wi-fi technology deep dive: part 2 - network infrastructure€¦ · top selling – 802.11ac wave 1...

1

WI-FI TECHNOLOGY DEEP DIVE: PART 2

Vamshi Doma, Senior Product Manager, Avaya Wireless LAN Todd Savarese, Senior Wireless Architect, Avaya Wireless LAN

Deploying a high performance Wireless LAN with Avaya WLAN 9100

Thank you Sponsors!

Global

Sponsors

Gold

Sponsors

Silver

Sponsors

@Avaya

#AvayaATF

Join the

Conversation

© 2016 Avaya Inc. All right reserved 4 4

AGENDA – PART 1

What was covered in Part 1 of the Session

Radio Frequency Fundamentals

AP Configuration & Considerations

Special Considerations to optimize your wireless network

Q & A


AGENDA – PART 2

Avaya WLAN 9100 Portfolio Overview

– Access Point & Antenna Options

– Access Point Positioning

Avaya WLAN 9100 Deployment Best Practices

– Network Planning & Design

– Radio Frequency Planning

– Feature Considerations

Q & A

What is covered in Part 2 – Current Session

AVAYA WLAN 9100

PORTFOLIO OVERVIEW


INTRODUCING AVAYA WLAN 9100 SERIES

Next generation Application Recognition and

Control at the network edge

APPLICATIONS

Device fingerprinting & policy enforcement for

secure network access in BYOD environments

DEVICES

Spectrum optimization with Software

Programmable Radios to maximize 5GHz bandwidth

SPECTRUM

Avaya Fabric to the wireless edge enables network

automation for wireless deployment SIMPLICITY

1

2

3

4

© 2016 Avaya Inc. All right reserved 8

AVAYA WLAN 9100 SOLUTION

Portfolio Overview

WAP

9112

WAP

9114

WAP

9122

WAP

9123

WAP

9132

WAP

9133

WAP

9144

WAE

9132 External

WAO

9122 Outdoor

WAO

9132 Outdoor

WAP

9172/

9173

Wall mount

802.11ac

2x2 AP

Price Optimized

802.11ac

2x2 AP

802.11n

2x2 AP

802.11n

3x3 AP

802.11ac

2x2 AP

802.11ac

3x3 AP

802.11ac

Wave 2

4x4 AP

Plenum rated

802.11ac

2x2 AP

802.11n

2x2 AP

802.11ac

2x2 AP

802.11ac

2x2/3x3

2 Radios 2 Radios 2 Radios 2 Radios 2 Radios 2 Radios 2 Radios 2 Radios 2 Radios 2 Radios 4 Radios

Common Advanced Feature Set

Integrated Controller

On-Premise or Cloud Management (future)

AOS-Lite Software AOS Software

Application Control

Software Programmable Radios

Fabric Attach


WAP9144

Next Generation 802.11ac Wave 2 Indoor Access Point

WAP9144xx-E6 – Two 4x4 802.11ac Wave 2 Radios

– Software Programmable Radios – Concurrent 802.11ac Wave 2 on both radios

– MU-MIMO – 4 simultaneous users

– Explicit Beam Forming

– 160MHz Bonding – For home office use. Not recommended for Multiple AP deployments in Enterprises

– Zero Wait DFS*

– AirIQ – Spectrum Analysis*

– Bluetooth Low Energy (BLE)*

Physical interfaces – 2 x 1GigE ports (Link aggregation, bonding, daisy chain)

– Maximum Power 24 W ( Requires PoE+)

Software – AOS version 8.1.0 or later

– WOS version 7.5.5 or later

Positioning – Enterprises seeking Future Proof, High Performance, Feature Rich solution.

– All Indoor 802.11ac Wave 2 deployments

– Deployments requiring BLE Support

* HW capability in release 8.1 – software support added in upcoming releases.


WAP9133

High Performance 802.11ac Wave 1 Indoor Access Point

WAP9133xx-E6 – Two 3x3 802.11ac Wave 1 Radios

– Software Programmable Radios

– Concurrent 802.11ac Wave 1 on both radios

Physical interfaces – 2 x 1GigE ports (Link aggregation, bonding, daisy chain)

– Maximum Power 23.8 W (Requires PoE+)

Software – AOS version 7.0.0 or later (Rev 1 to Rev 3)

– AOS version 7.5.1 or later (Rev 4 and above)


Positioning

– Enterprises seeking High Performance & Feature Rich 802.11ac Wave 1 Solution

– Environments where Personal Computers are the primary computing devices

– Examples

– Corporate Offices

– Higher Education – Universities & Colleges

– Health Care


WAP9132

Top Selling – 802.11ac Wave 1 Indoor Access Point

WAP9132xx-E6

– Two 2x2 802.11ac Wave 1 Radios


– Concurrent 802.11ac Wave 1 on both radios

Physical interfaces – 2 x 1 GigE ports (Link aggregation, bonding, daisy chain)

– Maximum Power

– 19 W (Requires PoE+)

– Supported with PoE switch with Restricted functionality

Software

– AOS version 7.0.0 or later (Rev 1 to Rev 3)

– AOS version 7.5.1 or later (Rev 4 and above)


Positioning

– Enterprises seeking Economic & Feature Rich 802.11ac Wave 1 Solution without compromising on Performance

– Environments where Handheld Devices – Tablets or Smart Phones are the primary computing devices

– Examples

– K – 12 School Districts

– General Purpose Access Points suitable for all Indoor ceiling / wall installations in enterprises where WAP9144 or WAP9133 is not suitable due to budget availability


WAP9114

802.11ac Wave 1 Indoor Access Point at 802.11n Cost

WAP9114xx-E6

– Two 2x2 Radios

– Fixed Radios - 802.11bgn (2.4GHz) & 802.11ac Wave 1 (5GHz)

– Enterprise Security, QoS

– Layer 2 Roaming

– Device Fingerprinting

– Statefull Filtering / Firewall

Physical interfaces – 1 x 1 GigE port

– Maximum Power 12.5 W (PoE)

Software

– AOS-Lite version 7.9.0 or later

– WOS version 7.5.5 or later (Can be managed via WOS only)

Positioning

– Small & Mid Market enterprises looking for 802.11ac performance at the lowest cost.

