Setting up hardware and software

home Video
Video

Seamless WiFi. Seamless Wi-Fi roaming: theory in practice Seamless wifi coverage

802.11R. Fastswitching between points (handover)

Many Wi-Fi manufacturers promise seamless switching between access points using their “brilliant” proprietary protocol.

Despite the beautiful promises, in practice, delays during switching (handover) can be significantly longer than the stated 50-100 ms (switching can take up to 10 seconds when using the WPA2-Enterprise protocol). The fact is that the decision to switch to another access point is always made by the client equipment. Those. Your smartphone, laptop or tablet decides when to switch and how to do it.

Often the proprietary protocols of well-known Wi-Fi manufacturers are based on forced de-authentication of the device when the signal quality deteriorates. Sometimes in settings Wi-Fi points you can set “roaming aggressiveness” - the minimum signal value at which the device will be “thrown out” of the network. Often client equipment does not react correctly to such a “kick in the ass.” The TCP session is terminated and file downloading stops. The connection to mail server, virtual machine. Connecting to the SIP server requires re-authentication.


Quite often, the client device, instead of connecting to a nearby point with a better signal ( To this decision pushes himWiFicontroller) tries to re-establish the connection with the previous point to no avail. It’s even worse if the device tries to connect to another network from the list of saved ones (for example, a guest network).

But even if the switching process goes according to plan, repeated key exchange (EAP) and authorization on the Radius server (WPA-2 Enterprise) take up significant time.

To solve these problems, the Wi-Fi Association developed the 802.11R protocol. Currently, most mobile devices support it (Apple starting with iPhone 4S, Samsung Galaxy S4, Sony Xperia Z5 Compact, BlackBerry Passport Silver Edition,...)

The essence of 802.11R is that the mobile device knows its own and foreign points by the mobile domain membership signal (MDIE). This signal is added to the SSID beacon signal.

If your iPhone sees a point from its mobile domain with the best signal/noise level, before starting the switching procedure along the existing “thread” it carries out a preliminary authorization with another point in the mobile domain.

Secondly, authorization takes place according to a simplified scenario - instead of a long authorization on the Radius server, the client device exchanges the PMK-R1 key with the Wi-Fi controller. (The initial key PMK-R0 is transmitted only during primary authentication and is stored in the memory of the Wi-Fi controller).

At the moment when another point has “retrospectively” authorized the device, the actual handover occurs. Reconfiguring the frequency and channel in a smartphone takes no more than 50 milliseconds. In most cases, it goes completely unnoticed for the user.

When choosing a solution for an office Wi-Fi networks— pay attention to whether the selected equipment supports the open roaming protocol 802.11R, which is understandable for client devices. For example, Edimax Pro equipment fully supports this protocol, so in most cases there are no problems with roaming. However, if your device is old and does not understand the 802.11R protocol, it is possible to adjust the aggressiveness of roaming based on the signal dropping below a threshold - as other Wi-Fi manufacturers do, touting it as an "innovative solution".

802.11 K.Load Balancing in a Wireless Network

In addition to roaming problems, corporate users often have to deal with congestion at one access point. In a classic Wi-Fi implementation, all devices try to connect to the access point with the best signal. Sometimes, as a result of an incorrect location of the point (radio planning error), all the “office inhabitants” are registered at one point, while the rest are “resting”.

Due to uneven load the speed drops significantly local network, because the radio broadcast is one big “hub” where devices “speak in turn.”

To smooth out unevenness and optimally distribute users between points operating on different radio channels, the 802.11K protocol was developed.

802.11K works in conjunction with 802.11R (as a rule, devices that support the “R” standard also support the “K” standard).

If a mobile device “sees” a beacon signal from other points that are in the same mobile domain, the device sends a broadcast request “Radio Measurement Request frame”, in which it requests information about current state other access points within visibility range:

    number of registered users

    average channel speed (number of packets transmitted)

    how many bytes were transferred in a certain time interval

In the extended specification of the standard, the client's smartphone can query the channel status of other mobile devices connected to a potentially interesting access point that support the 802.11K standard. Devices respond not only with real statistics, but also with signal/noise status.

Thus, if your smartphone sees 2 or more points within one mobile domain, it will choose not the point with the best signal, but the point that will provide higher connection speed to the local network (less congested).

Reception conditions, the number of users and the load at the point can change dynamically, but using the 802.11K and 802.11R protocols, devices will switch seamlessly and the network load will always be distributed evenly.

