Aerohive®

NETWORKS

Troy Martin@troymart

#WLPC_EU 2016

Setting WLAN Performance Expectations

Allegory of the Cave

3

Who am I?

Troy Martin

CWNE #90

B.A.Sc. EE & B.Sc. Cmpt. Sci.

@troymart

CCIE-W #20999ACDX #312

SMWS#36

4

Scotch Malt Whisky Society

82.19 ”Stunning!”

The nose produced fascinating and weighty aromas – cola cubes, toffee, dark chocolate, treacle, nutmeg, walnut, plums, vintage port and Christmas cake with dark cherries, soaked in rum and Madeira. The palate was mouth-drying but ‘stunning!’ – juicy toffee apples, black tea, leather, toffee and molasses.

5

• LAN Throughput• WAN Throughput• Rate Limiting• Default Settings

Agenda

OSI Model – ”10” layer model

6Wi-Fi operates at layers one and two

Session

Application

NetworkTransport

Physical

Presentation

Data Link

PoliticalCost constraints to projectTread carefully

Can make-or-break great Wi-FiBusiness

Aesthetics

LAN Throughput

7

Impact of encryption

8

Question: Does encrypting Wi-Fi frames reduce throughput?

Scenario: Throughput across three different SSIDs• Open – no encryption• WPA/TKIP(ARC4)• WPA2/AES(CCMP)

Guestimate• Open (no encryption) is faster.

Network Test Setup

9

Source Destination

Impact of encryption

10

Results: ?

Scenario:• Open ~ 216 Mbps• WPA/TKIP ~ 32 Mbps• WPA2/AES ~ 213 Mbps

Conclusion• WPA/TKIP has significant performance impact. – Well sort

of.

Implications of TKIP

11

With TKIP enabled – 802.11n features may not be supported.• No MCS rates• No channel bonding

TKIP was intended to improve the state of security during transition to WPA2 or a Robust Security Network (RSN)

TKIP – channel width

12

TKIP – PMK vs GMK

13

When configuring auto WPA/WPA2

STA abilities negotiated during client association• PMK negotiated individually• GMK negotiated for the group• PMK can use WPA or WPA2 depending on STA abilities• GMK will use WPA

14

iOS 10 – Wi-Fi security warnings

CSMA/CA

©2016 Aerohive Networks Confidential 15

802.11 Arbitration• White paper by

Marcus Burton• https://www.cwnp.com/uploads

/802-11_arbitration.pdf

Moment of Silence for the 3.5mm Jack

16

CSMA/CD

17 https://en.wikipedia.org/wiki/Carrier_sense_multiple_access_with_collision_detection

Birthday Paradox

18

In a room full of only 23 people – there is over a50% chance that two of them will share the same birthday.

Ethernet Frame Sizes

19

Ethernet Header –14 bytes

Layer 2 – payload - 46-1500 bytes CRC - 4 bytes

InterframeGap - 12 bytes Ethernet Frame -1518 (1522 with .1Q) BytesPreamble - 8

bytes

Frame Size – Ethernet Efficiency

20

Frame Size Data Payload Efficiency

64 42 66%128 106 83%256 234 91%

512 490 96%768 746 97%

1024 1002 98%1500 1478 99%

1522 (w/ .1Q) 1500 99%

Frame Size – Wi-Fi Efficiency

21

Maximum MSDU size = 2304 bytes (without frame aggregation)

Maximum frame size - depends:• WEP – 2346 bytes• TKIP – 2358 bytes• CCMP – 2354 bytes

Efficiency ranges between 0 – 98%

IMIX Traffic – RFC 2544 & 6985

22

IP Length % of Total Length at other Layers

64 23 82

128 67 146

1000 10 1018

https://tools.ietf.org/html/rfc2544https://tools.ietf.org/html/rfc6985

IMIX Traffic – Real world

23

IP Length # Packets Distribution (in packets) Bytes Distribution (in bytes)40 7 58.333333% 280 7%

576 4 33.333333% 2304 56%1500 1 3.333333% 1500 37%

https://en.wikipedia.org/wiki/Internet_Mix

IP Length # Packets Distribution (in packets) Bytes Distribution (in bytes)1500 1 100% 1500 100%

