The (New) Basics of Wireless LANs - Enterprise Connect (New) Basics of Wireless LANs Michael F....
-
Upload
duongtuyen -
Category
Documents
-
view
214 -
download
1
Transcript of The (New) Basics of Wireless LANs - Enterprise Connect (New) Basics of Wireless LANs Michael F....
Rev. 14.0 © dBrn Associates, Inc. 2006
The (New) Basics of Wireless LANs
Michael F. FinnerandBrn Associates, Inc.(516) [email protected]
2
What We’ll Cover …
• This mini-tutorial offers an overview WLANs, and what’s required to make them work for voice.
• It will cover the most important terms and technologies, including key elements of radio frequency (RF) engineering and the 802.11 wireless LAN (WLAN) standards.
• Explain how the inherent limitations affect voice quality over WLANs.
3
Key Questions…
• What are the key issues around coverage, channel capacity, interference, bandwidth and powering for WLANs and wireless voice?
• What must be done to deliver acceptable-quality voice over a WLAN?
• How much WLAN security is achievable? How much is enough?
• What has to happen for WLANs and cellular networks to interwork?
4
Session Outline
1. State of the WLAN Market2. Security Issues3. WLAN Infrastructure
Capacity/Quality of ServiceHandoffsManagement
4. VoWLAN HandsetsProprietarySIP-basedWLAN/Cellular Options
5. Planning Recommendations
Rev. 14.0 © dBrn Associates, Inc. 2006
Section 1
State of the WLAN Market
6
State of the Market
• WLAN Equipment Sales topped $2.87 Billion in 2005Growth rates vary by segment but average around 15%The market for WLAN switches is growing more than 30%There are roughly 60 million 802.11-compatible devices in use, though less than 1% of those are voice devices
• Consumer/Small Office Segment:In 1Q05, SOHO/Consumer sales still represented 51% of the WLAN equipment market
• Enterprise Segment:Large organizations are now moving to pervasive WLAN coverageAs they do, the trend is away from standalone access points to centrally controlled Wireless LAN switches
7
VoWLAN Architecture Options
• Shared NetworkVoice and data users share the same WLANCheapest to deploy, but requires QoS to prioritize voice
• Dual Overlay NetworkBuild separate WLANs for voice and data
A 2.4 GHz b/g network for data users (legacy)A 5 GHz a network for voice users
No interference between the two networksDual channel access points help reduce the costDifferent radio coverage plans required for 2.4 GHz versus 5 GHz signal loss
Rev. 14.0 © dBrn Associates, Inc. 2006
Section 2
Security Issues
9
Wi-Fi Security
• Security is the most often cited reason why enterprise customers defer the installation of wireless LANs
• Three generations of WLAN security:Pre-Security:
Wired Equivalent Privacy (WEP) is badly flawed and should not be used as the sole means of protecting a networkThe VLAN/VPN security “work around” is still widely used-
… It is not an option for voice!Current Best Practices:
Wi-Fi Protected Access (WPA) for privacy using TKIPIEEE 802.1x Authentication (Extensible Authentication Protocol)
Emerging Security Solutions:IEEE 802.11i privacy based on the Advanced Encryption StandardRequires a hardware upgrade so most client devices will not be upgradeable (some APs have the required hardware and only need new firmware)Beginning in '06, new Wi-Fi Certified devices must have 802.11i
10
Major Areas of WLAN Security Exposure
• Radio LeakageWLAN networks often provide excellent coverage in the parking lotExposure for eavesdropping and unauthorized network access
• Clear Text HeadersWhile the content of a WLAN frame may be encrypted, the header fields are sent in the clearHackers get a head start on strategies like MAC spoofing
• Denial of ServiceAttacks on the WLAN association protocols (not to mention "Radio Jamming") can be added to the list of DoS strategies
