120 Chapter 5 www.newnespress.com (layered and virtualized) and being heavily involved in the various standards bodies for the industry and having authored or contributed to a number of the techniques necessary for voice over Wi-Fi, I have a strong interest in certain problems in wireless that may have a solution in the techniques I helped create. But I mention those problems and solutions in sincere belief that the problems of voice mobility that you may experience, and of wireless networking in general, can be solved. In any event, I will not pull any punches, and will address strategies for every architecture you may happen to run across in modern networks. 5.2.4.1 Wireline: Standalone or “Fat” Historically, this was the first wireline architecture for wireless. In a standalone AP network, each access point is entirely independent of the others. In the consumer space, only standalone access points are sold today. However, the first enterprise-grade access points also fell into this style. Each access point has its own management system—whether simple or complex, web-based or command line interface (CLI). The access points each maintain their own configurations, connect to outside services (especially Remote Authentication Dial In User Service, or RADIUS) on their own, and generally have no cooperation with any neighboring access point, even from the same vendor. Most important for mobility, each access point is its own bridge, connecting to the wired network immediately at its Ethernet port, without any tunneling. This means that the access point offers very few or no mobility services. If two access points are connected in different subnets, then the client is required to get a new IP address after a handoff, usually resulting in a dropped call. To avoid this effect, administrators are forced to distribute the subnet to every access point—for multiple-Virtual LAN (VLAN) networks, this means that each access point must be trunked back, across the access and distribution layers of the wired network. These access points can be managed using centralized network management tools, and vendors that offer them incorporate Wi-Fi-specific functionality to attempt to mitigate the complexity of managing thousands of individual access points. The management tool may be software, installed on a server, or it may come as an appliance. Most standalone access points are limited to the typical one or two radios. However, one manufacturer makes multiple-radio standalone access points, which they call arrays. This technology uses sectorization to reduce the coverage pattern for each radio, allowing over a dozen radios to be packed into the larger version. The goal here is for density: if one radio can support a certain number of clients, then 12 radios should support 12 times that amount, all with one cable pull. Understandably, wireless arrays are significantly larger than other access point types. Introduction to Wi-Fi 121 www.newnespress.com 5.2.4.2 Wireline: Controller-Based or “Thin” To overcome the triple concern of lack of mobility services, per-access-point RADIUS connections, and individual management with standalone access points, the wireless controller was introduced around 2002. The management, security, and wireline-bridging functions of 802.11 are removed from the access point and relocated to this separate appliance, called the controller. This controller looks and functions, to some extent, like a router, collecting traffic destined to or coming from the wireless network and exchanging it across one or two wired ports. Controller-based access points are left with only two nonvolatile configuration pieces: the IP address or name of the controller, and the IP address or DHCP settings it is to use when it boots up. Controller-based access points cannot operate on their own. When they power up, they seek out the controller and establish a connection, where they download their configuration into memory. In order to manage or monitor the access point, the administrator must go to the web interface or CLI of the controller. Controllers are usually high-end data processing platforms, although every vendor offers low-end models for small office deployments. These devices have more in common with routers than with computer appliances, as they are built to tunnel data quickly. The management advantage of controller-based architectures is that the statistics and properties of the network can be seen and altered in aggregate. Furthermore, software versioning is taken care of automatically, as the controller upgrades access points to the same version that it is running. The appearance to the administrator is that the access point is somehow “thin,” or lightweight. The reality, of course, is that the controller-based access point is built of the same hardware as a standalone access point, which explains why some vendors offer the option to run