

much the client will doze

while in Power Save mode.

TIM and DTIM

The DTIM Period field indicates the number

of Beacon intervals between successive

DTIMs. If all TIMs are DTIMs, the DTIM

Period field has the value 1. The DTIM

Period value 0 is reserved.

AIDs in the TIM indicate to individual

stations whether or not they have traffic

buffered at the AP. AIDs are assigned to

clients by the AP during association and

have a maximum value of 2007.

ATIM & ATIM Window

ATIM Window

Beacon Interval

Beacon

Station A

Station B

Tx ATIM Tx Data

Tx Ack Tx Ack

88

Legacy Power Save and U-APSD

Legacy Power SaveU-APSD

Management Frames

• Management

– Beacon

– Probe Request

– Probe Response

– Authentication

– Association Request

– Association Response

– Reassociation Request

– Reassociation Response

– Disassociation

– Deauthentication

– ATIM

– Action

– Action, No Ack

Beacons

89

Probe Requests / Responses

Open Authentication

Shared Key Authentication

90

Association Request / Response

Reassociation Request / Response

Disassociation

91

Deauthentication

Acknowledgement (Ack) Frames

Basic and Supported Rates

92

Transmission Rates

Review

• Protocol Analysis

• 802.11 Frame Types– Data Frames

– Control Frames

– Management Frames

• Protection Mechanisms

• Power Saving Operations

• Transmission Rates


93

Brought to you by

802.11 Medium Access

Objectives

• Differences between CSMA/CD and CSMA/CA

• Distributed Coordination Function (DCF)– Network Allocation Vector (NAV)

– Clear Channel Assessment (CCA)

– Interframe Spacing (IFS)

– Contention Window (CW)

• Point Coordination Function (PCF)

• Hybrid Coordination Function (HCF)

In this video…

CSMA/CD

94

CSMA/CA

Distributed Coordination Function (DCF)

Virtual Carrier Sense

Duration/ID field indicates

how long it will take to

complete the present frame

exchange. This value is

processed by all stations in

a BSA except the station to

which the frame is directed.

95

Virtual Carrier Sense

STA-1 and STA-2 cannot hear each other’s

transmissions.

Physical Carrier Sense

Inter-Frame Spacing

96

Interframe Spacing

Random Backoff Algorithm

Point Coordination Function (PCF)

97

802.11e MAC Architecture

HCF Controlled Channel Access (HCCA)

Enhanced Distributed Channel Access (EDCA)

98

WMM Access Categories (AC)

WMM Transmission Queues

WMM Power Save (WMM-PS)

99

Review

• Differences between CSMA/CD and CSMA/CA

• Distributed Coordination Function (DCF)– Network Allocation Vector (NAV)

– Clear Channel Assessment (CCA)

– Interframe Spacing (IFS)

– Contention Window (CW)

• Point Coordination Function (PCF)

• Hybrid Coordination Function


Brought to you by

The 802.11n Amendment

Objectives

• Challenges addressed by 802.11n

• 802.11n PHY/MAC layer enhancements

• MIMO and SISO systems

• 802.11n coexistence mechanisms

• 802.11n integration and deployment

considerations

• 802.11n site surveying and analysis

In this video…

100

Time to File Transfer

0 2 4 6

11n

11g

Throughput Reliability Predictability

Laptop Rotational Spin

0

5

10

15

20

0 20 40 60Time

Th

rou

gh

pu

t 11n

11g

Roving Laptop Comparison

8

10

12

14

16

18

20

22

24

0 50 100 150 200 250

Time

Packet

Retr

ies

11n

11g

Why 802.11n?

Throughput Reliability Predictability

Enhanced file transfer and

download speeds for large files

Lower latency for mobile

communications

More consistent coverage and throughput for

mobile applications

5x more throughput 2x more reliable 2x more predictable

PHY Comparison

802.11b 802.11a 802.11g 802.11n

Amendment Approved

July 1999 July 1999 June 2003Draft 2.0

February 2007

Maximum Data Rate 11 Mbps 54 Mbps 54 Mbps300 - 600

Mbps

Supported Modulation

HR/DSSS OFDMHR/DSSS &

OFDMHR/DSSS &

OFDM

RF Band 2.4 GHz 5 GHz 2.4 GHz 2.4 / 5 GHz

Number of Spatial Streams

1 1 1 1 - 4

Channel Width 22 MHz 20 MHz 20 MHz 20 / 40 MHz

Average Burst Data Rate (Mbps)