Non-real world

Closer to reality

IMIX meets iPerf

24

Professional grade packet blasting tools

Capture real world traffic for your environmentiperf3 –s –i 1iperf3 –s –i 1 -p 5202iperf3 –s –i 1 -p 5203

Capture real world traffic for your environmentiperf3 –u –b 23m -i 10 -c 127.0.0.1 -i 1 &iperf3 –u –b 67m -i 10 -c 127.0.0.1 -i 1 -p 5202 &iperf3 –u –b 10m -i 10 -c 127.0.0.1 –i 1 -p 5203

WAN Throughput

25

TCP vs UDP

26

TCP UDPConnection

OrientedConnectionless

Reliable Unreliable

Slow Fast

Ordered Unordered

Heavy Overhead Light Overhead

How many times to ACK-BACK?

2727

Your Army

Enemy Army Allied

Army

Data

Ack

Ack

Ack

L2 vs L4 ACKs

28

Layer 4 – TCP session

Layer 2 Wi-Fi Layer 2 Wi-Fi

SYN (Window 65KB)SYN / ACK (Window 32KB)

ACK

TCP Back-off Algorithms (RFC5681)

29

• If SMSS > 2190 bytes:IW = 2 * SMSS bytes and MUST NOT be more than 2 segments

• If (SMSS > 1095 bytes) and (SMSS <= 2190 bytes):IW = 3 * SMSS bytes and MUST NOT be more than 3 segments

• If SMSS <= 1095 bytes:IW = 4 * SMSS bytes and MUST NOT be more than 4 segments

Initial Window (IW): The initial window is the size of the sender's congestion window after the three-way handshake is completed.

Sender Maximum Segment Size (SMSS): The SMSS is the size of the largest segment that the sender can transmit. This value can be MTU of network, Rx Max segment size or based on other factors.

Example of TCP Slow start

30

cwnd = 1 x MSS

cwnd = 2 x MSS

cwnd = 4 x MSS

cwnd = 3 x MSS

• Exponential increase of cwnd until first loss event

TCP Congestion policy: Example

31

Common TCP Window sizes

32

Operating System Window Size (bytes) TTLLinux (Kernel 2.4 and 2.6) 5840 64Google Linux 5720 64FreeBSD 65535 64WindowsXP 65535 128Windows Vista & 7 (Server 2008) 65535 128OSX 131360 ?iOS (Apple) 131360 ?Android (Marshmellow) 87616 ?

http://www.howtogeek.com/104337/hacker-geek-os-fingerprinting-with-ttl-and-tcp-window-sizes/

Default TCP Window Size

33 http://www.speedguide.net/analyzer.php

OSX

Rate Limiting

34

Impact rate limiting

35

Question: Does rate limiting affect Wi-Fi data rates?

Scenario: 5Mbps rate limiter is applied on the other side of the Internet (or deeper in the core)

Guestimate• Throttling of user traffic – might as well disable higher Wi-Fi

data rates to align with rate limit

- Not always good!

Network Test Setup

36

Rate Limit Policy

TCP Congestion Control Protocols

37

• Reno• Three duplicate ACKs & fast recovery

• Tahoe• Loss event: timeout

• New Reno• RFC6582 – obsoletes RFC 3782 & 2582, improves fast recovery

• TCP Hybia• Aims to address high latency links

• TCP BIC • as of Linux 2.6.8 – 2.6.18

• TCP CUBIC• as of Linux 2.6.19

Impact of rate limiting

38

Results: ?

Scenario: 5Mbps rate limiter is applied on the other side of the Internet (or deeper in the core)

Conclusion• Wi-Fi data rates remained same with or without rate limit

applied

Impact of rate limiting

39

• TCP dynamically adjusts window size to match bottleneck

• Wi-Fi data rates are unchanged

• Keep higher data rates, minimize airtime utilization

• Let upper layer protocols deal with rate limit

Default Settings - Tools

40

Default Settings - Tools

41

Know what they are!!!

Change them – when appropriate.

Have an expectation of what your results should be, so you know if they are wrong.

42

Drawing the wrongconclusion.

Complimentary Troubleshooting Chapter

43

CWNA Troubleshooting Chapter

https://goo.gl/hTB6lT

Or

https://community.aerohive.com/aerohive/topics/download-a-free-booklet-about-wlan-troubleshooting

FIN ACK

44

@troymart#WLPC_EU