– When competing with competitive low end products


WAE9132

Plenum Rated 802.11ac Wave 1 Indoor Access Point

WAE9132xx-E6



– Flexible coverage options using external antennas


– Maximum Power 25.5W (PoE+)

– 4 N-Type Antenna Connectors (2 per Radio)

Software

– AOS Rel 7.6.0 or later

– WOS Rel 7.5.5 or later

Positioning

– Indoor Environments requiring directional coverage

– High density indoor environments

– Environments requiring plenum installation

– Examples

– Plenum installations in Healthcare

– Convention Centers, Auditoriums, Conference Halls with High Ceilings

– Indoor Stadiums / Arenas

– Indoor Point-To-Point WDS / Bridging


WAO9132

Outdoor 802.11ac Wave 1 Access Point

WAEO132xx-E6



– Operating Temperature: -20C to +55C, 0-90% humidity, non-condensing

– Storage Temperature: -40C to 70C

– IP65 Rated

– Flexible coverage options using external antennas


– Maximum Power 25.5W (PoE+)

– 4 N-Type Antenna Connectors (2 per Radio)

Software

– AOS Rel 7.6.0 or later

– WOS Rel 7.5.5 or later

Positioning

– All Outdoor Environments

– Examples

– Outdoor Stadiums / Arenas

– Outdoor Coverage for all Enterprises

– Outdoor Point–To– Point WDS / Bridging


WAP9112

In Room 802.11ac Wave 1 Indoor Access Point – Wall Jack

WAP9112xx-E6 – Two 2x2 Radios

– Fixed Radios - 802.11bgn (2.4GHz) & 802.11ac Wave 1 (5GHz)

– Enterprise Security, QoS

– Layer 2 Roaming

– Device Fingerprinting

– Statefull Filtering / Firewall

Physical interfaces – 1 GigE Uplink Port

– 4 Port 10/100/1000 Switch includes 1 PoE port

– Pass through RJ-45

– Maximum Power 9 W (PoE for AP only) / 25.4 W (PoE+ when delivering power)

Software – AOS-Lite version 7.8.4 or later

– WOS version 7.5.3 or later (Can be managed via WOS only)

Positioning – In Room Wi-Fi Solution

– Examples

– Guest Rooms in Hotels & Lodging

– Dorm Rooms in Higher Education

– Walled Office Rooms


WAP9172 / WAP9173

Four Radio 802.11ac Wave 1 Indoor Access Point

Four Radio Indoor Access Points

– 802.11ac, 2x2 (WAP9172) / 3x3 (WAP9173) MIMO Indoor Access Point.

– Four Software Programmable Radios

– 802.11ac Wave 1 support on all four radios.

– Integrated high gain 120° directional antennas.

Power Requirements

– WAP9172 - IEEE 802.3at Power Source

– WAP9173 – Up to 38Watts (Requires - WPR9100A2-E6 - New 75W power injector )

Software

– AOS version 7.2.4 or later


– Consumes 2 AP Licenses on WOS and for Application Control

Positioning

– Indoor High Density environments

– Examples

– Convention Centers, Auditoriums, Conference Halls with Regular Ceilings

– High density Class Rooms / Lecture Halls

– Libraries


WAP9172 / WAP9173

Sample Coverage Patterns of the 4 Directional Antennas

Radio 1

5GHz – Ch 40 (Timeshare)

Radio 2

5GHz – Ch 149

Radio 3

2.4GHz – Ch 11

Radio 4

5GHz – Ch 100


WAT911035-E6

High Gain, High Density Dual Band Indoor / Outdoor Patch Antenna

Supported Models

– WAE9132 – 1 Antenna & 4 Cables per AP

– WAO9132 – 1 Antenna & 4 Cables per AP

Antenna Gain 13 dBi (2.4GHz & 5GHz)

Connectors : N-Type leads (4 – 2 per Radio)

Installation: Articulating Wall/Pole Mount (included)

Operating Temperature: -40 to 149°F (-40 to 65°C)

Wind Velocity: 130 mph (210 km/h)

Beamwidth

– Horizontal: 40°H, 40°V / 30°H, 35°V

– Vertical: 40°H, 40°V / 35°H, 30°V

Polarization: 2 Vertical 2 Horizontal

– Dual Polarity does not change the radiation pattern (coverage area), but modifies they way the sine wave travels

– Dual Polarity reduces signal collision improving data rates and signal efficiency.


WAT911040-E6

Medium Gain, High Density Dual Band Indoor / Outdoor Patch Antenna

Supported Models

– WAE9132 – 1 Antenna & 4 Cables per AP

– WAO9132 – 1 Antenna & 4 Cables per AP

Antenna Gain 10 dBi 2.4 / 11 dBi 5GHz


Beamwidth

– Horizontal: 41°H, 52°V / 34°H, 40°V

– Vertical: 54°H, 40°V / 42°H, 33°V

Polarization: 2 Vertical, 2 Horizontal

– Dual Polarity does not change the radiation pattern (coverage area), but modifies they way the sine wave travels

– Dual Polarity reduces signal collision improving data rates and signal efficiency.





WAT911090-E6

Medium Gain, High Density Dual Band Indoor / Outdoor Patch Antenna

Supported Models

– WAE9132 – 1 Antenna per AP

– WAO9132 – 1 Antenna per AP



Cable Length: 36” (910mm)

Polarization: Vertical

Beamwidth

– Horizontal: 99°/58°

– Vertical: 65°/40°





WAT912360-E6

High Gain Dual Band Indoor / Outdoor Omni-Directional Antenna

Supported Models

– WAE9132 – 1 Antenna per AP

– WAO9132 – 1 Antenna per AP



Cable Length: 36” (910mm)


Beamwidth

– Horizontal: 360°

– Vertical: 144°/55°

Installation: Threaded Bolt with Nut and Wall/Pole Mount




WAT91360R-E6

Dual Band Indoor Rubber Duck Antenna

Supported Models

– WAE9132 – 4 Antennas per AP – Cables Not Required

Antenna Gain: 2 dBi 2.4 GHz / 3 dBi 5GHz

Connector: N-Style Plug


Beamwidth

– Horizontal: 360°

Articulation: 90 Degrees

Installation: Direct Connect to AP

Installation Environment: Indoor


ACCESSORIES

Enclosures

WAB910004-E6

– 12x12x6

– Solid door

– Latch Lock

– NEMA 4x

– Ideal Applications

– Carpeted space, Indoor/Outdoor WiFi, Stadium

WAB910005-E6

– 12x14x6

– Solid Door

– Key Lock

– NEMA 4x

– Ideal Applications

– Carpeted space, Indoor/Outdoor WiFi, Stadium


Service Policies

Dashboard

RF Visibility Auto

Provisioning

Analytics Tools / API

WOS

WIRELESS LAN ORCHESTRATION SYSTEM

Intuitive Management


25

Cloud Management

On-Premise

WIRELESS LAN ORCHESTRATION SYSTEM

On Premise & Cloud


WI-FI DESIGNER

26

Windows based application

Predictive Site Surveys – Plan Wi-Fi Network Strategy, optimal number of Aps required and AP Placement.

Site Modeling - Model different site conditions, AP configurations and positioning options to visualize impact to RF coverage and capacity

Active Site Surveys – Perform onsite surveys with Avaya Aps taking real-time measurements to qualify the network design & AP placements.