either standalone or controller-based software on a given model. Security is also performed centrally. RADIUS transactions are required by the wireless security protocols, and RADIUS needs to have the IP address and password of each device that is allowed to use it for authentication services. With controller-based architectures, there is only one IP to know—that of the controller. Also, because the controller performs the RADIUS authentications, it can cache them as needed, aiding in handoffs. There is variation within the architecture for where encryption is performed. One vendor performs the 802.11 encryption operations on the controller itself; others retain that functionality in the access points. But most notably for voice mobility, the controller-based architectures implement a kind of transparent “Mobile IP.” Data is tunneled from the access point to the controller and vice versa. This allows access points to provide services for networks that they themselves are not placed in. The advantages are readily apparent. A campus with dozens of buildings, each 122 Chapter 5 www.newnespress.com building with its own subnet, can install controller-based access points and yet provide a completely different set of subnets to the wireless devices. A campus-wide, flat voice subnet can be established and dedicated to voice mobility devices, without having to push the subnet throughout the campus, eliminating the need for concern about VLANs, inter-subnet handoffs, and call drops. Moreover, the tunneling used does not involve Mobile IP itself, but rather is an integrated part of the system. There are no additional steps that administrators must take to take advantage of the overlay network that the tunneling provides. Controller-based architectures can still allow for some traffic to be bridged locally, rather than tunneled. However, this is not recommended for campus deployments—especially not for voice—because it brings up the same mobility concerns as with standalone access point deployments. The controller-based wireline architecture currently has the most diversity with the over-the- air architectures. 5.2.4.3 Wireline: Controllerless Controllerless access points are not standalone access points. Although this architecture does not use a controller, the access points are aware of each other and communicate, including setting up tunnels for mobility. Some of the controller functionality remains in a dedicated management appliance, but the data path function of the controller is distributed out in the access points. This is a relatively new architecture, and not widely adopted by the vendors. The advantage claimed by this architecture is the savings of cost of the controller. In order for mobility to work, this means that access points have to take over the role of tunnel endpoints. For networks where the voice mobility subnet is never pushed out to the access layer, the controllerless access point model introduces added complexity, to ensure that enough access points are present in the voice mobility subnet to act as home agents for the voice network, and thus many access points may be required to take the place of one controller. Therefore, controllerless access point architectures lend themselves best to networks that are inherently flat or well distributed already, and where traffic patterns do not concentrate. 5.2.4.4 Wireline: Directly Connected Directly connected architectures take the concept of centralizing to its logical limit. Instead of a controller that has a limited number of ports, this architecture offers a device that has one physical Ethernet port per access point and looks like a switch. Each access point is connected directly, using one Ethernet cable or with two cables tied together with a special booster. Introduction to Wi-Fi 123 www.newnespress.com Direct connection allows even more of the 802.11 functions to be centralized, which vendors may use to provide differing services. On the flip side, requiring a direct, layer-1 connection to the access point inherently limits the size of the network controlled by the appliance, and forces the appliance to be placed at the physical edge of the network. Currently, the one vendor who offers a directly connected wireline architecture uses it to provide a layered over-the-air architecture. 