Oaw AP Matrix

re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
in
g.
hu
aw
ei
.c
om
/e
aw
ei
.c
om
/e
Huawei Certification
HCNA-WLAN
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
in
g.
hu
Huawei Certified Network Associate-WLAN
Huawei Technologies Co.,Ltd
aw
ei
.c
om
/e
No part of this document may be reproduced or transmitted in any

form or by any means without prior written consent of Huawei
Technologies Co., Ltd.
Copyright Huawei Technologies Co., Ltd. 2014. All rights reserved.
Trademarks and Permissions
g.
hu
and other Huawei trademarks are trademarks of Huawei

Technologies Co., Ltd. All other trademarks and trade names
mentioned in this document are the property of their respective
holders.
in
Notice
ht
tp
:/
/l
ea
rn
The information in this document is subject to change without notice.

Every effort has been made in the preparation of this document to
ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of
any kind, express or implied.
ce
s:
Huawei Certification
ur
HCNA-WLAN
Mo
re
Le
ar
ni
ng
Re
so
Huawei Certified Network Associate-WLAN

Edition v1.6
aw
ei
.c
om
/e
Huawei Certificate System
Relying on the strong technical strength and professional training system,

Huawei provides a practical and professional four-level certificate system
to meet various customer requirements on different WLAN technologies.
rn
in
g.
hu
Huawei Certified Network Associate-Wireless Local Area Network

(HCNA-WLAN) is designed for Huawei local offices, online engineers in
representative offices, and readers who want to understand Huawei
WLAN products and technology. HCNA-WLAN covers WLAN basics,
Control and Provisioning of Wireless Access Points (CAPWAP) protocol,
WLAN networking, Huawei WLAN product features, security
configuration, WLAN advanced technology, antennas, WLAN network
planning and optimization, and WLAN fault troubleshooting.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
The HCNA-WLAN certificate system introduces you to the industry and

market, helps you in innovation, and enables you to stand atop the
WLAN frontiers.
re
Mo
ni
ar
Le
ng
s:
ce
ur
so
Re
ht
tp
ea
/l
:/
rn
hu
g.
in
aw
ei
.c
om
/e
Referenced icon
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The wireless network first appeared during the WWII when the US army used radio
signals for data transmission. They developed a set of radio transmission and
ht
s:
encryption technologies, which were widely used by the US and Ally armies. 50 years
later, their inventions have changed people's life.
In 1971, researchers in Hawaii University invented the first radio network ALOHNET
based on encapsulation technology. This is one of the earliest versions of WLAN. This
network was comprised of seven computers in bidirectional star topology. The
computers are located in the four Hawaii islands with the core computer on the Oahu
island. This marked the birth of wireless network.
In 1990, the IEEE started the 802.11 project and formulated many 802.11 standards,
Re
so
ur
ce
marking the maturity of WLAN technologies. Many standards such as 802.11a,
ni
ng
802.11b, 802.11g802.11e802.11f802.11h802.11iand 802.11j have been

set or are to be set. Currently, the 802.11n standard which can ensure high speed and
high quality WLAN services is widely used.
ar
The WLAN market is rapidly expanding since 2003, becoming a highlight in IT market.
As people expect more and more convenient and high-speed WLAN, Wi-Fi,
Le
CDMA/GPRS, and Bluetooth, technologies closely related to personal computers and
Mo
re
mobile devices become increasingly popular. Meanwhile, the mass production of

corresponding WLAN products greatly reduced the WLAN construction costs.
Suddenly, WLAN has become an inseparable part of our life.
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
in
g.
hu
service.
Mo
The high-speed mobile 3G and 4G (LTE) networks further popularized mobile

network. Many public places such as shops and restaurants now provide Wi-Fi
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
tp
:/
ht
Characteristics: easy to use, low cost, convenient
Main technology: Bluetooth technology. It works on the 2.4 GHz band.
s:
ce
WLAN: 2.4 GHz and 5 GHz bands

High power consumption
Flexible design and multiple users supported
Main technology: 802.11a/b/g/n
ur
so
Wireless Personal Area Networks (WPANs) are P2P or small wireless networks that
provide wireless access for individual users.
The Wireless Metro Area Network (WMAN) is used for backbone network coverage.
Re
Uses applied bands. You can also use the public bands but interference
The Wireless Wide Area Network (WWAN) is used by carriers for wireless coverage.
ar
Main technology: WiMax (802.16)
ni
ng
exists.
Mo
Main technology: 2G/3G, satellite transmission
With the development of wireless technologies, various wireless network are now
merging, blurring the boundaries between different wireless networks.
re
Low bandwidth, accounting based on time or traffic
Le
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Ir DA: A P2P transmission technology. This technology is applicable to short-distance

transmission and there is no block between the two ends. The transmission rate is 16
ht
Mbit/s. The technology is cheap but the device used has a short lifespan.
Bluetooth: Works on the 2.4 GHz band. The ideal transmision distance is 10 cm to 10
m. Supports 72 Kbps/57.6 Kbps asymmetrical connection or 43.2 Kbps symmetrical
connection.
Home RF: A combination of IEEE802.11 and DECT. Works on the 2.4 GHz band and
provides a maximum of 2 M bandwidth within 100 m.
Wi-Fi: Wireless Fidelity. Uses standards such as IEEE802.11a/b/g/n to provide
Re
so
ur
ce
s:
wireless coverage for LANs.

GSM, UMTS, LTE: Works on the 900 M, 1800 M, 1900M, and 2100 M bands. Used
ng
Mo
re
Le
ar
ni
for mobile network data transmission and WWAN coverage.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
First appeared in the US, WLAN technology is used as extension of the wired
network. It is mainly for family use. The American people have a strong requirement
on wireless access due to the cabling difficulty (Most Americans live in villas with
courtyards.) and the penetration of laptops and PDAs. This spurred the development
of WLAN.
Due to its mobility and wireless access capability, WLAN has been used in scenarios
such as families, offices, schools, and enterprises. With the development of WLAN, its
standards and products are also maturing.
The WLAN has the following advantages compared with wired access: high
bandwidth to support high-speed wireless access, cost-effective products and low
construction costs, mature technologies, and rich applications.
This chart demonstrates the performance of WLAN, Modem, ADSL/LAN, and

GPRS/CDMA1X/3G in terms of mobility and bandwidth.
ni
Compared with ADSL and LAN, WLAN can provide wireless HIS(High
bandwidth wireless Internet access Service) to meet customer needs.
ar
ng
Re
so
ur
ce
s:
ht
If you ask the average user about their 802.11 wireless network, they may give you a
strange look. The name that many people recognize for the technology is Wi-Fi. Wi-Fi
is a marketing term, recognized worldwide by millions of people as referring to 802.11
wireless networking.
Mo
re
Compared with GPRS and CDMA1x, WLAN can provide 600 Mbit/s or higher
bandwidth at a lower cost.
Le
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
High bandwidth: Rate of 802.11a/g reaches 54 Mbit/s; rate of 802.11n reaches 600
Mbit/s (using the MIMO technology).
Wide coverage range: 100 m for 802.11a/g, 500-1000 m for 802.11n
Block traversal capability: applicable to the houses containing many walls with
complex structure.
The AC + Fit AP mode is used to replace the Fat AP mode.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Mobility: Users move a lot but data needs to be stored in the same place. WLAN
enables users to access data from different locations, which improves productivity.
Flexibility: In some scenarios, traditional cabling can be very difficult. For example, in
old buildings without original design blueprint, it is difficult to lay out cables that will
penetrate the stone wall. However, WLAN can be flexibly deployed here.
Scalability: The WLAN requires no cabling or re-cabling. The WLAN can quickly build
ce
s:
ht
Economy: WLAN technologies help reduce network construction costs. First, there
are no cable costs. Second, if customers want to deploy wireless distribution system
ng
Re
so
ur
small and temporary group networks for meetings, overcoming the difficulties of
meeting holding among different offices. WLANs can be easily expanded since
wireless transmission media are ever-present. There is no need for any kind of
cabling. APs can also be deployed at hotels, stations, and airports.
ni
(WDS) between two buildings, they only need to buy the devices. The ensuing
maintenance costs are insiginificant. In the long term, this P2P wireless link is far
Mo
re
Le
ar
more economic than leased lines from carriers.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
WLANs in factories and production lines realize remote control and monitoring
of production equipment.
WLANs in logistics centers and ports realize medium and long distance
communication.
Mo
re
Le
ar
ni
ng
Re
so
WLANs in exhibition and securities halls realize real-time interactive service

operation and data monitoring.
s:
WLANs deployed in stadiums allow correspondents to give live broadcasting.
ce
ht
WLANs provide more flexible networking to improve working efficiency.
ur
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
WLANs provide users with real-time and free Internet access at any place.
WLANs in office buildings realize wireless office working.