Post Deployment Surveys - Validate post-installation capacity and coverage against the initial plan to ensure a successful deployment

Site Survey Application – Free Tool for Customers / Partners


WAP9112 WAP9114 WAP9132 WAP9133 WAP9144

Operating System AOS Lite AOS Lite AOS AOS AOS

Management WOS WOS WOS, WMI, CLI WOS, WMI, CLI WOS, WMI, CLI

802.11ac Wave 1 Wave 1 Wave 1 Wave 1 Wave 2

Spatial Streams 2x2 2x2 2x2 3x3 4x4

802.11ac Radios per AP 1 1 2 2 2

Radio Band (2.4 or 5 GHz) Fixed Fixed Programmable Programmable Programmable

Power Requirement PoE / PoE+ PoE PoE+ / PoE* PoE+ PoE+

External Power Supply Optional PoE Injector PoE Injector PoE Injector PoE Injector

Uplink Ports 1 x 1 GigE 1 x 1 GigE 2 x 1 GigE 2 x 1 GigE 2 x 1 GigE

Switch Ports 4 + 1 Pass Through 0 1 (uplink) 1 (uplink) 1 (uplink)

Mounting Wall Ceiling / Wall Ceiling / Wall Ceiling / Wall Ceiling / Wall

Included Brackets Wall Ceiling Ceiling Ceiling Ceiling

Paintable Yes No No No No

* WAP9132 Requires PoE+ but is supported with PoE switch connection with restrictions

WLAN 9100 ACCESS POINT POSITIONING

Access Point Capability Comparison



802.11a/b/g/n/ac

Integrated Controller

Wireless Security

Wireless QoS (WMM)

Multiple SSIDs / Radio

Wireless Client VLANs

Dynamic VLAN Assignment (RADIUS)

Auto Channel / Power

Stateful Filtering/Firewall

Device Fingerprinting

Layer 2 Roaming

Application Control * *

Fabric Attach * *

Intrusion Detection * *

External Captive Portal * *

User Groups * *

802.11k / 802.11r * * * * *

* Software Features planned for upcoming releases


Access Point Feature Comparison



Intrusion Prevention

Layer 3 Roaming

GRE Tunneling

Client Load Balancing / Band Steering

Roaming Assist / RF Optimizations

Bonjour / MDNS Gateway

Multicast Traffic Optimization

Internal Captive Portal/WPR

Internal RADIUS Server

CLI / WMI / SNMP

North Bound API

WOS Maps / RF Views

802.11 Location Services

BLE iBeacon for Location Services*

Zero Wait DFS*

AirIQ Spectrum Analysis*

* Future Proof - Hardware Capability at Launch – Software Capabilities planned for upcoming releases


Access Point Feature Comparison

AVAYA WLAN 9100

DEPLOYMENT BEST PRACTICES


INTRODUCTION

Wireless LAN Network Design Challenges

Mobility in any business is ubiquitous and is no longer a best effort solution.

Delivering a highly secure and reliable wireless network is the foundation for business continuity and growth.

Wireless LAN done right can be a strategic IT advantage that enables delivery of wired-like performance and predictability of mobile applications.

Often times business applications need to be supported on a broad spectrum of client devices that come with varying capabilities and are not always optimized for wireless connectivity.

Wireless Networks are also required to co-exist with a variety of legacy wireless technologies that interfere with 802.11 spectrums and must be resilient to interference from these sources.

Successful Wireless LAN deployments in complex RF environments and delivering diverse applications and services can a huge challenge for IT staff.


INTRODUCTION

About these Best Practices

The complexity and diversity in enterprise environments means one design does not fit all the deployments.

These Best Practices are for WLAN 9100 deployments for typical indoor enterprise networks.

Wireless LAN Network Design at Large Public Venues require additional Planning and Tuning that is outside the scope of this guide.

The guidelines in this document should be considered as a reference while adapting them to address business and site specific requirements.

This best practices are organized into following sections

– Network Planning & Design

– Radio Frequency Planning

– Avaya WLAN 9100 Feature Considerations


INTRODUCTION

Wireless LAN 9100 Solution - Requirements

Required Components

– Avaya WLAN 9100 Access Points

– Wireless LAN Orchestration System

Recommended Components

– Avaya Fabric Network

– Avaya Identity Engines – Ignition Server

Optional Components

– Avaya Identity Engines – Guest Manager

– Avaya Identity Engines – Access Portal

– Avaya Identity Engines – Guest Tunneling Server


NETWORK PLANNING & DESIGN

Wireless LAN Management Network

Wireless LAN Management Network provides network connectivity for the Access Points

– Communication between Access Points for integrated controller functions.

– Communication of Access Point with external RADIUS Servers, Active Directories etc.

– External configuration and management using WOS, API, WMI, CLI or Virtual Console

Management Network Size

– It is recommended to limit the number of APs in a broadcast domain up to 500 or /23 subnet.

– APs in a contiguous roaming environment or a common RF “cloud” are recommended to be in the same management network

– If the site RF characteristics demand more than 500 APs in a single RF cloud, then it is recommended to create separate roaming zones and limit the broadcast domain.

– Use separate broadcast domains when wireless client does not require seamless RF coverage between buildings or sites.



Wireless LAN Management Network

It is recommended to separate Wireless LAN Management VLAN from the default VLAN of the wired network to isolate Wireless LAN Management Traffic.

Wireless LAN Management VLAN on AP is not required/recommended.

– AP uses untagged packets for all management traffic when management VLAN is not created.

Edge Switch Port Configuration

– PVID = WLAN Management Network

– Tagging with UntagPVIDOnly

– Trusted Port

– STP BPDU Filtering Disabled

Wireless LAN Management Network of all APs should be enabled for DHCP and it is recommended to have DHCP Reservations for the Access Points.

The DNS server for the AP Management Networks should be updated with the entry for AVAYA-WOS pointing to the WOS virtual machine.



Wireless LAN Management Network & Avaya Roaming Protocol

Avaya Roaming Protocol operates on the AP management network and exchanges key information to enable features like

– Seamless Roaming

– Auto RF - Auto Channel, Auto Cell, Auto Band

– Intrusion Detection and Prevention etc.

Protocol has two components

– Wireless component that enables Access Point to discover neighboring Access Points and key RF information.

– Wired component that enables Access Points to exchange information discovered over the air to converge on certain features as well as information about client sessions to facilitate fast roaming.

APs exchange Roaming Protocol messages upon

– Client association

– Client Disassociation

– Client Roaming

– Periodically at 30 second intervals to synchronize the required information



Wireless LAN Management Network & Avaya Roaming Protocol

WLAN Management Network in a contiguous RF environment is in a single broadcast domain

– Access Points use broadcast as a means to communicate Roaming Protocol messages with each other over the wire.

WLAN Management Network is separated across multiple Layer 3 subnets

– Access Points exchange unicast messages with other Access Points discovered over the Air.

For Layer 3 Roaming scenarios, when clients have to roam seamlessly across Layer 3 client subnets, Access Points are required to be in Unicast mode for message exchange even when their management network is a single broadcast domain.



Wireless LAN Client Networks

Wireless LAN Client Network is the Network an associated station is placed in upon successful association and authentication.

Wireless Stations may be assigned to separate Networks based on user or device policy

It is not required or recommended to have unique SSIDs to put stations in unique client networks.

A Wireless Client is assigned to a specific network based on one or more of the following criteria

– RADIUS Attribute specifying VLAN or User Group with unique VLAN

– VLAN mapped to User Group assigned via Device Finger Printing

– VLAN mapped to the SSID

– Management VLAN if there is no VLAN mapped to the SSID

In scenarios where multiple criteria apply the precedence is from top to bottom in the above list.



