Professional Documents
Culture Documents
Upon completion of this chapter, you will be able to perform the following
tasks:
Overview
This 70 hour wireless LAN (WLAN) course focuses primarily on the design, planning,
implementation, operation, and troubleshooting of wireless LANs. Chapter 1 provides an
introduction to this rapidly evolving technology. Subsequent chapters will cover topics
including WLAN standards, network interface cards (NICs), radio technologies,
topologies, access points (APs), bridges, antennas, security, site survey, troubleshooting
and emerging technologies.
In simplest terms, a wireless local-area network (WLAN) provides all the features and
benefits of traditional LAN technologies such as Ethernet and Token Ring without the
limitations of wires or cables. But in a larger sense, WLANs redefine the way we view
LAN connectivity. Connectivity no longer implies physical attachment. WLANs can now
cover miles or kilometers without the installation of a fixed wired infrastructure. The
infrastructure is no longer static, buried in the ground or hidden behind the walls, it is
dynamic, mobile and can move and change at the speed of the organization.
Figure 1 shows several basic WLANs. Workstations with wireless NICs connect to a
base station or to other workstations using either infrared light (IR) or radio frequencies
(RF). Wireless devices are not restricted by physical connections, or to a fixed location.
The freedom and flexibility of wireless networking can be applied to mobile devices, as
well as to devices within buildings or between buildings. A WLAN need not be
completely wireless. Examples in Figure 1 show portions of the LAN that are also wired.
Wireless devices can be simply a part of the traditional wired LAN.
Figure 1:
Wireless devices are often referred to as wireless clients or clients. The base station is
also called an access point (AP).
Figures 2 through 5 cover the primary logical icons or symbols that will be utilized in this
course.
Wireless Wireless
Signal Signal Hand-held
Data Entry
Terminal
Directional
Satellite Satellite Dish
Antenna
Figure 2:
So why haven’t we been using wireless systems all along? Wireless data systems have
been limited in data speeds. High cost of first generation WLAN devices and the lack of
standards have limited the adoption of wireless systems.
With the development of current wireless standards, IEEE 802.11 and WI-FI
standardization certification (1, 2) , the technology now supports the data rates and
interoperability necessary for acceptable LAN operation. Cost of the new wireless
devices have decreased significantly and now provide an affordable option to wired LAN
connectivity. Best of all, these devices do not require special FCC licensing and safely
operate at very low power levels.
Web Resources
http://www.wi-fi.org
http://www.wlana.com
http://grouper.ieee.org/groups/802/11/index.html
http://www.sss-mag.com/wlan.html#info
Figure 1:
Benefits of Wireless LANs
• Mobility
• Scalability
• Flexibility
• Short and long term cost savings
• Installation advantages
• Reliability in harsh environments
• Reduced installation time
Figure 2:
WLAN value-added features for:
Benefits of Wireless LANs
• IT professionals or business executives who want mobility
• Mobility
within the enterprise
•• Scalability
Business owners or IT directors who need flexibility for
• Flexibility
frequent LAN wiring changes
•• Short and longwhose
Any company term cost
site savings
is not conducive to LAN wiring
• Installation advantages
because of building or budget limitations, such as older
• Reliability in harsh
buildings, leased environments
space, or temporary sites
•• Reduced installation time
Any company that needs the flexibility and cost savings
offered by a line-of-sight, building-to-building bridge to
avoid expensive trenches, leased lines or right-of-way issues
Current wire-based Ethernet LANs can operate up to gigabit speeds, 1000Mbps. So why
use wireless? In many small LANs, 11Mbps is adequate to support the application and
users needs. Also, since most offices are now connected at broadband Internet speeds
such as DSL or cable, WLANs can easily handle the bandwidth demands. In addition,
WLANs offer many additional benefits (Figure 1):
• Mobility - Users have the freedom to roam, while still remaining connected.
• Scalability – Networks can grow rapidly, adding more users without the
installation of a significant physical infrastructure.
• Flexibility – WLANs can be used in many different setups, including mobile
clients, in single buildings, or across multiple metropolitan sites. In situations
where frequent LAN wiring changes are needed, WLANs would not incur
rewiring costs during offices reconfigurations.
• Installation advantages - WLANs can be used to provide site-to-site
connectivity up to 25 miles. They can provide connectivity between sites that are
separated by physical or geographical barriers that would make installation of a
physical media difficult if not impossible.
• Reliability in harsh environments – WLAN connections could be used in harsh
environments, which may be destructive to a physical media.
WLANs would not eliminate the need for Internet Service Providers (ISP). Internet
connectivity would still require service agreements with local exchange carriers or ISPs.
Also, WLANs do not replace the need for traditional wired routers, switches and servers
in a typical LAN.
WLANs offers superior benefits for home office, small business, medium business,
campus networks and corporations which (Figure 2):
• Require only standard Ethernet LAN speeds or broadband Internet connections –
current wireless technologies provide up to 11Mbps data rate.
• Benefit from roaming users
• Undergo frequent reconfiguration of their physical network layout
• Face significant difficulties installing wired LANs – In historical buildings, where
construction may be restricted, or in buildings with solid concrete walls, wireless
options may be the only viable option.
• Need connections between multiple metropolitan sites – Wireless connections can
span distances (line-of-sight) up to 25 miles.
Figure 1:
Just as the 802.3 Ethernet standard allows for data transmission over copper media
(twisted-pair and coaxial cable), the 802.11 WLAN standard allows for transmission over
wireless media: infrared light and two types of radio transmission. Radio transmission,
within the unlicensed 2.4-GHz frequency band, uses frequency hopping spread spectrum
(FHSS) and direct sequence spread spectrum (DSSS).
The history of technology improvements in WLANs can be summed up with the mantra
"Faster, Better, and Cheaper." Wireless data rates have increased from 1 to 11 Mbps,
interoperability has become a reality with the introduction of the IEEE 802.11 standard,
and prices have decreased dramatically. Improvements will continue in WLANs as the
technology matures.
Apple AirPort
Compaq WL Series
3Com AirConnect
Many vendors are competing in the WLAN market. A representative list (by no means
complete) include: the Buffalo Airstation from Buffalo Technologies; the Aironet
340/350 from Cisco; DWL-1000 AP from D-Link; RoamAbout Access Point 2000 from
Enterasys; Intel Pro/Wireless 2011 Access Point from Intel; Intermec 2102 Universal
Access Point from Intermec; Orinoco AP-1000 Access Point from Lucent; Harmony
802.11 Access Point and Access Point Controller from Proxim; Spectrum 24 Access
Point from Symbol Technologies; BreezeNet from BreezeCom; AirPort from Apple
Computer; Compaq WL series; and RadioLAN mobilink from RadioLAN. Figures 1 and
2 show product comparisons.
Many working groups and wireless organizations are dedicated to wireless technologies.3
HomeRF is building a home networking protocol and standard for all types of home-
based cordless devices, and is petitioning the FCC for rules modifications that will permit
high-speed frequency hopping (FH) using 5-MHz channels. Bluetooth is designed as a
peripheral interconnect wireless point-to-point protocol. Bluetooth and 802.11b will
operate in the same spectrum, giving the potential for some interference (resulting in
lower throughput). HiperLAN2 is a next-generation technology that will deliver 54-Mbps
wireless access in the 5-GHz spectrum. IEEE 802.11a specifies equipment operating at 5-
GHz that supports data rates up to 54-Mbps. WAP, Wireless Application Protocol, is an
organization that defines industry-wide specifications for developing applications that
operate over wireless communication networks.
Following chapters will cover the general technologies behind 802.11b WLANs such as
radio technologies, design, site preparation and antenna theory as well as detailed
coverage of the Cisco Aironet products and accessories. By the end of this course,
students should be able to design WLANs with multiple vendor products.
Web Resources
NetworkWorld Fusion
http://www.nwfusion.com/reviews/2001/0205rev.html
ZDNet
http://www.zdnet.com/pcmag/stories/reviews/0,6755,2472697,00.html
Bluetooth
http://www.bluetooth.com/
HomeRF
http://www.homerf.org/
HiperLAN2
http://www.hiperlan2.com
This section gives an introduction of the OSI reference model physical layer, with the
emphasis on wireless capabilities.
The foundation of a LAN, wired or wireless, is defined by Layer 1 or the physical layer
of the OSI reference model. The physical layer defines the electrical, mechanical,
procedural, and functional specifications for activating, maintaining, and deactivating the
physical link between end systems. Wireless technologies perform the same functions in
WLANs as the wired media (such as UTP, STP, coaxial, or fiber) in wired LANS.
In designing and building networks, be certain to comply with all applicable fire codes,
building codes, and safety standards. Follow all established performance standards to
ensure optimal network operation and to ensure compatibility and interoperability among
the various vendor equipment and options.
Wireless signals are electromagnetic waves (Figure ), which can travel through the
vacuum of outer space or through media such as air. No physical copper-based or fiber
optic medium is necessary for wireless signals, making them a very versatile way to build
a network
The interactive calculator in Figure allows you to verify this relationship. Experiment
with the following activities:
In either case, the calculator displays the type of electromagnetic wave associated with
the calculation.
Some wireless technologies require “line of sight” whereas others can operate from
reflected signals. Wireless technologies operate at different power levels ranging from
less than 1mW to greater than 100 KW. Radio technologies are covered in detail in
Chapter 3.
In summary, a common application of wireless data communication and the focus of this
course is wireless LANs (WLANs), which are built in accordance with the IEEE 802.11
standards. WLANs typically use radio waves (e.g. 902 MHz), microwaves (e.g. 2.4
GHz), and Infrared waves (e.g. 10 TeraHz) for communication. Wireless technologies are
a crucial part of the future of networking.
Web Resources
http://www.ntia.doc.gov/osmhome/allochrt.pdf
http://www.kellyandwilmore.com/html/contact_information.html
Figure 1: LAN wireless installation graphics :(Inside Access Point deployment &
antenna installation)
When designing networks, it is important to calculate all the costs involved. When
installing LAN media, building design and construction must be considered. Some
factors include existing HVAC, water, drain, lightings and electrical systems in addition
to structural design materials such as drywall, concrete, wood and steel. Fire codes have
to be considered as well. Additional considerations using wireless LAN communication
involve physical obstacles, electronic interference and building codes. An advantage of
installation of a WLAN is that it typically involves installing just wireless access points
and wireless devices or clients (Figure 1).
LANs will quickly become a hybrid of wired and wireless systems. In larger enterprise
networks, the core and distribution layers will continue as wired backbone systems
typically connected by fiber optics and UTP. The access layer will be the most affected
by wireless deployment.
Building to building connections with fiber optics has typically been used in campus
networks requiring high-speed connections up to gigabit speeds. However, the
installation of fiber optic cable between buildings is very expensive and time consuming.
Even installation over short distances are difficult due to existing underground utilities,
concrete, and other structural obstacles. Lashed aerial installation (Figure 2) is an
alternative installation choice. Currently, WLANs have become a popular choice since
it requires only installing mounted antennas.
Typically, the further the distance between building, the higher the cost of wireless LAN
installation. The standard “rubber duckie” antennas will not work, towers and special
long distance antennas are required (Figures 3,4,5). Obstacles and design problems are
much more likely. Tower installations can be expensive depending on the height and
construction requirements. However the initial cost may be recouped within the first year.
Savings are generated from increase productivity from greater bandwidth and of course,
discontinued monthly Telco fees. A T-1 line typically costs between $400 to $1,000 per
month. For a site with four buildings, that could cost anywhere from $15,000 to $36,000
per year. In a wireless system, payback for the hardware costs incurred could actually be
less than a year.
If a T-1 line is not available, or if the buildings are located on the same property, an
underground cable is an option. Trenching however can cost over $100/foot, depending
upon the task. Connecting three buildings located 1000’ apart could cost in excess of
$200,000!
Microwave is a solution for some sites where distance is close, reliability is not critical,
and money is no object. With Microwave, an FCC license is required. The cost of the
Todays networks face demands of higher bandwidth, more users, more applications, more
mobility. A hybrid of both wired and wireless technologies generally provides the most
cost effective design solution.
Site design, preparation, and survey will be covered in detail later in the course. These
must be completed before making deployment decisions.
Figure 1:
10 Mbps
Cisco Aironet Products
4 Mbps Spread
Spectrum
Data Rates
2 Mbps
Infrared
Wireless
Wireless Wireless
LANs LANs
1 Mbps Data Networks
56 Kbps
Broadband PCS
Metricom
19.6 Kbps Circuit & Packet Data
Cellular, CDPD, RAM, ARDIS
9.6 Kbps Narrowband Satellite
Wireless LANs Narrowband PCS
Figure 2:
Variables of Wireless Technologies
Wireless technologies using radio involve a multitude of systems that span the frequency
spectrum. The term radio can be defined as:
Spread spectrum WLANs using RF are only one small part of the entire frequency
spectrum 1, and is the focus of this course.
Frequencies used vary from VLF (very low frequency) for world wide communications,
to GHz frequencies used in satellite transmission. Lower frequencies tend to be refracted
by the earth’s atmosphere, and make use of reflected waves. Higher frequencies are not
refracted and make use of direct, line-of-sight waves. 3
While many amazing wireless technologies exist, this course will focus on digital two-
way data wireless technology, namely 802.11b.
Web Resources
! Cellular-Microwave
o First Generation- (AMPS, CDPD) Analog systems use continuous
electrical signals for the transmission and reception of information.
Speeds up to 14.4 Kbps
o Second Generation –(PCS) are turning towards the use of digital
signals, Digital systems have several advantages including allowing
better coverage, more calls per channel, less noise interference, and
the ability to add new features and functions such as short messaging.
Up to 64 Kbps
o Third Generation-3G (IMT2000) – UMTS (Universal Mobile
Telecommunications System) - is a mobile technology that will
deliver broadband information at speeds up to 2 Mbps. Besides voice
and data, UMTS will deliver audio and video to wireless devices
anywhere in the world through fixed, wireless and satellite systems.
UMTS services will launch commercially sometime in the year 2001.
! Other Microwave
o LMDS and MMDS -Local or Multichannel Multipoint Distribution
Services. LMDS running at 28 GHz operates offers line-of-sight
coverage over distances up to 3-5 kilometers with speeds up to
155Mbps, but average around 38 Mbps (downstream). MMDS
operates at 2 – 3 GHz and transfer rates are as high as 27 Mbps and
up to 30 miles. MMDS requires FCC licensing. Cisco’s Broadband
wireless Vector Orthagonal Frequency Division Multiplexing
(VOFDM) system operates under MMDS or U-NII covered below.
o U-NII - Unlicensed National Information Infrastructure. U-NII
spectrum is located at 5.15-5.35 GHz (HiperLAN) and 5.725-5.825
GHz and transfer rates are as high as 45Mbps.
o DSSS and FHSS – Includes direct sequence spread spectrum (DSSS)
and frequency hopping spread spectrum (FHSS). Wireless LANs
including 802.11b operating at 11 Mbps line of sight coverage up to
25 miles.
Cellular radio provides mobile telephone service by employing a network of cell sites
distributed over a wide area. 1 A cell site contains a radio transceiver and a base station
controller which manages, sends, and receives traffic from the mobiles in its geographical
area. A cell site also employs a tower and its antennas, and a link to a distant switch
called a mobile telecommunications switching office (MTSO). The MTSO places calls
from land-based telephones to wireless customers, switches calls between cells as
mobiles travel across cell boundaries, and authenticates wireless customers before they
make calls.
A key principle used by cellular is frequency reuse. Low powered mobiles and radio
equipment at each cell site permit the same radio frequencies to be reused in different
cells, multiplying calling capacity without creating interference. This spectrum efficient
method contrasts sharply with earlier mobile systems that used a high powered, centrally
located transmitter, to communicate over a small number of frequencies with high
powered mobile units. Channels were then monopolized and could not be re-used over a
wide area.
Complex signaling routines handle call placements, call requests, handovers ( call
transfers from one cell to another), and roaming (moving from one carrier's area to
another). Different cellular radio systems use frequency division multiplexing (analog),
time division multiplexing (TDMA), and spread spectrum (CDMA) techniques. Despite
different operating methods, AMPS, PCS, GSM, E-TACS, and NMT are all cellular
radio. 2 They all rely on a distributed network of cell sites employing frequency re-use.
Mobile operators are rapidly migrating their existing infrastructures from proprietary "old
world" circuit switched networks to open standards based third generation (3G) networks
based on IP. The 3G reference architecture is based on open interfaces and achieves
harmonization across access technologies. Having a common IP core, distributed peer-to-
peer IP-based architecture for scalability, and IP standard interfaces to billing and
customer care will allow mobile operators to offer new mobile voice and data services.
Web Resources
FCC
http://www.fcc.gov/
Figure 2:
Wireless Clients
Wireless Clients
Wireless Topology
Figure 1 shows a basic wireless topology. The base station (access point) acts as a hub,
center point for connectivity. Rather than wired connections to the devices, the physical
layer connectivity is via wireless. Functionally, the wireless topology behaves the same
as its corresponding wired topology. The wireless portion of the network can be
connected to a wired network, with the access point acting as a bridge to the Internet or
other workstations.
The basic components required are the access point (AP) and wireless clients (Figure 2).
Each wireless client will need a wireless client adapter (wireless network interface card).
Wireless access points operate at low power levels and limited distances to utilize
frequency reuse. Each area covered by access points (APs) can use the same frequency
range.
In-Building WLANs
WLAN technology can extend the reach and capabilities of, or completely replace a
traditional wired network. In-building WLAN equipment consists of access points and
workstations with PC Card, Personal Computer Interface (PCI), and Industry-Standard
Architecture (ISA) client adapters. The access point (AP) performs functions similar to
wired networking hubs. A WLAN can be arranged in a peer-to-peer or ad hoc topology
using only client adapters (no access points).
WLANs provide flexibility not found in traditional LANs. Desktop client systems can be
located in places that are impractical or impossible to run cables to. Desktop PCs can be
redeployed anywhere within a facility as frequently as needed to accommodate temporary
workgroups and fast-growing organizations.
Building-to-Building WLANs
WLAN technology redefines the "local" in LAN. With a wireless bridge, networks
located in buildings miles apart, metropolitan area network (Figure 3), can be integrated
into a single ‘LAN’. It would not face obstacles of freeways, lakes, and even local
governments that would be encountered if using traditional copper or fiber-optic cable. A
wireless bridge can span buildings up to 25 miles apart, typically line of sight, while
requiring no license or right of way.
The Cisco Aironet 340/350 series includes client adapters (PCMCIA and PCI (personal
computer interface); wireless APs and antennas; and a group of wireless, line-of-sight
Web Resources
WirelessCentral.net
http://www.wirelesscentral.net/
The 340/350 series line of client adapters is shown in Figure 1. They come with a set of
device drivers for most operating systems, including Window 95, Windows 98, Windows
NT, Windows CE, Windows 2000, Macintosh, and Linux. 2
The access point (AP) or base station is a wireless LAN transceiver that can act as the
hub, center point of a stand-alone wireless network or as the bridge, connection point
between wireless and wired networks. Multiple APs can provide roaming functionality
allowing wireless users freedom to roam throughout a facility while maintaining
uninterrupted connectivity to the network.
The Cisco Access Points (APs) come in several models (Figures 1, 2, 3). The 340 Series
allows for an increased number of association table entries, and support both RJ45
connectors and 10/100 Ethernet. All APs use nonvolatile FLASH ROM to store firmware
and configurations.
Figure 2:
Bridge Features
• Building-to-building connectivity at up to 25
miles (line of sight)
• Point-to-point and Point-to-multipoint
• Cost-effective alternative to leased line/T1
• Rapid, simple deployment and redeployment
• No government license required
Any Cisco AP can be used as a repeater (extension point) for the wireless network. A
wireless bridge provides high-speed, long-range, line-of-sight wireless connections
between Ethernet networks. An example, Cisco Aironet 340/350 series line of wireless
bridges, is shown in Figure 1.
Wireless Antennas
for Access Points
Rubber DiPole Pillar Mount Ground Plane Patch Wall Ceiling Mount Ceiling Mount
High Gain
Type Omni Directional Omni Directional Omni Omni
Gain 2.15 dBi 5.2 dBi 5.2 dBi 8.5 dBi 2.2 dBi 5.2 dBi
N/A 3’ 3’ 3’ 9’ 3’
Cable Length
Figure 2:
Wireless Antennas
for Bridges
Patch Wall Mast Mount Mast Mount Yagi Mast Solid Dish
High Gain
Type Directional Omni Omni Directional Directional
Antennas, used to transmit and receive the wireless signal for APs and wireless bridges,
come in an assortment of shapes and sizes. Different types are designed to provide
different transmission patterns (directional or omni-directional), gains, beam width, and
Lightning Arrestor
The Cisco Aironet antennas and RF devices use coaxial transmission lines with reverse
polarity TNC (RP-TNC) connectors. The lightning arrester uses the same connectors,
and is designed to protect the spread-spectrum WLAN devices from static electricity and
lightning surges that travel on coaxial transmission lines.
The lightning arrester prevents energy surges from reaching the RF equipment by
shunting the current to ground. Surges are typically limited to less than 50 volts, in about
0.1 microseconds. A typical lightning surge is about 2.0 microseconds. The accepted
IEEE transient (surge) suppression is 8 microseconds.
Figure 1:
Historical Market Inhibitors
Market Materialization
• Standardization
IEEE 802.11b standards
• Technological maturity
Better security – 128-bit encryption
Longer range access points
11-Mbps throughput speeds
• Horizontal applications
Extension of wired solutions
Connecting mobile workers
Over the last decade, the networking and wireless communities expected each year to
become “the year of the wireless LAN.” Through the 1990s, each year saw another step
in laying the groundwork for the acceptance of wireless technology. Historically,
wireless LANs and WANs were seen as separate, discrete solutions designed to solve
specific problems. Immature technology, security concerns, and slow connectivity
speeds kept wireless LAN technology from becoming a viable alternative to wired LANs.
Market acceptance encourages new applications of wireless LAN technology across the
enterprise. For the first time, wireless LAN applications are seriously considered as a
means to complete the network and even create a network. As users begin to enjoy the
benefits of being connected anywhere, anytime the widespread acceptance of wireless
enterprise solutions will continue to grow.
• Higher speeds
• Interoperability
• Lower prices
Figure 2:
Wireless LAN sales are expected to grow from $771 million in 1999 to $2.2 billion in
2004.1 This technology has several immediate applications, including:
• IT professionals or business executives who want mobility within the enterprise,
perhaps in addition to a traditional wired network
• Business owners or IT directors who need flexibility for frequent LAN wiring
changes, either throughout the site or in selected areas
• Any company whose site is not conducive to LAN wiring because of building or
budget limitations, such as older buildings, leased space, or temporary sites
• Any company that needs the flexibility and cost savings offered by a line-of-sight,
building-to-building bridge to avoid expensive trenches, leased lines, or right-of-
way issues
Figure 1:
Figure 2:
Horizontal Applications
The four main requirements for a WLAN solution are availability, scalability,
manageability, and that it must be an open architecture. 1
Figure 1:
Challenges
• Radio Signal Interference
• Power Management
• System Interoperability
• Network Security
• Reliability/Connection Problems
• Installation Issues
• Health Risks
Figure 2:
Cardboard Paper
Wood Fire Walls
Microwave Fluorescent
Electrical Lighting
Ovens
Transformers
Figure 3:
Building-to-Building
Design Considerations
Channel 1
•Third-party inference from same channel usage
•Potential problem in congested areas
Channel 1
Site 1C
Site 2A
Site 1D
Site 1A
Site 1B
Site 2B
Many other devices — such as portable phones, microwave ovens, wireless speakers, and
security devices — use these frequencies. The amount of mutual interference experienced
from these devices is unclear. However, as this unlicensed band becomes more crowded,
it's likely that interference will appear. Furthermore, physical objects and building
structures will create various levels of interference.
There are some "common sense" things to know and watch out for. First, understand that
operation in unlicensed bands carries with it an inherently higher risk of interference,
because it lacks the controls and protections provided by licensing. In the United States,
for example, the Federal Communications Commission (FCC) does not prohibit a new
user from installing a new unlicensed-band radio link in your area and on
"your" frequency. In such cases, interference may result. There are two warnings you
should be aware of.
First, if someone installs a link that interferes with you, chances are good that you will
also be interfering with them., Hopefully they will note the problem at the time of
installation and choose another frequency or channel. Second, with point-to-point links
that employ directional antennas, any signal source (of a comparable power level) that
would likely cause interference would have to be closely aligned along your own path
axis; the higher the gain of the antennas you are using, the more precisely the interfering
signal would have to be aligned with your path in order to cause a problem. Thus for
point-to-point links, it is important to use as high gain antennas as is practicable.
There are also licensed users who sometimes operate in the "unlicensed" bands. The
unlicensed bands are allocated on a shared basis, and while there may be no requirement
for a license for low-power datacom applications with approved equipment, other
licensed users may be allowed to operate with significantly higher power. An important
example is operation of US government radar equipment in the US U-NII band at 5.725
to 5.825 GHz. These radars operate at peak power levels of millions of watts, and can
cause significant interference problems in this band. Therefore, it's important to survey
your site to determine if there are any airports, military bases, etc. where such radars may
be located. If so, you should be prepared to experience periods of interference.
A licensed user, operating in a licensed band, should experience interference problems.
If you are experiencing such problems, there are legal recourses for resolution of the
matter.
Figure 1:
Power-Consumption Issues
• Three client adapter modes
CAM = Constant awake mode
Power not an issue
High availability
PSP = Power save mode CAM
low
tF
Power is an issue ta n
ons
C
AP buffers messages
Wakes up periodically to retrieve data Occasional Flow
Buffered when Asleep
FastPSP = Fast power save mode
Switch between CAM and PSP
PSP
C
on
Users who switch between AC and DC Bu Oc
st
an
ffe ca
t
re sio
Fl
• Default is CAM d
wh nal
ow
en Flo
As w
• Available only on PC cards le
ep
Power consumption while roaming is always an issue because of limited battery life. To
address these concerns, three modes for power are available with Cisco PC cards:
• CAM—constant awake mode—is best when power is not an issue. This would be
when AC power is available to the device. CAM provides the best connectivity
option and, therefore, the most available wireless infrastructure from the client’s
perspective.
• PSP—power save mode—should be selected when power conservation is a
concern . In this mode, the wireless NIC will go to sleep after a period of
inactivity and periodically wake to retrieve buffered data from the AP.
• FastPSP—fast power save mode—is a combination of CAM and PSP. This is
good for clients who switch between AC and DC power.
Even with standards, true interoperability is not a reality. Most vendors try to tie you to
using their APs and NICs. They offer some degree of reduced capability when mixing
and matching equipment of different vendors. In most cases, the issues are largely
cosmetic, but they will result in increased calls to the help desk when some features do
not work.
Until the next generation of products are released, system managers have a difficult
decision: Use a single-vendor system, with all the NICs and APs coming from the same
vendor, or forgo the more advanced management tools.
Figure 1:
Brute force attack (40/56 bit key) Vulnerable Vulnerable Fixed Vulnerable
The wired equivalent privacy (WEP) option to the 802.11 standard is only the first step in
addressing customer security concerns. WEP supports both encryption and authentication
options as specified in the 802.11 standard. With WEP enabled, each station (clients and
access points) has up to four keys for use to encrypt the data before transmission . When
a station receives a packet that is not encrypted with the appropriate key, the packet is
discarded .
Although the 802.11 standard provides strong encryption services to secure the WLAN,
the means by which the secure keys are granted, revoked, and refreshed is undefined.
Fortunately, several key administration architectures are available for use in the
enterprise. The best approach for large networks is centralized key management on
encryption key servers. Encryption key servers provide for centralized creation of keys,
distribution of keys, and ongoing key rotation. Key servers enable the network
administrator to command the creation of RSA public/private key pairs at the client level
that are required for client authentication.
Figure 1:
1 Mbps DSSS
2 Mbps DSSS
11 Mbps DSSS
Most wireless LAN systems use direct sequence spread-spectrum technology (DSSS), a
wideband radio frequency technique developed by the military for use in reliable, secure,
mission-critical communications systems. DSSS is designed to trade off bandwidth
efficiency for reliability, integrity, and security. 1 The bandwidth tradeoff produces a
signal that is easier to detect. If bits in the chips are damaged during transmission,
statistical techniques can recover the original data without the need for retransmission.
Connection issues still exist in wireless environments where obstacles may block, reflect
or impede signals. Antenna choice and mounting location must be carefully considered
to avoid future interferences. In many cases, the bandwidth may drop significantly, even
though connection is not lost. Lack of guaranteed bandwidth is a major concern for many
companies.
Figure 2:
Line-of-Sight
Line-of-Sight
Not all sites are created equal. Even similar sites can be very different. For instance every
Wal-Mart or Sears store is different from other Wal-Mart or Sears stores. This requires a
slightly different approach to the installation at each site.
Customer input is a requirement. Coverage may not be needed in some areas, while other
areas may require 100% coverage. The customer is the only one who can determine this!
For optimum site performance, be sure to test for proper AP placement and the antenna
type. Check for obstructions that can affect the line-of-sight communications link. 2
There are safety concerns regarding antennas or the radio system in general. Aside from
safety concerns about climbing structures or working with dangerous AC line voltage,
there is also the issue of exposure to RF radiation.
There is still much debate, concerning the safe limits of human exposure to radio
frequency (RF) radiation. (Note that the use of the word "radiation" does not connote any
linkage to or issue with nuclear fission or other radioactive processes.) The best and
easiest general rule is to avoid any unnecessary radiated RF energy. Don't stand in front
of, and in close proximity to, any antenna that is radiating a signal. (Antennas that are
only receiving do not pose any danger.) For dish-type antennas, the areas to the back or
Always assume any antenna is transmitting RF energy, especially since most antennas
are used in duplex systems. Be particularly wary of small-sized dishes (one foot or less),
as these are often radiating RF energy in the tens of gigahertz frequency range. As a
general rule, the higher the frequency, the more potentially hazardous the radiation.
Looking into the open (unterminated) end of a waveguide that is carrying RF energy at
ten or more GHz will cause retinal damage even if exposure lasts only tens of seconds
and the transmit power level is only a few watts. There is no known danger associated
with looking at the unterminated end of coaxial cables, but in any case, be careful to
ensure that the transmitter is not operating before removing or replacing any antenna
connections.
In order to comply with RF exposure limits established in the ANSI C95.1 standards, it is
recommended when using a laptop with a PC card client adapter that the adapter's
integrated antenna be positioned more than 2 inches (5 cm) from any persons during
extended periods of transmitting time. If the antenna is positioned less than 2 inches (5
cm) from the user, it is recommended that the user limit exposure time.
IEEE 802.11b standard, 11 Mbps WLANs operate in the 2.4-GHz frequency band where
there is room for increased bandwidth. Using an optional modulation technique within
the 802.11b specification, it is possible to double the current data rate. 22 Mbps is
planned for the future. Wireless LAN manufacturers migrated from the 900-MHz band to
the 2.4-GHz band to improve data rate. This pattern promises to continue, with a broader
frequency band capable of supporting higher bandwidth available at 5-GHz. IEEE has
already issued a specification (802.11a) for equipment operating at 5-GHz that supports
data rates up to 54-Mbps. This generation of technology will likely carry a significant
price premium when it is introduced sometime in 2001. As is typical, this premium will
decrease over time while data rates increase: the 5.7-GHz band promises to allow for the
next breakthrough data rate—100 Mbps. Performance will undoubtedly continue to
improve, making wireless technologies an attractive choice in the implementation of
networks.
Upon completion of this chapter, you will be able to perform the following
tasks:
Overview
This chapter will cover the IEEE 802.11b standard in detail, including data link and
physical specifications. Client adapters, driver types and client support will also be
presented. You will learn how to install, configure and monitor wireless network
interface cards (NICs).
• Benefits
o Interoperability
o Fast product development
o Stability
o Upgradability
Figure 2: o Cost reduction
Flash Animation: Show the wireless signal originate with brand A, received by
brand C & brand B. Maybe show some file transfer on the screen between each
laptop as the signals blink on. Purpose is to demonstrate 802.11 interoperability
in an BSS-Ad Hoc network.
Brand A Brand B
Wireless NIC Wireless NIC
Brand C
Wireless NIC
2-2 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
Figure 3:
Flash Animation: Show the wireless signal originate with brand A, B & C. Maybe
show some web browsing on each laptop as the signals blink on. Purpose is to
demonstrate 802.11 interoperability in an ESS – network between various NICs
and one brand of AP.
Brand A
Access Point
Brand A Brand B
Wireless NIC Wireless NIC
Brand C
Wireless NIC
One of the primary reasons for rapid growth in the entire networking industry is due to
standards. This is true for wireless as well. Prior to any wireless standards, wireless
systems were plagued with low data rates, incompatibility and high costs. As a result,
only a few businesses adopted wireless technology into their networks.
There are two primary types of standards: public and official. Public standards,
sometimes referred as a de facto standards, are controlled by private groups or
organizations. They are common practices that have not been produced or accepted by
an official standards organization. TCP/IP and the first Ethernet implementation were de
facto standards, due to their widespread use. They have since become official standards
when they were eventually adopted by official organizations.
Why are standards needed? Standards support greater interoperability among multiple
vendors. Product development is facilitated because the technology has been developed
and tested. Product stability, future migration and reduced cost are other advantages of
having standards. One of the reasons why Ethernet technology has evolved from a
10Mbps standard using coaxial cable, to a 100 and 1000+ Mbps standard over UTP and
optical fiber, to now being the predominant technology in LANs is that it is an official
standard. Multiple vendors produce Ethernet devices that work compatibly and
interoperably with other vendor devices, all following the same standard. Current work
on a 10 Gbps and long-range Ethernet technology standards will no doubt insure a place
for Ethernet in future networks. It is quite possible that wireless LANs will experience
the same widespread adoption with the publishing of the IEEE 802.11b and 802.11a
standards.
2-4 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
2.1.2 IEEE 802.11
Figure 1:
IEEE LAN/MAN Standards
• 802.0 SEC
• 802.1 High Level Interface (HILI)
• 802.2 Logical Link Control (LLC)
• 802.3 CSMA/CD
• 802.4 Token Bus
• 802.5 Token Ring
• 802.6 Metropolitan Area Network (MAN)
• 802.7 BroadBand Technical Adv. Group (BBTAG)
• 802.8 Fiber Optics Technical Adv. Group (FOTAG)
• 802.9 Integrated Services LAN (ISLAN)
• 802.10 Standard for Interoperable LAN Security (SILS)
• 801.11 Wireless LAN (WLAN)
o 802.11a
o 802.11b
• 802.12 Demand Priority
• 802.14 Cable-TV Based Broadband Communication Network
• 802.15 Wireless Personal Area Network (WPAN)
• 802.16 Broadband Wireless Access (BBWA)
• 802.17 RPRSG Resilient Packet Ring Group (RPRSG)
Figure 2:
Overview of IEEE
IEEE 802 Local and Metropolitan Area Network Standards Committee creates, maintains
and promotes the use of IEEE and equivalent standards. Figure 2 shows the different
media access methods supported with this model. IEEE divides the data link layer of the
OSI Reference Model into the Media access control (MAC) and logical link control
(LLC) sublayers. The MAC sublayer supports the different physical layer units (PHY),
and communicates with the LLC sublayer. The LLC sublayer communicates with the
upper layers of the OSI Reference Model, independent of the specific physical layer units
used. This facilitates improvement to the existing technology standard as well as
development of new ones.
802.11
The intent of the 802.11 Project was to develop a specification for wireless connectivity
for fixed, portable, and moving stations within a local area. The resulting standard,
officially called IEEE Standard for Wireless LAN Medium Access Control (MAC) and
Physical Layer (PHY) Specifications, defines over-the-air protocols necessary to support
networking in a local area. The primary service of the 802.11 standard is to deliver MAC
Service Data Units (MSDUs) between peer LLCs. Typically, a radio card (NIC) and
access point provide the functions of the 802.11 standard.
The medium access control (MAC) and physical characteristics (PHY) for wireless local
area networks (WLANs) are specified in 802.11 and 802.11b standards. The MAC unit is
designed to support different physical layer units, which may be adopted dependent on
the availability of spectrum. There are three physical layer units: two radio units, both
operating in the 2.4–2.5 GHz band, and one baseband infrared unit. 3 One radio unit
employs the frequency-hopping spread spectrum (FHSS) technique, and the other
employs the direct sequence spread spectrum (DSSS) technique.
2-6 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
2.1.3 IEEE 802.2 LLC Overview and Services
Figure 1:
LLC Services
• Unacknowledged connectionless service
• Connection-oriented service
• Acknowledged connectionless service
Figure 2:
The logical link control (LLC) is the upper sublayer of Layer 2, the data link layer of the
OSI Reference Model. The purpose of the LLC is to exchange data between end users
across a LAN using 802-based MAC controlled link. The LLC provides addressing and
data link control, and is independent of the topology, transmission medium, and medium
access control techniques used. Higher layers, such as the network layer, pass user data
down to the LLC expecting error-free transmissions across the network.
The LLC provides the following three services for a Network Layer protocol:1
• Unacknowledged connectionless-mode services: This set of data transfer
services provides for network entities to exchange link service data units (LSDUs)
without the establishment of a data link level connection. The data transfer can be
point-to-point, multicast, or broadcast.
• Connection-mode services: This set of services provides for establishing, using,
resetting, and terminating data link layer connections. These connections are
point-to-point connections between LSAPs (link service access points).
o The connection establishment and termination service provides the means
for a network entity to request, or be notified of, the establishment of data
link layer connections.
o The connection-oriented data transfer service provides the means for a
network entity to send or receive LSDUs over a data link layer connection.
This service also provides data link layer sequencing, flow control, and
error recovery.
o The connection reset service provides the means for established
connections to be returned to the initial state.
Any one of these classes of operation may be supported. These services apply to the
communication between peer LLC layers.
2-8 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
2.1.4 General Description
The physical layers used in IEEE 802.11 are fundamentally different from wired media.
The IEEE 802.11 physical layers (PHYs):
• Have no absolute or readily observable boundaries outside of which stations with
conformant PHY transceivers are unable to receive network frames.
• Are unprotected from outside signals.
• Communicate over a medium significantly less reliable than wired PHYs.
• Have dynamic topologies.
• Lack full connectivity; the assumption normally made that every STA can hear
every other STA is invalid (i.e., STAs may be “hidden” from each other).
• Have time-varying and asymmetric propagation properties.
Because of limitations on wireless PHY ranges, WLANs may be built from multiple
basic building blocks to cover reasonable geographic distances.
IEEE 802.11 provides for both mobile as well as portable stations. A portable station is
moved from location to location, but is only used while at a fixed location. Mobile
stations actually access the LAN while in motion. For technical reasons, it is not
sufficient to handle only portable stations. Propagation effects blur the distinction
between portable and mobile stations. Propagation characteristics are dynamic and
unpredictable. As conditions change, signals can become weaker or stronger, making
stationary stations appear to be mobile.
Another aspect of mobile stations is that they may often be battery powered. Hence
power management is an important consideration. Also, it cannot be presumed that a
station’s receiver will always be powered on.
IEEE 802.11 networks must appear to higher layers [logical link control (LLC)] as a
current style IEEE 802 LAN. This requires that the IEEE 802.11 network handle station
mobility within the MAC sublayer. To meet reliability assumptions (that LLC makes
about lower layers), it is necessary for IEEE 802.11 to incorporate functionality that is
untraditional for MAC sublayers. This includes address-to-destination mapping, to allow
mobile stations to roam seamlessly between different parts of the network, and the use of
logical media for different purposes by different components of the network architecture.
2-10 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
Figure 3: Distribution System - DS
The IEEE 802.11 architecture consists of several components that interact to provide a
wireless LAN that supports station mobility transparently to upper layers.
Basic Service Set (BSS) The BSS is the basic building block of an IEEE 802.11 LAN.
Two BSSs are show in Figure 1. The BSS can be thought of as the coverage area within
which the member stations of the BSS can communicate.
Independent BSS (IBSS) The IBSS is the most basic type of IEEE 802.11 LAN, in
which workstations only communicate with other workstations in the same BSS. This
type of operation is often referred to as an ad hoc network.
Extended Service Set (ESS) The DS and BSSs allow IEEE 802.11 to create a wireless
network of arbitrary size and complexity referred to as the extended service set (ESS)
network.4 The ESS network appears the same to an LLC sublayer as an IBSS network.
Stations within an ESS may communicate and mobile stations may move from one BSS
to another (within the same ESS) transparently to LLC.
2-12 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
2.1.6 Area concepts and Integration
Figure 2: Portal
For WLANs, well-defined coverage areas simply do not exist. Propagation characteristics
are dynamic and unpredictable. Small changes in position or direction may result in
dramatic differences in signal strength for both stationary and mobile STAs.
A portal is used to integrate the IEEE 802.11 architecture (WLAN) with a traditional
wired LAN. A portal is the logical point at which all data, in the form of MSDUs, from
the wired LAN enter the IEEE 802.11 DS. A portal is shown in Figure 2. The portal
provides logical integration between the wireless architecture and existing wired LANs.
One device can act as both an AP and a portal; this could be the case when a DS is
implemented from IEEE 802 LAN components.
The ESS architecture (APs and the DS) provides traffic segmentation and range
extension.
2-14 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
2.1.7 Frame Class and Services
Figure 2:
Class 1 Frames
(permitted from within States 1, 2, and 3)
Control frames
• Request to send (RTS)
• Clear to send (CTS)
• Acknowledgment (ACK)
• Contention-Free (CF)-End+ACK
• CF-End
Management frames
• Probe request/response
• Beacon
• Authentication: Successful authentication enables a station to exchange Class 2 frames.
Unsuccessful authentication leaves the STA in State 1.
• Deauthentication: Deauthentication notification when in State 2 or State 3 changes the STA’s state
to State 1. The STA shall become authenticated again prior to sending Class 2 frames.
• Announcement traffic indication message (ATIM)
Data frames
• Data: Data frames with frame control (FC) bits “To DS” and “From DS” both false.
Class 2 Frames
(if and only if authenticated; allowed from within States 2 and 3 only)
Management frames:
• Association request/response
o Successful association enables Class 3 frames.
o Unsuccessful association leaves STA in State 2.
• Reassociation request/response
o Successful reassociation enables Class 3 frames.
o Unsuccessful reassociation leaves the STA in State 2 (with respect to the STA that was sent
the reassociation message). Reassociation frames shall only be sent if the sending STA is
already associated in the same ESS.
• Disassociation
o Disassociation notification when in State 3 changes a Station’s state to State 2. This station
shall become associated again if it wishes to utilize the DS. If STA A receives a Class 2
frame with a unicast address in the Address 1 field from STA B that is not authenticated
with STA A, STA A shall send a deauthentication frame to STA B.
Figure 4:
Class 3 Frames
(if and only if associated; allowed only from within State 3)
Data frames
• Data subtypes: Data frames allowed. That is, either the “To DS” or “From DS” FC bits may be set to
true to utilize DSSs.
Management frames
• Deauthentication: Deauthentication notification when in State 3 implies disassociation as well,
changing the STA’s state from 3 to 1. The station shall become authenticated again prior to another
association.
Control frames
• PS-Poll—If STA A receives a Class 3 frame with a unicast address in the Address 1 field from STA
B that is authenticated but not associated with STA A, STA A shall send a disassociation frame to
STA B. If STA A receives a Class 3 frame with a unicast address in the Address 1 field from STA B
that is not authenticated with STA A, STA A shall send a deauthentication frame to STA B. (The use
of the word “receive” refers to a frame that meets all of the filtering criteria)
2-16 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
Frame Classes
There are three frame classes. 1 Class 1 frames are permitted from States 1, 2, and 3. 2
Class 2 are permitted only if the station is authenticated (in State 2 or 3). 3 Class 3
frames are permitted only if the station is associated (State 3). 4
IEEE 802.11 explicitly does not specify the details of DS implementations, instead, it
specifies services that are associated with different components of the architecture. There
are two categories of service—the station service (SS) and the distribution system service
(DSS). The SS is provided by every IEEE 802.11 station, including APs. The DSSs are
provided by the DS. They are accessed via an AP that also provides DSSs. Both
categories of service are used by the IEEE 802.11 MAC sublayer.
The complete set of IEEE 802.11 architectural services are indicated below with the
category of service:
• Authentication (SS)
• Association (DSS)
• Deauthentication (SS)
• Disassociation (DSS)
• Distribution (DSS)
• Integration (DSS)
• Privacy (SS)
• Reassociation (DSS)
• MSDU delivery (SS)
Figure 1:
MAC Services
• Asynchronous data service
• Security services
• MAC service data unit (MSDU) ordering
Within the asynchronous data service, there are two service classes: security services and
MSDU ordering. 1 These services control control whether MSDUs can be reordered.
Security services
Security services, used to limit station-to-station data exchange, are provided by the
authentication service and the WEP mechanism. WEP implementation provides for the
encryption of the MSDU. WEP service are transparent to the LLC and other layers above
the MAC sublayer. The security services provided by the WEP are as follows:
• Confidentiality;
• Authentication; and
• Access control in conjunction with layer management.
MSDU ordering
MSDU reordering is changing the delivery order of broadcast and multicast MSDUs,
relative to directed MSDUs. The MAC sublayer may reorder MSDUs to improve the
likelihood of successful delivery based on the current operational (“power management”)
mode of the designated recipient station(s).
2-18 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
2.2.2 Frame Structure
Figure 1: MAC frame format Note: create a flash which expands out to
provide details on each field. Can expand a graphic representation and text.
Details are below.
Figure 3:
Frame types
• Control
• Data
• Management
Figure 4:
Data
ACK
Frame formats
The format of the MAC frame is shown in Figure 1. All stations construct frames for
transmission and decode frames upon reception based on a standard frame format.
MAC Header
There are the Duration/ID and four address fields in the MAC header. These fields are
used to indicate the basic service set identifier (BSSID), Destination Address (DA),
Source Address (SA), Receiver Address (RA), and Transmitter Address (TA),
respectively. Each address is 48 bits (6 octets), and can be either an individual or a group
address. Group addresses are for multicast or broadcast.
FCS field
The FCS field contains a 32-bit CRC. The FCS is calculated over all the fields of the
MAC header and the Frame Body field.
2-20 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
• Data Data frames are used to carry user data from sending to receiving stations.
• Management Management frames establish initial communications between
stations and access points. These frames provide association and authentication
services.
Figure 1:
The architecture of the MAC sublayer, includes the distributed coordination function
(DCF), the point coordination function (PCF).
For a STA to transmit, it checks the medium to determine if another STA is transmitting.
If the medium is idle for a specified duration, transmission may proceed. The specified
minimum duration between contiguous frame sequences is called the interframe space,
(IFS). If the medium is busy, the STA defers until the end of the current transmission.
Prior to attempting to transmit, the STA waits for a random backoff interval. A
refinement of the method may be used to further minimize collisions: the transmitting
and receiving STAs exchange short control frames [request to send (RTS) and clear to
send (CTS) frames] prior to data transmission.
2-22 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
Coexistence of DCF and PCF
The DCF and the PCF will coexist, permitting both to operate concurrently within the
same BSS. When a point coordinator (PC) is operating in a BSS, the two access methods
alternate, with a contention-free period (CFP) followed by a contention period (CP).
A detailed discussion of DCF and PCF, along with the carrier-sense mechanism,
interframe space duration and backoff is included in the Appendix.
Figure 1:
Figure 2:
The physical layers (PHYs) used in wireless are fundamentally different from wired
media. The physical layers of wireless networks:
• Have neither absolute nor readily observable boundaries outside of which
802.11 compliant stations are unable to receive network frames.
• Are unprotected from outside signals.
• Communicate over a medium significantly less reliable than wired PHYs.
• Have dynamic topologies.
• Lack full connectivity, and therefore the assumption normally made that every
STA can hear every other STA is invalid (i.e., STAs may be “hidden” from
each other).
• Have time-varying and asymmetric propagation properties.
The physical layer performs three basic operations: Carrier sense (determines the state of
the medium); Transmit (sends individual octets); Receive (receives individual octets).
2-24 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
Functions
Most PHY definitions provide three functions: the physical layer dependent (PMD)
function, the physical layer convergence procedure (PLCP), and the layer management
function.1
The relationship between the data link layer and physical layer is show in Figure 2. The
PHY service is provided to the MAC sublayer through a service access point (SAP),
called the PHY-SAP. The physical layer is further divided into two sublayers, which
represents the two protocol functions.
These are the PDM (physical layer dependent) Sublayer, and the PLCP (physical layer
convergence procedure) Sublayer. The PMD-SAP interfaces these two sublayers.
• PLCP Sublayer adapts the capabilities of the physical medium dependent
(PMD) system to the PHY service. The PHY convergence procedure (PLCP)
defines a method for mapping the MAC sublayer protocol data units (MPDU)
into a framing format suitable for sending and receiving user data and
management information over the associated PMD system. The PHY
exchanges PHY protocol data units (PPDU) that contain PLCP service data
units (PSDU). Each MPDU corresponds to a PSDU that is carried in a PPDU.
• The PMD system defines the characteristics of, and method of transmitting
and receiving data through, a wireless medium between two or more STAs. It
produces the actual data stream, timing information, and associated signal
parameters. Examples of PMD systems include the High Rate PHY system,
and Infrared (IR) PHY.
High Rate PHY System
Wireless radio systems that support 11 Mbps data rate is called the High Rate PHY
system, or HR/DSSS (High Rate Direct Sequence Spread Spectrum). The High Rate PHY
operates in the 2.4–2.4835 GHz frequency range, as allocated by regulatory bodies in the
USA and Europe, or in the 2.471–2.497 GHz frequency range, in Japan. Four modulation
formats and four data rates are specified (1, 2, 5.5, and 11 Mbps).
Figure 1:
Figure 2:
Figure 3:
The primary function of client adapters are radio modules that provide transparent
wireless data communications between fixed, portable, or mobile devices and other
wireless devices or a wired network infrastructure. No special wireless networking
functions are required, and all existing applications that operate over a network will
operate using the adapters.
• PCI client adapter 3 - A client adapter card radio module that can be inserted into
any device equipped with an empty PCI expansion slot, such as a desktop
computer.
2-26 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
2.4.2 Parts of the Client Adapter
The three major parts of a client adapter are: a radio, a radio antenna, and two LEDs.
Radio
The client adapter contains a direct-sequence spread spectrum (DSSS) radio that operates
in the 2.4-GHz license-free Industrial Scientific Medical (ISM) band. The radio transmits
data over a half-duplex radio channel operating at up to 11 Mbps.
DSSS technology causes radio signals to be transmitted over a wide frequency range,
using multiple frequencies simultaneously. This helps to protect the data transmission
from interference. If noise or interference occurs on a particular frequency, redundancy
from the signal on other frequencies usually will still provide successful transmission.
Radio Antenna
The type of antenna used depends on your client adapter:
• PC cards have an integrated, permanently attached diversity antenna. The benefit
of the diversity antenna system is improved coverage. The card will switch and
sample between its two antenna ports in order to select the optimum port for
receiving data packets. This gives a better chance of maintaining the radio
frequency (RF) connection in areas of interference. The antenna is housed within
the section of the card that hangs out of the PC card slot when the card is
installed.
• LM cards are shipped without an antenna; however, an antenna can be connected
through the card's external connector. If a snap-on antenna is used, it should be
operated in diversity mode. Otherwise, the antenna mode used should correspond
to the antenna port to which the antenna is connected.
• PCI client adapters are shipped with a 2-dBi dipole antenna that attaches to the
adapter's antenna connector. However, other types of antennas may be used. PCI
client adapters can be operated through the right antenna port only.
LEDs
The client adapter has two LEDs that glow or blink to indicate the status of the adapter or
to convey error messages.
Figure 1:
Driver Types
• NDIS
• ODI
• Packet
• NDIS-3
• Win CE
Figure 2:
Windows CE
• MIPS w/CE 2.0 (released)
• SH-3 w/CE 2.0 (released)
• MIPS w/CE 2.1x (beta)
• SH-3 w/CE 2.1x (beta)
• Strongarm w/CE 2.1x (beta)
• SH-4 w/CE 2.1x (beta)
Figure 3:
• Client access for both notebook and desktop
systems
• Broad operating systems support:
o Windows 95, 98,
o Windows NT 4.0
o Windows 2000
o Windows CE
o Mac OS Version 9.x
o Linux OS Kernel 2.2
o Novell NetWare clients
• Easy, simple installation
• Lifetime limited warranty
2-28 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
NDIS2
• Windows 3.x
• Lantastic
• AS/400 connectivity
• Sample protocol.ini included on driver disk
ODI (Available on the Web)
• Novell 3.x/4.x
• Works with either NETX or VIMs
• Disk Operating System (DOS)
• Sample net.cfg files included on driver disk
Packet
• For use with DOS-based IP stacks
• The following are some of the more popular IP stacks that work with our
products:
o FTP Software
o Netmanage
o Trumpet
o Variety of other winsocks
NDIS3
• Windows 95 and 98
• Windows NT 3.51 and 4.x
• Binds to all protocol stacks within Windows 95 and Windows NT
• Novell Client32
Windows CE
• MIPS w/CE 2.0 (released)
• SH-3 w/CE 2.0 (released)
• MIPS w/CE 2.1x (beta)
• SH-3 w/CE 2.1x (beta)
• Strongarm w/CE 2.1x (beta)
• SH-4 w/CE 2.1x (beta)
Windows 2000
Because all RISC processors are not alike, it is necessary to develop a separate compiled
version of the driver on a per-processor basis. Also, because of the nature of Windows
CE, it is necessary to develop a separate driver for each version. This means that
whenever a new version of Windows CE is released, a new driver needs to be developed
on a per-processor basis. All CE devices do not always adhere to the PC card standards
because of their limited size and cost-cutting construction. This means that even though
you have the correct driver for the processor and CE release, it still may not work.
A machine will not work if the system displays the message “unknown card inserted”. To
work it should say “network card inserted”. This happens typically because the vendor
does not follow the PC CARD 2.1 specification fully, resulting in incompatibility issues.
Windows 2000 requires a new driver for all network interface cards (NIC) cards.
Figure 1:
PC Card LEDs
Blinking quickly Blinking quickly Power is on, self-test is OK, and client
adapter is scanning for a network.
2-30 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
The status LED on the PC card is the green LED. It has several normal modes of
operation:
• Blinking on once every 1/2 seconds- In infrastructure mode, scanning for an
access point to associate with.
• Blinking on once every 2 seconds- In infrastructure mode, associated to an access
point.
• Solid Green- In ad hoc mode (will not communicate to an AP).
The orange LED is the RF Traffic LED. It has two modes of operation:
• Orange LED- Blinking indicates RF traffic.
• Solid ORANGE- Indicates the Card is in reset, and not in operational mode.
Typically this means the driver has not been installed properly, or has not loaded
properly.
Lets make this into an animated photozoom, where the different states
of the light are represented in a flash animation, perhaps with a nice
picture of a nic (or a facsimile of one)
Figure 1:
Wireless “Cell”
Wireless Clients
Modem
Figure 3:
2-32 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
The client adapter can be used in a variety of network configurations. In some
configurations, Access Points provide connections to your network or act as repeaters to
increase wireless communication range. The maximum communication range is based on
how you configure your wireless network.
This section describes and illustrates the following common network configurations:
• Ad hoc wireless local area network (LAN)
• Wireless infrastructure with workstations accessing a wired LAN
The basic service set (BSS) or microcell 2, can consist of two or more PCs, each with a
wireless network card. Such a system operates in “ad hoc mode”. It is very easy to set up
this type of network for operating systems such as Windows 95 or Windows NT.
This can be used for a small office or home office to allow a laptop to be connected to the
main PC, or for several people to simply share files. One drawback is limited coverage
distances. Everyone must be able to hear everyone else.
This configuration is useful with portable or mobile stations because it allows them to
remain connected to the wired network even while moving from one microcell domain to
another. The process is transparent, and the connection to the file server or host is
maintained without disruption. The mobile station stays connected to an Access Point as
long as it can. However, once the signal is lost, the station automatically searches for and
associates to another Access Point. This process is referred to as seamless roaming.
Figure 1:
The network location of your wireless products can be influenced by a number of factors.
This section discusses those factors and provides guidelines and tools for achieving
optimum placement.
Site survey and link test tools provided with the client utilities can help determine the
best placement for Access Points and workstations within your wireless network. Site
survey and link test tools are not supported in the Linux operating system.
Site Survey
Because of differences in component configuration, placement, and physical
environment, every network is a unique installation. Before installing the system,
perform a site survey to determine the optimum utilization of networking components
and to maximize range, coverage, and network performance.
2-34 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
• Antenna type and placement - Proper antenna configuration is a critical factor in
maximizing radio range. As a general rule, range increases in proportion to
antenna height.
• Physical environment - Clear or open areas provide better radio range than
closed or filled areas. The less cluttered the work environment, the greater the
range.
• Obstructions - A physical obstruction such as metal shelving or a steel pillar can
hinder performance of the client adapter. Avoid locating the workstation in a
location where there is a metal barrier between the sending and receiving
antennas.
• Building materials - Radio penetration is greatly influenced by the building
material. For example, drywall construction allows greater range than concrete
blocks. Metal or steel construction is a barrier to radio signals.
Client adapters are radio devices and are susceptible to RF obstructions and common
sources of interference that can reduce throughput and range. Follow these guidelines to
ensure the best possible performance:
• Install the client adapter in an area where large steel structures such as shelving
units, bookcases, and filing cabinets will not obstruct radio signals to and from the
client adapter.
• Install the client adapter away from microwave ovens. Microwave ovens operate
on the same frequency as the client adapter and can cause signal interference.
Link Test
The link test tool is used to determine RF coverage. An example of such a tool is the Link
Status Meter (LSM), which graphically monitors the signal quality and signal strength
between the client adapter and an associated Access Point (available only for the
Windows operating systems).
The Link Status Meter screen provides a graphical display of the following: 1
• Signal strength of the radio signal, displayed as a percentage along the vertical
axis.
• Signal quality of the radio signal, displayed as a percentage along the horizontal
axis.
The diagonal line in graphical display indicates whether the RF link between your client
adapter and its associated Access Point is poor, fair, good, or excellent. This information
can be used to determine the optimum number and placement of Access Points in your
RF network. Areas, where performance is weak, can be avoided, eliminating the risk of
losing the connection between your client adapter and the Access Point.
Figure 1:
The next several sections present a more detailed description of the features and uses of
the Aironet Client Utility (ACU). The ACU can perform a variety of functions,
including:
• Loads new client adapter firmware.
• Configures the client adapter for use in a wireless enterprise or home network.
Parameters can be set to prepare the adapter for network use, to govern how the
adapter transmits or receives data, and to control the adapter's operation within an
infrastructure or ad hoc (or peer-to-peer) network.
• Enables security features, providing control of the level of security for the
network.
• Performs user-level diagnostics. The current status of the adapter as well as
statistics indicating how data is being transmitted and received can be viewed. In
addition, RF link test or a site survey can be performed to assess the performance
of the RF link at various places in your area and to determine network coverage.