WLANs in airport lounges, scenic spots, and coffee shops provide ready-made
Internet access anywhere.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Wireless Local Area Network
Wireless Metro Area Network
Wireless Wide Area Network
ce
ur
What is the relationship between Wi-Fi and WLANs?

Wi-Fi = WLAN in compliance with 802.11 standards
so
Mobility
Flexibility
Scalability
Economicalness
Le
re
Mo
Re
What are advantages of WLANs compared to wired networks?
ar
ht
Wireless Personal Area Network
s:
ng
What are the types of wireless network?
ni
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
China's State Radio Monitoring Center (SRMC), formerly known as the State Radio
Regulatory Commission (SRRC), is the only authorized organization in mainland
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
China that tests and certifies the radio type approval regulations. At present, China
has defined frequency ranges for different radio transmitting devices. Some
frequencies are not allowed in China. Different frequencies have been defined for
radio transmitting devices sold and used in China.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The FCC is an independent agency of the United States government, formed in 1934.
The FCC regulates interstate and international communications by radio, television,
ht
ce
s:
wire, satellite and cable. Radio products, communication products, and digital
products need to obtain FCC certification before entering the U.S. market. The FCC
investigates and researches product security stages to find out the best way to solve
problems. The FCC also regulates detection of radio devices and aircrafts.
The FCC defines regulations to reduce electromagnetic interference, manage and
control radio frequency ranges, and ensure the normal operation of telecom networks
and electrical products.
The FCC and the respective controlling agencies in the other countries typically
Re
so
ur
regulate two categories of wireless communications: licensed spectrum and
ar
ni
ng
unlicensed spectrum. The difference is that unlicensed users do not have to go

through the license application procedures before they can install a wireless system.
Both licensed and unlicensed communications are typically regulated in the following
fi ve areas:
Frequency
Bandwidth
Maximum power of the intentional radiator (IR)
Maximum equivalent isotropically radiated power (EIRP)
Use (indoor and/or outdoor) the FCC
Mo
re
Le
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The European Telecommunications Standards Institute (ETSI) is an independent,

non-profit, standardization organization in the telecommunications industry
ht
The ETSI standards development is open. The standards are drafted by ETSI
members in the technical committees, listed in the ETSI working plan after being
ng
Re
so
ur
ce
s:
(equipment makers and network operators) in Europe. The ETSI was approved by the
European Commission in 1988 and based in Nice (a southern city in France). The
ETSI is responsible for standardization of the telecommunications industry but not the
information and broadcasting industries. The ETSI is officially recognized by the
European Committee for Standardization (CEN) and European Conference of Postal
and Telecommunications Administrations (CEPT). The recommended standards
defined by the ETSI are often used by the European Communities as the technical
basis of European regulations and are required to comply with.
ni
approved by the technical conference, and researched by each technical committee.

The standards drafts proposed by the technical committees are summarized by the
Le
ar
secretariat and sent to the standards organizations of members for suggestions. After
suggestions are returned, the secretariat modifies the drafts according to the
suggestions and organizes voting in members. A proposition passes if at least 70% of
Mo
re
the weighed votes cast are in favor. Otherwise, the proposition becomes a temporary
standard or other technical file.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The IEEE was formed in 1963 by the merger of the Institute of Radio Engineers (IRE,
founded in 1912) and the American Institute of Electrical Engineers (AIEE, founded in
ht
ce
s:
1884). The IEEE has a dual complementary regional and technical structure, with
organizational units based on geography ( for example, the IEEE Philadelphia Section
and IEEE Computer Society).
The IEEE was founded to provide international exchange occasion for electrical and
electronic scientists, engineers, and manufacturers and provide professional
education and service capability improving services.
The IEEE is approved by the International Organization for Standardization as an

organization to define standards. It has standards technical committees and more
Re
so
ur
than 30000 volunteers who participate in standards research and development,
ni
ng
defining and revising more than 800 technical standards in every year. The IEEE
standards involve electrical and electronic devices, test methods, symbols, and
definitions.
ar
The Institute of Electrical and Electronics Engineers (IEEE) creates standards for
compatibility and coexistence between networking equipment. The IEEE standards
must adhere to the rules of the communications organizations, such as the FCC.
Mo
re
The IEEE 802 Committee was formed in February, 1980 to define international
standards for LANs.
Le
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
In 1999, several visionary leaders came together to form a global non-profit

organization (Wi-Fi Alliance) with the goal of driving adoption of high-speed wireless
ht
local area networking.
s:
Wi-Fi is short for wireless fidelity. It refers to wireless compatibility certification and is
actually commercial certification and a wireless networking technology. Computers
are originally connected to the network using network cables and are now connected
to the network using radio waves. A wireless router is often used. The Wi-Fi
connection mode can be used for networking within the coverage range of wireless
router. If a wireless router connects to an ADSL line or another line, a hotspot is
so
ur
ce
Re
formed.
The Wi-Fi Alliance is a growing non-profit international organization composed of
ni
ng
more than 300 member companies. Currently, the Wi-Fi Alliance has 10 independent
authoritative testing labs in six countries.
The Wi-Fi Alliance is the industry and technology leader in the WLAN field and
Le
It has good cooperation with the industrial chain and includes members such as
manufacturers, standards organizations, regulatory organizations, service providers,
and carriers.
Mo
re
ar
provides testing and certification for the world.
Because the ongoing expansion of the Wi-Fi network is implemented based on the
enterprise, household, and hotspot that allows people to wirelessly access the
Internet from anywhere at any time, compatibility is essential. The Wi-Fi Alliance
defines global regulations, tests and certifies wireless devices to enable them to
comply with standards of interoperability.
g.
hu
in
rn
ea
/l
:/
tp
ht
s:
ce
ur
so
Re
ng
ni
ar
Le
re
Mo
Wi-Fi CERTIFIED implements the interoperability of WLAN technology and provides

the best user experience, with more than 3000 products passing the certification.
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The IETF is an international non-governmental organization with all participants and

managers are volunteers who contribute to the development of Internet technology. It
ht
ce
s:
brings together the network designers, operators, and researchers related to Internet
architecture evolution and Internet stable operation and is open to all who want to
participate. The IETF meeting is hold three times a year with more than 1000
participants.
The IETF produces two types of files: Internet Draft and Request for Comments (RFC).
Any participant can propose an Internet Draft. Many important files were originally
Internet Drafts.
RFC is more formal than Internet Draft and is archived. Its contents remain
Re
so
ur
unchanged after being approved.
Proposal
Standard
ar
ng
RFCs include:
ni
The CAPWAP protocol (defined in RFC 5415) used in WLAN is defined by the IETF.
Mo
re
Best practice
Le
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
WAPI Industry Association (Technical Committee on Wireless Network and Secure

Network Access of CCIA) was founded in March 7, 2006. It is a non-governmental
ht
The association aims to integrate and coordinate industry and social resources,
enhance the research, development, manufacturing, and service level of members,
and promote the fast and healthy development of the WLAN industry. Taking
advantage of leading and common wireless network security technology (WAPI), the
so
ur
ce
s:
social organization and industrial cooperation platform that is composed of enterprises,

institutions, and communities engaged in WLAN product research, development, and
operation.
Re
association promotes the wide use and application of WAPI, drives the development
Mo
re
Le
ar
ni
ng
of broadband wireless IP networks, improves the competitiveness of members,

creates an innovative environment, and cultivates the spirit of innovation.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ht
Which standard organization defines the 802.11 protocols?

IEEE
What is the WLAN security mandatory standard in China?