6050403020100

MIMO

AP

Average Burst Data Rate (Mbps)

6050403020100

SISO

AP

Reliable Connectivity

• Higher average throughput, more reliable connectionsBetter reliability, better user experience

Predictable throughput and coverage

Fewer help desk calls

101

Performance penalty caused by multipath and interference from metal shelves, elevator shafts, corridors, and machinery

Challenge

MIMO uses multipath to its advantage to reduce coverage holes

Hospitals

Manufacturing facilities

Factory floors

Warehouse

Most AffectedHow 802.11n Helps

Challenging RF Environments

Challenge


Bandwidth Intensive Environments

Limited wireless bandwidth for heavy data transfers

MIMO offers two spatial streams for greater throughput

40MHz channels

Frame aggregation improves payload efficiencies

Healthcare (digital imaging, patient records)

Engineering (CAD, imaging)

Education (research, file sharing)

Challenge


Voice and Video Readiness

Delivering a quality wireless voice experience over a network optimized for latency sensitive traffic

Healthcare

Retail stores

Warehouses

MIMO decreases frame retries, maintaining low latency throughput

MIMO provides more consistent coverage

102

Challenge


Mixed Client Environments

Delivering optimal performance and compatibility in a wireless network with a mix of existing 802.11abg and 802.11n clients

802.11n requires backwards compatibility with existing 802.11abg clients

Benefits of MIMO for reliability and predictability extend to 11abg clients

Education

Hospitability (Guest networks)

MIMO

Transmit

Beamforming

(TxBF)

Maximal Ratio

Combining (MRC)

Spatial

Multiplexing (SM)

Space Time Block

Coding (STBC)

802.11n Enhancements

SISO vs. MIMO

Simple receive diversity has one

radio with two antennas

Dual-frequency capable

AP with 3x3 MIMO

Two radio cards, 6

radios, 6 antennas

103

MIMO

There are two variations

between SISO and MIMO

Single Input Single Output (SISO)

Destructive Interference

Am

plit

ud

e

Time Time

Am

plit

ud

e

Am

plit

ud

e

Time

SISO and Multipath

=

Pow

erPo

wer

Inter-Symbol Interference

MIMO Radio Card

• Analog/Digital

Conversion

• Baseband

Processing

• MAC Functions

• PC Interface

(CardBus, Mini-

PCIe, etc.)

• 2-4 Dual-Band

Radios

• 2-4 Dual-Band

Antennas

104

MIMO “Uses” Multipath

Performance

MIMO: Tx Beam Forming

Performed by

transmitter

Ensures signal is

received in-phase

Increases SNR Works with

non-MIMO and

MIMO clients

HALLWAY

Without Tx Beam Forming Transmissions Arrive out of Phase

With Tx Beam Forming Transmissions Arrive in Phase, Increasing Signal Strength

MIMO AP

TxBF sends the same data on all participating radios, but has the effect of ―focusing‖

transmissions at a target station by changing the phase of each transmission at the transmitter


123456789

MIMO AP

123456789

MIMO STA

123456789

123456789

123456789

105

Path Delay

Path Delay

Am

plitu

de

Time

Am

plitu

de

Time

Am

plitu

de

Time

Signal Transmission

with Phase Offset

Signal Reception (combined,

in-phase) – improved SNR

TxBF causes constructive interference


MRC takes multiple received signals (from multipath) and combines

them in a way that significantly boosts signal strength.

MIMO: Maximal Ratio Combining

123456789

Legacy STA

123456789

MIMO AP

123456789

123456789

123456789

MIMO: Maximal Ratio Combining

106

Transmitter and Receiver Participate

Concurrent Transmission on Same Channel

Increases Throughput

Requires MIMO Clients

Performance

stream 1

stream 2

Information is split and transmitted on multiple streams

MIMO AP

MIMO: Spatial Multiplexing

• Conventional SISO systems transmit and receive on a single radio

chain

• SM can provide an N-fold increase in throughput by using N streams

• Advanced signal processing and additional radio chains are required

for Tx and Rx


123456789

MIMO AP

123456789

MIMO STA

456

789

123

Time

Time

Transmitted SignalReceived Signal

Time

Pow

erPo

wer

Pow

er

Pow

er


107

PHY Enhancements: Effect on Throughput Example

MIMO: Space-Time Block Coding (STBC)

•Uses more antennas than spatial streams

•Increases reliability at the receiver

•SM and STBC can be used together

•Think ―RAID for RF‖

Tx RxAB ->BC -> ABCCA ->

SM + STBC Data Flow

Data flow in this direction

Space-time

BlockCoder

SpatialDivision

Multiplexor

SpatialDivision

Multiplexor

Space-timeBlock

Decoderand

MaximalRatio

Combiner

MACetc.