ACU enables you to change the configuration parameters of your client adapter. The
adapter's parameters are organized into two main categories depending on your network's
configuration:
• Enterprise parameters - to configure the client adapter for use in an enterprise
network, such as that found in a large organization:
o System parameters - Prepare the client adapter for use in a wireless
network
o RF network parameters - Control how the client adapter transmits and
receives data
2-36 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
o Advanced infrastructure parameters - Control how the client adapter
operates within an infrastructure network
o Advanced ad hoc parameters - Control how the client adapter operates
within an ad hoc (peer-to-peer) network
o Network security parameters - Control the level of security provided to
the wireless network
Figure 1:
Figure 2:
Power modes available with Cisco PC cards
Figure 3:
2-38 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
System parameters can be used to configure your client adapter for use in a wireless
network (either enterprise or home network). The System Parameters screen is shown in
Figure 1.
Client Name—A logical name for your workstation. Administrators can identify which
devices are connected to the Access Point with a name rather than a MAC address. This
name is included in the Access Point's list of connected devices. Range: Up to 16
characters
SSID—The service set identifier (SSID) identifies the specific wireless network to
access. Range: Up to 32 characters (case sensitive) If this parameter is blank, the client
adapter can associate to any Access Point that is configured to allow broadcast SSIDs. If
the Access Points are not configured to allow broadcast SSIDs (and the SSID field is
blank), the client adapter will not be able to access the network.
SSID 2 and 3—Optional SSIDs that identifies a second distinct network and enables
roaming to that network without reconfiguring the client adapter.
Power Save Mode—Sets the client adapter to optimal power consumption setting:
constant awake mode, power save mode, or fast power save mode.2
Figure 1:
Figure 2:
Auto Rate Uses the 11-Mbps data rate when possible but drops to
Selection lower rates when necessary
1 Mbps Only Offers the greatest range but the lowest throughput
2 Mbps Only Offers less range but greater throughput than the 1 Mbps
Only option
5.5 Mbps Only Offers less range but greater throughput than the 2 Mbps
Only option
11 Mbps Only Offers the greatest throughput but the lowest range
2-40 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
The RF Network screen in Figure 1 is used to set parameters that control how and when
the client adapter transmits and receives data.
Data Rate—Specifies the rate at which the client adapter transmits or receives packets.
Auto Rate Selection is recommended for infrastructure mode; setting a specific data rate
is recommended for ad hoc mode. The available data rates are 1, 2, 5.5, and 11 Mbps. 2
Data rate must be set to Auto Rate Selection or must match the data rate of the other
device (Access Points or the other clients), otherwise, the client adapter may not be able
to associate to them. Default: Auto Rate Selection.
Use Short Radio Headers—The use of short radio headers improves throughput
performance. Long radio headers ensure compatibility with clients and Access Points that
do not support short radio headers. The adapter can use short radio headers only if the
Access Point is also configured to support them. Default: Deselected.
World Mode—Enables the client adapter to assume the legal transmit power level and
channel set of the associated Access Point. This parameter is available only in
infrastructure mode and is designed for users who travel between countries, allowing the
adapter to be used in different regulatory domains. When World Mode is enabled, only
the transmit power levels supported by the country of operation's regulatory agency are
available. Default: Deselected.
Channel—Specifies which frequency the client adapter will use as the channel for
communications. These channels conform to the IEEE 802.11 Standard for your
regulatory domain.
• In infrastructure mode, this parameter is set automatically and cannot be changed.
The client adapter listens to the entire spectrum, selects the best Access Point to
associate to, and uses the same frequency as that Access Point.
• In ad hoc mode, the channel must match on clients in order for them to
communicate.
Transmit Power—Defines the power level at which the client adapter transmits. This
value must not be higher than that allowed by your country's regulatory agency (FCC in
the U.S., DOC in Canada, ETSI in Europe, MKK in Japan, etc.). When World Mode is
enabled, only the transmit power levels supported by the country of operation's regulatory
agency are available. 15 mW is supported by 340 series client adapters only, and 20
mW is supported by 350 series client adapters only. The range can be 1, 5, 15, 20, 30,
50, or 100 mW (30 mW is the maximum power level supported by 340 series client
adapters). The default is the maximum level allowed by your country's regulatory
agency.
Fragment Threshold—Defines the threshold size above which an RF data packet will be
split up or fragmented. If one of those fragmented packets experiences interference
during transmission, only that specific packet would need to be resent. Throughput is
generally lower for fragmented packets because the fixed packet overhead consumes a
higher portion of the RF bandwidth. The range is 256 to 2312 with a default of 2312.
2-42 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
2.5.4 Setting Advanced Infrastructure Parameters
Figure 1:
Figure 2:
Client Antenna
• PC card - The PC card's integrated, permanently attached antenna
operates best when used in diversity mode. Diversity mode allows the
card to use the better signal from its two antenna ports.
o Range: Diversity (Both), Right Antenna Only, Left Antenna
Only
o Default: Diversity (Both)
• PCI client adapter - The PCI client adapter must use the Right
Antenna Only option.
o Default: Right Antenna Only
Antenna Mode (Receive)—Specifies the antenna used by the client adapter to receive
data. For PC and LM cards, the choices are: Diversity (Both), Right Antenna Only, Left
Antenna Only.2 The default is Diversity (Both). For PCI cards, Right Antenna Only is
the only option.
Antenna Mode (Transmit)—Specifies the antenna used to transmit data. The choices are
the same as the Antenna Mode (Receive) above.
RTS Threshold—Specifies the size of the data packet that the low-level RF protocol uses
for a request-to-send (RTS) packet. If the threshold is set to a small value, RTS packets
are sent more often, consuming more bandwidth and reducing throughput. However, the
system is able to recover faster from interference or collisions. The range is 0 to 2312
with a default of 2312.
RTS Retry Limit—Specifies the number of times the client adapter will attempt to resend
a RTS packet when it does not receive a clear-to-send (CTS) packet reply. Setting this
parameter to a large value decreases the available bandwidth when interference occurs
but makes the system more immune to interference and collisions. The range is 1 to 128
with a default of 16.
2-44 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
2.5.5 Setting Advanced Ad Hoc Parameters
Figure 1:
The Advanced (Ad Hoc) screen in Figure 1 enables you to set parameters that control
how the client adapter operates in an ad hoc network.
The antenna modes and RTS settings are set in the same manner as the infrastructure
settings.
Wake Duration (Kµs)—Specifies the amount of time following a beacon that the client
adapter stays awake to receive announcement traffic indication message (ATIM) packets,
which are sent to keep the adapter awake until the next beacon. This parameter is used
only in Power Save Mode (Max PSP or Fast PSP). The range is 5 to 60 Kµs with a
default of 5 Kµs.
• Kµs is a unit of measurement in software terms. K = 1024, µ = 10-6, and s =
seconds, so Kµs = .001024 seconds, 1.024 milliseconds, or 1024
microseconds.
Beacon Period (Kµs) —Specifies the duration between beacon packets. Beacon packets
help clients find each other in ad hoc mode. The range is 20 to 976 Kµs with a default of
100 Kµs.
Figure 1:
Figure 2:
Server Based
Authentication Description
Option
2-46 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
Figure 3:
Access Point Description
Authentication
The Network Security screen in Figure 1 enables you to set parameters that offer varying
degrees of security for the data.
The client adapter supports two principal security features to protect your data : Wired
Equivalent Privacy (WEP) keys and Extensible Authentication Protocol (EAP) or LEAP
(also referred to as EAP - Cisco Wireless).
The Security Level bar graph (only for the Windows operating systems) indicates the
network's level of security based on the selected parameters. The bar graph is:
• solid green when the network is most secure (for example, when LEAP or
EAP is enabled for your client adapter and a session-based WEP key is
assigned to the adapter by a RADIUS server).
• red when the network has some security features but is not the most secure.
• solid black when no security features are enabled.
WEP Keys
WEP, an optional IEEE 802.11 security feature, provides the client adapter and other
devices on the wireless network with data confidentiality equivalent to that of a wired
LAN. It involves packet-by-packet data encryption by the transmitting device and
decryption by the receiving device.
For the client adapter, WEP is implemented through the client utilities. In Windows and
Linux operating systems, the Client Encryption Manager (CEM) utility allows you to set
WEP keys, and the Aironet Client Utility (ACU) is used to enable WEP. In the MacOS
9.x operating system, WEP keys are set and enabled in one utility.
Configuration Parameters
Access Point Authentication—Defines how the client adapter will attempt to authenticate
to an Access Point.3 The default setting is Open Authentication. If LEAP or EAP is
enabled , Open Authentication is the only available option. The Shared Key
Authentication option is available only if the client adapter has been assigned a WEP key
in CEM and WEP is enabled.
Allow Association to Mixed Cells—If network's Access Points are set to communicate
with either WEP-enabled or WEP-disabled clients (the Use of Data Encryption by
Stations parameter on the AP Radio Data Encryption screen is set to Optional), select
this checkbox. Otherwise, the client adapter will not be able to establish a connection
with the Access Point. The default setting is Deselected.
Enable WEP—Enables or disables WEP. There are two uses: If a WEP key is set using
CEM, enable WEP for the client adapter. If LEAP or EAP has been enabled and the
adapter has been authenticated to an EAP-enabled RADIUS server, this checkbox is
selected automatically to indicate that the adapter has been assigned a session-based WEP
key. The default setting is Deselected.
2-48 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
2.5.7 Setting Home Networking Parameters
Figure 1:
The Home Networking screen in Figure 1 enables setting parameters that prepare the
client adapter to operate in a home (non-enterprise) network. The parameters are similar
to those covered in Setting System Parameters, section 2.5.2, and in Setting RF
Parameters, section 2.5.3.
To ensure that the client adapter has the same settings as all of the other computers on the
home network, load the settings from a 3.5-inch floppy disk, (if running a Windows
operating system and have a home network configuration disk).
Figure 1:
Figure 2:
2-50 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
Figure 3:
In addition to configuring the client adapter for use in various types of networks, ACU
provides tools to assess the performance of the client adapter and other devices on the
wireless network. ACU's diagnostic tools perform the following functions:
• Display the client adapter's current status and configured settings
• Display statistics pertaining to the client adapter's transmission and reception of
data
• Run an RF link test to assess the performance of the RF link between the client
adapter and its associated Access Point
• Perform a site survey to determine the required number and placement of Access
Points within the network.
To view the client adapter's status and settings, select Status from the Commands pull-
down menu ( Figure 1). Figure 2 shows the Status screen with the signal strength values
displayed as percentages, and Figure 3 shows the bottom of the same screen with the
signal strength values displayed in decibels with respect to milliwatts (dBm).
Figure 1:
ACU enables viewing statistics that indicate how data is being received and transmitted
by the client adapter.
The Statistics screen is viewed by selecting the Statistics option from the Commands
pull-down menu. 1 The statistics are calculated as soon as the client adapter is started or
the Reset button is selected, and are continually updated at the rate specified by the
Screen Update Timer.
2-52 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
2.6.3 Linktest
Figure 1:
Figure 2:
2-54 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
2.6.4 Site Survey Tool
Figure 1:
Figure 2:
Figure 3:
Figure 5:
ACU's site survey tool operates at the RF level and is used to determine the best
placement and coverage (overlap) for the network's Access Points. During the site
survey, the current status of the network is read from the client adapter and displayed four
times per second to accurately gauge network performance. The feedback received can
help to avoid areas of low RF signal levels that can result in a loss of connection between
the client adapter and its associated Access Point.
The site survey tool can be operated in two modes:
• Passive Mode - This is the default mode. It does not initiate any RF network
traffic; it simply monitors the client adapter’s traffic and displays the results. 1
and 2
• Active Mode – In this mode the client adapter actively sends or receives low-
level RF packets to or from its associated Access Point and displays information
on the success rate. 4 and 5 Parameters that govern how the site survey is
performed (such as the data rate) can be set in this mode. 3
2-56 IEEE 802.11b and Network Interface Cards Copyright 2001, Cisco Systems, Inc.
Guidelines
Introduction:
• In order to understand radio technologies, we must use certain mathematical
terminology and concepts. After this objective, you will be able to perform
simple calculations relevant to study radio waves.
3.1.1 Waves
What is a wave? One definition, useful in our discussion of WLANs, is that a wave is
energy traveling from one place to another, as a disturbance in matter (built of atoms and
molecules) or in vacuum (the absence of matter). We are interested in a specific type of
wave: alternating electric and magnetic fields called electromagnetic waves. Before
looking at these waves in more detail, lets look at some examples of disturbances and
waves.
One way of defining a wave involves the concept of a disturbance. If the
“disturbance” is deliberately caused and of some fixed duration, we might call it a
“pulse”. If the pulse involves the medium vibrating in the same direction as the pulse is
traveling, we call this a longitudinal pulse. To help you visualize a longitudinal pulse,
imagine a slinky toy spring which you sharply stretch for a short moment. The
disturbance of the slinky toy spring will travel along the slinky toy spring, in the same
direction as your hand moved -- a longitudinal pulse. Use the flash activity to make some
longitudinal pulses. Chapter3\ch3_LongitudinalPulse\ch3_LongitudinalPulse.swf
If we were to continue these making pulses in a smooth fashion, we could describe
this situation as a longitudinal wave To help you visualize a longitudinal wave, imagine
quickly but consistently shaking the slinky toy back and forth. The flash demonstrates a
longitudinal waveChapter3\longitudinal_wave.swf An example of longitudinal waves in
nature are sound waves – which are vibrations of air – the air is compressed and made
less compressed in a pattern that is in the same direction as the sound is traveling.
If the pulse involves the medium vibrating perpendicular to the direction in which the
pulse is traveling, we call this a transverse pulse.. To help you visualize a transverse
pulse, imagine you have a slinky toy spring lying on a table top. Instead of banging it on
the end like you did for the longitudinal pulse, jerk the slinky toy spring left and right
quickly. Use the Flash to make some transverse pulses FLASH transverse_pulse.swf
If you were to continue making transverse pulses in a smooth fashion, we could
describe this situation as a transverse wave (see the Flash). transverse_wave.swf
Imagine you are at beach where there are water waves. You are trying to describe the
waves to someone else – what might you say? Certainly how high the waves are would
be important to know. The height of a wave is called the wave amplitude. If the wave is
a water wave, then the height could be measured in meters. If instead the wave is a graph
on an oscilloscope representing radio waves, then the “height” could be measured in
volts. Strictly speaking, the quantity (distance, or voltage, or some other measurement
WEB LINKS
One powerful way to study radio waves and design WLAN technology is to use a
mathematical formula to represent what is happening in nature. There are many
mathematical formulae important in understanding WLANs. You might be wondering
“Why are we learning about sine waves (analog) when we are studying WLANs (a digital
system)”. There are two reasons. First, many parts of a digital communications system
use sine waves. Secondly, it can be shown that any other repeating wave pattern –
including digital waves -- of any shape can be represented by adding up a bunch of sine
waves. One such formula provides us with a “rule” for graphing how information signals
vary over time: y = A sin (2 pi f t – phi). This is a general formula for what is called a
sine wave Let’s take apart this formula.
• Y ! this is the dependent variable, it usually represents some physical quantity
such as the voltage of the information carrying signal
• = ! this means that whatever is on the left side of the equals sign (in this case, y)
must be equal at all times to the expression on the right side of the equals sine
(whatever combination of A, f, T, and phi we use, they always combine to be the
y-value)
• A !this is the amplitude of the sine wave, the measurement of the “heighth” or
“depth” of the wave
• Sin ! sin is the abbreviation for “sine”, a type of mathematical function.
Mathematical functions take a number and transform it according to certain
“rules”. Sin here specifies that the number between the parenthesis (the
“argument” of the sine function) is to be transformed according the rule which
defines sines. Note that this sine function has a complicated expression in the
• “2 pi” ! this is the number 2 multiplied by pi, the mathematical constant,
3.14159….. (never repeating). From geometry you may remember that the
number 2 pi is an important part of the mathematics of circles (the circumference
of a circle is 2 pi r). This is one way of expressing one cycle of the sine wave
(measured peak to peak or trough to trough)
• f ! the frequency of the sine wave in cycles per second (Hertz). As the word
suggests, frequency tells us how often something is happening. In the case of the
sine wave, frequency helps express how often peaks and troughs of the wave are
occurring
• T ! this is the period, the time interval in which the wave completely repeats
itself. This is related to the frequency by the formula T = 1/f (they are what we
call in mathematics reciprocals). T is measured in seconds
• t ! this is the independent variable, time, measured in seconds. In order to graph
the sine waves, we would need to choose t values and put them into the formula.
For each t value, we could obtain a y value. These pairs of t and y (t, y) can then
be graphed. If you have a scientific calculator, or using a calculator on your
desktop, you could calculate these (t, y) pairs.
• Phi = this the greek letter phi (pronounced “fie”). It represents the phase of the
sine wave relative to some instant in time, let’s say time = 0. One way to
understand the phase is it gives us a way to shift the sine wave relative to the time
= 0 point.
Another important way to study WLANs is to use graphs of what are called
“square” waves. Square waves are an important representation of digital signals. .
While they can expressed using formulae, that is beyond what we want to cover in this
class. Again, important characteristics of this square wave are amplitude A, frequency f,
period T, phase phi, bit time (slot time), and pulse width W.
Amplitude for digital signals to the height of the wave.
• f ! the frequency of the square wave in cycles per second (Hertz). As the word
suggests, frequency tells us how often something is happening. In the case of the
sine wave, frequency helps express how often peaks and troughs of the wave are
occurring
• T ! this is the period, the time interval in which the wave completely repeats
itself. This is related to the frequency by the formula T = 1/f (they are what we
call in mathematics reciprocals). T is measured in seconds
Phase shift refers to Phi = this the greek letter phi (pronounced “fie”). It represents the
phase of the sine wave relative to some instant in time, let’s say time = 0. One way to
understand the phase is it gives us a way to shift the sine wave relative to the time = 0
point.
Another important value in digital systems is called the “bit time”. Since there
are many ways to represent a binary one or binary zero with waves, each with advantages
and disadvantages, a basic sense of when the bits, however represented, will occur.
Pulse width refers to the duration (how long, measured in time) of the pulses making up
the square wave are. The pulse width for one pulse must be less than one bit time.
In networking, there are three “number systems” that are important – base 2 (binary),
base 10 (decimal), and base 16 (hexadeximal). What does the word base mean? Base
refers to a number of things, including (a) how many different symbols are used (b) the
place values used when writing out numbers in a particular number system. For example,
in a base 2 number system (binary), there are only 2 symbols used – 1 and 0. Place
values are the powers of two: FLASH
In the familiar base 10 (decimal) system, ten symbols are used to write numbers: 0,
1, 2, 3, 4, 5, 6, 7, 8, 9. Place values are the powers of 10:
Remember that 10x10 can be written as 102 (ten “squared” or ten to the second power),
10x10x10 can be written as 103 (ten “cubed” or ten to the third power) and so on. When
written this way, we say that “10” is the base of the number and 2 or 3 is the “exponent”
of the number.
So what does all of this have to do radio waves? Many of our radio wave
calculations will involve numbers that are very large, and using exponents we can express
these number in a format that easier to read and write. To give you some practice using
exponents, use the Flash calculator. If you choose x values, y will be calculated for you.
If you choose y values, x will be calculated for you. FLASH
WEB LINKS
One of the most important ways to describe radio waves is with how many Watts
of power are in the wave. In this section, we will examine what a “Watt” is. First we
must consider energy. One definition of energy is “the ability to do work”. There are
many forms of energy – electrical energy (comes to your home via power lines),
chemical energy (gasoline, explosives), thermal energy (a furnace), gravitational potential
energy (the stored energy of objects that are “high”), kinetic energy (the energy of
moving objects), acoustic energy (sound waves), and many others. The metric unit for
measuring energy is the Joule. You can think of energy as an amount. So what about
power? We know from common experience that power is somehow related to energy.
But power is a rate, not a quanity. By rate we mean something that is changing over
time. So the formula for power is P = ∆ E / ∆ t , where dE is the amount of energy
transferred (or rate of doing work) in some process and dt is the time interval over which
that energy is transferred. If we transfer 1 Joule of energy in 1 second, we have 1 Watt
(W) of power. The chart shows some of the different measurements of power measured
in Watts. FLASH
WEB LINKS
An important way of describing radio waves is a unit of measure called the decibel
(dB). The decibel is related to the exponents and logarithms described in prior sections.
FLASH The formula for calculating decibels is dB = 10 log10 (Pfinal/Pref) where
• dB ! the amount of decibels, usually a loss in power as the wave travels, or
interacts with matter, or is processed by electronics (can also be a gain, as if going
through an amplifier)
• 10 is related to the fact that this is a power measurement
• log10 ! describes the fact the we will transform the number in parenthesis using
the base 10 logarithm rule
• Pfinal is the delivered power or the power after some process has happened
• Pref is the original power
• Practice with Decibels (calculator). Choose Pfinal and Pref and dB is calculated.
Another way to look at this formula is Pfinal = Pref * 10 (dB/10) Choose dB and
Pref and see what the resulting power is. This would be used to see how much
power is left in a radio wave after it has traveled over a distance, through different
materials, and through various stages of electronic systems like a radio. Cover
positive and negative
Chapter3\ch3_CalculatingDecibels\ch3_CalculatingDecibels.swf
Why go to all this trouble? There are 3 main reasons. First, Radio Waves can involve
huge numbers and tiny numbers, and writing our the numbers without using exponents,
logarithms, and decibels is tedious and prone to errors. Second, when doing calculations
on radio wave systems, processes that would have to be represented using more
complicated formula can be simplified to addition and subtraction. And finally, since
1948 publication of Shannon’s theory, decibels are the international standard “language”
of radio waves. Examples …….
WEB LINKS
•dB- Decibel- Ratio of one value to another
•dBx where x=
m= compared to 1milliwatt (0dBm=1mW)
i= compare to isotropic antenna
d= compared to dipole antenna
w= compared to 1 watt (0dBw=1 watt)
These values were ALL estimated using 0dBm as a starting point. Add 3dB to any
number=double power. Add 10dB = 10x power. Subtract 3dB=1/2.
If 0dM=1mW, then 14dB =25 (0dB=1mw, therefore 10dB=10mW, therefore
20dB=100mW, subtracting 3dB (17=50mW) subtract 3 more(14=25mW.) ALL
numbers can be found with a little addition/subtraction.
• All EM waves travel at c in vacuum. They do not require a medium to travel but
will travel through certain material (still – image of e&b fields through emptiness
and then through little gas atoms and then matter atoms -- vacuum vs. air or
glass)
WEB LINKS
One of the most important diagrams in both science and engineering is the
electromagnetic spectrum. The spectrum summarizes many of the waves important to
understanding both nature and technology. EM waves can be classified according to their
frequency (in Hertz) or their wavelength (in meters). The electromagnetic spectrum has 8
major sections. In order of increasing frequency (decreasing wavelength), we have
power waves, radio waves, microwaves, Infrared (IR) light, visible light (ROYGBIV),
Ultra-violet (UV) light, x-rays, and gamma rays. Use the scrolling Flash chart to learn
more about the different types of electromagnetic waves. FLASH
Chapter3\ch3_ElectromagneticSpectrum\ch3_ElectromagneticSpectrum.swfcheck bug on
meters/millimeters
WEB LINKS
There are a number ways to describe all electromagnetic waves. These include
direction, frequency, wavelength, Power, Polarization, and phase. We will examine these
properties as they apply to one part of the electromagnetic spectrum – radio waves and
microwaves. FLASH
• Direction (vectors, rays, in degrees, representing wavefronts): One crucial
property of radio waves is the direction in which they are traveling. While the
actual pattern that radio waves form upon leaving an antenna is complex, for
many purposes we can approximate the waves with a “ray” showing the primary
direction in which the waves travel.
• Frequency (in Hz) Another property of radio waves, in fact what makes them be
called “radio” waves, is the frequency. Power waves, Radio waves, Microwaves,
Infrared, Visible Light, Ultraviolet light, x-rays, and gamma rays are all forms of
electromagnetic waves: what distinguishes them is their frequency. These
sections of the electromagnetic spectrum typically have very different interactions
with different materials, are generated and detected differently, and travel
differently. Period = 1/T
• Wavelength (in m) Another property of radio waves, related to their frequency, is
the wavelength. The wavelength measures the physical distance from “peak to
peak” or “trough to trough” on the radio wave. Wavelengths tell us a lot about
how the radio waves interact with particles and objects.
• Power (in Watts or decibels) Another property of radio waves is the rate at which
they transfer energy, also known as the power. Power is important for designing
the transmitter and receiver. Too much power and the radio waves could be
causing unwanted interference or traveling to areas in which we don’t want them.
Too little power and you don’t have a working wireless link.
• Polarization (horizontal or vertical) Another property of radio waves is their
orientation relative to the horizontal and vertical directions. Radio waves are
often emitted preferentially (for example, more waves aligned horizontally than
vertically, or vice versa), and often reflected preferentially (for example, more
waves reflected horizontally than vertically. The transmission and detection of
radio waves can be strongly influenced by their polarization and the relative
orientations of Tx and Rx antenna.
• Phase (in degrees, always relative). If we assume, for simplicity, that radio waves
lead to a sine-wave like change in voltage in an antenna as time goes on, the
relative timing of different sine waves can be very important. If for example two
waves of the same frequency arrive at the same point in time, they can add to
form a more powerful wave (in phase, constructive interference). If these two
waves arrive at slightly different times, they may add to form a complex wave. If
they arrive exactly out of synchronization (out-of-phase, destructive interference),
they can cancel each other.
• A formula relates frequency, wavelength, and the speed of light. In words, it says
that the wavelength of any electromagnetic wave (traveling in vacuum, measured
in meters) multiplied by the frequency of that same electromagnetic wave
(traveling in vacuum, measured in cycles per second or Hertz) always equal the
speed of light in vacuum, 3.0 x 108 meters per second. Of course, it is common
to use other metric units than just meters (nanometer, micrometer, millimeter,
centimeter, kilometer), Hertz (kilohertz, Megahertz, Gigahertz, Terahertz)
• Need to know metric units of length, frequency, time, velocity
• We can classify EM waves into parts of the spectrum
• Using the calculator (lambda x f = c) FLASH
Chapter3\ch3_ElectromagneticCalculator\ch3_ElectromagneticCalculator.swf
WEB LINKS
The part of the spectrum from x Hz to y Hz is often loosely called the Radio
Wave Spectrum (zoom in on spectrum chart in FLASH
Chapter3\ch3_ElectromagneticSpectrum\ch3_ElectromagneticSpectrum.swfcheck It
actually is comprised of two major sections of the EM spectrum, radio waves and
microwaves. For historical reasons, many people still refer to both sections together as
the “RF” spectrum. For example, one of the key jobs in designing 2.4 GHz Wireless
LANs is the “RF” engineer, even though 2.4 GHz are considered microwaves. The
region between x Hz to y Hz is used heavily for communication. Most of the frequency
ranges are licensed, though a few key ranges (like the 2.4 GHz Industrial Scientific
Medical or ISM band) are unlicensed. A vast amount of human effort has gone into
engineering devices that work in the areas of the spectrum, with the result of many of the
modern miracles of telecommunications and data communications.
WEB LINKS
WEB LINKS
One of the most important facts of the “information age” is that data – representing
characters, words, pictures, video, music, etc. – can be represented electrically by voltage
patterns on wires and in electronic devices. This is important for our study of WLANs
since they are electronic devices. It turns out that the data, represented by voltage
patterns, can be converted to radio waves, and vice versa. Since voltages are much easier
to measure than directly measuring the radio waves, an understand of voltage patterns can
be very helpful in the study of WLANs.
Consider the example of an analog telephone. When you speak, your voice – sound
waves – enters a microphone in the telephone. The microphone converts the patterns of
sound energy that make up your voice into patterns of electrical energy (voltages) that
represent your voice. If we then studied the voltages with a device which makes voltage
versus time graphs, we could see the distinct patterns representing your voice.
Many modern electronic devices (increasingly even telephones) use digital data to
represent information. But this digital information, also in the form of voltages, can be
studied by examing the voltage versus time graphs of an oscilloscope. What might
some of the patterns they represent, let’s say, textual information in digital form? The
ascii chart provides a simple and widely-known example. FLASH ascii_chart.swf
WEB LINKS
In the previous objective, we studied how signals vary in time. But another powerful
way to study signals is to analyze what frequencies they involve. Engineers call this
“frequency-domain analysis” (to be contrasted with “time-domain analysis”). An
electronic device known as a spectrum analyzer creates Power versus frequency graphs.
To help us understand how WLANs work, we will first use the idea of a spectrum
analyzer to examine a more familiar radio system – commercial broadcast frequency
modulation (FM) radio. By radio in this case we refer to a receiver device, as might be
in a home, a walkman, or a car.
What happens when you tune an FM radio? You are changing the settings on the
radio’s electronics so that it responds to different frequencies that you choose. You make
your choice based on your prior knowledge of what the frequency of the station is or
what you like as you tune across the different frequencies. The different stations have
different “center” or “carrier” frequencies so that they do not interfere with each other by
transmitting on the same (or too closely spaced) frequencies). Also, depending on many
factors (such as the station’s transmitted power, your location, obstacles) the strength of
the signal at your FM radio receiver may be weak or strong. The flash shows what might
happen if we apply the idea of a spectrum analyzer to examining the electronic signals
induced in a radio antenna. Note that the graph shows …..
To help us better understand the complexities of radio waves, let’s examine how
analog signals vary with time and with frequency. As a first case, consider a “pure”
(single-frequency) sine wave (see graph which is adjustable over part of the audio
spectrum). If an electrical sine wave with an audible (detectable by the ear) frequency,
were to be applied to a speaker, we could hear tones. Can you guess what the spectrum
analyzer picture of this pure tone would be? (see flash) Yes, the graph of the sine wave
in frequency is a single line.
As a second case, imagine several sine waves all added together in time (see
graph). The resulting wave is more complex than a pure sine wave. We would hear
several tones (hear flash). Can you guess what the spectrum analyzer picture of this
combination of tones would be? (see flash) Yes, the graph of several tones show several
individual lines corresponding to the frequencies of each tone. As a final case, imagine
if we had a complex signal, like a voice or a musical instrument. Can you guess what it’s
spectrum analyzer graph would look like? If you had a large number of different tones,
you could represent this as a “continuous” spectrum of closed spaced individual tones
(see flash) add analogies like fm radio, visible light, etc.
WEB LINKS
This is the most generic digital signal. The pattern of voltage changes versus time
depicted in the graphic is called a square wave. There are many ways to represent data
with digital signals (encoding graph).
Upon first looking at the voltage versus time graph of the signal, it may be
difficult to imagine that it can be built out of sine waves. Which sine waves? The
mathematics to calculate this is beyond this course, but we can follow the rule which has
been de. Consider this rule as but one example of how the right combination of sine
waves can create very important digital waves. The rule is that you begin with the
fundamental frequency f with the amplitude A. Then you add in the odd harmonics – 3f,
5f, 7f, 9f. But you do not add them in with equal amplitudes, but rather with amplitude
1/3, 1/5, 1/7, 1/9, etc. The general principle involved here is that various complex
waveforms will have somewhat complex spectrum graphs.
WEB LINKS
A square wave, or a square pulse, can be built by using the right combination of sine
waves. The main graphic shows how the square wave (digital signal) can be built with
sine waves (analog signals). This is important to remember as you examine what
happens to a digital pulse as it travels along networking media.
Most complex waves in time can be represented by an appropriate combination of
pure sine waves
• Show the construction of a sine wave as a simple animation: fundamental, third
harmonic, 5th harmonic, 7th harmonic
• Explain more from a graphical addition perspective and clarify xyz vs v vs t
Chapter3\ch3_FourierSynthesis\ch3_FourierSynthesis.swf
WEB LINKS
(FLASH)Chapter3\ch3_AnalogToDigitalConversion\ch3_AnalogToDigitalConversio
n.swf
We have just seen how complex analog waves, and digital waves, can be “built” out
of sine waves. Another way to look at the connection between analog and digital is to see
how an analog wave can be converted into binary digits representing that analog wave.
The graph shows a sine wave. Our goal is to completely represent this wave (with its
continuous variation in voltages) into a set of binary numbers (bits). Then digital
computers and communications networks can transmit the stream of bits quickly and
with few errors. This process is called “analog-to-digital” (A to D) conversion.
How does this work? Analog waves amplitudes can be “sampled” in specific
instances in time, assigned binary values, and converted to a stream of bits. The
animation shows the process. First, draw grid lines with analog voltage values on the
vertical axis and time on the horizontal axis. Second, draw horizontal and vertical grid
lines. Third, draw one full period of the sine wave. This is the analog wave which we
wish to convert to binary.
Fourth, add to the vertical axis the decimal numbers 0 through 15 and their binary
equivalent. Add appropriate grid lines for these levels. We are representing the voltage
scale in terms of a new scale, the binary equivalents of the voltage scale.
Fifth, we must decide at what points we must measure the analog wave to make the
binary conversions. This process of measuring the analog wave only at certain time
intervals is called “sampling.” How many samples should we take? If we took say 4
samples during the sine wave, we’d see this. Clearly not a very good representation of
the sine wave. How about 10? As you see the more samples we take, the better we
represent the wave. But the more samples we take, the more bits we will have to send?
Is there a happy medium? Yes. Based on a formula called the “sampling” theorem, if we
sample at a rate greater than twice the frequency of the wave we will be able to
reconstruct the wave without error. The frequency of the wave is ? , so we will take ?
samples to represent the wave. Sixth, mark the sampling points on the x axis.
Seventh, draw a vertical line up from each sampling time up to the value of the
waveform at that time. Eighth, Read the analog value and it’s digital equivalent.
The chart shows the binary values of the wave at the sampling times. Once we package
these values with the sampling intervals and some other information, we can send a
stream of bits across our digital network.
This processed can be exactly reversed – the bit stream can be decoded, giving analog
values each time. This process occurs whenever you play a musical compact disk. The
music is encoded as bits in the plastic of the CD; these bits undergo a Digital to Analog
(D to A) conversion, are processed by more electronics, and become the music you hear.
FLASH units_of_bandwidth.swf
Bandwidth is an extremely important concept in communications systems. There
are two ways of looking at bandwidth that are important for the study of WLANs –
analog bandwidth and digital bandwidth. Let’s explore these types of bandwidth in more
depth.
What is analog bandwidth?
Analog bandwidth typically refers to the frequency range of some aspect of an analog
electronic system. For example, analog bandwidth could be used to describe the range of
frequencies radiated by an FM radio station. Or analog bandwidth could refer to the
range of frequencies which is passed by an electronic amplifier, as in the different parts
of a graphical equalizer. Or analog bandwidth can refer to the range of frequencies
which could propagate without unacceptable attenuation down a copper cable or optical
fiber.
The units of analog bandwidth are the units of frequency, cycles per second, Hertz.
Bandwidth is the measure of how much information can flow from one place to another in a given
amount of time. There are two common uses of the word bandwidth: one deals with analog
signals, and the other with digital signals. You will work with digital bandwidth, called simply
bandwidth for the remainder of the text.
You have already learned that the term for the most basic unit of information is the bit. You also
know that the basic unit of time is the second. So if we are trying to describe the AMOUNT of
information flow in a SPECIFIC period of time, we could use the units "bits per second" to
describe this flow.
Bits per second is a unit of bandwidth. Of course, if communication happened at this rate, 1 bit
per 1 second, it would be very slow. Imagine trying to send the ASCII code for your name and
address – it would take minutes! Fortunately, much faster communications are now possible. The
chart summarizes the various units of bandwidth.
Digital Communications
Bandwidth is a very important element of networking, yet it can be rather
abstract and difficult to understand. Following are three analogies that may
help you picture what bandwidth is:
[Place the cursor of your mouse over the numbers in the animation to the left
to view different bandwidth analogies.]
Keep in mind that the true, actual meaning of bandwidth, in our context, is
the maximum number of bits that can theoretically pass through a given area
of space in specified amount of time (under the given conditions). The
analogies we've used are only used here to make it easier to understand the
concept of bandwidth.
Bandwidth is a very useful concept. It does, however, have limitations. No matter how you send
your messages, no matter which physical medium you use, bandwidth is limited. This is due both
to the laws of physics and to the current technological advances.
Figure illustrates the maximum digital bandwidth that is possible, including length limitations, for
some common networking media. Always remember that limits are both physical and
technological.
Figure summarizes different WAN services and the bandwidth associated with each service.
Which service do you use at home? At school?
Imagine that you are lucky enough to have a brand new cable modem, or your local
store just installed an ISDN line, or your school just received a 10 Megabit Ethernet
LAN. Imagine that movie you want to view, or the web page you want to load, or the
software you want to download takes forever to receive. Did you believe you were
getting all that bandwidth that was advertised? There is another important concept that
you should have considered; it is called throughput.
• internetworking devices
• type of data being transferred
• topology
• number of users
• user's computer
• server computer
• power and weather-induced outages
When you design a network, it is important that you consider the theoretical bandwidth.
Your network will be no faster than your media will allow. When you actually work on
networks, you will want to measure throughput and decide if the throughput is adequate
for the user.
An important part of networking involves making decisions about which medium to use. This often
leads to questions regarding the bandwidths that the user's applications require. The graphic
summarizes a simple formula that will help you with such decisions. The formula is Estimated
Time = Size of File / Bandwidth (see Figure). The resulting answer represents the fastest that
data could be transferred. It does not take into account any of the previously discussed issues
that affect throughput, but does give you a rough estimate of the time it will take to send
information using that specific medium/application.
Now that you are familiar with the units for digital bandwidth, try the following sample problem:
Which would take less time, sending a floppy disk (1.44 MB) full of data over an ISDN line, or
sending a 10 GB hard drive full of data over an OC-48 line? Use figures from the bandwidth chart
shown earlier to find the answer.
2. Knowing how bandwidth works, and that it is finite, can save you lots of money. For
example, the cost of various connection options from Internet service providers depends,
in part, on how much bandwidth, on average and at peak usage, you require. In a way,
what you pay for is bandwidth.
4. There are two major concepts to understand concerning the "information superhighway".
The first is that any form of information can be stored as a long string of bits. The second
is that storing information as bits, while useful, is not the truly revolutionary technology.
The fact that we can share those bits - trillions of them in 1 second - means modern
civilization is approaching the time when any computer, anywhere in the world or in
space, can communicate with any other computer, in a few seconds or less.
5. It is not uncommon that once a person or an institution starts using a network, they
eventually want more and more bandwidth. New multimedia software programs require
much more bandwidth than those used in the mid-1990s. Creative programmers are
busily designing new applications that are capable of performing more complex
communication tasks, thus requiring greater bandwidth.
Audible tranmission/voice/telephony
WEB LINKS
Imagine a situation where you want to start a radio station. Since its FM radio for
music, you will convert the sound waves, with audio frequencies, into electronic waves,
again with the same audio frequencies. To keep things simple, you then convert the
electronic waves into electromagnetic waves with an antenna. This situation is simple,
but it will not work well.
First, what if another radio station nearby wants to transmit music as well. And they
choose to use your scheme. One problem becomes apparent already – your station’s
frequencies (music, 0 to 20 kHz) overlaps completely with another’s frequencies 0 to 20
kHz. Now imagine many radio stations. The result would be chaos in the frequency
spectrum with all of these overlapping channels, and in the time domain you would get
noise. FLASH Other problems occur as well, pertaining to the electronic circuits and
antennae needed, the propagation characteristics of audio-frequency EM waves, and the
noise characteristics of such a system. Is there a better way?
There is – use a “carrier” frequency, an electronic wave that is somehow
combined with the information signal and “carries” it across the information channel.
Some mathematics can help us here. In trigonometry there is a formula called the half
angle formula. It states that sin x * sin y = sin (x – y) + sin (x + y). Now you may have
used this to figure out angles if one is know. However, if we let x and y represent
frequencies, we can relable this formula as sin fc * sin fi = sin (fc – fi) + sin (fc + fi).
What have we done? If fc, the carrier frequency, is much higher than fi, then we have
changed the frequencies of the wave we transmit. FLASH, Looking at the spectrum
analyzer graph, the result is we have moved the information sine wave frequency to a
different place in the spectrum for transmission purpose. If we choose slightly different
carrier frequencies, all of the FM radio signals can coexist in the same physical area.
Using the carrier, we also solve many circuit, antenna, propagation, and noise problems.
Think of your favorite FM radio station. It probably has “call letters”. But the
more practical way for you to think about the station is it’s carrier frequency, which is
what you tune into. For example, if we have KCSCO radio station in San Jose California
tranmitting an audio spectrum, we might apply to the FCC to get a license to use 101.3
MHz as our carrier frequency. For WLANs, the carrier frequency is 2.4 GHz.
Flash script:
Step 1: we have 3 people who want to set up radio stations in the same neighborhood.
All 3 stations want to broadcast music with frequencies (tones) ranging from 60 Hz to 15
KHz. They propose a system where the music is processed electronically. The electrical
waves are converted to electromagnetic waves OF THE SAME FREQUENCY to a
receiving antenna, which converts the radio waves back to electrical waves. The
One of the most important documents of the information age is a paper written by
an engineer-mathematician named Claude Shannon. The paper, entitled “A Mathematical
Theory of Communication”, shannon1948.pdf, was published in the Bell System
Technical Journal in 1948. This paper is considered a foundation of modern
communication systems (analog and digital) and marked the beginning of what is now
called “information science”. The engineering and mathematical ideas in this paper are
complex. We shall only examine a small part of them, but this will set the tone for our
analysis of WLANs, one form of digital communication system.
One of Shannon’s contributions was to create a schematic diagram of a general
communication system. Electrical Engineers frequently use block diagrams to express
how an electronic system is supposed to work. The block diagram has boxes that
represent devices and processes, but do not include any details of them (such details are
left for many other diagrams). Shannon’s general communication system has 6 blocks.
The information source produces a message. The transmitter “operates” on the message
in some way to produce a signal suitable for transmission over the communications
channel. The channel is the medium used to transmit the signal from transmitter to
receiver. The noise source contributes unwanted energy, via the medium, to the signal.
The receiver performs the inverse operation of that done by the transmitter,
reconstructing the message (hopefully!) from the signal (which includes how much signal
actually made it to the receiver and includes noise). The destination is the person or thing
for whom the message is intended.
Chapter3\ch3_GeneralCommunicationSystem\ch3_GeneralCommunicationSystem.swf
Let’s examine an FM radio system using this terminology. The information source is
a compact disc at the radio station. message is a song, converted to voltage patterns as a
function of time. This message is processed by a considerable number of electronic
circuits (modulated, amplified, filtered,) before being radiated from the last part of the
transmitter, the radio station transmitting antenna. The channel in this case the medium –
primarily air – between the radio station and an FM radio receiver. The noise sources
include other EM waves, interactions with weather and obstacles, ….. The receiver
processes the received signal (transmitted signal, modified by losses and noise) with a
series of electronic circuits which are the inverse of what the transmitter did. The result
is the message (hopefully accurate) delivered to the destination person or device.
The full power of Shannon’s theories involves the mathematical analysis he
performed using this basic block diagram. Most of the math does not concern us here,
but there is one formula, which has come to be called the Shannon-Hartley formula. It
states that C = W log 2 (1 + S/N), where
C = the maximum information-carrying capacity of a channel
W = the bandwidth of the
Log 2 =
S/N = the signal to noise ratio, the amount of signal power divided by the amount of
noise power
For more practice, try the flash calculator. You look up W, and choose S/N values, and
the formula will tell
Chapter3\ch3_Shannon'sTheorem\ch3_Shannon'sTheorem.swf
WEB LINKS
The graphic shows a block diagram for a familiar communication system: FM broadcast
radio. Each “block” in the diagram may represent complex mathematical processing and
substantial electronics. The advantage of the block diagram view is to allow a high-level
understanding of the processes in a common communications system, so we can build up
to more complex communications systems like WLANs.
So what do the blocks do?
(Transmitting end)
Signal Source -- for example, the microphone for the DJs voice and the CD player
playing the music
Modulating signal – the electronic representation of the voice and the music
Carrier signal (local oscillator) -- set to the carrier frequency
Mixer -- achieves the mathematical operation by which the modulating signal alters the
carrier signal
Amplifier and Filter -- adds power to the signal and filters out unwanted noise
Antenna – converts time-varying voltages/currents into electromagnetic waves of the
same frequency
(Receiving End)
Antenna -- converts electromagnetic waves into time-varying voltages/currents of the
same frequency
Amplifier and filter – strengthens the signal and removes unwanted noise and unwanted
frequencies
Modulated signal – as pure a representation as possible of the sent modulated signal
Carrier signal (local oscillator) – should be as close to identical as the transmitted carrier
frequecy
Demodulator
Transducer -- some form of speaker to convert electrical waves to sound waves
WEB LINKS
WEB LINKS
3.6.1 Alohanet
WEB LINKS
In the CSMA/CD access method, networking devices with data to transmit over the
networking media work in a listen-before-transmit mode. This means when a device
wants to send data, it must first check to see whether the networking media is busy.
The device must check if there are any signals on the networking media. After the
device determines the networking media is not busy, the device will begin to transmit its
data. While transmitting its data in the form of signals, the device also listens. It does
this to ensure no other stations are transmitting data to the networking media at the
same time. After it completes transmitting its data, the device will return to listening
mode. -
Networking devices are able to tell when a collision has occurred because the
amplitude of the signal on the networking media will increase. When a collision occurs,
each device that is transmitting will continue to transmit data for a short time. This is
done to ensure that all devices see the collision. Once all devices on the network have
seen that a collision has occurred, each device invokes an algorithm. After all devices
on the network have backed off for a certain period of time (different for each device),
any device can attempt to gain access to the networking media once again. When data
transmission resumes on the network, the devices that were involved in the collision do
not have priority to transmit data. The Figure summarizes the CSMA/CD process.
Ethernet is a broadcast transmission medium. This means that all devices on a network
can see all data that passes along the networking media. However, not all the devices
on the network will process the data. Only the device whose MAC address and IP
address matches the destination MAC address and destination IP address carried by
the data will copy the data.
Once a device has verified the destination MAC and IP addresses carried by the data, it
then checks the data packet for errors. If the device detects errors, the data packet is
discarded. The destination device will not notify the source device regardless of
whether the packet arrived successfully or not. Ethernet is a connectionless network
architecture and is referred to as a best-effort delivery system.
Another way to deal with shared access is to have some agreed-upon authority set
fixed frequencies to be used in the shared media. Thus the multiple stations that seek to
transmit may transmit simultaneously, without collisions, as long as they use their
assigned carrier frequencies and rules on power and interference. Receivers must
somehow tune (adjust) which carrier frequency they will detect to obtain a specific
station’s broadcasts.
A good example of this is commercial FM Broadcast radio. The shared medium
is the atmosphere around and above a city. The multiple access is various radio stations
wanted to broadcast their programs to listeners. Some government institution (in the US,
the FCC), assigns licenses to the different stations, which specify which carrier frequency
a given station may use (and what maximum bandwidth may be transmitted, so as to
carve up the finite FM broadcast spectrum into usable pieces. The finite spectrum for
commercial FM is 87.9 to 107.7 MHz (about . The carrier frequency are spaced at least
0.2 MHZ (200 kHz) apart.
WEB LINKS
The entire spectrum has been broken up into bands. Some are subdivided by
licensing. Other bands allow any users as long as they stay within the overall licensed
band. The 2.4 GHz ISM band is a good example. Within this band, the frequencies are
unlicensed. Note however that while within the 2.4 GHz band the frequencies are not
licensed (allocated by an authority), the 2.4 GHz band has a limited size which is in fact
set by regulation. This means that the shared media is prone to collisions (use of the
same frequencies) unless something is done to deal with this.
The technique currently used is called carrier sense multiple access collision
avoidance, or CSMA/CA. It similar in many respects to CSMA/CD. ……….see
stallings book or other reference
Chapter3\ch3_FDMA_TDMA_CDMA\ch3_FDMA_TDMA_CDMA.swf
WEB LINKS
Studying how EM waves travel and interact with matter can get extremely complex.
However, there are several important simplifications we can make so we can more easily
study the properties of EM waves. Historically, these simplifications developed for light
first, but they also apply to radio waves and microwaves and indeed the entire EM
spectrum. Since the EM wave with which we are most familiar are the waves we can see
– visible light – we will discuss the properties of light to help us understand radio waves.
Light can be considered as being made of waves (simplified as sine wave energy
patterns, which travel through space, as time goes on) and as particles (called “photons”,
quanta of energy). For our purposes in understanding WLANs, we will focus upon the
“wave” picture of light (and EM waves).
Imagine a water wave breaking upon a reef or beach. The wave “front” – often white
tipped when the waves are big enough – refers to the “width” of the wave as it comes at
you. If the wave is wide enough to notice, we could represent its direction of travel with
an arrow (a geometric ray), perpendicular to the wave front. This same simplification can
be used to represent light waves and is called geometrical (or “ray”) optics. You can
understand many things, like mirrors, lenses, human eyes, eyeglasses, telescopes, and
microscopes using ray optics. A similar simplification can be made for other EM waves,
such as radio waves and microwaves.
WEB LINKS
What happens when light travels in vacuum, like outer space? Consider again the
water waves. In addition to the direction in which the water wave is traveling, we may
also be interested in how much time it takes for one particulary wave front to travel from
point a to point b. We could describe this in terms of the velocity (dx/dt) of the wave
front. What is the velocity of light? The technical term for light as is travels is
propagation, the light “propagates.” Light (and all EM waves), when in vacuum (the
absence of matter), travel at 3.0x 108 m/s, represented by the symbol “c”, the speed of
light. For most of its long journey, starlight propagates in this manner from near and far
in the universe. Amazingly, the earliest TV and radio signals from earth have now
traveled ? meters and continue to travel. Using rays, can you draw how light (or
microwaves) propagates in free space? EM waves will continue on in their original
direction forever unless they encounter other matter. So the correct picture is to show the
ray continuing without alteration. FLASH
How does this apply to radio waves? In vacuum, 2.4 GHz microwaves travel at c.
Once started, these microwaves will continue in the direction(s) they were emitted,
FOREVER, unless they interact with some form of matter. So we will use the geometric
ray to signify that the microwaves are traveling in free space. Since WLANs are usually
on earth within the atmosphere, the microwaves are traveling in air, not vacuum. But in
the next section we will see that this does not significantly change their speed (however
the atmosphere does do many other things to the microwaves which will be discussed
later)
WEB LINKS
What happens when light travels in matter? If the matter is transparent (meaning
much of the light can travel through the medium without being dramatically altered), the
light slows down. How much? The velocity of light in transparent media is v = c / n,
where n – known as the index of refraction – is a measurable characteristic of the
medium. The chart show n values for vacuum, air, water, glass, and diamond. Try out
the calculator – as you put different n values in the formula, you can see how the speed of
light changes. Note that regardless of the transparent material, light is still traveling very
fast. Similar calculations can be done for radio waves. Using rays, can you draw how
light (or microwaves) propagates in transparent media? So the picture is to show the ray
continuing without alteration, but with the understanding the material slows down the
light and that the material will eventually attenuate the light by absorbing some of its
energy.
FLASHChapter3\ch3_PropagationOfLightInMatter\ch3_PropagationOfLightInMatter.sw
f
How does this apply to radio waves? The velocity of 2.4 GHz Microwaves
changes as they travel through matter. However, the n values depend heavily on the
frequency of the waves, and in a complex fashion. It is not necessary for our purposes to
perform calculations with these numbers. But as we will see in the next 2 sections, the
fact that WLAN radio waves travel through matter does cause a variety of important
phenomena.
WEB LINKS
Under what conditions will light bounce back in the general direction from which it
came? Consider a smooth metallic surface as an interface. As light hits this surface,
much of its energy will be bounced or “reflected”. If we consider one ray of light
bouncing off of such a surface, how can we determine what angle the reflection will
occur? Think of your common experiences, looking at a mirror , or shining a flashlight,
or watching sunlight reflect off metallic or water surfaces. It would appear that the light
reflects And indeed, the law of reflection states that for a light ray the angle of reflection
(measured from the normal) will be equal to the angle of incidence (measured from the
normal). Using rays, can you draw how light reflects?
There are two other important ways light reflects. One has already been mentioned –
when light travels from one medium to another, a certain percentage of the light is
reflected. This is called a Fresnel reflection. An for certain angles of rays of light, where
the light originates in a material with a higher index of refraction than the material that
surrounds, a principle called total internal reflection (TIR) occurs (this is the principle
which explains why diamonds sparkle and how optical fiber works as a light pipe).
How does this apply to radio waves? While the materials may in some cases be
different, radio waves experience reflections off surfaces. These reflections can be
described simply by the law of reflection.
Radio waves reflect when entering different media. And radio waves can bounce off
of different layers of the atmosphere. The reflecting properties of the area where the
WLAN is to be installed are extremely important and can make the difference between a
WLAN working or failing. Chapter3\ch3_LawOfReflection\ch3_LawOfReflection.swf
WEB LINKS
What happens when light traveling in one medium enters a second medium? Let’s
call the boundary between the medium the “interface”. For simplicity, let’s make the
interface straight and smooth. For reference purposes, let’s draw an axis – perpendicular
to the interface – which we call the “normal”. If the light enters the second medium
straight on, reprented by a ray perpendicular to the interface, some of the light will be
reflected. This is called a Fresnel reflection. You can see one if you are in a lighted
building at night and you stare through a window at the darkness – a certain amount of
room light reflected off you does not travel outside, but rather reflects back at you
because the light left the air medium and entered the glass medium. You see your image.
The light traveling through the second medium changes speeds as well, according the the
v = c/n law.
What if the light ray were NOT perpendicular to the interface, but rather at some
angle? Because of the difference in the speed of light in the two medium, when the ray
hits the interface it will change direction or “bend”. This process is called refraction.
Refraction – the bending of light at an interface – helps explain how our eyes work and
how eyeglasses can assist our vision, amongst many other phenomena.
If light bends at the interface, in which direction does it bend and how much does it
bend? If light encounters an interface where n1 < n2, then it bends towards the normal.
If light encounters an interface where n1 > n2, then light bends away from the normal.
(what do you think happens if n1 = n2?). Snell’s law of refraction says that given 3 out
of the 4 following quantities: n1, n2, theta 1 relative to the normal, and theta two relative
to the normal – we can calculate the forth quantity, using algebra and trigonometry. For
our purposes, we will use the formula which answers the following question: given theta
1 (the angle of incidence), and n1 and n2 (known properties of the media), at what angle
will the light bend (relative to the normal) in the second media? Formula are easier to
read than long sentences, so we have theta 2 = arcsin (n1/n2 sine theta 1).
For practice, consider the following problem. A light ray is incident at 23 degrees to
the normal. If the first material is glass and the second material is water, at what angle
will the ray continue traveling? Using ray pictures, First decide whether the light will
bend towards or away from the normal. Then use the calculator to find the exact angle at
which the ray bends. Chapter3\ch3_OpticalRefraction\ch3_OpticalRefraction.swf
How does this apply to radio waves? Radio waves bend when entering different
materials. This can be very important when analyzing propagation in the atmosphere. It
is not very significant in WLANs, but we include it here as part of general background
for the behavior of Electromagnetic waves.
WEB LINKS
What happens when light encounters obstacles that are approximately the same size
as one wavelength of light? To help us picture this, imagine an ocean wave hitting an
obstacle, such as a breakwater or pier or even rocks. You may notice a complex wave
pattern resulting from the waves reflecting off of the obstacle interacting with each other
and with the incoming waves. The spreading out of a wave around an obstacle is called
“diffraction”. Sometimes this spreading is refereed to as “bending” around an obstacle,
but we will avoid using that description since it could be confused with refraction, which
is an entirely different process.
Light undergoes diffraction as well. Two classic physics experiments showed that if
light hits an obstacle, such as a small hole or pair of holes, the resulting pattern of light
has dark and light bands. This is due to destructive and constructive interference of the
light. Using ray pictures, can you describe how light will diffract around the given
obstacle? Diffraction of light occurs in everyday life, such as the ROYGBIV color
spectrum when you hold a compact disk at certain angles relative to a light source (the
small light waves are interacting with the small patterns on the compact disc).
How does this apply to radio waves? Radio waves undergo both small-scale and
large scale diffraction. An example of small scale diffraction is radio waves in a WLAN
spreading around doors. (see graphic) An example of large-scale diffraction is radio
waves spreading around mountain peaks to an inaccessible area. (see graphic)
WEB LINKS
What happens when light hits small particles? Depending on the frequency of the
light and the size and composition of the particles, a phenomenon called scattering is
possible. Scattering typically results in the redirection of the incoming wave energy into
directions other than the intended direction.
The sun gives off ROYGBIV and other EM waves. If there were no atmosphere, the
light would come straight from the sun and the rest of the sky would be dark except for
other stars. This is the view from the moon. Yet the sky is blue. Why? Because the
molecules in the atmosphere scatter blue light much more than the other colors. The
result is that while the sunlight of most colors comes straight in towards an observer on
earth, the blue light is scattered over such a large portion of the atmosphere that the
atmosphere essentially appears to “glow” blue. Light scatters off of all kinds of
materials. Using a bunch of parallel rays (one ray for each color), show how sunlight
scattering off of an area of the atmosphere would make regions of the sky look blue.
How does this apply to radio waves? Radio waves scatter off many particles and
materials as well.
WEB LINKS
Chapter3\ch3_FreeSpaceLossSimulation\ch3_FreeSpaceLossSimulation.swf
WEB LINKS
•0dBd = 2.12dBi. We convert all dBd ratings to dBi by adding 2.2 to the dBd
value
(had to be a marketing guy rounding off!)
•A 3dBd antenna = 5.2 dBi.
•We rate ALL our antenna in dBi.
•Some vendors still use dBd.
Some use BOTH.
DISTANCE Calculation
Distance=(300/Freq)*(conversion to metric to miles)*
11Mb (300/2442)*(39/12)*(1/5280)*EXP((120.32-22-10)/6*LN(2))=5.77miles
•The Antenna Calculation Utility on the previous slide will do all the math
for you. But you can do quick calculations with some simple math.
•Every increase of 6dB (higher antenna gain, shorter cables) will double
your distance.
•Every decrease of 6dB (loss such as cables or lower antenna gain) the
range will cut in half.
Building-to-Building
WLAN
In-Building LAN 1
In-Building LAN 2
Upon completion of this chapter, you will be able to perform the following
tasks:
Overview
The previous chapters covered the basic theory and operation of wireless technology,
wireless NICs and clients. Chapter 4 addresses the design, integration and practical
implementation of WLANs, i.e. real world WLAN scenarios. Topologies and
components of WLANs are presented to provide prerequisite knowledge for network
design and deployment.
Figure 1: would like to use 360 demo of a laptop or other existing flash animations
which show PCMCIA slots
http://www.dell.com/us/en/biz/products/model_latit_latit_c600.htm
Figure 2:Workstations
Figure 4: Flash animation: show the WLAN PCMCIA card insertion process.
The most common devices used in WLANs are laptop and desktop workstations. 1, 2
Laptops are easily transported for use at home or on the road, eliminating the expenses or
need for two systems (one at work, and one at home) per employee. This also eliminates
the need to constantly transfer files between two PCs, and the worries of not having an
important file on the workstation you are on.
Laptop computers and notebook computers are becoming increasingly popular, as are
palm top computers, personal digital assistants, and other small computing devices. The
main difference is that components in a laptop are smaller than those of a desktop – the
expansion slots are PCMCIA slots, where NICs, wireless NICs, modems, hard drives and
other devices, usually the size of a thick credit card, can be inserted. 4 The use of
wireless NICs eliminates the need for cumbersome adapters, connectors and cables.3
Desktops can easily be converted from wired to wireless systems by changing the NIC
and deploying access points. This may seem a step backward if 10/100 Ethernet is
already installed, however, any subsequent office reorganization will not require
rewiring. As long as applications do not require high bandwidth (greater than 11 Mbps),
WLANs are a viable choice for network connectivity.