Many manufacturers using proprietary protocols implement something similar to 802.11K, where an “overloaded” point forcibly disconnects clients with worse reception conditions or limits maximum amount simultaneously registered devices and disables registration if the number of clients has exceeded acceptable limits. These proprietary protocols are not as effective, but still prevent the Wi-Fi network from collapsing completely.

How to save on radio planning thanks to802.11K

The use of equipment that supports the 802.11R and 802.11K protocols partially corrects errors made during radio planning. Dynamic protocols with roaming support make it possible to prevent overloads of individual points and distribute the load between points evenly throughout the network.

The WiFi-solutions team recommends that you always do radio planning, but sometimes in small networks, you can arrange the points chaotically. Dynamic protocols will improve Wi-Fi quality and load distribution between channels of neighboring points.

The use of dynamic protocols for seamless roaming reduces overlap areas. Thus, high-quality coverage can be ensured with a smaller number of points. Savings on equipment - up to 25%.

I need some advice. Contact me.

Modern principles of building information and communication networks are focused not only on providing high-speed access, but also on user convenience. Roaming in Wi-Fi networks is the very component that is more related to the convenience of subscribers. In radio networks, roaming is the process of switching a wireless network subscriber from one base station(access point from whose service area the subscriber leaves) to another (into whose service area this subscriber enters).

A fairly common situation in the offices of large companies with a Wi-Fi network is the lack of roaming or its incorrect configuration. This leads to the fact that, despite the presence of uniform radio coverage throughout the building, when a subscriber moves around it, SSH sessions are interrupted, file downloading stops, not to mention communication sessions are interrupted when using WatsApp, Skype and other similar applications.

The simplest, cheapest and most common way to organize roaming is to configure a radio network of access points with the same SSID. When the power of the radio signal from the subscriber weakens (the SNR - signal-to-noise ratio decreases), this leads to a decrease in the connection speed, and if the SNR falls below a critical level, the connection is completely broken. If a wireless subscriber device “sees” equipment on the network with the same SSID, then it connects to it.

Many manufacturers of wireless equipment use proprietary protocols to organize roaming, but even in this case, handover delays can reach several seconds, for example, when using the WPA2-Enterprise protocol, when connecting access points to a RADIUS server is required:

The stumbling block in organizing Wi-Fi roaming is that the decision to switch from one access point to another is made by the subscriber (more precisely, the client equipment). Most protocols for switching a subscriber from one Wi-Fi device to another use forced disconnection of the user from the access point when the signal quality deteriorates. In the settings of most access points that support roaming, you can set minimum level signal at which the subscriber will be disconnected from the network. This is not the most the best option implementation of roaming, because the TCP session still breaks, and the client device may unsuccessfully try to continue trying to establish a connection with the device that blatantly kicked it out of the network.


802.11r and 802.11k- "Mobile"Wi-Fi

To solve the problems described above, the 802.11r specification was released in 2008 (and later an amendment to it - 802.11k), which is an addition to the 802.11 standard and serves to provide seamless radio coverage and switch subscribers from one access point to another. So if you are going to solve a similar problem of organizing a seamless Wi-Fi roaming, then you need to select equipment that supports these standard specifications.

802.11r uses Fast Basic Service Set Transition technology, which stores encryption keys from all access points in one place, allowing the subscriber to reduce the authentication procedure to the exchange of four short messages. The 11k amendment allows you to reduce the detection time of access points with better signal levels. This is realized due to the fact that packets with information about neighboring access points and their status begin to “fly” over the wireless network.

The general principle of operation of the 802.11r standard is that the subscriber terminal has a list of available access points. Available points belong to the same MDIE mobile domain, information about MDIE membership is broadcast along with the SSID. If the subscriber sees an available access point from MDIE with a better SNR level, then the subscriber will wireless connection performs pre-authorization with another access point from MDIE.

To speed up the connection, authentication occurs according to a simplified scheme: instead of authorization on the RADIUS server, the subscriber terminal exchanges Wi-Fi controller PMK key. The PKM key is transmitted only during the first authentication and is stored in the Wi-Fi controller memory.

Only after another access point has authorized the subscriber does handover occur. Further, the switching speed will no longer depend on how quickly packets fly through the network, but only on how quickly the subscriber device can adjust the frequency to new channel. With this algorithm, subscriber switching occurs unnoticed by the user.

Despite the fact that the vast majority of modern Wi-Fi devices supports 802.11r, you always need to leave a backup option, so it’s a good idea to configure “aggressive roaming”, which works on the principle of disconnecting a subscriber when the SNR drops below a specified threshold.


