networks setting wlan performance expectations4 scotch malt whisky society 82.19 ”stunning!” the...
TRANSCRIPT
Aerohive®
NETWORKS
Troy Martin@troymart
#WLPC_EU 2016
Setting WLAN Performance Expectations
Allegory of the Cave
3
Who am I?
Troy Martin
CWNE #90
B.A.Sc. EE & B.Sc. Cmpt. Sci.
@troymart
CCIE-W #20999ACDX #312
SMWS#36
4
Scotch Malt Whisky Society
82.19 ”Stunning!”
The nose produced fascinating and weighty aromas – cola cubes, toffee, dark chocolate, treacle, nutmeg, walnut, plums, vintage port and Christmas cake with dark cherries, soaked in rum and Madeira. The palate was mouth-drying but ‘stunning!’ – juicy toffee apples, black tea, leather, toffee and molasses.
5
• LAN Throughput• WAN Throughput• Rate Limiting• Default Settings
Agenda
OSI Model – ”10” layer model
6Wi-Fi operates at layers one and two
Session
Application
NetworkTransport
Physical
Presentation
Data Link
PoliticalCost constraints to projectTread carefully
Can make-or-break great Wi-FiBusiness
Aesthetics
LAN Throughput
7
Impact of encryption
8
Question: Does encrypting Wi-Fi frames reduce throughput?
Scenario: Throughput across three different SSIDs• Open – no encryption• WPA/TKIP(ARC4)• WPA2/AES(CCMP)
Guestimate• Open (no encryption) is faster.
Network Test Setup
9
Source Destination
Impact of encryption
10
Results: ?
Scenario:• Open ~ 216 Mbps• WPA/TKIP ~ 32 Mbps• WPA2/AES ~ 213 Mbps
Conclusion• WPA/TKIP has significant performance impact. – Well sort
of.
Implications of TKIP
11
With TKIP enabled – 802.11n features may not be supported.• No MCS rates• No channel bonding
TKIP was intended to improve the state of security during transition to WPA2 or a Robust Security Network (RSN)
TKIP – channel width
12
TKIP – PMK vs GMK
13
When configuring auto WPA/WPA2
STA abilities negotiated during client association• PMK negotiated individually• GMK negotiated for the group• PMK can use WPA or WPA2 depending on STA abilities• GMK will use WPA
14
iOS 10 – Wi-Fi security warnings
CSMA/CA
©2016 Aerohive Networks Confidential 15
802.11 Arbitration• White paper by
Marcus Burton• https://www.cwnp.com/uploads
/802-11_arbitration.pdf
Moment of Silence for the 3.5mm Jack
16
CSMA/CD
17 https://en.wikipedia.org/wiki/Carrier_sense_multiple_access_with_collision_detection
Birthday Paradox
18
In a room full of only 23 people – there is over a50% chance that two of them will share the same birthday.
Ethernet Frame Sizes
19
Ethernet Header –14 bytes
Layer 2 – payload - 46-1500 bytes CRC - 4 bytes
InterframeGap - 12 bytes Ethernet Frame -1518 (1522 with .1Q) BytesPreamble - 8
bytes
Frame Size – Ethernet Efficiency
20
Frame Size Data Payload Efficiency
64 42 66%128 106 83%256 234 91%
512 490 96%768 746 97%
1024 1002 98%1500 1478 99%
1522 (w/ .1Q) 1500 99%
Frame Size – Wi-Fi Efficiency
21
Maximum MSDU size = 2304 bytes (without frame aggregation)
Maximum frame size - depends:• WEP – 2346 bytes• TKIP – 2358 bytes• CCMP – 2354 bytes
Efficiency ranges between 0 – 98%
IMIX Traffic – RFC 2544 & 6985
22
IP Length % of Total Length at other Layers
64 23 82
128 67 146
1000 10 1018
https://tools.ietf.org/html/rfc2544https://tools.ietf.org/html/rfc6985
IMIX Traffic – Real world
23
IP Length # Packets Distribution (in packets) Bytes Distribution (in bytes)40 7 58.333333% 280 7%
576 4 33.333333% 2304 56%1500 1 3.333333% 1500 37%
https://en.wikipedia.org/wiki/Internet_Mix
IP Length # Packets Distribution (in packets) Bytes Distribution (in bytes)1500 1 100% 1500 100%
Non-real world
Closer to reality
IMIX meets iPerf
24
Professional grade packet blasting tools
Capture real world traffic for your environmentiperf3 –s –i 1iperf3 –s –i 1 -p 5202iperf3 –s –i 1 -p 5203
Capture real world traffic for your environmentiperf3 –u –b 23m -i 10 -c 127.0.0.1 -i 1 &iperf3 –u –b 67m -i 10 -c 127.0.0.1 -i 1 -p 5202 &iperf3 –u –b 10m -i 10 -c 127.0.0.1 –i 1 -p 5203
WAN Throughput
25
TCP vs UDP
26
TCP UDPConnection
OrientedConnectionless
Reliable Unreliable
Slow Fast
Ordered Unordered
Heavy Overhead Light Overhead
How many times to ACK-BACK?
