Transcription
IEEE 802.11 Wireless LAN StandardIntroduction toChapter 29
TCP/IP is the more popular protocol especially after itwas incorporated it into UNIX (public, open source).TCP/IP is known today as the Internet Protocol. It isonly defined through 4 layers.IEEE 802 Protocol LayersLLCMAC
Protocol Architecture Functions of physical (lowest) layer: Encoding/decoding of signalsPreamble generation/removal (forsynchronization)Bit transmission/receptionIncludes specification of the transmissionmedium and topology (normally considered tobe below the physical layer but critical towireless LAN design)
Protocol Architecture Functions of media access control (MAC) layer: On transmission, assemble data into a frame withaddress and error detection fieldsOn reception, disassemble frame and perform addressrecognition and error detectionGovern access to the LAN transmission mediumFunctions of logical link control (LLC) Layer: Provide an interface to higher layers and perform flowand error control
TCP/IP
IEEE 802.11 Architecture (model) Distribution system (DS) – the network backboneAccess point (AP) – a bridge or relayBasic service set (BSS) Extended service set (ESS) Stations competing for access to shared wireless mediumIsolated or connected to backbone DS through APThe entity in which the stations are within range of each other althoughBSSs can easily overlapTwo or more BSS interconnected by DS usually a wired LAN802.11 WiFi is a CSMA/CD protocol, contention based, 500 ftcarrier-sense multiple access/collision detection802.16 or WiMAX (Worldwide Interoperability for Microwave Access), is along range system (MAN), known as Broadband WirelessAccess, a possible replacement for cell phones GSM/CDMA.Frequencies 2 – 66 GHz, uses SOFDMA (scalable OFDM) andbeginning to incorporate MIMO schemes, actuallycomplements WiFi (end devices with both capabilities)
802.11 Architecture ModelESSDS
IEEE 802.11 Services
Access Control
802.11 MAC and Physical Layer The lower segment of the Layer 2 services (MAC)is made up of reliable data delivery, mediumaccess control and security.The Physical Layer (Layer 1) where the electronsmove, consists of three physical media – DSSS(direct sequence), FHSS (frequency hopping) andInfrared in conjunction with the 802.11 standardsof today (802.11a/b/g/n/ac).
The Three Physical Media Definedby Original 802.11 Standard Direct-sequence spread spectrum Frequency-hopping spread spectrum Operating in 2.4 GHz ISM bandData rates of 1 and 2 MbpsOperating in 2.4 GHz ISM bandData rates of 1 and 2 MbpsInfrared 1 and 2 MbpsWavelength between 850 and 950 nm
Wi-Fi Infrastructure
Wi-Fi Infrastructure (continued)Authentication – validate a stations identityStations associate to an Access Point (AP)The AP is the normally the authenticator in a wirelessenvironment initiating the Extensible AuthenticationProtocol (EAP) for authentication.The authenticator server is a entity that provides anauthentication service to an authenticator. When used(normally in an enterprise environment) this servertypically executes EAP methods for the authenticator(AP). When used in an 802.11 environment this is aRADIUS server configured by the network admin.
EAP(Extensible Authentication Protocol)Types
802.11i Wireless Security Authentication and Encryption 802.11i – the security standard for 802.11 wireless LANsconsisting of 4 phases of discovery, authentication(802.1X) and encryption
IEEE 802.1x Authentication(port based network access control) Dynamically varying encryption keys802.1x wraps EAP (Extensible Authentication Protocol) intoEthernet frames instead of using the point-to-point protocol (PPP)Most of major wireless LAN vendors offer proprietary versionsof dynamic key management using 802.1x as a deliverymechanismIn typical 802.1x implementations, the client can automaticallychange encryption keys as often as necessary to minimize thepossibility of eavesdroppers cracking the current keyThe actual server doing the authentication, typically a RADIUSserver in an enterprise environment, is called the authenticationserver (AS). The device in between, such as a wireless accesspoint, is called the authenticator802.1x requires a lot of management overhead but good security
Web Based Authentication
Typical Authentication Settings
Typical Radius Server Settings
Security with 802.11/11i and WPA(Wireless Protected Access) – Encryption
Encryption Protocols
Wireless Encryption Options Open – no security, easy access to user’s entire network and computerMAC Address – limit access to specific hardware MAC address (unique toevery piece of hardware) but data communications completely openWEP – secure but vulnerable, shared (secret) key assured authentication butsince it was a fixed key used in each transmission it was easy to break, thus outof-date but part of legacy equipment requirements, master key of 40 or 104 bitsWPA or WPA-PSK – strong security, TKIP used for WPA and AES used withWPA-PSK. Setup requires a WPA Passphrase or Network Key along with theSSID (Service Set Identifier – a unique 32-character network name thatdifferentiates one wireless LAN from another, normally known or discovered).WPA2 and WPA2-PSK – very strong security (CCMP), combines bothTKIP AES, requires a WPA Passphrase and SSIDWireless Client Security Separation – dissallows associated wireless clients tocommunicate with each other (normally turned off but intended for hotspots andpublic access situations)