Wireless LAN Client Networks – Traffic Forwarding

Local Forwarding - Wireless Client Networks are extended to the Edge Switch Port

– AP considers the VLAN active and can forward traffic for the client in the specified Network.

– Default behavior of the APs due to the Integrated Controller architecture.

– Avaya Fabric Attach enables network automation to dynamically extend the client networks when an AP is plugged.

Guest Traffic Isolation

– Guest Network Isolation is a security requirement for network access control to separate the guest traffic out of intranet and vice-versa.

– For Avaya Fabric Connect customers, the preferred method of Guest Isolation would be a separate VSN for Guest Traffic.

– For non Fabric customers, Guest Network Isolation is achieved by tunneling Guest Traffic directly from the Access Points to the Guest Tunneling Server in the DMZ



Wireless LAN Client Networks – VLAN Pools

A VLAN pool is a set of VLANs that allows a client associating to an AP to be assigned to one of the VLANs in the pool rather than to a particular VLAN.

When using VLAN Pools, the VLAN Pool has to be defined and assigned to the SSID.

All the VLANs in the VLAN Pool have to be extended to the all the Edge Switch Ports connected to the AP.

– When deployed with Fabric Attach, VLANs are automatically extends the to the edge switch port.

When a new client associates to an SSID mapped to a VLAN Pool, the client is assigned to a VLAN in the pool based on the the client MAC and the number of VLANs in the pool.

The algorithm will always assign the same VLAN to a client even when it roams as long as the VLANs in the VLAN Pool are the same across APs.

VLAN Pooling is useful in specific networking situations where the client density requires distributing load on the DHCP/DNS/External Captive Portal Servers, Firewalls or Internet Gateways.

RADIUS or User Group specified VLAN takes precedence over VLAN assigned from the VLAN Pool.



Wireless LAN Client Networks – Roaming

Layer 2 Roaming Networks

– All the APs in a contiguous roaming environment or a common RF “cloud” have common client networks that are active.

– A client is assigned to the same VLAN/IP Subnet no matter which AP the client is associated to first.

– As Client roams from one AP to another within the RF cloud – traffic is locally forwarded.

Layer 3 Roaming Networks

– The APs in a contiguous roaming environment assign different VLANs based on which AP the client is associated to.

– The Client IP Subnet varies based on which AP the client does a new association.

– As Client roams from one AP to another – AP retains the original VLAN/IP for the client and tunnels to the AP where the client completed its original association.

– If a Client disassociates and comes back to the network, it is placed on the local network and it will get a new IP in the local subnet.

– Common example – APs on different floors use different client VLANs.



Wireless LAN Client Network

Deploy a common VLAN/IP subnet for a given wireless client/user on all the APs that are in a contiguous roaming environment or a common RF “cloud”.

Extend all the Client VLANs to all the APs in the contiguous roaming environment for Local Forwarding.

– Fabric Attach automatically extends client networks to the required Access Points and eliminate the need for manually configuring each wiring closet switch/port.

For large networks, where the traditional network design principles for limiting the broadcast domains is required, it is recommended to

– Use RADIUS /Active Directory or Device Fingerprinting based VLAN assignment

– Use VLAN Pools if multiple VLANs are required for the same group of users/devices.

– Air Cleaner capability of the 9100 solution eliminates unnecessary broadcast traffic from consuming air-time / RF resources.

It is not recommended to advertise separate SSIDs for Client Network Isolation/VLAN separation.

– Every SSID added hidden or advertised consumes Air time and impacts performance.

– When multiple SSIDs are required due to security policies or device capabilities, IT is recommended to separate that traffic on the network as well

– Legacy devices with limited security capabilities (WEP or WPA/TKIP) can degrade overall network security and performance..

– To prevent replication of broadcast traffic over the air for clients across multiple SSIDs.



Wireless LAN SSIDs Planning

A Service Set Identifier (SSID) is the identifier used for logical grouping of devices

– Normal practice to use multiple SSIDs on an Access Point to provide differentiated wireless services with respect to security, quality of service and network access.

The number of SSIDs enabled on a Radio will have a significant impact on the channel utilization and available bandwidth for wireless clients

The decision to enable a new SSID should always be approached with extreme caution and all redundant SSIDs have to be eliminated

Unique SSIDs should only be considered when network access has to be provided for devices and users with unique 802.11 Authentication & Encryption requirements like

– WPA2/802.1x Authentication for Staff

– WPA2/Pre-Shared Key for devices / users without 802.1x capability

– Open or Captive Portal Authentication for Guest access

– WEP/WPA-TKIP/MAC Authentication for Legacy Devices that cannot support the current secure standards.



Wireless LAN SSIDs Planning

Limit the number of SSIDs to 3.

Use User Groups instead of SSIDs for differentiated services including

– Wireless LAN Client VLAN,

– Application Control & Firewall Policies

– Quality of Service and Bandwidth/Time restrictions

– Unique Captive Portal Pages

User Groups can be assigned to clients based on

– RADIUS attributes

– Device fingerprinting.

Eliminate SSIDs from locations where it is not required to minimize the number of SSIDs throughout the campus,.

– This could increase the number of Profiles but helps the RF environment.

– For enable Guest SSID only in areas that permit Guest users instead of broadcasting it throughout the campus.



Wireless LAN SSID to Client Network Mapping

Wireless Clients associated to a SSID are assigned a Wireless LAN Network based User / Device Policy.

Avoid creating Multiple SSIDs on a Radio assigning devices to the same VLAN/Broadcast domain

Layer 2 Roaming

– Clients do not cross the Layer 3 subnet as they roam within the contiguous roaming area

– Layer 2 Roaming is achieved when a wireless client is assigned to a VLAN based on

– Common RADIUS attributes or Group Policies across the contiguous roaming area

– If all the Access Points in a contiguous roaming area are configured with the same SSID to VLAN /VLAN Pool Mapping

Layer 3 Roaming

– Client roams across APs that have different SSID to VLAN mapping and crosses Layer 3 subnet as it roams.

– The client retains its original IP Address/subnet while the session is active where new AP tunnels all the client traffic to the previous AP.

Many applications like Voice and Video or Medical Devices with low latency needs require seamless roaming and perform optimally under Layer 2 Roaming conditions.

It is best practice to ensure that all APs in a contiguous roaming area and share a common RF cloud maintain the same SSID to VLAN assignment between all access points.


1. Wireless access points (AP) plugged into the edge switch.

Policy control configures AP’s and adds them to the network

2. User VSNs/VLANs are automatically extended to the edge

when the AP is plugged in.

3. When the AP is disconnected – the VSNs/VLANs are

retracted.