Ready-made solutions for seamless roaming

You can organize roaming on a wireless network using regular access points that support the above specifications. And this option is more suitable for cases where the network consists of a small number of access points. But if your network has a dozen wireless points, then for such a network it is more appropriate to consider specialized solutions from Cisco, Motorola, Juniper Aruba, etc.

Some solutions require setting up a separate controller that manages the entire network, but there are others that do not require a controller. For example, Aruba Networks has Instant points that do not work without a physical controller, but there is a virtual one that rises on one of the points. At the same time, most of the services for which such networks are created work: seamless roaming, scanning of the radio spectrum and space, recognition of devices on the network. In the future, as the network grows, these points can be switched to operating mode with a physical controller, abandoning the virtual one.

Motorolla is famous for its intelligent Wing 5 solution, which is “endowed” with wireless equipment. Thanks to this solution, all equipment (both local and remote) is combined into a single distributed network, which allows you to reduce the number of switches in the network, and access points can work more synchronously and efficiently.

With Wing 5, Motorolla can intelligently control bandwidth and load balance between access points, thereby distributing network traffic evenly across all access points. In addition, the equipment can dynamically change its configuration if interference is detected (for example, if there is a microwave oven nearby). The equipment also has an adaptive coverage function, which allows you to increase the signal strength for devices on a network with a low signal-to-noise ratio (SNR). And of course, an important function is self-healing of neighboring access points if they freeze.

Cisco also has a similar solution, and it is called Cisco Mobility Express Solution. Cisco's approach to software somewhat reminiscent of Apple - easy to deploy and configure (setup takes less than 10 minutes). Therefore, it is suitable for companies with a small staff of IT specialists or no staff at all. Mobility Express Solution is deployed on Cisco Aironet access points, which also have virtual controller and there is no need to purchase a separate device for this. Connecting and setting up Aironet can be done even from a regular smartphone; you just need to connect to the access point using a known SSID with a standard factory password:

When connecting to an access point using a known IP address, the user will be prompted to complete setup using the Cisco WLAN Express Setup Wizard. Regardless of how many access points there are in the network, its configuration can be done through any Cisco Aironet equipment running on the network. By the way, when setting up a network from a smartphone, you can download a separate Cisco Wireless application, available in both Google Play, and App Sore.


Conclusion

Setting up network roaming without using specialized solutions from leading manufacturers network equipment possible, but it's always useful to use more than just the "bare standard". Therefore, implementing seamless roaming using enterprise-class virtual or physical WLAN controller solutions from manufacturers such as Cisco, Motorola, Juniper and Aruba makes it easy to manage other access points without the need for additional equipment. This means that with their help, any company, both small and medium-sized businesses, can offer their wireless customers the same high level services, like large enterprises, without any additional costs and complex software.

In this article we will learn how to create a single seamless WiFi network on MikroTik / Mikrotik routers. Where can this be useful? For example, in various cafes or hotels, where one wi-fi router not enough to cover all premises and access to the Internet, and with large quantity access points, various kinds of problems constantly arise: on laptops the connection constantly disappears, and mobile devices do not switch independently to the nearest access point.

The solution to this situation is seamless WiFi network roaming or handover, which we can get thanks to the CapsMan functionality from several Mikrotik routers, one of which will be a WiFi controller, and the rest will be access points controlled by this controller.

The first thing you need to do is update to latest version BY. The firmware can be downloaded from the official website. Next, going into the MikroTik interface, drag it to the Files section and reboot the router. Along with the firmware, you also need to download the Wireless CAPs MAN package, drag it to the same place and reboot. After completing the steps, you can proceed to configuration.

Let's start with the controller. Open the CAPsMAN section by clicking the corresponding button in the main menu. In the Interfaces tab, click the Manager button (turn on controller mode) and in the window that appears, check the Enable box and save OK. After that, go to the Configurations tab.

The configuration settings will apply to all access points connected to the controller. Click the blue cross and in the Wireless tab indicate the configuration name (3), wireless network mode (4), network name (5), and also turn on all wireless antennas for reception and transmission (6), save (7) and go to the Channel tab .

Here we indicate the frequency (2), wireless network broadcast format (3) and channel (4). Save (5) and go to the Datapath tab.

Here we only need to check the Local Forwarding box - this will transfer traffic control to the access points. All that remains is to fill out last tab Security.

In the security section, select the authentication type, encryption method and password for the wireless network, click OK.

