802.11 MAC Details
Download
Report
Transcript 802.11 MAC Details
© BV
Fluke Networks
NETWORK SUPER VISION
© BV
How We Got Here! (A Brief History)
Focus on Value, Quality, and Reliability
Drawing on 50 year Fluke heritage of most reliable tools
available
Innovation
1993
Handheld
Network
Analyzer
“Firsts” in most categories entered
1995
Digital
Cable
Tester
1996
Handheld
Fast
Ethernet
Analyzer
1998
Out of
the Box
Network
Mgmt
1999
Digital Cat
6 Cable
Tester
2000
PC Support/
Help Desk
Test Tool
2000
Full line-rate
Gigabit
Analysis
2000
Portable &
Distributed
Protocol
Analysis
2000
Integrated
Network
Analyzer
2002
WorkGroup
Analyzer
2002
Handheld
Wireless
Analyzer
2003
WAN OC3 / 12
Analyzer
© BV
Fluke Networks Today
Annual Sales Over $150M
Over 500 Employees Worldwide
Direct Sales, Support, and Service in 22 Countries
47% of Sales Outside the US
91 of the Fortune™ 100 use our Solutions
Over 100,000 Network Testers Shipped To Date
© BV
Fluke Networks Products
Handheld
Network Testers
Cable and Fiber
Testing
Turn your staff into
powerful problem
solvers
Verification and Troubleshooting of Cable Plant
Network Analysis
Portable and Distributed
Solutions for Optimization
and Troubleshooting
© BV
Wireless Technology
NETWORK SUPER VISION
© BV
802.11 PHY Details
© BV
PHY Details: ISM (Industrial, Scientific and Medical)
Frequencies
UHF ISM
902.928 MHz
S-Band
2-4GHz
S-Band ISM
2.4-2.5 GHz
C-Band
4-8 GHz
C-Band satellite downlink
3.7-4.2 GHz
C-Band Radar (weather)
5.25-5.925 GHz
C-Band ISM
5.725-5.875 GHz
C-Band satellite uplink
5.925-6.425 GHz
X-Band
8-12 GHz
X-Band Radar (police/weather)
8.5-10.55 GHz
Ku-Band
12-18 GHz
Ku-Band Radar (police)
13.4-14 GHz
© BV
PHY Details: Regional Channels for 11b
© BV
PHY Details: 802.11, b, a and g
802.11
802.11b
802.11b+
802.11a
802.11g
Modulation
FHSS
HR/DSSS
PBCC
OFDM
OFDM
Technique
DSSS
Operating
Frequencies
2.4GHz
2.4GHz
2.4GHz
5GHz
2.4GHz
Maximum
Throughput
1Mbps
11Mbps
22Mbps
54Mbps
22Mbps
Ratified Standard
2 Mbps
to 54Mbps
Yes
Yes
1997
1999
No
Yes
Not Yet?
1999
2003
© BV
802.11 MAC Details
4 address fields:
• sender
• destination
• sender AP
• destination AP
Meaning is determined by To/From DS bits
© BV
802.11 MAC Details
Protocol includes layer 2 fragmentation
• used to avoid noise on 60 Hz cycles
• useful for microwave ovens, lights
• makes the protocol robust in noisy environments
• sign that noise is present
© BV
802.11 MAC Details
Protocol includes a retry bit
• set by client or AP if FCS fails
• used by our tools to detect errors caused by noise
• another sign that non-802.11 2.4Ghz noise is present
© BV
802.11 MAC Details
Protocol includes several status bits
• power management mode supported
• long data packets mode supported
• WEP security mode supported
• forced packet ordering supported, for VoIP applications
© BV
802.11 MAC Details
Management Frame Types
• Implements state machine
• Used for roaming
© BV
802.11 MAC Details
Control Frames
• Used to implement
CSMA/CA flow control
Carrier Sense Multiple Access
with Collision Avoidance
• Used to implement power
management
© BV
802.11 MAC Details
Data Frames
• Used to send data
• Used to implement
contention-free mode
token passing medium access
control
• Contention-free mode is
rarely deployed in practice
© BV
Architecture: 3 Choices
Ad-hoc
© BV
Architecture: 3 Choices
Infrastructure
© BV
Architecture: 3 Choices
Bridge
© BV
Architecture: 3 Choices
Ad-hoc
Infrastructure
Bridge
© BV
The Hidden Node Problem
Problem: Client 1 can’t hear Client 2 and avoid collisions
Answer: Access Point(AP) must give “clear to send” commands
© BV
802.11 State Transitions
Can send:
Control, Probe, Beacon
and Authentication frames
Association frames
Data frames
© BV
Roaming: The Basics
80%
30%
Step 1: Client probes AP 1 and AP 2
© BV
Roaming: The Basics
Authenticate
Associate
Step 2: Authenticate and Associate with
the AP with the strongest signal
© BV
Roaming: The Basics
40%
60%
Re-associate
Step 3: When signal strength for AP2 gets stronger,
send re-associate to AP2
© BV
Roaming: The Basics
Authenticate?