RFchannel MAC

etc.

Split again

into N STS

space-time

streams

Split into

NS

spatial

streams

Original

data

stream

Original

data

stream

Rebuilt

into NS

spatial

streams

Recieved

signals from

available

antennas

108

PHY Enhancements

40 MHz Channels

Channel Bonding

More Subcarriers

Non-HT Duplicate

Format

Optional Short

Guard Intervals

Modulation Rates

Antenna

Selection


20 MHz Channel Mask

20 MHz Channel Width

40 MHz Channel Mask

40 MHz Channel Width

109

20 MHz

20 MHz

40 MHzGained Space

20 MHz vs. 40 MHz Channels

Moving from 2 to 4 lanes

40 MHz = two aggregated 20 MHz channels - takes advantage of the reserved channel space through bonding to gain more than double the data rate of two 20 MHz channels

2.4 GHz Channel Selection

1 2 6 113 4 5 7 8 9 12 13 1410

40MHz 802.11n channel2.402 GHz 2.483 GHz

Channel Bonding (2.4 & 5 GHz)

5.25

GHz

5.35

GHz

5.470

GHz

5.725

GHz

5.825

GHz

5.15

GHz

UNII-1 UNII-2 UNII-3UNII-2e

110

Channel Bonding in 5 GHz

802.11a/g

52 subcarriers in 20-

MHz Channel

56 subcarriers in 20-MHz

Channel

802.11n

114 subcarriers in 40-MHz HT

Mode Channel

OFDM Subcarriers

More subcarriers means more data can be crammed into a channel

Non-HT Duplicate Mode

802.11n

Non-HT

Duplicate

Format

52

subcarriers

in

20-MHz

Channel56 subcarriers in HT 20 MHz

Channel

5.25

GHz

5.15

GHz Adjacent 20 MHz, 52 subcarrier

channels are used simultaneously to

carry the same information

111

Guard Interval Reduction

TimeISI

Time

800 ns

The Problem

The 802.11a/g/n Solution The Optional 802.11n Solution

Time

400 ns

Guard Interval Reduction

800 ns (standard)400 ns (optional)

Antenna Selection (ASEL)

• When there are more antennas than transmit and/or receive radio chains, ASEL can be used to increase signal diversity, and effectively SNR, at the receiver.

112

802.11n MCS (Data) Rates

MAC Enhancements

Frame

Aggregation

Block ACKs

RIFS

SMPS

PSMP


802.11 Protocol Stack

113

802.11 Encapsulation

Frame Aggregation

Carpooling is more efficient than driving alone

Without Frame Aggregation

Data Unit

Frame

802.11n Overhead

Data Unit

Frame

802.11n Overhead

Data Unit

Frame

802.11n Overhead

With Frame Aggregation

Data Unit

Frame

802.11n Overhead

FrameFrame

40-MHz Channels:802.11n supports both 20- and 40-MHz wide channelsWider channels means more BW per AP

Frame Aggregation:Combine multiple data units into one frameSaves on 802.11n and MAC overhead

20 MHz

20 MHz

40 MHz

Auto Analogy:Twice the traffic lanes, twice the cars

Auto Analogy:Car pooling is more efficient than driving by yourself

Without FrameAggregation

With FrameAggregation

802.11nOverhead

Data Unit

Payload

802.11nOverhead

Data Unit

Payload Payload Payload

802.11nOverhead

Data Unit

Payload802.11n

Overhead

Data Unit

Payload

Frame Aggregation

114

Frame Aggregation: A-MSDU

Layer 3

MAC

PLCP

PMD

MAC HeaderMSDU

MSDU MSDU MSDU

MSDU MSDU

max 4 KB

max 2304 Bytes

MPD

U

PLCP

Header

MAC HeaderMSDU MSDU MSDU PPD

U

By reducing frame header overhead, 802.11n

stations can increase throughput substantially

Frame Aggregation: A-MPDU

MAC HeaderMSDU

PLCP Header

MAC HeaderMSDU

MSDU MSDU MSDU

MAC HeaderMSDU

MAC HeaderMSDU

MAC HeaderMSDU

MAC HeaderMSDU

max 65 KB

max 2304 Bytes

MPD

U

Layer 3

MAC

PLCP

PMD

Frame Aggregation Efficiency

Efficiency at 300

Mbps for:

• No Aggregation

• Maximum A-MSDU

Aggregation

• Maximum A-MPDU

115

Frame Aggregation Efficiency

Efficiency at 600

Mbps for:

• No Aggregation

• Maximum A-MSDU

Aggregation

• Maximum A-MPDU

Block Acknowledgements


(BlockAcks) are used as lists of

data frames being acknowledged.

BlockAcks allow selective

retransmission of data frames.


Time

ACK

F1

F2

ACK

F3

ACK

Data – Ack – Data – Ack

BEFORE

116

Time

F1

F2

F3

ACK-1, 2, 3

F1 F1 F1

ACK-1, 2, 3

Time


AFTER

Reducing MAC Overhead

DIFS/AIFS PIFS

SIFSContention Window

Back-Off

Time (t)

Busy Medium Next Frame

RIFS is used in a

very limited

number of

situations in

802.11n

deployments

• SIFS

• PIFS

• DIFS

• AIFS

• EIFS

• RIFS

Short Interframe Space

PCF Interframe Space

DCF Interframe Space

Arbitration Interframe Space

Extended Interframe Space

Reduced Interframe Space

Power Save: SMPS & PSMP

Spatial Multiplexing Power Save

Dynamic

Static

Power Save Multi-Poll

Unscheduled

Scheduled

(PSMP)(SMPS)

117

SMPS: Static

SMPS: Dynamic

Unscheduled PSMP (U-PSMP)

BUFFE

R

BUFFER

sleep trigger/data ACK/sleep

data data data

AP

CLIENT

118

Scheduled PSMP (S-PSMP)

BUFFER A

& B

TSpe

c

Req

AP

STAsTSpe

c

Req

Dat

a

A

Dat

a

B

DTT BUFFER A &

B

Dat

a

Dat

a

UTT

NAV

prevents

transmission

Sched

ule

STA-A

(PSMP)

STA-B

(PSMP)

STA-C

(Non-PSMP)

802.11n Coexistence

2.4GHz 5GHz

802.11a/b/g clients interoperate with 802.11n andexperience performance improvements

802.11n Operates in Both Frequencies

PPDU Frame Formats

L Legacy (non-HT)

STF Short Training Field

LTF Long Training Field

SIG Signal

HT High Throughput

L-STF L-LTF L-SIG

8us 4us8us

Data

L-STF L-LTF L-SIG HT-SIGHT-

STFHT-LTF

8us 8us 4us 8us 4us

Data

HT-GF-STF HT-LTF1 HT-SIG

Non-HT

(Legacy)

Mixed

Format

HT

Greenfield

8us 8us 8us

4us

.. HT-LTF(E)

HT-LTF

(E)

HT-LTF..

HT-LTF Data

4uS per

LTF 4us

.. HT-LTF(E)

HT-LTF

(E)

HT-LTF..

4uS per

LTF

4uS per

LTF

4uS per

LTF

119

Mode 0: (called ―Greenfield‖ Mode) - if all stations in a

20/40 MHz BSS are 20/40 MHz HT capable or if all stations in

the BSS are 20 MHz HT stations in a 20 MHz BSS.

Mode 1: (called HT non-Member Protection Mode) - used if

there are non-HT stations or APs using the primary and/or

secondary channels

Mode 2: (called HT 20 MHz Protection Mode) - if only HT

stations are associated in the 20/40 MHz BSS and at least

one 20 MHz HT station is associated.

Mode 3: (called HT Mixed Mode) - used if one or more non-

HT stations are associated in the BSS.

802.11n HT Protection Modes

The ―Operating Mode‖ value should

actually be decoded as ―HT

Protection‖ (per 802.11n-d4.00,

Section 7.3.2.58), and it contains

valuable information about what is

happening in the WLAN.