4. When a new device say a Phone or PC is plugged in, the

VSNs/VLANs authorized for that device are now extended to

the port

Keep the edge of your network locked down while providing authorized users with

plug-and-play connectivity


AVAYA Fabric Attach - Automate the Edge Using Secure Elastic Zones



Delivers a Zero Touch Network – Automation of Network Edge, Distribution and Core

– Service Provisioning at the Edge of the Network

– Authentication & Authorization of Services

Requirements – Avaya Fabric Network

– Avaya Identity Engines as a Fabric Attach Policy Server

– Avaya Wireless LAN 9100 Access Points

New Deployment – Configure Profiles in Wireless LAN Orchestration System

– Configure Service Bindings in Identity Engines

– Plug in APs

New Service Provisioning – Update Profile in Wireless LAN Orchestration System

– Update Service Bindings in Identity Engines

– Trigger Change of Authorization via Identity Engines

AVAYA Fabric Attach - End to End Fabric Environments



Delivers a Zero Touch Edge – Configure Core/Distribution manually

– Automation of Network Edge – Fabric Attach Standalone Proxy

– Service Provisioning at the Edge of the Network

Requirements – Avaya Fabric Attach Standalone Proxy capable switch

– Avaya Wireless LAN 9100 Access Points

New Deployment – Configure Distribution / Core Network with services extended to Wiring Closet Ports.

– Plug in Wiring Closet Switches – Enable FA Standalone Proxy mode

– Configure Profiles in Wireless LAN Orchestration System

– Plug in APs

New Service Provisioning – Update Profile in Wireless LAN Orchestration System

AVAYA Fabric Attach - Non Fabric Environments


RADIO FREQUENCY PLANNING

Key Challenges

Designing a wireless network in an enterprise environment requires specific attention in several key areas.

Every Wi-Fi environment has unique characteristics

– Floor Plans, Coverage Areas, Building Materials, objects inside the walls like plumbing, ventilation, wiring, objects on the floor all change the dynamics of Radio Frequency and have a significant impact.

Application & Device requirements vary considerably when it comes to wireless network access and performance.

– Applications like Voice and Video have low latency, jitter, roaming delay etc. compared to web or file transfer applications.

– The minimum signal strength that might be acceptable also differs from application to application.

The Antenna capability and power vary from deice to device

– The Number of Spatial Streams of client devices varies between 1x1 (smartphones), 2x2 (tablets/notebooks) or 3x3(notebooks)

– Transmit Power/Receive Sensitivity of the clients varies considerably.

– Mobile devices are often optimized for conserving battery and not for Wi-Fi performance.

– Roaming characteristics vary from device to device



Coverage Area Considerations

When designing a wireless network the areas that require Wi-Fi coverage have to be identified up front.

In environments where critical applications including Voice over Wi-Fi and Real Time Location Services are enabled, careful consideration has to be given to areas that require coverage compared to a typical enterprise environment where these locations may not require coverage.

Areas like shielded rooms, elevators or coverage area where signal has to cross the elevators, metal beams, heavy equipment can all interfere or block 802.11 signals and need to be considered during coverage area planning.

When performing a Site Survey, the coverage should be planned such that the minimum signal strength is -65dbM with a signal to noise ratio of 25db in all areas where coverage is required to support Wi-Fi applications.

In environments where single band devices are used, it is important to ensure the minimum coverage requirements are met for both 2.4GHz and 5GHz frequencies.



Cell Overlap Considerations

Cell overlap plays an important role in ensuring optimal client performance and roaming

Cell overlap should also be sufficient to ensure that a single AP failure will not negatively impact the performance of critical mobile applications.

Client should not have to have its signal deteriorate to the extent that the application performance is impacted before it makes a decision to roam.

Recommendation is to achieve 50% cell overlap while the transmit power matches that of the most sensitive wireless client.

Ex. Vocera recommends that you want to strive to keep -19dBm separation between similar non-overlapping channels (a client on channel 1 at -65dBm or better should not hear another channel 1 with a reading of -84dBm or better)



Radio Transmit Power Considerations

The output power of most Voice over Wi-Fi devices and smartphones is typically about 30mW (~15db)

– Check the client specification when determining the right value.

Avoid Asymmetric connections between the AP and the client

– Results in application performance issues and poor roaming behavior.

Match AP Tx Power with that of the business Critical Client.

For dual band clients,

– Match the 5GHz radio Tx Power with the client

– Keep the 2.4GHz radio Tx power about 3 to 6 dB lower

– This can steer the clients naturally towards 5GHz.

100mW (20dB)

32mW (15db)

10mW (10db)

32mW (15db)

32mW (15db)

32mW (15db)



Receive Signal Strength Indicator

– RSSI is a receivers interpretation of a signal based on the device’s receive sensitivity.

– Recommended Signal Strength for Voice and Multi-media applications is-50dBm

– Site Planning should consider a minimum signal strength of -65 is achieved throughout the coverage area.

– Although signal strength can be adjusted by tuning the transmit power of the antennas post installation, it can create an imbalance with that of the client transmit power as described in the previous section.

Signal To Noise Ratio – SNR

– Indicates how much useable signal is available

– Higher data rates achieved via advanced modulation require higher SNR values

– Maximize your SNR for successful wireless deployments

– SNR of 25 or above is recommended for optimal performance

RF Signal Quality Considerations

Access/Modulation Method ~ Required SNR (dB)

BPSK 1 / 2 8

BPSK 3 / 4 9

QPSK 1 / 2 11

QPSK 3 / 4 13

16-QAM 1 / 2 16

16-QAM 3 / 4 20

64-QAM 2 / 3 24

64-QAM 3 / 4 25

64-QAM 5 / 6 30

256-QAM 3 / 4 32

256-QAM 5 / 6 34



PHY Data Rate Considerations

AP Capability, Client Capability, RSSI & SNR determine the actual data rate for a client association

– Higher data rates require a higher SNR and hence a higher receiver sensitivity.

– 802.11ac data rates require an SNR greater than 30dB

– As the SNR starts going down, the data rates have to go down in order for the device to decode the signal.

– This results in lower data rates as the client starts moving away from the AP.

Lower data rates result in higher air time consumption increasing channel utilization and reducing the available air time for other devices.

Deployments should be planned to provide a minimum data rate of 24mbps for the clients.

Disable 802.11b data rates of 1, 2, 5.5 and 11mbps when there are no 802.11b only devices that require network access.

In order to reduce the air time usage 802.11 management frames, it is recommended to set the Basic Data Rate at 6mbps or higher.

Having higher basic data rate compared to supported data rate can help achieve better client roaming.

Relative data rates for 802.11ac vs 802.11n



Auto Channel Optimization

Auto Channel selects optimal channel assignments for an Access Point’s Radios.

– Access Points brings down the radios an starts auto channel selection by bringing up one radio at a time.

– Access Point scans the surrounding area for RF activity on all channels to select the best available channel

– The Signal Strength of valid 802.11 and non-802.11 signals, Noise floor and SNR are taken into consideration

– When Auto Channel completes, the new channels are set and automatically saved.

– Once set, the option is available to lock channel settings so that they will not be changed again by another Auto Channel operation unless explicitly unlocked.

– When Access Point is reset to factory configuration, the radios select a random channel for 2.4 and 5GHz radios.