Corporations can order laptops or desktops with installed wireless NICs for their
networks. The Dell “4800 True Mobile” series products, available in laptops, are Aironet
products which can inter-operate with any IEEE 802.11b compliant devices. Product
Devices such as PCs and laptops operate at all seven layers of the OSI Reference Model,
i.e. they perform processes that can be associated with each layer.5
Web Resources
Dell Computer
http://www.dell.com
HP
http://www.hp.com
Compaq
http://www.compaq.com
IBM
http://www.ibm.com
Figure 1:
Mobile Computers
Design
• Key-based Computers
• Pen/Touch Computers
• Wearable Scanning/Computing
• Stationary & Vehicle mount Terminals
Communication Types
• Batch Processing
• Real Time Communications
Operating Systems
• Palm OS
• MS DOS
• Windows CE
Key-based devices are used for manual entry of data-intensive applications.2 They are
built with full alphanumeric keyboard and LCD display. Most are based on Windows
CE, Palm or DOS operating systems. Key-based computers are found in many
businesses such as retail, warehousing, and shipping.
Pen-based devices utilize a pen-like stylus and do not have keyboards or keypads.3 They
are specifically designed for information intensive applications. They are very rugged,
mobile, and do not require keyboard entry of data.
Vehicle mount mobile devices are used on motorized pallet jacks, forklifts, or mobile
carts.4 Many can port to a bar code scanner, enabling operators to transmit and receive
data from a remote application server. They come with different features including
keyboards, menu driven and touch screen displays.
Several operating systems are used in mobile computers. The primary ones are MS DOS,
Palm OS, Windows CE and Pocket PC. DOS, a very basic and efficient OS, will run
only one program at a time. The Palm OS, a simple open standard OS, will run multiple
programs at once. The Palm comes licensed for use in many mobile computing devices
and is easily customized with 3rd party software. Windows CE, a simpler version of
Windows, has the look and feel of Windows 95/98 and allows multitasking. Pocket PC, a
version of Windows CE, has an intuitive user interface and Internet browsing capabilities.
If mobile computer are not compatible with the desktop PC protocols, additional software
may be needed.
The current first phase of 802.11b compliant voice devices include handheld devices
from Cisco and Symbol.5 The second phase of wireless voice devices will support both
data and voice applications on one handheld device such as a Compaq iPaq.6 IEEE
802.11b compliant voice products must be integrated with a server based voice
management platform such as Cisco’s Call Manager. This is presented later in the section
on Cisco’s Architecture for Voice, Video and Integrated Data (AVVID).
Mobile devices are based on many wireless standards. It is important to use 802.11b
compliant devices as WLAN access points. The major advantage is speed, reliability and
real time data communications. Equally important is choosing software applications
which are compatible with all the devices used in a given topology or setup. Other
concerns include battery life and durability.
Symbol Technologies
http://www.symbol.com
Aironet client adapters or wireless NICs are radio modules that provide transparent data
communications through the wireless infrastructure.1 The client adapters are fully
compatible when used in devices supporting Plug-and-Play (PnP).
There are three types of client adapters: NDIS, ODI and Packet.
NDIS (Network driver interface specification) is a NIC driver specification that is
independent of the hardware and protocol being used. The current version is NDIS3 in
Windows NT, which is backwards compatible with earlier versions NDIS2, and NDIS.
ODI (Open Data-Link Interface) is a Novell specification that allows multiple protocols
to use a single NIC.
Packet is used with DOS-based IP stacks. Examples of IP stacks that work with aironet
wireless NICs are FTP Software, Netmanage, Trumpet, and a variety of other winsocks.
Figure 4: Bridges
Access
Point
Hub WGB
Server
Access Points (APs), like NICs and client adapters, are Layer 2 devices. 1 The Cisco
Aironet 340 Series Access Point (use 350?), shown in Figure 2, is a wireless LAN
transceiver that can act as the center point of a stand-alone wireless network or as the
connection point between wireless and wired networks. In large installations, the roaming
functionality provided by multiple Access Points allows wireless users to move freely
throughout the facility while maintaining seamless, uninterrupted access to the network.
Wireless bridges also operate at Layer 2. 3 The Cisco Aironet workgroup bridge (WGB)
product, 4, connects to the Ethernet port and provides connectivity to an AP. It cannot be
used in a peer-to-peer (ad hoc) mode.
The WGB can provide up to eight wired machines with connectivity to the same radio
device. This is ideal for connecting remote workgroups to a wired LAN. 5 The WGB
must be connected to a hub along with all users in the workgroup. The WGB will
automatically select the first 8 MAC addresses it hears on the Ethernet, or the addresses
may be entered manually into a table. If there are more than 8 MAC devices, ONLY the
first 8 are used, and all others MAC address packets will not be acknowledged. A “smart”
hub may take one of the available MAC address entries. This MAC address may be
removed from the table manually to allow the 8 client to use the WGB.
Figure 1: Antennas
Symbol
<
Signal
Icon
Cisco Aironet access points are available with either captive dipole antennas or reverse
TNC connectors. The TNC connector can attach to different antenna types, whatever is
appropriate for the specific application. 1
Antennas operate at layer 1 of the OSI Reference Model. 2 The physical layer defines
the electrical, mechanical, procedural, and functional specifications for activating,
maintaining, and deactivating the physical link between end systems. This includes
characteristics such as voltage levels, timing of voltage changes, physical data rates,
maximum transmission distances, physical connectors, etc. Specific types of antennas
are required for DSSS, FHSS and IR technologies.
Flash Animation: Begin with the first graphic. Add additional icons at Layer 7.
Figure 3: Routers
Access Router
Figure 4: Switches
Workgroup High End
Si
Mainframe Server
Figure 6: Printers
Figure 7: IP phones
WLAN topology should be an extension to an existing scalable LAN. The best scalable
internetworks are typically designed in layers following a hierarchical model. A large
network operation can be broken into smaller functions (layers) that can be dealt with
separately. The importance of layering can be seen with the OSI reference model, a
layered model for understanding and implementing computer communications.1 The
entire network communications process is broken down into smaller, simpler steps
(layers), and devices are available for the functions at each layer. Networks are then build
from these devices.
Hierarchical models for internetworking design also use layers to simplify the overall
task. Each layer is focused on specific functions, and the entire internetwork design can
be build from features or devices of each layer. As a result, a hierarchical model
simplifies the design and management, provides modularity and scalability, and allows
for controlled growth without sacrificing internetwork requirements.2
The internetwork design utilizes traditional wired devices such as routers, switches,
servers and printers (Figures 3 through 6). Devices from developing technologies such as
voice over IP (VoIP) can also be used.7 Finally, network security devices such as
firewalls, VPN devices, and intrusion detection systems are becoming requirements for a
secure LAN/WAN. 8 All of these devices must be considered when implementing a
WLAN solution. WLANs will continue as a predominant portion of today’s network
system.
Figure 1: Modularity
Figure 2:
Core layer
The core of the network has one goal: switching packets. The following two basic
strategies will accomplish this goal:
• No network policy implementation should take place in the core of the network.
• Every device in the core should have full reachability to every destination in the
network.
The core layer is the central internetwork for the entire enterprise and provides
connectivity to remote sites. The primary function of this layer is to provide an optimized
and reliable transport structure and to forward traffic as fast as possible. Therefore, the
core of the network should not perform any packet manipulation. Packet manipulation,
such as access lists and filtering, would only slow down the switching of packets. For
full reachability, it is advantageous to have redundant paths.
Distribution layer
The distribution layer represents the campus backbone. The primary function of this layer
is to provide access to various parts of the internetwork, as well as access to network
services. The distribution layer provides boundary definition, and is the demarcation
point between the access and core layers. Policy-based connectivity is implemented at the
distribution layer. In the campus environment, the distribution layer can include several
functions, such as:
• Summarizes routes
• Provides for area, address, or traffic aggregation
• Location of enterprise servers
• Provides for virtual LAN (VLAN) routing
• Offers security
Access Layer
The access layer feeds traffic into the network, performs network entry control, and
provides other edge services. In doing so, the access layer provides access to corporate
resources for a workgroup on a local segment. It is at this point where WLANs should be
deployed. Access lists or filters can be used to control user access to the network, or to
further optimize the needs of a particular set of users. WLAN access points can be
configured to filter traffic as well. In a campus environment, access-layer functions
include the following:
• Shared bandwidth (Hubs)
• Switched bandwidth (Switches)
• Media Access Control (MAC) layer filtering
• Microsegmentation
With the development of wireless bridging and antenna technology, the access layer
traffic can span significant distances. WLANs can be a cost effective solution for
building-to-building connectivity up to 25 miles.
Part 1:Show HQ building, light up a window in the main building then zoom out to a
circular area to show a LAN topology using WLANs. Label this as In-building LAN 1.
Next, show the remote building, light up a window then zoom out to another in-building
LAN. Label as In-building LAN 2.
In-Building LAN 1
In-Building LAN 2
Building-to-Building
WLAN
Part 3: Now show end-to-end connectivity from a laptop at HQ to remote site. Show the
wireless signal from the laptop to the AP. Then show packet flow from the AP to the
switch, router to the bridge. Then show a signal pattern through the coax to the antenna.
Convert to a wireless signal to the remote antenna. Convert back signal flow across the
coax to the remote bridge. Resume packet flow to the router, switch and AP. Switch to
wireless signal to the remote laptop.
Building-to-Building
WLAN
In-Building LAN 1
In-Building LAN 2
WLANs provide complete flexibility. Wireless bridges allow two or more physically
separated networks to be connected on one LAN, without the time or expense of
installing a dedicated media.
Figure 2:
Its not 11 Mbps @ 25 miles, isn’t it 1 or 2 Mbps at the full distance? The rate drops
…….
School District
Metropolitan Area Network
WLAN Categories
WLANs are access layer elements or products. Wireless LAN products fit into two main
categories: wireless in-building LANs and wireless building-to-building bridges. 1
Wireless LANs replace the layer one traditional wired transmission medium with radio
transmission through the air. WLAN products can plug into a wired network and
function as an overlay to traditional or wired LANs, or can be deployed as a standalone
LAN. They are typically within a building, and for distances up to 1000 feet. WLANs
can provide access to the network from anywhere in the facility, allowing users to roam
without losing network connection.
WLANs provide complete flexibility. Wireless bridges allow two or more physically
separated networks to be connected in one LAN, without the time or expense of installing
a dedicated media. 2 3
Flash Animation: Begin with basic LAN topology(fig1). Then slide in a Access Point
then workstations. Begin signal broadcast to/from AP & w/s. Show end to end
connectivity from a wireless w/s signal to the AP, then a packet flow to the hub, switch,
server & internet, then return packet flow to the AP & signal to the w/s.
Figure 1:
Channel 1 Channel 6
LAN Backbone
(The text refers to the coverage area as “microcell’, the figure labels them as
wireless cell.? Need to be consistent in terminology.)
In a wired LANs, users are in fixed locations based on the wired media. WLANs are an
extension to the wired LAN network.1 WLANs can be an overlay to or substitute for
traditional wired LAN networks. With WLANs, mobile users can:
• Move freely around a facility
• Enjoy real time access to the wired LAN, at wired Ethernet speeds
• Access ALL the resources of wired LANs
The Basic Service Area (BSA), also referred to as a “microcell”, is the area of RF
coverage provided by an access point.2 To extend the BSA, another access point (AP)
can be added. (The name “access point” indicates that this unit is the point at which
wireless clients can access the network.) The AP attaches to the Ethernet backbone and
communicates with all the wireless devices in the microcell. The AP is the master for the
microcell, and controls traffic flow to and from the microcell. The wireless devices do
not communicate directly with each other; they communicate with the AP.
To extend the coverage range, any number of cells can be added to give an Extended
Service Area (ESA). It is recommended that the ESA cells have 10-15% overlap to allow
remote users to roam without losing RF connectivity. Bordering cells should be set to
different non-overlapping channels for best performance. Figure 2 shows an ESA made
up of two microcells with an overlapping area of coverage.
Figure 1:
Channel 1
LAN Backbone
Channel 1
Wireless Clients
Figure 2:
In an environment where extended coverage is needed, but access to the backbone is not
practical or available, a wireless repeater can be used.1 A wireless repeater is an access
point that is not connected to the wired backbone. This setup requires a 50% overlap of
the AP on the backbone and the wireless repeater. Data rates will decrease due to receive
and re-transmit times involved. Large distances up to 2 hops (one repeater) on a Cisco
Aironet system is permitted to get data from a remote to a backbone. 2
The availability of Ethernet connections is fairly common within the buildings. Repeaters
should be used to extend AP coverage from the building to the surrounding outdoor areas
for temporary use. An example would be a customer’s use of repeater-mode APs to
extended coverage into the parking lot for a sales event.
The client association is assigned to the wired/root AP and not to the AP acting like a
repeater.
Note: When the AP is in repeater mode, it cannot be pinged, telneted to, or accessed by
the browser.
Figure 1:
Flash Animation: begin with the Channel 1 AP and cell ring. Show laptop 1 signaling
with AP 1. Slide in an obstacle such as a desk or equipment followed by a broken signal.
Place an X on the signal, then wipe out the signal.
Part 2. Add a Channel 6 AP and cell ring. Show the same scenario with an broken link
between Ch1 AP and lap1, however when the link is broken between AP 1 and lap1, lap1
signal will switch over to Ch 6 AP.
Part 3. Maybe move the laptops around a bit demonstrating how they switch APs
seamlessly. Show this with a signal switching back & forth.
LAN Backbone
Channel 1 Channel 6
Wireless Clients
Figure 2:
In a LAN where communications is essential, two APs can be set up for redundancy.1
With Direct Sequence products in hot standby mode, both AP units will be set to the
same frequency and data rate.2 Only one unit will be active, and the other will be in
standby mode. If the active unit goes down, the standby unit will take over
communications with the remote clients. While this provides redundancy, it does not
provide any more throughput than a single AP. The Cisco DS systems can have the APs
set on different channels to provide load balancing for remote clients.3 With both APs
active, throughtput is twice that of a single AP. When one unit go down, remote clients
will transfer to the remaining unit and continue operating.
Figure 1:
Figure 2:
File Server
Access Point
Laptop with
Wireless
Adapter
Figure 4: Flash animation: redraw with horizontal lines (seven) label each line. Each
line may be different colors
Steps to Re-association:
Access Access
Point Point Adapter listens for beacons
A B from APs.
Adapter evaluates AP
beacons, selects best AP.
Adapter sends association
request to selected AP (B).
AP B confirms association
and registers adapter.
AP B informs AP A of
re-association with AP B.
AP A forwards buffered packets
Roaming from Access Point A to AP B and de-registers adapter.
to Access Point B
Association Process
When a Client comes on line, it will broadcast a Probe Request.3 Any AP that receives
the Probe Request will reply with a Probe Response. Based on the information in the
Probe Response, the Client decides which AP to associate with. The Client then sends an
authentication request to the desired AP. The AP authenticates the Client, and sends an
acknowledgement back. The Client then sends an association request to that AP. The
AP registers the client, puts it into the table, and sends back an association response.
From then on, the AP operates like an Ethernet hub with the Client connected to it. The
AP broadcasts a beacon at predetermined (and programmable) intervals. The beacon
broadcast contains information from the AP such as RF hops to the backbone, load,
hopping pattern, etc. The Client builds an information table about ALL APs it can hear.
It stores the information the APs send in the beacons, including the signal strength of the
AP. (flowchart graph here would be nice, if probe received AP, then AP reply, else
probes keep getting sent if and until AP reply, if AP reply received by client, then
client send authentication request etc…)
Re-Association Process
As client moves, the signal strength from its associated AP may decrease while the
strength of another AP may increase. At some point, BEFORE communication is lost,
the client will notify its associated AP, AP A, that it is transferring to the other AP, AP
B.4 APs, B and A, will also communicate to ensure any information buffered in A is sent
to B over the backbone, eliminating the need for retransmitting packets. If a client can
also communicate with another AP, the same handoff process can occur if the associated
AP becomes heavily loaded.
Figure 1:
Blue= 11Mb
Total Bandwidth=33MB!!!
Green=11Mb
Red=11Mb
The ability to scale throughput and add access points in the same cell area increases the
overall available bandwidth of any cell. 1
In the past, this scalability was limited to only FH (frequency hopping) products. DS
(direct sequence) products could not change channels without some reconfiguration. The
new 340 (350?) series products are “frequency agile”. This means that they will look for
the best channel. With 3 separate, non-overlapping 11Mb channels, 33 Mbps per cell can
be achieved.
Figure 1:
Channel Setup
Figure 2:
Figure 3:
The optimum placement and channel mapping will be discussed in later chapters on site
survey and design.
Figure 1:
1 Mbps DSSS
2 Mbps DSSS
11 Mbps DSSS
Figure 2: 340 AP
340 (30mW)
Cell Size Comparison
2 Mbps DSSS
200-275 feet radius
11 Mbps DSSS
80-100 feet radius
350 (100mW)
Cell Size Comparison
2 Mbps DSSS
250-350 feet radius
11 Mbps DSSS
100-150 feet radius
Figure 4:
Multi-rate Implementation
5.5 Mbps 5.5 Mbps 5.5 Mbps 5.5 Mbps 5.5 Mbps
The power level, at which an AP operates, directly affects the coverage area. Higher
power levels give increased range. The 340 series uses a 30mW radio, while the 350
series operates at 100 mW for increased range. The power level can be adjusted down to
create “pico-cells”, or smaller coverage cells. This may be done to prevent the AP’s
coverage from extending into another AP’s coverage area and causing interference.
As a client moves away from its assocaited access point, the signal attenuates or gets
weaker. To compensate, the AP shifts to a slower data rate. Lower data rates give more
accurate throughput, as well as better receiver sensitivity. This process is called multi-rate
The coverage area increases as the data rate decreases.1 Figures 2 and 3 show specific
distances and data rates for the series 340 and 350 APs respectively.
In the WLAN design, the number of APs and their location for network coverage is
directly affected by the AP’s bandwidth (data rate). Lower bandwidth gives more
accurate throughput and greater receiver sensitivity resulting in greater coverage
distances.
The effect of the bandwidth on coverage area is illustrated in the network in Figure 4. In
the example, seamless roaming would occur but not at a constant speed. To provide
coverage over the entire area (blue circles), the AP, using multi-rate technology, would
shift down the bandwidth to 2 Mbps. If 11Mbps is required everywhere, the APs must be
relocated closer together, so that the “white” 11 Mbps circles overlap. This would require
a greater number of APs.
In the WLAN design, distance and bandwidth are related – greater distances means
operating at a lower bandwidth. This will directly affect the number and location of APs
for coverage of the network.
Figure 1:
Building-to-Building
Design Considerations
Channel 1
•Third-party inference from same channel usage
•Potential problem in congested areas
Channel 1
Site 1C
Site 2A
Site 1D
Site 1A
Site 1B
Site 2B
Figure 1:
Cabled LAN
Cabled LAN
Cabled LAN
• Root=OFF
Cabled LAN
Cabled LAN
Cabled LAN
Wrong
Figure 2:
All 340/350 series Bridges are shipped with a default configuration of Root = “ON”. In
this configuration, the bridge accepts association and communicates only with clients and
repeaters. It will not communicate with other Root=”ON” bridge. There can be any
number of Root=”ON” devices in a WLAN, i.e. the access points for each cell.
If the Root = “OFF”, the operation is as a repeater.2 Here the repeater associates and
communicates to a Master Bridge (Root=”ON”) or to another repeater associated to a
Root. If the repeater is registered to a Master Bridge, it accepts association and
communicates with clients and other repeaters.
(The figures seem to imply that we are dealing with two different devices here –
bridge and access point. And the description of the operation seem to indicate
this too. Additional clarification is needed.)
Figure 1:
Point-to-Point Configuration
Building A Building B
Optional Optional
Antenna Antenna
0 to 25 miles
Bridge (line of sight)
Ethernet
Figure 2:
Building-to-Building
• Bandwidth
–Aggregation using FEC or MultiLink
–“bond” up to three bridge links
Up to 33Mbps
FEC FEC
In a point-to-point bridge, two LANs can be located up to 25 miles apart. 1 The antennas
MUST be in line of site with each other. Obstacles such as buildings, trees and hills will
cause communication problems. As the distance increases, the bandwidth decreases, but
even 1-2 Mbps at 25 miles is still better than many WAN technologies. In this scenario,
the Ethernet segments in both buildings act as one LAN. The bridge does not add to the
If more bandwidth, than the 11 Mbps of the 802.11 standard, is needed, up to three
bridges can be bonded together. Currently it is possible to use fast ether channel (FEC) or
multi-link trunking to bond or aggregate three bridges together to provide a potential of
33 Mbps of bandwidth.2
Figure 1:
Point-to-Multipoint Configuration
Ethernet
Building A
Bridge
Directional
Antenna
For multipoint bridging, an omni-directional antenna can be used at the main site.1 Line
of sight must be maintained between the remote sites and the main site. The remote sites
communicate with the main site, but not with each other directly. Traffic from one remote
site will be sent to the main site and then forwarded to the other remote site. All sites will
appear as one LAN.
In this scenario, set one bridge as the Master Bridge (Root ON) at the main site, and all
others as Root OFF.
Figure 1:
Distances Limited by
802.11 Specification
25 Miles @ 2Mb
PCI Card
11.5 Miles @11Mb
Bridge to ANY Client - Maximum Distance
The bridge product has a parameter that extends this timing constraint and allows Cisco
devices to operate at greater distances. All bridges that support distances over 1 mile
violate the 802.11 standard. This means that different vendors’ 802.11 radios may not
work with other vendors’ radios at distances greater than 1 mile.
Figure 1:
Can I Have 5 Sites at 2-
2-Mb to a Single 11-
11-Mb
Center Site for Better Throughput?
• Will this give me 10+ Mb to the center site,
and 2Mb to each remote site?
• No - It will only provide 2Mb total or 400K worst
case to each remote.
2Mb Bridge
2Mb Bridge
2Mb Bridge
11Mb Bridge
2Mb Bridge
2Mb Bridge
Figure 2:
Common Questions
Questions 340 Series 350 Series
How fast?
Maximum data rate 11 Mb 11 Mb
Typical throughput 5.5 Mb 5.5 Mb
How far
(at maximum data rate)?
Outdoors 500 feet / 152.5 m 800feet/
Indoors 100 feet / 30.5 m 150 feet/
How many?
Maximum clients per AP 2007
Typical clients per AP Same as 10 Mbps Ethernet segment
Co-located APs 3
Add 10BASET to this chart – max data rate, typical throughput, distance
limitations, how manys…..
Many people think that the 11-Mbps products will support many 2-Mbps radios and
provide a total (aggregate) data rate of 11-Mbps, with each unit getting a full 2-Mbps.
The problem is that the 11-Mbps device will receive data at 2-Mbps from the 2-Mbps
radios, and would have to transmit at 2-Mbps in order to communicate with the 2-Mbps
Note the difference between the ‘data rate’ and the ‘throughput’. The data rate is the
theoretical maximum data transfer rate. Due to interference, need for retransmission, or
other conditions, the actual data rate may be less than the maximum. This actual data
transfer rate is throughput. A data rate of 1.6Mbps may only yield 500Kbps of
throughput, giving only a 31% efficiency of the RF spectrum. Some manufactures
provide 3Mbps, but limit the coverage distance to only about 30 ft. At the maximum
rated distance, some of these system only see 300Kbps of throughput. In determining
which device to use in the WLAN, the question to ask is: What is the throughput of the
system at the maximum rated distance?2
Another parameter that affects coverage is the number of associations allowed by access
points. While each Cisco Aironet AP will allow 2007 associations, the limiting factor is
the applications. For minimal usage (e-mail, net cruising, etc.), approximately 50 users
can be associated per AP.
Figure 1: Flash Animation: Begin with the ring. Slide in first laptop followed by the
second. Begin broadcast signal between laptops. Slide in third laptop with a modem
connection. Show the wireless signal between laptop 1 and laptop 3. Add a printer with
a bridge. Show some broadcast signals between all devices. Then demonstrate end to
end connectivity. Signal from laptop 1 to laptop 3. show a packet flow on the serial line
to the modem then to the Internet.(need to add an Internet cloud connected to the
modem). Show return traffic from the Internet through laptop 3 then signal from lap3 to
lap1.
Peer-to-Peer Configuration
(ad hoc mode)
Wireless “Cell”
Wireless Clients
Modem
Figure 2:
Base Station
w/Dial Up Network
Internet
Hub
base station
Base Station
w/cable or DSL modem
Internet
Cable/DSL line
base station
Cable/DSL Modem
Figure 4:
Base Station
as Access Point
Wired LAN
base station
In a peer-to-peer topology, the basic service area (BSA) consists of two or more wireless
PCs. 1 Operating systems such as Windows 95 or Windows NT make this type of
network very easy to setup. This topology can be used for a SOHO (small office, home
office) to allow a laptop to be connected to the main PC, or for several people to simply
share files. The drawback to peer-to-peer topology is coverage limitation, as every
device must be able to hear every other device.
Base Station-Dial up
Base station-dial up is designed for the small office/home office (SOHO) market to
provide telecommuters, small or branch offices, and home users the convenience of
wireless connectivity.2 The base station can support up to 10 simultaneous clients
(depending upon bandwidth requirements).
There are various topologies available with the base station. Dial-Up connectivity with
BSM (base station modem) provides wireless and wired devices access to the modem.
The BSM will also function as a DHCP server. Up to 100 devices (wireless or wired) are
supported as DHCP clients.
Base Station-DSL
The base station offers support for Cable or DSL modem on both the BSM and the BSE
(base station Ethernet).3 In this mode the base station will only support wireless clients
as the Ethernet port must be used for connectivity to the Cable/DSL modem. The base
station provides support for PPP over the Ethernet (some ISP’s require this), as well as
DHCP functionality.
The base station can be configured as a stand alone AP.4 In this mode, the base station
does not support roaming, however, it still offers DHCP services and allows for 10
associations (depending on throughput requirements).
Figure 1:
The ideal campus WLAN is an access system that would incorporate unlimited mobility.
WLANs would allow users to access information from unwired locations, outdoors,
dining halls, informal study spaces, classroom seats and even from the athletic fields.
However, campus WLANs should not be viewed as a replacement for a wired
environment, but rather as a way to add more functionality to the existing network.
One of the biggest benefits of campus WLANs is providing network access to people
working anywhere on campus. This would also mean fewer users competing for the
limited number of hard-wired computers. Wireless is rapidly becoming a viable and
important tool in a variety of business and education processes.
Wireless
access point
802.11b bridge
PSTN
GP10
Internet
Cisco GMC
Wireless technology can provide connectivity for Global System for Mobile
Communications (GSM) cellular users when an Ethernet drop is not available. The users
access a GP10 cellular radio which is managed by a Cisco GSM mobility controller
(GMC). The idea is to allow cellular access points to attach to wireless LAN interfaces so
that cellular radio can be used in a wireless LAN infrastructure. This feature is often
designed into new buildings. Also as companies expand and grow, they will expect to be
able to support this type of wireless LAN connectivity in their networks.
Figure 1:
Figure 2:
Network Infrastructure
Service Control
Figure 4:
AVVID (Architecture for Voice, Video and Integrated Data) is Cisco’s enterprise-wide,
standards-based network architecture which combines business and technology strategies
into a single model.1 One of the major component in AVVID is WLANs.
A network architecture provides the framework for more informed decision making,
including appropriate investments in network technologies, products, and services. A
sample AVVID topology including wireless LAN access is shown in Figure 4.
Upon completion of this chapter, you will be able to perform the following tasks:
Overview
This chapter will begin with basic access point installation and configuration. The goal
of this chapter is to get the AP connected, up and running. It is important to keep the
configuration simple until connectivity is achieved. Afterwards, more detailed port
configurations and services will be covered.
Figure 1:
Cisco Aironet Series
Access Points
Figure 2:
The Cisco Aironet® 350 Series Access Point (AP) delivers a cost-effective, reliable,
secure, and easily managed wireless LAN (WLAN) solution for enterprise, small, and
medium-sized businesses. The Cisco Aironet 350 Series delivers ease-of-deployment
features, reducing the total cost of ownership for wireless deployments. The Cisco
Aironet 350 Series also combines improved radio performance, range, and reliability with
integrated network services for security, mobility, and management. The Cisco Aironet
350 Series AP delivers business-class WLAN services for enterprise and medium-sized
businesses.
Before setting up your Access Point, ask your network system administrator for the
following information:
• If your network does not use a DHCP server, you need an IP (Internet Protocol)
address and subnet mask for the Access Point. If your network uses a DHCP
server, an IP address will be assigned automatically. Each station or device on
your network must have a unique IP address. Your IP address might resemble this
example: 149.23.129.229.
• The MAC address from the label on the bottom of the Access Point. The MAC
address on your Access Point should resemble this example: 0040961234BC
• The Gateway for the subnet on which the Access Point will reside.
You should configure the Access Point before mounting it on a pole or a ceiling. Some
configuration steps, such as communicating with the Access Point through a serial cable,
may be difficult if the Access Point is inaccessible. Mounting and installation will be
covered chapter 10.
Getting Started
Before you begin installation, make sure that you have the following items:
• The Cisco Aironet Series Access Point
• The Access Point power supply or source
• The Cisco Aironet Series CD
Figure 1:
Connecting Cables on 340 Series Access Points
Step 1 Plug the RJ-45 Ethernet connector into the Ethernet port on the back of the
Access Point.
Step 2 Connect the other end of the Ethernet cable to the 10/100 Ethernet LAN.
Step 4 Plug the power connector into the back of the Access Point.
At start-up, all three LEDs on the top of the Access Point slowly blink amber, red, and
green in sequence; the sequence takes a few minutes to complete. During normal
operation, the LEDs blink green.
Step 5 Follow the configuration steps to assign basic settings to the Access Point.
Note: The Access Point does not have an on/off switch, so power is applied to the unit
when you plug it in.
Caution: Do not connect the Ethernet cable when the Access Point is powered up.
Always connect the Ethernet cable before you apply power to the Access Point.
Ethernet Port
Because of hardware differences, setup procedures differ for 340 series Access Points
and 350 series Access Points. Cabling instructions for the 340 series is covered in this
section.
Step 1 Plug the RJ-45 Ethernet connector into the Ethernet port on the back of the
Access Point. 2
Step 2 Connect the other end of the Ethernet cable to the 10/100 Ethernet LAN.
Step 4 Plug the power connector into the back of the Access Point. At start-up, all three
LEDs on the top of the Access Point slowly blink amber, red, and green in sequence; the
sequence takes a few minutes to complete. During normal operation, the LEDs blink
green. 2
Step 5 Follow the configuration steps to assign basic settings to the Access Point.
Rear panel
The 340 series AP has the following ports on the rear panel:3
• Ethernet Port
o Link Light: Lights solid green to indicate that 10BaseT/100BaseT has
been configured as the active port.
o Traffic: Flashes green when an Ethernet packet has been received.
• Serial Port: Console port 9-pin. The APs serial port provides console access to
the Access Point’s management system. Use a nine-pin, straight-through, male-to-
female serial cable to connect your computer’s COM 1 or COM 2 port to the
Access Point’s serial port. Serial port mode has the following parameters:
Figure 1:
Connecting Cables on 350 Series Access Points
Step 1 Plug the RJ-45 Ethernet connector into the Ethernet port on the back of the Access
Point.
Step 2 Choose a power option for the Access Point. The 350 series Access Point receives
power through the Ethernet cable. Power options include:
• A switch with inline power, such as a Cisco Catalyst 3524-PWR-XL
• An inline power patch panel, such as a Cisco Catalyst Inline Power Patch Panel
• A Cisco Aironet power injector
Step 3 Connect the other end of the Ethernet cable to the device that will supply power.
If you use a power injector, follow these additional steps:
a. Plug the cable from the Access Point into the end of the power injector labeled To
AP/Bridge.
b. Run an Ethernet cable from the end of the power injector labeled To Network to
the 10/100 Ethernet switch.
c. Plug the female end of the power cord into the universal power supply.
d. Plug the male end of the power cord into a power outlet or power strip.
At start-up, all three LEDs on the top of the Access Point slowly blink amber, red, and green in
sequence; the sequence takes a few minutes to complete. During normal operation, the LEDs
blink green.
Step 4 Follow the configuration steps to assign basic settings to the Access Point.
Caution Cisco Aironet power injectors are designed for use with 350 series Access Points
and bridges only. Using the power injector with other Ethernet-ready devices can damage the
equipment. The operational voltage range for Cisco Aironet 350 Series Access Points and
Bridges is 24 to 60 VDC. Higher voltage can damage the equipment
Inline Power
• Source operating current from the Ethernet Port, over the
Cat 5 cable.
• Line power configuration is compliant with all of Cisco’s
line power enabled devices such as switches and line power
patch panels.
• An optional line power injector is an available option.
• Distances up to 100 meters
• Can only be used with the 350 series product and not the
340 series.
• AP350 series responds to the phone-discovery algorithm
sent by the Cisco powered switches
Ethernet/Power Port
Step 1 Plug the RJ-45 Ethernet connector into the Ethernet port on the back of the
Access Point.
Step 2 Choose a power option for the Access Point. The 350 series Access Point
receives power through the Ethernet cable. 2
Step 3 Connect the other end of the Ethernet cable to the device that will supply in-line
power.3 At start-up, all three LEDs on the top of the Access Point slowly blink amber,
red, and green in sequence; the sequence takes a few minutes to complete. During normal
operation, the LEDs blink green.
Step 4 Follow the configuration steps to assign basic settings to the Access Point
The 350 series AP has the following ports on the rear panel:
• Ethernet Port
o Link Light: Lights solid green to indicate that 10BaseT/100BaseT has
been configured as the active port.
o Traffic: Flashes green when an Ethernet packet has been received.
• Serial Port: Console port 9-pin.
The 350 series AP has no power port. The 350 AP is powered via the Ethernet port only
using an optional power injection module, or using another powered Cisco device (patch
panel, switch).
The Access Point’s Ethernet port accepts an RJ-45 connector, linking the Access
Point to your 10/100 Ethernet LAN. The 350 series Access Point receives power
through the Ethernet cable from a switch with inline power, from a power patch
panel, or from the Access Point’s power injector.
The Access Point’s serial port provides console access to the Access Point’s
management system.5 Use a nine-pin, straight-through, male-to-female serial
cable to connect your computer’s COM 1 or COM 2 port to the Access Point’s
serial port. Assign the following port settings to a terminal emulator to open the
management system pages: 9600 baud, 8 data bits, No parity, 1 stop bit, and
Xon/Xoff flow control.
Figure 1:
All three indicators on top of the access point will slowly blink amber, red, and then
green in sequence. During normal operation, the indicators will blink green. Any red
LEDs during normal operation is not good. Typically it indicates a firmware or hardware
failure.
Figure 1:
Connecting to The AP
• You can set the IP address via the serial port menu, by DHCP, or by reverse
ARP. To set the AP in Reverse ARP do the following:
• From a DOS shell or command prompt, type ‘arp -s <IP number> <MAC
address>’. The IP address is the one that you want to give to the AP (it must be in
the same range as the PC you are doing this from) and the MAC address is the
address of the AP.
Open a web browser, and enter the APs IP address on the address line of the browser.
You should now have the Web page screen of the AP.
Before configuring the Access Point, ask your network administrator for
the following information:
• The service set identifier (SSID) for the Access Point.
• A system name for the Access Point. The name should describe
the location or principal users of the Access Point.
• If your network does not use DHCP to assign IP addresses, you
will need an IP address for the Access Point.
• If your network uses subnets, you will need a default gateway and
an IP subnet mask for the Access Point.
• The Access Point’s MAC address, which is printed on the label
on the bottom of the Access Point.
Figure 1:
Step 1 When the utility window opens, make sure Get IP addr is selected in
the Function box.
Step 2 Type the Access Point’s MAC address in the Device MAC ID field.
The Access Point’s MAC address is printed on the label on the bottom of the
unit. It should contain six pairs of hexadecimal digits. Your Access Point’s
MAC address might look like the following example: 004096xxxxxx
Note The MAC address field is not case-sensitive.
Step 3 Click Get IP Address.
Step 4 When the Access Point’s IP address appears in the IP Address field,
write it down. If IPSU reports that the IP address is 10.0.0.1, the default IP
address, then the Access Point did not receive a DHCP-assigned IP address.
Steps for assigning an IP address are included in the next section.
Step 5 To check the IP address, browse to the Access Point’s browser-based
management pages. Open an Internet browser.
Step 6 Type or paste the Access Point’s IP address in the browser’s location
or address field. (If you are using Netscape, the field is labeled Netsite or
Location; if you are using Microsoft Explorer, the field is labeled Address.)
Step 7 Press Enter. The Access Point’s home page appears.
The IP Setup utility (IPSU) allows you to find the Access Point’s IP address after
it has been assigned by a DHCP server. You can also use IPSU to set the Access Point’s
IP address and SSID if they have not been changed from the default settings. The sections
below explain how to install the utility, how to use it to find the Access Point’s IP
address, and how to use it to set the IP address and the SSID.
Installing IPSU
Step 1 Put the Cisco Aironet Access Point CD in the CD-ROM drive of the computer you
are using to configure the Access Point.
Step 2 Use Windows Explorer to view the contents of the CD. Double-click the IPSU
folder, and then double-click the file called setup.exe. Follow the steps provided by the
installation wizard.
Step 3 Double-click the IPSU icon on your computer desktop to start the utility.1
If your Access Point receives an IP address from a DHCP server, use IPSU to find its IP
address. Run IPSU from a computer on the same network as the Access Point.2 Follow
the steps in Figure 3 to find the Access Point’s IP address.
Figure 2:
The computer you use to assign an IP address to the Access Point must have an IP
address of its own. IPSU can only change the Access Point’s IP address and SSID from
their default settings. After the IP address and SSID have been changed, IPSU cannot
change them again unless you press the configuration reset button on the back panel to
reset the configuration to factory defaults.
Follow the steps in Figure 2 to assign an IP address and an SSID to the Access Point.
Figure 1:
Entering Basic Setting Using Internet Browser
Step 1 Open an Internet browser.
Step 2 Type or paste the Access Point’s IP address in the browser’s location field. (If
you are using Netscape Communicator, the field is labeled Netsite or Location; if you
are using Microsoft Explorer, the field is labeled Address.) Press Enter.
Step 3 When theAccess Point’s Summary Status page appears, click Setup. When the
Setup page appears, click Express Setup.
Note If the Access Point is new and its factory configuration has not been changed, the
Express Setup page appears instead of the Summary Status page when you first browse
to the Access Point.
Step 4 Type a system name for the Access Point in the System Name field. A
descriptive system name makes it easy to identify the Access Point on your network.
Step 5 Select a configuration server protocol from the Configuration Server Protocol
pull-down menu. The configuration server protocol you select should match your
network’s method of IP address assignment. The Configuration Server link takes you
to the Boot Server Setup page, which you use to configure the Access Point to work
with your network’s BOOTP or DHCP servers for automatic assignment of IP
addresses.
The Configuration Server Protocol pull-down menu options include:
• None—Your network does not have an automatic system for IP address
assignment.
• BOOTP—With Bootstrap Protocol, IP addresses are hard-coded based on
MAC addresses.
• DHCP—With Dynamic Host Configuration Protocol, IP addresses are
“leased” for predetermined periods of time.
Step 6 Type an IP address in the Default IP address field. If DHCP is not enabled for
your network, the IP address you enter in this field will be the Access Point’s static IP
address. If DHCP or BOOTP is enabled, the address you enter in this field provides the
IP address only when no server responds with an IP address for the Access Point.
Step 7 Enter an IP subnet mask in the Default IP Subnet Mask field to identify the
subnetwork so the the Access Point’s IP address can be recognized on the LAN. If
DHCP or BOOTP is not enabled, this field is the subnet mask. If DHCP or BOOTP is
enabled, this field provides the subnet mask only when no server
responds to the Access Point’s DHCP or BOOTP request.
Step 8 Enter the IP address of your default internet gateway in the Default Gateway
field. The entry 255.255.255.255 indicates no gateway. Clicking the Gateway link takes
you to the Routing Setup page, which you use to configure the Access Point to
communicate with the IP network routing system.
IP address 10.0.0.1
SSID tsunami
Follow the steps in Figure 1 to enter basic settings with an Internet browser. If the
Access Point is new and its factory configuration has not been changed, the Express
Setup page appears instead of the Summary Status page when you first browse to the
Access Point.
The express setup menu page, for the 340 and 350 series, is shown in Figures 2 and 3.
This is the default web page menu for the AP when it if first turned on. It will remain the
default page until a configuration is successfully applied or OKed.
• System Name —This is the name of the system that appears in the titles of
browser pages. The system name is not an essential setting, but it helps identify
the access point on your network.
• MAC Address—The Media Access Control address is a unique serial number
permanently assigned by the manufacturer. You cannot change the access point's
MAC address
Function Description
Press Enter three Refreshes the page and cancel changes to settings
times
:bottom Jumps to the bottom of a long page, such as Event Log. When
you are at the bottom of a page, this function becomes :top.
:down Moves down one page length (24 lines) on a long page, such as
Event Log. When you are at the bottom of a long page, this
function becomes :up.
Step 1 Connect a nine-pin, male-to-female, straight-through serial cable to the COM port
on a computer and to the RS-232 serial port on the back of the Access Point.
Step 2 Open a terminal emulator.
Step 3 Enter these settings for the connection:
• Bits per second (baud rate): 9600
• Data bits: 8
• Parity: none
• Stop bits: 1
• Flow control: Xon/Xoff
Step 4 Press = to display the home page of the Access Point. If the Access Point is new
and its factory configuration has not been changed, the Express Setup page appears; if the
Access Point has been configured, the Summary Status page appears.
Step 5 Type na to select System Name. Type a system name for the Access Point and
press Enter. A descriptive system name makes it easy to identify the Access Point on your
network.
Step 6 Press t and then press Enter to select Terminal Type. Press t and then press Enter
to select teletype display on the console interface. Press a and then press Enter to select
ANSI display on the console interface.
Step 7 Press pr and then press Enter to select Config Server Protocol. Press n to select
none; press b to select BOOTP; press d to select DHCP. Press Enter after you make your
selection.
Step 8 Press ad and then press Enter to select IP Address. Enter an IP address for the
Access Point. If DHCP is not enabled for your network, the IP address you enter is the
Access Point’s static IP address. If DHCP is enabled, the address you enter provides the
IP address only when no DHCP server responds with an IP address for the Access Point.
Step 9 Press su and then press Enter to select IP Subnet Mask. Enter an IP subnet mask
to identify the subnetwork so the the Access Point’s IP address can be recognized on the
LAN. If DHCP is not enabled, the subnet you enter is the static subnet mask. If DHCP is
enabled, your entry provides the subnet mask only when no DHCP server responds to the
Access Point’s DHCP request.
Step 10 Press g and then press Enter to select Default Gateway. Enter the IP address of
your default internet gateway. The entry 255.255.255.255 indicates no gateway.
Step 11 Press ra and then press Enter to select Radio Service Set ID (SSID). Enter an
SSID for the Access Point. The SSID is a unique identifier that client devices use to
associate with the Access Point. The SSID can be any alphanumeric entry from two to 32
characters long.
Step 12 Press ro and then press Enter to select Role in Radio Network. The network roles
include the following options:
• Access Point/Root—Press a and then press Enter to select this setting. A
wireless LAN transceiver that connects an Ethernet network with wireless client stations.
Use this setting if the Access Point will be connected to the wired LAN.
• Repeater/Non-Root—Press r and then press Enter to select this setting. An
Access Point that transfers data between a client and another Access Point. Use this
setting for Access Points not connected to the wired LAN.
• Client/Non-root—Press c and then press Enter to select this setting. A station
with a wireless connection to an Access Point. Use this setting for diagnostics, such as
when you need to test the Access Point by having it communicate with another Access
Point.
This section provides instructions for Microsoft’s HyperTerminal, Telnet and other
similar programs. The CLI pages use consistent techniques to present and save
configuration information. Figure 1 lists the functions that appear on most CLI pages, and
Figure 2 shows the Express Setup page via a Console Session using HyperTerminal.
Telnet Session—Follow these steps to browse to the CLI pages with Telnet:3
• Step 1 On your computer's Start menu, select Programs > Accessories >
Telnet. If Telnet is not listed in your Accessories menu, select Start > Run, type
Telnet in the entry field, and press Enter.
• Step 2 When the Telnet window appears, click Connect and select Remote
System.
• Step 3 In the Host Name field, type the access point's IP address and click
Connect.
In Windows 2000, the Telnet window does not contain pull-down menus. To start the
Telnet session in Windows 2000, type open followed by the access point's IP address
When you type names and settings that appear in brackets you jump to that page
or setting. HyperTerminal jumps to the page or setting as soon as it recognizes a
unique name, so you need to type only the first few characters in the page or
setting name. To jump from the home page to the Setup page, for example, you
would only need to type se.
Follow the steps in Figure 4 to assign basic settings to the Access Point with a terminal
emulator.
You can use an SNMP management application to configure the access point with
SNMP. Follow these steps to configure the access point with SNMP:1
Step 1 Compile the MIB you need to use in your SNMP management application. MIBs
supported by the access point are listed in Figure 2.
Step 2 Use a web browser, a Telnet session, or the console interface to open the Express
Setup page in the access point management system.
Step 3 Enter an SNMP community name in the SNMP Admin. Community field and
click OK or Apply.
Step 4 Follow this link path to reach the SNMP Setup page:
a. On the Summary Status page, click Setup.
b. On the Setup page, click SNMP in the Services section of the page.
For enterprise management, the Cisco Aironet Series provides support for Cisco
Discovery Protocol (CDP) to enable auto-discovery of Cisco Aironet APs and bridges
using Cisco enterprise management applications such as CiscoWorks 2000, HP
OpenView or CA Unicenter TNG.3 Additionally, Cisco Aironet APs support standard
SNMP Management Information Base (MIB) II, Cisco Aironet Series private MIB, and
802.11b MIB.
Button/Link Description
Map Opens the Map window, which contains links to every management
page.
Associations Displays the Association Table page, which provides a list of all
devices on the wireless network and links to the devices.
Setup Displays the Setup page, which contains links to the management
pages with configuration settings.
Logs Displays the Event Log page, which lists system events and their
severity levels.
Help Displays the online help for the current window and the online help
table of contents.
Login Logs you into the access point's management system for access to all
pages and features appropriate for your user level.
Button/Link Description
Apply Saves changes made on the page and remain on the page.
Cancel Discards changes to the page and return to the previous page.
The system management pages use consistent techniques to present and save
configuration information. Navigation buttons appear at the top of the page, and
configuration action buttons appear at the bottom. You use the navigation buttons1 to
display other management pages, and you use the configuration action buttons 2 to save
or cancel changes to the configuration.
It's important to remember that clicking your browser's Back button is the same as
clicking Cancel: if you make changes on a management page, your changes are not
applied when you click Back. Changes are only applied when you click Apply or OK.
Figure 1: Home
Figure 2: Map
Figure 4: Associations
Figure 6: Logs
You can use the Access Point management system through the following
interfaces:
• An Internet browser
• A terminal emulator
• A Telnet session
• Simple Network Management Protocol (SNMP)
The Access Point’s management system pages are organized the same way for the web-
based browser, terminal emulator, and Telnet interfaces. This section will focus on the
browser configuration method.
After the AP has been initially configured, this is the Home page that provides a
summary of associated stations, system events and port status. The page also provides
many links to pages with detailed information. They are as follows:
Current Associations—The top section of the page shows basic information on a variety
of possible associations including clients, repeaters, bridges and access points.2
Recent Events—The middle section of the page shows basic information on system
events.
• Time—The first column shows the time of the event expressed in system uptime
or wall-clock time. The upper right corner of every page shows either wall-clock
time (as configured in Time Server Setup) or the current system uptime expressed
in the cumulative number of days, hours, minutes and seconds of operation since
startup or reset.
• Severity—this column notes the significance of the event. You can link to the
Event Log Summary screen to see a tally of events at each security level.
• Description—This column is a brief explanation of the event. A more detailed
page of the description is provided when clicking on the underlined link in the
description field. 3
Network Ports—The bottom section of the page shows basic information on the APs network
ports. The title line is a link to the network ports page that provides more information on data
traffic through the ports.
• Device—This column lists the wired and wireless port connections. Each
listed device is also a link to the individual port page that provides complete
information on port configuration and data statistics.4
• Status—Displays one of three possible operating states for the port—Up,
Down, Error
• Mb/s—Maximum rate of data transmission in megabits per second. Use the
individual port Hardware page to set data rates [Summary Status >
Device/port > Set Properties].
• IP Addr.—Internet protocol address of the device. Use the Express Setup page
to assign or change IP address[Summary Status > Setup > Express Setup].
• MAC Addr—Media Access Control address of the device.
• After the AP has been running, the events area will display the recent events
that have taken place.
Figure 1:
Figure 2:
The Map window appears when you click Map at the top of any management page.1 You
can use the Map window to jump quickly to any system management
page, or to a map of your entire wireless network.
Note: Your Internet browser must have Java enabled to use the map windows.
To display the sub-pages for each main page, click the bullet next to a main page
link (Microsoft Internet Explorer), or click expand next to a main page link
(Netscape Communicator). In Figure 2-1, the sub-pages for the Network Ports
page are expanded.2
The Network Map window appears when you click Network Map in the Map
window. You use the Network Map window to open a new browser window
displaying information for any device on your wireless network. Figure 2-2
shows the Network Map window.3
Click the name of a wireless device to open a new browser window displaying a
Station page listing the Access Point’s local information for that device. Click Go
beside the device name to open a new browser window displaying that device’s
home page, if available. Some devices, such as PC Card clients, might not have
home pages.
Click show clients to display all the wireless client devices on your network. The
client names appear under the Access Point or bridge with which they are
associated. If clients are displayed, click hide clients to display only non-client
devices.
This page presents key information for the Ethernet and radio ports.
Identifying Information and Status—The top six lines in each column report the name,
operational status, and the identifying addresses of the port. See the Express Setup page
for information on device and port identification [Summary Status > Setup > Express
Setup].
• Name--Displays the name of the network interface port. An asterisk (*) next to
the name identifies the port as the primary port for the device. The port names are
links to a detailed page for each port.
• Status--Displays one of three possible operating states for the port
o Up--The port is operating properly.
o Down--The port is not operating.
o Error--The port is operating but is presently in an error condition.
• Max. Mb/s--The maximum rate of data transmission in megabits per second.
• IP Addr.--The IP address for the port. When the device is set up in standby mode,
the Ethernet and radio ports use different IP addresses. Use the AP/Root Radio
Identification page to assign an IP address to the radio port that is different from
the Ethernet IP address.
Data Received—The middle portion of each column reports the data traffic received
through the port.
• Unicast pkts.--The number of packets received in point-to-point communication.
• Multicast pkts.--The number of packets received that were sent as a transmission
to a set of nodes.
• Total bytes--The total number of bytes received.
• Errors--The number of packets determined to be in error.
• Discards--The number of packets discarded by the device due to errors or
network congestion.
• Forwardable pkts.--The number of packets received by the port that was
acceptable or passable through the filters.
• Filtered pkts.--The number of packets that were stopped or screened by the
filters set up on the port.
Data Transmitted—The lower portion of each column reports the data traffic
transmitted from the port.
• Unicast pkts.--The number of packets transmitted in point-to-point
communication.
• Multicast pkts.--The number of packets transmitted that were sent as a
transmission to a set of nodes.
• Total bytes--Total number of bytes transmitted from the port.
• Errors--The number of packets determined to be in error.
• Discards--The number of packets discarded by the device due to errors or
network congestion.
• Forwarded pkts.--The number of packets transmitted by the port that was
acceptable or passable through the filters.
Figure 1:
The main Setup page, shown in Figure 1, consists solely of links for system setup,
configuration, and performance information.
Settings—This link goes to the Express Setup page that contains fields and menus for all
basic settings. The Express Setup page is the appropriate page for making changes in
most typical network applications.
Associations—This section links to display and filter pages for associated stations.
Event Log—This section links to pages for setting up event parameters and monitoring
system events. This will be covered in detail in the security chapter.
Services—This section links to a range of pages for setting up system features and
support services. Security services will be covered in detail in the security chapter.
Network Ports—The bottom section of the page provides links to configure and adjust
network ports. The Ethernet and AP/Root Radio rows each identify one network port on
the device. These are generally the Ethernet (wired) port and the AP/Root Radio port. For
each port, three setup pages are available: Identification, Hardware, and Advanced.
Event Log and Display Filters—The event log is divided into three columns:
• Time—The time the event occurred. The log records time as cumulative days,
hours, and minutes since the device was turned on, or as wall-clock time if a time
server is specified or if time has been manually set on the device.
• Severity—Events are classified as one of four severity levels depending on the
event's impact on network operations. Severity levels include
o Info (green) - Indicates routine information; no error.
o Warning (blue) - Indicates a potential error condition.
o Alert (magenta) - Indicates an event occurred which was pre-selected as
something to be recorded in the log. The Station page provides
checkboxes that activate reporting of packet errors to and from the station
as alerts in the event log.
o Fatal (red) - An event which prevents operation of the port or device. For
operation to resume, the port or device usually must be reset.
Action buttons
Command Description
Purge Log Permanently deletes all events from the log
Changes the display by applying the settings in the Index and
Apply New
Number of Events fields.
Next Displays earlier events in the log.
Previous Displays more recent events in the log.
Additional Display A link to the Event Display Setup page, where you can change
Filters time and severity level setting
Related Links
additional display filters is a link to the Event Display Setup Screen. The Event Display
Setup Screen has more selection and format options dealing with how time is displayed
and what severity levels are shown.
To save the event log, click Download Event Log. In Microsoft Explorer, the log is saved
as a text file. In Netscape Communicator, the log file is displayed on the screen, and you
select Save As from Communicator's File pull-down menu to save the log.
The Severity link takes you to the Event Log Summary Screen where you can see a tally
of the events of each severity that have occurred. Events carry different severity levels in
terms of their impact on network operations.
Help can also be obtained from the Documentation CD provided with the Access Point.
The Ethernet Identification page contains the basic locating and identity information for
the Ethernet port. The Ethernet identification page differs slightly from other ports in that
it documents the main connection with the wired network.
The Ethernet Identification page contains the primary port settings, default IP address and
subnet mask. The page also displays the access point's MAC address, its current IP
address, and its current IP subnet mask.
Primary Port Settings—Two options allow you to designate the access point's Ethernet
port as the Primary Port and select whether the Ethernet port adopts or assumes the
identity of the primary port.
• Primary Port?—The primary port determines the access point's MAC and IP
addresses. Ordinarily, the access point's primary port is the Ethernet port, so this
setting is usually set to yes. Select yes to set the Ethernet port as the primary port.
Select no to set the radio port as the primary port.
• Adopt Primary Port Identity?—Select yes to adopt the primary port settings
(MAC and IP addresses) for the Ethernet port. Select no to use different MAC
and IP addresses for the Ethernet port.
Some advanced bridge configurations require different settings for the Ethernet and radio
ports.
The current IP address displayed under the Default IP Address setting shows the IP
address currently assigned to the access point. This is the same address as the default IP
address unless DHCP or BOOTP is enabled. If DHCP or BOOTP is enabled, this field
displays the IP address that has been dynamically assigned to the device for the duration
of its session on the network, and it might be different than the default IP address.
You can also enter this setting on the Express Setup and AP Radio Identification pages.
The current IP subnet mask displayed under the setting shows the IP subnet mask
currently assigned to the access point. This is the same subnet mask as the default subnet
mask unless DHCP or BOOTP is enabled. If DHCP or BOOTP is enabled, this is the
subnet mask used by the server.
You can also enter this setting on the Express Setup and AP Radio Identification pages
You use the Ethernet Hardware page to select the connector type, connection speed, and
duplex setting used by the access point's Ethernet port. Figure 1 shows the Ethernet
Hardware page.
Speed—The Speed drop-down menu lists five options for the type of connector,
connection speed, and duplex setting used by the port. The option you select must match
the actual connector type, speed, and duplex settings used to link the port with the wired
network.
The default setting, Auto, is best for most networks because the best connection speed
and duplex setting are automatically negotiated between the wired LAN and the access
point. If you use a setting other than Auto, make sure the hub, switch, or router to which
the access point is connected supports your selection.
• Auto—This is the default and the recommended setting. The connection speed
and duplex setting are automatically negotiated between the access point and the
hub, switch, or router to which the access point is connected.
• 10-Base-T / Half Duplex—Ethernet network connector for 10-Mbps transmission
speed over twisted-pair wire and operating in half-duplex mode.
• 10-Base-T / Full Duplex—Ethernet network connector for 10-Mbps transmission
speed over twisted-pair wire and operating in full-duplex mode.
• 100-Base-T / Half Duplex—Ethernet network connector for 100-Mbps
transmission speed over twisted-pair wire and operating in half-duplex mode.
Some switches with inline power do not fully support Ethernet speed auto-
negotiation. If your 350 series access point is powered by a switch with inline
power, the Auto speed setting is applied only after you reboot the access point.
Protocol filters prevent or allow the use of specific protocols through the access point.
You can set up individual protocol filters or sets of filters. You can filter protocols for
wireless client devices, users on the wired LAN, or both. For example, an SNMP filter on
the access point's radio port prevents wireless client devices from using SNMP with the
access point but does not block SNMP access from the wired LAN.
Use the Ethernet Protocol Filters page to create and enable protocol filters for the access
point's Ethernet port. Figure 1 shows the main body for the pages. This gives
administrators very granular control of traffic flow on each side of the access point in
order to improve security or performance. Three classes of filters can be set on the
Ethernet Port as follows:
• EtherType
• IP Protocol
• IP Port
You use the Ethernet Advanced page to assign special configuration settings for the
access point's Ethernet port. Figure 1 shows the Ethernet Advanced page.
Packet Forwarding—This setting is always set to Enabled for normal operation. For
troubleshooting, you might want to set packet forwarding to Disabled, which prevents
data from moving between the Ethernet and the radio.
The Forwarding State line under the setting displays the current forwarding state. The
state for normal operation is Forwarding. Four other settings are possible:
• Unknown—The state cannot be determined.
• Disabled—Forwarding capabilities are disabled.
• Blocking—The port is blocking transmission.
Default Unicast and Multicast Address Filters—MAC address filters allow or disallow
the forwarding of unicast and multicast packets sent to specific MAC addresses. You can
create a filter that passes traffic to all MAC addresses except those you specify, or you
can create a filter that blocks traffic to all MAC addresses except those you specify.
Unicast packets are addressed to just one device on the network. Multicast packets are
addressed to multiple devices on the network.
The pull-down menus for unicast and multicast address filters contain two options:
• Allowed—The access point forwards all traffic except packets sent to the MAC
addresses listed as disallowed on the Address Filters page.
• Disallowed—The access point discards all traffic except packets sent to the MAC
addresses listed as allowed on the Address Filters page.
For most configurations, you should leave Default Multicast Address Filter set to
Allowed. If you intend to set it to Disallowed, add the broadcast MAC address
(ffffffffffff) to the list of allowed addresses on the Address Filters page before changing
the setting.