802.11n HT Protection Modes

20/40 MHz Mode

• AP must declare 20 MHz or 20/40 MHz

support in Beacons

• STAs must declare 20 MHz or 20/40 MHz in association or reassociation frames

• STAs must reassociate between 20 MHz and 20/40 MHz modes

• If 20/40 MHz capable STAs transmit using a single 20 MHz channel, it MUST be on the primary channel

5.25

GHz

5.15

GHz

UNII-1

20/40 MHz BSS Mode

20 MHz 802.11a/g/n stations and 40 MHz

capable 802.11n stations can operate within

the same cell at the same time.

120

PCO BSS Mode

Phased Coexistence Operation (PCO) is an optional coexistence mechanism in which an AP

divides time into alternating 20 MHz and 40 MHz phases. Although PCO improves

throughput in some circumstances, PCO might also introduce jitter.

Dual CTS

Stations send RTS to AP for uplink transmissions AP responds to RTS with HT and Legacy CTS frames APs use CTS-to-Self frames to accomplish the same

goal for downlink transmissions

Dual CTS Protection

L-SIG Legacy stations can read the L-SIG field in a mixed

mode PHY frame header 802.11n stations use the L-SIG field to indicate to

legacy stations how long to be silent

L-SIG TXOP Protection

121

40 MHz Intolerant

Can be indicated by an AP in Beacons and Probe Response Frames in the HT Capabilities Info field

Can be indicated by Stations in their HT Capabilities Info field in various frames

40 MHz Intolerant

Wi-Fi Certification for Draft 2.0

Feature AP / STA Mandatory Tested if implemented

2 spatial streams in Tx mode AP X

2 spatial streams in Rx mode AP/STA X

A-MPDU & A-MSDU AP/STA X

Block ACK AP/STA X

2.4 GHz operation AP/STA X

5 GHz operation AP/STA X

40 MHz channel in 5 GHz band AP/STA X

Greenfield preamble AP/STA X

Short GI in 20 & 40 MHz bands AP/STA X

Concurrent 2.4 and 5 GHz operation AP X

WMM QoS AP/STA X

WPA/WPA2 with Extended EAP AP/STA X

802.11n Considerations

802.11n Deployment Considerations

Core/Distribution/

Edge Switching

Speed

PoE, Cable Plant

Certification (or

Replacement)

Backward

Compatibility

Effects

RF Spectrum Design

and On-going

Management

Deployment

Strategy

Client PHY

Population

Expected vs.

Actual Speed

Enhancements

Increasing WLAN

Use

Migration

Strategy

Mesh Deployments

Site Survey Requirements

Controller Capacity

2.4 GHz vs. 5 GHz

Architecture Scalability

122

Backhaul Speeds

Power over Ethernet (PoE)

• Dual-, triple-, or quad-radio 802.11n APs often require more power than 802.3af PSE devices can provide.

• Most dual- or quad-radio 802.11n APs can operate in a diminished capacity while operating on 802.3af power.

• This could mean operating at 2x3 or 2x2 MIMO instead of 3x3.

• This could also mean full operation of only a single radio in the AP.

802.3af? 802.3at? Proprietary?

Cable Plant Certification

Since multi-band 802.11n APs can put 200-400 Mbps

onto the Ethernet backhaul connection, it is important

to verify that the cable plant is providing high quality

connectivity.

123

802.11n Deployment Strategy

• 5 GHz Recommended for 802.11n

– More available spectrum; greater number of channels

– Benefits from 40 MHz channels, although 20 MHz still works well

• 2.4 GHz still benefits from MIMO and frame aggregation

– Ideal for legacy applications (handhelds, scanners, & medical applications)

1

2 3

2

1 3 5 7 9 11

4 6 8 10

5 GHz 40 MHz Channels2.4 GHz 20 MHz Channels

802.11n Migration Strategy

• All vendors implement 802.11n infrastructure differently

• Look to manufacturer’s design guides for optimal migration strategies

• Migrate to 802.11n client devices as early as possible (preferably before an infrastructure migration to 802.11n)

Client Population

• 802.11a? 802.11g? 802.11n?

• Internal or External Antennas?

• Capable of Fast BSS Transition (e.g. 802.11r)?

• Support for which 802.11n MIMO features?

• Maximum radio output power?

• DFS/TPC capable?