WAPI
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Extremely low frequency (ELF): 3 Hz to 30 Hz. Its wavelength ranges from 100,000
km to 10,000 km. It can be used in submarine communications or directly converted to
sound.
Super low frequency (SLF): 30 Hz to 300 Hz. Its wavelength ranges from 10,000 km
to 1,000 km. It can be directly converted to sound or used in AC transmission systems
(50 to 60 Hz).
Ultra low frequency (ULF): 300 Hz to 3 KHz. Its wavelength ranges from 1,000 km to
100 km. It can be used for communications in the mine field or directly converted to
sound.
Very low frequency (VLF): 3 KHz to 30 KHz. Its wavelength ranges from 100 km to 10
km. It can be directly converted to sound or ultrasound, or be used for geophysical
studies.
Low frequency (LF): 30 KHz to 300 KHz. Its wavelength ranges from 10 km to 1 km. It
can be used in international broadcasts.
Medium frequency (MF): 300 KHz to 3 MHz. Its wavelength ranges from 1 km to 100
m. It can be used in AM broadcasts, VHF omnidirectional range (VOR), marine and
navigation communications.
High frequency (HF): 3 MHz to 30 MHz. Its wavelength ranges from 100 m to 10 m. It
can be used in short-wave broadcasts and citizen's band radio.
Re
ng
ni
ar
Le
Very high frequency (VHF): 30 MHz to 300 MHz. Its wavelength ranges from 10 m to
1 meter. It can be used in FM broadcasts, TV broadcasts, and navigation
communications.
Mo
re
so
ur
ce
s:
ht
microwave ovens.
Ultra high frequency (UHF): 300 MHz to 3 GHz. Its wavelength ranges from 1 m to
100 mm. It can be used in TV broadcasts, mobile phones, wireless networks, and
aw
ei
.c
om
/e
Super high frequency (SHF): 3 GHz to 30 GHz. Its wavelength ranges from 100 mm
to 10 mm. It can be used in wireless networks, radar, and man-made satellites.
Extremely high frequency (EHF): 30 GHz to 300 GHz. Its wavelength ranges from 10
mm to 1 mm. It can be used in radio astronomy, remote sensing, and millimeter wave
scanner. Radio waves working at a frequency of more than 300 GHz include infrared
rays, visible light, UVs, and rays.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
in
g.
hu
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Because data ultimately consists of bits, the transmitter needs a way of sending both
0s and 1s to transmit data from one location to another. An AC or DC signal by itself
ht
A carrier wave is a waveform (usually sinusoidal) that is modulated with an input

signal for the purpose of conveying information. This carrier wave is usually a much
so
ur
ce
s:
does not perform this task. However, if a signal fluctuates or is altered, even slightly,
the signal can be interpreted so that data can be properly sent and received. This
modified signal is now capable of distinguishing between 0s and 1s and is referred to
as a carrier signal. The method of adjusting the signal to create the carrier signal is
called modulation.
Re
higher frequency than the input signal. Otherwise, the two signals may overlap,
resulting in signal distortion.
ng
Data signals to be transmitted are usually of low frequency. When data signals are
transmitted over the low frequency, signal receiving and synchronization become
difficult. With a carrier wave, data signals can be loaded on the carrier wave. The
receiver receives data signals at the frequency of the carrier wave. The amplitude of
meaningful signal waves is different from that of meaningless signal waves. After
extracting meaningful signal waves from the modulated carrier wave, we obtain the
required data signals. We will talk about modulation and demodulation later.
re
Le
ar
ni
Mo
Three components of a wave that can fluctuate or be modified to create a carrier

signal are amplitude, frequency, and phase.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
RF communication starts when radio waves are generated from an RF transmitter and
ht
picked up or heard by a receiver at another location. RF waves are similar to the
s:
waves that you see in an ocean or lake. Waves are made up of two main
ce
components: wavelength and amplitude.

The wavelength of the 2.4 GHz radio wave is 12.5 cm.
The wavelength of the 5 GHz radio wave is 6 cm.
The wavelength of the 5.8 GHz radio wave is 5.2 cm.
Mo
re
Le
ar
ni
ng
Re
so
ur
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Amplitude is the height, force, or power of the wave. If you were standing in the ocean
as the waves came to shore, you would feel the force of a larger wave much more
ht
ce
s:
than you would a smaller wave. Transmitters do the same thing, but with radio waves.
Smaller waves are not as noticeable as bigger waves. A bigger wave generates a
much larger electrical signal picked up by the receiving antenna. The receiver can
then distinguish between highs and lows.
The amplitude is measured in meters or centimeters.
The amplitude describes the vibration range and intensity of a vibrating object.
The amplitude of the radio wave reflects the radio signal strength on the wireless
Re
so
ur
Mo
re
Le
ar
ni
ng
networks.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Phase is a relative term. It is the relationship between two waves with the same
frequency. To determine phase, a wavelength is divided into 360 pieces referred to as
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
degrees. If you think of these degrees as starting times, then if one wave begins at the
0 degree point and another wave begins at the 90 degree point, these waves are
considered to be 90 degrees out of phase.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
If two wireless signals working at the same frequency have the same phase when
they reach the receiver, the two signals will overlay to enhance the signal effect.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
If two wireless signals working at the same frequency have the opposite phases when
they reach the receiver (180 degrees in difference), the signal strength attenuates.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Frequency describes a behavior of waves. Waves travel away from the source that
generates them. How fast the waves travel, or more specifi cally, how many waves
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
are generated over a 1-second period of time, is known as frequency.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Based on factors involved in modulation, modulation can be classified into the

following types:
AM: Amplitude modulation (AM) is a form of modulation in which the amplitude

of a carrier wave is varied in direct proportion to that of a modulating signal.
That is, the amplitude of a high-frequency signal is varied according to that of
the modulating signal. In this way, information carried in the modulating signal
is included in the high-frequency signal. An antenna sends out the modulating
signal together with the high-frequency signal. After a receiver receives the
high-frequency signal, it can obtain the modulating signal by demodulating the
amplitude of the high-frequency signal.
FM: Frequency modulation is a form of modulation in which the frequency of
the carrier is varied according to that of a modulating signal. After modulation,
the frequency and phase of the signal are determined by those of the
modulating signal, whereas the amplitude of the signal remains unchanged.
The waveform of the modulating wave looks like an uneven compressed
spring.
ar
ni
ng
Re
so
ur
ce
s:
ht
PM: Phase modulation is a form of modulation in which the deviation between

the carrier phase and the reference phase is varied in direct proportion to that
of the modulating signal. That is, the initial phase of the carrier wave varies
with that of the digital baseband signal. For example, digital signal "1"
corresponds to the phase "180", and "0" corresponds to the phase "0".
Mo
re
Le
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The most common RF behavior is absorption. If a signal does not bounce off an
object, move around an object, or pass through an object, then 100 percent
ht
Brick and concrete walls will absorb a signal significantly, whereas drywall will absorb
a signal to a lesser degree. Materials of higher density may cause severe signal
attenuation. If the signal strength is too low, it is hard for a receiver to receive it. When
the wireless signals pass through water, the energy will be absorbed, leading to signal
attenuation. (In this example, water contained in the tree leaves at the wireless
so
ur
ce
s:
absorption has occurred. Most materials will absorb some amount of an RF signal to
varying degrees.
Re
transmission path or in human bodies near the wireless devices can absorb wireless
signals.)
ng
An average adult body is 50 to 65 percent water. Water causes absorption, which

results in attenuation. User density is an important factor when designing a wireless
network. One reason is the effects of absorption. Another reason is the amount of
available bandwidth.
Mo
re
Le
ar
ni
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
One of the most important RF propagation behaviors to be aware of is refl ection.