IEEE 802.11a (the enterprise wireless)5-GHz band with data rates of 6, 9, 12, 18, 24, 36, 48, 54 MbpsUses orthogonal frequency division multiplexing (OFDM)Subcarrier modulated using BPSK, QPSK, 16-QAM or 64-QAMEquipment was more expensive that consumer equipment for 802.11b802.11a on 5 GHz is not interoperable with 802.11 b/g that operate on 2.4Ghz although dual-band capable equipment is becoming more commonfor the consumer market.5 GHz band is less crowded than 2.4 GHz (thus less degradation due toconflicts, interference, etc) but physically has less range since it isabsorbed more readily by walls and other solid objects in the LOS pathOFDM has fundamental propagation advantages in a high multipathenvironment while the higher frequencies enable smaller antennas withhigher gain which counteract the disadvantage of a higher frequency.The increased number of usable channels (at least in the US) and the nearabsence of other interfering systems (microwave ovens, cordless phones,baby monitors) give 802.11a significant aggregate bandwidth andreliability advantages over 802.11b/g (you get what you pay for)
802.11 b/g/n IEEE 802.11b IEEE 802.11g Provides data rates of 5.5 and 11 Mbps at 2.4 GHz, a very crowded bandComplementary code keying (CCK) modulation schemeSuffers interference from other products operating in the 2.4 GHz bandmicrowave ovens, Bluetooth devices, baby monitors & cordless telephones2.4 GHz, up to 54 Mbps, OFDM same as 802.11aStill has the interference problems of the 2.4 GHz band.11g and .11b can operate simultaneously but with an .11b user in the cellthe wireless network will degrade the .11g performance (AP must dotranslation for .11b) but still much faster than .11b alone. It is a myth thatthe entire network downmodes to .11bDual-band, or dual-mode Access Points and Network Interface Cards(NICs) that can automatically handle a and b/g are now common in all themarkets, and very close in price to b/g only devicesIEEE 802.11n and 802.11ac are the latest IEEE WiFi standards
802.11n Signal Processing(MIMO)
802.11n Spatial Multiplexing
802.11n Channel Bonding
802.11n Terms Wi-Fi Alliance – Organization that certifies 802.11a/b/g/nproducts for operability, signified by the logoGreen Field Mode – eliminates support for 802.11a/b/gdevices when only 802.11n devices are presentMIMO – Multiple In, Multiple OutMIMO Power Save Mode – conserves power consumptionby making use of multiple antennas and radios only whenneeded.
802.11n Relative Rate & Range
Wireless Range Considerations
Wireless Range Factors
802.11n Lessons Learned .11n has realized better rate versus rangeBackward compatible with 802.11 a/b/g stations Mixed Mode (normal default for legacy compatibility) Legacy Mode – AP behaves like 802.11 a/g device withimproved performance but disabling .11n operation 802.11n Mode - .11n stations only, avoids air timeconsumption from legacy devices (802.11b)Tools – monitoring, diagnosis, compliance Needed to solve tough interference problemsKey Design Parameters: site surveys, device placement,security and wired network
802.11n Lessons Learned Live site surveys the only way to determine truecoverage802.11n signal propagation more dependent on theenvironment than 802.11a/b/g802.11n has 8X more bandwidth at 5 GHz butpropagation characteristics are very different from2.4 GHz band thus one must perform site surveys inboth bands; at a minimum survey at 5 GHzAlthough .11n has greater signal propagation than802.11a/b/g, distant stations and too many stationsper AP will lower performance
Security, Network Design Don’t use TKIP or especially WEPUse WPA2/AES – anything else is a compromise onsecurity and performance.11n operates 6-8X faster so encryption performancebecomes more important for APsWired networks and the switch/cabling infrastructuremust support Gigabit Ethernet to take full advantage of802.11n’s performanceMight need to re-evaluate the increased traffic load on thecore network with the performance aspects of 802.11n
RF Considerations .11n is optimized for 5 GHz and 802.11b devices on 2.4GHz kill performance. 5 GHz is the key.Move to 5 GHz as much as possible, force users by turning2.4 GHz radio power down and leaving 5 GHz at maximumBetter to force 802.11 a/g/n in the network configurationssince probably not many .11b devices around any morePerformance can vary greatly between NIC brands,probably because of early pre-ratification implementationof 802.11nPerform live testing of products and environmentNote that many .11n options are still to come so flexibleAPs (radios) are a key consideration
IEEE 802.11ac WiFi Standard Operates only on 5 GHz1st generation 1.3 GBPS up to 6.9 GBPS laterIncreased channel width – from 40 MHz maximum in 802.11n to 80 MHzin 802.11ac with 160 MHz in 2nd generation 802.11acHigher speed modulation (higher order) Increased spatial streams Support for multiple clients simultaneously communicating on the same channelinstead of just one at a timeEmphasis on capacity not coverage 3 spatial streams in 1st generation4 spatial steams in 2nd generationUp to 8 in the futureMulti-user MIMO 64 QAM in 801.11n to 256 QAM with 802.11ac(APs w/dual CPUs, Cellular Interference Avoidance, RF optimized)Will require gigabit Ethernet (backhaul) wired network infrastructure
IEEE 802.11 Architecture (model) Distribution system (DS) – the network backbone Access point (AP) – a bridge or relay Basic service set (BSS) Stations competing for access to shared wireless medium Isolated or connected to backbone DS through AP The entity in w