2727
Your Army
Enemy Army Allied
Army
Data
Ack
Ack
Ack
L2 vs L4 ACKs
28
Layer 4 – TCP session
Layer 2 Wi-Fi Layer 2 Wi-Fi
SYN (Window 65KB)SYN / ACK (Window 32KB)
ACK
TCP Back-off Algorithms (RFC5681)
29
• If SMSS > 2190 bytes:IW = 2 * SMSS bytes and MUST NOT be more than 2 segments
• If (SMSS > 1095 bytes) and (SMSS <= 2190 bytes):IW = 3 * SMSS bytes and MUST NOT be more than 3 segments
• If SMSS <= 1095 bytes:IW = 4 * SMSS bytes and MUST NOT be more than 4 segments
Initial Window (IW): The initial window is the size of the sender's congestion window after the three-way handshake is completed.
Sender Maximum Segment Size (SMSS): The SMSS is the size of the largest segment that the sender can transmit. This value can be MTU of network, Rx Max segment size or based on other factors.
Example of TCP Slow start
30
cwnd = 1 x MSS
cwnd = 2 x MSS
cwnd = 4 x MSS
cwnd = 3 x MSS
• Exponential increase of cwnd until first loss event
TCP Congestion policy: Example
31
Common TCP Window sizes
32
Operating System Window Size (bytes) TTLLinux (Kernel 2.4 and 2.6) 5840 64Google Linux 5720 64FreeBSD 65535 64WindowsXP 65535 128Windows Vista & 7 (Server 2008) 65535 128OSX 131360 ?iOS (Apple) 131360 ?Android (Marshmellow) 87616 ?
http://www.howtogeek.com/104337/hacker-geek-os-fingerprinting-with-ttl-and-tcp-window-sizes/
Default TCP Window Size
33 http://www.speedguide.net/analyzer.php
OSX
Rate Limiting
34
Impact rate limiting
35
Question: Does rate limiting affect Wi-Fi data rates?
Scenario: 5Mbps rate limiter is applied on the other side of the Internet (or deeper in the core)
Guestimate• Throttling of user traffic – might as well disable higher Wi-Fi
data rates to align with rate limit
- Not always good!
Network Test Setup
36
Rate Limit Policy
TCP Congestion Control Protocols
37
• Reno• Three duplicate ACKs & fast recovery
• Tahoe• Loss event: timeout
• New Reno• RFC6582 – obsoletes RFC 3782 & 2582, improves fast recovery
• TCP Hybia• Aims to address high latency links
• TCP BIC • as of Linux 2.6.8 – 2.6.18
• TCP CUBIC• as of Linux 2.6.19
Impact of rate limiting
38
Results: ?
Scenario: 5Mbps rate limiter is applied on the other side of the Internet (or deeper in the core)
Conclusion• Wi-Fi data rates remained same with or without rate limit
applied
Impact of rate limiting
39
• TCP dynamically adjusts window size to match bottleneck
• Wi-Fi data rates are unchanged
• Keep higher data rates, minimize airtime utilization
• Let upper layer protocols deal with rate limit
Default Settings - Tools
40
Default Settings - Tools
41
Know what they are!!!
Change them – when appropriate.
Have an expectation of what your results should be, so you know if they are wrong.
42
Drawing the wrongconclusion.
Complimentary Troubleshooting Chapter
43
CWNA Troubleshooting Chapter
https://goo.gl/hTB6lT
Or
https://community.aerohive.com/aerohive/topics/download-a-free-booklet-about-wlan-troubleshooting
FIN ACK
44
@troymart#WLPC_EU