A little ditty on why you should be friends with your Wi-Fi admin.

For those of you who might read this and be tempted to say I am  skimming over details that ought to be discussed, I apologize. I am trying to get into the blogging habit and this is an attempt at simple explanation to a problem we are facing our large-scale wlan. I could delve into more details about Wi-Fi but other than showing off and losing the common mortal at the bottom of an 802.11 soup bowl, this wouldn’t serve my current purpose which is twofold: explain in simple terms how a wlan works, and how can we make it better yet still get that fancy new wi-fi device your manager really has to have (because technology, you know).

For those of you who are new to Wi-Fi, just a quick summary:

  • 2 bands, unlicensed, that can be used by anyone and everyone. In Canada the rules to use these bands are managed by RTC.
  • 2.4Ghz, the most popular: when Wi-Fi started, it was the cheapest nic to build and own. Lower frequency, goes further in terms of distance. Historically channels started out as 22Mhz-wide channels (now 20Mhz) so the only way to get non-overlapping channels is by using 1-6-11.
  • 5Ghz, the up and coming: 802.11n(dual band) and 802.11ac (the latest aka Gigabit Wi-fi) make ample use of it: more channels, more possibilities. Right now we are using all non-DFS channels but this will evolve as we are moving towards much broader coverage in 5Ghz.
  • Lately the trend has been to bundle the channels to get more throughput: that is only possible in the 5Ghz band: in 2.4Ghz there is not enough space to have more than 1x40Mhz channel so really we’d be stepping on our own skirts.
  • Oftentimes Wi-Fi is a gateway network: it gives access to the wired lan.

A few rules of operation:

  • The most important frames on a wlan are the beacons and the acks.
  • Beacons will advertise your network and always travel at the slowest supported speed. That’s why you want to have the least number of SSID possible. More than 3-4 can really eat your airtime. Goiing from 5 to 3 saved us 10%!
  • Acks are always there to ensure whatever data you send has been received.
  • 802.11 networks are based on CSMA-CA: only one person gets to talk at a time. If, for any reason, someone interrupts the current sender, it will repeat whatever came out that couldn’t be heard (acked), then the others will take its turn at delivering his/her message.
  • If you are within the range of several APs that are working on the same channel, their friendly competition for airtime is what can be called co-channel interference (CCI). It’s like talk radio when there is more than one host on the show. Of course, lots of competition means less airtime for each…
  • If you are within range of several APs that are using channels that are adjacent, not the same, such as 1 and 3 in 2.4Ghz, your device can sense the energy (because these channel overlap one another). It cannot really tell what the energy is though. Like when two radio stations have issues with their antennas: you might be listening on station A but can hear a bit of what’s on station B. The message isn’t clear for either of them and to you, this is just noise, it’s really hard to figure out what’s being said. In the wi-fi world, this is adjacent channel interference. (ACI)
  • CCI and ACI are bad, just like anything that’s not using the air effectively.

In short: the key lies into proper use of the ressources.

Sometimes it’s possible, and sometimes it isn’t.

In the wi-fi community, there are lots of discussions about the current status of 2.4. Some say it is dead because it’s plagued by a slew of devices that are either 802.11 or not: baby monitors, Bluetooth, wireless cams, cordless phones, microwaves. I can show you a quick demo (live) of a tool we use to see how much and where the interference is: (Cognio demo).  Of course the goal of our wlan deployment is to fulfill wirelessly our institution’s mission of research and education. If this mission is disrupted by a failing authentication server (HA!), misconfigured printer,  or some rogue on “channel 4”, not only are we failing at our purpose but oftentimes we have a security issue too. Wlans are gateways to our infrastructure and misconfigured devices are all to often  unsecured. Though our security mechanisms can detect this kind of stuff, it is a security breach nonetheless.