If you plan to discard traffic to all MAC addresses except those you specify (the
Disallowed setting), be sure to enter your own MAC address as allowed on the Address
Filters page.
This section describes how to configure the access point's radio. You use the AP Radio
pages in the management system setup page to set the radio configuration.1 The radio
pages include:
• AP Radio Port Link—Lists key configuration and statistical information on the
access point's radio port. 2
• AP Radio Identification—Contains the basic locating and identity information for
the access point Radio port. 3
• AP Radio Hardware—Contains settings for the access point's SSID, data rates,
transmit power, antennas, radio channel, and operating thresholds. 4
• AP Radio Filters—Contains settings to configure protocol filters.5
• AP Radio Advanced—Contains settings for the operational status of the access
point's radio port. You can also use this page to make temporary changes in port
status to help with troubleshooting network problems. 6
This page contains the basic locating and identity information for the AP radio port. The
AP Radio Identification page differs slightly from the Ethernet port in that it manages the
connection with the wireless network.
Two options allow you to designate the access point's radio port as the Primary Port and
select whether the radio port adopts or assumes the identity of the primary port.
• Primary Port?—The primary port determines the access point's MAC and IP
addresses. Ordinarily, the access point's primary port is the Ethernet port, which is
connected to the wired LAN, so this setting is usually set to no. Select no to set
the Ethernet port as the primary port. Select yes to set the radio port as the
primary port.
• Adopt Primary Port Identity?—Select yes to adopt the primary port settings
(MAC and IP addresses) for the radio port. Select no to use different MAC and IP
addresses for the radio port.
• Access points acting as root units adopt the primary port settings for the radio
port. When you put an access point in standby mode, however, you select no for
this setting. Some advanced wireless bridge configurations also require different
identity settings for the radio port.
Default IP Address—Use this setting to assign an IP address for the radio port that is
different from the access point's Ethernet IP address. During normal operation the radio
Default IP Subnet Mask—Enter an IP subnet mask to identify the subnetwork so the the
IP address can be recognized on the LAN. If DHCP or BOOTP is not enabled, this field
is the subnet mask. If DHCP or BOOTP is enabled, this field provides the subnet mask
only if no server responds to the access point's request. The current IP subnet mask
displayed under the setting shows the IP subnet mask currently assigned to the access
point. This is the same subnet mask as the default subnet mask unless DHCP or BOOTP
is enabled. If DHCP or BOOTP is enabled, this is the subnet mask used by the DHCP or
BOOTP server. You can also enter this setting on the Express Setup page.
Service Set ID (SSID)—The SSID is a unique identifier that client devices use to
associate with the access point. The SSID helps client devices distinguish between
multiple wireless networks in the same vicinity. The SSID can be any alphanumeric entry
from two to 32 characters long. You can also enter this setting on the Express Setup
page.
Use the AP Radio Hardware page to assign settings related to the access point's radio
hardware. Figure 1 shows the AP Radio Hardware page.
Service Set ID (SSID)—The SSID is a unique identifier that client devices use to
associate with the access point. The SSID helps client devices distinguish between
multiple wireless networks in the same vicinity. The SSID can be any alphanumeric entry
up to 32 characters long. You can also enter this setting on the Express Setup and AP
Radio Identification pages. Cisco recommends assigning or changing the SSID on the
Express Setup page [Summary Status > Setup > Express Setup]. You can enter non-
ASCII characters in the SSID by typing a backslash ( \ ), a lower-case x, and the
characters to represent the non-ASCII character. For example, \xbd inserts the symbol ½.
Allow Broadcast SSID to Associate?—Use this setting to choose whether devices that
do not specify an SSID (devices that are "broadcasting" in search of an access point to
associate with) are allowed to associate with the access point.
Enable World Mode—When you select yes from the world-mode pull-down menu, the
access point adds channel carrier set information to its beacon. Client devices with world-
mode enabled receive the carrier set information and adjust their settings automatically.
Data Rates—Use the data rate settings to choose the data rates the access point uses for
data transmission. The rates are expressed in megabits per second. The access point
always attempts to transmit at the highest rate selected. If there are obstacles or
interference, the access point steps down to the highest rate that allows data transmission.
For each of four rates (1, 2, 5.5, and 11 megabits per second), a drop-down menu lists
three options:
• Basic (default)—Allows transmission at this rate for all packets, both unicast and
multicast. At least one data rate must be set to Basic.
• Yes—Allows transmission at this rate for unicast packets only.
• No—Does not allow transmission at this rate.
The Optimize Radio Network For setting on the Express Setup page selects the data rate
settings automatically. When you select Optimize Radio Network For Throughput on the
Express Setup page, all four data rates are set to basic. When you select Optimize Radio
Network For Range on the Express Setup page, the 1.0 data rate is set to basic, and the
other data rates are set to Yes.
Frag. Threshold—This setting determines the size at which packets are fragmented (sent
as several pieces instead of as one block). Enter a setting ranging from 256 to 2338 bytes.
Use a low setting in areas where communication is poor or where there is a great deal of
radio interference.
RTS Threshold—This setting determines the packet size at which the access point issues
a request to send (RTS) before sending the packet. A low RTS Threshold setting can be
useful in areas where many client devices are associating with the access point, or in
areas where the clients are far apart and can detect only the access point and not each
other. Enter a setting ranging from 0 to 2339 bytes.
Max. Data Retries—T he maximum number of attempts the access point makes to send
a packet before giving up and dropping the packet.
Data Beacon Rate (DTIM)—This setting, always a multiple of the beacon period,
determines how often the beacon contains a delivery traffic indication message (DTIM).
The DTIM tells power-save client devices that a packet is waiting for them. If the beacon
period is set at 100, its default setting, and the data beacon rate is set at 2, its default
setting, then the access point sends a beacon containing a DTIM every 200 Kmsecs. One
Kmsec equals 1,024 microseconds.
Radio Channel—The factory setting for Cisco wireless LAN systems is Radio Channel
6 transmitting at 2437 MHz. To overcome an interference problem, other channel settings
are available from the drop-down menu of 11 channels ranging from 2412 to 2462 MHz.
Each channel covers 22 MHz. The bandwidth for channels 1, 6, and 11 does not overlap,
so you can set up multiple access points in the same vicinity without causing interference.
Too many access points in the same vicinity creates radio congestion that can reduce
throughput. A careful site survey can determine the best placement of access points for
maximum radio coverage and throughput.
Search for Less-Congested Radio Channel—When you select yes from the Search for
less-congested radio channel pull-down menu, the access point scans for the radio
channel that is least busy and selects that channel for use. The access point scans at
power-up and when the radio settings are changed. If you need to keep the access point
assigned to a specific channel to keep from interfering with other access points, you
should leave this setting at no.
Receive Antenna and Transmit Antenna—Pull-down menus for the receive and
transmit antennas offer three options:
• Diversity—This default setting tells the access point to use the antenna that
receives the best signal. If your access point has two fixed (non-removeable)
antennas, you should use this setting for both receive and transmit.
• Right—If your access point has removeable antennas and you install a high-gain
antenna on the access point's right connector, you should use this setting for both
receive and transmit. When you look at the access point's back panel, the right
antenna is on the right.
• Left—If your access point has removeable antennas and you install a high-gain
antenna on the access point's left connector, you should use this setting for both
The access point receives and transmits using one antenna at a time, so you cannot
increase range by installing high-gain antennas on both connectors and pointing one north
and one south. When the access point used the north-pointing antenna, client devices to
the south would be ignored.
Protocol filters prevent or allow the use of specific protocols through the access point.
You can set up individual protocol filters or sets of filters. You can filter protocols for
wireless client devices, users on the wired LAN, or both. For example, an SNMP filter on
the access point's radio port prevents wireless client devices from using SNMP with the
access point but does not block SNMP access from the wired LAN.
Use the AP Radio Protocol Filters page to create and enable protocol filters for the access
point's Radio port. Figure 1 shows the main body for the pages. This gives administrators
very granular control of traffic flow on each side of the access point in order to improve
security or performance. Three classes of filters can be set on the AP Radio Port as
follows:
• EtherType
• IP Protocol
• IP Port
Use the AP Radio Advanced page to assign special configuration settings for the access
point's radio. Figure 1 shows the AP Radio Advanced page. The AP Radio Advanced
page contains the following settings:
Default Unicast and Multicast Address Filters—MAC address filters allow or disallow
the forwarding of unicast and multicast packets sent to specific MAC addresses. You can
create a filter that passes traffic to all MAC addresses except those you specify, or you
can create a filter that blocks traffic to all MAC addresses except those you specify.
Creating a MAC Address Filter will be covered in Chapter 8—Security.
The pull-down menus for unicast and multicast address filters contain two options:
• Allowed—The access point forwards all traffic except packets sent to the MAC
addresses listed as disallowed on the Address Filters page.
• Disallowed—The access point discards all traffic except packets sent to the MAC
addresses listed as allowed on the Address Filters page.
If you plan to discard traffic to all MAC addresses except those you specify (the
Disallowed setting), be sure to enter your own MAC address as allowed on the Address
Filters page.
Radio Cell Role—Use this pull-down menu to select the function of the access point's
radio within its radio coverage area (cell). This setting determines how the access point's
radio interacts with other wireless devices. The menu contains the following options:
• Root—A wireless LAN transceiver that connects an Ethernet network with
wireless client stations or with another Ethernet network. Use this setting if the
access point is connected to the wired LAN.
• Repeater/Non-Root—A wireless LAN transceiver that transfers data between a
client and another access point. Use this setting for access points not connected to
the wired LAN.
• Client/Non-root—A station with a wireless connection to an access point. Use this
setting for diagnostics or site surveys, such as when you need to test the access
point by having it communicate with another access point or bridge without
accepting associations from client devices.
Require Use of Radio Firmware x.xx—This setting affects the firmware upgrade
process when you load new firmware for the access point. Select yes to force the radio
Require EAP—If you use open or shared authentication, select Require EAP under the
authentication type if you want to require client device users to authenticate using EAP.
Default Unicast Address Filter—Unicast MAC address filters allow or disallow the
forwarding of unicast packets sent to specific MAC addresses. You can create a filter that
passes traffic to all MAC addresses except those you specify, or you can create a filter
that blocks traffic to all MAC addresses except those you specify.
Specified Access Points—You use these fields to set up a chain of repeater access points
(access points without an Ethernet connection). Repeater access points function best
when they associate with specific access points connected to the wired LAN. You use
these fields to specify the access points that provide the most efficient data transmission
link for the repeater.
If this access point is a repeater, type the MAC address of one or more root-unit access
points with which you want this access point to associate. With MAC addresses in these
fields, the repeater access point always tries to associate with the specified access points
instead of with other less-efficient access points.
Radio Modulation—Select Standard or MOK for the radio modulation the access point
uses.
• Standard—This default setting is the modulation type specified in IEEE 802.11,
the wireless standard published by the Institute of Electrical and Electronics
Engineers (IEEE) Standards Association.
Radio Preamble—The radio preamble is a section of data at the head of a packet that
contains information the access point and client devices need when sending and receiving
packets. The pull-down menu allows you to select a long or short radio preamble:
• Long—A long preamble ensures compatibility between the access point and all
early models of Cisco Aironet Wireless LAN Adapters (PC4800 and PC4800A).
• Short—A short preamble improves throughput performance. Cisco Aironet's
Wireless LAN Adapter supports short preambles. Early models of Cisco Aironet's
Wireless LAN Adapter (PC4800 and PC4800A) require long preambles.
From the Setup page, you can configure 10 services including: Console/Telnet, Time
Server, Boot Server, FTP, Routing, Web Server, Name Server, SNMP, Cisco Services
and Security. SNMP, Cisco Services and Security will be covered in Chapter 8.
You use the Time Server Setup page to enter time server settings. Figure 1 shows the
Time Server Setup page.
Default Time Server—If your network has a default time server, enter the server's IP
address in the Default Time Server entry field.
The DHCP or BOOTP server can override the default time server.
GMT Offset (hr)—The GMT Offset pull-down menu lists the world's time zones
relative to Grennwich Mean Time (GMT). Select the time zone in which the access point
operates.
Use Daylight Savings Time—Select yes or no to have the access point automatically
adjust to Daylight Savings Time.
Manually Set Date and Time—Enter the current date and time in the entry fields to
override the time server or to set the date and time if no server is available.
When entering the date and time, use forward-slashes to separate the year, month, and
day, and use colons to separate the hours, minutes, and seconds. For example, you would
enter 2001/02/17 for February 17, 2001, and 18:25:00 for 6:25 pm.
Use the Boot Server Setup page to configure the access point for your network's BOOTP
or DHCP servers for automatic assignment of IP addresses. Figure 1 shows the Boot
Server Setup page.
Settings on the Boot Server Setup Page—The Boot Server Setup page contains the
following settings:
• Configuration Server Protocol
• Use Previous Configuration Server Settings
• Read .ini File from File Server
• BOOTP Server Timeout (sec)
• DHCP Multiple-Offer Timeout (sec)
• DHCP Requested Lease Duration (min)
• DHCP Minimum Lease Duration (min)
• DHCP Class Identifier
Use Previous Configuration Server Settings—Select yes to have the access point save
the boot server's most recent response. The access point uses the most recent settings if
the boot server is unavailable.
Read .ini File from File Server—Use this setting to have the access point use
configuration settings in an .ini file on the BOOTP or DHCP server or the default file
server. Files with .ini extensions usually contain configuration information used during
system start-up. The pull-down menu contains the following options:
• Always—The access point always loads configuration settings from an .ini file on
the server.
• Never—The access point never loads configuration settings from an .ini file on
the server.
• If specified by server—The access point loads configuration settings from an .ini
file on the server if the server's DHCP or BOOTP response specifies that an .ini
file is available. This is the default setting.
The Load Now button under the pull-down menu tells the access point to read an .ini file
immediately.
The Current Boot Server line under the pull-down menu lists the server that responded to
the access point's boot request. If all zeros appear, it means that the access point is not
using BOOTP/DHCP or that no server responded to the BOOTP/DHCP request. The
Specified ".ini" File Server line lists the IP address of the server where the .ini file is
stored. If all zeroes appear, it means that no file server is set up to provide an .ini file.
BOOTP Server Timeout (sec)—This setting specifies the length of time the access point
waits to receive a response from a single BOOTP server. Enter the number of seconds the
access point should wait.
DHCP Multiple-Offer Timeout (sec)—This setting specifies the length of time the
access point waits to receive a response when there are multiple DHCP servers. Enter the
number of seconds the access point should wait.
DHCP Requested Lease Duration (min)—This setting specifies the length of time the
access point requests for an IP address lease from your DHCP server. Enter the number
of minutes the access point should request.
DHCP Minimum Lease Duration (min)—This setting specifies the shortest amount of
time the access point accepts for an IP address lease. The access point ignores leases
DHCP Class Identifier—Your DHCP server can be set up to send responses according
to the group to which a device belongs. Use this field to enter the access point's group
name. The DHCP server uses the group name to determine the response to send to the
access point. The access point's DHCP class identifier is a vendor class identifier.
You use the Web Server Setup page to enable browsing to the web-based management
system, specify the location of the access point Help files, and enter settings for a
custom-tailored web system for access point management. Figure 1 shows the Web
Server Setup page.
Settings on the Web Server Setup Page—The Web Server Setup page contains the
following settings:
• Allow Non-Console Browsing
• HTTP Port
• Default Help Root URL
• Extra Web Page File
• Default Web Root URL
HTTP Port—This setting determines the port through which your access point provides
web access. Your System Administrator should be able to recommend a port setting.
Default Help Root URL—This entry tells the access point where to look for the Help
files. The Help button on each management system page opens a new browser window
displaying help for that page. The online help files are provided on the access point and
Extra Web Page File—If you need to create an alternative to the access point's
management system, you can create HTML pages and load them into the access point.
You use this entry field to specify the filename for your HTML page stored on the file
server. Click Load Now to load the HTML page.
Default Web Root URL—This setting points to the access point management system's
HTML pages. If you create alternative HTML pages, you should change this setting to
point to the alternative pages. The default setting is: mfs0:/StdUI/
You use the Name Server Setup page to configure the access point to work with your
network's Domain Name System (DNS) server. Figure 1 shows the Name Server Setup
page.
Settings on the Name Server Setup Page—The Name Server Setup page contains the
following settings:
• Domain Name System
• Default Domain
• Domain Name Servers
• Domain Suffix
Domain Name System—If your network uses a Domain Name System (DNS), select
Enabled to direct the access point to use the system. If your network does not use DNS,
select Disabled.
Default Domain—Enter the name of your network's IP domain in the entry field. Your
entry might look like this: mycompany.com
Domain Suffix—In this entry field, enter the portion of the full domain name that you
would like omitted from access point displays. For example, in the domain
"mycompany.com" the full name of a computer might be
"mycomputer.mycompany.com." With domain suffix set to "mycompany.com," the
computer's name would be displayed on management system pages as simply
"mycomputer."
You use the FTP Setup page to assign File Transfer Protocol settings for the access point.
All non-browser file transfers are governed by the settings on this page. Figure 1 shows
the FTP Setup page.
Settings on the FTP Setup Page—The FTP Setup page contains the following settings:
• File Transfer Protocol
• Default File Server
• FTP Directory
• FTP User Name
• FTP User Password
File Transfer Protocol—Use the pull-down menu to select FTP or TFTP (Trivial File
Transfer Protocol). TFTP is a relatively slow, low-security protocol that requires no
username or password.
Default File Server—Enter the IP address or DNS name of the file server where the
access point should look for FTP files.
FTP Directory—Enter the file server directory that contains the firmware image files.
FTP User Name—Enter the username assigned to your FTP server. You don't need to
enter a name in this field if you select TFTP as the file transfer protocol.
You use the Routing Setup page to configure the access point to communicate with the IP
network routing system. You use the page settings to specify the default gateway and to
build a list of installed network route settings. Figure 1 shows the Routing Setup page.
Entering Routing Settings—The Routing Setup page contains the following settings:
• Default Gateway
• New Network Route Settings
• Installed Network Routes list
Default Gateway—Enter the IP address of your network's default gateway in this entry
field. The entry 255.255.255.255 indicates no gateway.
New Network Route Settings—You can define additional network routes for the access
point. To add a route to the installed list, fill in the three entry fields and click Add. To
remove a route from the list, highlight the route and click Remove. The three entry fields
include:
• Dest Network—Enter the IP address of the destination network.
• Gateway—Enter the IP address of the gateway used to reach the destination
network.
• Subnet Mask—Enter the subnet mask associated with the destination network.
Installed Network Routes list—The list of installed routes provides the destination
network IP address, the gateway, and the subnet mask for each installed route
Use the Console/Telnet Setup page to configure the access point to work with a terminal
emulator or through Telnet. Figure 1 shows the Console/Telnet Setup page.
Upon completion of this chapter, you will be able to perform the following
tasks:
• Connecting bridges
• Basic configuration
• Configure Radio and Ethernet ports
• Configure services
• Configuration management
• Viewing statistics
Overview
This chapter will cover basic bridge installation and configuration. The goal of this
chapter is to get the bridge connected, up and running. It is important to keep the
configuration simple until connectivity is achieved. Afterwards, more detailed port
configurations and services will be covered.
Medium Drawbacks
Installation
(56K, T1) costs Extra equipment
needed
Installation Physical barriers
Cable costs Inflexible may preclude
FCC Licensing
Microwave required Difficult installation High cost
Figure 3:
Point-to-Multipoint
Figure 5: Antennas
In describing wireless LANs and LAN components, Cisco Aironet uses the following
terminology:
Association—each root unit or repeater (defined later in this section) in the infrastructure contains an
association table that controls the routing of packets between the access point and the wireless
infrastructure. The association table maintains entries for all the nodes situated below the access point
on the infrastructure including repeaters and client nodes.
Cell—the area of radio range or coverage in which the bridge can communicate with the access
point. The size of a single cell depends upon the speed of the transmission, the type of antenna used,
and the physical environment as well as other factors.
End node—a client device such as a workstation or laptop computer that has a wired Ethernet
connection to the bridge though a hub.
Infrastructure—the communications system that combines access points, bridges, mobile nodes and
fixed nodes. access points within the infrastructure can be root units, which are physically wired to
the LAN backbone, or they can act as wireless repeaters (defined later in this section). Other wireless
devices serve as fixed nodes or mobile nodes.
Parent/child node—refers to the relationships between nodes in the wireless infrastructure. The
complete set of relationships is sometimes described as a network tree. For example, the access point
(at the top of the tree) is the parent of the end nodes, and the end nodes are the children of the access
point.
Repeater—an access point that extends the radio range of the infrastructure. A repeater is not
physically attached to the wired LAN but communicates by radio to another access point, which is
either a root unit or another repeater.
Root unit—a point that is located at the top, or starting point, of a wireless infrastructure. A root unit
provides the physical connection to the wired LAN and contains configuration information in its
association table that covers all nodes that access the wired infrastructure. All access points directly
attached to the wired LAN backbone are root units.
Cisco Bridges are used to connect two or more wired LAN’s, usually located within
separate buildings, to create one large LAN. Cisco offers several bridge models to suite a
variety of needs from small to enterprise networks. The primary models are the 350
Series Multifunction Bridge (MFB), 350 Series Workgroup Bridge (WGB) and the 340
Series Workgroup Bridge (WGB). 1
The bridge communicates with Cisco Aironet access points, but does not communicate
with wireless networking devices manufactured by other companies.
Cisco Bridges offers many advantages over other more costly alternative connections.2
Some alternatives include T1 lines, cable or microwave connections. A T-1 line typically
costs between $400 to over $1,000 per month. For a site with four buildings, that could
cost anywhere from $15,000 to $36,000 per year. If such sites were connected via
wireless system, payback for the hardware costs incurred could actually be realized in
less than a single year.
In some cases where T-I is not available, or the buildings are located on the same
property, an underground cable could be put in place. Trenching today can cost over
$100/foot, depending upon the task. To connect three buildings located 1000 feet apart
from each other, the cost could exceed $200,000! Microwave is a solution for some sites
where distance is close, reliability is not critical, and money is no problem. With
microwave, an FCC license is required. The cost of the equipment is typically over
$10,000 per site, not including installation items. In the event of heavy fog, rains, and
snows, performance is questionable. Multipoint connections are usually not possible.
Bridging is quickly becoming one of the wireless industry’s largest markets. Some of the
many applications include:3
• Inter-building communications
• Campuses, airports, harbors, depots, parks
• School districts, universities
• Hospitals, banks, oil companies
• Geographically isolated areas
• Temporary/mobile work areas
• Replacement of dedicated phone lines
• Backup of wired connections
• Internet Service Providers (ISPs)
Antenna
• Two RP-TNC connectors (antennas optional, none
supplied with unit)
Encryption
• AIR-BR351: 40-bit
• AIR-BR352: 128-bit
The Cisco Aironet® 350 Series Multifunction Bridge is a dual-purpose wireless device
designed with the exacting requirements of the enterprise in mind.1 2 In bridge mode, the
Cisco Aironet 350 Series Multifunction Bridge provides for high-speed long-range
outdoor links between buildings. When configured as an access point (AP), the Cisco
Aironet 350 Series Multifunction Bridge is the ideal wireless infrastructure device for
installations subject to plenum rating and harsh environments such as warehouses,
factories, and the outdoors. Some additional features and specifications are shown in
Figures 3 and 4.
To provide flexibility during installation and configuration, the Cisco Aironet 350 Series
Multifunction Bridges may be accessed either over the LAN connection or via a console
port. The frequency agility option on the Cisco Aironet 350 Series enables multifunction
bridges to dynamically select the clearest transmission channel, avoiding noise and
interference, even in a changing environment. Frequency agility simplifies installation
and, by intelligently avoiding interference and selecting the best transmission channel,
maximizes throughput.
Figure 2:
Antenna
• AIR-WGB35xC: One nonremovable 2.2-dBi dipole
• AIR-WGB35xR: Two RP-TNC connectors (antennas optional,
none supplied with unit)
Encryption
• AIR-WGB351x: 40-bit
• AIR-AP352x: 128-bit
Indoor Range:
• 130 ft (40m) @ 11 Mbps
• 350 ft (107m) @ 1 Mbps
Outdoor Range:
• 800 ft (244m) @ 11 Mbps
• 2000 ft (610m) @ 1 Mbps
Bridge mode outdoors:
• 18 miles (28.9 km) @ 11 Mbps*
• Up to 25 miles (40.2 km) @ 1 Mbps*
Designed to meet the needs of remote workgroups, satellite offices, and mobile users, the
Cisco Aironet® 350 Series Workgroup Bridge brings the freedom and flexibility of
wireless connectivity to any Ethernet-enabled device.1The workgroup bridge quickly
connects up to eight Ethernet-enabled laptops or other portable computers to a wireless
LAN (WLAN), providing the link from these devices to any Cisco Aironet Access Point
(AP) or Multifunction Bridge. Other features are shown in Figure 2.
Flexible and Manageable—The workgroup bridge is available in two versions: 3 one with
a single, omni-directional dipole antenna and another with two RP-TNC connectors for
Installation—The 350 WGB is easily connected. All ports are accessed on the rear panel
shown in Figure 4. Power, Ethernet and antenna connections are available on the bridge.
Do not use inline power on the Ethernet port, since this will damage the unit. A
configuration reset button is also available if needed.
Throughput and Range—With a full 100-milliwatt (mW) of transmit power and the best
receive sensitivity in the industry, the Cisco Aironet 350 Series Workgroup Bridges
provide the longest range and best reliability available for wireless clients. Advanced
signal processing in the Cisco Aironet 350 Series helps manage the multipath propagation
often found in office environments. Intelligent filtering addresses ambient noise and
interference that can decrease network performance. Building upon Cisco leadership in
WLAN performance, Cisco Aironet 350 Series Workgroup Bridges provide the greatest
throughput available so users can enjoy virtually the same connectivity they gain from
wire-line connections. Based on direct sequence spread spectrum (DSSS) technology, the
Cisco Aironet 350 Series Workgroup Bridge operates in the 2.4 GHz band and supports
data rates up to 11 Mbps.
Solution for Mobile Devices –The Cisco Aironet 350 Series Workgroup Bridge delivers
superior range, reliability, and performance for business users who need information
access anytime, anywhere (see Figure 6). The workgroup bridge quickly connects any
Ethernet-enabled laptop or other portable computer to a WLAN, providing a "plug-and-
play" solution for e-mail and Internet access. Combined with unique Cisco security
services, this product ensures that business-critical information is secure. Most
importantly, Cisco workgroup bridges are easy to use, making the benefits of wireless
mobility completely transparent.
Figure 2: Features
Indoor Range:
• 75 ft at 11 Mbps
• 200 ft at 1 Mbps
Outdoor Range:
• 300 ft at 11 Mbps
• 1000 ft at 1 Mbps
Figure 4: 340
Designed to meet the needs of mobile users, remote workgroups or satellite offices, the
Cisco Aironet® 340 series workgroup bridge links up to eight Ethernet clients to a
wireless LAN.1 Equipped with a standard Ethernet connector, the workgroup bridge
connects to a single Ethernet device or, for up to eight devices, to a 10BaseT (RJ45) port
of an Ethernet hub. Other features and specifications are shown in Figures 2 and 3. The
workgroup bridge communicates with Cisco Aironet 340 series access points or wireless
bridges.
The 340 workgroup bridge is available with a single omnidirectional dipole antenna. An
option with two RP-TNC (reverse polarity threaded naval connector) connectors is also
available for applications that require antenna diversity or higher-gain antennas for long-
range applications.
• 10BaseT polarity: Turns solid amber if the 10BaseT polarity is reversed. Check
cable connections.
• 10BaseT active: Lights solid green to indicate that 10BaseT has been configured
as the active port.
• Ethernet Rx: Flashes green when an Ethernet packet has been received.
• Ethernet Tx: Flashes green when an Ethernet packet has been transmitted.
• 10BaseT active: Lights solid green to indicate that 10Base2 has been configured
as the active port.
• 10Base2 active: Blinks amber to indicate that a packet collision has occurred.
Serial
• Cable required is a 9-pin male-female straight through. These are commonly
available through your local electronics store and are sometimes called a serial
mouse extension cable.
• Any serial communications software can be used to run the ANSI terminal.
Software such as MS-Windows Terminal or HyperTerminal will work.
Power
1. Insert the small plug on the end of the AC/DC power pack cord into
the power port.
2. Plug the AC/DC power pack into an electrical outlet.
(120VAC/60 Hz or 90-264VAC as appropriate)
3. Power on the Aironet 340 Series Bridge by pushing the On/Off
button.
When power is initially applied to the bridge, all three indicators will flash in
sequence to test the functionality of the indicators.
If your bridge is not communicating with your wireless LAN, check the three
indicators on the top panel. They allow you to quickly assess the unit’s status.
Figure 1 shows the indicators, and the meanings of the indicator signals are listed below
The three indicator lights on top of the bridge report Ethernet activity, operational
status, and radio activity. The indicators are labeled in Figure 1.
• The Ethernet indicator signals Ethernet traffic on the wired LAN. This indicator
blinks green when a packet is received or transmitted over the Ethernet
infrastructure. The indicator blinks red when the Ethernet cable is not connected.
• The status indicator signals operational status. Blinking green indicates that the
bridge is operating normally but is not communicating with an access point.
Steady green indicates that the bridge is communicating with an access
• The radio indicator blinks green to indicate radio traffic activity. The light is
normally off, but it will blink green whenever a packet is received or transmitted
over the bridge’s radio.
Building A Building B
Optional
Optional
Antenna
Antenna
Bridge
0 to 25 miles
(line of sight)
Ethernet
Cabled LAN
• Will NOT communicate
Cabled LAN
Root=OFF (Child)
Root =OFF Root =OFF • Associates and
communicates to a Root
Wrong or “Parent” bridge
ONLY.
Ethernet
Building A
Bridge
Omni-directional Antenna
Building B Building C
Directional Directional
Antenna Antenna
Figure 6: Repeater
The Aironet 340 Series Bridge can be used in a variety of infrastructure configurations.
How you configure your infrastructure will determine the size of the microcell, which is
the area a single bridge will provide with RF coverage. You can extend the RF coverage
area by creating multiple microcells on a LAN.
Examples of some common system configurations are shown in Figures 1 through 3.
Point-to-Point
The Point-to-Point Wireless Bridge Configuration uses two units to bridge two individual
LANs. 1 Packets are sent between the file server and Workstation B through the wireless
bridge units (root unit and remote node) over the radio link. Data packets sent from the
file server to Workstation A go through the wired LAN segment and do not go across the
wireless radio link.
In a point-to-point bridge, two LANs can be located up to 25 miles apart.2 The antennas
MUST have line of site with each other. Obstacles such as buildings, trees and hills will
cause communication problems. When connected using Cisco Aironet bridges the
Ethernet segments in both buildings act as if they are one. The bridge does not add to the
Ethernet hop count, and is viewed by the network as simply a cable.
Set one bridge as Root ON and the other as Root OFF for the bridges to connect to each
other. 3
Point-to-Multipoint
When connecting three or more LANs (usually in different buildings), each building
requires an Aironet wireless bridge and antenna. This is called a Multipoint Wireless
Bridge Configuration. One wireless bridge is designated as the central site. Its antenna is
configured to transmit and receive signals from the wireless bridges at the other sites.
For multipoint bridging, an omni directional antenna is typically used at the main site.5
The remote sites then communicate with the main site, though not with each other
directly. Again, all the LANs appear as one. Traffic from one remote site to another will
be sent to the main site and then forwarded to the other remote site.
Line of sight must be maintained between the remote sites and the main site.
Set one bridge as Root ON and all others as Root OFF for the bridges to connect to each
other.3
Repeater
A repeater can be added to extend the range of a bridge, but it will not double it. As a
repeater, it needs to receive and transmit in more than one direction. Therefore, yagis
typically cannot be used. Only omni directional antennas can typically be employed, and
they are less effective than a link using two directional antennas. A second drawback is
that the throughput is reduced by approximately 50% because the repeater must transmit
and receive the data.7
Bridge
PCI Card
Bridge
Hub
25 Miles @ 2Mb
11.5 Miles @11Mb PCI Card
Channel 1 Channel 11
The Cisco Aironet bridges accept communications from client devices, such as the
Workgroup bridge, PC card, or PCI cards. These will work in harmony with remote
bridges. The bridge must be set to “access point mode” to enable communication with
client devices.1
Customers may want to save money and use the AP in place of a bridge. If the distance is
less than 1 mile, this can be done. However, if the distance is greater than 1 mile, it is
recommended that a bridge be used. Using an AP at more than 1 mile will not provide
reliable communications. This is due to timing constraints that the 802.11 standard puts
on the return times for packets acknowledgements. Remember, 802.11 defines a LAN -
Local Area Network - which is typically a wireless range of up to 1000 feet.
The bridge product has a parameter that stretches this timing (which violates 802.11) and
allows the Cisco Aironet devices to operate at greater distances. (All bridges that support
distances over 1 mile violate 802.11.) It also means other 802.11 vendors’ radios may
not work with the Cisco Aironet bridge at distances greater than 1 mile.2
A better way to increase distance is through the use of a linked repeater site. This site
consists of two bridges and two antennas, operating on two different channels. This
allows both sides to the link to operate simultaneously at full throughput. The drawbacks
to this are that is requires one extra bridge and antenna, however the loss in throughput of
about 15%.3
Figure 2: Repeater
Flash animation: show the signal weaken and fade over distance without a repeater.
Next, slide in a repeater in the middle. Indicate the antenna receiving the signal after a
repeater is used. This should also show how the repeater cleans up the signal, regenerates
& re-broadcasts a strong and clean signal.
Figure 3:
Bridge
• More intelligent than a hub. Analyzes incoming packets and
forwards or drops based on addressing information
• Collect and pass packets between network segments
• Maintain MAC address tables
• Different types of bridging
o Transparent
o Source Route(used primarily in Token Ring LANs
The four repeater rule in Ethernet states, that no more than four repeaters or repeating
hubs can be between any two computers on the network. Repeater latency, propagation
delay, and NIC latency all contribute to the 4-repeater rule. Exceeding the four repeater
rule can lead to violating the maximum delay limit. When this delay limit is exceeded,
the number of late collisions dramatically increase. A late collision, is when a collision
happens after the first 64 bytes of the frame are transmitted. The chipsets in NICs are not
required to retransmit automatically when a late collision occurs. These late collision
frames add delay referred to as consumption delay. As consumption delay and latency
increase, network performance decreases. This Ethernet rule of thumb is also known as
the 5-4-3-2-1 rule. Five sections of the network, four repeaters or hubs, three sections of
the network are "mixing" sections (with hosts), two sections are link sections (for link
purposes), and one large collision domain.
Routing—The bridge acting in any mode is cannot operate as full functioning router.
Only static host and network routes and default gateway(s) can be configured. A bridge
cannot be configured to run Cisco IOS features including routing protocols such as RIP,
IGRP, OSPF and EIGRP. A router must be put in place if IP subnetting, routing, load
balancing, quality of service (QoS), broadcast control or increased security is needed
within the network.
The bridge is capable of filtering traffic to some extent, but is not able to stop layer 2
frame broadcasts.
The bridge attaches directly to a 10BASE-T (twisted pair) Ethernet LAN segment. This
segment must conform to IEEE 802.3 or Ethernet Blue Book specifications.
The bridge supports the following protocols:
• TCP/IP
• SNMP: the resident agent is compliant with the MIB-I and MIB-II standards,
TCP/IP-based networks, as well as a custom MIB for specialized control of the
system
Figure 1: Warnings
Warning Do not operate your wireless network device near unshielded
blasting caps or in an explosive environment unless the device has been
modified to be especially qualified for such use.
Warning Unplug the power cord before you work on a system that does not
have an on/off switch.
Warning Read the installation instructions before you connect the system to its
power source.
Make sure that you read and understand the warnings and safety guidelines shown in
Figures 1 and 2 in order to avoid damage to the unit or personal injury.
If you are using a single antenna, it must be connected to the antenna connector nearest
the power connector, and diversity must be set to Off. If you are using dual antennas, the
diversity should be set to On.
Per the recommendation of the FCC, the installation of high gain directional antennas to
the system, which are intended to operate solely as a point-to-point system and whose
total power exceeds the +36 dBm EIRP, require professional installation. It is the
responsibility of the installer and the end user that the high power systems are operated
strictly as a point-to-point system.
If the bridge is connected to the wired LAN and is communicating with an access
point on the same LAN, a network problem known as a bridge loop can occur.
Avoid a bridge loop by disconnecting the bridge from the wired LAN immediately
after you configure it. Figure 3 shows the network configuration in which the loop
occurs.
A bridge loop can also occur if two or more bridges are connected to the same
remote hub. To prevent this bridge loop, always connect only one bridge to a
remote hub.
Connecting to The AP
• You can set the IP address via the serial port menu, by DHCP, or by reverse
ARP. To set the AP in Reverse ARP do the following:
• From a DOS shell or command prompt, type ‘arp -s <IP number> <MAC
address>’. The IP address is the one that you want to give to the bridge (it must
be in the same range as the PC you are doing this from) and the MAC address is
the address of the bridge.
• Open a HyperTerminal or Telnet program. Enter the bridge’s IP address. You
should now have the Command line screen for the Bridge.3
Open a web browser, and enter the bridge’s IP address on the address line of the browser.
You should now have the Web page screen of the bridge.2 3
Step 1 When the utility window opens, make sure Get IP addr is selected in
the Function box.
Step 2 Type the bridge MAC address in the Device MAC ID field. The
bridge MAC address is printed on the label on the bottom of the unit. It
should contain six pairs of hexadecimal digits. Your bridge’s MAC address
might look like the following example: 004096xxxxxx
Note The MAC address field is not case-sensitive.
Step 3 Click Get IP Address.
Step 4 When the bridge’s IP address appears in the IP Address field, write it
down. If IPSU reports that the IP address is 10.0.0.1, the default IP address,
then the bridge did not receive a DHCP-assigned IP address. Steps for
assigning an IP address are included in the next section.
Step 5 To check the IP address, browse to the bridge’s browser-based
management pages. Open an Internet browser.
Step 6 Type or paste the bridge’s IP address in the browser’s location or
address field. (If you are using Netscape, the field is labeled Netsite or
Location; if you are using Microsoft Explorer, the field is labeled Address.)
Step 7 Press Enter. The bridge’s home page appears.
The IP Setup utility (IPSU) allows you to find the bridge’s IP address after
it has been assigned by a DHCP server. You can also use IPSU to set the bridge’s IP
address and SSID if they have not been changed from the default settings. The sections
below explain how to install the utility, how to use it to find the bridge’s IP address, and
how to use it to set the IP address and the SSID.
Installing IPSU
Step 1 Put the Cisco Aironet Bridge CD in the CD-ROM drive of the computer you are
using to configure the Bridge.
Step 2 Use Windows Explorer to view the contents of the CD. Double-click the IPSU
folder, and then double-click the file called setup.exe. Follow the steps provided by the
installation wizard.
Step 3 Double-click the IPSU icon on your computer desktop to start the utility.1
If your bridge receives an IP address from a DHCP server, use IPSU to find its IP
address. Run IPSU from a computer on the same network as the bridge.2 Follow the
steps in Figure 3 to find the bridge’s IP address.
If your bridge does not receive an IP address from a DHCP server, or if you want to
change the default IP address, use IPSU to assign an IP address. You can set the bridge’s
SSID at the same time.4
The computer you use to assign an IP address to the bridge must have an IP address of its
own. IPSU can only change the bridge’s IP address and SSID from their default settings.
After the IP address and SSID have been changed, IPSU cannot change them again
unless you press the configuration reset button on the back panel to reset the
configuration to factory defaults.
Follow the steps in Figure 5 to assign an IP address and an SSID to the bridge.
Figure 1:
Summary of Configuration Steps
1. Choose the configuration method best suited for your network configuration.
2. Perform the initial setup of the bridge according to the steps for the
configuration method you select.
3. Use an Internet browser or Telnet to configure the bridge.
4. Unplug the power to the bridge and disconnect the bridge from the PC or hub.
The configuration remains in the bridge's memory after you remove power.
5. Place the bridge near the device or hub it will serve.
6. Use an Ethernet cable to connect the bridge to the hub it will serve, and plug in
the bridge's power.
Figure 2:
Information You Need Before Configuration
• The service set identifier (SSID) for the bridge. The SSID should match the
SSID of the access point the bridge will communicate with.
• A client name for the bridge. The name should describe the location or
principal users of the bridge.
• The correct WEP key settings for the bridge.
• If your network does not use DHCP to assign IP addresses, you will need an IP
address for the bridge.
IP address 192.168.200.1
SSID tsunami
Authentication open
type
Main Menu—After the bridge is assigned an IP address and is connected wirelessly to the
infrastructure, you can connect to the console system from a remote PC or host by using
the Telnet program or web browser. When the connection is made, the Main menu
displays. The console system is organized as a set of menus. Each selection in a menu list
can lead to a submenu or displays a command that configures or displays information
controlling the bridge. The main telnet menu is shown in Figures 4.
The Home page 5 is the equivalent to the Main menu screen when you access the console
system using Telnet. In order to make changes to the bridge, you must click Allow
Config Changes. When you click a configuration link, its configuration page displays.
To make changes, enter the values for the parameter you want to change and click Save.
You must click Save for each parameter you change. When you have finished making
changes, click Home to return to the Home Page.
About the Menus—You can perform the following general functions using menus:
• Configuration: configure Ethernet and radio parameters, establish network
identifications, enable Extensible Authentication Protocol (EAP), and set SNMP
values.
• Statistics: provide statistical information such as transmit and receive data
throughput, Ethernet and radio errors, and the general status of the bridge.
• Association table: contains the addresses of all radio nodes associated below the
bridge on the infrastructure. You may use the association table to display, add,
and remove static entries and allow automatic additions to the table.
• Filter: control packet filtering. The filter menu allows you to control forwarding
of multicast messages by blocking those multicast addresses and protocols that
are not used on the radio network.
• Logs: record all events and alarms that occur on the bridge. With the Logs menu,
you can view and/or print a history of all log entries, set alarm levels, and
determine the type of logs you want to save.
• Diagnostics: run link tests between the bridge and other infrastructure nodes to
test the quality of the radio link. Use the Diagnostics function to load new code
versions of the bridge's firmware.
• Privilege: set privilege levels and passwords to restrict access to the console
system's menus and functions.
• Help: view a brief help screen outlining the procedures for accessing menus and
typing commands.
Using the Configuration Radio Menu or Page—From the Configuration Radio menu or
Page, you can configure the radio network. Notice the view only menu available in
Figure 1. Remember that you have to click Allow Config Changes in order to change the
settings.2
Telnet—From the radio menu in the CLI, choose Main > Configuration > Radio 3
Establishing an SSID (Ssid)—The Ssid option establishes a unique identifier that the
bridge uses to associate with the access point. The SSID helps client devices distinguish
between multiple wireless networks in the same vicinity. The SSID can be any
alphanumeric, case-sensitive entry from two to 32 characters long.
Selecting the Data Rate and Basic Rate (Rates, Basic_rates)—The Rates option sets the
list of data rates at which the bridge will be allowed to send and receive radio packets.
The rate may be configured as an inclusive range (1 to 11) or as an individual rate (11).
The Basic_rates option determines the rate every radio node in the cell must support. If
the basic rate is not supported, the bridge is not allowed to associate. The lowest basic
rate controls the rate at which all multicast and broadcast packets are transmitted. The
highest basic rate controls the bit rate at which the management packets are transmitted.
Setting the World Mode (World)—The World option allows the bridge to automatically
inherit channel configuration and output power properties from the Cisco Aironet access
point to which it associates. The World mode should be enabled when the bridge is used
outside the United States.
Telnet—From the radio menu in the CLI, choose Main > Configuration > Radio >
Extended. 2
Setting the Refresh Time (Refresh)—The Refresh option specifies an amount of time
there has been no traffic between the bridge and its parent. If there has been no traffic
between the bridge and its parent for the time specified, the bridge sends a special refresh
packet to ensure that the parent is still reachable. The value may be set from 5 to 150
tenths of a second. Use the default value unless the bridge is mobile and needs to quickly
verify that it has moved out of range (faster than once every 15 seconds).
Diversity (Diversity)—The Diversity option enables the dual diversity feature of a bridge
equipped with two antennas. This option is not available for bridge models with one
captured antenna. For bridge models with two antennas installed, the Diversity setting
defaults to on. If your bridge is equipped with one antenna, verify that the Diversity
option is turned off and make sure the antenna is attached to the connector nearest the
power connector, as shown in the illustration below. Attaching the antenna to the
opposite connector will result in reduced operation.
Setting Fragment Size (Fragment)—The Fragment option determines the largest packet
size that may be transmitted. Packets that are larger than this size will be broken into
pieces that are transmitted separately and rebuilt on the receiving side. If there is
excessive radio interference or collisions with other nodes, the smaller lost packets can be
retried faster and with less impact on the airwaves. The disadvantage is that if there is
limited interference, long packets take more time to transmit due to the extra packet
overhead and acknowledgments for the fragments. Set the fragment size between 256
and 2048 bytes. Default fragment size is 2048.
Enabling / Disabling the Ethernet Port (Active) –The Active option enables or disables
the Ethernet port connection. The default setting for active is on. Choose off only to
temporarily stop traffic from the attached Ethernet devices.
If the Ethernet Port is disabled, the only way to access the bridge is through the radio
connection; if the bridge is not associated to an access point, you might have to reset to
default parameters using the reset button.
Setting the Maximum Ethernet Frame Size (Size)—The Size option defines the maximum
size of frames transmitted to and from the Ethernet infrastructure. Allowable values are
between 1518 and 4096. Do not set the maximum frame size to be greater than 1518
unless you are running proprietary software that allows you to exceed this maximum
Adding, Removing, and Displaying Client Node Addresses (Add, Remove, Display)—
Add, Remove, and Display Ethernet MAC Addresses
The Add, Remove, and Display options manage Ethernet MAC addresses for devices that
pass traffic through the bridge.
Add Ethernet MAC addresses—The Add option allows you to add Ethernet MAC
addresses for devices that might pass traffic through the bridge. If no addresses are added
through the Add option, the bridge learns the first eight MAC addresses that pass through
its Ethernet Port. Subsequently, only data from those addresses is allowed to pass through
the bridge.
Caution: The first MAC address you add should be that of the PC you are using to
Telnet or browse to the bridge.
You should add MAC addresses if there are more than eight Ethernet devices attached to
the hub to which the bridge is connected. This ensures that the selected devices
communicate through the bridge. After an address is added, the bridge won't learn any
more addresses. You must type each MAC address you wish to have communicate
through the bridge (up to eight).
Once you enter the first MAC address, the MAC addresses of every other device that you
want the bridge to communicate with must be entered. The process is not automatic and
the bridge will no longer "learn" any addresses. The addresses must be manually entered.
Remove Ethernet MAC Addresses—The Remove option allows you to remove specified
Ethernet MAC addresses. When all MAC addresses are removed, the bridge goes back to
learning the MAC addresses responsible for traffic on its Ethernet port.
Display List of Ethernet MAC addresses—The Display option displays the current list of
specified Ethernet MAC addresses.
Note: The Keep option must be set to off to enable the Staletime option
Overriding the Staletime Setting (Keep)—The Keep option overrides the Staletime
option. Setting the option to on keeps the bridge listed on the association table. Setting
the option to off enables the Staletime option.
Using the Internet Bootstrap Protocol and Dynamic Host Configuration Protocol
(Bootp/DHCP)—The Bootp/DHCP option allows you to select Bootstrap Protocol
(BOOTP) and Dynamic Host Configuration Protocol (DHCP) for dynamic assignment of
IP addresses. There are three options:
• Off: disables BOOTP and DHCP (default setting).
• BOOTP: configures BOOTP only.
• On: configures both BOOTP and DHCP.
Using BOOTP Protocol for File Downloads—BOOTP servers can also define a boot file
for the bridge to download. This feature of BOOTP is especially suited for updating new
firmware. A downloaded file is assumed to be a configuration file in the format produced
by the configuration dump command. A Trivial File Transfer Protocol (TFTP) dialog
retrieves the file from the server. The system processes the configuration file as though
the commands were being typed in real time. The commands in the file modify the
current configuration
Note The current configuration is not set back to the defaults before the file is
processed. Therefore, the file contents do not have to be a complete configuration but can
just contain the items to be changed
Once the configuration is processed, the name stored in the diagnostics load FTP
filename parameter is assumed to be the name of a firmware file to download. If the
parameter is not empty, the bridge uses the TFTP protocol to load the file into RAM.
If the firmware is different from the current version, the bridge programs the flash
memory with the new code and restarts to execute it. If the firmware is the same, the
bridge discards the loaded file and continues normal operation
Configuring DHCP Servers (Class)—Use the Class option to type a class ID for a client
node. The DHCP server determines how to respond based on the class ID.
Specifying the Internet Default Gateway (Gateway)—The Gateway option identifies the
default IP address to which packets are forwarded to reach another subnet of the
infrastructure when none of the other table entries apply. This address may also be
assigned by a BOOTP or DHCP server. If the value is left as 0.0.0.0, the bridge uses the
true destination address and assumes that a gateway will respond to ARP requests for the
remote destination
If the destination address is on another subnet and matches the infrastructure portion of a
net entry in the table (using the associated subnet mask), the packet is forwarded to the
MAC address corresponding to the next-hop IP address from the table entry.
If the destination address is on another subnet and does not match any entry in the table,
the packet is forwarded to the MAC address corresponding to the default gateway's IP
address
Displaying the Routing Table (Display)—The Display option displays the entries in the
routing table. 4
Entering a Host Route (Host)—The Host option controls the forwarding of packets to a
single host address. You are prompted for the host's IP address along with the IP address
to which the packets should be forwarded to reach the host.
Deleting a Route (Delete)—The Delete option removes entries from the routing table.
You can delete all entries or only specific IP addresses.
Using DNS Server Names (DNS1)—The Dns1 option allows the use of domain name
system (DNS) server names instead of using numerical IP addresses for management
packet routing. Type the IP address of the DNS on the system.
Using DNS Server Names (DNS2)—The Dns2 option provides a secondary DNS server
name.
Using Name Domains (Domain)—The Domain option provides the ability to use a
domain name, thus allowing shortened entries for DNS names.
Using the Configuration Console Menu or Page—From the Configuration Console menu
you can set up essential system parameters. Figure 1 displays the web browser
configuration screen to modify the console settings.
Keep in mind the following when setting privilege levels and passwords:
• Only read-only and read/write privilege levels can be password protected.
• You can always go from a higher privilege level to a lower privilege level without
a password. If you try to go to a higher privilege level, you must type the
password.
• Passwords are case sensitive.
After a privilege level is assigned, anyone attempting to access that level is prompted for
the password; therefore, you can set various privilege levels for individuals, providing
them with access to some options while denying them access to others. Remember that
passwords are case sensitive. If an incorrect password is typed, the console pauses briefly
before re-prompting. The connection is dropped after three consecutive failures, and a
severe error log is displayed.
Controlling Remote Access (Display, Add, Delete)—Use the display, add, and delete
options to create and manage a list of hosts that are allowed access to the bridge’s console
system. The list controls access from Telnet, HTTP, or FTP. SNMP access is controlled
separately on the Configuration SNMP Communities menu. If the list of hosts is empty,
any host in the infrastructure can attempt to connect. When the appropriate password is
provided, the connection is made. If the list contains entries, any host not on the list
cannot gain access. An entry in the list can be specified as an IP address or a MAC
address.
Setting the Terminal Type (Type)—Sets the terminal type to Teletype (TTY), ANSI, or
Colour. If the terminal or emulation program you are using supports the ANSI escape
sequences, you should use ANSI.
Using the Configuration Time Menu (Time)—Use the Time menu to set time
parameters. If change are made in the web browser configuration mode, make sure to
click on the Save button to save the configuration to Flash.1
• Step 2—From Telnet’s Terminal pull-down menu, choose Start Logging and
name the file.
After you have typed one of these options, the configuration commands
appear on the screen.
• Step 8—Choose Stop Logging from Terminal pull-down menu. See Step 2.
Loading New Code Versions (Load)—The bridge code is stored in a Flash memory chip
inside the bridge. Use the Load option to load new code versions of the bridge's firmware
and save it to Flash memory.
To load new versions of the firmware, the code must be loaded into main memory first,
then programmed into the Flash memory. The bridge reboots using the new firmware.
The Flash memory retains the new version even if the power is disconnected.
Downloading or Uploading Firmware Using FTP (Ftp)—Use the Ftp option to download
or upload firmware. The bridge can be an FTP client or FTP server. Before you
download or upload new code versions, make sure you have set the IP address on all
bridges involved
Uploading a New Firmware Version (Put)—Use the Put option to upload (send) a copy
of the currently running firmware to another system. If the system is a PC or host, a copy
of the firmware is stored on the system's disk, possibly for downloading to other bridges
later. If the system is a Cisco bridge, the remote bridge flashes the new code and begins
running it immediately. You can use one bridge to upgrade another bridge.
The Diagnostics Load Distribute menu provides a range of options for distributing
firmware or configuration from one bridge to all other bridges on the infrastructure.1
These options reduce the time needed to perform firmware upgrades or make global
changes to the configuration.
If you are distributing a configuration, examine the parts of the bridge's configuration that
will be distributed by choosing Main > Configuration > Dump > Distributable >
Standard. The Go option starts the distribution. The following message appears:
When the command executes, the local bridge sends a special broadcast message to all
other bridges in the radio infrastructure. The message reports that the bridge has a new
firmware file with its assigned version number or a configuration file.
The remote bridges then determine whether to respond based on the value of their control
parameter. Any responses are displayed on the local bridge similar to the following
message.
When the local bridge receives a response to its request, the remote bridge is added to a
list of bridges to be loaded. When the response time-out period has expired, the local
bridge begins loading all remote bridges in parallel using a proprietary protocol. A
message similar to the following is displayed.
If any remote bridges timeout during the load, they are removed from the list. After all
bridges finish loading, the local bridge displays a count of the successful loads. A
message similar to the following is displayed.
Completed loading 004096001d45
The Type option selects the file type to be distributed. Choices are firmware or
configuration.
The Control option controls how the remote bridges respond to a request to send a
configuration or firmware. You can choose from the following options:
• None: the bridge never responds and cannot be loaded by another bridge using the
distribute command.
• Newer: the bridge only responds if the version of firmware being distributed has a
larger version number than the code currently running. This selection applies only
to firmware downloads.
• Any: the bridge always responds. It is up to the distributing bridge to determine
whether to load the local bridge.
• A password of at most 8 characters: a password that must be typed by the
operator of the bridge doing the distribution. The local bridge will not respond to
any distributions that do not supply this password.
If the distribution is password protected, only those bridges that have the same password
configured in the control parameter accept the distribution. Therefore, the bridges can be
protected from unwanted loads. The password may also be used to divide the bridges into
code load groups such that the loads to one group do not affect the other groups. If the
distribution is done without a password, the load is ignored by remote bridges with a
configured password. If a remote bridge does not have a password and firmware is being
distributed, it only accepts the load based on the version number and code checksum.
The Add option changes the distributable configuration. Each line of the configuration
carries a designation either send or local. After typing the encoded configuration ID, type
either send or local to change the assigned designation and press Enter twice to apply
the change.
The Remove option reverses the most recent change. You can choose between reversing
the change made to a single encoded configuration ID or typing all to reverse all
designations.
The Show option lists the changes made to configuration items.
The Dump option displays the complete configuration.
This section describes how to use the Statistics menu to monitor the performance of the
Workgroup Bridge. The available statistics are as follows:
Viewing Error Statistics (Radio)—The Radio option displays a detailed summary of the
radio transceiver errors that have occurred on the bridge.
Displaying Overall Status (Status)—The Status option displays the settings of the most
important configuration parameters of the bridge as well as important run-time statistics.
Use the display to verify correct configuration.(Menu Only Option)
Displaying the Network Map (Map)—The Map option causes the bridge to poll all of the
other Cisco Aironet devices in the local infrastructure for information about the radio
nodes associated to them. Nodes that are associated to parents are displayed one level
from their parents
Recording a Statistic History (Watch)— The Watch option records the values of a chosen
statistic over time. After you select a statistic and a time interval, the bridge starts a timer.
At each timer expiration, the bridge records the current value of the statistic. The last 20
samples are saved.
Displaying a Statistic History (History)—The History option displays the history of the
statistic being recorded.
Interpreting Ethernet Error Statistics—The following list describes the items appearing in
Figures 1 and 2:
Displaying Overall Status (Status) Menu—The Status option displays the settings of the
most important configuration parameters of the bridge as well as important run-time
statistics. Use the display to verify correct configuration. The display is broken into
sections describing: 1
• The radio
• Any LAN connections
• Any filtering being done
Displaying the Network Map (Map) Menu or Page—The Map option causes the bridge to
poll all of the other Cisco Aironet devices in the local infrastructure for information about
the radio nodes associated to them. Nodes that are associated to parents are displayed one
level from their parents. 3
The other Cisco Aironet devices in the infrastructure are polled once every 30 seconds.
Because all radio nodes respond, running the displays constantly could generate a
significant amount of traffic. You may want to consider not running the displays
constantly.
Id: displays node ID given to the bridge by its parent access point.
Address: displays the address of the parent access point.
Signal: displays the signal strength of the RF link.
Tx Pkt: displays the number of packets transmitted.
Tx Byte: displays the actual number of bytes transmitted.
Retry: displays the number of transmitted packets that were resent.
Rx Pkt: displays the number of packets received.
Rx Byte: displays the actual number of bytes received.
Rate: displays the current RF data rate in Mbps.
Upon completion of this chapter, you will be able to perform the following
tasks:
• Antenna Theory
• Directional Antennas
• Omni directional Antennas
• Cable and Accessories
• Link Engineering and RF Path Planning
• Installation
Overview
This chapter will cover basic antenna theory including directional and omni-directional
antenna selection. Cables, connectors and accessories for antennas will be discussed.
You will learn about important antenna design considerations such as link engineering,
path planning and installation.
Figure 1:
Antennas
Figure 2:
Antennas
Omni Semi-Parabolic Panel
Parabolic
Patch
Yagi
Figure 4:
Wireless Antennas
for Access Points
Rubber DiPole Pillar Mount Ground Plane Patch Wall Ceiling Mount Ceiling Mount
High Gain
Type Omni Directional Omni Directional Omni Omni
Gain 2.15 dBi 5.2 dBi 5.2 dBi 8.5 dBi 2.2 dBi 5.2 dBi
N/A 3’ 3’ 3’ 9’ 3’
Cable Length
Patch Wall Mast Mount Mast Mount Yagi Mast Solid Dish
High Gain
Type Directional Omni Omni Directional Directional
Figure 6:
Wireless Roaming
Antenna Coverage
•Maximum coverage per antenna •Different increased distances per •Indoor Vs. Outdoor
antenna
Omnidirectional Directional
An antenna can be any conductive structure that can carry an electrical current. If it
carries a time varying electrical current, it will radiate an electromagnetic wave, maybe
not efficiently or in a desirable manner but it will radiate. Usually one designs a structure
to radiate efficiently with certain desired characteristics. If one is not careful, other things
may radiate also including the transmission line, the power supply line, nearby structures
An antenna should transfer power efficiently. That means that its impedance should
match that of its connecting transmission line. The transmission line should transfer all of
its power to the antenna and not radiate energy itself. This means that the mode of the
transmission line should be matched to mode of the antenna. Often one wants the antenna
to radiate in a specified direction or directions. This is accomplished by designing it to
have the proper radiation pattern. Closely related to this is the antenna polarization. Many
times antennas are arranged in arrays in order to achieve the desired pattern. These arrays
may then be electronically steered. A passive antenna, that is one with no amplifiers
attached, will have the same characteristics whether it is transmitting or receiving. The
antenna used for WLANs has two functions.