After we have created the configuration, we move on to the next step - deployment. In the same CAPsMAN section, select the Provisioning tab (1) and click the blue cross. The Radio MAC field (2) allows us to select a specific access point to which our deployment will relate. We leave it as default so that the deployment applies to all access points. In the next Action field (3) select createdynamicenabled, since we have a dynamic interface. In Master Configuration (4) we indicate the name of the configuration created above.


We’re done with the CAPsMAN section, let’s move on to the Wireless section (1). In the Interfaces tab, click the CAP button (3), check the Enabled checkbox (4), select the wlan1 interface and indicate the IP address of our main router, which is also the controller.

If we did everything correctly, then two red lines will appear in the Interfaces tab, indicating that wifi adapter connected to the controller and adopted all the necessary settings.

At this point, the configuration of the main router-controller is completed, and this network can be used to create telephone network and connections to an office PBX

Setting up access points that will connect to the controller via an Ethernet cable is quite simple. They also need to be updated to the latest version and CAPs MAN installed. Next, we combine all the ports and wi-fi interface into one Bridge in the section of the same name.

The next step in the Wireless section is to do the same as on the controller, except that instead of the IP address in CAPs MAN Addresses, we indicate the Bridge created on the access point in the Discovery Interfaces field. After the manipulations have been completed, the access point will receive settings from the controller and will distribute wi-fi (the same two red lines should appear in the Interfaces tab).

Nowadays various wireless devices, for which high-speed network access is possible only via WiFi. These are Ipad/Iphone, and other mobile gadgets. When do you want to organize WiFi access on an area of ​​30 sq. m., then installing a regular Dlink for 1200 rubles will solve all your problems, but if you have an area >500 sq. m. m. and this is only for one floor, this solution will not work. If you use regular access points or routers, then each router will have its own network name (unique SSID) or the routers will need to be spaced far apart so that coverage areas do not overlap, and this will lead to the appearance of zones with very poor reception quality, or none at all signal. About six months ago, I encountered the same problem, a solution was found quite quickly - UniFi.

Example WiFi Settings UniFi in a multi-building car wash service center.

UniFi provides wireless coverage to the Arcadia School District in California (translation).

UniFi provides wireless access upscale hotels in Peru (translation).

Possibilities of UniFi WiFi points:

    One network for all WiFi points.

    Attractive design.

    Easy to install, PoE.

    Displays coverage area and access point locations on the administrator display.

    Centralized wireless network management.

    Guest networks, without access to the local network.

    Create temporary passwords for guest users.

    Automatic software updates on access points.

    High scalability: up to 100 or more points.

    Multiple wireless network with differentiation of access rights.

    Separation of network user traffic by VLAN.

    Fast intranet roaming when switching between access points.

    Monitoring user traffic, identifying sources of increased network load.

    Large coverage area.

    Possibility of generating one-time temporary passwords (relevant for public places: hotels, cafes, etc.)

    Connecting points in repeater mode.

An overview of the capabilities of the UniFi Controller is here.

Implementation of WiFi from Ubiquity in hotels in Peru here (translation).

Hardware controller for Ubiquiti UniFi. UniFi Cloud Key.

What it looks like in practice:

A software controller is installed on one of the network computers, on which all wireless network settings are made.

All settings of points and network parameters are subsequently made through this controller. Below are a couple of screenshots of the settings and appearance.

This is a building plan showing the locations of the points.

Setting up a guest network without access to corporate resources.

Monitoring active clients.

Access point monitoring.

View from above.

The installation and configuration process is extremely simple:

1. Place the points and connect them to the local network; UniFi supports PoE so that you only need an ethernet socket to connect them.

2. Install the software controller on any computer on the network, configure the parameters of WiFi networks, initialize the points, after initialization, the settings from the controller will be applied to the point, and the point will be ready for operation. Even when the controller is turned off, the settings on the points are saved.

Did you like the article? Share with your friends!
Twitter
print
Was this article helpful?
Yes
No
Thanks for your feedback!
Something went wrong and your vote was not counted.
Thank you. Your message has been sent
Found an error in the text?
Select it, click Ctrl + Enter and we will fix everything!
Similar tips
How to take a trust payment on MTS?
How to take a trust payment on MTS?
Ways to increase the speed of a Wi-Fi router Ways to increase speed
Ways to increase the speed of a Wi-Fi router Ways to increase speed
How to set up a universal remote control; Setting up a universal remote control for your TV?
How to set up a universal remote control; Setting up a universal remote control for your TV?
Control your set-top box and TV with one remote control
Control your set-top box and TV with one remote control
Adjusting OS performance
Adjusting OS performance
Replacing the antivirus program with a lighter one
Replacing the antivirus program with a lighter one