Wireless Networking Chapter 16

Objectives Explain wireless networking standards Describe the process for implementing Wi-Fi networks Describe troubleshooting techniques for wireless networks

Overview

Introduction to Wireless Networking Wireless network uses radio waves as the media –Convenient and sometimes the only option –Same OSI layers as wired networks –Same upper-layer protocols as wired networks –Different methods for accessing the media –Wi-Fi IEEE wireless Ethernet standards

Three Parts to Chapter 16 Wi-Fi Standards Implementing Wi-Fi Troubleshooting Wi-Fi

Wi-Fi Standards

Wi-Fi IEEE Standards –802.11a –802.11b –802.11g –802.11n Certified by 300-member Wi-Fi Alliance –Members design and manufacture Wi-Fi products –Certification should ensure compatibility

–Standards define how devices communicate –Some define how to secure communications –Each sub-standard by a IEEE subcommittee –Wireless Fidelity (Wi-Fi) – established baseline features

Hardware –Adapters Wireless Ethernet NICS PCI, PC Card, external USB –Wireless access point (WAP) Basic WAP operates like a hub at Layer 1 Often multiple devices in one box –High-speed hub or switch –Bridge –Router

Figure 16.1 Wireless PCI NIC

Figure 16.2 External USB wireless NIC

Figure 16.3 Linksys device that acts as wireless access point, switch, and DSL router

Software –Wireless device drivers –Wireless configuration utilities –Link state –Signal strength –Other settings Wireless network modes Security Power-saving options

Figure 16.4 Wireless client configuration utility

Wireless Network Modes –Ad hoc mode Also called peer-to-peer mode Uses a mesh topology Independent Basic Service Set (IBBS)

Figure 16.5 Wireless ad hoc mode network

Wireless Network Modes –Infrastructure mode Uses one or more access points Similar to a wired star topology Basic service set (BSS) –Serviced by a single WAP Extended service set (ESS) –Serviced by two or more WAPs

Figure 16.6 Wireless infrastructure mode network

Speed –Dependent on a few factors Standard used by wireless devices Distance Interference Dead spots

Range –Hard to define – “around 150 feet” –Affected by environmental factors

Basic Service Set Identifier (BSSID) –Most basic infrastructure mode network –BSS is one WAP and one or more nodes –BSSID same as the MAC address of WAP –IBSS nodes (ad hoc mode) 48-bit string –BSSID in every packet

Service Set Identifier (SSID) –Another level of naming –Standard name applied to BSS or IBSS –Sometimes called a network name

Extended Service Set Identifier (ESSID) –Wi-Fi network with multiple WAPs (ESS) –Most Wi-Fi devices use term SSID

Broadcasting Frequency –Potential for interference from other wireless devices –Tech must know frequencies of other wireless devices –Original standards use 2.4-GHz frequency

Broadcast Methods –Original IEEE standard used spread- spectrum radio waves Broadcasts data in small, discrete chunks Used different frequencies within a range Three different spread-spectrum broadcasting methods

Direct-sequence spread-spectrum (DSSS) –Sends simultaneously on different frequencies –Early standards used this –Uses ~22 MHz of bandwidth –Capable of greater data throughput than OFDM –More prone to interference than FHSS

Frequency-hopping spread-spectrum (FHSS) –Hops from frequency to frequency –Sends on one frequency at a time –Uses less bandwidth than DSS (~1MHz)

Orthogonal frequency-division multiplexing (OFDM) –Latest method –Combines multiple frequencies of DSSS with FHSS’s hopping capability –Later standards use this

Channels –A portion of the spectrum – standard defined 14 channels –Different countries may limit channels –In U.S. WAP may use channels 1 – 11 –There is overlap –Do not use close channels on nearby WAPs –Most WAPs default to channel 1, 6, or 11

CSMA/CA –Carrier sense multiple access/collision avoidance –Access method Allows multiple devices to share network media –Wireless devices cannot detect collisions –Two collision avoidance methods Distributed coordination function (DCF) Point coordination Function (PCF)

802.11b –Data throughput up to 11 Mbps –Range up to 300 feet –Popular 2.4-GHz frequency is crowded More likely to have interference from other wireless devices

802.11a –Device on market after b –Different from all other standards 5-GHz frequency range Up to 54 Mbps Short range (~150 feet) Never as popular as b Incompatible with b

Summary Standard Frequency Spectrum Speed Range Compatibility GHz DSSS 11 Mbps ~300 ′ Table b Summary Standard Frequency Spectrum Speed Range Compatibility b 2.4GHz DSSS 11 Mbps ~300 ′ b Table a Summary Standard Frequency Spectrum Speed Range Compatibility a 5.0GHz DSSS 11 Mbps ~150 ′ a Table 16.3

802.11g –Up to 54 Mbps –Range of b (~300 feet) –Backward compatible with b –WAP can service both b and g –All g network runs in native mode –Add b devices Mixed mode All communications drop to 11 Mbps max

802.11n –Faster and newer antenna technology –Most devices must use multiple antennae –Multiple in/multiple out (MIMO) –Up to 600 Mbps theoretically –Many WAPs use transmit beamforming –Dual-band WAPs run at 5 GHz and 2.4 GHz –Some WAPs support a devices