• WLAN hacking tools are readily available:NetStumbler (www.netstumbler.com): Locates NetworksAirSnort (www.airsnort.shmoo.com): Cracks WEP KeysPringles Antenna (www.arwain.net/evan/pringles.htm): Improves receptionVOMIT Voice Decoder (http://vomit.xtdnet.nl/)
11
Special Challenges for WLAN Voice
• Many existing handsets can only support WEPMonitoring phone calls would be a relatively simple matter
• Unauthorized access can allow for toll fraudHackers could make calls on your account
• The requirement to support for legacy devices can limit your available options
Many early devices like bar code scanners are not upgradeable to WPA, much less WPA2Using multiple virtual APs (i.e. Virtual WLANs) on the same radio channel may address the problemCompatibility with the installed base is not an issue if a separate WLAN is deployed for voice
12
Security Conclusion
• WLAN security tools are more than adequate if we use strong 802.1x authentication and 802.11i/WPA2
• WPA is also an acceptable solution, though many enterprise users have bypassed it based on its use of RC4-based encryption
• Existing VoWLAN handsets are a generation behind in security, but the new generation handsets should incorporate the necessary security features
• We still face the same range of threats as with other WLAN and VoIP solutions
Rev. 14.0 © dBrn Associates, Inc. 2006
Section 3
WLAN Infrastructure
14
Infrastructure Issues
• Management: WLAN Switch Configuration
• Capacity: Radio Link Options- 802.11b, g, a, and n
• Quality of Service:802.11eProprietary QoS Solutions
• Handoffs802.11rProprietary Solutions
15
Network Issues for VoWLAN
Shared Media LANs are not recommended for voiceChannel sharing inevitably introduces variable delay into the path-
“Non-isochronous” service
Major Issues in WLAN Voice:1. Capacity/Quality of Service
Impacts latency and the incidence of dropped packets2. Hand-off Capability
Required Timeframe: 50 msec or less3. Security
Typically a generation behind data devices4. Battery Life
16
A large-scale wireless LAN is essentially an indoor cellular network.
Traditional WLAN Problems:1. Network Layout:
Manual site planning required to insure capacity and coverage2. Channel Assignment:
Channel assignment and manual power adjustment needed to insure coverage while limiting co-channel interference
3. Security:Defined in each access point creating a security exposure if
an access point is stolen.4. Hand-off Capability
Far too slow for voice applications5. Detecting Rogue/Malicious APs and Ad Hoc Networks:
Requires RF monitoring system (e.g. AirDefense, AirMagnet) or periodic manual sweep with a test set
Wireless LAN Switches
WLAN switches were designed to address the requirements of large-scale, enterprise-grade wireless LANs
17
LAN Switch
“Thin”Access Point
WirelessLAN Controller
Wireless LAN Controller:Centralize the security and network management functions and use a relatively “dumb” access point(Cisco also has a controller [WLSM] for its "fat" Aironet APs)
“Thin”Access Point
Wireless LAN Switch Solution
Client device associates with the central controller
18
• RF Management/Power AdjustmentAutomatically selects channels and adjusts power levels on installation or when new cells are added to the networkGreatly simplifies site survey and RF coverage planning
• Centralize Authentication and EncryptionUsers associate with the switch rather than the access pointStealing a Thin AP creates no security vulnerabilitySome can control remote office or home APs as well
• Hand-off CapabilityUser connections can be handed-off from one access point to another in <50 msec
• Rogue/Spoofed Access Point DetectionThe WLAN switch will recognize any transmissions that are not from its access pointsSome will launch attacks to disable them
• Rogue/Spoofed Access Point LocationMost products provide tools to assist in locating rogues