Step 4: Using IAPP (Inter Access Point Protocol) over
the wired interface,
AP2 asks AP1 if it should authenticate the client
© BV
Roaming: The Basics
Authenticate!
Step 5: AP1 responds with “authenticate” and forwards
traffic for the client
© BV
Roaming: The Basics
Re-associate
Step 5: AP1 responds with re-associate and forwards
traffic for the client
© BV
Roaming: The Basics
Disassociate
Step 6: Client Disassociates from AP1
© BV
Wireless Tool Must Haves
Wireless Tool Feature Requirements:
1. Automatic discovery and Site Survey
2. Equipment, Spectrum and Network views which
allow different problem solving approaches
3. Quick and convenient drill down diagnostics
4. Active troubleshooting tools to find load-related
issues
5. Packet Capture and Decode as a last resort, with
filters preconfigured based on troubleshooting
context
© BV
Hands On: Wireless SuperVision
NETWORK SUPER VISION
© BV
Wireless Security
Key Questions:
Are there rogues in my network?
How can I protect against war drivers?
How does wireless relate to my other security solutions?
Challenges:
The Policy Challenge
The WEP (Wired Equivalent Privacy) Challenge
Result:
Secure network
© BV
The Policy Challenge
© BV
The Policy Challenge
Challenge:
“How do I ensure users aren’t bringing in
rogue equipment from home?”
Design Approaches:
Outlaw private wireless LAN equipment
Enforce the policy with periodic walkthroughs
Bring the hurt down on someone to set the
message
© BV
The WEP Challenge
Challenge:
“Can I count on WEP as my security solution?”
Design Approaches:
Several Short-term solutions
A couple of emerging long-term solutions
© BV
Short-term Solution: No AP Beacons
Good:
Easy to implement
Stops casual connectors
Bad:
802.11b packets very easy to ‘sniff’ with free
software (and our tools)
Clients may not see AP
Overall
Don’t stop there!
© BV
Short Term Solution: MAC Filtering
Good
Easy to implement
Stops causal connectors
Bad
MAC addresses very easy to sniff and spoof
with free software (and our tools)
Administrative headache!
Overall
Don’t stop there!