When a wave hits a smooth object that is larger than the wave itself, depending on
ht
Take the lights sent from an electric lamp as an example. Though most of the lights
spread out in all directions, some lights may encounter certain objects in the room and
be reflected. The reflected lights either go back to the electric lamp or illuminate other
areas in the room, making the areas brighter. Reflection can be caused by common
indoor objects, such as metal furniture, file cabinets, and metal doors. When outdoor
so
ur
ce
s:
the media the wave may bounce in another direction. This behavior is categorized as
reflection.
Re
wireless signals encounter water surfaces or atmosphere layers, reflection may

happen.
ng
The reflected RF signals can cause interference to the original signals, leading to
signal distortion. Therefore, it would be better if no obstacle exists on the transmission
path of RF signals. Reflection can be the cause of serious performance problems in a
legacy 802.11/a/b/g WLAN. As a wave radiates from an antenna, it broadens and
disperses. If portions of this wave are reflected, new wave fronts will appear from the
reflection points. If these multiple waves all reach the receiver, the multiple reflected
signals cause an effect called multipath. Reflection and multipath were often
considered primary enemies when deploying legacy 802.11a/b/g radios. 802.11n
radios utilize multiple-input multiple-output (MIMO) antennas and advanced digital
signal processing (DSP) techniques to take advantage of multipath.
Mo
re
Le
ar
ni
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Did you know that the color of the sky is blue because the molecules of the
atmosphere are smaller than the wavelength of light? This blue sky phenomenon is
known as Rayleigh scattering (named after the 19th-century British physicist Lord
Rayleigh). The shorter blue wavelength light is absorbed by the gases in the
atmosphere and radiated in all directions. This is an example of an RF propagation
behavior called scattering, sometimes called scatter.
Scattering can most easily be described as multiple reflections. These multiple

reflections occur when the electromagnetic signals wavelength is larger than pieces
of whatever medium the signal is reflecting from or passing through.
Scattering can happen in two ways:

The first type of scatter is on a smaller level and has a lesser effect on the
signal quality and strength. This type of scattering may manifest itself when the
RF signal moves through a substance and the individual electromagnetic
waves are reflected off the minute particles within the medium. Smog in our
atmosphere and sandstorms in the desert can cause this type of scattering.
ni
ng
Re
so
ur
ce
s:
ht
ar
The second type of scattering occurs when an RF signal encounters some

type of uneven surface and is reflected into multiple directions. Chain link
fences, tree foliage, and rocky terrain commonly cause this type of scattering.
When striking the uneven surface, the main signal dissipates into multiple
reflected signals, which can cause substantial signal downgrade and may
even cause a loss of the received signal.
Mo
re
Le
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Reflection is a phenomenon in which the wave bounces back, while refraction is a

phenomenon in which the wave changes its transmission direction when passing a
ht
s:
particular surface. For example, refraction occurs when signals pass through
atmosphere layers or building walls of different densities.
When refraction happens, RF signals will change the transmission directions,
reducing the signal strength (some refraction media can affect the RF signal strength
and lead to signal attenuation).
In addition to RF signals being absorbed or bounced (via refl ection or scattering), if

certain conditions exist an RF signal can actually be bent in a behavior known as
refraction. A straightforward defi nition of refraction is the bending of an RF signal as it
Re
so
ur
ce
passes through a medium with a different density, thus causing the direction of the
ni
ng
wave to change. RF refraction most commonly occurs as a result of atmospheric

conditions.
The three most common causes of refraction are water vapor, changes in air
Le
ar
temperature, and changes in air pressure. In an outdoor environment, RF signals

typically refract slightly back down toward the earths surface. However, changes in
the atmosphere may cause the signal to bend away from the earth. In long-distance
Mo
re
outdoor wireless bridge links, refraction can be an issue. An RF signal may also
refract through certain types of glass and other materials that are found in an indoor
environment.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Diffraction is the bending and the spreading of an RF signal when it encounters an

obstruction. The conditions that must be met for diffraction to occur depend entirely on
ht
s:
the shape, size, and material of the obstructing object as well as the exact
characteristics of the RF signal, such as polarization, phase, and amplitude.
Typically, diffraction is caused by some sort of partial blockage of the RF signal, such
as a building that sits between a transmitting radio and a receiver. The waves that
encounter the obstruction bend around the object, taking a longer and different path.
The waves that did not encounter the object do not bend and maintain the shorter and
original path.
Through scattering, signals can bypass the objects that absorb their energy, and
Re
so
ur
ce
implement self-recovery. Due to this feature, signals can be transmitted to the receiver
ni
ng
even if there are some buildings between the transmitter and the receiver. However,
the radio wave may change after bypassing the obstacles, leading to signal distortions.
Sitting directly behind the obstruction is an area known as the RF shadow. Depending
Le
ar
on the change in direction of the diffracted signals, the area of the RF shadow can
become a dead zone of coverage or still possibly receive degraded signals. The
concept of RF shadows is important when selecting antenna locations. Mounting to a
Mo
re
beam or other wall structure can create a virtual RF blind spot.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Loss, also known as attenuation, is best described as the decrease of amplitude, or

signal strength. A signal may lose strength when transmitted on a wire or in the air.
Factors that lead to signal attenuation are classified as follows:
ht
s:
Attenuation caused by cables connecting the transmitter and antenna: In

outdoors, cables used to connect the transmitter and antenna may be very
long.
Attenuation of free space during the transmission process: The attenuation of

free space is severe in any environment. The power of RF signals is inversely
proportional to the square of transmission distance. As the distance between
the transmitter and the receiver becomes larger, the strength of the received
signals becomes lower.
ng
Re
so
ur
ce
External obstacles: Many objects that can absorb and scatter signals exist
ar
ni
during the transmission process of RF signals. These objects, including

building materials, plants, and metal, may lead to signal attenuation.
External noise or interference: Many wireless devices may exist around the
signals, leading to collisions in signal channels.
Le
Mo
re
Attenuation caused by cables connecting the receiver and antenna: In

outdoors, cables used to connect the receiver and antenna may be very long.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Multipath is a propagation phenomenon that results in two or more paths of a signal

arriving at a receiving antenna at the same time or within nanoseconds of each other.
ht
ur
Some wireless signals are reflected and some others are directly transmitted along
the signal transmission paths. When signals reach the receiver, if the electric field
direction of reflected signals is in reverse with that of signals directly transmitted (that
so
ce
s:
Because of the natural broadening of the waves, the propagation behaviors of

reflection, scattering, diffraction, and refraction will occur differently in dissimilar
environments. A signal may reflect off an object or scatter, refract, or diffract. These
propagation behaviors can all result in multiple paths of the same signal.
Re
is, a 180 degree difference in phase), the signal strength is reduced. On the contrary,
Mo
re
Le
ar
ni
ng
if the electric field direction of the reflected signals is the same as that of signals
directly transmitted (that is, 0 difference in phase), the signal strength is increased.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Gain, also known as amplification, can best be described as the increase of amplitude,
or signal strength. The two types of gain are known as active gain and passive gain. A
ht
signals amplitude can be boosted by the use of external devices.
s:
Antennas are passive devices that do not require an external power source. The
antenna itself cannot increase the power of signals. Antenna gain is a kind of
capability to concentrate signal energy. The omnidirectional antenna can barely
concentrate signal energy. If the antenna can concentrate the energy of RF signals
into a narrower space, the power of signals increases.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The Fresnel zone is an imaginary football-shaped area (American football) that

surrounds the path of the visual LOS between two point-to-point antennas.
Signals are focused into a beam instead of being transmitted in all directions. To form
a visible path between the transmitter antenna and the receiver antenna for the
signals, they cannot be interrupted by any obstacles.
Obstacles (including buildings and plants) that can interrupt the signals usually exist
ce
s:
ht
ur
during the transmission paths between the buildings or cities.
Re
so
In this situation, the antenna must be elevated to a place higher than the obstacles, so
that no obstacles exist on the transmission path.
In long distance transmissions, the curved earth surface becomes the obstacle that
ng
may interrupt the signals. When the transmission distance exceeds two miles, the
remote end cannot be seen as it is slightly below the horizon. In this situation, the
ar
ni
wireless signals can transmit with the same curvature as the earth surface along the
atmosphere layers. However, if the transmission path is too long, the curved earth
surface is in the Fresnel zone, leading to transmission problems.
Le
As a result, the height of the visual system must be elevated, making the bottom line
of the Fresnel zone higher than all obstacles.
Mo
re
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
What is the working principle of WLAN radios? What are their modulation modes?
ht
WLAN radios use modulation and demodulation to convert between digital
baseband signals and digital modulating signals for signal transmission.
s:
Modulation can be classified into the following types:

Amplitude modulation
Frequency modulation
Phase modulation
ur
ce
Mo
re
Le
ar
ni
ng
Re
so
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Industrial band: The industrial band in America ranges from 902 to 928 MHz. In
Europe, the 900 MHz frequency band is partially used for GSM communications. The
ht
s:
use of industrial bands prevents interferences among various wireless communication

devices at the 2.4 GHz frequency band.
Scientific band: The 2.4 GHz frequency band is the common ISM band of all
countries. Therefore, wireless networks such as WLAN, Bluetooth, and Zigbee
devices can all work at the 2.4 GHz frequency band, which ranges from 2.4 to 2.4835
GHz.
Medical band: The medical band ranges from 5.725 to 5.875 GHz. The medical band
and the frequencies ranging from 5.15 to 5.35 GHz are the 5 GHz frequency band.
Re
so
ur
ce
Mo
re
Le
ar
ni
ng
The 802.11 standard supports 2.4 GHz and 5 GHz frequency bands.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The 2.4 GHz frequency band is used for wireless transmission over a short distance,
and is used by countries all over the world. WLANs operating in the 2.4 GHz
ht
so
ur
ce
s:
frequency band have wider applications and higher anti-interference capabilities.

