wireless networking chapter 16. objectives explain wireless networking standards describe the...

Wireless NetworkingWireless Networking

Chapter 16

ObjectivesObjectives• Explain wireless networking standards• Describe the process for implementing

Wi-Fi networks• Describe troubleshooting techniques

for wireless networks

OverviewOverview

Introduction to Wireless Introduction to Wireless NetworkingNetworking

• Wireless network uses radio waves as the media– Convenient and sometimes the only option– Same OSI layers as wired networks– Same upper-layer protocols as wired networks– Different methods for accessing the media– Wi-Fi IEEE 802.11 wireless Ethernet standards

Three Parts to Chapter 16Three Parts to Chapter 16

• Wi-Fi Standards• Implementing Wi-Fi• Troubleshooting Wi-Fi

Wi-Fi StandardsWi-Fi Standards

• Wi-Fi IEEE 802.11 Standards– 802.11a– 802.11b– 802.11g– 802.11n

• Certified by 300-member Wi-Fi Alliance– Members design and manufacture

Wi-Fi products– Certification should ensure compatibility

• 802.11– Standards define how devices communicate– Some define how to secure communications– Each sub-standard by a IEEE subcommittee– Wireless Fidelity (Wi-Fi)– 802.11 established baseline features

• Hardware– Adapters

• Wireless Ethernet NICS• PCI, PC Card, external USB

– Wireless access point (WAP)• Basic WAP operates like a hub at Layer 1• Often multiple devices in one box

– High-speed hub or switch– Bridge– Router

Figure 16.1 Wireless PCI NIC

Figure 16.2 External USB wireless NIC

Figure 16.3 Linksys device that acts as wireless access point, switch, and DSL router

• Software– Wireless device drivers– Wireless configuration utilities– Link state– Signal strength– Other settings

• Wireless network modes• Security• Power-saving options

Figure 16.4 Wireless client configuration utility

• Wireless Network Modes– Ad hoc mode

• Also called peer-to-peer mode• Uses a mesh topology• Independent Basic Service Set (IBBS)

Figure 16.5 Wireless ad hoc mode network

• Wireless Network Modes– Infrastructure mode

• Uses one or more access points• Similar to a wired star topology• Basic service set (BSS)

– Serviced by a single WAP• Extended service set (ESS)

– Serviced by two or more WAPs

Figure 16.6 Wireless infrastructure mode network

• Speed– Dependent on a few factors

• Standard used by wireless devices• Distance• Interference• Dead spots

• Range– Hard to define– 802.11 “around 150 feet”– Affected by environmental factors

• Basic Service Set Identifier (BSSID)– Most basic infrastructure mode network– BSS is one WAP and one or more nodes– BSSID same as the MAC address of WAP– IBSS nodes (ad hoc mode) 48-bit string– BSSID in every packet

• Service Set Identifier (SSID)– Another level of naming– Standard name applied to BSS or IBSS– Sometimes called a network name

• Extended Service Set Identifier (ESSID)– Wi-Fi network with multiple WAPs (ESS)– Most Wi-Fi devices use term SSID

• Broadcasting Frequency– Potential for interference from other

wireless devices– Tech must know frequencies of other

wireless devices– Original 802.11 standards use 2.4-GHz

frequency

• Broadcast Methods– Original IEEE 802.11 standard used spread-

spectrum radio waves• Broadcasts data in small, discrete chunks• Used different frequencies within a range• Three different spread-spectrum broadcasting

methods

• Direct-sequence spread-spectrum (DSSS)– Sends simultaneously on different

frequencies– Early 802.11 standards used this– Uses ~22 MHz of bandwidth– Capable of greater data throughput

than OFDM– More prone to interference than FHSS

• Frequency-hopping spread-spectrum (FHSS)– Hops from frequency to frequency– Sends on one frequency at a time– Uses less bandwidth than DSS (~1MHz)

• Orthogonal frequency-division multiplexing (OFDM)– Latest method– Combines multiple frequencies of DSSS

with FHSS’s hopping capability– Later 802.11 standards use this

• Channels– A portion of the spectrum– 802.11 standard defined 14 channels– Different countries may limit channels– In U.S. WAP may use channels 1 – 11 – There is overlap– Do not use close channels on nearby WAPs– Most WAPs default to channel 1, 6, or 11