• Receiver—The sink or terminator of any signal on a transmission medium.
In communications, a device that receives information, control, or
other signals from a source.
• Transmitter—The source or generator of any signal on a transmission
medium.
In order to understand wireless networks, as well as how to set them up and optimize
them for best performance, some knowledge of antennas is essential.
In this section we will cover some of the basics of antennas and how they work, in order
to give you an understanding of when to use which antenna.
Cisco Aironet® wireless client adapters come complete with standard “rubber
ducky” antennas that provide sufficient range for most applications at 11 Mbps.
To extend the transmission range for more specialized applications, a variety of
optional, higher-gain antennas are provided that are compatible with selected
client adapters. The antennas should be chosen carefully to make sure optimum range
and coverage are obtained.
Cisco Aironet® AP antennas are compatible with all Cisco RP-TNC-equipped APs. The
antennas are available with different gain and range capabilities, beam widths, and form
factors. Coupling the right antenna with the right AP allows for efficient coverage in any
facility, as well as better reliability at higher data rates.
A variety of antennas are available for bridges depending on the required distance and
mounting possibilities. The omni antennas are generally used for point-to-multipoint
implementations.
Web Resources
Telex Wireless Products Group
http://www.telexwireless.com/home.htm
Figure 1: Variables
• Bandwidth
• Beamwidth
• Gain
• Polarization
• Diversity
• Power
Figure 2:
Antenna Concepts
• Directionality
–Omni (360degree coverage) directional
–Directional (limited range of coverage)
• Gain
–Measured in dBi and dBd. (0dBd = 2.14dBi)
–More gain means more coverage -
in certain directions!
• Polarization
–Antennas are used in the vertical polarization
How much distance can there be, in miles, between the antennas at each end of a link?
This is a very common question that, unfortunately, does not have a quick or simple
answer. The maximum link distance is governed by all of the following:
• Maximum available transmit power
• Receiver sensitivity
• Availability of an unobstructed path for the radio signal
• Maximum available gain for the antenna(s)
• System losses (such as loss through coax cable runs, connectors, etc.)
• Desired reliability level (availability) of link
Some product literature or application tables may quote a figure, such as "20 miles" or
such. In general, these quoted single-values are optimum, with all variables as listed
above optimized. Also, it's important to keep in mind that the availability requirement
will have a drastic affect on the maximum range. That is, the link distance can perhaps
Once these things are known, the other variables, such as antenna gain, etc. can be chosen
and known, and a very definitive answer for the maximum range obtained.
Web Resources
http://www.cisco.com/warp/public/cc/pd/witc/ao340ap/prodlit/airoa_ds.htm
Figure 1:
Bandwidth
Figure 1:
Antenna Beamwidth
Figure 2:
44 degrees
Gain
4m Antenna
60 Diameter
3m
2m
50
1m
Antenna
Gain 40
(dB)
30
20
10
1 2 5 10 20 40
Frequency (GHz)
In RF, as with anything in life, you have to give up something to gain something
else.
In antenna gain, this comes in the form of coverage angle (beamwidth). As the gain of an
antenna goes up, the beamwidth goes down.
The next few pages will explain how the gain of an antenna works, and what the effect of
increasing gain does to the radiation pattern of the antenna.
Figure 1:
Figure 2:
Antenna Polorization
Antenna Polarization
Tx
Tx
Figure 4:
Cross Polarization
There are two categories of polarization, or polarization types: linear and circular. Each
has two sub-categories within: vertical or horizontal for linear, and right- or left-handed
for circular.
Do the antennas for both ends of my link need to be the same exact size or type? No. For
example, there are cases where the antenna mounting arrangements at one end of a link
may only be able to physically support relatively small antennas, yet the link requires a
larger antenna at the other end to provide the needed antenna gain for the path length in
question. Or, a high-gain, narrow pattern antenna may be needed at one end to avert an
interference problem, which may not be a concern at the other end.
Keep in mind that the total antenna gain for a link is commutative; that is, if the two
antennas have different gains, it doesn't matter which is at which end (except in
consideration of mounting/interference issues).
And one final important warning: even though the two antennas for a link may look very
different from each other, they must have the same polarization in order for the link to
work properly!
Cross-Polarization
When two antennas do not have the same polarization the condition is called cross-
polarization. For example, if two antennas both had linear polarization, but one had
vertical polarization and the other had horizontal polarization they would be cross-
polarized. The term cross-polarization (or "cross-pol") is also used to generally describe
any two antennas with opposite polarization.
Figure 1:
Antenna Theory
• A theoretical
isotropic antenna Side View
has a perfect 360 (Vertical Pattern)
degree vertical
and horizontal
Top View
beamwidth. (Horizontal Pattern)
• This is a reference
for ALL antennas
Figure 2:
• To obtain omni-directional
gain from an isotropic
antenna, the energy lobes
are ‘pushed in’ from the Side View
top and bottom, and (Vertical Pattern)
forced out in a doughnut
Vertical Beamwidth
type pattern.
New Pattern (with Gain)
All FCC rules and all antennas are measured against what is known as an isotropic
antenna, which is a theoretical antenna. This is the basis for ALL other antennas. An
isotropic antenna’s coverage can be thought of as a balloon. It extends in all directions
equally. When we design an omni-directional antenna to have gain, we lose coverage in
certain areas.
You can imagine the radiation pattern of an isotropic antenna as a balloon, which extends
from the antenna equally in all directions. Now imagine pressing in the top and bottom of
the balloon with you fingers. This causes the balloon to expand in an outward direction,
covering more area in the horizontal pattern, but reducing the coverage area above and
below the antenna. This yield a higher gain, as the antenna “appears” to extend to a larger
coverage area.
The DX Zone
http://www.dxzone.com/catalog/Software/Antenna_analysis/
Antennas
http://www.cebik.com/
Receiver Antennas
Spatially Separated
Transmitter Receiver1
Combiner
Output
Receiver2
Transmitter 1 Receiver 1
Input Output
Combiner
Transmitter 2 Receiver 2
The receiver of a microwave radio accepts signals from two or more antennas spaced
apart by many wavelengths. The signal from each antenna is received and then
simultaneously connected to a diversity combiner. Depending upon the design, the
function of the combiner is either to select the best signal from its output or to add the
signals
Space Diversity is usually the first choice for system protection as it does not require
extra bandwidth. With frequency diversity, the information signal is simultaneously
transmitted by two transmitters operating at two different frequencies. If the separation
in frequencies of the two transmitters is large, the frequency selective fading will have
low probability of affecting both paths to the same extent, hence improving the system
performance
Figure 1:
Figure 2:
Omni-Directional Antennas
If we continue to push in on the ends of the balloon, we can get a pancake effect with
very narrow vertical beamwidth, but very large horizontal coverage. This type of antenna
design can deliver very long communications distances, but has one drawback- poor
coverage below the antenna. With high gain omni-directional antennas, this problem can
be partially solved by designing in something called downtilt. An antenna that uses
downtilt is designed to radiate at a slight angle rather that at 90 degree from the vertical
element. This does help for local coverage, but reduces effectiveness of the long range
ability. Cellular antennas use downtilt. The Cisco 12dBi omni antenna has a downtilt of
0 degrees.
Figure 1:
Figure 2:
Figure 3:
Figure 1:
Figure 2:
The 2.2 dBi Ceiling Mount Omni is designed to be mounted to the metal grid of a
suspended ceiling. It has a ¼” x 20 thread bolt hole on its base and a clamp that screws
into this hole. When utilized, this clamp expands enough to allow you to install the
antenna on the metal ceiling grid and then slide the clamp snugly back together. Other
options are to drill a hole into a ceiling beam and use a ¼” x 20 thread bolt to bolt it in a
vertical position. This antenna is more aesthetically pleasing than the rubber duck.
This antenna is only for indoor applications and should be mounted with the bolt hole end
pointing to the ceiling. It is not a good choice for schools, hospitals, or other high traffic
facilities with low ceilings, as they tend to become piñatas. This antenna is vertically
polarized but does have a slightly downward tilted beam, allowing its coverage pattern to
cover the areas below the ceiling.
It is very similar in look to the 5.14 dBi Ceiling Mount Omni – just shorter and less gain.
Figure 1:
Figure 2:
The 5.14 dBi Mast Mount Omni is designed to be clamped to a mast or pole.
The base of the antenna has an aluminum section which gives it enough strength
to withstand being clamped. This antenna is delivered with a hose clamp and
aluminum friction bracket for mounting. You must supply the mast to which the
antenna will be clamped.
The mast is designed for more industrial applications. In outdoor applications, the
antenna cable end must be facing down. In indoor applications, the cable end should be
facing the ceiling. Whether indoor or outdoor, this antenna is vertically polarized and
should be mounted perpendicular to the floor or ground.
Figure 1:
Figure 2:
The 5.14 dBi Ceiling Mount Omni is designed to be mounted to the metal grid of a
suspended ceiling. It has a ¼” x 20 thread bolt hole on its base and a clamp that screws
into this whole. When utilized, this clamp expands enough to allow you to install the
antenna on the metal ceiling grid and then slide the clamp snugly back together. Other
options are to drill a hole into a ceiling beam and use a ¼” x 20 thread bolt to bolt it in a
vertical position.
More aesthetically pleasing than the mast mount version, the antenna is only for indoor
applications and should be mounted with the bolt hole end pointing to the ceiling. This
antenna is not a good choice for schools or hospitals as they tend to become piñatas. This
antenna is vertically polarized but does have a slightly downward tilted beam, allowing
its coverage pattern to cover the areas below the ceiling.
Figure 1:
Figure 2:
The 5.14 dBi Pillar Mount Diversity Omni is designed to be mounted to the side
of a pillar. It is two antennas in one package, wrapped by cloth to make it look like
something other than an antenna, such as a stereo speaker. Sears deploys these antennas.
This antenna has two pig tails with two RP TNC connectors. There is no need to buy two
of these per AP.
This antenna is only for indoor applications and comes with two brackets that make it
easy to mount it to a pillar.
Figure 1:
Figure 2:
The 5.14 dBi Ground Plane Omni is designed to be mounted in the ceiling. It has an
aluminum backing plate built into the antenna. The backing plate serves to focus the
omni directional antenna down, instead of into the ceiling. This antenna is a very good
choice for suspended ceilings, as a hole can be drilled into a ceiling tile that is large
enough for the white antenna mast to hang through. The backing plate will lay on top of
the ceiling tile with a small portion of the antenna mast protruding below the ceiling tile.
This antenna is only for indoor applications. There is a ¼” hole in the backing plate
allowing the antenna to be bolted for different mounting needs.
Figure 1:
The 12dBi antenna is only for outdoor long range applications. The antenna, as with all
outdoor-only antennas, has a short 12” coax pigtail making it necessary to utilize antenna
extension cables. It is designed to be clamped to a mast or pole. The base of the antenna
has a metal section giving it enough strength to withstand being clamped.
This antenna is delivered with a set of U-bolts and friction brackets. You must supply the
mast to which the antenna will be clamped. This antenna is vertically polarized and must
be mounted perpendicular to the ground with the pigtail on the bottom. This antenna has
a +3.5 and –3.5 degree beam spread from perpendicular.
Figure 1:
Directional Antennas
• For directional
antennas the lobes
are pushed in a Side View
(Vertical Pattern)
certain direction,
causing the energy to
be condensed in a
particular area.
Top View
(Horizontal Pattern)
• Very little energy is in
the back side of a
directional antenna.
Figure 2:
Directional Antennas
• 12dBi Omni Directional Antenna
• 3dBi Patch Antenna – 65 degree
• 6dBi Patch Antenna – 65 degree
• 8.5dBi Patch Antenna – 55 degree
• 13.5dBi Yagi Antenna – 25 degree
• 21dBi Parabolic Dish Antenna – 12 degree
For a directional antenna, the design has the same idea, but simply redirects the energy in
a single direction. Also called a non-isotropic antenna, it is an antenna in which the
radiation pattern is not omni-directional.
Consider an adjustable beam focus flashlights. You only have two batteries, and the same
bulb, but you can change the intensity and width of the light beam. This is accomplished
by moving the back reflector and directing the light in tighter or wider angles. As the
beam gets wider, its intensity in the center decreases, and it travels a shorter distance.
The same is true of a directional antenna. You have the same power reaching the antenna,
but by building it in certain ways, you can reflect and direct the RF energy in tighter and
stronger waves, or wider and less intense waves, just as with the flashlight.
Figure 1:
Figure 2:
The 3dBi patch provides excellent coverage with a wide radiation pattern. This antenna
looks identical to the 6dBi Patch, but comes with 20 feet of RG-58 coax antenna cable
instead of 3 feet. It is typically used for European applications (due to restrictions on
antenna gain).
Great antenna for indoor and outdoor applications when properly mounted, it has three
holes in perimeter of antenna allow for screwing antenna to a wide variety of surfaces.
Figure 1:
Figure 2:
The 6dBi patch provides excellent coverage with a wide radiation pattern. This antenna
looks identical to the 3dBi Patch only but comes with 3 feet of RG-58 coax antenna cable
instead of 20 feet.
Great antenna for indoor and outdoor applications when properly mounted, it has three
holes in perimeter of antenna allow for screwing antenna to a wide variety of surfaces.
Figure 1:
Figure 2:
The 8.5dBi provides more gain than the 6dBi, but less beam width. This antenna comes
with a 3 foot coax pigtail.
Great antenna for outdoor and some indoor applications, it has four holes in corners of
antenna allow for screwing antenna to a wide variety of surfaces.
Figure 1:
Figure 2:
Figure 5:
The Yagi is a small (18” x 3”) lightweight (1.5Lbs) enclosed antenna that can be used for
ranges up to 6.5 miles at 2Mbps, and 2miles at 11Mbps. The 13.5dBi Yagi is used for
long distance communication, and provides excellent results in a small package. This
antenna comes with a 3 foot coax pigtail.
Great antenna for outdoor and some indoor applications, it has four holes in corners of
antenna base and comes with two u-bolts for mounting to a mast.
An optional articulating mount is available.
Figure 1:
Figure 2:
The solid dish is the best structural dish antenna on the market. It will with stand icing
and winds over 110 MPH. It will allow 2 Mbps operation up to 25 miles, and 11 Mbps
operation up to 11.5 miles.
For very long distance applications, Cisco offers the 21dBi parabolic dish.
The use of this dish antenna with the standard Cisco product, can exceed the
FCC limitation on radiated power for point-to-multipoint systems. This antenna,
Great antenna for outdoor long distance bridging applications, it has very sturdy
mounting hardware on back side with adjusting turnbuckles allowing for altitude and
latitude adjustments. Is delivered with u-bolts for mounting to a mast. A word of
warning - the mast must be very sturdy!
Cable types
• Flexible
• Semi-flex
• Semi-rigid
If you are setting up bridges to communicate over a long distance, it is important that the
antenna cables not be longer than is necessary. The longer a cable, the more the signal it
carries will be attenuated, resulting in lower signal strength and consequently lower
range. A tool is available which you can use to calculate the maximum distance over
which two Bridges can communicate based on the antenna and cable combinations in use.
You can download this tool listed in the web resources section below.
If there is an unused coax cable already installed in my building between where I will
install the wireless router interface and the outdoor antenna. Can I just use this cable for
the IF cable? Probably not. First of all, the IF (and RF) cable must have a 50 ohm
impedance specification. Some types of coax cables that are/were used with LANs may
have other impedance specs, and thus cannot be used. If you verify that the existing
cable is indeed a 50-ohm type, it still must meet two other specification requirements:
• The total loss at 400 MHz for the entire run length must be 12 dB or less
• The coax's center conductor size must be #14 AWG or larger.
Web Resources
Cuschcraft
http://www.cushcraft.com/mainjs.htm
Figure 1:
Cable Type 400 MHz 2.5 GHz 5.8 GHz
Loss (dB/100 ft.) Loss (dB/100 ft.) Loss (dB/100 ft.)
Low-loss cable extends the length between any Cisco Aironet bridge and
antenna. With a loss of 6.7 dB per 100 feet (30m), the low-loss cables provide
installation flexibility without a significant sacrifice in range.
RF energy is carried between the antenna and the radio equipment through a coaxial
cable. The use of coaxial cable to carry RF energy always results in some loss of signal
strength as it travels along the cable. The amount of loss is directly proportional to the
length of the cable, and is generally inversely proportional to the diameter of the cable,
assuming that similar materials are used in construction.
The thicker the cable, the lower the loss. The loss does not depend upon which direction
the signal travels through the cable (transmitted signals lose the same percentage of
strength as received signals). Cable loss is also proportional to frequency:
• For a given length of cable, a higher frequency signal will always experience
more loss than a lower frequency signal
• For a given diameter class the more flexible cable types experience more cable
loss
Lost energy is wasted as heat, but at the power levels involved with microwave radios,
cable heating is so insignificant as to be undetectable
Like any other network cables, the antenna cables must be properly installed to ensure the
signal carried is clean and free from interference. In order to ensure the cables perform to
their specifications, pay careful attention to avoid the following:
• Loose connections. Loose connectors on either end of the cable result in poor
electrical contact and degrade the signal quality.
• Damaged cables. Antenna cables with obvious physical damage do not perform to
specification. For instance, damage can result in induced reflection of the signal
within the cable.
• Cable runs shared with power cables. It is possible for EMI produced by power
cables to affect the signal on the antenna cable.
I've just been made aware that the outdoor coax connections should be sealed, but my
link is already installed and operating. Is it too late to seal these connections, and should
I bother now? No, it is not too late, and yes, you absolutely should seal them as soon as
possible, as long as the system is functioning properly and thus has not yet suffered any
moisture-related damage. With some types of sealing products, such as Coax-Seal, you
can seal the connections without having to disconnect the connections and take an
operating link off-line.
Cable Problems
The cables which connect antennas to Cisco Aironet WLAN devices are a possible
source of radio communication difficulties.
Figure 2:
Figure 4:
A splitter will add about 4db of loss. If you manufacture your own cables and they are
longer than the supplied cables, then the loss will increase (depending on what type of
cable you use). See the technical specifications of your specific splitter for exact
measurements. Each antenna connected to the splitter suffers the 4dB loss. This means
that while the use of a splitter and a second antenna may allow you to cover more area, it
will not double your coverage area.
Sealant
You will need to seal the coax connectors to prevent water intrusion into the connectors.
If water gets into the connectors, it will work its way into the coax, contaminating it and
rendering the coax unusable. The only way to prevent this from happening is to use a
sealant. RTV is not a good sealant as many variation of this contain a curing agent that is
actually corrosive to metal, and can also cause bad connections. Coax-Seal is product that
is available to seal connectors. It is available from most ham radio stores and many two-
way radio shops. Typical cost is $3.00 per roll (or about 33 cents per connection).
Flash Activity
Take the TNC assembly document & create a flash to assemble TNC Plug to RG58 cable.
http://www.amphenolcnp.com/pdf/reverse_polarity_spec.pdf
Web Resources
Amphenol
http://www.amphenol.com
Indoors
Outdoors
This ruling applies to outdoor, point-to-point links more than it does to an internal
WLAN. The ruling is designed to keep installers from adding an amplifier and interfering
with other Part 15 products. But it may still apply indoors as well. For example, many
department stores are located in shopping malls. Many department stores use WLAN
equipment. If you installed an amplifier in one of these stores and it interfered with
another store’s system, this would be a problem. A steel mill located outside of a city
with nothing else around it would probably not have the same concerns. Be aware of the
ruling and be aware of other systems in the area that you may be infringing upon when
deciding if an amplifier is needed. In indoor applications, another AP is a better solution
than an amplifier.
Lightning Arrestor
The Cisco Aironet lightning arrester is designed to protect Cisco Aironet spread-
spectrum WLAN devices from static electricity and lightning surges that travel on
coaxial transmission lines. The lightning arrester comes complete with the
reverse polarity TNC (RP-TNC) connectors used on all Cisco Aironet antennas
and RF devices meeting FCC and DOC regulations.
The Cisco Aironet lightning arrester prevents energy surges from reaching the RF
equipment by shunting the current to ground. Surges are limited to less than 50 volts, in
about 0.0000001 seconds (100 nano seconds). A typical lightning surge is about
0.000002 (2 microseconds). The accepted IEEE transient (surge) suppression is 0.000008
seconds (8 microseconds).
A lightning arrestor has two main purposes:
• To bleed off any high static charges that collect on the antenna helping prevent
the antenna from attracting a lightning hit.
• To dissipate any energy that gets induced into the antenna or coax from a near
lightning strike.
The most important part of installing a lightning arrester is to install a proper earth
ground that will dissipate excess energy. Typically this is done using a grounding rod. A
ground rod is a metal shaft used for grounding. These rods are to be driven in the ground
at least 8 ft. These rods when made of iron or steel shall be at least 5/8 inches thick. Non-
ferrous rods should be free of paint or any other non-conductive material should be listed
and not less than 1/2 inches thick.
Electricity will follow the path with the least resistance to get to ground. Most codes call
for a ground system of 25 ohms or less. A single electrode consisting of rod, pipe, or
plate that does not have a resistance to ground of 25 ohms or less should be augmented
by one additional electrode of any of the types specified above. Where multiple rod, pipe,
or plate electrodes are installed to meet these requirements, they shall not be less than 6
feet apart. You can get clamp type meters that will measure the resistance of ground rods.
Figure 1:
Link Engineering
• Selection of Sites
• Site Survey
• Path Profiling
• Path Analysis
• Equipment configuration to achieve the required fade
margin
• Establishment of frequency plan considering legal
Figure 2:
Line of Sight
• Microwave signals travel in a straight line but they spread
as they travel
• The required beam clearance is called Fresnel Zone
• The Fresnel Zone is an imaginary ellipsoid which surrounds
the straight line path between the antennas
• The required Fresnel Zone clearance is greatest at mid-path
and diminishes toward each antenna site
• The Fresnel zone thickness or girth is a function of path
length: the longer the path, the broader the Fresnel zone
• The antennas must be high enough to allow the first Fresnel
Figure 3:
Mid Path
F re s n e l Z o n e
R a is e A n te n n a s
Figure 5:
LineofofSight
Line site
Figure 6: Flash Creation: students will drag over the Total Distance value on
the right & the Fresnel Zone, Curvature and Antenna height values will change to
the correct value. Maybe change the antenna distance& height graphics. For
example, as the distance increase, make the towers get taller as they are
separated further. (the values for all distances are below)
Building-to-Building Total Distance
Antenna Height Between Buildings
• Antenna Height
–Total Distance 1 Mile
1 Mile
–Fresnel Zone 10 Feet
5 Miles
–Earth Curvature 3 Feet 10 Miles
–Required Antenna Height 13 Feet 15 Miles
1 Mile
20 Miles
25 Miles
13 Feet
10 Feet
25+ Miles
3 Feet
Not Recommended
The installation of wireless networks requires much the same basic planning as for any
wired network. The main difference is that due to the nature of the wireless signal, some
additional planning is required. This planning includes Site Selection, RF Path Analysis.
There might also be the need to investigate zoning laws as well as FCC and FAA
regulations when erecting towers. The planning of a wireless link involves collecting
information by doing a physical site survey, and making decisions.
When designing a building-to-building connection, you must consider the fresnel zone.
A fresnel zone is an elliptical area immediately surrounding the visual path. It varies
depending on the length of the signal path and the frequency of the signal. The fresnel
zone can be calculated, and it must be taken into account when designing a wireless link.
Verify the radio line of sight, which was previously discussed. Alignment suggestions:
• Balloon- Marked at ten feet intervals so a height can be established. This figure
will determine the overall height of the tower or mast needed.
• Binoculars/telescope- These are needed for the more distant links. Remember the
balloon must be visible from the remote site.
• GPS- For very distant radio links. This is a tool which will allow the installer to
aim the antennas in the correct direction.
• Strobe light- This is used in lieu of the balloon. Use this at night to determine
where to align the antenna and at what height.
Figure 1:
Earth Buldge
• The longer the path, the greater the additional required
antenna height
• Additional required antenna height is calculated using the
formula:
Added Height = d2/8
Where D is the Path Distance in miles and Added Height
Figure 2:
2
Height = D /8 + 43.3√D/4F
H = H1 + H2
2
H2=D /8 Earth Bulge
Where,
D is the Path Length in miles
and F is the frequency in GHz
Because the Earth is not flat, earth curvature must be taken into account when planning
for paths longer than approximately seven miles. To overcome earth bulge obstruction,
the antennas must be raised higher off the ground than if the Earth were flat.
Figure 1:
Path Profiling
• Plot the co-ordinates on a topo map or enter it in a path
profiling software with terrain database for the region
• Check for any possible obstruction in the path
• Calculate the distance between the sites
• Might have to ride along the path to look for obstructions
• Get the co ordinates of the obstruction
Figure 2:
Path Analysis
• Determine the theoretical system performance along the
proposed path
• Consider Wind, Rain, Fog and Atmospheric Absorption
• Select proper antenna and coaxial cable for required fade
margin and availability
Once you have come to the conclusion that a proposed path has adequate line-of-sight,
the next step is to perform a path analysis. Path analysis is the process of determining the
theoretical system performance along the proposed path by calculating the signal strength
generated by the microwave equipment and antennas and then factoring in the
detrimental effects of path distance, terrain, climate and rainfall conditions upon the
Using a higher gain antenna and lower loss cable can increase the signal level and
improve the overall system performance. However, local regulations about the maximum
EIRP (Effective Isotropic Radiated Power which is the sum of transmit power and
antenna gain minus the cable losses) should be followed in selecting a type of antenna
and coaxial cable.
Figure 1:
100
13 GHz
1.0
11 GHz
6 GHz
0.1
.015
For radiolink systems rainfall and other precipitation attenuation are not significant below
10 GHz
When aligning antennas, be sure that the two antennas for the link are not cross-
polarized. After that, you need to be sure that each antenna is pointed or aligned to
maximize the received signal level. A signal strength tool is provided that gives a
reading of the received signal level. At one end of the link at a time, the antenna pointing
direction is carefully adjusted to maximize (or "peak") the reading on the signal indicator
tool.
After this is done for both ends, it is very important to obtain the actual received signal
level in dBm in order to verify that it is within 0 to 4 dB of the value obtained from the
link budget calculation. If the measured and calculated values differ by more than about
8 dB, you should suspect that either the antenna alignment is still not correct, or that there
is another defect in the antenna/transmission line system (or both!).
The path for my link is crossing through the path of another link. Will the two links
interfere with each other? No. Any type of radio (or other electromagnetic) signal that is
propagating through space (or air) will be unaffected by any other signal that happens to
cross the same point in space. You can prove this to yourself: get two flashlights, and
shine one onto a wall. Hold the other flashlight a distance away from the first, but point
it so that the two light beams cross. You will notice that the beam from the second
The path for my link has some telephone and/or power wires running perpendicularly
through it. Will these affect my link? It is extremely unlikely. At the radio frequencies at
which the links are operating, the wires appear to be infinitely long conductors, and as
such, there will be some slight diffraction effect on the signal propagating across them.
However, because the wires are thin, this effect will be very slight; so much so that it
would likely be unmeasurable, let alone have any adverse impact on the operation of the
link.
Antenna mounts
• Interior:
o Wall mount
o Ceiling Mount
o Rubber duckie
• Exterior:
o Wall mount
o Roof Mount
o Tower Mount
Figure 2:
Antenna Mounting
Mast Patch
Mount
Antenna Mounting
Mount the antenna to utilize its propagation characteristics. A way to do this is to orient
the antenna horizontally as high as possible at or near the center of its coverage area.
• Keep the antenna away from metal obstructions such as heating and air-
conditioning ducts, large ceiling trusses, building superstructures, and major
power cabling runs. If necessary, use a rigid conduit to lower the antenna away
from these obstructions.
• The density of the materials used in a building's construction determines the
number of walls the signal must pass through and still maintain adequate
coverage. Consider the following before choosing the location to install your
antenna:
o Paper and vinyl walls have very little affect on signal penetration.
Every AP will have an antenna attached to it. Most antennae are either shipped with a
mounting bracket or a mounting bracket is available as an option. The challenge is that
most antennae are designed to be mounted in a certain way.
A 5.2 dBi mast mount antenna is designed to mounted to a mast and is shipped with the
hardware to mount the antenna to a mast.
In order to mount the antenna to an I-beam, you may need some ingenuity. Standoff
brackets are available, but these are not designed to be mounted to an I-beam, either.
Some installers use zip ties, beam clamps, or bolts to attach the standoff brackets to I-
beams and then mount the antenna to the bracket. If you intend to use a mast mount
antenna indoors, make sure it is mounted as shown above. The antenna is intended for
outdoor use and designed to be mounted with the metal sleeve on the bottom. For indoor
use, invert the antenna.
Restrictions
When dealing with tall structures and tower installations, the codes and laws of each
city/municipality may vary. A building permit to install towers or masts may be required
depending upon height. The best of plans may fail if the building permits are not
approved.
Web Resources
Universal Radio
http://www.universal-radio.com/catalog/tower/safetow.html
Antenna Products
http://www.antennaproducts.com
One should always assume any antenna is transmitting RF energy, especially since most
antennas are used in duplex systems. Be particularly wary of small-sized dishes (one foot
or less), as these are often radiating RF energy in the gigahertz frequency range. As a
general rule, the higher the frequency, the more potentially hazardous the radiation. It is
known that looking into the open (unterminated) end of waveguide that is carrying RF
energy at ten or more GHz will cause retinal damage if the exposure lasts only tens of
seconds and the transmit power level is only a few watts. There is no known danger
associated with looking at the unterminated end of coaxial cables carrying such energy,
but in any case, be careful to ensure that the transmitter is not operating before removing
or replacing any antenna connections.
Upon completion of this chapter, you will be able to perform the following
tasks:
• Security Fundamentals
• First generation WLAN security
• Configuring users and wireless encryption protocol (WEP)
• Configuring associations and filters
• Scalable WLAN security configuration
Overview
This chapter will cover basics of securing and monitoring wireless LANs. The
exponential growth of networking, including wireless technologies, has lead to increased
security risks. Many of these risks are due to hacking as well as improper uses of
network resources. You should be aware of the various weaknesses and vulnerabilities as
they relate to WLANs. You will learn specific WLAN security configurations. This
includes securing access points, bridges and clients. Finally, enterprise level WLAN
security will be presented.
What is network security? Network security is the process by which digital information
assets are protected. The goals of security are to maintain integrity, protect
confidentiality, and assure availability. Why have security? The growth of computing
has generated enormous advances in the way people live and work. With this in mind, it
is imperative that all networks be protected from threats and vulnerabilities in order for
the Internet to achieve its fullest potential.
Threats are unauthorized access "on or against" all networks. Typically, theses threats
are caused by vulnerabilities. Vulnerability implies weakness, which can be caused by
misconfigured hardware or software, poor design, or end-user carelessness. It should
come as no surprise that weaknesses exist throughout today’s pervasive and complex
network technology. Wireless LANs are no exception.
In this chapter you will learn about common network threats and the need for security.
Furthermore, you will learn how to design, install, and configure secure wireless LAN
networks. With this in mind, the challenge has been set. Will you be prepared when the
intruder comes knocking? Do you have the skills, knowledge, or resources to build a
secure wireless network?
Throughout this course you will encounter many logical security device symbols as
shown in Figure 2.
Figure 3 displays a summary list of many of the WLAN security and monitoring
procedures that will be covered in this chapter.
Web Resources
Security Focus
http://www.securityfocus.com/
Figure 1:
Technology Weaknesses
Configuration Weaknesses
Console
Figure 3:
Policy Weaknesses
There are people eager, willing, and qualified to take advantage of each security
weakness, and to continually discover and exploit new weaknesses.
Configuration Weaknesses:2
• PoliticsPolitic battles, turf wars, and internecine conflict will destroy any hope
of having a consistent security policy.
Figure 1:
Structured threats—come from hackers who are more highly motivated and technically
competent. They know vulnerabilities, and can understand and develop exploit-code and
scripts. Typically hackers act alone or in small groups. They understand, develop, and
use sophisticated hacking techniques to penetrate unsuspecting businesses. These groups
are often involved with the major fraud and theft cases reported to law enforcement
agencies. Occasionally, hackers called sneakers are hired by organized crime,
corporations, or state-sponsored intelligence organizations.
Internal threats—occur when someone has authorized access to the network with either
an account on a server or physical access to the wire. They are typically disgruntled
former or current employees or contractors. According to the FBI, internal access and
misuse account for between 60 to 80 percent of reported incidents.
Motivation of Threat
Understanding some of the motivations for an attack can give you some insight
about which areas of the network are vulnerable and what actions an intruder will
most likely take. Common motivations for attacks include:
• GreedThe intruder is hired by someone to break into a corporate
network to steal or alter information for the exchange of large sums of
money.
• PrankThe intruder is bored and computer savvy and tries to gain access
to any interesting sites.
• NotorietyThe intruder is very computer savvy and tries to break into
known hard-to-penetrate areas to prove his or her competence. Success
in an attack can then gain theintruder the respect and acceptance of his or
her peers.
• RevengeThe intruder has been laid off, fired, demoted, or in some way
treated (in his/her opinion) unfairly. Most of these attacks result in
damaging valuable information or causing disruption of services.
• IgnoranceThe intruder is learning about computers and networking and
stumbles on some weakness, possibly causing harm by destroying data or
performing an illegal act.
The range of motivations for attacks is large. When looking to secure your corporate
infrastructure, consider all these motivations as possible threats.
Web Resources
Vulnerability Statistics Report
http://www.cisco.com/warp/public/778/security/vuln_stats_02-03-00.html
Incident Response
http://www.cisco.com/warp/public/707/sec_incident_response.shtml
ICSA Labs (formerly National Computer Security Association)
http://www.icsa.net
Figure 0 – 7
Note: This flash graphic will be the same as CCNA TI 2.2.3 except for some text.
Use existing flash code & modify the text
Figure 7- Text
Network Processes to Applications (Data-Level Attacks)
• SMTP, POP3, Sendmail, IMAP E-mail bombs and SPAM, Trojan horses, viruses
• Telnet, FTP, rlogin Unauthorized access to key devicesbrute force attacks
• Windows, MacOS, UNIX Exploited holes in OSs and network OSs
• HTTP Browsers holes, malicious java, activex, CGI exploits
• SNMP, RMON Mapping and Recon, access or control devices
• DNS, Whois, Finger Reconnaissance and mapping, DNS Killer,
• Applications Control daemons, holes, access permissions, key logger
Figure 6- Text
Data Representation (Data-Level Attacks)
• ASCII,EBCDIC, HTML,pict, wav Unencrypted data formats are easily viewed.
• Compression Compressed Trojan and virus files can bypass security.
• Encryption Weak encrypted data can be deciphered.
Figure 5- Text
Interhost Communication (Data-Level Attacks)
• NFS, SQL, RPC, Xwindow Traffic monitoring
Bind, SMB, ASP Share vulnerabilities and root access
Figure 2- Text
Media Access (Frame-Level Attacks)
• MAC, LLC Reconnaissance and sniffing
Frame manipulation, insecure or no VLANs, spoofing
broadcast storms, misconfigured or failing NICs
Stored attack robots (Bots) in the NIC EPROM
Figure 1-Text
Binary Transmission (Bit-Level Attacks)
Media, connectors, devices Wiretap and sniffing(wired and wireless)
Full network access and recon in a nonswitched LAN
Vandalism, natural disasters, power failure, theft, and so
on
Each individual Open System Interconnection (OSI) layer has a set of functions that it
must perform in order for data to travel from a source to a destination on a network. Each
layer can be exploited and has inherent vulnerabilities. Below is a brief description of
each layer and vulnerability in the OSI reference model, as shown in the figure.
The physical layer is vulnerable to wire taps and reconnaissance. Fiber media is much
more secure, but both are vulnerable to “whacking” or cutting or destroying network
media. Hosts, segments, networks, or even greater can be brought down by this type of
vandalism. Furthermore, power instabilities, natural disasters, and severe storms can
affect network devices to the extent that they can become inoperative.
Web Resources
OSI Basics
http://www.cisco.com/cpress/cc/td/cpress/fund/ith/ith01gb.htm
Figure 1:
Hacking Methods
• Reconnaissance
• Access
• Denial of Service (DOS)
Figure 2: Reconnaissance
Attack Goal:
Learn as much as possible about the victim site.
Attack Results:
• Yields address ranges, hosts, and services
• Known servers:
•SMTP
•DNS
•HTTP/SSL
• Firewall may or may not be detected
Figure 3: Access
Attack Goal:
Compromise one host with which to launch other attacks
Attack Result:
Attacker now “owns” one system and can either deface the public Web presence
(easy), or continue hacking for more interesting information
Attack Method:
• Resource Overload
o Ex.: Disk space, bandwidth, buffers
o Ex.: Ping floods, SYN flood, UDP bombs
• Out-of-Band Data Crash
o Ex.: Ping of death, Teardrop, WinNuke, and so on
• Combined Program
o Ex.: Targa
Attack Result:
Attacker now has disabled valid users from accessing the target network
causing lost revenue, communications, damaged software and hardware
The three primary hacking methods are reconnaissance, access and denial of service
(DOS).1
Web Resources
Explanation and Usage of TCP/IP Utilities
http://www.microsoft.com/TechNet/winnt/reskit/sur_util.asp
Nslookup Online Tools
http://www.allwhois.com
http://cc-www.uia.ac.be/ds/nslookup.html
http://www.trulan.com/nslookup.htm
Whois Online Tools
http://rs.internic.net/whois.html
http://www.whois.net
Combined Online Tools
http://www.hexillion.com/utilities
http://www.dslreports.com/tools
Addition of
802.11 w/per keyed Integrity 3DES instead of 802.11 w/MIC
Vulnerability Packet IV check WEP/ RC4 Kerb + DES
Brute force attack (40/56 bit key) Vulnerable Vulnerable Fixed Vulnerable
Figure 2:
In addition, keeping track of lost or stolen wireless NICs offsets any limited security
gains such a static WEP key solution provides. This scheme also fails to effectively
handle situations where multiple users may share a machine as it is not at all tied to the
user using the machine. Another example is the case where one needs to distinguish
between a guest versus an administrator on a system that has only MAC address as a
handle for security.2
Figure 4:
Monitor Security
Secure
• Detect violations to the
security policy
– System auditing Improve Security
Monitor
Policy
– real-time intrusion
detection
• Validate the security
Test
implementation in step
one
Figure 5:
Test Security
Secure
• Validate effectiveness of
security policy
Security
implementation through Improve Policy
Monitor
system auditing and
vulnerability scanning
Test
Improve Security
Secure
• Use information from the
monitor and test phases,
make improvements to Security
the security Improve Policy
Monitor
implementation
• Adjust the security
policy as security Test
vulnerabilities and risks
are identified
Secure 3
Secure the network by applying the security policy and implementing the
following security solutions:
• Authentication—Give access to authorized users only (for example, using
one-time passwords and authentication servers).
• Firewalls—Filter network traffic to allow only valid traffic and services.
Web Resources
Sun Microsystems
Microsoft
http://www.microsoft.com/technet/security/default.asp
Miscellaneous Resources
http://secinf.net/ipolicye.html
Figure 1:
Older forms of security on WLANs
• SSID
• Authentication controlled by MAC
There are a number of differences between wired LANs and WLANs. The most
important differences are that there are no wires (the air link) and that mobility is inherent
in the solution. Because WLAN transmissions are not confined to a wire, there are
genuine concerns that the data on a WLAN that is broadcast for all to hear is not private
or secure. Customers usually state that "Wireless is like having an RJ45 in my parking
lot." The wired LAN must be physically compromised in order to tap its data. A WLAN
by contrast can be compromised by anyone with a suitable antenna.
In the past, security on WLANs was not a major concern. This was, in large part, due to
the fact that WLANs were restrictive. Some of these restrictions were bandwidth,
proprietary systems, and the inability to manage the WLAN as part of the LAN. The most
common methods of securing the WLAN were the SSID and the Authentication process.
In addition to these areas another common way to augment first generation security is the
use of Virtual Private Network (VPN) solutions that run transparently over WLAN
SSID (Service Set Identifier)—One commonly used feature in WLANs is the use of a
naming handle called the SSID (Service Set Identifier), which provides a rudimentary
level of “security”. The SSID is analogous to a common network name for the wireless
stations and access-points in a given WLAN subsystem. The SSID serves to logically
segment the users and Access Points that form part of a Wireless subsystem. The SSID is
a piece of information that may be advertised or manually pre-configured at the station.
The SSID may be requested for in a Probe-request frame when a host is attempting to
join a WLAN subsystem or may be advertised as a part of the periodic beacons sent by an
Access Point.
In any case, the use of the SSID as a handle to permit or deny access is dangerous since it
typically is not well secured. In fact in order for an Access Point to be operating in
802.11b compliant mode it is typically set to "Broadcast-SSID mode," in other words
advertise it's SSID in its beacons. In spite of these concerns more than a few first
generation WLAN networks resort to solely using secret SSIDs as a means to deny access
to unauthorized users.
The SSID is a configurable parameter that must match on both the wireless client and the
AP. This value is checked as part of the association process. If a wireless client does not
possess the proper SSID it may not be able to associate. In the past this was used WLANs
to provides some measure of security. But as WLANs have changed, this feature now
offers at best a rudimentary level of security.
The SSID feature serves to logically segment the users and Access Points that form part
of a Wireless subsystem. Under 802.11 specifications, an AP may “advertise” or
broadcast it’s SSID. During the association process, any 802.11 wireless client with a
“null” (no value entered into the SSID field) will request that the AP broadcast it’s SSID.
If the AP is so configured, it will send the SSID to the client. The client will then use this
SSID to associate to the AP.
For these reasons, the SSID should not be considered a security feature on the Cisco
Aironet products.
Figure 2: WEP
Key1=1234…… Key1=1234……
Key2=5678…… Key2=5678……
Key3=9012…… Key3=9012……
Key4=3456…… Key4=3456……
Encrypted
IV MSDU ICV
Octets
0-2304 4
24 6 2
WEP is a symmetric encryption mechanism. With WEP enabled, the transmitter (sender)
takes the content of a data frame, i.e. the payload, and runs an encryption algorithm
against it. It then replaces the original payload with the output of the encryption
algorithm. The Data frames that are encrypted are sent with the WEP bit in the frame
control field of the MAC header set. The receiver of an encrypted data frame passes the
frame through the same encryption algorithm used by the sending station. The result is
the original, unencrypted frame body, which can be passed to the upper layer protocols.
In other words, WEP is a symmetric encryption scheme
WEP uses the RC4 stream cipher that was invented by Ron Rivest of RSA Data Security,
Inc. (RSADSI) for encryption. The RC4 encryption algorithm is a symmetric stream
cipher that supports a variable length key. A symmetric cipher is one that uses the same
key and algorithm for both encryption and decryption. This is contrasted with a block
cipher that processes a fixed number of bytes. The key is the one piece of information
that must be shared by both the encrypting and decrypting endpoints. RC4 allows the key
length to be variable, up to 256 bytes, as opposed to requiring the key to be fixed at a
certain length. IEEE 802.11b has chosen to use 40-bit keys. Several vendors such as
Lucent and Cisco support 128-bit WEP encryption with their WLAN solutions.
The IEEE 802.11 standard describes the use of the RC4 algorithm and the key in WEP.
However, key distribution or key negotiation is not mentioned in the standard. Also
vendors may choose to implement proprietary applications as well as interfaces for WEP
key management and configuration. This unfortunate omission leaves interoperable
methods of achieving the above to the work of further standards effort. If a vendor
scheme allows the keys to be compromised, all frames encrypted with that key are also
compromised.
The IEEE 802.11standard provides two mechanisms to select a key for use when
encrypting or decrypting a frame.
• The first mechanism is a set of as many as four default keys. Default keys are
intended to be shared by all stations in a wireless subsystem. The benefit of using
a default key is that once the station obtains the default keys, a station can
communicate securely with all of the other stations in the subsystem. The problem
with default keys is that once they become widely distributed they are more likely
to be compromised.
The WEP header and trailer are appended to the encrypted frame body; the default key
used to encrypt the frame is indicated in the KeyID of the header portion along with the
Initialization vector, and the integrity check value (ICV) in the trailer.
The key length is commonly derived from the established WEP key plus an initialization
vector. For example, a 64-bit WEP key is 40 bits of key length plus 24 bits of
initialization vector. This is often a common cause of misunderstanding on key lengths.
Cisco offers products that implement both 40/64 as well as 104/128-bit WEP.
Client
AP
Open Authentication
Authentication request
Authentication response
Client
AP
Shared-Key Authentication
Authentication request
Challenge text packet
Encrypted challenge text packet
Authentication response
With open key authentication the entire authentication process is done in clear text. This
means since the entire process is done unencrypted, a client can associate to the AP with
the wrong WEP key or no WEP key. But as soon as the client tries to send or receive data
it cannot due to not having the correct key to process the packet. With shared key
authentication there is a challenge text packet that is sent within the authentication
process. If the client has the wrong key or no key it will fail this portion of the
authentication process and will not be allowed to associate to the AP.
This choice (open or shared key) is manually set on each device (AP and client). There
should be a match in the method chosen by the client and the AP for the association to
succeed. The default value is for open authentication.
The entire process can be broken down into three phases:
Probe Phase—When a client is initialized it first sends a probe request packet out on all
the channels.1 The APs that hear this packet will then send a probe response packet back
to the station. This probe response packet contains information such as SSID, which the
client utilizes to determine which AP to continue the association process with.
! Write—The user can change system settings. When you assign Write
capability to a user, the user also automatically receives Admin capability.
! SNMP—Designates the username as an SNMP community name.
SNMP management stations can use this SNMP community name
to perform SNMP operations. The User Manager does not have to
be enabled for SNMP communities to operate correctly.
! Ident—The user can change the access point's identity settings (IP address
and SSID). When you assign Ident capability to a user, the user also
automatically receives Write and Admin capabilities.
! Firmware—The user can update the access point's firmware. When you
assign Firmware capability to a user, the user also automatically receives
Write and Admin capabilities.
! Admin—The user can view most system screens. To allow the user to
view all system screens and make changes to the system, select Write
capability.
Note Selecting the SNMP checkbox does not grant SNMP write capability to the
user; it only designates the username as an SNMP community name. SNMP
operations performed under the username are restricted according to the username's
other assigned capabilities.
This section describes how to set up and enable the access point management system's
main security features:
• Administrator Authorization
• Wired Equivalent Privacy (WEP)
• Authentication Server Setup and EAP (covered in later in the chapter)
In order to securing the WLAN, a number of features need to be enabled and configured.
These include the login manager, which requires users to log in to the AP. User can have
various abilities on the AP, including ability to view the AP settings, but not make
changes to them, to write, or make changes to the AP configuration, perform SNMP
operations, change the IP address and SSID, or update firmware. It is also possible to
prevent users from seeing any of the AP settings or making any changes to the AP.
Creating a list of users authorized to view and change the access point's management
system does not affect the ability of client devices to associate with the access point.
Follow these steps to create a list of users authorized to view and change the access
point's management system:
Note You must define a full administrator user—a user with write, identity, and
firmware capabilities—before you can enable the user manager
In order to change a user’s password, enter the old password, enter the new password,
and confirm the new password by re-entering the password.
All enabled capabilities for the user will be displayed as an X under the listed capability.
Keep in mind that if you are logged in as a user and change that user password, the AP
will then prompt you to log in again with the new password before refreshing the screen.6
Using the Configuration Console Menu or Page—From the Configuration Console menu
or Page you can set up essential system parameters. 1
After a privilege level is assigned, anyone attempting to access that level is prompted for
the password; therefore, you can set various privilege levels for individuals, providing
them with access to some options while denying them access to others. Remember that
passwords are case sensitive. If an incorrect password is typed, the console pauses briefly
before reprompting. The connection is dropped after three consecutive failures, and a
severe error log is displayed. Make sure you write down the passwords you have
established and keep them in a safe place. If you forget your password, the bridge will
have to be returned for factory servicing. Contact Cisco Technical Support for further
instructions.
Controlling Remote Access (Display, Add, Delete)—Use the display, add, and delete
options to create and manage a list of hosts that are allowed access to the bridge's console
system. The list controls access from Telnet, HTTP, or FTP. SNMP access is controlled
separately on the Configuration SNMP Communities menu. If the list of hosts is empty,
any host in the infrastructure can attempt to connect. When the appropriate password is
provided, the connection is made. If the list contains entries, any host not on the list
cannot gain access. An entry in the list can be specified as an IP address or a MAC
address. The first MAC or IP address you add should be that of the PC you are using to
Telnet or browse to the bridge.
SNMP will be covered later in the chapter. Type and linemode configuration is covered
in Chapter 6-Bridges.
8.3.3 AP WEP Setup
1 x 12345678901234567890abcdef - 12345678901234567890abcdef
2 - 09876543210987654321fedcba x 09876543210987654321fedcba
Wired Equivalent Privacy (WEP)—To protect the privacy of transmitted data, you can
3use Wired- Equivalent not set (WEP) keys to encrypt- the data signals
Privacy not setyour access point
transmits and to decrypt the data signals it receives. WEP keys encrypt both unicast and
4multicast messages.
- Unicast
not set messages are addressed -to just one device on the network.
FEDCBA09876543211234567890
Multicast messages are addressed to multiple devices on the network.
Setting up WEP and Authentication Type—Use the AP Radio Data Encryption page to
set up WEP and to select an authentication type for the access point. Figure 3 shows the
AP Radio Data Encryption page.
Follow this link path to reach the Authentication Server Setup page:
1. On the Summary Status page, click Setup.
2. On the Setup page, click Security.
3. On the Security Setup page, click Authentication Server
Follow the steps in Figure 4 to set up WEP keys, enable WEP, and select an
authentication type. Figure 5 shows an example WEP key setup that would work for the
access point and an associated device.
Figure 3:
Steps for Enabling Encryption
CLI Navigation: Choose Main > Configuration > Radio > I80211 > Privacy 2
Setting the Receive Key—The Key value establishes the WEP key the bridge uses to
receive packets. The value must match the key used by the access point. You can set two
levels of encryption: 40-bit and 128-bit. The 40-bit key consists of 10 hexadecimal
characters. The 128-bit key consists of 26 hexadecimal characters. The hexadecimal
characters may be any combination of 0 through 9, a through f, or A through F. The WEP
key can contain combinations of any of these characters. Hexadecimal WEP keys are not
case-sensitive
Setting the Transmit Key—The Transmit key establishes the WEP key the bridge will use
to transmit packets. You can use the key established when you set the key in the
procedure above or you can use a different key. If you use a different key, a matching key
must be established on the access point.
Figure 2: CEM
Step 1 For the WEP key that you are creating (1, 2, 3, or 4), select a WEP Key Size of
40 or 128 on the right side of the screen. 128-bit client adapters can use 40- or 128-bit
keys, but 40-bit adapters can use only 40-bit keys.. Use of 128-bit WEP is subject to
U.S. export restrictions.
Step 2 Decide on a WEP key and enter it in the blank field for the key you are
creating. Follow the guidelines below to create a new WEP key:
Your client adapter's WEP key must match the WEP key used by the Access Point or
clients with which you are planning to communicate.
When you are setting more than one WEP key, the WEP keys must be assigned to the
same WEP key numbers for all devices.
WEP keys can be comprised of ASCII text or the following hexadecimal characters: 0-
9, A-F, and a-f.
WEP keys must contain the following number of characters:
10 characters for 40-bit WEP keys
26 characters for 128-bit WEP keys
After you create a WEP key, you can write over it, but you cannot edit or delete it.
Step 3 Click Transmit Key next to the key you just created to indicate that this is the
key you want to use to transmit packets.
Step 4 Click Persistent under WEP Key Type to allow your client adapter to retain
this WEP key even when power to the adapter is removed or the computer in which it is
installed is rebooted. If you select Temporary, the WEP key will be lost when power is
removed from your client adapter.
Step 5 Click Apply or OK
WEP keys are either 40- or 128-bit hexadecimal values. 128-bit WEP keys contain more
characters than 40-bit keys and, therefore, offer a greater level of security. WEP keys are
write-only and cannot be read back from the client adapter. The client adapter's WEP key
must match the WEP key used by the Access Points or clients with which you are
planning to communicate because it can communicate only with devices that have a
matching WEP key. WEP keys must be configured using CEM first before enabling
WEP in ACU.
Getting Started
Step 1 To open CEM in Windows 95, 98, NT, 2000, or Me, double-click the CEM icon
on your desktop. To open CEM in Linux, go to the directory where the utilities were
installed and type cem. The login screen appears (see Figure 1).
Step 2 Enter the correct password in the Password field and click OK. Passwords are
case sensitive and can contain up to 256 characters. The default password is Cisco
(uppercase C followed by lowercase isco).
The Client Encryption Manager screen appears (see Figure 2). The Client Encryption
Manager screen provides the following information:
• A description of your client adapter
• Whether your client adapter's firmware supports WEP
• Whether your client adapter is associated to an Access Point
• Whether WEP is enabled
• Whether WEP keys 1 through 4 have been set and, if so, their WEP key size
• The WEP key that has been selected to transmit data packets
Changing the Password—Follow the instructions below to change the current password.
It is recommended that you change the default password before using CEM for the first
time.
Step 1 Select Change Password from the Commands pull-down menu (see
Figure 3)
Step 2 Enter the current password in the Existing Password field.4
Step 3 Enter a new password in the New Password field
Step 4 Re-enter the new password in the Confirm New Password field.
Entering a New WEP Key-- Select Enter WEP key from the Commands pull-down
menu. The Enter WEP Key(s) screen appears.5 This screen allows you to create up to
four WEP keys. Follow the instructions in Figure 6 enter a new WEP key for your client
adapter.
Enabling WEP—Entering a WEP key does not enable WEP. After you have selected a
WEP key, you must access the Aironet Client Utility (ACU) to enable WEP.7
Figure 1: Filters
IP IGMP Ping
Protocol Filtering—Protocol filters prevent or allow the use of specific protocols through
the access point. You can set up individual protocol filters or sets of filters for either the
Radio or Ethernet Ports. You can filter protocols for wireless client devices, users on the
wired LAN, or both. For example, an SNMP filter on the access point's radio port
prevents wireless client devices from using SNMP with the access point but does not
block SNMP access from the wired LAN.
Use the Ethernet Protocol Filters page to create and enable protocol filters for the access
point's Ethernet port, and use the AP Radio Protocol Filters page to create and enable
protocol filters for the access point's radio port. The pages are identical except for the
page title. Figure 2 shows the main body for the pages.
The left side of the Protocol Filters page contains links to the Ethertype Filters, the IP
Protocol Filters, and the IP Port Filters pages. These links also appear on the main Setup
page under Associations. Use the Protocol Filters pages to assign protocols to a filter set.
Figures 3 through 5 list the protocols available on each page. In each table, the Protocol
column lists the protocol name, and the Additional Identifier column lists other names for
the same protocol. You can type either name in the Special Cases field on the Filter Set
page to select the protocol. Figures 3 through 5 also lists the protocols' ISO numeric
designators. You can use these designators to select a protocol also.
Step 1 Follow the link path to the Ethernet or AP Radio Protocol Filters page.
Step 2 Click Ethertype, IP Protocol, or IP Port to display the Filters page that
contains the protocols you want to filter. Figure 1 shows the Filters page.
Step 3 Enter a descriptive filter set name in the Set Name field.
Step 4 Enter an identification number in the Set ID entry field if you want to assign a
specific SNMP identifier to the filter set. If you don't enter an ID, an SNMP identifier
will be assigned to the set automatically, starting with 1 for the first filter set and
incrementing by one for each additional set.
Step 5 Click Add New. The Filter Set page appears. Figure 2 shows the Filter Set page.
Step 6 Select forward or block from the Default Disposition pull-down menu. This
setting is the default action for the protocols you include in the filter set. You can
override this setting for specific protocols. If you set this as block, all traffic which is not
specifically permitted will be blocked. Be careful not to lock yourself out when applying
a filter set, otherwise you will need to access the unit via console to remove the filter.
Step 7 In the Default Time to Live fields, enter the number of milliseconds unicast and
multicast packets should stay in the access point's buffer before they are discarded. These
settings will be the default time-to-live values for the protocols you include in the filter
set, but you can override the settings for specific protocols. If you leave these settings at
0, the time-to-live settings default to 3 seconds for multicast packets and 5 seconds for
unicast packets.
Step 8 Type the name or the ISO numeric designator for the protocol you want to add in
the Special Cases entry field and click Add New. For example, to add Telnet to an IP
port filter set, type http or 80. The Protocol Filter Set page appears. Figure 3 shows the
Protocol Filter Set page.
MAC address filters are powerful, and you can lock yourself out of the access point if
you make a mistake setting up the filters. If you accidentally lock yourself out of your
access point, you must console into the Access Point to disable the filters. Use the
Address Filters page to create MAC address filters for the access point. Figure 1 shows
the Address Filters page.
Creating a MAC Address Filter—Follow these steps to create a MAC address filter:
Step 1 Follow the link path to the Address Filters page.
Step 2 Type a destination MAC address in the New MAC Address Filter: Dest MAC
Address field. You can type the address with colons separating the character pairs
(00:40:96:12:34:56, for example) or without any intervening characters (004096123456,
for example). If you plan to disallow traffic to all MAC addresses except those you
specify as allowed, put your own MAC address in the list of allowed MAC addresses. If
you plan to disallow multicast traffic, add the broadcast MAC address (ffffffffffff) to the
list of allowed addresses
Step 3 Click Allowed to pass traffic to the MAC address or click Disallowed to discard
traffic to the MAC address.
Step 4 Click Add. The MAC address appears in the Existing MAC Address Filters list.
To remove the MAC address from the list, select it and click Remove. You can create a
list of allowed MAC addresses on an authentication server on your network.
Step 5 Click OK. You return automatically to the Setup page.
Step 6 Click Advanced in the AP Radio row of the Network Ports section at the bottom
of the Setup page. The AP Radio Advanced page appears. Figure 2 shows the AP Radio
Advanced page.
Step 7 Select Disallowed from the pull-down menu for Default Unicast Address Filter.
This setting affects packets sent from the Ethernet to the radio. The access point discards
all unicast traffic except packets sent to the MAC addresses listed as allowed on the
Address Filters page.
Select Allowed from the pull-down menu for Default Unicast Address Filter if you want
to allow traffic to all MAC addresses except those listed as disallowed on the Address
Filters page. Unicast packets are addressed to just one device on the network. Multicast
packets are addressed to multiple devices on the network.
Select Disallowed or Allowed from the pull-down menu for Default Multicast Address
Filter. The access point discards all multicast traffic except packets sent to the MAC
addresses listed as allowed on the Address Filters page.
Step 8 Click OK. You return automatically to the Setup page.
Client devices with blocked MAC addresses cannot send or receive data through the
access point, but they might remain in the Association Table as unauthenticated client
devices. Client devices with blocked MAC addresses disappear from the Association
Table when the access point stops monitoring them or they associate with another access
point.