802.11g Summary Standard Frequency Spectrum Speed Range Compatibility g 2.4GHz OFDM 54 Mbps ~300 ′ b/g Table n Summary Standard Frequency Spectrum Speed Range Compatibility n 2.4GHz 1 OFDM 100+Mbps ~300 ′ b/g/n 2 1Dual-band n devices can function simultaneously at both 2.4 and 5.0GHz bands. 2Many dual-band n WAPs support a devices as well as b/g/n devices. This is not part of the standard, but something manufacturers have implemented. Table 16.5

Wireless Networking Security –Problem Easy-to-install devices have no default security Network data packets are in radio waves –Three wireless security methods MAC address filtering Wireless authentication Data Encryption

MAC address filtering –Limits access to specific NICs –“Accepted users” list of MAC addresses –List stored in WAP –Rejects packets with other MAC addresses –Alternatively create exclusion list –Problem: hackers can spoof MAC addresses –MAC address must be updated for changes

Wireless Authentication –Users with proper credentials get access –Can use a centralized security database –Requires extra steps for wireless users –802.1X standard RADIUS Server Extensible Authentication Protocol (EAP) password encryption

Wireless Authentication –RADIUS server Provides authentication for network access Enables access to user’s rights on network Client computer is called a supplicant WAP is the Network Access Server (NAS) NAS contacts RADIUS server RADIUS server checks security database User given access if credentials are correct

Figure 16.7 Authenticating using RADIUS

Wireless authentication problem areas –Connection must be secure PPP between supplicant and WAP/NAS IPSec between WAP/NAS and RADIUS server RADIUS server uses an authentication protocol –EAP-TLS –EAP-TTLS –PEAP WAP and wireless NICs must use same authentication protocol

Figure 16.8 Authentication using RADIUS with protocols in place

Figure 16.9 Setting EAP authentication scheme

Data Encryption –Wired Equivalent Privacy (WEP) 64- or 128-bit encryption algorithm Problems –Easily cracked –Only works on Data Link and Physical layers –No encryption above Data Link layer –Key is static and shared –No user authentication

Data Encryption –Wi-Fi Protected Access (WPA) Dynamic encryption key generation –Issued per-user and per-session Temporal Key Integrity Protocol (TKIP) 128-bit encryption key Problem: key can be broken

Data Encryption –Wi-Fi Protected Access 2 (WPA2) Amendment of standard by i –Issued per-user and per-session Uses Advanced Encryption Standard (AES) –128-bit block cipher –Not completely hack proof –Deters casual hackers

Power over Ethernet (PoE) –Power and Ethernet signals via Ethernet ports –Good for WAPs far from power outlets –Both WAP and switch must comply with PoE

Implementing Wi-Fi

Site Survey –What wireless devices are already there? Radio bands in use Existing SSIDs and channels Unique SSIDs Separate channels within same radio band –Locate Interference Sources Create sketch and identify interference sources High-interference area may require n May need multiple WAPs to avoid dead zones

Figure Site survey with interference sources noted

Installing the Client –Read instructions with NIC Install bus NIC and attach antenna Special instructions for USB NIC –Install drivers and software first –Then connect NIC

Figure Wi-Fi PCI NIC installed

Setting up an Ad Hoc Network –Set NICs for ad hoc mode –SSID –IP addresses –Channel –Sharing

Figure Selecting ad hoc mode in wireless configuration utility

Setting up an Infrastructure Network –Placing Access Points Omni-directional and centered –Radio waves flow outward –Standard straight-wire dipole antennae Off-center position Gaining gain Focusing the wave with directional antenna

Figure Room layout with WAP in the center

Figure Replacement antenna on WAP

Setting up an Infrastructure Network –Access Point Configuration Configure the SSID (ESSID) and beacon Configure MAC address filtering Configure encryption Configure channel and frequency Configure the client

Figure Security login for Linksys WAP

Figure Linksys WAP setup screen

Figure Setting the beacon interval

Figure MAC address filtering configuration screen for a Linksys WAP

Figure Encryption key configuration screen on Linksys WAP

Figure Encryption screen on client wireless network adapter configuration utility

Figure Encryption screen with RADIUS option

Figure Changing the channel

Figure Selecting frequency

Figure Typing in an SSID manually

Extending the Network –Adding a WAP –Wireless Bridge Point-to-point Point-to-multipoint –Repeating bridges –Bridges with access point and router functions

Verify the Installation –Move traffic between computers –Always verify installation before leaving

Figure Linksys wireless bridge device

Troubleshooting Wi-Fi

Logical troubleshooting steps –What is the scope of wireless problem? Who is affected –One wireless client? –All wireless clients? What is nature of problem? –What network services do/don’t work? –If some work, others don’t, it is not a network problem When did problem start?

Hardware Troubleshooting –Like PC troubleshooting –Detect driver or resource problems with Device Manager If necessary reinstall the device driver If necessary reset the IRQ resources Device not present? –Reseat PCI card/check connection on USB –Check for CardBus problems

Software Troubleshooting –Wireless adapter configuration User vendor’s driver and configuration utility Use Device Manager to uninstall and install vendor driver and utility –WAP’s firmware version Symptom: client connects, but slow speed Update access point’s firmware

Connectivity Troubleshooting –Not connecting automatically and quickly –Causes Incorrect configuration Low signal strength –Solutions Higher-gain antennae Move PC or WAP Move the interference

Figure Windows XP Professional’s wireless configuration utility

Configuration Troubleshooting –Check SSID Must be identical on all devices –Check MAC address filter list for new NICs –Check security configuration All wireless nodes and WAPs must match Check for mistyped encryption key