Wireless LAN Switch Capabilities
19
Major Vendors (Alphabetical Order)
• Aruba- www.arubanetworks.com• Cisco (Airespace Product Line)- www.cisco.com• Meru Networks- www. merunetworks.com• Siemens: http://communications.usa.siemens.com/home.html• Trapeze- www.trapezenetworks.com• Xirrus- www.xirrus.com
20
IEEE 802.11 Radio Link Specifications
Channels are half-duplex, shared media, and operate in the 2.4 G or 5 GHz unlicensed bands (no protection from interference)
Standard802.11b
802.11g
802.11a
802.11n
ModulationDSSS
OFDM
OFDM
OFDM
Max Rate11 Mbps
54 Mbps
54 Mbps
289 Mbps(20 MHz)
Channels3
3
23
26
Band2.4 GHz
2.4 GHz
5 GHz
2.4 & 5 GHz
LicensedNo
No
No
No
• Cellular Configuration: Each standard supports a number of independent, non-interfering channels
All users in range of the access point share one radio channelChannels cannot be reused in adjacent cellsData rate declines with distance, obstructions, and interference
21
Shared 802.11b/g Networks
• Good News:802.11b and g users can share a single network
• Bad News:When a single 802.11b device joins the network, all 802.11g devices shift to the RTS/CTS transmission mode reducing throughput for g devices by 50%802.11b users operate at a lower rate and will take longer to send frames802.11g devices must use the longer waiting intervals and back-off ranges defined for 802.11b
• The Fix:The fastest performance improvement in WLANs is to get rid of all legacy 802.11b devices
22
Pro's and Con's for 802.11a
• Number of Channels:The biggest factor in favor of 802.11a is that the 5 GHz band provides 23 channels versus 3 for the 2.4 GHz band, greatly simplifying channel assignment High capacity enterprise WLANs, particularly those supporting voice, will likely migrate to 802.11a Dual overlay network: A "b/g" network for data and an "a" network for voice
• Range/Network Layout: Higher frequency 5 GHz radio signals lose more power, and have poorer wall penetration so more access points will be neededThe 802.11a devices do transmit at a higher level, partially offsetting those factors
• Interference:For the moment there are fewer interference sources in the 5 GHz band, but that advantage will likely disappear over time
• Cost: There is a 15% to 20% premium for 802.11a today, but that is declining while equipment availability is improving
• Installed Base: 802.11b represents the vast majority of the installed base and most current NICs combine 802.11b and g, not b and a.
23
802.11n- Multiple Input-Multiple Output (MIMO)
• Major development in radio systems to improve rate, range and reliability (The "3-R's")Bit stream is divided into multiple (up to 4 in 802.11n) transmit "chains" Separate antennas used to send each transmit signal; all operate in the same radio bandwidth!Multiple receive antennas capture each transmit chain and combine the received power. The individual transmit chains can be identified by the unique radio "fingerprint" (i.e. spatial diversity")Complex receive signal processing is now becoming cost effective!
RadioTransmitter
Switch
or
Antenna Diversity
RadioTransmitter
MIMO System
RadioTransmitter
RadioReceiver
RadioReceiver
Processor
24
802.11n Modulation/Coding Options802.11n Data Rates in 20 MHz Channel
Data Rate (Mbps)1 Stream 2 Streams 3 Streams 4 StreamsModulation FEC
800ns 400ns 800ns 400ns 800ns 400ns 800ns 400nsBPSK 1/2 6.5 7.2 13.0 14.44 19.5 21.7 26.0 28.9QPSK 1/2 13.0 14.4 26.0 28.89 39.0 43.3 52.0 57.8QPSK 3/4 19.5 21.7 39.0 43.33 58.5 65.0 78.0 86.7
16-QAM 1/2 26.0 28.9 52.0 57.78 78.0 86.7 104.0 115.616-QAM 3/4 39.0 43.3 78.0 86.67 117.0 130.0 156.0 173.364-QAM 2/3 52.0 57.8 104.0 115.56 156.0 173.3 208.0 231.164-QAM 3/4 58.5 65.0 117.0 130.00 175.5 195.0 234.0 260.064-QAM 5/6 65.0 72.2 130.0 144.44 195.0 216.7 260.0 288.9
802.11n Data Rates in 40 MHz ChannelData Rate (Mbps)