124

Site Survey Methodology

Site Survey Methodology

APs should be placed

to take advantage of

multipath

Client population

should be considered

Data Forwarding Scalability

L3 Core Switch

WLAN Controller

L2 Edge Switch

File Server

125

802.11n Tools: Analyzer

802.11n Tools: Calculator

802.11n Tools: Simulator

126

802.11n Tools: Efficiency

Analyzer: AP Detail

The top line indicates a strong 40 MHz signal using channel 3 as primary with the secondary channel located above channel 3.

Notice that the

channel-3 AP

affects every usable

channel in the

entire 2.4 GHz

spectrum because it

is using a 40 MHz

channel.

Channel Occupancy Effects

127

Review

• Challenges addressed by 802.11n

• 802.11n PHY/MAC layer enhancements

• MIMO and SISO systems

• 802.11n coexistence mechanisms

• 802.11n integration and deployment

considerations

• 802.11n site surveying and analysis


MIMO

Transmit

Beamforming

(TxBF)

Maximal Ratio

Combining (MRC)

Spatial

Multiplexing (SM)

Space Time Block

Coding (STBC)

40 MHz Channels

Channel Bonding

More Subcarriers

Non-HT Duplicate

Format

Optional Short

Guard Intervals

Modulation Rates

Antenna Selection

PHY

Enhancements

MAC

Enhancements

Frame

Aggregation

Block ACKs

RIFS

SMPS

PSMP


Brought to you by

Site Surveying

128

Objectives

• What is an RF site survey?

• Spectrum Analysis

• Types of RF site surveys– Manual RF site surveys

• Passive

• Active

– Predictive Modeling

• Dense AP deployment

In this video…

What is an RF Site Survey?

The Survey Process

RF Coverage Model Review

Pre-deployment audit to verify

RF coverage plan

Post-deployment audit

Deployment

Design

Project Phasing

Final RF node adjustments

Gathering Information

Maintenance and management

Deployment quality is

proportional to the

quality of the initial

stakeholder meetings

The on-site RF site survey

is often the 5th step in

the survey process.

129

Understanding the customer’s requirements

• Purpose

• Available Resources

• Existing Networks

• Business Requirements

• Technical Requirements

• Security Requirements

• Application Requirements

Access and Documents

Access to wiring closets, digital or printed copies of floor plans, security badges

(when required), etc. is essential at the beginning of the survey.

Spectrum Analyzers

A quiet background is the foundation of a

reliable, resilient, high-performance RF link. The

design objective should be -95 dBm. A high and

unstable noise floor usually affects clients first,

then APs.

130

Portable, Traditional Spectrum Analyzers

Spectrum Analysis

Identifying Legacy and Non Wi-Fi 802.11 Transmissions

Proxim’s RangeLAN/2 FHSS Access

Point

BreezeCOM’s BreezeNET Pro.11 FHSS

Access Points

Belkin’s USB Bluetooth Adapter

131

Two Types of RF Site Surveys

Predictive Site Survey

Manual Site Survey

• Passive

• Active

Manual RF Site Surveys

Most manual site

survey tools allow

importing of raster

and vector graphical

floor plans.

There are many

available applications

for converting vector

floor plans to raster

format.

Manual RF Site Survey Applications

132

Manual Site Survey Kit

Predictive RF Site Surveys

Allows for ―what if‖ scenarios

Have extensive propagation

characteristic databases

Predictive RF Modeling Tools

133

General Survey Principles

Additional Factors

Frequency

Channel Reuse (MCA systems)

Antenna Patterns and Gain

Transmit Power

Physical Environment

Co-channel & Adjacent Channel Interference

Elements of Propagation

Quiet RF Background (Noise Floor)

Correct Amount of Bidirectional Output Power

Stable Power Throughout the Environment

Design Elements and Considerations

80% Use of Directional Antennas When Possible

-65 dBm Cell Edges for data

Audit Point Selection

Interference Detection & Mitigation

Surveying for the Clients (Roaming, PHY support, etc.)

Channel Reuse

MCA vs. SCA

Single Channel Architecture

(SCA)

Multiple Channel Architecture

(MCA)

134

Channel Reuse

Coverage vs. Capacity

It’s important to note

that there’s a point of

diminishing returns

when designing

―micro cell‖

networks. When APs

are too close

together, co-channel

interference

significantly affects

single-AP and

aggregate system

performance.

VoWLAN Surveying

The recommended AP cell overlap for VoWLAN deployments at 2.4 GHz

is 20%. For 5 GHz, 15-20% is recommended.