Using the Filter Menu or Page—Use the Filter menu or Page to control packet filtering.1
Setting the Default Action (Default)—The Default option controls the filtering of
multicasts whose addresses are not in the table. You may pick one of the following
actions:
• Discard: multicasts with no table entries are not forwarded out of the radio
network.
• Forward: multicasts with no table entries are forwarded out of the radio network.
Displaying the Filters (Show)—The Show option displays the Multicast Filters screen.
The filters are stored in the association table. The display of the multicast filters follows
the format of the normal association display. At the end of each line the filter action for
each address is displayed. The multicast filters can also be displayed by choosing Main
> Association > Display.
Removing a Filter (Remove)—The Remove option removes one or all of the non-default
filters. The action for the removed entries reverts to the default action.
Filtering Node Addresses (Node)5—The Node option controls the forwarding of packets
based on the source node addresses. Type specific node filters by specifying the 6-byte
infrastructure address of the node or by specifying its IP address. If the IP address is used,
the bridge determines the infrastructure address associated with the IP address and uses it
for the actual filtering. You can filter packets based on the source address in the received
packet.
Setting the Default (Ethdst)—The Ethdst option sets a default that applies to those
packets whose addresses do not have entries in the filter table. Options are forward or
discard. Source address filtering is forward by default.
Displaying the Node Address Filters (Display)—The Display option allows you to view
the table of controlled addresses. The filters are stored in the association table so that they
can be accessed quickly. The display of the filters follows the format of the normal
association display. At the end of each line the filter action for each address is displayed.
The node filters can also be displayed by choosing Main > Association > Display.
Updating Specific Node Address Filters (Add/Remove)—The Add option adds filters for
specific addresses to the filter table. You will be prompted for the infrastructure address
or IP address of the node to which the filter applies. You will then be asked for the filter
action to be applied to this address, which is either filter or discard.
To remove one or all specific node filters use the Remove option. You can enter the
keyword all, a single node's infrastructure address, or a single node's IP address. Once
removed, the filter action for the removed addresses reverts to the default value.
To set up the protocol filters, start the monitor and let it run for a while under normal use.
Add filters by selecting the protocols from the monitor list. There is a default action for
those protocols not in the list of explicitly filtered protocols. If you know exactly which
protocols are going to be used by the radio nodes, set the default action to discard; then
add filters to forward only those protocols that will be used. If you are not sure of all the
protocols that will be used but you know that there are certain protocols you will not use,
you should set the default action to forward; then add filters to discard only those
protocols you will not use. For filtering purposes, the bridge assumes that the data portion
of the packets is in one of two forms:
• The first 16 bits of the data portion contains a value that is greater than the
maximum data size (1500 bits). The value is assumed to be a protocol identifier
that may be used to determine which protocol is being used within the packet.
• The first 16 bits of the data portion contains a value that is less than the maximum
data size. The value is interpreted as a frame length and it is assumed that a IEEE
802.2 Logical Link Control (LLC) header follows the length.
You can set up filters based on either a protocol identifier or a DSAP/ SSAP
combination. If the filter is based on SAPs and the control field has a value of 3, the
packet can also be filtered based on the OUI and LLC protocol fields. Both types of
filters can also use a variable length bit mask of the packet contents to further specify
which packets should be filtered.
Enabling Unicast Packet Filtering (Unicast)—The Unicast option filters unicast packets.
By default, the bridge applies the protocol filters only to multicast packets. If a packet is
directed to a radio node, it is likely the protocol in the packet is being used by the radio
node.
Displaying the Filters (Display)—The Display option allows you to view the list of
protocol filters you have added.
Adding a Filter (Add)—The Add option adds a protocol filter and specifies the type of
action required. There are several ways to add a filter:
• Use a predefined filter
• Use a filter from the monitor table built by the bridge
• Manually add a filter
Removing an Entry (Remove)—The Remove option removes a protocol filter entry. You
can remove all filters by typing all or a single entry by typing the number assigned to the
filter shown at the start of the line in the filter display.
Length of Data Displayed in Log Action (Length)—The Length option displays the
contents of packets being forwarded to the radio. Use this option to setup the filter mask
values. If you add a protocol filter whose action is log, each time the filter matches, the
contents of the data portion of the packet (after the MAC header) is displayed on the
console (in hexadecimal) for a length in bytes determined by the value of this option. The
contents of the data portion displayed in the information log consists of:
• "p"
• Id number of the filter shown on the Protocol Filters screen
• Bytes of the packet displayed in hexadecimal
More than one protocol at a time can be set with a filter action of "Log." The following is
an example of a protocol filter log entry:
p2: 01 e0 ff ff 01 eo 00 04 00 00 01 65 ff ff ff ff ff ff 04 52 00 00
Protocol Monitoring (Monitor/ Show/ Clear)—The bridge allows you to create and
display a list of the protocols being forwarded by the bridge. This allows you to test if
packets that contain data for unused protocols are being forwarded to the radio nodes.
After it is enabled by the Monitor option, the bridge begins to examine the protocol used
in each packet forwarded. If the protocol is not already in the list, an entry is created.
Otherwise, the packet count for the given protocol is incremented.
Figure 2:
Association Table Display Setup—You use the Association Table Filters and the
Association Table Advanced pages to customize the display of information in the access
point's Association Table.
Figure 1 shows the Association Table Filters page. Follow this link path to reach the
Association Table Filters page:
1. On the Summary Status page, click Setup.
2. On the Setup page, click Display Defaults under Associations.
Fields to Show—The fields you select here are the column headings for the Association
Table. Fields include:
• System Name—A device's system name.
• State—A device's operational state. Possible states include:
o Assoc—The station is associated with an access point.
o Unauth—The station is unauthenticated with any access point.
o Auth—The station is authenticated with an access point.
• IP Address—A device's IP address.
• Parent—A wireless client device's parent device, which is usually an access point.
• Device—A device's type, such as a 350 series access point or a PC Client Card.
Non-Aironet devices appear as "Generic 802.11" devices.
• SW Version—The current version of firmware on a device.
• Class—A device's role in the wireless LAN. Classes include:
o AP—an access point station.
o Client or PS Client—a client or power-save client station.
o Bridge, Bridge R—a bridge or a root bridge.
o Rptr—a repeater access point.
o Mcast—a multicast address.
o Infra—an infrastructure node, usually a workstation with a wired
connection to the Ethernet network.
Packets To/From Station—Use these settings to display packet volume information in the
Association Table. Select Total to display the total number of packets to and from each
station on the network. Select Alert to display the number of alert packets to and from
each station on the network for which you have activated alert monitoring. Select the
Alert checkbox on a device's Station page to activate alert monitoring for that device.
The Total and Alert selections both add a column to the Association Table.
Bytes To/From Station—Use these settings to display byte volume information in the
Association Table. Select Total to display the total number of bytes to and from each
station on your wireless network. Select Alert to display the number of alert bytes to and
from each station on the wireless network. Both selections add a column to the
Association Table.
Primary Sort—This setting determines the information that appears in the first column in
the Association Table.
Secondary Sort—This setting determines the information that appears in the second
column in the Association Table
Association Table Advanced Page—You use the Association Table Advanced page to
control the total number of devices the access point can list in the Association Table and
the amount of time the access point continues to track each device class when a device is
inactive. Figure 1 shows the Association Table Advanced page.
Follow this link path to reach the Association Table Advanced page:
1. On the Summary Status page, click Setup.
2. On the Setup page, click Advanced under Associations.
Maximum number of bytes stored per Station Alert packet—This setting determines the
maximum number of bytes the access point stores for each Station Alert packet when
packet tracing is enabled.
Default Activity Timeout (seconds) Per Device Class—These settings determine the
number of seconds the access point continues to track an inactive device depending on its
class. A setting of zero tells the access point to track a device indefinitely no matter how
long it is inactive. A setting of 300 equals 5 minutes; 1800 equals 30 minutes; 28800
equals 8 hours
802.1X
Method
TLS GSS_API
TLS GSS_API IKE
IKE LEAP
LEAP Layer
EAP
VPN
VPN APIs
EAP EAP
Layer
NDIS
APIs
PPP 802.3 802.3 802.11 Media
Layer
Figure 2: Association
1. The client adapter uses the username and password to start the
authentication process.
2. The Access Point communicates with the EAP-compliant
RADIUS server to authenticate the username and password.
3. If the username and password are valid, the RADIUS server
and the client adapter negotiate a dynamic, session-based
WEP key. The key, which is unique for the authenticated
client, provides the client with secure network access.
4. The client and Access Point use the WEP key for all data
transmissions during the session
Architecture for next generation wireless networks—The Cisco Security Architecture for
WLANs addresses the key barriers to enterprise WLAN deployment. The major
principles behind our security architecture include the following:
• Standards based security framework to promote interoperability
• Extensible AAA models to support different deployment scenarios
• Centralized Authentication and Key distribution to promote scalable, large scale
deployments in enterprises
• Minimal changes to the MAC to ensure backward compatibility
• Flexible to support different usage models such as at work, at home, or on the
road
In addition, the architecture is extensible to support both wired and wireless solutions so
that enterprises can have a consistent perimeter security framework regardless of the
access method.
Figure 1 shows the framework for the Cisco next generation wireless security solutions.
The architecture is based on IEEE 802.1x standards efforts. 802.1x comprise several
standards such as Extensible Authentication Protocol (EAP) for flexible client integration
and RADIUS for server integration.
Finally, Cisco supports the use of VPN transparently over 802.3 wired and 802.11
WLANs using Cisco VPN 3000 series concentrators and VPN client software as a unified
Several switches in the industry, including those from Cisco, are likely to support 802.1x
for wired networks. This will achieve a unified enterprise edge security scheme for both
wired and wireless.
• Cisco Secure Access Control Server version 2.6, running on Windows NT Server
or Windows 2000 Server, is used for AAA and EAP RADIUS services. Other
option is using a Microsoft Radius Server (Windows NT or 2000)
• Cisco Aironet Series access points supporting software version 11.0 or greater for
802.1x EAP authenticator support
• Cisco Aironet client adapters with firmware 4.10 greater that provide support for
integrated network logon and EAP-LEAP authentication
The entire authentication and key distribution process is accomplished in three phases,
Start, Authenticate and Finish as illustrated in Figure 3. The sequence is further
described in Figures 4 and 5.
Figure 1:
Controlled Port
Figure 2:
Wireless
Access Radius
Point Server
Laptop Ethernet
Computer Association
Access Blocked
802.11 Associate 802.11 Radius
EAPOL-Start EAPOW
EAP-Request/Identity
EAP-Response/Identity Radius-Access-Request
Radius-Access-Challenge
EAP-Request
EAP-Success Radius-Access-Accept
EAPOW-Key (WEP)
Access Allowed
• One-time passwords
• Any GSS_API method (includes Kerberos)
This section examines and demonstrates the detailed attributes of 802.1X for 802.11
solutions. Figure 1 introduces the 802.1X terminology as applied to an 802.11 WLAN
implementation.
In PPP-EAP, EAP does not select a specific authentication mechanism at Link Control
Protocol (LCP) Phase, but rather postpones this until the Authentication Phase. This
allows the authenticator to request more information before determining the specific
authentication mechanism. This also permits the use of a "back-end" server, which
EAP defines one or more requests for peer-to-peer authentication. The request includes a
type field (for example, MD5-challenge, one-time password, generic token, and so on).
The MD5 challenge corresponds closely to the CHAP authentication protocol.
Dynamic Key derivation—The 802.1X framework enables the secure derivation of per-
user session keys. As there is no longer a need to store WEP keys at the client or access
point, we can administer per-user, per-session WEP keys. As the WEP keys are
dynamically derived at the client for every session, the robustness of the security scheme
is enhanced and security attacks are that much harder. Global key, such as broadcast
WEP key, can be sent from the Access Point to the client, encrypted using the unicast
session key.
Figure 1:
What is AAA?
• Accounting—What did they do with this service and when did they
do it?
Figure 2:
Authentication—Remote Client
Username and Password
Windows 95
Dialup Networking screen
Username and Password fields
Security
Network Server
Access Server
PSTN/ISDN
Windows 95
Remote Client
username/password (TCP/IP PPP)
1. 2.
The components of the AAA environment include WLAN clients or bridges, network
access server (NAS) or access point, and internal network with a security server. AAA
secures access from a client or bridge to wireless access point. The three parts of AAA
are authentication, authorization and accounting. 1 This chapter will cover design,
implementation and configuration of AAA in a WLAN environment. Traditionally,
AAA has been used to secure access to routers, switches, and dial-up users.2
Installation—Setting up the AAA server is relatively simple. The first step involves the
installation of AAA server software such as Cisco ACS as shown in Figures 1 and
2.Detailed instructions are provided in the appendices or Cisco Connection Online
(CCO). User setup will be covered briefly in this section.
Enabling EAP in Cisco Secure ACS—Cisco Secure Access Control Server for Windows
NT/2000 Servers (Cisco Secure ACS) is network security software that helps authenticate
users by controlling access to a network access server (NAS) device, such as an access
server, PIX Firewall, router, or wireless access point.
Cisco Secure ACS operates as a Windows NT or Windows 2000 service and controls the
authentication, authorization, and accounting (AAA) of users accessing networks. If
ACS is already installed, follow the steps in Figure 3 to include the access point as a
Network Access Server (NAS) in Cisco Secure ACS. The add Network Access Server is
shown in Figure 4.
User Setup—This section explains how to add users who will need to authenticate. To
add users to the Cisco Secure ACS, complete the following steps:5
1. In the navigation bar, click User Setup. The Select window opens.
2. Enter a name in the User field.
3. Click Add/Edit. The Edit window opens. The username being added or edited
appears at the top of the window.
Account Disable—Define the circumstances under which this user’s account will become
disabled.
• Never—Click to keep the user’s account always enabled. This is the default.
• Disable account if—Click to disable the account under the circumstances you
specify in the following fields:
• Date exceeds—From the drop-down menus, select the month, date, and year on
which to disable the account. The default is 30 days after the user is added.
• Failed attempts exceed—Click the check box and enter the number of consecutive
unsuccessful login attempts to allow before disabling the account. The default is
5.
• Failed attempts since last successful login—This counter shows the number of
unsuccessful login attempts since the last time this user logged in successfully.
• Reset current failed attempts count on submit—If an account is disabled because
the failed attempts count has been exceeded, check this check box and click
Submit to reset the failed attempts counter to 0 and reinstate the account.
If you are using the Windows NT user database, this expiration information is in addition
to the information in the Windows NT user account. Changes here do not alter settings
configured in Windows NT. When you have finished configuring all user information,
click Submit
Web Resources
4.13 — x —
4.16 — x —
4.23 — x —
4.25 or later — — x
WGB340/350 8.58 x
WGB340/350 8.61 x
Step 1 Follow the link path to the Authentication Server Setup page.
You can configure up to four servers for authentication services, so you can set up backup
authenticators. If you set up more than one server for the same service, the server first in the list
is the primary server for that service, and the others are used in list order when the previous
server times out. The access point attempts authentication on the primary server first with each
new transaction.
Step 2 Enter the name or IP address of the RADIUS server in the Server Name/IP entry field.
Step 3 Enter the port number your RADIUS server uses for authentication. The default setting,
1812, is the port setting for many RADIUS servers; 1645 is the port setting for Cisco's RADIUS
server, the Cisco Secure Access Control Server (ACS). Check your server's product
documentation to find the correct port setting.
Step 4 Enter the shared secret used by your RADIUS server in the Shared Secret entry field.
The shared secret on the access point must match the shared secret on the RADIUS server.
Step 5 Enter the number of seconds the access point should wait before authentication fails. If
the server does not respond within this time, the access point tries to contact the next
authentication server in the list if one is specified. Other backup servers are used in list order
when the previous server times out.
Step 6 Select EAP Authentication under the server. If you set up a backup authentication
server, select EAP Authentication under the backup server, also.
Step 7 Click OK. You return automatically to the Security Setup page.
Step 8 On the Security Setup page, click Radio Data Encryption (WEP) to browse to the AP
Radio Data Encryption page.
Step 9 Select Network-EAP for the Authentication Type setting.
You can also enter this setting on the AP Radio Advanced page. If you also use open or shared
authentication, select Require EAP under the authentication type if you want to require users to
authenticate using EAP.
Step 10 Check that a WEP key has been entered in key slot 1. If a WEP key has been set up in
slot 1, skip to Step 14. If no WEP key has been set up, proceed to Step 11.
You can use EAP without enabling WEP, but communication between the access point and the
client device will not be encrypted. To maintain secure communications, use WEP at all times
Step 11 Enter a WEP key in slot 1 of the Encryption Key fields. The access point uses this key
for multicast data signals (signals sent from the access point to several client devices at once).
This key does not need to be set on client devices.
Step 12 Select 128-bit encryption from the Key Size pull-down menu.
Step 13 If the key in slot 1 is the only WEP key set up, select it as the transmit key.
Step 14 Click OK. You return automatically to the Security Setup page.
802.1x Protocol Version (for EAP authentication)—Use this pull-down menu to select
the draft of the 802.1x protocol the access point's radio will use. EAP operates only when
the radio firmware on client devices complies with the same 802.1x Protocol draft as the
management firmware on the access point. If the radio firmware on the client devices that
will associate with the access point is 4.16, for example, you should select Draft 8. Menu
options include:
• Draft 7—No radio firmware versions compliant with Draft 7 have LEAP
capability, so you should not need to select this setting.
• Draft 8—Select this option if LEAP-enabled client devices that associate with this
access point use radio firmware versions 4.13, 4.16, or 4.23.
• Draft 10—Select this option if client devices that associate with this access point
use Microsoft Windows XP authentication or if LEAP-enabled client devices that
associate with this access point use radio firmware version 4.25 or later.
Figure 2 lists the radio firmware versions and the draft with which they comply. To view
the current client version select Command>Status… in the Aironet Client Utility to
view the status window. 3
Server Type—Select the server type from the pull-down menu. RADIUS is the only
menu option; additional types will be added in future software releases.
Port—Enter the port number the server uses in this field. The default setting, 1812, is the
port setting for many RADIUS servers; 1645 is the port setting for Cisco's RADIUS
server, the Cisco Secure Access Control Server (ACS). Check your server's product
documentation to find the correct port setting.
Shared Secret—Enter the shared secret key used by the server in this field. The shared
secret key on the access point must match the shared secret key configured on the
RADIUS server.
Timeout (sec.)—Enter the number of seconds the access point should wait before giving
up contacting the server. If the server does not respond within this time, the access point
tries to contact the next authentication server in the list if one is specified. Other backup
servers are used in list order when the previous server times out.
Use server for—Select the EAP Authentication checkbox to use the server for EAP;
select the MAC Address Filtering checkbox to use the server for MAC address filtering.
Using the Configuration Security Menu or Page—From the Configuration Security Menu
or Page you can enable EAP and ensure added wireless security.1 The process for
enabling EAP requires that you connect to your organization's Cisco ACS server, which
requires a login and password, unique to your bridge. Follow your organization's
procedures for obtaining the login and password for your bridge.
Step 1 Choose Security from the Configuration menu. The Configuration Security
menu appears.
Step 2 Choose Mode. The following message appears:
Enter one of [off eap]
Step 3 Choose eap and press Enter to return to the Configuration Security menu.
Step 4 Choose Username. The following message appears:
Enter a string:
Step 5 Enter your bridge's username and press Enter to return to the Configuration
Security menu.
Step 6 Choose Userpwd. The following message appears:
Enter a string:
Step 7 Enter your bridge's password and press Enter to return to the Configuration
Security menu.
Step 8 Press Escape once to return to the Configuration menu or twice to return to the
Main menu.
Caution! If you perform all the steps in the above procedure, the bridge will not pass
data until you are connected to the ACS server. It is always best to configure the ACS
server first and test connectivity to the server using the ping command.
Figure 4:
Integrated Wireless
and Microsoft
Network Logon
If ACU is currently installed and LEAP or EAP is not available, reinstall the ACU utility
and enable LEAP/EAP during installation or repair of ACU.1
During ACU installation in the Authentication Method screen, you must select the server-
based authentication method preferred for wireless network access in your location and
click Next:2
• If you select None (the default value), server-based authentication is not enabled
for your client adapter. After the client utilities are installed, you can elect not to
implement any security features, or you can activate some level of security by
using WEP keys.
• If you select LEAP, LEAP is enabled on your client adapter, provided an EAP-
enabled RADIUS server is running on your network. After LEAP is enabled and
your computer is rebooted, your client adapter authenticates to the RADIUS
server using your network logon and receives a session-based WEP key.
• If you select EAP, EAP is enabled on your client adapter, provided an EAP-
enabled RADIUS server is running on your network. If your computer is not
using an operating system with built-in EAP support, this option is not available.
After EAP is enabled and your computer is rebooted, your client adapter
authenticates to the RADIUS server using your network logon and receives a
session-based WEP key.
Server-based authentication can be enabled for your client adapter in one of two ways:3
• Through a host device and code built into its operating system (referred to as
EAP)
• Through your client adapter's firmware and Cisco software (referred to as LEAP)
This method provides authentication service to client adapters whose host devices are not
running an operating system with built-in EAP support. The term LEAP is used to
distinguish authentication provided by the client firmware from authentication provided
by a host and its operating system.
For Windows 95, 98, NT, 2000, or Me or future Windows operating systems, the Aironet
Client Utility setup program, which installs the client utilities, is used to enable LEAP or
EAP. After LEAP or EAP is enabled and the computer is rebooted, the client adapter
authenticates to the RADIUS server using the username and password entered by the user
at the network logon. 4 If the Windows username and password are different from the
User configured on the ACS server, a Aironet authentication logon box will appear. At
this point, you should enter the username and password configured in ACS. To avoid a
double login, either configure the ACS user to match the windows logon information or
vice versa.
Upon completion of this chapter, you will be able to perform the following
tasks:
• Site Survey
• Applications
• WLAN Design
• Building-to-building design
• Site survey kit and utilities
Overview
This chapter will cover WLAN applications, design principles and site survey
preparation. In-building and building-to-building designs considerations are discussed.
Finally the tools and utilities required to perform a site survey are covered.
Figure 2:
Many people think that there is a science behind installing a Wireless LAN (WLAN).
While there is much science behind the technology, performing a site survey may be
thought of more as an art.1 Scientists are traditionally thought of as stringent and unable
to operate “outside the box.” Artists are bold and creative.
As a WLAN site survey engineer, you will have to be knowledgeable on both the
wireless equipment you are installing, as well as the wired equipment with which you
may be interfacing.2 You will often have to be creative in the design and implementation
of the WLAN equipment. A good site survey engineer will be able to think “outside the
box,” allowing him/her to overcome limitations presented by the facility as well as the
equipment
A site survey will help the customer determine how many access points (APs) will be
needed throughout the facility to provide the desired coverage. It will also determine the
placement of those APs as well as detail the necessary information for installation. A site
survey will also determine the feasibility of the desired coverage in the face of obstacles
such as wired connectivity limitations, radio hazards, and application requirements. This
9-2 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
will allow the customer to properly install the WLAN and have consistent, reliable
wireless access.
This chapter will provide you with all of the necessary tools and knowledge needed to
perform a site survey. While this is certainly the place to start, it must be combined with
experience. The more experienced and knowledgeable the site survey engineer, the better
the survey. This chapter will educate you on the processes of performing a site survey. It
will show the tools and how to configure and use them. Many different industries where
you may be required to perform site surveys will also be covered.
At the end of the chapter, you will be given a list of recommended equipment for a site
survey kit that should get you through almost any site survey. Techniques for performing
a site survey will be discussed. Many of the “gotcha’s” will be covered, pointing out
some of the concerns that you may not even think to consider when performing a site
survey.
Figure 1:
Line of Site—A clear line of sight must be maintained between wireless bridge
antennas. Any obstructions may impede the performance or prohibit the ability of
the wireless bridge to transmit and receive data. Directional antennas should be
placed at both ends at appropriate elevation with maximum path clearance.
9-4 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
9.1.3 Standards and Topologies
Figure 2: Topologies
IEEE 802.11 is a standard that ensures interoperability between WLAN equipment from
different manufacturers.1 The standard specifies three different methods for
transmission – Infrared (IR), Frequency Hopping Spread Spectrum (FHSS) or Direct
Sequence Spread Spectrum (DSSS). Cisco’s Aironet series equipment uses DSSS.
Remember that two of the subsets of the 802.11 standard are 802.11a and 802.11b.
802.11a covers equipment in the 5GHz range, while 802.11b covers higher speeds
(currently up to 11Mbps) in the 2.4GHz range. Cisco’s Aironet series of products adhere
to the 802.11b standard.
Under the 802.11 standard you should be able to use any 802.11 wireless client with any
802.11 wireless backbone. This is possible because 802.11 covers the transmission
between the client and the AP, association processes, and modulation schemes. However
the 802.11 standard does not cover communication between APs across the wired
backbone, roaming, wireless links over 1 mile, load balancing, wireless repeaters, etc.
Further cooperation from the WLAN vendors will be required before many of these
features can be implemented into the standard.
You need to be aware of these standards, as well as the limitations of 802.11 while
designing a WLAN. Because the standard does not cover communication between APs
across the wired backbone, it is recommended that the WLAN backbone consist of a
single manufacturer’s product. Cisco’s Aironet products offer roaming, load balancing,
wireless repeaters, throughput and 11Mbps (among other functionality above and beyond
802.11). 2
If the customer desires to use a specific client card adapter, or a data collection terminal
(some of which are not equipped with Cisco series radios), it is possible to install an all-
Cisco WLAN backbone that will communicate with a number of non-Cisco products.
9-6 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
This will allow the customer a robust, reliable WLAN connection while still remaining
802.11 compliant.
Just as with wired networks, the topology of your WLAN may take many forms. But in
reference to a WLAN, the term “topology” does not refer to architectures such as bus or
ring. Instead it refers to the BSA (Basic Service Area), which is comprised of
“microcells.” Each AP has an area of coverage referred to as a “microcell,” or “cell.” In
an installation comprised of a single AP this is a very simple concept. When multiple APs
are installed, the cells must overlap so that the wireless connection is never interrupted
while roaming from AP-to-AP.
The main purpose of a site survey is to place APs and survey the cells to allow for proper
overlap. Too much or too little overlap can cause disruption of the wireless connection to
the client.
Sometimes the topology of the WLAN will be dictated by the layout of the wired LAN to
which the WLAN will be connected.3 If wired connectivity is only available along one
side of a 100,000 sq. ft. warehouse, for example, the distance limitations of a Cat 5 cable
run (328’) may not be sufficient to reach the recommended location of the AP. This is
where the site survey engineer will have to be creative. There are many possible solutions
– a wireless hop using a repeater talking back to a wired AP, a repeater or a hub to extend
the Cat 5 cable run, or installing a fiber link to provide connectivity on the other side of
the warehouse. As a site survey engineer you are responsible for not only finding the
best locations for the APs, but also finding ways to connect the APs to the wired network.
It is therefore crucial that the engineer have an understanding of wired networks. This
understanding should cover wired LAN topologies, standards, and components.
Figure 1: Be Prepared
Be Prepared
• Come prepared to answer questions
• Dress appropriately
• Instill a sense of confidence in the customer
• Wear or carry company credentials
• Have business cards available
• Bring the proper equipment
Figure 2: Be Safe
Safety Guidelines
• Do not touch or move the antenna while the unit is transmitting or receiving.
• Do not hold any component containing a radio such that the antenna is very close to or touching
any exposed parts of the body, especially the face or eyes, while transmitting.
• Do not operate the radio or attempt to transmit data unless the antenna is connected; otherwise, the
radio may be damaged.
• Use in specific environments:
o The use of wireless devices in hazardous locations is limited to the constraints posed by
the safety directors of such environments.
o The use of wireless devices on airplanes is governed by the Federal Aviation
Administration (FAA).
o The use of wireless devices in hospitals is restricted to the limits set forth by each
hospital.
• Antenna use:
o In order to comply with FCC RF exposure limits, dipole antennas should be located at a
minimum distance of 7.9 inches (20 cm) or more from the body of all persons.
o High-gain, wall-mount, or mast-mount antennas are designed to be professionally
installed and should be located at a minimum distance of 12 inches (30 cm) or
more from the body of all persons. Please contact your professional installer,
VAR, or antenna manufacturer for proper installation requirements.
As a site survey engineer you need to be aware of specific issues that surround many of
the various industries you may come into contact with.1 Often IT mangers, upper
management, or board members may want to discuss the implementation of wireless
equipment in their facility. All site survey engineers expect that these issues have been
worked through with a salesman or Systems Engineer (SE) prior to his arrival. But this is
not always the case.
9-8 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
You need to be aware of the many issues so that you can appear intelligent and informed
while meeting with these individuals. If you appear incompetent or misinformed they
may cancel the site survey or the implementation altogether.
The customer wants to know that the WLAN installation will provide a reliable link to
the network for the wireless clients. If the site survey is executed well, this will most
likely win the overall project.
Make sure that you check with the proper staff upon entry into any organization. Many
companies have their own uniformed security group who need to be aware of your
presence. Schools typically will require you to check in at the main office before visiting
other areas of the campus. In high security areas such as government, aviation, and
military it is extremely important to gain security clearance and have escorts if needed.
Safety information—A site survey engineer should follow the guidelines in Figure 2 to
ensure proper operation and safe use of the wireless devices.
Web Resources
Neteam
http://www.neteam.com
GigaWave Technologies
http://www.giga-wave.com
Figure 1:
Figure 2:
Applications
Outdoor
Requirements
Partnerships
Available
Mobility
Scalable Client Connectivity
Site to Site
Manageable
Open
Infrastructure
Early adopters of wireless technology were in vertical markets. 1 These users were more
concerned with mobility than with standards or throughput. Users today are moving into
more horizontal markets where mobility may be less of a concern than interoperability
and throughput. With the WLAN products, mobility and roaming do not have to be
sacrificed to gain throughput and interoperability.
There are several primary applications that pertain to wireless networking. The first is
small office and potentially even home office. Generally, within this application, multiple
PCs communicate either via the access point (AP) wireless hub or directly card to card
without the use of an AP hub. Secondly, mobile workers are those usually within an
enterprise account that do not have a stationary desk within their corporate office, or
9-10 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
potentially workers looking for connectivity within an open-air environment such as
conference rooms. Mobile workers are in settings such as education, retail/warehousing
and healthcare. Lastly, outdoor connectivity can be the connecting of two or more
buildings to form site-to-site connections linking their networks together; but it could also
be mobile workers requiring access to their corporate network from outside their
buildings, such as a parking lot.
Web Resources
Cisco
http://www.cisco.com/warp/public/cc/pd/witc/ao340ap/profiles/index.shtml
http://www.cisco.com/warp/public/cc/pd/witc/ao350ap/profiles/index.shtml
• Early user of RF
technology
• Real time updates
• Special Events
9-12 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
One of the early adopters of wireless technology was the retail industry. Data collection
devices are extremely valuable tools for checking stock, receiving, and point of sale.
Wireless data collection devices offer the retail industry real time updates to their
databases and the ability to place registers and printers throughout the store for special
events (such as a sidewalk or tent sale) without having to worry about cabling.
Retail implementations often involve a large number of users sending data very
frequently. Stores are likely to do their inventorying at night. This can mean that there
will be a limited number of users during the normal store hours, which does not tax the
WLAN. However, the latest trend is to use handheld scanners to pre-scan items while
you wait in line. Once you reach the register, the items are recalled when you customer
account card is scanned. All that is left to do is pay.
When the inventory crew comes in at night, the customer expects that the WLAN will be
able to handle the demand. You need to work with the store manager to determine how
often they do inventory, how many data collection devices will be used, and what the
requirements are for their particular application. Also ask if they will require coverage
on the loading docks or inside the trucks at the loading docks. Depending on the WLAN
design there may be enough RF coverage bleeding through to the outside of the buildings
to accommodate this, but you should not depend upon this unless you have factored it
into your design.
Other concerns within the retail industry include the close proximity of the store to other
RF devices. Some stores may stock and demo RF devices in their store.
These may include satellite systems, baby monitors, or cordless phones. Many of these
may be 900MHz, but some may also be 2.4GHz. In any case, it is not recommended that
you install APs next to this type of equipment. Typically these devices have a higher
output than the APs. Also be aware that many stores use internal cordless phone systems.
Encourage them to use a system that operates on a different frequency (900MHz). It is far
less expensive to replace a few cordless phones than to try and design a WLAN around
an existing phone system that interferes.
Retail stores may also be located in malls or strip malls where there may be other users
operating 2.4GHz equipment. Examine this possibility before starting the site survey.
Talk with surrounding store managers about their systems. If there are other systems in
the area you will have to try and separate the stores by channel, SSID, etc.
• Multiple Users
• Inventory = high usage
• Stock levels
• Talk with
warehouse
personnel about
inventory levels
• Consult more than
one individual
9-14 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
Figure 4:
Figure 5:
Figure 6:
Stock levels in warehouses can vary on a monthly, weekly, or daily business. Talk with
the warehouse manager about when stock levels are at their highest and try to perform
your site survey during this period. If this is not possible, do your best to compensate for
the potential increase in stock or put a statement into your documentation that
indemnifies you if the physical layout of the site changes, to include stock levels.
Always try to talk with the people who work in the warehouse.2 A forklift driver may
actually have a more accurate opinion of current stock levels and when stock levels may
be at their high or low points, as well as when stock levels will be at their highest. Do not
assume that just because people do not work directly with the network that they do not
have information that may be relevant to your survey. Talking to a single individual may
lead you down the wrong path. Making inquiries of numerous people will hopefully give
you more accurate detail. Talk with as many people as you can throughout the warehouse
and inquire about stock levels and periods of high usage.
Warehouses or distribution centers are typically dirty and have maximum exposure to the
elements.3 Here are a few questions to keep in mind while performing the survey:
• Will the APs need to be mounted in sealed boxes?
• Are there freezer areas (which are difficult to cover and hard on electrical
equipment)?
• Do you need heated enclosures? Is there extreme humidity?
• How much clearance do you have above the shelving? Will it be sufficient to
mount an antenna? Or will the antenna be crushed by a forklift or by the inventory
that the forklift is loading onto the top shelf?
The following sample in Figure 4 shows a design for a warehouse in which wireless
coverage is the maximum concern for the user. Autorate negotiation will be used, since
coverage is the primary concern and cabling is available to all points in the store. The
warehouse has a very high ceiling and the visibility of antennas to the customers is not of
much concern; therefore we chose a high gain mast mount antenna for the maximum
coverage.
The design in Figure 5 provides the same level of coverage in a different way, assuming
that our client only has Ethernet cabling around the perimeter of the warehouse (which is
fairly common.) Here, instead using the high gain omni directional antenna, we used the
patch antennas and one rubber dipole to provide coverage for the store. With this design
we were able to get identical coverage using a different type of antennas and two less
access points. The patch antennas in the store increase coverage from the perimeter.
Figure 6 is the same warehouse with the same coverage, accomplished in a different way.
Here, Ethernet wiring is available only in the store front. We’ve decided to use the Yagi
9-16 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
antenna in the front, which has a small but focused beam that is suitable to cover long
distances, coupled with several dipole antennas to complete the store front coverage.
• Multiple floors
• Numerous rooms
• Sensitive
equipment
• Cautious
implementation
Equipment Concerns
• Hospitals concerned with APs interfering with equipment
• Cisco equipment has been tested
• If not already tested, offer to test the equipment
• Do not test on equipment while in use!
Patient Concerns
• Elderly patients may be scared by computer equipment
• May be required to enter patient rooms
• Customer service skills a must
Other Concerns
• Hospitals house sick people. Be prepared to deal with this
• Be sensitive to areas where you may not be wanted or
allowed
• Do not abuse privileges you may be given while
working in the hospital
9-18 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
Figure 3: 3-D Site Survey
Figure 4: Aesthetics
• Antennae are
unsightly
• Patch antenna
• Ground Plane
antenna
• Paint antenna
Figure 5: Interference
Healthcare site surveys are some of the most restricting, time consuming and difficult site
surveys you will ever perform. The primary reason for this is that almost every hospital is
a multi-story building with numerous small rooms. 1 Beyond this there are a number of
devices that may interfere with your AP, or vice-versa. Hospitals are also prime
candidates for wanting to “grill” the engineer before he can start surveying.
The engineer will need to have excellent customer service skills, patience, and even
kindness in order to put these people at ease. Some of these patients may have been
restricted to their beds for a number of weeks or even months. They will be eager to talk
to anyone who enters the room. And often the engineer in a tie is mistaken for a doctor.
Hospital surveys also require engineers with a certain amount of courage and fortitude. It
is not unheard of to have to survey the Intensive Care Units, Infant Intensive Care Units,
Birthing Units, Surgery Units, Burn Victim Units, Morgues, Emergency Room and
Trauma Units. The sight of patients in this condition sometimes has a very profound
effect on individuals. The engineer needs to be able to handle all of this with grace. More
than one engineer has been caught in the Trauma Unit when a critically injured patient is
being wheeled in.
Most hospitals cannot afford to have an individual escort the engineer all day while he
surveys. Most engineers are given a visitor badge and a “25 cent” tour, where they are
shown specific areas where they will not be allowed without an escort, if at all. In the
surgery area of hospital the engineer may be required to gown up to survey the area. And
almost no engineers are allowed in the psychiatric ward or the criminal ward without a
security escort.
A hospital is a good example of a 3-D site survey, but 3-D site surveys are not specific to
hospitals. Every multi-floor survey needs to be thought of as three dimensional, but this is
especially the case in hospitals, as they typically require a large number of APs. Because
there are only three non-overlapping channels, special care needs to be taken when
locating APs so you eliminate interference from other APs as much as possible. Take
advantage of the non-overlapping channels when you can. Watch out for trauma and x-
ray areas where the walls may be lead-lined. Locate elevator shafts, which are usually co-
located in hospitals and may be detrimental to your RF signal.
Hospitals are also very concerned with aesthetics.4 Large antennae hanging from the
ceiling tiles generally are not a good idea. Patch antennae are a good choice for hospitals.
They are strong antennae with good coverage patterns, allowing for fewer APs. They can
9-20 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
be inconspicuously mounted and can even be painted (DO NOT USE A LEAD BASED
PAINT!) to make them even less obvious. Ground plane antennae are also an excellent
choice. APs are usually mounted above the ceiling tiles.
Watch out for the many devices in hospitals that can be detrimental to your signal.5 Some
hospitals use SpectraLink phone systems. Most of these are 900MHz but that technology
is changing. They may also have existing WLAN equipment. Telemetry equipment is
often an excellent source of interference. (Should you have to survey near telemetry
equipment, consider leaving the wallet behind. Credit cards seem to be adversely affected
by the equipment).
There are many, many sources of interference in hospitals. Learn to locate and work
around them.
• Multi floor
construction
• Numerous rooms
• Throughput
• Fewer users per AP
Figure 2:
9-22 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
Figure 3:
Figure 4:
Advantages Disadvantages
• No wires to end • Open infrastructure
devices PC provides protection
• Excellent mobility • Shared bandwidth
• Minimal new wiring No multi-media
required
Only to access points
Figure 5:
Most business travelers will want to know that the data they are sending is secure and the
hotel will want to know that not just anyone with an 802.11 card can access their
network. One possible solution is WEP encryption, which adds minimal overhead.
Depending on the age of the hotel, building construction may become a factor. Newer
hotels will have drop tile ceilings. Older hotels will often have “hard cap” ceilings. These
are ceilings that are poured concrete. There is no real, effective way to run cable across a
hard cap ceiling. Keep this in mind when you are deciding where to mount APs. Older
hotels may also have walls of poured concrete. This presents the same problems as hard
cap ceilings. Hotels will also have many of the same concerns as hospitals do regarding
aesthetics.
Cisco’s Hotel Networking Solution—The solution starts with the Cisco Subscriber
Gateway.2 The Subscriber Gateway provides:
• Integration with the existing hotel billing system
• Easy sign up for services without requiring software or hardware
• Security for both the hotel and the guest
• An advertising portal
The meeting room solutions can be either wired or wireless. The guest room solutions
are designed to meet hotel needs and to use existing infrastructure or to accommodate
new wiring.
Cisco’s Hotel Solution is designed to provide four alternatives that meet current property
infrastructure situation and business requirements.3 Each has its own benefits and
limitations. The alternatives are as follows:
• Wireless—This solution is more attractive for the meeting rooms and public areas
of the hotel. It requires wireless NICs or hubs, which can be placed in the
location your guests desire. This solution also gives access to growing number of
wireless devices your guests might want to use in the public areas of the hotel.
This solution does provide security for your guests with encryption and
authentication.
• Cable—This solution would use the existing cable infrastructure provided the
hotel has access. It supports multimedia and high-speed Internet access.
• Wired—This is a solution that requires new (Cat5) wiring. It will support all the
high-speed applications including multimedia.
9-24 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
• Long Reach Ethernet—This solution will use existing (Cat3) telephone wiring
and it will support high-speed traffic as well as multimedia.
9-26 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
Figure 3:
• Cost: A dedicated
computer room is
not needed for
internet access.
Convert this graphic using Visio. May want to create a flash animation. Begin at the
core switch, expand the wired network then expand the wireless side.
9-28 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
Figure 7: Complex School Network
Convert this graphic using Visio. May want to create a flash animation. Begin at the
core switches, expand the wired network then expand the wireless side and site to site
connections
The design in Figure 4 is for an educational environment which is very similar to our
warehouse environment, with the exception of walls between the classrooms. We are
able to provide enough coverage using the rubber dipole antennas attached to the access
points. The school has a concern the students using the access points could gain access to
the production network, so the access points will be on a firewall. Connectivity for the
teachers will be handled by Ethernet switches in the wiring closets and cat5 pulled into
the classroom teaching stations.
Within the education vertical market, wireless is more popular in higher education, since
college students spend much more time outdoors doing work during nice weather. Patch
antennas are located directly outside the building, which allows coverage in the courtyard
for students who wish to work outside.5
9-30 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
building or site can be accomplished using traditional wiring methods or by deploying
line-of-sight point-to point or point-to-multipoint wireless solutions to cost-effectively
cover long or short distances or overcome obstacles such as rivers and highways.7
Web Resources
http://www.edutek.com/index2.html
New Addition
Figure 3:
9-32 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
Figure 4:
Break Room
V.P.
Storage
Small Office/Home Office (SOHO)—The Wireless office and SOHO markets are some
of the most quickly emerging markets.1 Many vendors are racing to put out RF products
for the home. In the meantime, many customers are trying to find creative ways to use the
industrial products in the small or home office. Most small offices will not require a site
survey. Depending upon the size of the office, the numbers of users, and the network
needs, an ad hoc RF network (peer to peer connectivity without the use of an AP) may be
the best solution.
Some customers may want a site survey anyway, looking ahead to future growth and
expansion. If this is the case, you may want to set them up with a single AP that may be
moved or connected to via a wireless repeater later.
Let’s consider a typical wireless office. Most users will have an office, desk, or cube
where they spend most of their day. They may have to occasionally attend a meeting,
conference, or class. For this type of application, APs need to be placed to provide
11Mbps coverage at the desks or in the conference room. Link speeds as low as 2Mb
may be sufficient everywhere else. It is not uncommon for the user to tell you he wants
11Mbps coverage everywhere. But after he has seen how many APs this will require, he
may change his mind, at which time you may need to redo your survey. Avoid this by
talking with your customer up front and addressing the issues. Find out where he thinks
You will need to ask the customer exactly where he needs the 11Mbps coverage.
In the example in Figure 4, the customer may think he needs APs in the corners of the
office. If you do this, a large percentage of the coverage cells will be covering outside the
building. He may have a single user who he feels needs to have 11Mbps coverage
(maybe a V.P. or director). But if he has a large number of users on a 100Mbps backbone
with a T-1 connection, the V.P. or director never sees 11Mb via the wired connection
anyway. So he is not gaining anything by your providing him with an 11Mbps wireless
connection. A better focus for the 11Mbps coverage would be an area with a larger
number of wireless users.
A better solution might be to move the two APs to the center of the building. This
provides 11Mbps coverage for high usage areas like the conference room and
the users in “cubicle land,” and provides for load balancing. Users around the
perimeter get 5.5 Mbps coverage.
9-34 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
9.2.8 Transportation
Figure 1: Transportation
Transportation
• Rail
• Bus
• Airport
• Airplane
Rail Yards
• Rail cars made of wood and metal
• Rail cars transport a variety of cargo
• Rail cars are large and create narrow
pathways between tracks
• Yagi antennae to shoot down pathways
• Airports
–Long, open
pathways make
indoor coverage
easy
– Outdoor coverage
more difficult
• AP and battery
pack or bomb?
• Airports are high
traffic areas
• Equipment can be
damaged or stolen
if not put away
properly
Copyright 2001, Cisco Systems, Inc. Wireless LANs 9-35
Rail Yards—Rail yards can be difficult to survey and install for many reasons. The cars
themselves are very large and may be constructed of wood or metal. Cars may be filled
with a variety of materials which can limit your signal. These may include livestock,
wood, metals, or perishable materials in wooden or cardboard boxes.
Inside the yard the tall cars on parallel tracks forms narrow pathways for the signal. Yagi
antennae mounted on poles above the cars at either end of the yard often are the best
solution, allowing you to shoot down the narrow pathways.
Airports—Airports tend be very large single story structures. This makes the survey
simpler for the engineer because the survey becomes two dimensional. The long, open
pathways also make for easy coverage. One difficulty in covering airports is when
coverage is needed outside the facility; in the baggage areas, for example. Much like
warehouse installations, these APs may be subjected to extreme weather conditions and
may require weatherproof enclosures.
Another difficulty in surveying airports is the high traffic and security in airports.
While people are certainly used to seeing work crews roaming throughout an airport, it
does not mean that they will be cautious around you while you are surveying. Take care
not to leave materials lying about that may be stolen or may injure people running from
gate to gate. A misplaced cable that a traveler trips over could result in a crippling
lawsuit. Airports are also very security conscious. APs and battery packs, with their
flashing lights and wires wrapped around them, can easily be mistaken for a bomb. This
is certainly not a situation that any engineer wants to find himself in.
9-36 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
9.2.9 Government and Military
• Secure facilities
• Security clearance
• Equipment checklists
• Variety of facilities
Like airports, government facilities are secure facilities. Being in the wrong place at the
wrong time with something that may be mistaken for a bomb could result in a spread
eagle position, nose to the asphalt with an M-16 pointed at the back of your head. You
may be required to obtain security clearances or may require escorts. Your vehicle may
be subject to search as you enter and/or leave the facility. You may be required to submit
an equipment list and have your equipment checked on a daily basis. Beyond the security
issues you will find facilities of every type at government locations, particularly military
facilities. Many military bases may have one of every facility we have discussed here and
you may be required to survey them.
The single fastest growing market is the ISP market.1 ISPs are finding new and more
effective ways to implement WLAN technology and are helping to drive some of the
technology developments. Unfortunately, ISPs have unique needs that cannot always be
met by the equipment. The difficulty with ISPs is that they are trying to use equipment
that is intended to be used in a LAN in a Metropolitan Area Network (MAN)
environment, and sometimes even a WAN environment. They see this technology as a
cheap replacement for Telco service or microwave technology. Far too often a
misinformed ISP thinks that installing a single AP on a mountaintop with a powerful
omni antenna is sufficient to provide coverage for the entire city located in the valley
below.
ISPs tend to be in a hurry to install the equipment and start providing service without
doing the proper research. They try to link clients and APs at distances over a mile (this
requires a bridge, not an AP). They are not aware of the implications of installing an
802.11 compliant AP. They do not understand that certain parameters need to be changed
to avoid having anyone with an 802.11 client attach to their AP and access their service.
You may be required to give the ISP a “dose of reality” and make recommendations on
which equipment to use, how to implement the technology, and the limitations of the
technology. It may not be what they want to hear, but better they know upfront than after
they have promised service that they cannot deliver.
9-38 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
9.3 WLAN Design
9.3.1 Overview
Figure 1:
Figure 2:
11 Mbps
• “Pools” of 11Mbps
coverage for high
numbers of users
• Stationary vs.
Mobile
5.5 Mbps
Figure 3:
Throughput vs. Data rate
• 11Mbps throughput = 11Mbps data rate
• Overhead
• Operating System
• 11Mbps RF = 10Mbps Ethernet
Figure 5: Comparison
One of the factors affecting your WLAN design should be the particular type of client
that the customer will be using.1 Some may choose to use PC cards in laptops to provide
mobility to their internal staff and easy connectivity for remote users when they are in the
facility. Some may want to use PCI cards, giving users the freedom to occasionally move
desktop PCs without having to worry about installing cable. Some may use a repeater or
a workgroup bridge to provide connectivity to remote users without using standard leased
lines or having to worry about attempting to run fiber. Others may want to use data
collection terminals. And some may use a combination of these options.
9-40 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
In an environment where the PCs will remain stationary most of the time, providing
wireless connectivity is a fairly easy task. For installations of this type, users typically
need “pools” of 11Mbps coverage and will not be overly concerned with their link speed
while moving.2 Many customers do not fully understand the equipment that will be
installed or what to expect. Some people believe that it will be a full 11Mbps link for
every user. Some question the reliability of the RF link and intend to use the wireless link
on a limited basis. The truth is that most users will fall somewhere between these two.
Remember, 11Mbps of throughput does not mean an 11Mbps data rate.3 There are many
factors that limit the link speed. Overhead, operating system, and number of users are
examples. There is more overhead associated with the RF link than there is on the wired
link. Realistically, the maximum link speed will be around 7Mbps. The Operating
System will be part of this limitation as well. File transfer speeds for a Microsoft
operating system are about 5.5Mbps. Linux speeds are closer to 7Mbps. The 11Mbps
wireless link can be thought of as a 10Mbps wired Ethernet segment when deciding how
many users it can handle.
The four main design requirements for a WLAN solution are that it must have high
availability, it must be scalable, it must be manageable, and it must be an open
architecture allowing integration with third-party equipment.4
• Available—High availability is achieved through system redundancy and proper
coverage area design. System redundancy includes redundant Aps on separate
frequencies. Proper coverage area design, includes accounting for roaming,
automatic rate negotiation when signal strength weakens, proper antenna
selection, and possibly the use of a repeater to extend coverage to areas where an
AP cannot be used.
• Scalable—Scalability is accomplished by supporting multiple APs per coverage
area using multiple frequencies or hop pattern. Aps can also perform load
balancing if desired.
• Manageable—Diagnostic tools represent a large portion of management within
WLANs.
• Open—Openness is achieved through adherence to standards (such as 802.11b),
participation in interoperability associations (such as WECA), and certification
(such as FCC certification).
Copper versus WLAN—Copper installations can still provide higher data rates, but price
is no longer a factor.5 A WLAN can be installed for roughly the same price as a copper-
based network, and provides many benefits over a wired network. As prices continue to
come down on wireless products and throughput speeds continue to increase, wireless
will continue to increase in popularity. This may also be a factor in your design. If the
customer wants to start by using a few wireless clients, and then increase the number
once he is sure of the reliability, you will need to design his WLAN to accommodate this
future expansion.
Figure 2:
Be aware of the applications that users may by utilizing.1 Someone who performs the
occasional file transfer and checks e-mail has very different needs from someone using a
CAD application across the network. Most offices today use a client/server model with
frequently used applications loaded on each terminal. Some companies are moving to
thin clients and may have much greater bandwidth requirements. This type of setup
requires a very reliable connection to the network, as an interruption of network service
renders the user helpless.
If the customer intends to use data collection devices exclusively, this will change the
way you perform your survey.2 Most data collection devices today operate at 2Mbps.
Most data collection devices do not require 11Mbps. If the customer is using a 2Mbps
data collection device with no intention of adding other wireless clients that may operate
at 11Mpbs, then perform the site survey at 2Mbps.
9-42 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
Make sure that all areas where the data collection devices will be used have a 2Mbps
link. Some data collection devices have the ability to rate shift. Discuss the devices that
your customer will be using, what abilities these devices have, and how your customer
intends to use them.
As we discussed earlier, retail or warehousing sites may have areas where large numbers
of very busy users will be located. A receiving area may be one such area. As equipment
is unloaded off trailers, it is unboxed and bar codes are scanned in rapid succession. The
bandwidth needs are again going to be determined by the application. A screen scraping
emulation sends large packets containing a lot of data, for example. If there are 20-30
users scanning barcodes and entering keystrokes in rapid succession, a single AP may not
be enough.
If, for example, all of the data collection devices are talking at 2Mbps, realistically the
AP is only operating at 2Mbps. This is not to say that the AP is limited to 2Mbps, but all
clients are communicating at with the AP at 2Mbps. While the 11Mbps connection might
be sufficient to handle the 20-30 users, the 2Mbps may not. You will have to examine the
packet size of the application and the number of users to determine if you will need extra
AP’s in this area.
Figure 1:
Figure 2:
Figure 3:
• Channel Mapping
• Three concurrent non-overlapping channels
1, 6, and 11
• Outside party interference
Channel
1 2 3 4 5 6 7 8 9 10 11
10
5
9
4
3 8
2 7
1 6 11
9-44 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
Figure 4:
Figure 5:
• 11 Users per AP of
shared bandwidth 11 6 1 11 6 1
There will be “pools” of coverage at each data rate.1 If the customer wants to provide
certain area with coverage at a specific data rate, you may have to perform multiple site
surveys. You may have to survey at each data rate and find out where the coverage pool
is for each data rate. The Cisco Site Survey Utility surveys at a given rate and does not
rate shift.
You will need to map out the higher data rate cells so they can be shifted to the proper
areas. You will need to map out the lower data rate coverage cells with an eye on the
overlap of these cells and on frequency selection. This can be time consuming but may
well be necessary, depending on your customer’s needs. Finding out ahead of time how
Bandwidth requirements for wireless connectivity will potentially determine the number
of APs that you would implement. If a constant speed is required and that speed is fairly
high, such as 11 Mbps, then the coverage will be fairly low and a high number of APs
will be required.
However, in many situations, AP coverage will be the driving factor over bandwidth, and
in these situations autorate negotiation of bandwidth can be used. With autorate
negotiation, the client picks the best speed at its current distance, so as the client moves
from a close proximity to the AP, it uses a high bandwidth such as 11 Mbps, and as it
moves outward from the AP and the distance increases, the bandwidth is reduced to allow
for the best possible signal quality.
Load—The load on an access point or the total number of potential clients should be
considered in any design.2 One problem with wireless LANs is that the number of
potential clients can be unknown, since the freedom of wireless allows any number of
people to converge within an area. The actual number of clients as dictated by the
address table in the access point is 2,048. This maximum is not practical, as WLANs are
a shared infrastructure, similar to hubs in a wired network. The more clients that are on
an access point, the less overall bandwidth is available for each individual user. For
variable bandwidth applications this might be fine, but for many applications, especially
with today’s data intensive graphical environments, this may not be adequate. This
problem is easily solved by distributing the clients among more access points,
particularly in congested areas. This serves to distribute the load, via overlapping
coverage between access points. Make sure that each access point is communicating on
their own unique channel to ensure no interference with each other. If only two access
points are going to have overlapping coverage, then any two different channels can be
used between 1 and 11. If more than two access points are going to be used, the
maximum possible is three, since only three channels do not overlap with each other
concurrently (channels 1, 6 and 11).3
In some environments you might find that bandwidth and AP load are a strong design
factor for a WLAN implementation. On way to ensure that a small area of users are using
a selected Access Point is to manipulate the power settings on the AP to adjust the size of
the cell.4 This adjustment will allow you to ensure that the cells cover very specific areas.
In Figure 5 there are 200 users on a floor. With an Access Points using 30mW antenna
power, the floor can only be covered in these large patterns, because the RF coverage
extends so far, and we only have 3 concurrent overlapping channels. Having 67 users per
access point could pose a problem, if many of these users were on the WLAN at the same
time. In the bottom example, we have simply reduced the antenna power which has
made the cells much smaller. Though we will need to install more Access Points to get
complete coverage, we have greatly reduced the number of users that would vie for the
9-46 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
shared infrastructure, and increased performance.
Figure 1: Bandwidth
2Mb Bridge
2Mb Bridge
2Mb Bridge
11Mb Bridge
2Mb Bridge
2Mb Bridge
Figure 2: Throughput
Many people think that the 11-Mbps product will support many 2-Mbps radios and
provide a total (aggregate) data rate of 11 Mbps, with each unit getting a full 2Mb.1 The
problems is that the 2-Mbps units transmit at 2 Mbps, taking 5 times as long to transmit
the same data as an 11-Mbps product would. This means the datarate is only 2Mb for any
given remote, and the total the 11Mb unit could see is still 2-Mb.
9-48 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
In order to achieve a total aggregate 11-Mb data rate, everyone will have to be set to 11-
Mb. If a single unit is less than 11-Mb, the overall rate will be somewhat less than 11, as
the base or central unit has to service the slower remote.
As a reminder:
• If everyone is operating at the same data rate, the they will all take the same
amount of time to send the same size packets.
• If some people are operating at higher speeds, then they will transmit the packet
faster, which will allow the RF to be available quicker for the next person waiting
to send some data.
• But if in an attempt is made to reduce throughput to a given site by lowering the
bridge speed, this will also affect the high speed bridges!
The amount of user data that is passed by the media is the throughput. In the example in
Figure 2 it is the WLAN devices.
Figure 1:
• Wireless data collection
means mobility!
• Coverage must be seamless
Figure 2:
Figure 3:
• Seamless Roaming
–All AP’s on same Subnet
•Use VLAN Tagging to span switches
–LANE, ISL, IEEE 802.1q (802.1Q is a major spec so upper case/802.1p
is an addendum to 802.1D therefore lower case)
–Repeater Mode
•AP used to extend distance of another AP
•Wired AP is the associated connection point
9-50 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
Mobile Users—Data collection users are also highly mobile users. That is the advantage
of the wireless data collection device. It enables the end user to freely roam throughout
the facility and scan items instead of having to carry the item to a scanner which is
attached to a fixed terminal. Coverage must not have holes and must have enough
overlap between APs to offer truly transparent roaming.
Highly Mobile Users—Some data collection devices are mounted to forklifts, which can
move throughout the facility very quickly. A driver may scan a barcode and then enter
the quantity as he is driving away. Take into consideration that the forklift driver does not
understand the technology, and usually doesn’t want to. He simply wants a system that
works. It is your job to provide him with this system. Part of this will be the application’s
ability to handle a mobile user and the occasionally dropped packets that go along with
that mobile user. But by providing the most seamless coverage possible, you will ensure
that the application will have fewer problems and work successfully.
When doing seamless roaming, the usage of mobile IP should be avoided and a constant
IP subnet for the client is required. It is possible, however, to extend coverage for a client
without deploying an access point connected to the same broadcast domain, by using a
second access point in repeater mode. This configuration can extend the coverage of the
first access point if wiring is not available for the second access point. When Access
Points are deployed as repeaters, the client association is really with the wired or root
access point, and not with the access point acting like a repeater. Inside buildings,
Ethernet connections are generally easily available. However, one use of the repeater
configuration is to extend access points from the building edge to the surrounding
outdoor portions of the building, for temporary use. For example, one customer uses
repeater mode access points to extend coverage into the parking lot during spring sales
for grocery store.