5.2.4.5 Over-the-Air: Static Microcell Static microcell over-the-air architectures usually require the administrator or a planning tool to generate the radio frequency (RF) parameters—channel selection and transmit power, in this case—for the access points. The most basic implementations just require the user to select a channel and power level. Of course, the system may have some defaults, and may even attempt to make some initial scanning to chose “better” channels. Nevertheless, once a choice is made, the choice does not change unless the administrator selects a new value or uploads a new RF plan. This does introduce the concept of RF planning, which will be addressed in the section on RF (Section 5.3). The key to the static (and the subsequent dynamic) microcell architectures is the dedication of the available Wi-Fi channels to avoiding neighboring access point interference, thus resulting in an alternating pattern of channel assignments, where the closest neighbors always have different channels. For static systems, the installer is required to know how to do this by sight, or by using the RF planning tools. Furthermore, because these architectures also require reducing power levels significantly to avoid interference from second-order (further away) neighbors, and lower power levels translates into less range and smaller cell sizes, these architectures are also known as microcell. Standalone access points are the most obvious candidates for static over-the-air architectures, because there is no system changing channels or power levels on the network. However, all of the wireline architectures can be made to behave statically, though how to do so may not be obvious and setting the network in that mode may not be recommended. The advantage of the static architecture is that the RF plan is consistent, thus allowing for a more predictable coverage. The disadvantage is that the network does not react to changes in its environment, such as persistent noise or neighboring network interference. 5.2.4.6 Over-the-Air: Dynamic or Adaptive Microcell Dynamic microcell over-the-air architectures take a different approach than static architectures. The goal of dynamic architectures is to use what is known as radio resource management (RRM; some vendors use similar terms) to adaptively configure the channels, power levels, and other settings of the access points. 124 Chapter 5 www.newnespress.com The reason for transitioning from a stable network to one that is constantly in flux is to attempt to avoid some of the problems inherent in larger 802.11 networks, mentioned in the following sections. The key observation is that radio resources exist and need to be monitored somehow. Broadly, radio resources can be thought of as wireless network capacity, and they are reduced by interference, density, and mobility of wireless clients. The following sections, especially “RF Primer” and “Radio Basics,” will shed light on the specifics of what impacts these radio resources. Dynamic architectures attempt to handle the problem by constantly measuring the various fluctuations in load, density, and neighboring traffic, and then making minute-by-minute adjustments in response. The main tools in the dynamic architecture’s arsenal are, as before, choosing channel settings and transmit power levels. Dynamic architectures end up creating an alternating assignment of channels, in which every access point attempts to chose a different channel from its neighbors and a power level low enough to avoid providing too much duplicated coverage. The advantages of dynamic radio resource management is that the network is able to avoid situations where static networks completely fail—for example, dynamic networks can continue to operate (albeit with reduced capacity) when a microwave oven is turned on, whereas static networks may succumb completely in the area around the interference. The main disadvantage, however, is that the network and its associated coverage patterns are unpredictably changing, often by the minute. This leads to a necessary tradeoff between the disease and the cure. Thus, dynamic systems provide the expert administrator with the ability to go in and turn down the aggressiveness of the adaptation, providing a choice between a more static network or more dynamic network, allowing the administrator to choose which benefits and downsides are best suited for the given deployment. You will find that many voice mobility networks have disabled many of the adaptive features of their networks to ensure a more consistent coverage. Additionally, the smaller and changing cell sizes, along with the wide array of channels that end up being used, leads to issues with handoff that directly affect voice mobility. To help mitigate these problems, network assistance protocols can be used to increase the amount of information that clients, who decide when to hand off and where to hand off to, have at their disposal. Section 6.2.6 explores the network assistance aspects of the microcell architectures in more detail. 