Therefore, it is widely used at homes and for commercial purposes. The 2.4 GHz
frequency band has a wider range than other ISM bands. This improves data
transmission rates, transmission distance, and anti-interference capabilities. As the
2.4 GHz frequency band is used in more and more technologies, it is becoming
increasingly congested.
As the 2.4 GHz frequency band has been widely used, 802.11a that uses the 5 GHz
Re
frequency band features low channel conflicts. However, high frequency has its own
ng
limitations. The 5 GHz frequency band transmits signals at a line; therefore more
access points are required. Besides, as the 5 GHz frequency band is easily absorbed,
Mo
re
Le
ar
ni
it has a shorter transmission distance compared to the 2.4 GHz frequency band.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
IEEE 802.11b is one of the WLAN standards. It operates at the 2.4 GHz frequency
band with a transmission rate of 11 Mbit/s. IEEE 802.11b is a well-known WLAN
ht
Re
so
ur
ce
s:
standard and it is widely used. The 2.4 GHz ISM band provides 14 channels with a
bandwidth of 22 MHz. IEEE 802.11g operates at the 2.4 GHz frequency band. When
the original data transmission rate is 54 Mbit/s, data is actually transmitted at 24
Mbit/s over the 2.4 GHz frequency band. 802.11g devices are compatible with
802.11b devices. 802.11g is a standard designed for data transmission at higher
rates. It supports the 2.4 GHz frequency band and uses the CCK technology to be
backward compatible with 802.11b. In addition, 802.11g provides a transmission rate
of up to 54 Mbit/s using the orthogonal frequency-division multiplexing (OFDM)
technology.
ng
IEEE 802.11a, approved in 1999, is an amendment to the original 802.11 standards.

The 802.11a standard uses the same core protocol as the original standards,
operates in the 5 GHz frequency band, and uses 52 OFDM subcarriers to transmit
data at its raw rate of 54 Mbit/s. 802.11a supports eight transmission rates: 54 Mbit/s,
48 Mbit/s, 36 Mbit/s, 24 Mbit/s, 18 Mbit/s, 12 Mbit/s, 9 Mbit/s, and 6 Mbit/s.
IEEE 802.11n can provide a maximum transmission rate of 600 Mbit/s, and can
provide a longer transmission distance for wireless networks. The transmission rate at
the physical layer must be higher than 600 Mbit/s. 802.11n uses the multiple-input
multiple output (MIMO) technology to provide a higher data transmission rate.
Mo
re
Le
ar
ni
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ht
Channel 1 to Channel 13 can be used in China and Europe.
Channel 1 to Channel 11 can be used in America and Canada.
s:
In Japan, Channel 1 to Channel 14 can be used for the 2.4 GHz WLAN. Among them,
Channel 14 can only be used in 802.11b. This figure shows the frequency band
ur
The working frequency specified in China, FCC (America), IC (Canada), and ETSI
(Europe) ranges from 2.4 to 2.4835 GHz.
ce
Mo
re
Le
ar
ni
ng
Re
so
specified in these countries or regions. The frequency bands used in different

countries differ from one another.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
For wireless technology, when two channels are bound, the throughput is largely
increased.
In the traditional 802.11 standard, air interfaces work at a bandwidth of 20 MHz. The
802.11n technology binds two neighboring 20 MHz channels to form a 40 MHz
channel to double the transmission rate. In actual applications, the two bound 20 MHz
channels can also be used as two separate channels, one as the primary channel and
the other as the secondary channel. Therefore, either a 40 MHz channel or a single
20 MHz channel can be used for transmitting and receiving data. At the same time,
partial bandwidth is reserved in each 20 MHz channel to avoid signal interferences.
When two 20 MHz channels are bound to form a 40 MHz channel, the reserved
bandwidth can be also used for communication, further improving the throughput.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
5 GHz frequency allocation in China:
ht
Five channels are provided for frequency bands with a total bandwidth of 125
U-NII frequency allocation in FCC (America):

Eight channels are provides for U-NII low-frequency bands and U-NII middle-
ur
ce
s:
MHz. The center of the outer channel is 20 MHz away from the edge of the
frequency band.
Mo
re
Le
ar
ni
ng
Re
so
frequency bands with a total bandwidth of 200 MHz. Four channels are
provided for U-NII high-frequency band with a total bandwidth of 100 MHz. For
U-NII low-frequency bands and U-NII middle-frequency bands, the center of
the outer channel is 30 MHz away from the edge of the frequency band. For UNII high-frequency bands, the distance is 20 MHz.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The 40 MHz channel mode has higher usage efficiency of frequency bands and
doubles the throughput of that in 20 MHz channel mode. However, the 40 MHz
ht
s:
channel mode has some problems due to the limited spectrum resources of the 2.4
GHz band, which cannot provide two 40 MHz channels without any interference.
However, the 5 GHz frequency band has abundant spectrum resources. FCC
specifies 23 non-overlapping 20 MHz channels and China has five non-overlapping
20 MHz channels. Therefore, sufficient channels can be provided for the binding to
form 40 MHz channels.
The 40 MHz channel mode is not recommended in the 2.4 GHz frequency band.
Usually, the 20 MHz channel mode is used in 802.11g/n to obtain more channel
Re
so
ur
ce
resources for cellular signal coverage. To obtain the high throughput of 40 MHz, the 5
Mo
re
Le
ar
ni
ng
GHz frequency band in 802.11 a/n is recommended.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The 2.4 GHz frequency band is the ISM open frequency band. Devices working at the
2.4 GHz frequency band include cordless phones, baby monitors, microwave ovens,
ht
wireless cameras, Bluetooth devices, infrared sensors, and fluorescent light ballasts.
s:
Compared with the 2.4 GHz frequency band, the 5 GHz frequency features less
interference. More devices begin to use the 5 GHz frequency band, such as cordless
phones, radars, wireless sensors, and digital satellites.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
What are the common non-overlapping channels working at the 2.4 GHz frequency
band?
ht
Channel 1, Channel 6, and Channel 11.
s:
How many non-overlapping channels are provided for the 5 GHz frequency band in
China? What are they?
ce
ur
Five. They are Channel 149, Channel 153, Channel 157, Channel 161, and Channel
Mo
re
Le
ar
ni
ng
Re
so
165.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Huawei wireless controllers include independent ACs, ACU2 on modular switches,

and ACs integrated on AR G3 routers.
Huawei APs include indoor distributed APs, indoor settled APs, outdoor APs, and the
latest 802.11ac APs.
Indoor settled AP: The APs are recommended in scenarios where the building
structure is simple and the building area is small, have a high density of users,
ce
s:
ht
Re
so
ur
and have high capacity demands, for example, small-scale meeting rooms,
bars, and entertainment places. The APs can be flexibly deployed and works
in both Fit AP and bridge mode.
Indoor distributed AP: The APs are recommended in scenarios where the
ng
building area is large, users are distributed, and an indoor distribution system
is used, for example, large-scale office buildings, business buildings, hotels,
ar
ni
airports, and bus stations. The APs can implement indoor WLAN signal
coverage.
Outdoor distributed AP: The APs are recommended in scenarios with a large
Mo
re
Le
number of APs and users and where there is a high density of users, for
example, schools and large exhibition centers.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Huawei AC6005 series (AC6005 for short) is access controllers (AC) applicable to
MANs and enterprise networks for wireless access. AC6005 has a large capacity and
high performance. It is highly reliable, easy to install and maintain, and features such
advantages as flexible networking and energy conservation.
Huawei AC6005 series has two models: AC6005-8 and AC6005-8-PWR.
The AC resides at the aggregation layer to provide the high-speed, secure, and
reliable WLAN service.
The AC6005 has the following features:

Provides PoE power (15.4 W) for 8 interfaces or PoE+ power (30 W) for 4
interfaces so that APs can directly connect to these interfaces.
Re
so
ur
ce
s:
ht
Has various user policy management and authority control capabilities.
Can be maintained using the eSight, web system, or command line interface
Mo
re
Le
ar
ni
ng
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Huawei AC6605 is an AC of a large switching capacity and high performance. It is

highly reliable, easy to install and maintain, and features such advantages as flexible
ht
networking and energy conservation.
The AC6605 has twenty-four GE ports, two 10GE ports, one 10GE port connecting an
AC to an LSW, and one reserved 10GE port. The switching capacity is calculated
using the following formula: (24 Gbit/s + 2 10 Gbit/s + 1 10 Gbit/s + 1 10 Gbit/s)
2 = 128 Gbit/s.
Number of access users:

4K
Re
Single AP: <= 256 (depending on the AP model)
Mo
re
Le
ar
ni
ng
so
ur
ce
s:
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Huawei access controller unit (ACU2) is installed in a modular switch and functions as
an AC. The ACU2 can be installed in S12700, S9700, and S7700 series switches.
ht
The ACU2 has the following characteristics:
On a wired network, you can install ACU2s on switches to rapidly build a

WLAN. This reduces WLAN construction costs and time, and lowers the total
cost of ownership (TCO). Each ACU2 can manage 2048 APs, leading in the
industry. It provides flexible data forwarding modes, fine-grained user group
management policies, comprehensive radio management, and end-to-end
QoS guarantee.
Compatible with 802.11ac.

Huawei ACU2 can work with the latest 802.11ac APs to facilitate smooth
ar
ni
ng
Re
so
ur
ce
s:
The ACU2 can be applied to large-sized enterprises and campus networks to provide
wireless services. With large capacity, high reliability, and various services, the ACU2
works with Huawei APs to provide high-density access for a large number of users.
Mo
re
Le
WLAN expansion, protecting customer investments.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
SMB: small business
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Huawei provides only one plate AP model: AP2010DN. Huawei AP2010DN uses an
86 mm plate in compliance with international standards and can be easily installed on
ht
so
ur
ce
s:
the junction box in a room. It is equipped with a built-in antenna and a hidden
indicator; therefore, installation of this AP does not affect indoor decorations and
designs. The AP2010DN also provides a built-in IEEE 802.11a/b/g/n wireless module
and supports a maximum transmission rate of 300 Mbit/s. It provides access services
for wireless terminals, including laptops, tablets, and smart phones, and is the ideal
choice of customers to construct wireless networks in hotels and office buildings.
It is appropriate to install plate APs (86 mm x 86 mm) in hotels, office buildings, and
Wireless plate APs can be deployed quickly without damage to the room environment.
Mo
re
Le
ar
ni
ng
Re
residential communities.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Huawei AP5010SN is an economical 802.11n AP designed for SMEs and enterprise

branches. It can provide wireless access to employees on business trips, customers,
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
and visitors from hotel rooms. Supporting 2.4 GHz single band frequency, the
economical AP5010SN helps customers reduce investment and provides efficient,
secure, and reliable mobile office working environment.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Huawei AP5010DN is an economical 802.11n AP designed for SMEs and enterprise

branches. It can provide wireless access to employees on business trips, customers,
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
and visitors from hotel rooms. Supporting 2.4 GHz/5 GHz bands, the economical
AP5010SN helps customers reduce investment and provides efficient, secure, and
reliable mobile office working environment.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Using the latest generation of chips that are more powerful and can provide more
accurate wireless coverage than other chips, Huawei AP6010SN is an advanced
ht
Supporting 2.4 GHz single band frequency, the AP6010SN is beautifully designed
and applies to multi-service enterprise scenarios with medium or high density of
users, such as educational institutions, enterprise offices, airports, and retailing
stores.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
802.11n AP. In addition to data services, the AP6010SN can support voice and video
services that require short latency.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
accurate wireless coverage than other chips, Huawei AP6010DN is an advanced
ht
Supporting 2.4 GHz/5 GHz bands, the AP6010DN is beautifully designed and applies
to multi-service enterprise scenarios with medium or high density of users, such as
educational institutions, enterprise offices, airports, and retailing stores.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
802.11n AP. In addition to data services, the AP can support voice and video services
that require short latency.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Huawei AP7110SN integrates the latest mature technologies of the industry, including
3x3 MIMO, spectrum analyzer, and multi-core components.
Industry-level design and waterproof and dustproof capabilities enable the AP7110SN
to work in harsh environments. It has higher reliability, security, and radio
performance, supports 2.4 GHz band, and applies to large scenarios or scenarios with
high user density, such as convention centers, hospitals, factories, and logistics
centers.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Huawei AP7110DN integrates the latest mature technologies of the industry, including
3x3 MIMO, spectrum analyzer, and multi-core components.
Industry-level design and waterproof and dustproof capabilities enable the AP7110DN
to work in harsh environments. It has higher reliability, security, and radio
performance, supports 2.4 GHz band, and applies to large scenarios or scenarios with
high user density, such as convention centers, hospitals, factories, and logistics
centers.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The AP5030DN is an economic AP that supports 33 MIMO. With fine service

support capabilities, it features high reliability, high security, simple network
ht
ce
s:
deployment, automatic AC discovery and configuration, and real-time management

and maintenance. The AP5030DN complies with 802.11ac and can provide gigabit
access for wireless users. This high capacity greatly improves user experience on
wireless networks.
They are applicable in scenarios where the building structure is simple and the
building area is small, have a high density of users, and have high capacity demands.
They can be flexibly deployed and work in both AP and bridge mode.
The AP5030DN can work as a Fat AP or Fit AP and switch flexibly between the two
Re
so
ur
Mo
re
Le
ar
ni
ng
working modes based on the network plan.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Different from the AP5030DN, the AP5130DN provides external antennas.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ht
The AP6310SN is a large power indoor AP. It applies to 2G/3G indoor distribution
environments, using the line where 2G/3G signals are transmitted.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ht
to work in harsh environments such as public squares, pedestrian streets, and
factories. It can be quickly started in low temperature environment and has a built-in
lightning protector, which simplifies network deployment. It also supports electrical
uplink interfaces and 802.3af PoE.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
accurate wireless coverage than other chips, Huawei AP6610DN is an advanced
ht
to work in harsh environments such as public squares, pedestrian streets, and
factories. It can be quickly started in low temperature environment and has a built-in
lightning protector, which simplifies network deployment. It also supports electrical
and optical uplink interfaces and AC power supply.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The AC controls and manages all APs in a WLAN. It can also connect to an
authentication server to authenticate WLAN users.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Indoor settled APs with omnidirectional antennas are commonly used to provide
wireless signal coverage. They can be easily and flexibly deployed at low costs. Each
AP works independently, which facilitates selection of the number of APs to satisfy
different bandwidth requirements.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
Indoor settle APs are uplinked to nodes of access networks, sucha as access
switches or ACs and downlinked to STAs.
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Large power outdoor APs are used in outdoor scenarios, whose coverage
performance is affected by transmit power, types of antennas, height, and obstacles.
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
In WLAN deployment, all the factors need to be taken into consideration, such as
system capacity and the number of APs, antenna gain and coverage angle, signal
penetration capability and power budget, and protection grade.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
eSight is able to manage enterprises' IT systems, IP networks, and third-party

devices. It analyzes network traffic and access authentication roles, automatically
ht
Any user:
Open secondary development platform and API interfaces open to
Re
Differentiated versions meet management and business requirements

of different enterprise users.
ur
so
ce
s:
adjusts network control strategies to ensure enterprise network security. eSight also
provides an open platform, allowing enterprises to build their own intelligent
management systems.
campus WLANs enable enterprises to integrate and customize tools.