Channel Optimization can be performed in 3 ways

– On Demand - through WOS Access Point Monitoring Page by selecting the Access Points in a specific building or floor and clicking “Optimize Channels” under “Configure”. (Recommended)

– On Boot-Up – configured in the AP Profile under Radio Settings, Advanced Settings Page (Optional)

– On a schedule configured within the Profile – create a schedule for automatically run auto-channel at periodic intervals (Not Recommended)

– This will start the algorithm on all APs at the same time and can provide inconsistent results



Auto Channel Optimization

Perform Auto Channel Optimization after installation.

– Use Optimize Channels Option on the Configure -> Access Points Screen within WOS

Review Channel Assignment on the Maps to ensure optimal channels have been selected.

– Adjust channels if required by clicking in the corresponding semi-circle of a radio.

Recommendation is to Lock the Channels after the initial Optimization.

– Especially for deployments with Voice or RTLS requirements or for High density deployments

– Go to WOS -> Monitor Radios -> Select the Radios and Lock the channels using the Bulk Edit option.

Do no run Auto-Channel in a live environment

– All the radios shut down during the optimization causing a network outage.

Auto Channel normally assigns individual 20MHz channels.

40MHz bonds will be preserved

– If Auto bond is enabled on 5GHz channels on the Global Settings .11n page, and have 40MHz channels set up prior to running Auto Channel

80MHz bonds will not be preserved.



Auto Cell Optimization

Auto Cell Optimization adjusts radio power to balance cell size between the selected Access Points

– Optimizes coverage while limiting channel interference between neighboring APs.

– Uses communication between Access Points to set radio power so that coverage is provided to all areas at the minimum power level required.

– This reduces potential interference with neighboring networks.

Auto Cell Optimization can be performed in two ways

– Single Channel Auto Cell

– Use for Lobby/Hallway deployments

– Multi-channel Auto Cell (Recommended)

– Use for in-room, carpeted office deployments




AP transmits a broadcast probe request on the Timeshare Radio on every channel every 250 msec and at max power.

APs hearing a probe request on an operating channel reply with a probe response.

– The probe response will be transmitted at max power.

– The probe response will contain an additional information element (IE) containing

– The max power setting of the radio (power probe response was transmitted).

– The current power level setting of the radio.

– Who this AP hears the ‘loudest’ (highest RSSI)

As the initial AP receives probe responses, it performs the following functions:

– Tracks by channel which AP it has heard the loudest probe response.

– Data is updated every 10 seconds.

– Checks to see if a probe response indicates that another AP hears this AP’s probe responses loudest

– The path loss between the APs is calculated from the information in the probe responses.

– Based on the overlap value (0% to 100%), the power of the radio operating on this channel is adjusted




Cell Overlap Tuning

– For an overlap of 0%, the power is adjusted so that the remote AP (that hears loudest) hears at -90dBm RSSI.

– For an overlap of 100%, the power is adjusted so that the AP (that hears loudest) hears at -70dBm RSSI.

– There is an adjustable minimum TX power (default is 10dbm) to maintain a minimum cell size.

– Recommended to set the overlap to be 50% for optimal performance for Voice or RTLS networks and 20 to 25% for typical enterprise environments.

– If a probe response is not received on a particular channel (indicating that no other AP hears this AP the loudest), the operating radio on that channel will be set to Max power in Single Channel Auto Cell Mode.

Recommendation is to perform Auto Cell Optimization after installation.

– Use Optimize Power Option on the Configure -> Access Points Screen within WOS and select Multi-Channel

Review Power Assignment and make transmit power adjustments as required.

– Adjust transmit power if auto-cell set power is different from the Tx Power of the key wireless clients using the network.

For on-going auto-cell adjustments, auto-cell interval has to be enabled in the Profile.

– Not recommended for Voice over Wi-Fi deployments or Large Public Venues where manual it is recommended to lock down the power settings after the initial tuning and post installation validation.


FEATURE CONSIDERATIONS

Client Roaming

Client Roaming consists of the following stages:

– Client makes the roaming decision according to the received signal strength and signal quality

– Client does a channel scan to search for a better signal from another AP by Processing received Beacon frames from other APs

– Depending on the signal strength from other APs, if the signal threshold programmed within the client is reached, the client makes a decision to roam.

– Client sends a Probe Request to the AP it wants to roam to

– Upon receiving a probe response back from the AP client sends

– 802.11 de-authentication to its current AP

– An 802.11 authenticate followed by re-associate message to the new AP

– For networks using WPA/WPA2 Pre-shared Key or Enterprise the client completes a 4 way EAPOL Handshake

With 802.11k support, WLAN 9100 offers faster and more efficient roaming.

– When enabled, each AP beacon lists the channels that nearby APs offer.

– This supports improves channel scanning, resulting in faster roam times and increased battery life of the clients due to shorter scan times since the station knows where to look for nearby APs.

– The WAP will also respond to requests from stations for an 802.11K Neighbor Report with additional information about nearby APs. This setting is enabled by default.



Client Roaming

Avaya WLAN 9100 Access Points support fast and seamless roaming of wireless clients between two radios on the same or different APs within Layer 2 and Layer 3 networks, while maintaining security.

Access Points handle Fast Roaming using a combination 802.11i and Avaya Roaming Protocol.

– 802.11i allows key caching for fast roaming as clients can pre-authenticate with Access Point and master keys can be cached by both client and Access Point.

– The Roaming Protocol allows Access Points to exchange the Pairwise Master Keys (PMK) with other Access Points as specified in the configuration options.

– Roaming Protocol facilitates the exchange of client authentication status and other relevant information like SSID, VLAN, User Group, Device ID etc. between WLAN 9100 Access Points over the Gig-E interfaces.

– Opportunistic Key Caching(OKC) is supported by the 9100 to enable fast roaming for clients that support OKC.

802.11r support is in the roadmap for both AOS & AOS-Lite Access Points

AOS-Lite Access (WAP9112 and WAP9114) do not support Layer 3 Roaming



Client Roaming – Roaming Modes

Broadcast Mode

– In Broadcast Mode APs share Fast Roaming information using Layer 2 broadcast messages to other access points.

– All the Access Points in the same layer 2 network will receive and process the information and will be targets for Layer 2 Client Roaming.

– This mode cannot be used for Layer 3 Client Roaming.

– This mode can only be used if all the Access Points in a contiguous roaming area are in the same subnet and the Client is assigned to the same VLAN on all the APs.

Tunneled Mode

– In Tunneled Mode, APs establish an OpenVPN Tunnel with other Access Points In Range and fast roaming information is shared using these tunnels.

– Tunneled Mode can be used for Layer 2 and Layer 3 Client Roaming scenarios.

– For Layer 3 Roaming

– When a client roams to an AP where the SSID is mapped to a different VLAN, the AP will tunnel the client traffic to the previous AP from which it had received the roaming information for this client.

– This enables the client to continue to maintain its IP address in the old subnet and maintain the application sessions. When the client is disassociated from the new AP and re-associates after the Station Timeout (default is 300 seconds) expires, the client will get a new IP address in the subnet corresponding to the SSID/VLAN mapping on this AP.

– For Tunneled Mode to work correctly, the APs within roaming range should all be visible to each other.

– If a client roams from one AP to another but the APs cannot see each other, the fast roaming may fail.