1 Stream 2 Streams 3 Streams 4 StreamsModulation FEC800ns 400ns 800ns 400ns 800ns 400ns 800ns 400ns
BPSK 1/2 13.5 15.0 27.0 30.0 40.5 45.0 54.0 60.0QPSK 1/2 27.0 30.0 54.0 60.0 81.0 90.0 108.0 120.0QPSK 3/4 40.5 45.0 81.0 90.0 121.5 135.0 162.0 180.0
16-QAM 1/2 54.0 60.0 108.0 120.0 162.0 180.0 216.0 240.016-QAM 3/4 81.0 90.0 162.0 180.0 243.0 270.0 324.0 360.064-QAM 2/3 108.0 120.0 216.0 240.0 324.0 360.0 432.0 480.064-QAM 3/4 121.5 135.0 243.0 270.0 364.5 405.0 486.0 540.064-QAM 5/6 135.0 150.0 270.0 300.0 405.0 450.0 540.0 600.0
The 802.11n Standard is scheduled to be ratified in September 2007, but upgrading to 802.11n will require new hardware (APs and NICs)
25
WLAN Quality of Service- IEEE 802.11e
IEEE 802.11e, a new MAC protocol option to provide WLAN Quality of Service (QoS) capabilities
Two options:1. Enhanced Distributed Control Access (EDCA)
2. Hybrid Controlled Channel Access (HCCA)
• Wi-Fi Certification BeginningWi-Fi Multimedia (WMM) was the Wi-Fi Alliance's short-term fix
• Backwards compatible with existing devices and should require only a software upgrade
26
Option 1: Enhanced Distributed Control Access (EDCA)
Enhanced Distributed Control Access (EDCA):The most likely implementation of 802.11eContention-based protocol with 4-level priority ("Access Categories")
VoiceVideoBest Effort (Same priority as current WLAN traffic)Background Data
Provides priority channel access, not consistent delayArbitrated Inter-Frame Spacing (AIFS): Shorter Inter-frame spacing and back-off range (CWmin and CWmax) for higher priority stations
• StreamingThe ability for a voice device to send all of the packets constituting a speech burst before relinquishing the channel
• EDCA Result: Priority Access, Not Consistent DelayWith EDCA, voice and video transmitters have higher-priority access to the shared channel…but, all voice users are vying for the channel with the same priority
27
Option 2: HCF Controlled Channel Access (HCCA)
• Hybrid Controlled Channel Access- (HCCA)HCF defines a mechanism to support isochronous serviceThe AP takes control of the network by broadcasting a message that causes all stations to set their NAVs (waiting timers). At other times stations use EDCA access.Some enhancements over PCF:
Stations will have a profile defining their requirements for bandwidth, latency, and jitter (TSpec)The AP will reply with a”Busy Signal” if it cannot meet the profileDuring that reserved contention-free period, the AP polls stations that require time-sensitive serviceBackwards compatibility may be a problem as older APs will have to respond with a “Service Not Available” message when a client requests Polled Service.
28
Meru Networks' QoS Solution
• Meru Networks- Contention ManagementUsing the NAV timer capability, the Meru WLAN switch can cause client devices to transmit in specific time slots
By reducing collisions, they can support 30 simultaneous voice conversations on an 802.11b networkThe network uses a special configuration of overlapping AP coverage areas
Source: Meru Networks
29
WLANs Impact on Latency
• Network Latency has been the major complaint with packet voice systems
• Requirement: One-way latency <150 msec
Hardwired IPG.711 (64 K)G.729A (8 K)
WLANG.711 (64 K)G.729A (8 K)
Difference
AlcatelOMNI PCX
57 msec42 msec
81 msec87 msec
24-45 msec
AvayaS8700/G650
67 msec76 msec
92 msec89 msec
13-25 msec
CiscoIP Com Sys
54 msec71 msec
90 msec92 msec
21-36 msec
SiemensHiPath 4000
54 msec81 msec
N/AN/A
--
ShoreTelShoreTel5
47 msec55 msec
N/AN/A
--
Source:Miercom, Business Communications ReviewJanuary 2005
30
Hand-off Options
Voice devices will be far more mobile than data devices, so the ability to hand-off calls between APs will be critical
• IEEE 802.11rDeveloping standard for fast, secure WLAN handoffsStandard not expected before late-2006!!