© BV
Short-term Solution: VPN over Wireless
Good:
Often already deployed
Provides authentication and security
Protects mission-critical servers
Bad:
Doesn’t stop users from using network
resources
Overall:
Good stopgap solution
© BV
Long-term Replacement: 802.1x
Based on the Extensible Authentication Protocol (EAP)
Uses a RADIUS server to provide port based access
control and mutual authentication as well as
accounting services(AAA)
Uses digital certificates
Does not specify authentication mechanisms
Major Authentication Methods:
MD5,TLS, TTLS, LEAP, Kerberos
© BV
Long-term Replacement: 802.11i
Firmware fix to WEP (a.k.a. WEP 2 or WPA)
Unique key per host
Rotating keys (TKIP- temporal key integrity
protocol)
AES - Advanced Encryption Standard
Will require hardware upgrade for existing AP’s
Very strong encryption
FIPS (Federal Information Processing Standard)
197
© BV
Overall Strategy: Extend and Simplify
Goal 1: Extend Existing Systems
Dial-up, VPN, or Firewall solutions already
deployed
Goal 2: Old Tech in a New Way
Try to use known technologies instead of
deploying another system
Goal 3: Simplify Clients
Minimize complexity on the client side
New servers are easier than new clients
© BV
Wireless Tool Must Haves
Key Rogue Detection Feature Requirements:
1. Must be able to detect non-beaconing devices
2. Must be able to detect and locate
3. Must be able to differentiate rogue from deployed
4. Must scan all channels, not just US channels
© BV
Hands On: Rogue Detection & Location
NETWORK SUPER VISION
© BV
Design and Deployment
Key Questions:
What is this going to cost?
Do I have wireless interference?
How is it going to integrate into my wired network?
How will I certify my wireless deployment?
Challenges:
The Wiring Challenge
The Coverage Challenge
The IAPP Challenge
Wireless Certification
Result:
Wireless LAN ready for clients
© BV
How do I do a physical plan design?
Obtain or design a Map of Coverage Area
© BV
How do I do a physical plan design?
Look for radio wave obstacles
© BV
How do I do a physical plan design?
Access Points
Identify good potential AP locations
© BV
How do I do a physical plan design?
Look for likely for connection areas
© BV
How do I do a physical plan design?
Eliminate APs that didn’t cover the area
© BV
How do I do a network plan design?
Infrastructure
Cabling
Find or make a wired cabling map.
© BV
How do I do a network plan design?
Infrastructure
Cabling
Plan new AP Cabling. Calculate costs.
© BV
How do I do a walkthrough?
Checkpoints
Identify spots in coverage area away from APs.
© BV
How do I do a Rogue walkthrough?
Rogues
Neighbor on
channel: 6
Locate & Eliminate Rogues. Map Neighbors.
© BV
How do I do a Client walkthrough?
Document RF & Throughput at Checkpoints.
© BV
How do I finalize the network design?
Neighbor on
channel: 6
channel: 1
channel: 11
Assign different channels to avoid overlap.
© BV
How do I finalize the network design?
Checkpoints
channel: 1
Infrastructure
Cabling
channel: 11
Neighbor on
channel: 6
Schedule spot checks. Document Results.
© BV
The Wiring Challenge
Challenge:
“How do I Maximize Coverage While Minimizing Wiring
Costs?”
Design Approaches:
Use wireless only where portability is necessary
Smart use of directed and/or high gain antennas
Use power over CAT5E/6 to eliminate power wiring
© BV
The Coverage Challenge
Challenge:
“How do I fix dark spots?”
Design Approaches:
Identify coverage areas to start!
Perform a Site Survey
Use directional or high gain antennas
© BV
The IAPP Challenge
Challenge:
“How can I make sure roaming works?”
Design Approaches:
Standardize on one vendors access points
Ensure roaming works with the chosen security
system
Implement an AP VLAN
Reconfigure Subnets to put all APs in the same
subnet
© BV
The VLAN Challenge
Challenge:
“How do I make sure roaming works across
different VLANs?”
Design Approaches:
Verify both the wired and wireless segments with
a protocol analyzer/MIB browser
Verify from the perspective of the client
© BV
Wireless Certification
Challenge:
“How do I know that the wireless clients will be
able to connect to the network?”
Design Approaches:
Verify from the perspective of client that it can
connect from key locations
Verify and Document that APs are configured
correctly
Measure RF noise, preferably with trending
© BV
Wireless Tool Must Haves
Key Design Feature Requirements:
1. Must be able to detect RF signal strength
2. Must be able to detect RF signal quality (SNR)
3. Need a tool that works on the wired and wireless
side of the access point
4. Client Connectivity Testing, with clear failure
explanations
5. Automated Reporting of AP configuration baseline
© BV
Hands On: Site Survey with Baseline Reporting
NETWORK SUPER VISION
© BV
Troubleshooting & Load Balancing
Key Questions:
Is it the client or the network?