Client Roaming - Layer 3 Roaming Challenges

Increased AP & Network Performance Load

– In L3 Roaming scenario, when clients roam from one AP to another, its traffic is still tunneled to the AP in the original subnet to which the client was previously connected.

– This becomes challenging in environments where users connect to an AP at the entrance of the building and then roam to other APs in the building that require L3 Roaming.

– In this case, there is potential that all the user traffic has to be tunneled to AP at the entrance resulting in over-subscription of the Gig-E link.

Complexity in configuration and troubleshooting

– Although the “All” and “In Range” options allow for automatic tunnel creation, there is increased complexity within the network on how traffic flows.

– Troubleshooting can also become challenging as well.

Running out of IP Addresses in the subnet & DHCP Traffic on the network

– In all Layer 3 Roaming environments, it is a common practice to stop tunneling the client traffic when client de-authenticates and establishes a new 802.11 association (after the Station Timeout is expired).

– This could result in client connectivity issues if the client does not restart DHCP process again.

– DHCP Lease times have to be configured to smaller time periods in-order to preserve IP addresses as clients move from one location to other.

– This increases the broadcast traffic on the network as clients have to renew their IP addresses frequently negating one of the main reasons to create a Layer 3 Roaming environment to contain broadcast domains.



Client Roaming - Layer 3 Roaming Solutions

Consider the network design alternatives to environments that otherwise require Layer 3 Roaming

– RADIUS VLAN Assignment –

– The client is assigned to the same VLAN no matter where the client roams to within the site.

– The client also maintains the same VLAN / IP address even if it disconnects and connects back on a different AP.

– Device ID & Dynamic Group Assignment –

– Device fingerprinting assigns devices to unique User Groups with a unique VLAN.

– The client is assigned to the same Group / VLAN as the device identification will be the same across all the APs.

For Networks that cannot use alternatives – Use GRE Tunneling with Ignition Guest Tunneling Server (IGT)

– WLAN 9100 supports GRE Tunneling to encapsulate and transport user traffic to a centralized location.

– Avaya Ignition Guest Tunneling Server is used to terminate the GRE tunneled traffic from the APs.

– The APs support VLAN Split tunneling so that local VLAN traffic is switched on the LAN while Layer 3 Roaming traffic is tunneled to the IGT and processed in the user home VLAN.



Client Roaming - Roaming Assist

Smart Phones and Tablet devices are optimized to maximize battery life and not for Wi-Fi roaming. This leads to sticky clients.

– Devices will stay connected to a radio with poor signal quality, even when there’s a radio with better signal strength within range.

Roaming assist helps clients roam to APs that can provide a better wireless connections.

When roaming assist is threshold is hit, the AP “assists” the device by deauthenticating which forces the client to go through a re-association.

– In most cases the device now re-associates with the optimal AP based on its signal strength data.

– This encourages a client with a high roaming threshold (i.e., a device that may not roam until signal quality has seriously dropped) to move to an AP that gives it a better signal.

The roaming threshold is the difference in signal strength between radios that will trigger a deauthentication.

– If the client’s signal is lower than the sum of the threshold and the stronger neighbor radio’s RSSI, then we “assist” the client.

It has been observed that some wireless clients do not handle the deauthentication gracefully and look for other known SSIDs or switch to a cellular connection before retrying the advertised SSID.



Client Roaming – Recommendations

Roaming Mode = Broadcast

– Make sure all the Access Points in a contiguous roaming area are in the same subnet and the Client is assigned to the same VLAN on all the APs.

Share Roaming Info with ALL APs.

For Large Wireless Networks that require Layer 3 Roaming scalability - consider

– Using alternatives for VLAN assignment

– Using GRE tunneling option to tunnel Roamed client traffic to a central location.

With 802.11k support in the latest iOS or Android devices, it is recommended to leave 802.11k enabled on the AP instead of Roaming Assist for improving client roaming performance.

Roaming Assist is recommended for networks with a lot of legacy devices that do not support 802.11k and clients demonstrate AP stickiness.



Web Page Redirect / Captive Portal

Web Page Redirect (WPR) / Captive Portal serves two key functions for WLAN 9100 solution

– Guest Access Management

– BYOD – Onboarding / Self Registration of personal devices.

Captive Portal Challenges in Controller Architectures

– Users/Devices associate to an open or known SSID but do not always complete Captive Portal Authentication.

– While the device is associated to the AP, the client traffic is continuously redirected to the web server hosting the Captive Portal pages.

– The Captive Portal Web Server scalability becomes a significant challenge in LPVs and other large networks with all the users in a wireless network hitting a centralized web server in the controller.

WLAN 9100 Access Points support Captive Portal Functionality directly on the Access Points.

– WLAN 9100 resolves the scalability challenge by using a built in captive portal.

– Only clients associated to an AP needs to be served by the web server within the AP therefore not exposed to the scaling challenges.

– All user traffic is blocked at the AP until the WPR/Captive Portal authentication is completed.

– When a client completes Captive Portal Authentication, the session information is shared with other APs to allow for seamless client roaming.

Wireless LAN Orchestration System allows for visual customization of the Captive Portal Splash or Login Page.




Landing Page Only

– User is redirected to a pre-configured URL upon association and when a browser is opened.

– No action is required by the user.

Internal Web Server

– The web server within the Access Point hosts the splash page or login page

– The user HTTP traffic is redirected to the internal web server for completing the Captive Portal authentication.

– User Authentication can be performed using an external RADIUS server.

DNS

802.11 Authentication / Association

DNS Resolution

URL Request to Destination IP

Redirection to Internal Web Server IP

URL Request Internal Web Server IP

WPR Splash / Login Page Presented

Client Post with Login/Password

Redirection to Original Web Server IP

URL Request to Original Web Server IP

Internet




External Web Server

– User traffic is blocked on the AP and redirected to a login page that resides on an external web server for authentication.

– The external login page will collect the username and password and then pass the credentials back to the AP for authentication.

– The AP then sends the username and password to the internal or external RADIUS server to verify user authentication.

– If authentication is successful, the client browser is redirected back to the user-requested URL or the specified landing page.

DNS

802.11 Authentication / Association

DNS Resolution

URL Request to Destination IP

Redirection to External Web Server IP

URL Request External Web Server IP

WPR Splash / Login Page Presented

Client Post with Login/Password

Redirection to Original Web Server IP

URL Request to Original Web Server IP

Internet




Recommendation is to use Internal Web Server when possible

– Provides simple customization options and better scalability

Using External Web Server can be advantageous in some cases

– Changes made to the Login page can be done in a single location instead of doing it within multiple profiles when present.

– Hosting the page on an external web server can give the customer more flexibility and control over the cgi script and even allow for the use of PHP or ASP as the backend scripting language.

– When External CA Certificate needs to be used to meet corporate security policy.

– When Captive Portal Pages are required to be presented in a language other than English.

AOS-Lite Access Points (WAP9112 & WAP9114) only support the External Web Server option.

Avaya Identity Engines Access Portal supports WLAN 9100 External Web Server Option

– Enables IDE Access Portal to act as an offline Captive Portal Application where User Traffic does not flow through the Access Portal.