Airtime is the Holy Grail of wi-fi: usage over 70% of a band in a space makes it almost impossible for your client to get a turn to emit. We’re not talking only about how much your AP is busy but how much the “air” is used, regardless of the network you’re on

This leads me to my second topic:

Lately there has been a lot of tickets opened at our help desk by clients seeking our advice as to which wireless device (take your pick: projector, robot, simulation puppets, automaton, tv, camera) they should buy. Vendors are only happy to tell you their latest and greatest gizmo works with Wi-Fi and most do not mention which band, what kind of security and the entire pedigree of the devices they are selling because that’s not too sexy (unless you’re a Wi-Fi geek). So if you send me the info, what do I do? Most of the time I will try to get whatever specs I can, contact the vendor to understand how and what the product does and consult with our Architect. Don’t get me wrong, I am not second-guessing you, or looking for another job, I already have the one I was dreaming of in college (most days anyway). I am really trying to make sure that your device can coexist with our wlan so that we can share the airspace and reach our goals.

Here’s a shortlist of what I’m looking for:

Is it something that will connect to our wlan (a tablet, a robot, etc) and if so, can it comply with our Enterprise-grade WPA2 AES PEAP setup and ideally support both 2.4 and 5 Ghz bands?

Is it something that will act like an access-point or wireless router? If so, what’s the need? Will it connect to our infrastructure and if so, how? Can we secure it so that it doesn’t act like a backdoor that could expose the network, our infrastructure, our research work? Can we choose the channel(s) on which it will emit so that it doesn’t interact with the current wlan in the area? The power used to emit?  Ideally can we shut down the 2.4 operations and pick a definite 5 Ghz channel based on a quick site survey (for which we can supply the resources) and document the ssid together to avoid any kind of complication later down the line?

Projectors and other visual tools: Are the products you are currently considering secure? How so? Is there any kind of way it could lead to a class ruined by a Nian Cat?

Has support been considered since our offering addresses the Wi-Fi network infrastructure and not support for the specific clients (ie we will take care of any outage but don’t really offer support services outside business hours and most of the time, this support is offered through service desks in your services/faculty)?

I highly recommend trying to figure this kind of information out before seeking to buy any wireless device and please, involve us in the process. It is useless for any of us to try to fix a problem if we’re fighting over who emits what.

I also highly recommend you buy devices with dual band nics, that’s really where the industry is headed and unfortunately some vendors still sell 802.11n as a 2.4 Ghz nic. That’s a shame but it’s still done. Buyer beware!

If you’re looking for speed, configure your nic appropriately! WPA2/AES is the only way to go!

The goal of all this information is really to make you aware you are 50% of what makes the wi-fi work, and you are also one of the reason it’s performing well, or not. We can make a difference for our users. Let’s work together.

 

 

 

 

 

-D- as in discipline

Ok- so I’ve been procrastinating for quite some time about starting my 3 year journey.

Recent events make me grateful I am doing this on my own–I had a scholarship for network certifications that fell through when the company went out of business, but luckily I was already started with plan P…CWNP that is! You’ll find a lot of information on the CWNP website for the four exams (objectives included) and a great forum. If the journey interests you, I also suggest you get involved in the Wi-Fi community. Lots of these folks are very active on Twitter and through various podcasts and events, be they vendor neutral or not. They love a good laugh and you can always count on them for tips, pats and technical opinions. I’ll mention them as I go along.

Like a lot of other exams, it will be tempting to prep by reading the book and hitting the practice tests. I am trying to refrain from overdoing the later since I read on the CWNA forum that the exam is brutal for someone who expects the real test to be like the practice. Eventually I’ll give them a try, but for now, I’ll stick to documenting my journey through the exam objectives, just like I was trying to teach them to a coworker.

My goal is to be done within the next two months as I have to recertify my CCNP R&S by early fall. Then I’ll move on to the three remaining exams. I am going to try hard to be disciplined and get everything done in a timely manner while juggling work, family and life.

Wish me luck, and courage.

A word of warning: English is my second language so structure and wording might not be those of a native speaker but you have my word: I’ll try to do my best.