• Vendor Proprietary Options- WLAN SwitchMost WLAN switches can provide fast (<50 msec), secure handoffsTypically use a Pre-Authentication mechanism that eliminates the traditional reassociation processWe may loath vendor-proprietary solutions, but this is the only available option in the near term
31
Voice Capacity Considerations
• A significant portion of the transmission time is taken up waiting or sending control messages
• What About Voice?Voice channels supported:
6- to 8- simultaneous calls on an 11 Mbps channel20 simultaneous calls on a 54 Mbps channel
• Impact of 802.11e QoSNot more calls, just "better" calls
• Call access control, neighbor reporting, and load balancing will also be required to insure adequate performance
If the network can only support 8 simultaneous calls and you let 12 calls get set-up, you don't get 8 "good ones" and 4 "bad ones"You get 12 "bad ones"!
• WLANs also increase transit delay by 20- to 40-msec
Rev. 14.0 © dBrn Associates, Inc. 2006
Section 4
VoWLAN Handsets
33
Section Outline
• Major TypesProprietarySIP-basedWLAN/Cellular Options
• Required Features• Other Issues
Form FactorBattery Life
34
Standard VoWLAN Configuration
• Proprietary VoWLAN Handsets: Cisco, SpectraLink, Siemens, RIM, Vocera• Server/Gateway: Manages connections for VoWLAN Handsets• Wireless LAN: WLAN Infrastructure described earlier
Access Points
VoWLAN ServerIP TelephonyServer
WiredIP Telephones
802.11 EquippedHandsets
35
SIP-based VoWLAN Configuration
• SIP-compatible VoWLAN Handsets• SIP Server• Wireless LAN
Access Points
SIP Server
WiredIP Telephones
802.11 EquippedHandsets
36
• Cisco: 7920
• RIM BlackberryBlackberry 7270
• Spectralink:NetLink e340- General OfficeNetLink h340- HealthcareNetLink i640- Ruggedized
• SiemensoptiPoint WL1optiPoint WL2
• VoceraCommunications Badge
• Prices start at around $350
SpectraLink H340
Vocera Communications Badge
Siemens optiPoint WL2
Voice over WLAN Handsets
37
VoWLAN Handset Comparison
Cisco7920
802.11b
G.711G.729A
WEP/WPA
802.1x LEAP
Blackberry7270
802.11b
G.711
WEP
802.1x LEAP
SpectraLinke340
802.11b
G.711G.729A
WPA/WEP
802.1x LEAP
SiemensoptiPoint WL2
802.11b/g
G.711G.729A/723
WEP/WPA
802.1x LEAPEAP-TLS
VoceraComms Badge
802.11b
G.711Prop. 8K
WEP
802.1x LEAP
WLAN
VoiceCoding
Encryption
Authen-tication
38
Required Features
• What to look for in buying VoWLAN handsets:Radio Link: 802.11 a (802.11g as a minimum)Security: 802.11i/WPA2 (WPA as a minimum)Quality of Service: 802.11e QoS (EDCA as a minimum)Battery Life: WMM Power Save Control: Call access control and AP load sharing capabilitiesMonitoring and Maintenance: Tools to recognize capacity problems and provide fast, accurate troubleshooting
39
Form Factor
• Most VoWLAN handsets are ugly!• In dealing with lower-level personnel (e.g. nurses,
warehouse personnel, etc.), handset appearance is not a factor
• As VoWLAN moves up the organizational chart, we'll need something better:
Flip phonesIntegrated WLAN/Cellular HandsetsHeadsets: Wired and BluetoothSmart phones/PDA Phones
40
Battery Life- WMM Power Save Function
• Wi-Fi voice handsets may get 3 hours of talk time (less than half what you get on a cell phone)
• The original 802.11 Power Save featureClient turns on its receiver to read each Beacon Frame (100 msec interval) and sends a polling message to retrieve each frame from the AP
• Wi-Fi Multi-Media's Power Save feature (required in client and AP)Power save option can be negotiated or set for each WMM access category (i.e. Legacy or WMM Power Save)The client sends a "Trigger Frame" to the AP at any time to initiate a burst-mode download (recommended interval 20 msec )Client sends one message to retrieve all stored frames The AP uses a bit to indicate "last frame" and the client can return to "sleep" stateCan improve power consumption 15- to 40%, and it improves latency (i.e. the client is looking for traffic every 20 msec versus 100 msec)
• More work needs to be done on the power consumption problem
41
WLAN/Cellular Integration
There are two major strategies for integrating WLANs and cellular services:
1. Dual Mode Wi-Fi/Cellular Handset with No Service Integration2. PBX Coordinated Solution
The customer installs a server on their private network that coordinates the transfer of calls from the WLAN to the cellular networkWhile the carrier does not have to make any changes to their network, they still must certify the handsets (i.e. they can still block the implementation!)