135

Surveying for SCA Systems

AP .11b/g Channel

1 6

2 6

3 6

AP1 AP2 AP3

Transmissions are coordinated by the controller so that only one AP is

transmitting in a particular area at a time.

Portability vs. Mobility

Recommended Rx Thresholds

Data Rates

(Mbps)

2.4 GHz

Receive Threshold

(dBm)

2.4 GHz

VoIP Traffic

Threshold (dBm)

5 GHz

Receive Threshold

(dBm)

54 -61 -56 -58

36 -63 -58 -63

24 -67 -62 -67

12/11 -72 -67 -72

6/5.5 -79 -74 -75

2 -81 -76 N/A

1 -84 -79 N/A

136

The Site Survey Report: The Deliverable

An electronic survey template

should be kept up-to-date by

the surveyor

Some completed by customer

RF Site Survey Forms

Some completed by surveyor

Customer interview results, AP/antenna mounting,

interference sources & types, power sources & types, etc.

Review

• What is an RF site survey?

• Spectrum Analysis

• Types of RF site surveys– Manual RF site surveys

• Passive

• Active

– Predictive Modeling

• Dense AP deployment


137

Brought to you by

Basic WLAN Security

• The Importance of WLAN Security

• Security Policies

• Legacy WLAN Security Mechanisms

• Modern WLAN Security Mechanisms

• Baseline WLAN Security Practices

Objectives

In this video…

The Importance of WLAN Security

138

“… only as strong as the weakest link”

WLAN Security is…

Wi-Fi Worries at Home

Is Your WLAN Secure?

139

Network Security Components

General Security Policy

Image Area

• General Security Policy

– Statement of Authority

– Applicable Audience

– Violation Reporting Procedures and Enforcement

– Risk Assessment

– Security Auditing

Network security depends on having a comprehensive and flexible security policy

Image Area

• Functional Security Policy

– Password Policies

– Training Requirements

– Acceptable Usage

– Security Configurations for Devices

– Asset Management

Functional Security Policy

140

• Legislative Compliance– Dept. of Defense

• Directive 8100.2

– HIPAA– Sarbanes-Oxley– Gramm-Leach-Bliley Act

• Implementation is the responsibility of IT department

• Must be verifiable and auditable

• There may be penalties for non-compliance

Security Policy: Compliance

WLAN Discovery

SSID Hiding

141

• Legacy 802.11 equipment often implements:

– MAC address filtering

– Open System Authentication

– Shared Key Authentication

– Static WEP keys (for authentication and encryption)

– PPTP VPN connections

Legacy WLAN Security

Wi-Fi Protected Access

WPA and WPA2 are functionally different, and each

has two types: Personal and Enterprise

WPA Terminology

Wi-Fi Alliance

Security

Mechanism

Authentication

Mechanism

Cipher

Suite

Encryption

Mechanism

WPA-Personal Preshared Key TKIP RC4

WPA-Enterprise 802.1X/EAP TKIP RC4

WPA2-Personal Preshared Key CCMP (default)

TKIP (optional)

AES (default)

RC4 (optional)

WPA2-Enterprise 802.1X/EAP CCMP (default)

TKIP (optional)

AES (default)

RC4 (optional)

142

WPA2-Personal

Wi-Fi Protected Setup


143


Supplicant AuthenticatorAuthentication

Server

802.11 association

EAPoL-start

EAP-request/identity

EAP-response/identity (username) RADIUS-access-request

EAP-request (challenge) RADIUS-access-challenge

EAP-response (hashed resp.) RADIUS-access-request

EAP-success RADIUS-access-accept

Access Granted

Need

access!

Calculating

my key…

Calculating

this guy’s

key…

Access

blocked

Generic 802.1X Process

Role Based Access Control

144

WIDS/WIPS

Image Area

Written security policies can be

enforced using technical solutions

such as a WIDS/WIPS.

Protocol Analyzers

Baseline Practices: SOHO

Image Area

145

Baseline Practices: SMB

Image Area

Baseline Practices: Enterprise

Image Area

• The Importance of WLAN Security

• Security Policy

• Legacy WLAN Security Mechanisms

• Modern WLAN Security Mechanisms

• Baseline WLAN Security Practices

Review


notes

Documents

amendments enhancements

various amendments

amendments changes

dsss obsolete

ccmpaes obsolete

wlans obsolete

new standard

unii bands obsolete