Is it the wired or wireless segment causing problems?
Is the issue connectivity or security?
Why is everyone’s connection slow?
Challenges:
The State Machine
The Equipment Challenge
The Bandwidth Hog
CSMA/CA
The Capacity Challenge
Result:
Trouble ticket resolved
© BV
The State Machine
Challenge:
“How do I know at what stage the association is failing?”
Troubleshooting techniques:
Use test tools to see the client’s connectivity state
Use protocol analysis to see the connectivity state
Check signal strength and signal quality
© BV
The Equipment Challenge
Challenge:
“How do I know if the client or the AP are misconfigured?”
Troubleshooting techniques:
Do a good network verification with baseline
documentation
Have a tool that is able to quickly evaluate configurations
of APs and clients
© BV
The Bandwidth Hog
Challenge:
“How do I know why client connections are slow?”
Troubleshooting techniques:
Use a tool to see top talkers and top protocols
Communicate to users the effects of their application
usage
Design Approaches:
Move high bandwidth applications to wired connections
© BV
CSMA/CA (Collision Avoidance)
Challenge:
“Why are client connections still slow?”
Troubleshooting techniques:
Track and trend the peak utilization of your high traffic APs
Design Approaches:
Cap the number of clients connecting to any AP to ~25
Have flexible deployment options in your high traffic areas
© BV
The Capacity Challenge
Challenge:
“How should I be designing for capacity?”
Design Approaches:
Assign clients to specific channels
Assign clients to specific SSID’s
Only put low-bandwidth users on the wireless
segment
© BV
Design for Coverage: Honeycomb
6
1
1
11
6
11
6
1
6
1
11
11
6
Provides for minimum of overlap in space
Provides for minimum of overlap in channels
© BV
Design for Capacity: Channels
1
6
11
Co-locate APs on three different Channels
Assign Clients to only one channel
Minimizes wiring costs
© BV
Design for Capacity: SSIDs
exec
main
admin
Co-locate APs on different SSIDs
Assign Clients to one SSID
Minimizes wiring costs
© BV
Wireless Tool Must Haves
Troubleshooting & Load Balancing Feature Requirements:
1.
AP – Client state display and Link tests
2.
Ability to see AP retransmits and fragmentation frames
3.
Ability to packet capture and decode a specific client
conversation
4.
Top Talkers / Top Conversations display
5.
Traffic Display with Layer 4 presentations
6.
Actual file transfer throughput analysis
© BV
Hands On: Troubleshooting & Throughput Tests
NETWORK SUPER VISION
© BV
The Wireless Family
WaveRunner
OptiView Wireless Analyzer
Brings the power of OptiView to wireless
LANs
10/100/1G wired and 11M wireless
Upgrade option for all OptiView models
Wireless LAN visibility in a Linuxbased PDA package
Includes iPAQ hardware, software
and holster
© BV
WaveRunner
Pocket Security Guard
Support for:
Rogue AP detection
Design, deployment planning
Monitoring and capacity
management
WLAN Troubleshooting
© BV
Rogue AP Detection – Search and Locate
Where is the Access Point?
Who is using this AP?
© BV
Design and Deployment Planning
Where do the antennas go?
How should I assign channels?
Can I connect from anywhere?
Do I have any channel interference?
Are the clients correctly configured?
© BV
Troubleshooting
Is the problem in the client?
Is the problem in the network?
© BV
Monitoring and Capacity Management
Can I add another client?
Who’s doing what?
© BV
From Protocol Analysis to Integrated
Network and Service Management Solutions
Understanding the power of a complete solution!
© BV
OptiView Network Analysis Solution
OptiView: Inspector Console
OptiView: Integrated Network
Analyzer (INA)
OptiView: WorkGroup Analyzer
(WGA)
OptiView: Protocol Expert
OptiView: Link Analyzer (LA)
OptiView: WAN Analyzer