– Brings the advanced BYOD and Guest management capabilities of the IDE portfolio to enable Unified Wired/Wireless Policy enforcement.



User Groups

User or Device based segmentation or policy enforcement is critical for majority of the wireless networks.

Using SSIDs for providing the service differentiation degrades the capacity and performance of the wireless network.

User Groups enables the ability to define user policies independent of the SSID thereby reducing the number of SSIDs in the network.

– Group assignment can be done by the RADIUS server based on a User or Device Policy –

– Standard RADIUS Attribute “filter-id” is used to specify the User Group in the RADIUS Response message.

– Allowed when using WPA/WPA2 Enterprise or RADIUS MAC for authentication with External RADIUS Server.

– Group assignment can also be done within the AP based on Device Fingerprinting

– User Groups allow for differentiation in VLAN mapping, traffic limits, QoS, Application control , Captive Portal Page displayed etc.

– The characteristics specified in a User Group take precedence over those specified for the SSID.

It is recommended to use User Groups when multiple types of user profiles exist that can share the same encryption type, but have the need for different network resources due to a security policy.

It is not recommend to use User Groups when using dynamic VLANs via RADIUS. The User Group’s VLAN setting will override the Dynamic VLAN settings.



Load Balancing / Band Steering

Load Balancing feature on the WLAN 9100 is designed to distribute clients across multiple radios/access points rather than just the closest radio with the strongest signal strength.

In Wi-Fi networks, the client decides to which radio it will associate. The AP cannot actually force load balancing, however the AP can “encourage” stations to associate in a more uniform fashion across the radios within an AP or across APs.

The goal of load balancing is to distribute the stations’ data traffic to more effectively utilize all of the bandwidth offered by the different APs / Radios associate to radios with weaker signal strength.

The AP calculates a weight for each radio that receives a probe request from a wireless client taking into account

– Band Capability

– Number of Spatial Streams

– VHT (.11ac) capability

– HT (.11n) capability

– SNR (Signal to Noise ratio)



Load Balancing / Band Steering

A station will be allowed to associate, regardless of weighting, if it the number of attempts to associate has reached

– The third attempt on a specific Radio of an AP.

– The forth attempt across all the Radios of an AP.

– The sixth attempt across all APs in the contiguous roaming area.

– A station is re-associating. If it was already associated to this radio, it is let back in immediately.

– If a station does attempt to associate w/o sending a probe request, it will be allowed to associate immediately regardless of weighting.

– If radio, SSID, or band specific station counts are already exceeded.

It is recommended to use Load Balancing in high user density environments only.

Load Balancing Steers the Client to the best radio option available and not just based on Band or Number of Clients associated to the Radio/AP.

– Ex. If a dual band client is associating to a 2.4GHz radio, it may be allowed instead of steering it to a 5GHz radio because the 2.4GHz radio is the best available option or the 2.4GHz radio is capable of providing acceptable performance.



Broadcast & Multicast Optimization

Per 802.11 standards, broadcast and multicast traffic is always transmitted over the air at the lowest supported data rate.

– This results in broadcast / multicast traffic consuming a lot more air-time and reducing the medium capacity for other business critical applications.

Broadcast Optimization

– Changes the rates of broadcast traffic sent by the AP (including beacons).

– When Broadcast Rates are set to Optimized, each broadcast or multicast packet that is transmitted on each radio is sent at the lowest transmit rate used by any client associated to that radio at that time.

– This results in each radio broadcasting at the highest AP Tx data rate that can be heard by all associated stations, improving system performance.

– The rate is determined dynamically to ensure the best broadcast/multicast performance possible.

– When set to Standard (the default), broadcasts are sent out at the lowest basic rate only — 6 Mbps for 5GHz clients, or 1 Mbps for 2.4GHz clients. The option you select here is applied to all radios.

Multicast Optimization

– Multicast Traffic when sent un-modified - the packet is sent as a broadcast packet over the air or at the lowest supported data rate.

– When Multicast to Unicast conversion is applied, the multicast packet is sent as a unicast packets to individual clients that have joined a particular stream.

– The benefit of using the higher data rates for unicast packets goes away as the number of clients joining the group increases due to packet replication.



Air Cleaner

The Air Cleaner feature offers a number of predetermined filter rules that eliminate a great deal of unnecessary wireless traffic, resulting in improved performance.

It is recommended to add Air-Cleaner Filters to the Global Filter list for optimum performance.

You may select all of the air cleaner rules for the greatest effect, or only specific rules, such as broadcast or multicast, to eliminate only a particular source of traffic. Sample rules are

– Air-cleaner-Arp.1 blocks ARPs from one client from being transmitted to clients via all of the radios. The station-to-station block setting doesn't block this traffic, so this filter eliminates this unnecessary traffic.

– Air-cleaner-Dhcp.1 drops all DHCP client traffic coming in from the Gigabit interface. This traffic doesn't need to be transmitted by the radios since there shouldn't be any DHCP server associated to the radios and offering DHCP addresses. For large subnets the DHCP discover/request broadcast traffic can be significant.

– Air-cleaner-Dhcp.2 drops all DHCP server traffic coming in from the radio interfaces. There should not be any DHCP server associated to the radios. These rogue DHCP servers are blocked from doing any damage with this filter. There have been quite a few cases in public venues like schools and conventions where such traffic is seen.

– Air-cleaner-Mcast.1 drops all multicast traffic with a destination MAC address starting with 01. This filters out a lot of IP multicast traffic that starts with 224.

– Air-cleaner-Mcast.2 drops all multicast traffic with a destination MAC address starting with 33. A lot of IPv6 traffic and other multicast traffic is blocked by this filter.

– Air-cleaner-Mcast.3 drops all multicast traffic with a destination MAC address starting with 09. A lot of Appletalk traffic and other multicast traffic is blocked by this filter. Note that for OSX 10.6.* Snow Leopard no longer supports Appletalk.

– Air-cleaner-Bcast.1 allows all ARP traffic (other than the traffic that was denied by Air-cleaner-Arp.1). This is needed because Air-cleaner-Bcast.5 would drop this valid traffic.

– Air-cleaner-Bcast.4 allows all roaming protocol traffic from WAPs to be received from the wire. This is needed because Air-cleaner-Bcast.5 would drop this valid traffic.

– Air-cleaner-Bcast.5 drops all other broadcast traffic that hasn't previously been explicitly allowed. This filter will catch all UDP broadcast traffic as well as all other known and unknown protocol broadcast traffic.

Visit Our Smart City

6:30pm 9:00pm

Monday, April 4

7:00am 8:30am

12:15pm 1:30pm

Tuesday, April 5

7:00am 8:30am

12:15pm 1:30pm

6:00pm 8:00pm

Wednesday, April 6

7:00am 8:30am

(Expo closes after

breakfast)

Thursday, April 7

Expo Hours

Complete your survey at the end of the session in the Mobile App

✓

✓

✓

✓

✓

wi-fi technology deep dive: part 2 - network infrastructure€¦ · top selling – 802.11ac wave 1...

Documents