• CSMA/CA– Carrier sense multiple access/collision

avoidance– Access method

• Allows multiple devices to share network media– Wireless devices cannot detect collisions– Two collision avoidance methods

• Distributed coordination function (DCF)• Point coordination Function (PCF)

• 802.11b– Data throughput up to 11 Mbps– Range up to 300 feet– Popular

• 2.4-GHz frequency is crowded• More likely to have interference from other

wireless devices

• 802.11a– Device on market after 802.11b– Different from all other 802.11 standards

• 5-GHz frequency range• Up to 54 Mbps• Short range (~150 feet)• Never as popular as 802.11b• Incompatible with 802.11b

802.11 Summary

Standard Frequency Spectrum Speed Range Compatibility

802.11 2.4GHz DSSS 11 Mbps ~300′ 802.11

Table 16.1

802.11b SummaryStandard Frequency Spectrum Speed Range

Compatibility802.11b 2.4GHz DSSS 11 Mbps ~300′ 802.11b

Table 16.2

802.11a Summary

Standard Frequency Spectrum Speed Range Compatibility

802.11a 5.0GHz DSSS 11 Mbps ~150′ 802.11a

Table 16.3

• 802.11g– Up to 54 Mbps– Range of 802.11b (~300 feet)– Backward compatible with 802.11b– WAP can service both 802.11b and 802.11g– All 802.11g network runs in native mode– Add 802.11b devices

• Mixed mode• All communications drop to 11 Mbps max

• 802.11n– Faster and newer antenna technology– Most devices must use multiple antennae– Multiple in/multiple out (MIMO)– Up to 600 Mbps theoretically– Many WAPs use transmit beamforming– Dual-band WAPs run at 5 GHz and 2.4 GHz– Some WAPs support 802.11a devices

802.11g Summary

Standard Frequency Spectrum Speed Range Compatibility

802.11g 2.4GHz OFDM 54 Mbps ~300′ 802.11b/g

Table 16.4

802.11n SummaryStandard Frequency Spectrum Speed Range

Compatibility802.11n 2.4GHz1 OFDM 100+Mbps ~300′ 802.11b/g/n2

1Dual-band 802.11n devices can function simultaneously at both 2.4 and 5.0GHz bands.2Many dual-band 802.11n WAPs support 802.11a devices as well as 802.11b/g/n devices. This is not part

of the standard, but something manufacturers have implemented.

Table 16.5

• Wireless Networking Security– Problem

• Easy-to-install devices have no default security• Network data packets are in radio waves

– Three wireless security methods• MAC address filtering• Wireless authentication• Data Encryption

• MAC address filtering– Limits access to specific NICs– “Accepted users” list of MAC addresses – List stored in WAP– Rejects packets with other MAC addresses– Alternatively create exclusion list– Problem: hackers can spoof MAC addresses– MAC address must be updated for changes

• Wireless Authentication– Users with proper credentials get access– Can use a centralized security database– Requires extra steps for wireless users– 802.1X standard

• RADIUS Server• Extensible Authentication Protocol (EAP)

password encryption

• Wireless Authentication– RADIUS server

• Provides authentication for network access• Enables access to user’s rights on network• Client computer is called a supplicant• WAP is the Network Access Server (NAS)• NAS contacts RADIUS server• RADIUS server checks security database• User given access if credentials are correct

Figure 16.7 Authenticating using RADIUS

• Wireless authentication problem areas– Connection must be secure

• PPP between supplicant and WAP/NAS• IPSec between WAP/NAS and RADIUS server• RADIUS server uses an authentication protocol

– EAP-TLS– EAP-TTLS– PEAP

• WAP and wireless NICs must use same authentication protocol

Figure 16.8 Authentication using RADIUS with protocols in place

Figure 16.9 Setting EAP authentication scheme

• Data Encryption– Wired Equivalent Privacy (WEP)

• 64- or 128-bit encryption algorithm• Problems

– Easily cracked– Only works on Data Link and Physical layers– No encryption above Data Link layer– Key is static and shared– No user authentication