Any device:
ng
IP and IT devices from multiple vendors can be managed in a
ar
ni
uniformly, which reduces the network management cost.
re
Mo
Batch device deployment improves O&M efficiency.
Any service:
Le
Service-oriented SLA provides visualized service quality.
Visualized WLAN management and configuration wizard
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
With wide application of IP phones, network video monitoring, and wireless Ethernet
networks, the power supply requirements on the Ethernet become urgent. In most
ht
Re
so
ur
ce
s:
situations, access point devices need to provide power supply with DC power,
whereas access point devices are often installed on the ceiling that has a long
distance from the ground. The nearby proper power socket is difficult to find. Even if
the proper power socket is available, the network administrator finds it hard to install
the converter of the AC and DC power required by access point devices. On largescale LANs, the administrators need to manage multiple access point devices that
require uniform power supply and management. In this case, power supply
management is difficult. The PoE function addresses this problem.
Power over Ethernet (PoE) provides power through the Ethernet. It is also called
Power over LAN (PoL) or active Ethernet.
This technology provides power on the 10Base-T, 100Base-TX, or 1000Base-T

Ethernet at a distance of up to 100 m. PoE can be used to effectively provide
ni
ng
Le
ar
centralized power for terminals such as IP phones, Access Points (APs), chargers of
portable devices, POS machines, cameras, and data collection devices. Terminals
Mo
re
are powered when they access the network. Therefore, the indoor cabling of power
supply is not required.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
IEEE 802.3af: Power sourcing equipment (PSE) provides 44 to 57 V, 350 mA DC

power. Each port can provide a minimum of 15.4 W power. The powered device (PD)
ht
connected by 100 m cables can still receive 12.95 W power.

IEEE 802.3at: The PSE provides 50 to 57 V, 600 mA DC power. Each port can
provide a minimum of 30 W power.
The PSE provide power for other devices and are classified into MidSpan (the PoE
ce
s:
Huawei PSEs are mostly Endpoint. Definition of PD (powered device): PDs are
Re
so
ur
module is installed out of the switch) and Endpoint (the PoE module is integrated to
the switch) PSEs.
devices powered through PoE, including wireless APs, IP phones, and low power
Mo
re
Le
ar
ni
ng
SOHO switches.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Network router
Network camera
VoIP phone
AP
s:
IP security camera
ur
ce
ht
PoE devices include:
Mo
re
Le
ar
ni
ng
Re
so
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The IEEE 802.3af standard stipulates that PSEs can power PDs with a power below
13 W through the Ethernet. The IEEE 802.3af standard can satisfy traditional IP
ht
So the 802.3at(PoE Plus) standard is formulated to increase PoE power, which is 2

times higher than 802.3af power. The power supply on each port is 30 W. The new
standard can satisfy more PoE applications.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
phones and network cameras. However, it is becoming increasingly clear that the 13
W power cannot power dual-frequency access, video phones, and other high power
applications.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Indoor settled AP
Indoor distributed AP
Outdoor AP
s:
ht
How do you classify Huawei APs according to WLAN coverage?
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
NOTE:
ht
To simplify the problem description, this course uses Telnet as an example to

describe the related technologies. Telnet and STelnet can be used to log in to
To simplify the problem description, this course uses FTP as an example to

describe the related technologies.The FTP protocol will bring risk to device
ur
ce
s:
the device. Using Telnet or STelnetv1 has potential security risks. STelnetv2 is
recommended.
Mo
re
Le
ar
ni
ng
Re
so
security. The SFTP V2 mode is recommended.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Versatile Routing Platform (VRP) is a network operation system capable of supporting

various data communication products of Huawei. Network operating systems are
system software that runs on the network products to provide network access and
ht
ce
VRP helps to provide unified user interfaces and interface management as the core
engine of the software for Huaweis whole series routers, Ethernet switches and
service gateways. VRP defines and forwards norms of plane interface and makes the
ur
s:
interconnection services.
Mo
re
Le
ar
ni
ng
Re
so
interaction between forwarding planes of all products and the VRP control plane a
reality. VRP also forms a network interface layer to keep the difference between the
data link layer of the product and the network layer at bay.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Choose Start > All Program > Accessories > Communications > HyperTerminal to
start the HyperTerminal in Windows XP
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Enter the name of the new connection in the Name text box and then choose one
icon. Then, click OK.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
In the Connect To dialog box, select an interface from the drop-down list box
according to the actual interface on the PC or terminal. Next, click OK.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Press Enter until the following information is displayed. Enter the password and
confirm password, and the system will save the password. (The following information
is only for reference.)
ht
s:
Please configure the login password (maximum length 16)
When you log in to the system again in password authentication mode, enter
the password that is set during the initial login.
You can run commands to configure the device.
Mo
re
Le
ar
Re
The password entered in interactive mode is not displayed on the screen.
ng
so
NOTE:
ni
ur
Confirm Password:
ce
Enter Password:
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Command line interfaces are classified into command line views. All commands must
be executed in command line views. You can run a command only after you enter its
command view.
ht
ce
s:
# Connect to the switch. If the switch uses default settings, you enter the user
view.
ur
<Quidway>
so
# Enter system-view and press Enter to enter the system view.
[Quidway]
Re
<Quidway> system-view
ng
# Enter aaa in the system view to enter the AAA view.
ni
[Quidway] aaa
Note: The default sysname is Quidway. The prompt indicates the current view. For
example, <> indicates the user view and [] indicates all other views except user view.
Le
ar
[Quidway-aaa]
Some commands can be executed in multiple views, but they have different functions
re
Mo
after being executed in different views.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
If the matching key word is unique, the system replaces the typed one with the
complete key word and displays it in a new line with the cursor a space behind.
If there are several matches or no match at all, the system displays the prefix
first. Then you can press Tab to view the matching key word one by one. In this
case, the cursor closely follows the end of the word and you can type a space to
enter the next word.
so
ur
ce
ht
Press Tab after typing the incomplete key word and the system runs the partial help:
s:
If a wrong key word is entered, press Tab and the word is displayed in a new
Mo
re
Le
ar
ni
ng
Re
line.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Error Messages: Cause of the Error.
Unrecognized command: The command cannot be found.The key word cannot be

found.
Wrong parameter: Parameter type error.Parameter value out of range.
Incomplete command: Incomplete command entered.
Too many parameters: Too many parameters entered.
Ambiguous command: Ambiguous parameters entered.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
AC6605 is a new device added to the network. To manage the AC6605 remotely,
configure the Telnet service and system name at the LSW side and AC side before
installing the AC6605.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Set the authentication method to AAA, user name to Huawei, and password to
Huawei.
s:
1.
ht
Configure the Telnet service on AC6605:
2.
Set the service type to telnet and user level to 15.
3.
Configure AAA authentication for the users at the vty 0 to vty 4 levels.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Run the display user-interface console ui-number1 [ summary ] command to

check physical attributes and configurations of the user interface.
Run the display local-user command to check the local user list.
Run the display access-user command to check online users.
so
ur
Re
Logging In to the Devices Through the Telnet.

Run the display users [ all ] command to check information about users logged
in to user interfaces.
ng
s:
Run the display users [ all ] command to check information about the user
interface.
ce
ht
Logging In to the Devices Through the Console Interface.
Run the display telnet server status command to check the configuration and
ni
Mo
re
Le
ar
status of the Telnet server.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The following describes how to upgrade the AC6605.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Prepare for the upgrade
ht
Check the version of the running system software.
Check the running status of the AC6650.
ce
s:
<Quidway> display version
Mo
re
Le
ar
ni
ng
Re
so
ur
<Quidway> display device
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Use the FTP, TFTP, or BootROM menu to copy the system software and BootROM
program to the root directory of the storage device.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
To upgrade the functions or versions of an existing WLAN, perform an in-service

upgrade on APs on the WLAN.In an in-service upgrade, an AP is already online. If the
AP finds that its version is different from the AP version specified on the AC, SFTP
ht
AC mode
so
ap-upgdate support three mode
Re
ur
ce
s:
server, or FTP server, the AP starts to upgrade its version.Unlike automatic upgrade,
an in-service upgrade allows an AP to work properly without affecting services. To
minimize the impact of an AP upgrade, you are advised to configure APs to download
upgrade files in the daytime and reset the APs at night.
Run:ap-update mode ac-mode
FTP mode
ni
ng
By default, the AP upgrade mode is AC mode.
ar
Run:ap-update mode ftp-mode