Figure 1:
Co
ns
•Users who switch between AC and DC Bu Oc
ta
ffe ca
nt
re s i o
Fl
d
• Default is CAM wh nal
ow
en Flo
as w
• Available only on PCMCIA le
ep
Figure 2:
9-52 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
Power consumption using a PCMCIA card while roaming is always going to be an issue,
since the battery has a limited life. Three modes for power are available and can be
selected for the client laptops.1 Configuration of these various modes is accomplished via
the “Network Properties” window in the operating system and can be selected under
“Adapter Properties” for the wireless NIC via the Aironet Client Utility under “Edit-
Properties.”2
The first mode is called CAM, which stands for constant awake mode. It is best leveraged
for devices when power is not an issue; for instance, when AC power is available to the
device. CAM provides the best connectivity option and therefore the most available
wireless infrastructure from the client perspective.
The second mode is called PSP mode or power save mode, and should be selected when
power conservation is of the utmost importance. In this situation, the wireless NIC will
go to sleep after a period of inactivity and periodically wake to retrieve buffered data
from the access point.
The last mode called key FastPSP or fast power save mode. It is a combination of CAM
and PSP. This is good for clients who switch between AC and DC power.
Wireless LANs use an unlicensed spectrum, which allows customers to manage their own
products and implementations, making WLAN scalable as well as easy to implement and
administer.1 The downside of using an unlicensed spectrum is that other devices can also
use the same frequencies and thus impact each other. Other devices using 2.4GHz, such
as cordless phones, can have an impact regardless of the SSID and WEP
implementations. While SSID and WEP provide security for the WLAN data, the RF
signal itself is still subject to interference, as it is a Layer 1 transmission. Interference
can be avoided in most instances by selecting products that operate outside of the 2.4GHz
range.
The impact is only going to happen if the 3rd party devices have above a minimal amount
of RF usage. If a person was to just turn on another 2.4 GHz device, not much will
happen and no real impact will occur. But if that 3rd party device starts to use the 2.4 GHz
Spectrum then both systems will suffer performance degradation. This stems from the
fact that WLAN products are based on CSMA/CA (Collision Avoidance) - before a
transmission is sent, the transmitter “checks” the airwaves to see if the Channel is
available for use. If a 3rd party is using the spectrum, then the airwaves will not be
available, and the device will “hold-off” until the RF becomes available. In a wired
Ethernet network, this would be the same as running a constant broadcast frame over the
wire, and will have the same effect.
9-54 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
9.3.8 Encryption
• Encryption Options
– No Encryption
– 40-Bit Encryption
– 128-Bit Encryption
• Hardware based encryption
– 3% performance hit
• Encryption Choices (defined at Access Point)
– No Encryption
– Allow client to specify (optional)
– Forced (Required)
There are three encryption options available for wireless LANs.1 The customer can
choose to install wireless LANs with either no encryption, 40-bit encryption or 128-bit
encryption. Within the United States Cisco only sells 128-bit enabled product, although
the customer can choose to not enable the encryption. Cisco has hardware-based
encryption processing so there is only a very small performance hit when encryption is
enabled on the product. Other wireless LAN vendors have software-based encryption,
which significantly decreases the throughput of the LAN.
Encryption is defined at the access point and three choices are available:
You can force all clients to no encryption, require encryption to be optional with the
client deciding whether encryption is turned on, or employ forced mode, which requires
all clients to utilize 128-bit encryption or 40-bit encryption for all the transmissions to
and from the access point.
All encryption processes utilize keys to do the encryption. At this point the keys are
configured manually on the access point and on the client for an in-building WLAN, and
on each side of the bridge for an inter-building WLAN. Four possible keys can be defined
to encrypted data, although only one key can be selected as the transmit key. In this
situation, all data from the device will be encrypted using the transmit key. All four keys
can be utilized as receive keys, so the transmitting key on the opposite device must be
defined as one of the four keys on the receiving device.
ACS 2.6 can be utilized to provide enterprise level scalability by requiring users to
authenticate before gaining access to the network.
It is important to take local building, fire and electrical codes when designing WLANS.
The Cisco Aironet series of products are not plenum rated. Plenum ratings ensure that
items located where air returns are such as above a ceiling tile, when burned at high
temperatures, do not give off poisonous fumes. Always work to stay within the code
guidelines when designing WLANs. This will virtually eliminate the need to redo
installations that do not meet code. Specify the appropriate equipment and supplies in the
plan up front to avoid costly overruns.
Remember that the cost of replacing or fixing the problem many times will be your
responsibility. In a worse case scenario, you may be responsible for any damages or
personal injury due to an improperly installed WLAN. Make sure that you consult or
have licensed professionals perform installation tasks such as tower erection, grounding
systems, electrical service, etc. Do not cut corners or lower the standard when designing
or installing WLANs in order to save money. This could lead to a bad reputation, lost
job, or even litigation.
For example, a corporate customer would like to hide the Access Points above the ceiling
and provide the maximum amount of bandwidth to the users. In this case, it is best to
reduced the antenna power to get the maximum number of AP’s over the floor, and use a
3rd party plenum enclosure from LXE to get the plenum rating.1
Web Resources
LXE
http://www.lxe.com
9-56 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
9.4 Building-to-Building Design
9.4.1 Overview
Many corporations would like a have a lot of bandwidth between new locations for a
variety of applications, even though the 802.11 standard is limited to 11 Mbps. Currently
for wireless LANs it is possible to use fast ether channel or multilink trunking to bond or
aggregate three bridges together and give the customer a potential of 33 Mbps.1
Finally, you will need to integrate WLANs properly to maximize the bandwidth between
sites.2 This can be accomplished several ways including filtering on the bridge, Layer 2
filtering using a switch(s) or Layer 3 filtering using a router(s). The router solution is by
far the best solution, allowing very granular control of the traffic.
9-58 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
9.4.2 Design Examples
Figure 1:
• Required Distance
–½ Mile
• Building A
–Antenna 8.5 dBi Patch
–Antenna Height 13’
–Cable 20’
• Building B
Si
–Antenna 8.5 dBi Patch
–Antenna Height 13’ Si
–Cable 50’
• Possible Distance
–11 Mbps .81 Miles
–2 Mbps 2.57 Miles
Figure 2:
• Required Distance
–25 Mile
• Building A
–Antenna 21 dBi Dish
–Antenna Height 150’
–Cable 20’
• Building B
–Antenna 21 dBi Dish
–Antenna Height 150’
Si
–Cable 20’
• Possible Distance
–11 Mbps N/A- Too Far
–2 Mbps 58 Miles*
Figure 3:
• Required Distance
–< 1 Mile
• Building A
–Antenna 6 dBi Patch
–Antenna Height N/A
–Cable 20’
• Building B
–Antenna 6 dBi Patch
–Antenna Height N/A
–Cable 20’
• Building C
–Antenna 6 dBi Patch
–Antenna Height N/A
–Cable 20’
• Possible Distance
–11 Mbps .57 Miles
–2 Mbps 1.82 Miles
The site-to-site design example in Figure 1 is for a point-to-point connection where two
buildings need to have a bridge link across a freeway. The required distance is only half a
mile; therefore the antennas need to be mounted at 13 ft. Assuming that the antennas are
mounted on the roofs of the buildings, this is not a problem because the buildings
themselves are over that minimum height. The cabling from the bridge to the antenna is
20 ft. in Building A and 50 ft. Building B - this doesn’t have an impact because the
distance is so short. We’ve chosen to use patch antennas so that we can keep the beam
focused and not be concerned with interference from other companies.
The design example in Figure 2 is in a rural area which requires a distance of 25 mi.
Because of the long-distance, parabolic dishes were chosen and cable lengths were kept a
minimum. 11 Mbps will be impossible because of the distance, so a 2 Mbps rate will be
used - this configuration is well within the specification for that. Even though the
possible distance of 2 Mbps is actually 50 miles, please note that line-of-sight over 25
miles is hard to align and not recommended.
The design sample in Figure 3 shows a headquarters building within a metropolitan area
where three separate point-to-point links have been implemented. Such a configuration,
instead of simply using a point-to-multipoint design, could be required because of
interference from other companies using wireless LANs. In addition, each building will
receive greater bandwidth in this configuration than they would using point-to-
multipoint, because there is not shared bandwidth here. Antenna mounting is not a
concern because of the short distance and already tall buildings.
The design example in Figure 4 shows the same metropolitan area which leverages the
point-to-multipoint implementation. The Omni antenna poses a potential problem of
interference with other wireless LAN customers using the same channels, but we are
reasonably sure that no interference exists.
9-60 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
9.4.3 Path Considerations
Figure 2:
Line-of-Sight
Figure 3:
• Antenna height
Line of Sight is really ellipse
Clear of all obstacles year round
Fresnel
Obstacle Free
Antenna
Height
Earth Curvature
In order to determine the antenna mounting height we take the mid-path fresnel zone
width (at 60%) for 2.4GHz and add it to the curvature of the earth. In order to get these
measurements you should refer to Figure 4. Links over 25 miles in distance are very hard
to install and align, so caution must be taken when recommending these type of
configurations.
9-62 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
9.5 Site Survey Equipment and Utilities
9.5.1 Equipment
Figure 2: Laptop(s)
Figure 4: Antenna
9-64 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
Figure 5: Duct Tape and Cable Ties
9-66 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
Figure 10: Carrying Cases
Having the right tools for the job is critical. Always make sure that you have all the
necessary tools and devices in order to perform a good survey. Some of the equipment is
listed below. Some specialty items can be purchased or rented from TerraWave
Solutions.
Survey Equipment:
• Access point—You need this for the base area of the survey. A spare is always
recommended. 1
• Client device—Use the client device that the customer wants to use. Always take
a spare.1
• Laptop PC—Use the laptop PC with the PC card you have chosen. It is
recommended to use a heavy-duty battery and carry a spare battery.2
• AP battery pack—AC power is not available in certain areas. One simple device
which can be used for short durations is an APC battery backup device.2
Another option is a TerraWave DC battery pack which provides power up to 8
hrs. Adapters for Cisco APs and bridges are provided. A special inline power
adapter can be purchased.
• Antennas—Take all the antenna varieties you have. All areas of coverage can be
different.3
• Digital camera—Take pictures to compare the site survey with the actual
equipment locations at installation time.4
• Cables—Category 5 patch cables may be needed. Always have some on hand.
Test Tools
• A Spectrum Analyzer is sometimes used to locate sources of Radio Frequency
Interference (RFI) 8
• A handheld Frequency Counter can provide a quick reference to specific
emissions in a close area
• An Electromagnetic Field Probe can detect local sources of Electro-Magnetic
Interference (EMI)
The test tools listed above are not common devices for site surveys, however when
determining the feasibility of co-locating equipment in cellular environments or areas of
high electrical current such as manufacturing machinery then these devices could be used
to sweep the environment of any potential problems prior to placing survey equipment.
These devices are also used to troubleshoot any environment by isolating sources of RFI
or EMI.
Heavy Machinery:
• Crane—When performing a survey for a site-to-site WLAN deployment, it may
be necessary to rent a crane or lift device to reach a height up to 150’ to determine
line-of-sight obstructions. You may opt to hire a 3rd party to perform this task.9
• Scissor Lift—When working in areas with high ceilings or roofs above 20’ it may
be necessary to rent a scissor type lift to access.9
9-68 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
With the quantity and cost of equipment required for a site survey, it may be necessary to
use a heavy-duty mobile case(s), especially if you will need to transport your kit by air or
ground.10 Having the right equipment always looks professional! Keep in mind that
expensive tools are targets for theft. Always secure or guard your equipment and tools.
Web Resources
IBM
http://www.ibm.com
TerraWave Solutions
http://www.terra-wave.com
APC
http://www.apc.com
Sony
http://www.sony.com
Manco
http://www.manco.com
Avery Dennison
http://www.averydennison.com
Brother
http://www.brother.com
Werner Ladder
http://www.wernerladder.com
Woods Industries
http://www.woodsind.com
Tektronix
http://www.tek.com
Anritsu
http://www.global.anritsu.com
Anvil Case
http://www.anvilcase.com
Site Drawing—Make sure you have a good set of paper copy prints for the walkthrough
and site survey to annotate any notes and mark coverage areas. 1 Digital drawings are
best for transferring information into a report at a later date.
Site Walkthrough—This critical step will help define the areas of coverage and no
coverage in the facility. The customer should conduct the walkthrough and acknowledge
any requirements or concerns. This time is also useful to locate any possible sources of
RFI, EMI, environmental or construction issues visually by looking for other antennas or
high voltage electrical motors. These elements of the environment define the possible
coverage for the area, some examples are:
• Other wireless LANs
• High voltage electrical motors
• Corrugated steel walls or ceilings
• Amount of rebar in the concrete
• Metal oxide window tinting
• Stock such as paper or dog food
Build a site layout on the drawings identifying the coverage desired and issues found on
the walkthrough.
9-70 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
9.5.3 Bridge Range Calculation Utility
Outdoor Bridge
Range Calculation Utility
for
FCC, ISTC and other similar approvals areas
and
ETSI and similar (max +20dBm EIRP) areas.
Directio ns for use.
1. Selec t the proper page ba sed upon your approvals for ins ta llation locations.
2. Select Produc t Being us ed for both sides of the link.
3. Select Datarate being used
4. Selec t power settin g (if ap pli cable) for both sides of the link (ETSI Cal culatio n onl y)
5. Select an ten na used oin e ach side . If using something other than Cisco/ Ai ronet antennas, en ter the gain
factor i n dBi.
6. Select cables being used on ea ch side. If usi ng something other tha n Aironet cab le , enter the loss/100 ft
7. REMEMB ER These are TH EORETICAL ca lc ulations.
8. LI NE OF SITE IS REQUIRED!
Distance Calculation
Distance=(300/Freq)*(conversion to metric to miles)*
EXP((antenna/radio parameters-first wavelength
loss-margin)/6*natural log (2))
Ant. radio parameters = TX pwr=ant. 1-cable 1+ant2-cable2+RX sensitivity
Cisco makes it easy to calculate bridge distances by using the Cisco distance calculations
spreadsheet that is available from Cisco’s Web site.1 All the user has to do is follow
several basic steps.
• Select the product line being used. If you are trying to use Access Points outdoors,
you can follow the same procedures. 2
• Next select the proper antenna for both sites. For other non-Cisco antennas, enter
the gain in dBi. If the gain is provided in dBd, simply ad 2.14 to the number to
convert to dBi.
• Then select the cable used on both sites. If using something other than standard
Cisco antennas, enter in the length and cable loss per 100 ft. in the appropriate
place. (For Cisco cables this is 6.7dB /100 feet at 2.4Ghz). If you are using a
different cable, contact the cable vendor for this information.
• Add any other losses due to splitters, connectors and so forth into the misc.
column.
Remember these are theoretical vales, but they should provide a very good comfort level
for proper operation. These values are for line-of-sight and provide a 10dB fade margin
which give you assurance that the calculations will work.
9-72 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
• Cable lengths are a loss and are subtracted.
The antenna and radio parameters include cable losses at the receiver and transmitter
sites, the antennas used at both sites, and the performance of the receiver and transmitter.
Receiver gain changes with data rate. Always use the maximum data rate values needed
by the customer.
Distances for these formulas are calculated in miles. For any given frequency, the
atmosphere offers losses. This loss is a standard for any radio at that frequency. In this
case we use the middle frequency of (2442Mhz).
In the example in Figure 3 20dBm is used for the transmitter power (2.4GHz), 2 - 13.5
dBi yagis antennas, and 2 cables of 20 feet each. The radio/antenna parameters are
calculated, and that value is put into the formula for maximum distance.
Web Resources
Cisco
http://www.cisco.com/warp/public/765/tools
9-74 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
ACU's site survey tool operates at the RF level and is used to determine the best
placement and coverage (overlap) for your network's Access Points.1 During the site
survey, the current status of the network is read from the client adapter and displayed four
times per second so you can accurately gauge network performance. The feedback that
you receive can help you to eliminate areas of low RF signal levels that can result in a
loss of connection between the client adapter and its associated Access Point.
9-76 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
Figure 3: LSM Parameters and Descriptions
Parameter Description
Screen Updates Per Specifies how often the LSM graphical display is updated
Minute Range: 1 to 120 updates per minute
(once a minute to twice a second)
Default: 60 (once per second)
Display Icon in Selecting this checkbox causes an LSM icon to be displayed in the bottom right corner of
Systray when your desktop when LSM is minimized.
minimized Default: Selected; Display Link Status icon tool tip
You can select the information that displays when your cursor is positioned over the icon.
The following table lists and describes your options.
Display Link Status Indicates the client adapter's ability to communicate with the
Access Point
Range: Not Associated, Poor, Fair, Good, Excellent
Display Signal Strength Indicates the signal strength for received packets
Range: 0 to 100%
Display Signal Quality Indicates the signal quality for received packets
Range: 0 to 100%
Display History Selecting this checkbox causes the LSM graphical display to show a recent history of the
RF performance between your client adapter and its associated Access Point. Black dots
on the graphical display show the performance of the last 50 signals.
Default: Selected
To open LSM in Windows 95, 98, NT, 2000, or Me, double-click the LSM icon on your
desktop. The Link Status Meter screen appears (see Figure 1). Data pertaining to the
performance of the RF link can be accessed from ACU and LSM; however, they are
displayed differently by each utility. These data are represented by histograms in ACU
and are depicted graphically in LSM.
The Link Status Meter screen provides a graphical display of the following:
• Signal strength - The strength of the client adapter's radio signal at the time
packets are being received. It is displayed as a percentage along the vertical axis.
• Signal quality - The quality of the client adapter's radio signal at the time packets
are being received. It is displayed as a percentage along the horizontal axis.
The combined result of the signal strength and signal quality is represented by a diagonal
line (see Figure 1). Where the line falls on the graphical display determines whether the
RF link between your client adapter and its associated Access Point is poor, fair, good, or
excellent.
This information can be used to determine the optimum number and placement of Access
Points in your RF network. By using LSM to assess the RF link at various locations, you
can avoid areas where performance is weak and eliminate the risk of losing the
connection between your client adapter and the Access Point.
The Access Point that is associated to your client adapter and its MAC address are
indicated at the bottom of the display.
Controlling LSM Operation—You can set parameters that control LSM operation. To do
so, select Preferences from the Options pull-down menu.(see Figure 2). The LSM
parameters and descriptions are shown in Figure 3.
Click OK at the bottom of the Link Status Meter Preferences screen to save any changes
you have made.
9-78 Applications, Design and Site Survey Preparation Copyright 2001, Cisco Systems, Inc.
Chapter 10 – Site Survey and Installation
Upon completion of this chapter, you will be able to perform the following
tasks:
• Infrastructure awareness
• Site Survey
• Mounting and Installation
• Accessories
• Documentation
• WLAN Site Survey Specifics and Project Management
Overview
This chapter will cover WLAN site survey and installation. You will first learn about the
importance of infrastructure awareness and creating an accurate network map. Second,
the process of performing a site survey will be covered followed by mounting and
installation concerns. Finally, you will learn how to document the entire process by
creating a site survey report.
Figure 3: Checklist
Check List
1. Get details of the
application.
2. Make site map.
3. Test the equipment.
4. Select the antenna.
5. Meet with MIS
manager.
6. Get details of
coverage.
10-2 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
Figure 4: Pre-Site Survey Form
Today’s IT professionals are generally already overworked, and do not want any project
that may increase their workload.1 They want a site survey that provides detailed
information about where the APs are to be located, how they will be mounted, how they
will be connected to the network, and where any cabling or power may need to be
installed. By providing the customer with a detailed site survey report, the IT manager
can turn the necessary portions over to a local contractor who can install the cabling that
may be needed to provide the WLAN connectivity to the network. At the same time,
preparations can be made on the customer’s network for the upcoming installation. The
IT manager’s role can be limited to turning over the work to a trusted local contractor.
You have saved him a lot of work. He will remember this in the future when he needs
another site survey.
Try to identify potential problems up front and discuss how these issues will be handled.2
This will potentially save the customer a lot of time and trouble during the installation. If
the customer is aware of these issues, they can be handled before the installation. These
are not issues the customer wants to find during the installation, or during the “go live”
period. By addressing potential problems and being proactive instead of reactive, you
and your survey appear as the strong, reliable source during installation, instead of the
weak link. Your firm’s reputation for site surveys is one of your strongest assets and
should always be protected. One bad site survey can hurt your business for months or
years to come.
Once the customer has decided to have a site survey done, you will need to have him fill
out a pre-site survey form.4 The pre-site survey form will help you determine what type
of survey you will be conducting, how many days it will take, what equipment you will
need to bring, and what questions you will need to ask during your walkthrough. A pre-
site survey form is your introduction to the customer’s facility, so make sure that you
gather all of the information you need in the form. This is a general information gathering
form. You will need to create a form unique to your company that fits your needs.
10-4 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.1.2 LAN Infrastructure
Not all customers can provide a detailed and up-to-date map of the existing network. In
many cases, you need to develop the map yourself. Companies that are constantly
working in "fire-fighting" mode do not have time to proactively document the existing
network.
To develop a network drawing, you should invest in a good network-diagramming tool. Visio
Corporation's Visio Professional is one of the premiere tools for diagramming networks. Visio
Professional ships with templates for typical LANs and WANs, icons for common network and
telecommunications devices, and the ability to draw WANs on top of a geographical map and
LANs on top of a building or floor plan.
To create more detailed network diagrams, you can use the Visio Network Equipment product,
an add-on library of 10,000 manufacturer-specific shapes with port-level detail. If a customer
has equipment documented in a spreadsheet or database, you can use the Visio Network
Diagram Wizard to draw a diagram based on the network- equipment spreadsheet or database.
Cisco provides some useful freeware tools including Cisco Network Designer (CND)
and ConfigMaker which can help create network maps.
10-6 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
An important step in network design is to examine a customer's existing network to better
judge how to meet expectations for network scalability, performance, and availability.
Examining the existing network includes learning about the topology and physical
structure, and assessing the network's performance.1
Most network designers do not design networks from scratch. Instead, they design
enhancements to existing networks. Being able to develop a successful network design
requires that you develop skills in characterizing an incumbent network to ensure
interoperability between the existing and anticipated wireless inclusion.
Some of the areas of the network you should investigate include the LAN infrastructure
and topology. The customer wants to be confident that the Systems Engineer (SE) or
survey engineer is capable and knowledgeable to perform this task.
Know your topologies—There are many different topologies but most companies today
use some sort of star topology for their network. It may be a clustered or distributed star.
Understand where the components of the network are located. Have the IT representative
show you where the servers are located, where the connectivity points are (cabling closets
with hubs, switches, routers, etc.), and where the cabling is run throughout the building.
In many cases, they will have this on a network map, which can easily be printed or
duplicated. If you do not have a network map or it is out dated, you must perform the task
of creating one. There are several tools available. 2
At this point in the network design process, your goal is to obtain a map of the already-
implemented network. Some design customers may have maps for the new network
design as well. If that is the case, then you may be one step ahead, but be careful of any
assumptions that are not based on your detailed analysis of business and technical
requirements.
10-8 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.1.3 LAN Media
Look into the media types that make up the network.1 The customer will most likely use
some type of copper UTP cabling for most of the runs. Copper can be run to a maximum
distance of 328 feet without a repeater or hub. Fiber can be run for miles if necessary.
Some facilities use fiber cabling. Most of these sites use a combination of fiber and
copper, with the fiber acting as the main backbone of the network and copper runs to the
desktop. In the event that the facility uses fiber cabling throughout, make sure to advise
the customer that the APs only provide RJ-45 connections and that a media transceiver
will be needed for each of the APs. This can be a significant cost.
Cabling Awareness—As you are surveying a facility and deciding on location for the
APs, you should also be looking for ways to connect the APs to the network.2 By now
you should be aware of the network layout and components and have a good idea of
where and how you can interface with the network. Most systems engineers are not
experts on cabling. Your job is to perform the survey and make recommendations. These
recommendations need to cover the cable associated with the APs. Because of this, you
will have to have some knowledge of cabling. Here we will address some of the issues
surrounding cabling and make you aware of the items you should be concerned with
during the survey.
The number one rule when designing the cable portion of your WLAN is to avoid fire
hazards and to avoid creating a fire hazard. Design your cable runs properly. If the
customer chooses to ignore your recommendations, that is his prerogative. This is why
accurate documentation is necessary. In the future you may have to prove that the
installed cabling is not what you recommended. Without proper documentation, this will
be very hard to do. But if you design a faulty system and he installs according to your
recommendations, you could find yourself in a lot of hot water.
10-10 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
Checking Architectural and Environmental Constraints—When investigating cabling, pay
attention to such environmental issues as the possibility that cabling will run near creeks
that could flood, railroad tracks or highways where traffic could jostle cables, or
construction or manufacturing areas where heavy equipment or digging could break
cables. Within buildings, pay attention to architectural issues that could affect the
feasibility of implementing your network design. Make sure the following architectural
elements in Figure 3 are sufficient to support your design.
Figure 1: Cat 5
Figure 3: Plenum
10-12 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
Plenum cont.
• Identify plenum areas
- egg crate ceiling tiles, no insulation, firewalls
• Non-plenum areas use ducting in plenum
for air return
• No chance for toxic fumes to get inside
the ducting
• Identify non-plenum areas
- ductwork, lack of firewalls, insulation
The most frequently used cable for today’s networks is Category 5 (Cat 5) unshielded
twisted pair (UTP).1 Cat 5 cable consists of eight strands of copper, grouped in pairs.
Each pair is twisted to help avoid crosstalk. The four pairs of wires are housed in a PVC
sheath. Most networks use two of the four pair of wires. All four pairs are punched down
onto the connector, but only two are actually used. UTP means that there is no additional
shielding for the pair of wires inside the PVC sheath. Cat 5 UTP cable can be run a
maximum distance of 328 feet or 100 meters.
Cat 5 is also available in Shielded Twisted Pair (STP). 2 This cable has an extra layer of
shielding inside the sheath. The reason that Cat 5 UTP cable cannot be run over 328’ is
because of attenuation (signal on the wire becomes weak or distorted). Part of the reason
for the distortion is interference. By using a shielded cable, there is less interference and
less attenuation, allowing you to run longer distances. STP is generally not as widely
used as the UTP. Instead, Cat 5 UTP cable is run to its maximum distance and then
plugged into a repeater, hub, or switch, where the signal is then rebroadcast down the
next length of Cat 5 UTP.
Another option is to use Fiber Optic cabling for distances that exceed 328’.
Since network cables are traditionally run in the plenum, toxic fumes will then be
circulated throughout the building. Therefore, plenum cable must be used in these
facilities. All other equipment installed (APs) must also be plenum rated. Currently
Cisco’s 340 series APs are not plenum rated. Plenum cables have a different sheath that
will not melt as easily and will not give off toxic fumes. Plenum cable is easily identified.
The sheath of plenum cable is much stiffer and harder to work with than standard Cat 5
cable. The cable will also be marked with a code (CMP, for example, indicates a plenum
rated, unshielded cable).
10-14 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.1.5 Fire Walls
• Easily identified
• Act as barriers to contain fires
• Standards for penetrating fire walls
Fire walls are usually easily identified.1 They will be concrete, cinderblock, or brick
structures that extend the full width of a room or passageway, and extend from floor to
ceiling. There are no breaks in fire walls. Fire walls are designed to contain a fire to a
specific area by acting as a barrier. It may sometimes be necessary to go through a fire
wall. In this event there are procedures for penetrating the wall. These procedures must
be compliant with the National Electrical Code. You can obtain a copy of the NEC from
local electrical suppliers.
For this reason you should make a note in your survey report of any area where your
design will have to penetrate a fire wall.
Another reason to make note of fire walls is that they will affect your RF signal.
Many facilities have fire walls with doorways.2 The doors are specially constructed and
sealed to withstand a fire for a specified burn through time. Other than their heavy
construction, these doors are not easily identified and can have a wood appearance. If
you think that a set of doors may be part of a firewall, check and make sure. If they are,
survey with the doors closed. Closing the doors will have an effect on your coverage.
10-16 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.1.6 Risers, Cable Paths and Service Loops
Figure 1: Risers
• Sometimes referred to as
“wiring closets”
• Used for wiring between floors
• Stacked on top of each other
• Riser walls are fire walls
• If a riser is plenum-rated, only install
plenum rated equipment
Cable Paths—Always design and measure cable runs in straight paths.2 If a cable
running north-south needs to be run in a different direction, make a 90 degree turn. Do
not run the cable at an angle. Never measure the distance from the point of network
connectivity to the AP as “the crow flies”. If you do and the customer gives your report
to a local contractor for an estimate, the estimate could be wrong. Also, the cable run
may be too long and require a different type of cabling.
Service Loops—Always calculate for a “service loop” on either end of the cable run.3
Service loops are usually 10 feet. This gives the contractor some “play” in the cable in
case the cable has to run around some unforeseen object, or in case the cable has to be
terminated numerous times. Runs that are measured at anything over 300 feet should be
carefully examined. From the floor, it is difficult to judge the exact distance.
Also calculate a “fudge factor.” Different SE’s have a different percentage that they use
here. Adding 15% is usually enough to insure that there will be enough cable to get
around unforeseen objects. Make a note of your estimated “fudge factor” percentage in
your report. Otherwise, the contractor may add his own and decide the run will be out of
specification.
10-18 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.1.7 LAN Infrastructure—OSes, Protocols, etc
Ask the IT representative about the operating systems for the clients and servers and ask
which protocols are being used on the network.1 Also, ask specifically which protocols
will be sent over the WLAN. You may need to filter out all protocols that will not be
used on the WLAN to cut down on unnecessary wireless traffic. Make sure that the
customer is aware that not all operating systems are supported.
Figure 1:
Figure 2:
Figure 3:
Switch
VLAN 1 ? VLAN 2
10-20 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
Figure 4:
VLAN 1 VLAN 3
Switch
VLAN 2 Host
Figure 5:
Single VLAN or
Grouped VLANs
Switch
Broadcast packets
Broadcast packets
Host
Figure 6:
VLAN
Switch
Host
Many people today are not aware of these abilities and try to use switches just as they
would hubs. They think that all devices plugged into the switch will be able to
communicate. This may or may not be the case depending on the default settings of the
switch. If the customer uses switches, you will need to find out how these switches are
set up. Switches have the ability for each port to represent a “virtual LAN” (VLAN).2
VLANs may be grouped together to form larger VLANs. Switches can stop broadcast
packets, however they cannot stop broadcast frames.
Switches are designed for wired networks with stationary users.3 Switches were not
designed to handle mobile users. If the switch sees each port as a VLAN and there are
APs on each port, the switch is not set up to handle users moving from one VLAN to
another. Cisco Aironet APs are set up to work with these switch features. When a client
roams from AP1 to AP2, AP2 sends a multicast packet with the source address of the
roaming client. This packet is sent by the AP on behalf of the client, updating the Content
Addressable Memory (CAM) on the switch. AP1 can then forward any packets that it has
for the client to AP2.
The customer’s application may not be set up to handle a switched network. The
application may send out broadcast packets. If the client is connected to an AP that is not
on the same virtual LAN as the server(s), the broadcasts packets may never reach their
destination(s).4 This may vary depending on the configuration of the switch and the
setup of the network. One potential solution to this problem is to group the ports with
APs connected to them with the port the host is using to form a VLAN. This may or may
not work for your customer. 5
Another potential solution is to network all of the APs to the same hub that the host uses.
Cable distance limitations may make this difficult. Still another solution may be to
network all of the APs together via hubs and have them connect to same hub the host
uses. This is not a viable option if the host is remote.
Note: This solution may present problems for some people. Under the 802.3 standard,
when using a switch, you should not extend beyond two hops when using a 100Mbps
network.6 (Remember, the wireless link between client and AP is not considered a hop.)
You may be required to remind (or explain) to your customer how his switch works and
inquire if this will present a problem for his WLAN. These problems are seen most
frequently in installations using data collection terminals, where a user may scan a bar
code while standing in one cell and then wander into another cell while keying in the
quantity and pressing Enter.
10-22 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.1.9 Routers, Bridges and Hubs
Figure 1:
Figure 2:
Figure 3: Bridges
Bridges—Bridges can also present challenges because of their tables.3 Most bridges
used today build dynamic tables. Some facilities may need to build their tables manually,
sometimes by choice or sometimes because they are using older bridges. Most IT
personnel are not eager to work with these tables. It may be necessary in order for the
WLAN application to work properly, especially if they will be accessing a remote host.
Yes, hubs are still out there.4 Some may look like switches, but they are not. Remember
that a hub is a multiport repeater. All Layer 1 and 2 traffic will be propagated to and
from an access point. All traffic on the segment will be seen and by the access point or
hub and any device directly connected. It is better to connect and access point or wireless
bridge to a switch. If true Layer 3 broadcast control is required, then a router should be
used to interconnect between the wireless and wired LAN.
10-24 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.1.10 Check the Existing Network Health
Figure 1:
Since the performance of existing network segments will affect overall performance, it is
important that you study the performance of existing segments to determine how to meet
overall network performance goals. If an network is too large to study all segments, then
you should analyze the segments that will interoperate the most with the new network
design. Pay particular attention to backbone networks and networks that connect old and
new areas.
In some cases, a customer's goals might be at odds with improving network performance.
The customer might want to reduce costs, for example, and not worry about performance.
In this case, you will be glad that you documented the original performance so that you
can prove that the network was not optimized to start with and your new design has not
made performance worse.
By analyzing existing networks, you can also recognize legacy systems that must be
incorporated into the new design. Sometimes customers are not aware that older
protocols are still running on their networks. By capturing network traffic with a protocol
analyzer as part of your baseline analysis, you can identify which protocols are really
running on the network and not rely on customers' beliefs.
In addition to allocating sufficient time for a baseline analysis, it is also important to find
a typical time period to do the analysis. A baseline of normal performance should not
include non-typical problems caused by exceptionally large traffic loads. For example, at
some companies, end-of-the quarter sales processing puts an abnormal load on the
network. In a retail environment, network traffic can increase five times around
Christmas time. Network traffic to a Web server can unexpectedly increase as much as 10
times if the Web site gets linked to other popular sites or listed in search engines.
In general, errors, packet/cell loss, and latency increase with load. To get a meaningful
measurement of typical accuracy and delay, try to do your baseline analysis during
periods of normal traffic load. (On the other hand, if your customer's main goal is to
improve performance during peak load, then be sure to study performance during peak
load. The decision whether to measure normal performance, performance during peak
load, or both, depends on the goals of the network design.)
10-26 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
Some customers do not recognize the value of studying the existing network before
designing and implementing enhancements. Your customer's expectations for a speedy
design proposal might make it difficult for you to take a step back and insist on time to
develop a baseline of performance on the existing network. Also, your other job tasks and
goals, especially if you are a sales engineer, might make it impractical to spend days
developing a precise baseline.
The work you do before the baseline step in the top-down network design methodology
can increase your efficiency in developing a baseline. A good understanding of your
customer's technical and business goals can help you decide how thorough to make your
study. Your discussions with your customer on business goals can help you identify
segments that are important to study because they carry critical and/or backbone traffic.
You can also ask your customer to help you identify typical segments from which you
can extrapolate conclusions about other segments.
Figure 1: Be Prepared
After you have discovered possible trouble areas, examined your customer’s application
needs, and talked with the IT staff concerning their network, it will be time for you to
start the survey. Make sure prior to arriving on site that all of your equipment is
operational.1 Your equipment should be configured and ready to survey before your
arrival at the customer’s site. By doing these two things, you will be ready to get started
with the survey when you arrive.
In-building survey—Call ahead and find out if a scissor lift will be needed to reach the
ceiling. If so, find out if the customer will provide the lift or if he expects you to provide
the lift. Make sure that you have the proper equipment, and if necessary, a license to
operate the lift.
Site-to-site survey— If you are performing a survey for a site-to-site WLAN for up to
several miles, roof access will probably be necessary. Also, make sure that you have a
spectrum analyzer or rent one. Building mounted antennas are much more costly than in-
building installation. Building or roof mounts, power, hardware, lightening arrestors,
coax cable, fittings and lightening rod systems are expensive. Electrical and grounding
installation should be done by a licensed professional, which will add to the cost. If
many areas, licensing is required to install the antenna as well. More important than
following building codes, regulations and licensing is the legal protection and coverage
provided by a reputable contractor. Don’t try to save a buck in the short run to loose big
money and a reputation in a lawsuit.
By testing the line of sight path both visually and with a RF spectrum analyzer, you avoid
the costly mistake of having to relocate the antenna, at least initially. Remember that
WLANs use the unlicensed 2.4 GHz band and there are no guarantees that interference
10-28 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
will not become a problem in the future (the cost of not having to pay the FCC). Make
sure that you explain and document this for your justification and the customer’s
knowledge. Your spectrum analysis should be documented for current conditions. If
possible, you may want to perform this test over several days at different times during the
day. If your customer depends on a reliable link during the middle of the night, then a
survey should be done then if possible.
If sites are separated by more than a few miles, then a crane equipped with a basket may
be necessary to check line of site for obstacles and RF interference. This can become
quite expensive and time consuming, even if you are renting. Remember to rent a crane
that reaches the desired height and always plan ahead to reserve the equipment. Also, at
this point you will probably be working in a team, so you may have a partner several
miles away working together to establish and test link quality. Make sure that you have a
cell phones or communication devices handy to coordinate efforts.
Similar to the previous mentioned scenario, nothing could be more costly than erecting a
150’ tower to later discover that RF interference has partially or completely destroyed the
link quality. Even worse is the fact that the tower could have been relocated several feet
to avoid the problem. Doh!
Charge all batteries and battery packs the night before you are scheduled to survey. This
includes the scissor lift if it is batter operated. Have all your equipment ready to go.
10-30 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
Figure 3: Survey the First Two Areas and Fill in the Middle
The easiest way to start a site survey is to pick one area of the facility that needs
coverage. Choose a corner and place the AP in the corner.1 Survey the coverage of that
AP and make a note of where the furthest point of coverage is from that AP. Then move
the AP to that point. If you were to place the AP in the corner, as much as 75% of your
coverage cell might be wasted covering an area outside the building that does not need
coverage.
Once you have moved the AP, then survey the coverage of the AP. It may be necessary
to move the AP several times in order to find the best placement. Once you have decided
on the best location for that AP, then move to a different corner of the facility and repeat
the process. In a simple warehouse like the one shown above, you would repeat the
process four times. The survey of the RF coverage would then be complete.
In a more advanced survey, repeating the process four times might only provide coverage
around the perimeter of the facility. You would then need to fill in the holes. This is
where experience and judgment will come into play. Some engineers might elect to
survey the perimeter and then fill in the center. Remember, if you need seamless
coverage, the coverage cells must overlap. 2
For a standard survey, 15% overlap is usually sufficient to provide for smooth,
transparent handoffs. If you intend to use repeaters, then the repeaters will need to have a
50% overlap with a wired AP.
Another approach is to survey the first two APs and find the coverage areas. 3 Then place
an AP at the edge of the first AP’s cell, survey the coverage, and then move the AP out
further to utilize it’s entire cell. This allows you to roughly judge the size of the cell and
then move the cell. Survey the new location to determine feasibility and adjust as
10-32 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.2.3 Channel Selection and Date Rates
AP 5
AP1
AP 3 Channel 6
Channel 1
Channel 11
AP 4
AP 2 Channel 1 AP 6
Channel 6 Channel 11
When you are surveying, take into account the fact that there are only three non-
overlapping channels.1 In order to maximize your data rate, use these channels. By using
the non-overlapping channels you insure that the APs will not interfere with each other.
As you design the WLAN, survey using the channel that you intend that AP to operate
on. Part of your survey duty is to test for interference. If you survey every AP using the
same channel, and not the actual channel the AP will be using, you cannot be certain that
no interference exists on the channel that the AP will actually be using.
Know what your customer needs. If you survey at the wrong data rate and the customer
installs the WLAN, he may be able to only connect in certain areas, or unable to connect
at all!
10-34 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.2.4 Antenna Choice, Power Level and Cell Size
Figure 1: Overlap
What if there is too much overlap?1 The engineer might find himself in a situation where
one more AP may provide too much coverage, but the current number of APs provides
too little coverage. At this point the site engineer has some options. He may elect to use a
different antenna to obtain more coverage from the APs, or he may elect to use smaller
antennas and add more APs. Still another possibility is changing the power levels on one
or more of the APs to change the size of the coverage cell(s). Finally, he may elect to use
a combination of these options to get the coverage he needs.
The process is one of trial and error.1 Again, experience will play a vital role here. Site
surveys can often be like puzzles. And sometimes individuals can become so sure that
they know THE solution they fail to see other solutions. Whenever possible, take the
time to talk with other SEs about their surveys. They may have come up with very
creative solutions that you can implement in your future designs.
More times than not this conundrum presents itself because the SE has surveyed a few
APs only to find out that ultimately his plan will not work. Instead of wiping the slate
clean, an SE may try option after option to force the last piece of the puzzle to fit.
Sometimes site survey problems are due to frustration, and sometimes laziness.2 An
engineer’s mind might become “single track” because he doesn’t want to start the survey
10-36 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
over again. If you find yourself in this situation it is best to take a break from the work.
Go for a cup of coffee, check voicemail, or take a lunch break to let your mind rest. Upon
your return you may find that the best solution presents itself. If not, it may be necessary
to wipe the slate clean and start over. You may have found trouble spots that you had not
anticipated. By starting the survey over you will be aware of these trouble spots and can
factor in this knowledge when planning the layout of the APs again. It is always better to
start the survey over and design the WLAN properly than to try and force a solution or
use a solution that may not provide the best coverage.
Figure 1:
If possible, work with the existing conditions and layout. There may be times when the
location of the APs may be dictated by available network connectivity. Copper has a
length limit of 328 feet, for example. But no matter what the problem, there is almost
always a way around it. Take the warehouse shown in Figure 1, for example. Network
connectivity is only available along one wall. The warehouse is filled with shelving that
creates long, narrow aisles.
A good solution for this warehouse may be to locate APs along the wall where they can
be connected to the network. Using Yagi antennae you could shoot down the aisles,
covering an aisle and a portion of two other aisles. Overlap the coverage such that the
entire warehouse is covered. The signal may bounce off the metal walls at the far end of
the warehouse and fill in the dead spots created by the shelving.
10-38 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.2.7 Antenna Splitters
Figure 1:
WRONG!
Freezer
OK
OK
Remember that the APs can use antenna diversity. While using antenna diversity the AP
uses one antenna or the other, but never both ! Do not try an attach one antenna to each
connector and place one inside the freezer and the other outside the freezer. This would
not be an effective solution. In the example in Figure 1, using the antenna splitter, the
diversity antenna feature might be disabled. Otherwise, two splitters and four antennae
would be needed.
Figure 1:
low may require expensive heated enclosures to protect the APs. An alternative may be
to use an antenna splitter. By using a splitter, the AP can be mounted outside the freezer
with one antenna providing an area of coverage outside the freezer and the other antenna
providing coverage inside the freezer. Beyond the savings to the customer from not
having to buy the expensive heated enclosure, you save him having to pay for the
extensive time it would take to install cable and power inside the freezer. Installing this
type of equipment while wearing a sub-zero suit and heavy gloves can take a quite a bit
of time and be very expensive.
10-40 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.2.9 Multi-Floor Survey
Figure 1:
AP 4
AP 3
AP 2
AP 1
Special caution needs to be taken when surveying multi-floor facilities. APs on different
floors may be able to interfere with each other as easily as APs located on the same floor.
It is possible to use this to your advantage during a survey. Using larger antennae, it may
be possible to penetrate floors and ceilings and provide coverage to floors above as well
as below the floor where the AP is mounted. In the example in Figure 1, a four story
office complex needed to be covered. A single AP would not cover an entire floor.
Mounting two APs on each floor would be expensive and might present a problem with
APs on the same channel overlapping. The problem was solved by using patch antennae
on the APs. Because the patch antenna is semi-directional, there was enough coverage
from each AP to cover most of one floor and a portion of the floors above and below it.
By mounting APs on alternating floors and at opposite ends of the building, the SE was
able to achieve the desired coverage with only four APs.
Figure 1:
Trauma Room
No coverage
Sometimes there will be areas within a site that cannot be covered. In the example shown
here, we are looking at a trauma room in a hospital. The surrounding Emergency room is
covered. The Emergency room has drop tile ceilings, sheetrock walls, a tiled linoleum
floor, and presents very little challenge.
A patient may be brought into the trauma room and x-rays taken there. However, the
trauma room has heavy wooden doors, a hard cap ceiling, concrete walls, and a poured
concrete floor which are lead-lined to protect the surrounding ER.
In the example in Figure 1, there is no coverage whatsoever in the trauma room. The
trauma room is designed to be extremely sterile and the hospital did not want exposed
wiring and APs in the trauma room. Because of this, the hospital’s application was
redesigned to accommodate the occasional disconnect. The application was changed such
that during periods of disconnect, the node would store all the data as a batch unit, and
then send the data once connectivity was reestablished.
10-42 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.2.11 Interference and RF Propagation
Figure 1:
Cardboard Paper
Wood Firewalls
Microwave Fluorescent
Electrical Lighting
Ovens
Transformers
Figure 3: RF Propagation
10-44 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
During your survey you may find that the coverage from an AP is not be what you
expect. You may have surveyed a number of APs already in the facility and have some
idea of the average size of an AP’s cell. But for some reason, the cell you are currently
surveying seems small. Always try and mount the antennae in an open area for best
signal propagation.1 Look for objects that may be affecting the RF signal. There are a
number of objects that can cause interference.
Some of the objects that may have a detrimental effect on your signal are:2
• Cardboard, wood, or paper (which may contain a lot of moisture)
• Walls fabricated from “chicken wire” and stucco
• Filing cabinets
• Firewalls
• Metal
• Concrete
• Transformers
• Refrigerators
• Heavy-duty motors
Always attempt to mount the AP and antennas as far away from these items as possible.
Figure 1:
In this section, we have shown you how to get started performing a site survey. We have
pointed out some of the areas that may give you trouble and introduced various methods
and approaches for surveying different types of facilities. Now it is up to you to work
with the equipment and gain the experience you need to become a professional site
survey engineer. You will start this process in the next section.
You will be given the opportunity to survey the facility around you. While doing this,
remember, there are always going to be others around you, going about their day-to-day
business while you are trying to survey. Do your best not to disturb these people while
you do your work. This applies in your facility as well as every other facility you will
ever survey.
Lab
10-46 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.3 Mounting and Installation
10.3.1 Concerns
Figure 1:
When you have decided where the APs will be mounted, you will then have to decide
how the APs will be mounted.1 Much like mounting the AP for a site survey, there are
an infinite number of ways to hang the AP using a variety of resources. The section will
cover most of the common methods for mounting APs and some of the general concerns
associated with mounting an AP and the antenna.
Figure 1: AP Mounting
• APs have
two slide
mount holes 340
• Make sure AP
is securely
mounted
10-48 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
Figure 4: Beam Mounting
• Zip ties
• 2x4 secured with beam clamps
• Mounting bracket secured with
beam clamps
• Mount antenna in same
position they were surveyed
340 AP—The Cisco 340 series APs do not ship with a mounting bracket. The APs have
two slide-mount holes for mounting.1 These holes can be used for any surface where it is
possible to mount two mounting screws. Screws drilled into concrete will be fairly stable
and should provide a secure mount for the AP if done properly. Drywall or wood may be
less secure. It is recommended that all APs be mounted with extra measures to ensure the
safety and continued operation of the AP. A proper mount for the AP means less chance
of down time. Loss of connectivity means lost time to the workers.
Column Mounting—Mounting brackets are available from third parties.2 A simpler, but
less secure solution, is to fashion some sort of mount. This can be done using many of the
same items you carry in your site survey kit. Here are some ideas:
• When mounted on a pole or column, the AP can be zip tied to the pole or column.
Use heavy-duty zip ties. Heavy-duty zip ties can be as wide as half an inch. If
using these zip-ties, make sure not to cover up the indicator lights on the AP.
• In the diagram in Figure 2, the AP is mounted in what appears to be an upside-
down position. This position allows the indicator lights for the Ethernet port to be
seen from the floor.
• Whenever possible, APs should be labeled with the Name, IP address, Channel
and SSID. The letters need to be easily readable from the floor in the event that
the AP requires troubleshooting.
If the column is too large for zip-ties, another option is to mount a short piece of a 2x4 to
the column. 3 This can be done by using screws or bolt to attach the wood to the column.
Another option is to use a silicone or glue to mount the board to the column, like Liquid
Nails. DO NOT USE THE LIQUID NAILS TO MOUNT THE AP DIRECTLY TO THE
COLUMN! In the event that the AP needs to be removed or replaced, it will typically be
destroyed.
When mounting to a rafter or beam, the AP may be zip tied to the rafter or beam. 4 In
some cases, it is not possible to wrap a zip tie around the rafter or beam. If this is the
case, you may use the piece of 2x4, secured to the beam with beam clamps. You may also
use a beam clamp to secure a mounting plate to the beam and then attach the AP to the
mounting plate.
Always make sure that the 2x4 is securely mounted to the structure before mounting the
AP. If surveying with the “rubber ducky” antennae, make sure to survey with them in the
position they will be mounted. In the examples shown on this page and the prior two
pages, the antennae would be pointing straight down. There are different coverage
patterns above and below the antenna. If you survey with the antenna in one position and
mount it in another position, your coverage may be different than what you expect.
10-50 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.3.3 Antenna Mounting
Mast Patch
Mount
Figure 2:
Every AP will have an antenna attached to it. Most antennae are either shipped with a
mounting bracket or a mounting bracket is available as an option.1 The challenge is that
most antennae are designed to be mounted in a certain way. A 5.2 dBi mast mount
antenna is designed to mounted to a mast and is shipped with the hardware to mount the
antenna to a mast. In order to mount the antenna to an I-beam, you may need some
ingenuity. Standoff brackets are available, but these are not designed to be mounted to an
I-beam, either. Some installers use zip ties, beam clamps, or bolts to attach the standoff
brackets to I-beams and then mount the antenna to the bracket. If you intend to use a
mast mount antenna indoors, make sure it is mounted as shown above. The antenna is
intended for outdoor use and designed to be mounted with the metal sleeve on the
bottom. For indoor use, invert the antenna. Be creative. Modified brackets can be used
for a variety of antennae.
Just as with the APs, always make sure that your antenna has a secure, solid mount.2
Make sure that the antenna will hang properly when mounted to the base. If you surveyed
with the antenna in a vertical orientation and it is mounted to an insecure base, it may
hang at a 45 degree angle, changing the coverage pattern. Do not hang antennae by their
cables. The cable is not designed for this and may eventually break or suffer internal
damage that cannot be seen. Another reason not to hang antennae by cables is that this
would change the coverage cell. Also, the antennae may sway when the air conditioning
comes on, providing a moving coverage cell.
10-52 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.3.4 Power
Figure 1: AP Power
• Be able to identify
breaker boxes by
type and brand
• Allows you to specify
which breaker box
will power the AP
• Be able to identify “Square D” breaker box
available breakers
All APs require power to operate.1 You should provide details in your report about how
and where the APs will tap into the electrical system. APs should be powered from a 24
hour, input power source breaker. This may be shared, but a dedicated source is
preferred.
Familiarize yourself with various types and brands of electrical equipment.2 You do not
need to be an expert on these, but should be able to identify them. This will allow you to
be very specific in your report when detailing where the AP will get it’s power from. For
example, you report may state that “AP #4 will receive power from the Square D box on
the North wall of the Shipping Area. Distance from the Square D box to the AP was
estimated at 145 feet.”
By defining the location and brand of the breaker box, the electrician will be able to
easily identify the box and install the associated wiring. Also be familiar enough with the
breaker panels to identify if there are available breakers or if the breaker is full. If you
specify a specific box to be used and there are no available breakers, this could present a
problem, especially if your report is used to generate a quote for the electrical work.
Electrical workboxes should be mounted face up such that the weight of the AP
transformer can rest on the faceplate.3 The transformer should then be secured to the
faceplate or workbox using zip ties. Do not mount equipment to electrical conduit,
plumbing, or ceiling supports. This is usually a code violation. There could also be a leak
in the plumbing, or extreme temperatures in the pipe.
Conduit could become electrified in the event of an electrical short, and the electrical
wiring in the conduit is a good source of EMF. Mount the equipment as far away from
these as possible.
10-54 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.3.5 NEMA Enclosures
• NEMA type 2, 4, 4x
most commonly used
for WLAN equipment
• Can be purchased
through local hardware
distributors
• Do not come equipped
for WLAN equipment
Mounting plate
with standoffs
Electrical
Workbox Bulkhead Extender
(Part #AIR-ACC2537-018
[18 inch], AIR-ACC2537-
060 [60 inch])
External Antenna
Connector
Figure 5:
Sometimes APs may be located in areas where they are subject to extreme moisture,
temperatures, dust and particles. These APs may need to be mounted inside a sealed
enclosure. These enclosure are generally referred to as “NEMA enclosures”. 1 NEMA
stands for National Electronics Manufacturers Association. NEMA has a rating system
for these enclosures. The ratings are as follows:
• Type 1—Intended for indoor use primarily to provide a degree of protection
against (hand) contact with enclosed equipment. Usually, a low cost enclosure but
suitable for clean and dry environments.
• Type 2—Intended for indoor use primarily to provide a degree of protection
against limited amounts of falling dirt and water.
10-56 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
• Type 3—Intended for outdoor use primarily to provide a degree of protection
against windblown dust, rain, and sleet; undamaged by ice which forms on the
enclosure.
• Type 3R—Intended for outdoor use primarily to provide a degree of protection
against falling rain and sleet; undamaged by ice which forms on the enclosure.
• Type 4—Intended for indoor use primarily to provide a degree of protection
against windblown dust and rain, splashing water, and hose directed water;
undamaged by ice which forms on the enclosure.
• Type 4X—Intended for indoor or outdoor use primarily to provide a degree of
protection against corrosion, windblown dust and rain, splashing water, and hose
directed water; undamaged by ice which forms on the enclosure.
• Type 6—Intended for indoor or outdoors which occasional temporary submersion
is enclosed.
• Type 6P—Intended for indoor or outdoors which occasional prolonged
submersion is encountered. Corrosion protection.
• Type 12—Intended for indoor use to provide a degree of protection against dust,
falling dirt, and dripping non-corrosive liquids.
• Type 13—Intended for indoor use primarily to provide a degree of protection
dust, spraying of water, oil, and non-corrosive coolant.
The NEMA enclosures most often used for wireless networking products are Type 2, 4,
and 4X.2 Some specific requirements might require Type 12 or 13.
These types of enclosures can be purchased through local hardware and electrical supply
stores. Unfortunately, when purchased through these types of supply stores, the NEMA
enclosure is little more than a sealed box. There are no external antenna connectors, no
internal mounting standoffs, and no internal power supply. 3
Almost no NEMA enclosure is available off the shelf with an internal power supply.
Mounting for the AP inside the enclosure can be fashioned just as you would when
mounting an AP without an enclosure. Power will have to run to the enclosure and an
electrical workbox (plug) installed inside the enclosure. In order to attach an external
antenna (an antenna mounted inside the box is not very effective), a bulkhead extender
will need to be installed. This is a simple connector that connects to the AP inside the
enclosure and provides an antenna connector on the outside of the enclosure. Make sure
that any holes drilled into the box are sealed. If even one hole is left unsealed then the
integrity of the enclosure has been compromised. Antenna connectors should be mounted
to the bottom of the enclosure to provide as much protection from dripping condensation
as possible. It is also a good idea to seal the antenna connection with a product like Coax
Seal. 4
Pre-fabricated NEMA enclosures with antenna connectors, standoff brackets, and surge
protectors are available from third parties.5 They are more expensive than a standard
NEMA enclosure, but provide better protection for the AP and can save either you, your
customer, or the installer a great deal of time and trouble. Special NEMA enclosures are
also available that are temperature controlled and make use of solar panels to power the
equipment. Make sure that if you use a NEMA enclosure it is securely mounted. A
10-58 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.4 Accessories
10.4.1 Antenna Extension Cables
Cable Length 20 ft. (6m) 50 ft. (15m) 75 ft. (23m) 100 ft. (30m)
In this section, some of the accessories that are available for use with the Cisco Aironet
series products will be covered. These accessories are designed to be used for special
applications and are not meant for general use. Again, in an in-building LAN, installing
another AP is often the best solution. Know how these accessories are intended to be
used, and understand their limitations. This will allow you to decide, when, if, and where
you may want to use them.
Sometimes it may not be able to mount the antenna to the AP using its existing
connecting cable.1 Use of these extension cables will result in signal loss. You suffer a
loss of about 1dB for every connection. For example, an antenna extension cable will
have to be connected to the AP (1dB loss) and to the antenna (1dB loss). This results in
2dB of loss without even considering the cable itself.
Current extension cables available from Cisco have approximately 4.7dB of loss per 100
feet.2 These cables are Belden 9913, and the total loss for a 100 foot extension cable is
estimated at 6.7dB, including cable loss and connector loss.
Keep this loss in mind if you are considering using an extension cable.
It is not recommended that you use the 100 foot extension cable with the 340 series
products. The reason is that there are virtually no antennae that would be used indoors
that could suffer this amount of loss and still be effective. Any antennae with less than
7dB of gain would be completely ineffective if used with the 100 foot cable. A better
idea is to run the Cat 5 cable to the antenna location and mount the AP as close to the
antenna as possible. In the event that you must use an antenna extension cable, use only
as much extension cable as you need.
The cables are available in 25, 50, 75, and 100 foot lengths.3 These cables fit most needs.
If you need a specific size cable you have one of two options.4 You can purchase the
Cisco cable and excess connectors, allowing you to cut the cable to the desired length and
then re-crimp a connector. Or you can purchase a length of 9913 cable, purchase the
RPTNC connectors, and manufacture your own cable. Many installers buy the cables
from Cisco, cut them in half, and crimp a new connector on each section, giving them
two equal length cables with a minimal amount of work. For very long distances (in
10-60 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
excess of 75 feet), you may want to consider a different type of cable with a lower loss.
One such cable would be LMR400. This has a much lower loss than the 9913 (2.4 dB vs.
4.7dB) and can still use the 9913 style connectors available through Cisco. Cisco does
not offer an LMR400 extension cable (yet).
Cisco offers the RPTNC connectors for 9913 and RG-58 cables.1 Do not attempt to use
RG-58 cable for an extension cable. The amount of loss in this type of cables renders it
useless as an extension cable. The RG-58 connectors are available in case the original
connector on an antenna is damaged and needs to be replaced. Most Cisco antenna
connection cables are RG-58.
Some installers try to substitute extension cables with an N-style connector. These are
widely available. An RG-58 “jumper” is used to connect to the AP and antenna.
Although the extension cables with the N-style connectors are more widely available, and
possibly less expensive, this solution would not be worthwhile in the long run. The
jumper cables will have an RPTNC connector on one end and an N-style connector on
the other. One jumper is needed for connection to the AP, and another for the antenna.
This results in a loss of as much as 5dB or more.
10-62 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.4.3 Splitters
The use of a splitter for certain applications was discussed earlier. Splitters certainly
have their place and can be very useful if installed properly.1 But you need to understand
the ramifications of installing a splitter. Most splitters use N-style connectors. This is
because very few splitters are designed for WLAN equipment. Also, most splitters
available today are for use with broadband equipment, much of which uses N-style
connectors. N-style splitters are implemented with WLAN equipment by making use of
jumper cables. These jumper cables are 9913, not RG-58. Three jumpers are used with
the splitter. A three foot jumper connects the AP to the splitter. Then two longer jumpers
(usually 15-20 foot) are used to connect the antennae to the splitter.