• Data Encryption– Wi-Fi Protected Access (WPA)

• Dynamic encryption key generation– Issued per-user and per-session

• Temporal Key Integrity Protocol (TKIP)• 128-bit encryption key• Problem: key can be broken

• Data Encryption– Wi-Fi Protected Access 2 (WPA2)

• Amendment of 802.11 standard by 802.11i– Issued per-user and per-session

• Uses Advanced Encryption Standard (AES)– 128-bit block cipher– Not completely hack proof– Deters casual hackers

• Power over Ethernet (PoE)– Power and Ethernet signals via Ethernet

ports– Good for WAPs far from power outlets– Both WAP and switch must comply

with PoE

Implementing Wi-FiImplementing Wi-Fi

• Site Survey– What wireless devices are already there?

• Radio bands in use• Existing SSIDs and channels• Unique SSIDs• Separate channels within same radio band

– Locate Interference Sources• Create sketch and identify interference sources• High-interference area may require 802.11n• May need multiple WAPs to avoid dead zones

Figure 16.10 Site survey with interference sources noted

• Installing the Client– Read instructions with NIC

• Install bus NIC and attach antenna• Special instructions for USB NIC

– Install drivers and software first– Then connect NIC

Figure 16.11 Wi-Fi PCI NIC installed

• Setting up an Ad Hoc Network– Set NICs for ad hoc mode– SSID– IP addresses– Channel– Sharing

Figure 16.12 Selecting ad hoc mode in wireless configuration utility

• Setting up an Infrastructure Network– Placing Access Points

• Omni-directional and centered –Radio waves flow outward –Standard straight-wire dipole antennae

• Off-center position• Gaining gain• Focusing the wave with directional antenna

Figure 16.13 Room layout with WAP in the center

Figure 16.14 Replacement antenna on WAP

• Setting up an Infrastructure Network– Access Point Configuration

• Configure the SSID (ESSID) and beacon• Configure MAC address filtering• Configure encryption• Configure channel and frequency• Configure the client

Figure 16.15 Security login for Linksys WAP

Figure 16.16 Linksys WAP setup screen

Figure 16.17 Setting the beacon interval

Figure 16.18 MAC address filtering configuration screen for a Linksys WAP

Figure 16.19 Encryption key configuration screen on Linksys WAP

Figure 16.20 Encryption screen on client wireless network adapter configuration utility

Figure 16.21 Encryption screen with RADIUS option

Figure 16.22 Changing the channel

Figure 16.23 Selecting frequency

Figure 16.24 Typing in an SSID manually

• Extending the Network– Adding a WAP– Wireless Bridge

• Point-to-point• Point-to-multipoint

– Repeating bridges– Bridges with access point and router

functions

• Verify the Installation– Move traffic between computers– Always verify installation before leaving

Figure 16.25 Linksys wireless bridge device

Troubleshooting Wi-FiTroubleshooting Wi-Fi

• Logical troubleshooting steps– What is the scope of wireless problem?

• Who is affected– One wireless client?– All wireless clients?

• What is nature of problem?– What network services do/don’t work?– If some work, others don’t, it is not a network

problem• When did problem start?

• Hardware Troubleshooting– Like PC troubleshooting– Detect driver or resource problems with

Device Manager• If necessary reinstall the device driver• If necessary reset the IRQ resources• Device not present?

– Reseat PCI card/check connection on USB– Check for CardBus problems

• Software Troubleshooting– Wireless adapter configuration

• User vendor’s driver and configuration utility• Use Device Manager to uninstall and install

vendor driver and utility– WAP’s firmware version

• Symptom: client connects, but slow speed• Update access point’s firmware

• Connectivity Troubleshooting– Not connecting automatically and quickly– Causes

• Incorrect configuration• Low signal strength

– Solutions• Higher-gain antennae• Move PC or WAP• Move the interference

Figure 16.26 Windows XP Professional’s wireless configuration utility

• Configuration Troubleshooting– Check SSID

• Must be identical on all devices– Check MAC address filter list for new NICs– Check security configuration

• All wireless nodes and WAPs must match• Check for mistyped encryption key