3. Carrier Coordinated SolutionThe carrier installs a special server in their network and essentially treats the WLAN or VoIP network as a peer
42
"Seamless Convergence"
First Workable Wi-Fi/Cellular Convergence System• Avaya:
IP PBX SystemThe Avaya Communication Manager
• Proxim (acquired by Terabeam): Wireless LAN Switching SystemMay have been a bad choice!
• Motorola:CN620 WLAN/802.11 Handset Wireless Services Manager
Avaya/Motorola have abandoned the plan, but other suppliers like DiVitas Networks are introducing similar offerings
43
PBX Coordinated Solution
Wireless ServicesManager
(Monitors Availability of Users on the WLAN Network)
IntegratedGSM/802.11 Handset(<100 msec Handoff)
WiredIP Telephones
Call Transfer
ControlLink
Conference connections, then drop one
IntegratedGSM/802.11 Handset(<100 msec Handoff)
GSM Cellular Network
44
"Dragged In" Call
The Wireless ServicesManager can see the user has entered the WLAN coverage
area, but it has no way to transfer the call!
WiredIP Telephones
GSM Cellular NetworkNo Call Transfer
ControlLink
1. Call Received through the Cellular Network
2. User enters the WLAN coverage area, but the call continues on the Cellular
Network
45
Carrier Coordinated Solutions
• A more functional though more difficult to implement solutionThe carrier installs a "mobility server" as part of their networkThe installation involves a connection to the cellular network, the signaling infrastructure, and a gateway to the other network(s)Any call can be handed off in either direction!
• Long Term Solution:IP Multimedia Subsystem (IMS):
Next generation network signaling system from the ITU, the people who brought you ISDN, ATM, and the Intelligent Network!
• Short Term:Several Available Products
Kineto Wireless, BridgePort Networks, etc
46
Carrier Controlled Solution
HomeMobile Switching
Center (MSC)
Home LocationRegister
(Authentication Info)
Visitors LocationRegister
Other Cellular Carriers
CellularSignaling Network
(IS-41C/MAP)VoIP
Network
WLAN/CellularHandset
PBX withWLAN Network
WLAN Server Monitors Availability of Users on the WLAN Network
47
What do the Cellular Carriers Have to Lose?
• Revenue and Customer Control:No longer "something special", just another part of the customer's call handling system
• Pricing Control:How will the service be billed?Will the cellular carrier get any revenue for WLAN calls?
• Quality Control:Is the cellular carrier responsible for WLAN screw-ups?
• SecurityWill the WLAN security difficulties introduce a security vulnerability in the cellular network?
Rev. 14.0 © dBrn Associates, Inc. 2006
Section 5
Planning Recommendations
49
General Observations
• WLAN voice is still in its infancy• Pervasive WLAN coverage will be essential for voice• Acceptable voice quality will require a sound network design that
insures both coverage and sufficient network capacity• QoS techniques will provide priority handling for voice packets
… but QoS does not create capacity, it merely manages scarcity! • Call access control must also be used to limit the number of voice
calls that can be established through an AP• Current VoWLAN handset products are not up to the task!
50
Shopping Recommendations
• What to look for in emerging WLAN voice products:Support for 802.11 a and g radio links (get rid of all 802.11b devices if possible!)Security based on 802.11i/WPA2 or WPA as a minimumSupport for 802.11e QoS using EDCANeighbor reporting, call access control, and AP load sharing capabilitiesWMM Power Save for Improved Battery LifeMonitoring and Maintenance: Better tools to recognize capacity problems and provide fast, accurate troubleshootingHand-offs: Even though we might like a standards-based solution for hand-offs, the only available near-term option is a WLAN switch