5.2.4.7 Over-the-Air: Layered Layered architectures take a different approach than microcell architectures, static or dynamic. Recognizing the problems of radio resource limitations fundamental to Wi-Fi, as well as the added problem of instability produced by the dynamic architecture, the layered architecture changes the purpose of using multiple channels. Whereas dynamic architectures Introduction to Wi-Fi 125 www.newnespress.com end up alternating channels between access points to address the problem of neighbors, layered architectures are able to solve the problem through coordination between the access points. Thus, they are able to reuse the same channel between neighboring access points. These architectures start by creating one channel layer, completely covering the network with just one channel. This is the most basic coverage configuration. To grow the network, the freed up channels can be used to create additional channel layers. Figure 5.4 shows the difference in channel usage between microcell architectures and layered architectures. For channel layering to make sense, the architecture needed to resolve neighborhood problem head on. To do so, the wireline architecture needs to involve a tighter RF coordination between the access points. Currently, the two methods to achieve this are a coordinated extension to the controller wireline architecture, or to use a direct connection of access points to the appliance. The advantage of layering is that it provides the stability to the network that was lost in the dynamic architecture, while avoiding the problems of noise that plague static architectures. An added advantage of layering is that any individual channel layer can act as one campus- wide cell, or BSSID, as far as the mobile device is concerned, without loss of the capacities of the individual access points. Thus, handoffs between access points are eliminated, providing a direct benefit for voice mobility. 5.2.4.8 Over-the-Air: Virtualized The virtualized architecture builds upon the layering architecture, but introduces the notion of complete wireless network virtualization. Wireless LAN (WLAN) virtualization involves creating a unique virtual wireless network (a BSSID) for every mobile device. This allows the network to be partitioned for each client, providing each client with its own set of 802.11 autonegotiated features and parameters. It’s important to note that the per-device containment provided by virtualization differs from the per-device rules and access control enforcement provided by the other architectures. Containment addresses the over-the-air behavior of the client directly, using the standard to enforce the segmentation and the tight resource bounds. The client’s cooperation is not needed or expected. Access control, on the other hand, is fundamentally a cooperative scheme, and clients can choose not to participate in the optional protocols required to make bidirectional access control work. Even downstream policy enforcement cannot stop a client from transmitting what it wants to upstream. However, virtualized Wi-Fi partitions are able to maintain the per-device containment, by transferring control of the network resources from the client to the network, and then using Wi-Fi mechanisms from the network side to ensure that client behavior is limited to the resources that the client is allocated. 126 Chapter 5 www.newnespress.com Access Point Channel 1 Access Point Channel 11 Access P oint Channel 48 Access Point Channel 44 Microcell Over-the-Air Architecture Layered Over-the-Air Architecture Access Point Channel 40 Access Point Channel 36 Access Point Channel 6 Distance Access Point Channel 1 Access Point Channel 11 Access Point Channel 36 Access Point Channel 36 Access Point Channel 1 Distance Figure 5.4: Comparison between Microcell and Channel Layering for the Same Area of Coverage Introduction to Wi-Fi 127 www.newnespress.com Section 6.2.7 explores the network control aspects of the layered and virtualized architectures in more detail. 5.3 RF Primer Understanding how Wi-Fi fits into voice mobility requires knowing how the radios work. It is tempting to want to regard Wi-Fi, because of its convenience, in the same way as wired: connect, and it just works, barring some rare cabling problem. However, Wi-Fi has a large number of different elements that come together to allow the wireless to work and provide high throughput, and the consequences from how some of those elements work need to be understood In this way, one of the major distinctions between voice mobility and simple data networking is that those concerned with voice mobility must become familiar with the finer details. 5.3.1 Channels One Wi-Fi radio does not occupy the entire unlicensed spectrum, unlike frequency-hopping technologies such as Bluetooth. 