The splitter will add about 4db of loss.2 If you manufacture your own cables and they
are longer than the supplied cables, then the loss will increase (depending on what type of
cable you use). A 4dB loss is a general guideline when deciding if the use of a splitter
will be appropriate. See the technical specifications of your specific splitter for exact
measurements. Each antenna connected to the splitter suffers the 4dB loss. This means
This ruling applies to outdoor, point-to-point links more than it does to an internal
WLAN. The ruling is designed to keep installers from adding an amplifier and interfering
with other Part 15 products. But it may still apply indoors as well. For example, many
department stores are located in shopping malls. Many department stores use WLAN
equipment. If you installed an amplifier in one of these stores and it interfered with
another store’s system, this would be a problem. A steel mill located outside of a city
with nothing else around it would probably not have the same concerns. Be aware of the
ruling and be aware of other systems in the area that you may be infringing upon when
deciding if an amplifier is needed. In indoor applications, another AP is a better solution
than an amplifier.
10-64 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.4.4 Amplifiers
Figure 1: Amplifiers
This ruling applies to outdoor, point-to-point links more than it does to an internal
WLAN.2 The ruling is designed to keep installers from adding an amplifier and
interfering with other Part 15 products.2 But it may still apply indoors as well. For
example, many department stores are located in shopping malls. Many department stores
use WLAN equipment. If you installed an amplifier in one of these stores and it
interfered with another store’s system, this would be a problem. A steel mill located
outside of a city with nothing else around it would probably not have the same
concerns. Be aware of the ruling and be aware of other systems in the area that you may
be infringing upon when deciding if an amplifier is needed. In indoor applications,
another AP is a better solution than an amplifier.
10-66 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.4.5 Lightening Arrestors and Grounding Systems
Section 250-52 Made Electrode (Ground Rod)—Where none of the electrodes listed in Section
250-50 are available, then a “made electrode” consisting of ½ inch copper clad or 5/8th inch
galvanized (or larger) rod driven 8 feet vertically in the soil may be used. But if the ground
resistance of a single “ground rod” is greater than 25 ohms, then a second “ground rod” must be
i ll d h i l h 6f db h d d b b d d h ih 6
Lightning protection requirements are based on the exposure at the site, the cost of link
down-time, and local building and electrical codes. If the link is critical, and the site is in
10-68 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
an active lightning area, attention to thorough lightning protection and grounding is
critical.
It is important to protect against static electricity as well.1 The best method to protect the
wired LAN and AP from any lightening damage is to place a 1 meter segment in between
an external antenna and the AP or Bridge as shown in Figure 2. Notice that a lightening
arrestor is used in this scenario as well.
The Cisco Aironet lightning arrester is designed to protect Cisco Aironet spread-spectrum
WLAN devices from static electricity and lightning surges that travel on coaxial
transmission lines.3 The lightning arrester comes complete with the reverse polarity TNC
(RP-TNC) connectors used on all Cisco Aironet antennas and RF devices meeting FCC
and DOC regulations. The Cisco Aironet lightning arrester prevents energy surges from
reaching the RF equipment by shunting the current to ground. Surges are limited to less
than 50 volts, in about 0.0000001 seconds (100 nano seconds). A typical lightning surge
is about 0.000002 (2 microseconds). The accepted IEEE transient (surge) suppression is
0.000008 seconds (8 microseconds). A lightning arrestor has two main purposes:
• To bleed off any high static charges that collect on the antenna helping prevent
the antenna from attracting a lightning hit
• To dissipate any energy that gets induced into the antenna or coax from a near
lightning strike
A lightening arrestor is designed to protect LAN devices as well, however lightening has
amazing capabilities and is virtually impossible to truly isolate the damage.
Always make sure that outdoor antennas, building mounts and towers are grounded
properly. This should be done by a licensed electrician and should follow the National
Electric Code (NEC) guidelines.4 Some grounding systems which are currently used are
grounding rods and grounding concrete. This process is not always straight forward to
install as it seems and requires earth resistance measurement. Generally, the earth’s
ground resistance should not exceed 25 ohms and many times needs to be below 5 ohms.
Failure to provide this will result in line surges through the premise wiring causing
electrical shock and fires.
Web Resources
http://www.saeinc.com
http://www.groundingsystems.com/
http://www.bicsi.org/fall998.htm
10-70 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
Figure 3: Antenna Safety
Installation Guidelines—Because antennas transmit and receive radio signals, they are
susceptible to RF obstructions and common sources of interference that can reduce
throughput and range of the device to which they are connected. Follow these guidelines
to ensure the best possible performance:
In order to achieve these guidelines for site-to-site deployment, roof, wall and tower
mounted antennas will be required.1 Cisco provides some mounting hardware ranging
from screws and templates to mounting brackets.2 Refer to the specific mounting
documentation which is included with the antenna. Additional roof and wall mounts
accessories can be procured through 3rd party vendors. When your site survey calls for a
tower mount, many times this job will be sub-contracted out.
Web Resources
http://www.trylon.com
10-72 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.5 Documentation
10.5.1 Documenting the WLAN Design
This section starts by providing advice on responding to a customer's request for proposal
(RFP), and concludes with information on writing a design document when no RFP
exists. At this point in the design process you should have a comprehensive design that is
based on an analysis of your customer's business and technical goals, and includes both
logical and physical components that have been tested and optimized. The next step in
the process is to write a design document.
A design document describes your customer's requirements and explains how your design
meets those requirements. It also documents the existing network, the logical and
physical design, and the budget and expenses associated with the project.
It is also important that a design document contain plans for implementing the network,
measuring the success of the implementation, and evolving the network design as new
application requirements arise. The network designer's job is never complete. The process
of analyzing requirements and developing design solutions begins again as soon as a
design is implemented. Figure 1 shows the cyclical nature of the network design process.
In addition to being cyclical, network design is also iterative. Some steps take place
during multiple phases of a design. Testing occurs during the design-validation phase and
also during implementation. Optimization occurs while finalizing the design and also
after implementation during the network- monitoring phase. Documentation is an
ongoing effort. Documentation that is completed before the implementation stage can
10-74 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.5.2 Request for Proposal
An RFP lists a customer's design requirements and the types of solutions a network
design must include.1 Organizations send RFPs to vendors and design consultants, and
use the responses they receive to weed out suppliers that cannot meet requirements. RFP
responses help organizations compare competing designs, product capabilities, pricing,
and service and support alternatives.
Every RFP is different, but typically an RFP includes some or all of the following topics
listed in Figure 2.
Some organizations specify the required format for the RFP response. If this is the case,
your initial design document should follow the customer's prescribed format and structure
precisely. Organizations that specify a format may refuse to read responses that do not
follow the requested format. In some cases, the customer may request a follow-up
document where you can provide more detailed information on your logical and physical
network design.
Some RFPs are in the form of a questionnaire. In this case, the questions should drive the
proposal's organization. Embellishments that focus on key requirements and the selling
Despite the fact that a response to an RFP must stay within the guidelines specified by the
customer, you should nonetheless use ingenuity to ensure that your response highlights
the benefits of your design. Based on an analysis of your customer's business and
technical goals, and the flow and characteristics of network traffic, write your response so
the reader can easily recognize that the design satisfies critical selection criteria.
When writing the response, be sure to consider the competition. Try to predict what other
vendors or design consultants might propose so you can call attention to the aspects of
your solution that are likely to be superior to competing designs. In addition, pay
attention to your customer's "business style." Remember the importance of understanding
your customer's biases and any "office politics" or project history that could affect the
perception of your design.
10-76 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.5.3 Network Design Document—Executive Summary, Goal and Scope
Figure 1:
Contents of a Network Design Document
• Executive Summary
• Project Goal
• Project Scope
• Design Requirements
o Business Goals
o Technical Goals
o User Communities and Data Stores
o Network Applications
• Current State of the Network
• Logical Design
• Physical Design
• Results of Network Design Testing
• Implementation Plan
• Project Budget
o Return on Investment
• Design Document Appendices
• Summary
Contents of a Network Design Document—When your design document does not have to
follow a format dictated by an RFP, or when a customer requests a follow-up document
to a basic RFP response, you should write a design document that fully describes your
network design. The document should include the logical and physical components of the
design, information on technologies and devices, and a proposal for implementing the
design.1 The following sections will describe the topics that should be included in a
comprehensive design document.
Although the Executive Summary can include some technical information, it should not
provide technical details. The goal of the summary is to sell the decision-makers on the
business benefits of your design. Technical information should be summarized and
organized in order of the customer's highest-priority objectives for the design project.
Project Goal—This section should state the primary goal for the network design project.
The goal should be business-oriented and related to an overall objective that the
organization has to become more successful in its core business. The Project Goal section
Project Scope—The Project Scope section provides information on the extent of the
project, including a summary of the departments and networks that will be affected by the
project. The Project Scope section specifies whether the project is for a new network or
modifications to an existing network. It indicates whether the WLAN design is for a
single network segment, a set of LANs, a building or campus network, a set of site-to-site
WLANs or remote-access networks, or possibly the whole enterprise network.
The scope of the project might intentionally not cover some matters. For example, fixing
performance problems with a particular application might be intentionally outside the
scope of the project. By stating up front the assumptions you made about the scope of the
project, you can avoid any perception that your solution inadvertently fails to address
certain concerns.
10-78 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.5.4 Design Requirements
Design Requirements—Whereas the Project Goal section is generally very short, the
Design Requirements section is your opportunity to list all the major business and
technical requirements for the network design. The Design Requirements section should
list the goals in priority order. Critical goals should be marked as such.
Business Goals—Business goals explain the role the network design will play in helping
an organization provide better products and services to its customers. Executives who
read the design document will be more likely to accept the network design if they
recognize from the Business Goals section that the network designer understands the
organization's business mission. Many network designers have a hard time writing the
Business Goals section because they are more interested in technical goals. However, it is
critical that you focus your network design document on the ability of your design to help
a customer solve real-world business problems.
10-80 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
Most businesses embark on a network design project to help them increase revenue,
reduce operational costs and inefficiencies, and improve corporate communications.
Other typical goals include building partnerships with other companies and expanding
into worldwide markets. At this point in the network design process you should have a
comprehensive understanding of your customer's business goals and be able to list them
in the design document in priority order.
Technical Goals—The Technical Goals section documents the following goals shown in
Figure 1. The Technical Goals section should also describe any tradeoffs the customer is
willing to make. For example, some customers might indicate that affordability can be
sacrificed to meet strict availability goals, or usability can be sacrificed to meet strict
security goals. Including a chart that categorizes the comparative weights of goals can
help the readers of a network design document understand some of the design choices
that were made.
User Communities and Data Stores—This section lists major user communities,
including their sizes, locations and the principal applications they use. You can use the
table shown in Figure 2 to summarize information about user communities. This section
should also list major data stores (servers and hosts) and their locations. Use the table in
Figure 3 to summarize information about data stores.
Current State of the Network—This section briefly describes the structure and
performance of the existing network. It should include a high-level network map that
identifies the location of major internetworking devices, data-processing and storage
systems, and network segments. The high-level map should document the names and
addresses of major devices and segments, and indicate the types and lengths of principal
network segments. For very large internetworks, two or three high-level maps might be
necessary. Detailed maps, however, should be placed in the Appendix rather than in this
section.
The network maps should include logical as well as physical components, for example,
the location and reach of any Virtual Private Networks (VPNs), virtual LANs (VLANs),
firewall segments, server clusters, and so on. The maps should also characterize the
logical topology of the internetwork and the networks that make up the internetwork.
Network drawings, or text associated with drawings, should indicate whether networks
are hierarchical or flat, structured or unstructured, layered or not, and so on. They should
also indicate network geometry, for example, star, ring, bus, hub and spoke, or mesh.
The documentation of the current state of the network also briefly describes any
strategies or standards your customer uses for network addressing and device naming. If
the customer uses (or plans to use) address-summarization techniques, for example, this
should be indicated in the design document.
A major portion of the "Current State of the Network" section of the network design
document should be dedicated to an analysis of the health and performance of the present
network.
10-82 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
Detailed reports (for example, one-minute network utilization charts) can be placed in the
Appendix of the design document to avoid overwhelming the reader with too much
information at this stage. It is important that the reader be able to quickly reach the
Logical Design and Physical Design sections of the document, as those sections contain
the essence of your design proposal.
Logical Design—The Logical Design section documents the following aspects of your
network design as shown in Figure 1. Not all designs include all these components.
Based on your customer's requirements, you should recognize whether it is necessary to
address all the issues included in the preceding list in your network design document.
Physical Design—The Physical Design section describes the features and recommended
uses for the technologies and devices you selected to implement the design. It can include
information for campus networks, remote-access and wide area networks. This section
can also include information about any service providers selected.
If appropriate, the Physical Design section should include information on the pricing for
network devices and services. Sometimes pricing is negotiable and is not appropriate to
include in the design document. In most cases, however, customers expect to see product
and service pricing in the design document.
The Physical Design section should also contain information on the availability of
products. If your design recommends products that are not yet shipping, you should
document a predicted ship date, as provided by the product vendor.
10-84 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
Results of Network Design Testing—This section describes the results of the testing that
you did to verify your network design. It is one of the most important portions of the
design document because it gives you a chance to prove to your customer that your
design will likely meet requirements for performance, security, usability, manageability,
and so on. You can describe any prototype or pilot systems that you implemented and the
following testing components:
• Test objectives
• Test acceptance criteria
• Testing tools
• Test scripts
• Results and observations
In the Results and Observations segment, be sure to include any optimization techniques
you recommend be applied to the design to ensure that it meets requirements. Based on
the results of your testing, you might recommend mechanisms for minimizing broadcast
and multicast traffic, advanced features for meeting quality of service (QoS)
requirements, and sophisticated router switching and queuing services.
• A project schedule
• Plans with vendors or service providers for the installation of links,
equipment, or services
• Plans or recommendations for outsourcing the implementation or
management of the network
• A plan for communicating the design to end users, network
administrators, and management. This section can also explain how
implementation progress will be communicated (possibly via regularly-
scheduled status meetings or e-mail messages).
• A training plan for network administrators and end users
• A plan for measuring the effectiveness of the design after it has been
implemented
• A list of known risks that could delay the project
• A fallback plan if the network implementation fails
• A plan for evolving the network design as new application requirements
and goals arise
Date of completion
Milestone
June 1 Design completed and beta version of Design Document distributed to key executives,
managers, network administrators, and end users
July 20 Feedback received on pilot from network administrators and end users
August 10 Feedback received on Buildings 2-4 implementation from network administrators and end
users
If you are a member of an Information Systems (IS) department that is responsible for the
design and implementation of the new network, then this section should be quite detailed.
If you are a sales engineer for a vendor of networking products, on the other hand, your
role is probably to recommend solutions but not implement them, so this section should
be short. (You should avoid appearing as if you are telling your customers how to do
their jobs.)
The following topics in Figure 1 are suitable for the Implementation Plan:
Project Budget—The Project Budget section should document the funds the customer has
available for equipment purchases, maintenance and support agreements, service
contracts, software licenses, training, and staffing. The budget can also include consulting
fees and outsourcing expenses.
Return on Investment—In many cases the best way to sell a customer on a new network
design is to convince the customer that the design will pay for itself in a reasonable time
period. The network design document can include a return-on-investment (ROI) analysis
that explains how quickly the design or new equipment will pay for itself.
Following is an example of an ROI that was completed for a school system, School
System ABC. The goal of this ROI analysis was to prove to the customer that the
recommended WLAN equipment will pay for itself very quickly because it will allow the
customer to eliminate most of required T1 lines, and thus reduce the cost of leasing those
lines from the local phone company.
ROI Analysis for School System ABC—School System ABC is considering spending
$1 million on new WLAN equipment for 50 schools within a 10 mile radius.
If School System ABC does not spend the $1 million on equipment and instead puts the
money into other investments for five years, School System ABC can earn approximately
5 percent interest, and the original $1 million would be worth $1.05 million. This means
that the investment in the equipment should actually be considered $1.05 million.
An assumption was made that the WLAN equipment will have a 5-year life span before it
is obsolete. So, the cost per year for owning the equipment was calculated as $1.05
million divided by 5, or $210,000. The cost per month for owning the equipment is
$210,000 divided by 12, or $17,500.
The cost of operating the old network must be compared to the cost of operating the new
network. The new design will make it possible for Customer ABC to eliminate 50 T1
lines. Each line costs School System ABC $1,500 per month. This means that 20 lines
cost $60,000 per month, which is $720,000 per year. 5 years would cost $3.6 million in
line charges.
The savings to School System ABC with the new network design is $42,500 per month.
Over 5 years, there would be a savings of $2.55 million. Many schools can even write
grants or receive E-rate funds to help offset the initial investment.
10-88 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.5.10 Appendix and Summary
If necessary, the appendix can include exact information on pricing and payment options.
Sometimes copies of purchase orders are included. The appendix can also contain legal
and contractual terms and conditions, and non-disclosure agreements. Some design
documents include information about the company presenting the design proposal,
including pages from annual reports, product catalogs, or recent press releases favorable
to the company. The goal of this type of information is to make sure the reader
understands that the company is qualified to develop and implement the proposed
network design. If appropriate, this section can include recommendations from other
customers for whom the company has provided a solution.
The design document should include an executive summary and a primary project goal. It
should also document the network topology, any addressing and naming schemes you
designed, security recommendations, and information about protocols, technologies, and
products. Results of your network design testing can be included to convince your
customer of the validity of your design.
It is also important that a design document contain a plan for implementing the network
and measuring the success of the implementation. The plan should recommend network
management and monitoring processes that can confirm that the implementation meets
requirements for performance, availability, security, manageability, usability, and
affordability.
The plan should also mention a process for evolving the network design as new
application requirements arise. Enterprise networks continue to change at a rapid rate as
organizations increasingly rely on their networks to help them achieve critical business
goals. A network design must keep pace with new applications that let organizations
increase revenue, reduce operational costs, and communicate more effectively with
customers, business partners, and employees. Organizations that have not yet
implemented modern applications such as electronic commerce, IP telephony, WLANs
Vendors and standards bodies rapidly introduce new products and protocols to keep up
with changing requirements. By following a systematic design process, you can keep
pace with the evolving networking industry. With a focus on your customer's business
and technical goals, you can develop solutions that accommodate changing technologies
and requirements.
Many inexperienced network designers make the mistake of immediately jumping to the
design step of selecting vendors and products. This section has presented the benefits of
first analyzing requirements and traffic flows, and then developing a logical design,
followed by a physical design that specifies products and technologies. Using this
approach will strengthen your competency as a network designer, and promote the
success of your network design customers.
10-90 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.6 WLAN Site Survey Specifics and Project Management
10.6.1 Summary
• Be as specific as possible
• You are the surveyor;
you may not be the installer
• Report is protection for you
and your customer
• Date your report
Be as specific as possible in your report. Chances are that you will not be doing the
installation. Keep this in mind as you are writing your report. It should be clear, concise,
and easy to understand. You should think of the report as protection for both you and the
customer. In the event of a disagreement or problem, a good site survey report can prove
that you completed the site survey per the customer’s requirements at the time of the
survey. Put the date of the site survey on your report. An installer may be handed a site
survey report and asked to install the equipment. If there is a date on the survey that is a
number of months or years old he may question the survey’s integrity.
Even more important than the AP location, specify with as much exactitude as you can
where the antenna is to be located. “On the wall above the doorway” is not enough. “On
the wall above the doorway, two feet left of EXIT sign” might be a better explanation.
Do not use objects that may be temporary as markers. If the object has moved before the
installer arrives, he may not be able to find your location and may mount the antenna in
the wrong location.
• Parts List
– APs
– Antennae
– Accessories and network components
• Diagrams
• Photographs
10-94 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
• List contacts
– Name
– Company
– Address
– Phone & Fax
– E-mail
• List contacts for all companies involved.
Describe the facility, its construction, and its contents. Make mention of the square
footage. Discuss the tools you used to survey and how you performed the survey.
Describe the settings that you used in the survey, to include data rates, channels, packet
size, and thresholds. Talk about the coverage for each access point and detail the
coverage in an included diagram.
Also mark areas where there is no coverage needed. The customer could come back later
and tell you he wanted coverage in an area where he previously claimed he did not. If
you do not mark the areas where coverage is not needed (or describe them in the report)
you have no way of proving that you were instructed not to survey the areas for coverage.
Have the customer sign and return a copy of the report for your records.
Add sections that discuss proper mounting of the APs and antennae. Detail the
specifications for providing power to the APs and how the electrical workboxes should
be mounted. Discuss the proposed cabling runs (power and networking) including where
and how they will attach to each system.
List the system components. List the network media type and components that you
suggest connecting to. List the WLAN components that you are proposing for
installation. Discuss the network topology and planned implementation of the WLAN
topology. If the customer discusses future expansions or WLAN client upgrades with
you, explain his intent in your report, and any problems that the upgrades may propose.
Explain your objective for the site survey. What are the customer’s needs and
expectations?
Include a list of the parts that will be needed. Include the total number of APs for the
install and recommend that a spare be kept on hand in case of emergency. List the total
number of antennae needed. If possible, list network components that you have
proposed.
Some SEs go as far as to list the amount of network and power cabling that will be
needed for the job and make recommendations on the type of cabling to be used. Include
List the contacts for each of the companies involved. These may include manufacturer,
reseller, customer, and services companies. List names, addresses, phone and fax number,
and e-mail addresses. In this section were have suggestions on some of the items that
should be included in you site survey report. Each report you will do will be different
based upon your survey and your customer’s needs. Included is a site survey report of an
imaginary facility. This should give you a good idea of how a site survey report should
look and what kind of documentation you will be expected to produce.
10-96 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
10.6.4 Project Management
Project Management is a major undertaking. Some of the key points are listed below.
• Installer responsibilities:
o Project Management:
! Project manager is responsible for development of the
network implementation plan, participation in regularly
scheduled customer meetings, and gathering of customer
information
o Site survey:
! Perform site survey (limited to identification of possible
discrepancies between customer site specifications and
Cisco specifications)
! Provide customer with specifications for environmental aspects of
the location
! Provide a checklist of items that must be brought up to equipment
specifications
o Design review:
! Review the design document that will be used to build the
network and provide recommendations on technical
enhancements of the network design
o Configuration:
! Create configurations and document in the network
implementation plan
! Verify hardware, software, and firmware revisions, as needed
! Develop network ready for function test plan with customer input
! Develop project staging plan as part of the network
implementation plan
o Staging:
! Receive and inventory product at the staging site
! Assemble devices per the network implementation plan
! Load customer software configuration and test products per the
network implementation plan
! Package and ship product to each customer location, as needed
o Installation and test:
! Unpack, inventory, inspect, attach power cords, and apply
power to equipment
! Route and install ordered and provided cables that start and end in
the same rack. Install, configure and test products covered in the
scope of the statement of work
! Connect to available customer facilities (telecommunication
circuits, modems, dialup lines, and customer premise equipment
[CPE])
! Test equipment implementation per the network ready for function
test plan
10-98 Site Survey and Installation Copyright 2001, Cisco Systems, Inc.
2.1 802.11 Standard
2.1.1 Overview
• Benefits
o Interoperability
o Fast product development
o Stability
o Upgradability
Figure 2: o Cost reduction
Flash Animation: Show the wireless signal originate with brand A, received by
brand C & brand B. Maybe show some file transfer on the screen between each
laptop as the signals blink on. Purpose is to demonstrate 802.11 interoperability
in an BSS-Ad Hoc network.
Upon completion of this chapter, you will be able to perform the following
tasks:
Overview
This chapter will cover the basics of troubleshooting. You will begin by looking at
a methodology that breaks down the process of troubleshooting into manageable
pieces. This permits a systematic approach, minimizing confusion and cutting
down on time otherwise wasted with trial-and-error troubleshooting. Next, tools
used to troubleshoot a WLAN will be presented.
Figure 1:
11-2 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
Complex network environments mean that the potential for connectivity and
performance problems in network is high, and the source of problems is often
elusive. The keys to maintaining a problem-free network environment, as well as
maintaining the ability to isolate and fix a network fault quickly, are
documentation, planning, and communication. This requires a framework of
procedures and personnel to be in place long before any network changes take
place. The goal of this chapter is to help you isolate and resolve the most
common connectivity and performance problems in your network environment.
Once all of the protocols and product lines are stripped away, troubleshooting is
essentially an exercise in logic (keeping in mind that logic comes in both the
deductive and inductive flavors).1 Whenever you approach a network problem,
you should use some sort of problem-solving model—a logical step-by-step
method of converging toward a solution. The point should be made here that
network engineers don’t stop and open a handbook on troubleshooting
methodology when they get stuck – they work from their own personal skill set
and with their own troubleshooting methodology that they have developed over
time. The point is to minimize wasted time associated with erratic hit-and-miss
troubleshooting.
Deductive reasoning works from the more general to the more specific. 2 Sometimes this
is informally called a "top-down" approach. You begin with thinking up a theory about
the problem. Then narrow that down into more specific hypotheses that can be tested.
Next, you collect observations to address the hypotheses. This leads you to be able to test
the hypotheses with specific data -- a confirmation (or not) of our original theories.
On the other hand, inductive reasoning works the other way, moving from specific
observations to broader generalizations and theories.3 This can be called a "bottom up"
approach. With inductive reasoning, you begin with specific observations and measures.
Then you begin to detect patterns and regularities, which leads you to formulate some
Web Resources
Reasoning
http://trochim.human.cornell.edu/kb/dedind.htm
11-4 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
11.1.2 Symptom – Diagnosis – Solution
Figure 1:
Figure 2:
Step 1 When analyzing a network problem, make a clear problem statement. You should
define the problem in terms of a set of symptoms and potential causes.
To properly analyze the problem, identify the general symptoms and then ascertain what
kinds of problems (causes) could result in these symptoms. For example, hosts might not
be responding to service requests from clients (a symptom). Possible causes might include
a misconfigured host, bad interface cards, or missing router configuration commands.
Step 2 Gather the facts you need to help isolate possible causes.
Ask questions of affected users, network administrators, managers, and other key people.
Collect information from sources such as network management systems, protocol analyzer
traces, output from router diagnostic commands, or software release notes.
Step 3 Consider possible problems based on the facts you gathered. Using the facts you
gathered, you can eliminate some of the potential problems from your list.
Depending on the data, you might, for example, be able to eliminate hardware as a
problem, so that you can focus on software problems. At every opportunity, try to narrow the
number of potential problems so that you can create an efficient plan of action.
Step 4 Create an action plan based on the remaining potential problems. Begin with the
most likely problem and devise a plan in which only one variable is manipulated.
Changing only one variable at a time allows you to reproduce a given solution to a specific
problem. If you alter more than one variable simultaneously, you might solve the problem,
but identifying the specific change that eliminated the symptom becomes far more difficult
and will not help you solve the same problem if it occurs in the future.
Step 5 Implement the action plan, performing each step carefully while testing to see
whether the symptom disappears.
Step 6 Whenever you change a variable, be sure to gather results. Generally, you should
use the same method of gathering facts that you used in Step 2 (that is, working with the
key people affected in conjunction with utilizing your diagnostic tools).
Step 7 Analyze the results to determine whether the problem has been resolved. If it has,
then the process is complete.
Step 8 If the problem has not been resolved, you must create an action plan based on the
next most likely problem in your list. Return to Step 4, change one variable at a time, and
reiterate the process until the problem is solved.
Depending on the person or network group, the hardest part of the problem
comes after the problem is solved – documentation! A sample network diagram
serves as a focal point for the compiled documentation. Careful documentation
is a necessary process that will make your life easier in the long run, and more
importantly, the lives of your superiors and coworkers. In fact, this step should
be completed during the WLAN site survey and after the completed installation
and testing phase. Furthermore, the lack of documentation can be a contributing
factor in many problems in the first place, especially when staff do not have an
accurate view or status of the current or past network performance.
Documentation should provide clear communication to those who need the
information – this includes ease of access to the information to these individuals.
It should be made easy to update as well. Remember, documentation simplifies
network management and greatly reduces the time required for problem
resolution.
11-6 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
11.1.3 Scientific Method
Scientific Method:
1. Observe some aspect of the universe.
2. Invent a theory that is consistent with what you have observed.
3. Use the theory to make predictions.
4. Test those predictions by experiments or further observations.
5. Modify the theory in the light of your results.
6. Go to step 3.
11-8 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
3. Analyze data to come up with a possible solution to the problem.
4. Implement solution to network to attempt correction to the system.
5. If the problem isn't resolved, undo previous changes and modify data.
6. Go to step 3
Web Resources
Dartmouth College
http://thayer.dartmouth.edu/teps
Troubleshooters.com
http://www.troubleshooters.com/tuni.htm
Figure 1:
Network Protocols
Internet Protocol (IP)
Internetwork Packet Exchange (IPX)
AppleTalk (AT)
DECnet
Figure 2:
Routing Protocols
Routing Information Protocol (RIP)
Interior Gateway Routing Protocol (IGRP)
Open Shortest Path First (OSPF)
Enhanced IGRP (EIGRP)
Border Gateway Protocol (BGP)
AppleTalk Update-Based Routing Protocol (AURP)
11-10 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
o For each routed protocol, do you have correct, up-to-date router
configuration?
• Do you know which protocols are being bridged?
o Are there any filters configured in any bridges, and do you have a
copy of these configurations?
• Do you know all the points of contact to external networks, including any
connections to the Internet?
o For each external network connection, do you know what routing
protocol is being used?
• Do you have an established baseline for your network?
o Has your organization documented normal network behavior and
performance at different times of the day so that you can compare
the current problems with a baseline?
If you can answer yes to all questions, you will be able to recover from a
failure more quickly and more easily than if you are not prepared.
Figure 1:
Fault management steps
1. Detecting the problem symptoms.
2. Isolating the problem.
3. Fixing the problem automatically (if possible) or
manually.
4. Testing the fix on all the important subsystems.
5. Logging the detection and resolution of the
problem
11-12 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
Accounting Management—The goal of accounting management is to measure
network-utilization parameters so that individual or group uses on the network
can be regulated appropriately. Such regulation minimizes network problems
(because network resources can be apportioned based on resource capacities)
and maximizes the fairness of network access across all users.
When you must iterate another troubleshooting plan, your objective should be to
make continuous progress toward a smaller set of possibilities until you are left
with only one. Consider the following precautions during your next iteration:
Be sure to undo any "fixes" you made in the previous iteration that did not work.
Remember that you want to change only one variable at a time.
11-14 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
Consider the following guidelines when implementing an action plan:
• Keep track of exactly what you are testing.
• Try not to change too many variables at the same time.
• Make sure that what you implement does not make the problems worse or
add new problems.
• Limit as much as possible the invasive impact of your implemented action
plan on other network users.
• Minimize the extent or duration of potential security lapses during your
action plan implementation.
• Maintain a fall-back position (for example, a configuration file) to return the
network to a known previous state.
Consider the following issues as you observe the results of your action plan:
• If the problem has been resolved, then follow the steps to the exit point of
the iterative loop in the problem-solving model.
• If the problem has not been resolved, then you must use these results to
fine-tune the action plan until a proper solution is reached.
Once the problem seems to have stopped, the final step of the troubleshooting
model is to document how the problem was solved. Documenting your work
provides these benefits:
• It maintains a record of which steps you have already taken.
• It provides a back-off trail if it turns out that you must reverse the actions
you took.
• It establishes an historical record for future reference.
The OSI reference model describes how information from a software application
in one computer moves through a network medium to a software application in
another computer. The OSI reference model is a conceptual model composed of
seven layers, each specifying particular network functions. The model was
developed by the International Organization for Standardization (ISO) in 1984,
and it is now considered the primary architectural model for inter-computer
communications. The OSI model divides the tasks involved with moving
11-16 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
information between networked computers into seven smaller, more manageable
task groups. A task or group of tasks is then assigned to each of the seven OSI
layers. Each layer is reasonably self-contained, so that the tasks assigned to
each layer can be implemented independently. This enables the solutions offered
by one layer to be updated without adversely affecting the other layers. The
following list details the seven layers of the Open System Interconnection (OSI)
reference model:
The OSI model provides a logical framework and a common language used by
network engineers to articulate network scenarios. The “Layer 1”, “Layer 2”, etc.,
terminology is so common that most engineers don’t think twice about it any
more; this is similar to learning a foreign language – initially you have to think of a
word when you’re using it the first few times, but later it just rolls out of your
mouth.
The upper layers (5-7) of the OSI model deal with application issues and
generally are implemented only in software. The application layer is closest to the
end user. Both users and application-layer processes interact with software
applications that contain a communications component.
The lower layers (1-4) of the OSI model handle data-transport issues. The
physical layer and data link layer are implemented in hardware and software. The
other lower layers generally are implemented only in software. The physical layer
is closest to the physical network medium (the network cabling, for example), and
is responsible for actually placing information on the medium.
Figure 2: Troubleshooting—Layer 1
11-18 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
Figure 3: Troubleshooting—Layer 2
Figure 4: Troubleshooting—Layer 3
Layer 1 errors: 2
• broken cables
• disconnected cables
• cables connected to the wrong ports
• intermittent cable connection
• wrong cables used for the task at hand (must use rollovers, cross-
connects, and straight-through cables correctly)
• transceiver problems
• DCE cable problems
• DTE cable problems
• devices turned off
Layer 2 errors: 3
• improperly configured serial interfaces
• improperly configured Ethernet interfaces
• improper encapsulation set (HDLC is default for serial interfaces)
• improper clockrate settings on serial interfaces
Layer 3 errors: 4
• routing protocol not enabled
• wrong routing protocol enabled
• incorrect IP addresses
• incorrect Subnet Masks
• incorrect DNS to IP bindings
11-20 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
11.2.3 Layer 2 Specifics
Wireless bridges and access points are data communications devices that
operate principally at Layer 2 of the OSI reference model. As such, they are
widely referred to as data link layer devices. Several kinds of bridging have
proven important as internetworking devices. Transparent bridging is found
primarily in Ethernet environments, while source-route bridging occurs primarily
in Token Ring environments. Translational bridging provides translation between
the formats and transit principles of different media types (usually Ethernet and
Token Ring).
Bridges are not complicated devices. They analyze incoming frames, make
forwarding decisions based on information contained in the frames, and forward
the frames toward the destination.
Bridges are capable of filtering frames based on any Layer 2 fields. A wireless
bridge, for example, can be programmed to reject (not forward) all frames
sourced from a particular network. Because link-layer information often includes
a reference to an upper-layer protocol, bridges usually can filter on this
parameter. Furthermore, filters can be helpful in dealing with unnecessary
broadcast and multicast packets.
Figure 2:
11-22 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
Figure 3:
Suppose Host A sends a frame to Host B. Both bridges receive the frame and
correctly conclude that Host A is on Network 2. Unfortunately, after Host B
receives two copies of Host A's frame, both bridges again will receive the frame
on their Network 1 interfaces because all hosts receive all messages on
broadcast LANs. In some cases, the bridges will change their internal tables to
indicate that Host A is on Network 1. If so, when Host B replies to Host A's frame,
both bridges will receive and subsequently drop the replies because their tables
will indicate that the destination (Host A) is on the same network segment as the
frame's source.
If the bridge is connected to the wired LAN and is communicating with an access
point on the same LAN, a network problem known as a bridge loop can occur.
Avoid a bridge loop by disconnecting the bridge from the wired LAN immediately
A bridge loop can also occur if two or more bridges are connected to the same
remote hub. To prevent this bridge loop, always connect only one bridge to a
remote hub. Figure 3 shows the network configuration in which the loop occurs.
11-24 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
11.3 TCP/IP Troubleshooting
11.3.1 Overview
Figure 1:
Arp—Displays and modifies the Address Resolution Protocol (ARP) cache. This cache is a local
table used by Windows 2000 to resolve IP addresses to media access control addresses used
on the local network.
Hostname—Returns the host name of the local computer
Ipconfig—Displays the current TCP/IP configuration. Also used to manually release and renew
TCP/IP configurations assigned by a DHCP server.
Lpq—Obtains print queue status information from computers running Line Printer Daemon
(LPD) print server software
Nbtstat—Displays the local NetBIOS name table, a table of NetBIOS names registered by local
applications, and the NetBIOS name cache, a local cache listing of NetBIOS computer names
that have been resolved to IP addresses.
Netstat—Displays TCP/IP protocol session information.
Nslookup—Checks records, domain host aliases, domain host services, and operating system
information by querying DNS servers.
Ping—Verifies configurations and tests IP connectivity.
Route—Displays or modifies the local routing table.
Tracert—Traces the route a packet takes to a destination.
Pathping—Traces the route a packet takes to a destination and displays information on packet losses for
each router in the path. Pathping can also be used to troubleshoot Quality of Service (QoS)
connectivity.(Available on Win2000)
Most incorrect client and server IP address or subnet mask errors appear in
Event Viewer. Examine the Event Viewer system log and look for any entry with
TCP/IP or DHCP as the source (see Figure 2). Read the appropriate entries by
double-clicking them (Figure 4). Because DHCP configures TCP/IP remotely,
DHCP errors cannot be corrected from the local computer.
You should check to see if you can connect using IP addresses. Use an IP
address as a target for the standard TCP/IP commands such as ping, tracert,
and telnet, and ipconfig.3
Also, check the configurations on the host device. If you can connect using an IP
address but are unable to connect by using "Microsoft networking" (for example,
Network Neighborhood), try to isolate a problem on the Windows NT/2000/XP
11-26 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
server configuration. Problem areas with Microsoft networking relate to NetBIOS
support and associated mechanisms used to resolve non-IP entities with IP
addresses. You can check for these non-IP problems using the nbtstat
command.
11-28 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
Figure 3: Loopback Test
One of the most common ICMP uses is as a diagnostic tool. As you can see in
the Figure 2, a simple ping utilizes ICMP to determine whether or not a host is
receiving packets. For more details on ICMP, refer to RFC 792.
The Ping option in the Diagnostics page of the bridge tests infrastructure
connectivity from the bridge to other IP nodes. The Ping option sends an ICMP
echo_request packet to a user-specified remote node. If the remote node
receives the packet it also responds with an ICMP echo_response packet.
The bridge sends the echo_response packet and waits 3 seconds for a
response. If there is no response, the client sends another echo_response
packet. If a response is received and a message is displayed, the command
disappears from the screen. Enter Ctrl-C to stop the command.
11-30 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
11.3.3 Address Resolution Protocol(ARP) Command
To view the arp cache, at the command prompt type arp –a (Figure 2).
You can try to resolve an address problem by clearing the ARP cache, which is a
list of recently resolved IP-to-MAC address mappings. If an entry in the ARP
cache is incorrect, the TCP/IP packet will be sent to the wrong computer. To
clear the cache, type:
arp –d [IP] where [IP] is the IP address of the incorrect entry; another option is
the command arp –d *, which clears the entire arp cache.
If you issue the arp –a command again, the entry or entries will be cleared.
11-32 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
11.3.4 Route Print Command
To check the routing table, type the route print command at a command
prompt.1
Parameters
-f
Clears the routing tables of all gateway entries. If this is used in conjunction with
one of the commands, the tables are cleared prior to running the command.
-p
When used with the add command, makes a route persistent across boots of the
system. By default, routes are not preserved when the system is restarted. When
used with the print command, displays the list of registered persistent routes.
Ignored for all other commands, which always affect the appropriate persistent
routes.
11-34 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
11.3.5 Ipconfig
Parameters
all
Produces a full display. Without this switch, ipconfig displays only the IP
address, subnet mask, and default gateway values for each network card.
/renew [adapter]
Renews DHCP configuration parameters. This option is available only on
systems running the DHCP Client service. To specify an adapter name, type the
adapter name that appears when you use ipconfig without parameters.
/release [adapter]
Releases the current DHCP configuration. This option disables TCP/IP on the
local system and is available only on DHCP clients. To specify an adapter name,
type the adapter name that appears when you use ipconfig without parameters.
11-36 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
11.3.6 Tracert Command
11-38 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
11.4 Diagnostic Tools
11.4.1 Cable Testers, Multimeters and Network Monitors
11-40 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
Figure 5: Fluke OptiView
The cable tester shown in Figure 2 is the Fluke 620 LAN CableMeter, a cable
tester designed to verify connectivity of all LAN cable types: UTP, STP, screened
UTP (ScTP), and coaxial. This tester can measure cable length; test for faults,
such as opens, shorts, reversed, crossed, or split pairs; and indicate the distance
to the defect.
At the top end of the cable-testing spectrum are TDRs. These devices can
quickly locate open and short circuits, crimps, kinks, sharp bends, impedance
mismatches, and other defects in copper cables. Figure 3 is the Fluke DSP-4000
Series Digital Cable Analyzer. A TDR works by "bouncing" a signal off the
opposite end of the cable. Opens, shorts, and other problems reflect the signal
back at different amplitudes, depending on the problem. A TDR measures the
amount of time it takes for the signal return and calculates the distance to a fault
in the cable. TDRs can also be used to measure the length of a cable. Some
TDRs can also calculate the propagation rate based on a configured cable
length.
11-42 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
losses. This baseline measurement can then be compared with future signatures
when a problem in the system is suspected.
Monitors collect information such as packet sizes, the number of packets, error
packets, overall usage of a connection, the number of hosts and their MAC
addresses, and details about communications between hosts and other devices.
This data can be used to create profiles of LAN traffic as well as to assist in
locating traffic overloads, planning for network expansion, detecting intruders,
establishing baseline performance, and distributing traffic more efficiently.
Web Resources
Fluke
http://www.flukenetworks.com
11-44 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
The following are some typical third-party troubleshooting tools used for
troubleshooting internetworks:
• Volt-Ohm meters, digital multimeters, and cable testers are useful in
testing the physical connectivity of your cable plant.
• Time domain reflectors (TDRs) and optical time domain reflectors
(OTDRs) are devices that assist in the location of cable breaks,
impedence mismatches, and other physical cable plant problems.
• Breakout boxes and fox boxes are useful for troubleshooting problems in
peripheral -interfaces.
• Network analyzers decode problems at all seven OSI layers and can be
identified automatically in real-time, providing a clear view of network
activity and categorizing problems by criticality.
Web Resources
Sniffer
http://www.sniffer.com/other/jump/cisco
WildPackets
http://www.wildpackets.com
Fluke Networks
http://www.flukenetworks.com
11-46 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
• Electromagnetic Interference—It is possible for electromagnetic
interference (EMI) to be generated by non-radio equipment operating in
close proximity to the WLAN equipment. While it is theoretically possible
for this interference to directly affect the reception and transmission of
signals, it is more likely the components of the transmitter are affected by
EMI, rather than the transmission. To minimize the possible effects of
EMI, the best course of action is to isolate the radio equipment from
potential sources of EMI. Locate the equipment away from such sources if
possible. If you can supply conditioned power to the WLAN equipment,
this lessens the effects of EMI generated on the power circuits as well
Web Resources
Anritsu
http://www.anritsu.com/
Tektronix
http://www.tek.com
11-48 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
Figure 3: Cisco Services Setup
There can be many single point failures when installing and troubleshooting a
WLAN. If you can access an AP or bridge through the Ethernet port, then there
is little need to troubleshoot the wired LAN. The problem most likely is with the
AP, bridge or client.
Using the device manager 1 on a windows workstation, you can check the driver
version and if the hardware is functioning correctly.2
From the Cisco Services Page3, you can check the current system and radio
firmware4 as well as upgrade firmware through the browser or ftp server.
The firmware version of a bridge is indicated on the title bar of the bridge web
configuration page. The radio firmware is shown under the radio section of the
home page.5
11-50 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
11.5.2 Software Configuration
Figure 1: AP Configuration
Service Set Identifier—Cisco Aironet WLAN devices must be set to the same
Service Set Identifier (SSID) as all other Cisco Aironet devices on the wireless
infrastructure. Units with different SSIDs cannot communicate directly with each
other.
11-52 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
Data rate—If WLAN devices are configured for different data rates (expressed in
megabits per second) they cannot communicate. Some common scenarios are
shown below:
• Bridges are used to communicate between two buildings. If one bridge is
set at a data rate of 11 Mbps and the other is set at a data rate of 1 Mbps,
communications fail.
• If the pair of devices are configured to use the same data rate, other
factors might prevent them from reaching that rate, in which case
communications fail.
• If one of a pair of bridges has a data rate of 11 Mbps set, and the other is
set to use any rate, then the units communicate at 11 Mbps. However, if
there is some impairment in the communication that requires the units to
fall back to a lower data rate, the unit set for 11 Mbps cannot fall back, and
communications fail.
• It is recommended that WLAN devices are set to communicate at more
than one data rate.
Distance—Since the radio link between bridges can be quite long, the time it
takes for the radio signal to travel between the radios can become significant.
The Distance parameter is used to adjust the various timers used in radio
protocol to account for the delay. The parameter is only entered on the root
bridge, which tells the repeaters. The distance of the longest radio link in the set
of bridges is entered in kilometers, not in miles.
Figure 1:
11-54 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
11.5.4 Antenna
Figure 1:
Cardboard Paper
Wood Firewalls
Microwave Fluorescent
Electrical Lighting
Ovens
Transformers
Line of Sight and Antenna Placement—In many instances Line of Sight (LOS) is
not seen to be a problem, particularly for WLAN devices that communicate over
short distances. Due to the nature of radio wave propagation, devices with omni-
directional antennae often communicate successfully from room to room. The
density of the materials used in a building's construction determine the number of
walls the RF signal can pass through and still maintain adequate coverage.
Material impact on signal penetration are listed below:
• Paper and vinyl walls have little effect on signal penetration.
• Solid and pre-cast concrete walls limit signal penetration to one or two
walls without degrading coverage.
• Concrete and concrete block walls limit signal penetration to three or four
walls.
• Wood or drywall allows for adequate signal penetration for five or six
walls.
• A thick metal wall causes signals to reflect off, resulting in poor signal
penetration.
• Chain link fence, wire mesh with 1 - 1 1/2" spacing acts as a 1/2" wave
that will block a 2.4 GHz signal.
When connecting two points together (such as an Ethernet bridge) the distance,
obstructions and antenna location must be considered. If the antennas can be
Design Note: If you installed and tested your site-to-site antenna during the
winter you may have problems in the spring. During the spring, the leaves return
to full foliage and low-power microwaves will bounce off leaves like a mirror when
they are wet. If you set up a well-placed antenna in the winter, you may be very
disappointed in April when the trees are blooming and your signal weakens.
11-56 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
11.6 LAN Troubleshooting
11.6.1 Layer 1—Media, Connectors and Devices
Figure 2: Category 5
Figure 4: Tranceivers
Figure 5: Hubs
11-58 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
By now, you’ve probably noticed that some of the most common network
problems can be attributed to cable problems including media, connectors and
patch panels. Even though these are Layer 1 issues, they cannot be overlooked.
For example, multimode and single-mode fiber cables (Figure 1) are often used
for ATM, Fiber Distributed Data Interface (FDDI), and Ethernet. As you
troubleshoot problems with fiber-optic cables, an important consideration is
asymmetric connectivity problems: one side of a transmit/receive cable pair fails,
but the remaining cable nonetheless forwards frames. This asymmetric
connectivity can impair spanning-tree loop avoidance. On the other hand, many
things can go wrong with copper UTP cables (Figure 2). Cable that is exposed to
high traffic areas can be smashed, bent, or pulled out of the jack causing
connectivity problems.
When troubleshooting cabling from a device or between devices, ask yourself the
following questions:
• Are the cables the correct type for this installation? Category 3 is for
10BaseT only. Was a Category 3 cable installed instead of a Category 5
cable?
• Category 5—Was the cable installed correctly?
• Is the cable a crossover or straight-through? Which type should it be?
Compare the RJ-45 connector wiring at both ends of the cable if you’re not
sure.
• Is there a broken wire at either end of the cable? Cables that are installed
too tightly or bundled together tightly with a tie wrap may have broken
wires in the connector. Cables that are pulled through a plenum
(enclosure such as a suspended ceiling or false floor) can have broken
wires and exhibit intermittent open-circuit conditions.
• Is the cable longer than the 100-meter specification? A time domain
reflectometer (TDR) can display the length of the cable, including all wiring
closet connections.
• Is the punchdown wiring correct? Are there missing, loose, or broken
wires on the punchdown block? 3
• Is the network adapter card/interface port at the user end functioning
properly?
• Is the device connected to the correct port? Is the port active?
• Is a transceiver used to convert media? Is it functioning properly?4
A method to test installed cabling is to replace the entire cable run with an
external cable. If you have a known good segment of Category 5 cable, run the
cable between the two devices to test connectivity. This test will eliminate any
uncertainties about plant cables or punchdown connections. On the other hand,
you can also verify this with a cable tester.
11-60 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
11.6.2 Layer 2—Switches
Figure 1: Switches
Possible Solution
Problem
Incorrect or Step 1 Check whether the Connected LED on the LAN switch port is on.
faulty cabling Step 2 If the LED is not on, check to make sure you are using the correct
cable and that it is properly and securely attached. For example, make
sure that you are not using a rolled cable where a straight-through cable is
required, or vice versa.
Step 3 Make sure the cable is correctly wired. Refer to the user guide for
your LAN switch for information on cable pinouts.
1
Step 4 Use a TDR or other cable-checking device to verify that the cable
has no opens, shorts, or other problems.
Step 5 Swap the cable with another of the same kind to see whether the
cable is bad. If connections are now possible, the cable is faulty.
Step 6 Replace or fix the faulty cable as necessary.
Power supply Step 1 Check the Power LED. If it is not on, make sure the LAN switch is
problem plugged in and is powered on.
Step 2 Check for a blown fuse. If the fuse is blown, refer to the user guide
for your LAN switch for information on replacing the fuse.
Hardware Step 1 Check whether the Connected LED on the port is on.
problem Step 2 If the LED is not on and the cabling is intact, there might be a bad
switch port or other hardware problem.
Step 3 Check whether the Module Enabled LED is on for FDDI and Fast
Ethernet modules.
Step 4 If the LED is not on, remove and reseat the module.
Step 5 Check the switch hardware and replace any faulty components.
11-62 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
Figure 4: LAN to WAN Connectivity Problems
Subnet mask Step 1 Check to see whether you can ping the switch from a
configuration error device in the same subnet.
Step 2 Check the subnet mask on the device from which you are
pinging. Check the subnet mask on the LAN switch.
Step 3 Determine whether the subnet mask on either device is
incorrectly specified. If it is, reconfigure the switch or the device, as
appropriate, with the correct subnet mask.
Refer to the user guide for your LAN switch for information on how
to
check and configure the subnet mask on the switch. Refer to the
vendor documentation for the other device for information on how
to check and configure the subnet mask on that device.
No default gateway Step 1 Check whether there is a default gateway configured on the
specified on switch or LAN switch. Check to make sure that all servers and other end
server systems on the LAN have a default gateway specification.
Step 2 If any of these devices does not have a default gateway
specified, configure a default gateway using the IP address of a
router interface on the directly connected LAN.
Refer to the user guide for your LAN switch for information on how
to configure a default gateway on the switch. Refer to the vendor
documentation for the other devices for information on how to
configure a default gateway on those devices.
VLAN misconfiguration Step 1 Make sure that all nodes that should communicate are
attached to ports on the same VLAN. If ports are assigned to
different VLANs, the attached devices cannot communicate.
Step 2 If a port belongs to two or more VLANs, make sure that the
VLANs are connected only by the overlapping port. If there are
other connections, an unstable network topology can be created.
Step 3 Eliminate any extraneous connections between the two
VLANs.
Today, in data communications, all switching and routing equipment perform two
basic operations:
• switching data frames -- The process by which a frame is received on an
input medium and then transmitted to an output medium.
• maintenance of switching operations -- Switches build and maintain
switching tables and search for loops. Routers build and maintain both
routing tables and service tables.
Like bridges, switches connect LAN segments, use a table of MAC addresses to
determine the segment on which a datagram needs to be transmitted, and
reduce traffic. Switches operate at much higher speeds than bridges, and can
support new functionality, such as virtual LANs (VLANs). If VLANs have been
configured on a switch, this may affect connectivity to other devices on the LAN
depending on the router configuration.
If traffic does not pass after the learning phase and if VLANs are set correctly,
one other common issue may be port security configurations that may block
traffic from unauthorized host devices. Check the switch configuration to verify
security settings on the switch.
Some LAN to LAN switch problems and solutions are shown in Figure 3. Also,
LAN to WAN switch problems and solutions are shown in Figure 4.
11-64 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
11.6.3 Layer 3—Routers
Figure 1: Routers
Figure 2:
Figure 4:
Show Commands
11-66 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
Routers are internetworking devices that operate at OSI Layer 3 (the network
layer). They tie together, or interconnect, network segments or entire networks.
They pass data packets between networks based on Layer 3 information.
Routers make logical decisions regarding the best path for the delivery of data on
an internetwork and then direct packets to the appropriate output port and
segment. Routers take packets from LAN devices (e.g. workstations) and, based
on Layer 3 information, forward them through the network. In fact, routing is
sometimes referred to as Layer 3 switching. Router come in a variety of size and
form factors, but have common physical characteristics including LAN/WAN
interfaces to provide connectivity between networks. A router is shown in Figure
1.
If you are able to access IP or other services on the LAN, but Internet access is
not available, the router may be a failure point. Other connectivity issues such as
reaching other VLANs can be attributed to a router. In many cases, the router is
configured with access control lists to prevent unauthorized access. In fact, in a
very secure network, adding new devices requires planning and coordination.
Always consult the LAN/WAN administrator when connecting new devices to the
LAN.
11-68 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
In order to best monitor access points and bridges, it is important to configure
logging. You can enable and configure notification of fatal, alert, warning, and
information events to destinations external to the access point, such as an SNMP
server or a Syslog system. First, the event display and event handling must be
configured. Afterward, you can configure which monitoring technology or
solution which will suite the management needs.
The Event Display Setup page1 allows you to determine how time should be
displayed on the event log. In addition, you can determine what severity level is
significant enough to display an event.
This Event Handling page 2 allows you to determine how notification of the
different fatal, alert, warning, and information events should occur. The event
settings control how events are handled by the AP: counted, displayed in the log,
recorded, or announced in a notification.
Count: Simply tallies the total events occurring in this category without any form
of notification or display.
Display console: Provides a read-only display of the event but does not record
it.
Record: Makes a record of the event in the log and provides a read-only display
of the event.
Notify: Makes a record of the event in the log, displays the event, and tells you
to notify someone internally of the occurrence.
Handle Station Alerts as Severity Level: Allows you to set a severity level for
System Alerts. Use the pull-down menus to choose one of the eleven severity
levels. Alerts indicate that action has to be taken to correct the condition.
Warnings indicate a potential error condition. Information is simply routine
notification of some sort of action; no error has occurred.
Maximum memory reserved for Detailed Event Trace Buffer (bytes): Enter
the number of bytes reserved for the Detailed Event Trace Buffer. The Detailed
11-70 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
11.7.2 Bridge Event Setup
Use the Logs menu or page to set up and view event logs on the bridge as
shown in Figure 1.
Event Logs—The bridge produces logs that record significant events occurring
within your bridge and on the infrastructure. The type of logs include the
following:
• Information log: records status changes that occur in the normal operation
of the system. For example, when an end node associates to a parent
access point.
• Error log: records errors that occur occasionally, but which are easily
recovered from by the bridge. For example, errors that occur during the
reception and transmission of packets to and from the bridge.
• Severe error log: records errors that drastically affect the operation of the
system. The system continues to run, but action is required to return the
bridge to normal operating standards.
Viewing the History Log (History)—The History option or link allows you to view a
history of the events that have occurred on the bridge and the infrastructure. All
events are stored within the bridge in a 10-KB memory buffer. The actual number
of events the bridge saves depends on the size of each log stored in the buffer.
Figure 1: Syslog
11-72 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
Now that the event have been configured on the access point or bridge, you can
forward the events to a syslog server
Access Point
Event Notifications Setup Page—You use the Event Notifications Setup page to
enable and configure notification of fatal, alert, warning, and information events
to destinations external to the access point, such as an SNMP server or a Syslog
system.1 For event notifications to be sent to an external destination, the events
must be set to Notify on the Event Handling Setup page
Bridge
Packets received by the Syslogd daemon process are recorded in the system log
file on the UNIX host. The events display on the console and are forwarded to
the UNIX host. If the bridge should fail for any reason, the events can still be
viewed on the UNIX host.
The events carry the syslog facility code LOG_LOCAL0, which has a value of 16.
You can change this value with the option Facility. The syslog priority depends
on the priority of the events locally. On the UNIX host, the Syslogd daemon
process usually adds the current time and IP address of the bridge that sent the
event. The bridge pre-pends its own name to the event before it is sent. See the
following example.
Jan 11 10:46:30 192.009.200.206 AIR-WGB340_285e73:
By default, the bridge receives and displays syslog messages from other bridges
in the network. The Rcvsyslog option enables or disables this function. You could
choose one bridge to monitor and have all other units configured with this bridge
as their syslog host.
Web Resources
Cert
http://www.cert.org/security-improvement/implementations/i041.08.html
The Cisco Syslog Server is a basic application that lets you view Aironet AP and
bridge event information from a Windows NT system; it includes special features
not found on other syslog servers, such as:
• Receiving syslog messages via either TCP or UDP
• Full reliability because messages can be sent via TCP
• Ability to receive syslog messages from up to ten devices
The Syslog server software, primarily known as the PIX Firewall Syslog Server
(PFSS), can also record events from a PIX Firewall and Cisco router. The
11-74 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
installer file can be obtained from the Cisco Connection Online (CCO) software
download section. The current 5.1 version can only be installed on a NT 4.0
server or above. It is located in the PIX Firewall download area. Other 3rd party
applications such as Ipswitch’s WhatsUpGold include a syslog server. This
application will operate on Windows 9.x/NT/2000 platforms, but requires more
RAM memory and hardrive space compared to the PFSS.
PFSS starts immediately after installation. This service can be controlled via the
Services Control Panel, which you can use to pause the service, then resume the
service, stop, or start the service. The service can also be started with different
startup parameters from the Services window. Syslog server creates seven
rotating syslog files: 1 monday.log, tuesday.log, wednesday.log, thursday.log,
friday.log, saturday.log, and sunday.log. If a week has passed since the last log
file was created, it will rename the old log file to day.mmddyy where day is the
current day, mm is the month, dd is the day, and yy is the year. The size of a log
file depends on how many connections can occur on each bridge or AP and the
types of messages you permit to be logged. Figure 2 shows sample output from
a syslog file that has logged messages from both an access point and bridge.
Web Resources
Cisco
http://www.cisco.com/cgi-bin/tablebuild.pl/pix
Ipswitch
http://www.ipswitch.com/
A managed device is a network node that contains an SNMP agent and resides
on a managed network. Managed devices collect and store management
information and make this information available to NMSs using SNMP. Managed
devices, sometimes called network elements, can be routers and access servers,
switches and bridges, access points, hubs, computer hosts, or printers.
11-76 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
An NMS executes applications that monitor and control managed devices. NMSs
provide the bulk of the processing and memory resources required for network
management. One or more NMSs must exist on any managed network.
11-78 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.
Setting SNMP Trap Destinations on the Access Point—Use the Events
Notification or SNMP Setup page to configure the access point to work with your
network's SNMP station. 1
Setting SNMP Trap Destinations on the Bridge (Trapdest). The bridge SNMP
settings can be configured from the Logs Page.2
11-80 Troubleshooting, Monitoring and Diagnostics Copyright 2001, Cisco Systems, Inc.