802.11 divides up the spectrum into a number of different channels. Channels are named with whole numbers, assigned by a formula to specific center frequencies for the channels. The idea behind small number of discreet channels is to carve Architectures and 802.11 Functions In 802.11, the concept of an “access point” is defined to carry one BSSID and one SSID over the air to a set of clients. The access point definition includes every function necessary to make the access point a bridge to wireline Ethernet, including encryption, decryption, connection management, medium access control, and timing functions. However, this concept is only a concept, and the architectures in the market today differ by how they divide the functions of the 802.11 access point across the actual equipment deployed in the network. In general, every architecture ensures that multiple 802.11 access point concepts can be created and operated in each physical access point, thus allowing for multiple BSSIDs—and more importantly, multiple SSIDs—per access point. This starts by having multiple radios within an access point, but is most useful by allowing multiple SSIDs per radio. This is the point of departure for the architectures. Controller-based architectures move parts of the 802.11 access point out of each physical access point and operates them, instead, in the controller, thus sharing those parts across all of the access points. This does not violate the standard, however, because the standard was designed to allow for all kinds of mappings of logical 802.11 entities to physical devices. Ultimately, the best way to choose which 802.11 functions should be centralized—and thus, which type of architecture to invest in when creating a voice mobility network—is to choose based on how well the features meet your needs, and not on architectural principles alone. 128 Chapter 5 www.newnespress.com up the spectrum, helping pack in as many devices as possible and avoiding requiring clients to have to tune in across a wide range of frequencies, the way that analog car radios must. The channel numbers are somewhat arbitrary, and are arranged to let you know what band they occupy. Different 802.11 radio types allow for different channel selections. The two key properties that define how the 802.11 radio uses the spectrum are its center frequency and bandwidth. The center frequency is the one the radio uses to determine where to look for the transmissions. This concept is similar to car radios: FM channel 97.3 means that the radio tunes its center frequency to 97.3MHz. Unfortunately, Wi-Fi channels do not convert as neatly to their center frequencies. Because of this, many people and tools will either interchangeably use the center frequency or the channel number to describe the channel. Wi-Fi uses center frequencies that are always in the gigahertz range. The bandwidth tells which other frequencies are occupied by a transmission. 802.11 radios used for mobility primarily have 20MHz bandwidth, except for 802.11n radios, which can also use 40MHz bandwidths. The channel and bandwidth together show which part of the spectrum the radio occupies. Although the different 802.11 radio types may fill the carved- out part of the spectrum differently, the amount that is carved out is roughly the same for the same bandwidth. Figure 5.5 sketches the general concept. Table 5.10 lists the channels and what radio types can use them. Frequency Power 10MHz 802.11 and 802.11b Frequency Power 10MHz 802.11g, 802.11a, and 802.11n 20MHz Frequency Power 20MHz 802.11n 40MHz Figure 5.5: Shape of 802.11 Frequency Occupation www.newnespress.com Table 5.10: 802.11 Channels Channel Frequency US Band 11b, 11g 11a 11n Notes 1 2.412GHz ISM 2.4 ✓ ✓ Nonoverlapping High power: 1 W maximum. 2 2.417GHz ✓ ✓ 3 2.422GHz ✓ ✓ 4 2.427GHz ✓ ✓ 5 2.432GHz ✓ ✓ 6 2.437GHz ✓ ✓ Nonoverlapping 7 2.442GHz ✓ ✓ 8 2.447GHz ✓ ✓ 9 2.452GHz ✓ ✓ 10 2.457GHz ✓ ✓ 11 2.462GHz ✓ ✓ Nonoverlapping 12 2.467GHz — ✓ ✓ Europe, Japan, Australia. No U.S. or Canada 13 2.472GHz ✓ ✓ 14 2.484GHz 11b only Japan only. Channel 14 does not follow the channel to frequency formula. 36 5.18GHz U-NII 2 Lower ✓ ✓ Indoor use only. Low power: 40 mW maximum 40 5.20GHz ✓ ✓ 44 5.22GHz ✓ ✓ 48 5.24GHz ✓ ✓ 52 5.26GHz U-NII 2 Upper ✓ ✓ Non-DFS for equipment before July 2007 Radar detection and dynamic frequency selection (DFS) required 56 5.28GHz ✓ ✓ 60 5.30GHz ✓ ✓ 64 5.32GHz ✓ ✓ 100 5.50GHz U-NII 2 Extended ✓ ✓ 104 5.52GHz ✓ ✓ 108 5.54GHz ✓ ✓ 112 5.56GHz ✓ ✓ 116 5.58GHz ✓ ✓ 120 5.60GHz ✓ ✓ U.S., Europe, and Japan. No Canada, because of weather radar. 124 5.62GHz ✓ ✓ 128 5.64GHz ✓ ✓ 132 5.66GHz ✓ ✓ 136 5.68GHz ✓ ✓ 140 5.70GHz ✓ ✓ 149 5.745GHz U-NII 3 ✓ ✓ U.S, Canada and Europe. No Japan High power 153 5.765GHz ✓ ✓ 157 5.785GHz ✓ ✓ 161 5.805GHz ✓ ✓ 165 5.825GHz ISM 5.8 ✓ ✓ U.S., Canada and Europe. No Japan. High power . transmission. 802.11 radios used for mobility primarily have 20MHz bandwidth, except for 802.11n radios, which can also use 40MHz bandwidths. The channel and bandwidth together show which part. neighbors, and lower power levels translates into less range and smaller cell sizes, these architectures are also known as microcell. Standalone access points are the most obvious candidates. resources exist and need to be monitored somehow. Broadly, radio resources can be thought of as wireless network capacity, and they are reduced by interference, density, and mobility of wireless