SFTP mode
Le
Mo
re
Run:ap-update mode sftp-mode
In an in-service upgrade, you can upgrade a single AP, upgrade APs based on both
the AP region and AP type, or upgrade APs based on the AP type.
aw
ei
.c
om
/e
Upgrade of a single AP: allows you to upgrade a single AP to check whether

the upgrade version can function properly. If the upgrade is successful, upgrade
other APs in batches.
AP upgrade based on the AP region and AP type: allows you to upgrade APs in
a specified hotspot area.
AP upgrade based on the AP type: allows you to upgrade APs of the same
g.
hu
type.
Note the following during the configuration:
in
In an in-service upgrade, if APs fail to load the upgrade file and are reset, APs
Upgrading multiple APs in AC mode takes a long period of time. To reduce the
service interruption time, you are advised to use the FTP or SFTP mode.
The AP version file has been uploaded to the AC, SFTP server, or FTP server.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
are upgraded automatically.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Log in to the AC using Telnet or the console port.
Log in to the AC by Telnet.
Log in to the AC through the console port.
s:
ht
Connect the console ports of the PC and AC with a serial cable and connect
the network port of the PC and the maintenance network port of the AC with
a network cable.
Log in to the AC through the console port.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
To upgrade APs of the same type, run the preceding command at one time. During
upgrade, run the display ap all command to check whether APs are being upgraded.
In this example, the FTP mode is used. The maximum number of APs to be upgraded
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
simultaneously is half of the maximum number of FTP connections. For example, if

the maximum of FTP connections is 100, a maximum of 50 APs can be upgraded
simultaneously. During AP upgrade, services are not affected.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
How to enable telnet service on AC?
ht
tp
:/
/l
ea
rn
in
g.
hu
aw
ei
.c
om
/e
Course name
[AC6605] aaa
s:
[AC6605-aaa] local-user Huawei password simple Huawei
ce
[AC6605-aaa] local-user Huawei service-type telnet
Re
so
[AC6605-aaa] quit
ur
[AC6605-aaa] local-user Huawei privilege level 15
[AC6605] user-interface vty 0 4
ng
[AC6605-ui-vty0-4] authentication-mode aaa
What kinds of upgrade mode support of AP?
ar
ni
[AC6605-ui-vty0-4] return
Le
AC mode
re
FTP mode
Mo
SFTP mode
How to reboot ap by ap type after ap have download is newest software version?

[AC6605-wlan-view]ap-update multi-reset ap-type 19
x-40
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
BSS: A basic service set (BSS) is the basic building block of an 802.11 WLAN and
comprises a group of associated STAs. STAs can communicate with each other when
they are located in a conceptual area which is called the basic service area (BSA).
The BSA is determined by the transmission feature of the wireless media. An STA
s:
ht
ce
can communicate with other STAs in the same BSS since they are in the BSA.
BSA: The basic service area is the coverage area of the BSS.
ESS: An extended service set is a set of multiple interconnected BSSs with the same
SSID. It is a virtual BSS of a large scale.
SSID: A service set identifier is the unique identifier of the BSS. Using SSID, one
Re
so
ur
ng
wireless LAN can be divided into several sub-networks that require independent
authentication. Users can access the corresponding sub-networks only after they
pass the authentication. This prevents unauthorized users from accessing the network.
ni
BSSID: The basic service set identifier is the MAC address of an AP. It identifies the
BSSs managed by the AP. As for one AP, each BSSID maps to a specified SSID. If
multiple APs manage the same BSS, the BSS has only one SSID but different
ar
Mo
re
Le
BSSIDs for each AP. If one AP manages multiple BSSs, different BSSIDs are
assigned to map these SSIDs.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
BSS: A basic service set (BSS) is the basic building block of an 802.11 WLAN and
comprises a group of associated STAs. STAs can communicate with each other when
they are located in a conceptual area which is called the basic service area (BSA).
The BSA is determined by the transmission feature of the wireless media. An STA
can communicate with other STAs in the same BSS since they are in the BSA.
BSSs can be classified into two types: independent BSS and infrastructure BSS.
The figure on the left is an independent BSS (IBSS for short). STAs can directly
communicate with each other within an IBSS since the distance between two STAs is
within the limited range. An IBSS must consist of at least two STAs. In general, an
IBSS is established temporarily for a small number of STAs for specific purposes. For
example, an IBSS is established to organize a conference in the meeting room. When
the conference begins, the STAs form an IBSS to transmit data. When the conference
ends, the IBSS is dismissed immediately.
An IBSS is of a small scale, established for specific purposes and lasts for a short
period. Therefore, it is also called Ad-hoc BSS or Ad-hoc network.
ni
ng
Re
so
ur
ce
s:
ht
ar
Note: Ad-hoc is originated from Latin, which means special or for special
situation. Ad-hoc network is also called P2P network because STAs on this
network communicate directly with each other.
Le
Mo
re
The figure on the right is an infrastructure BSS. If there is an AP on the

network, the BSS forms an infrastructure network. An AP manages all the
communications within the infrastructure network, including the
communications among all the mobile nodes in the BSA.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
BSS can be used in a small office or family. However, it cannot cover large-scale
areas. 802.11 allows us to connect several BSSs into an extended service set (ESS
ht
ur
ce
s:
for short) to expand the WLAN coverage area. ESS is the connection of several BSSs
through a backbone network. All the APs within an ESS use the same service set
identifier (SSID for short), which is the name of a user network. 802.11 does not
specify which technology to use. It's only required that the technology should provide
a set of specified services.
Huawei recommend AP overlap of at least 15 to 25 percent to achieve successful
seamless roaming, although measuring cell overlap is not an exact science.
SSID: A service set identifier is the unique identifier of the BSS. Using SSID, one
wireless LAN can be divided into several sub-networks that require independent
Re
so
BSSID: The basic service set identifier is the MAC address of an AP. It identifies the
ar
ni
ng
authentication. Users can access the corresponding sub-networks only after they
pass the authentication. This prevents unauthorized users from accessing the network.
BSSs managed by the AP. As for one AP, each BSSID maps to a specified SSID. If
Mo
re
Le
multiple APs manage the same BSS, the BSS has only one SSID but different
BSSIDs for each AP. If one AP manages multiple BSSs, different BSSIDs are
assigned to map these SSIDs.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The earlier 802.11 chips support only a single BSS. A single AP can only provide one
wireless network for users, and the authorities of users on this network are almost the
ht
For example, each company has some regular visitors who have their own wireless
terminals (such as laptops and mobile phones). These terminals need to access the
Internet. An ESS is established for the AP to allow the visitors to access the Internet.
Currently, APs can create several ESSs simultaneously. For example, some APs
so
ur
ce
s:
same. A single logical network can meet the requirements of the earlier scenarios
where there are only a few users. However, with the popularization of wireless
networks, a single network is far from enough.
Re
developed by Huawei can support 16 virtual APs per radio. That is, each AP radio can
support 16 ESSs.
ng
As shown in this figure, two ESSs are created on an AP. Therefore, the AP has two
SSIDs: Internal for internal employees and Guest for visitors. The SSIDs are
associated to different VLANs that have different access authorities. In this way,
different users can access the wireless network through one AP.
Mo
re
Le
ar
ni
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The wireless network of Ad-hoc typology consists of several wireless STAs. One STA
can directly communicate with another STA or several other STAs through the Ad-hoc
typology. This network cannot be connected to a wired network, and it works
independently. No AP is configured on the network. Each user ensures its own
s:
ht
ce
security.
The STAs on the network compete for public channels. When a lot of STAs coexist on
ur
the network, the channel competition may congest the network. Therefore, such
On a point-to-point network, each node must "see" other nodes; otherwise, they
consider that network connection is interrupted. Therefore, the Ad-hoc network is
applicable only when there are a few users, for example, 4 to 8 users.
Mo
re
Le
ar
ni
ng
Re
so
topology is applicable to small-sized WLAN networks.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
When several APs are connected to cover larger areas, the APs should communicate
with each other in order to monitor the mobile STAs. A distribution system is the
ht
ur
The distribution system is responsible for tracing the actual positions of STAs and
transmitting the frames. To transmit frames to a mobile STA, the distribution system
must first transmit them to a specified AP that serves this STA. As is shown in the
so
ce
s:
logical component of an 802.11 WLAN, and is responsible for transmitting frames to

the destination. The distribution system is the backbone network for APs to transmit
frames. For products that have achieved success in the market, most of them use
Ethernet as the backbone network.
Re
figure, if STA1 wants to access STA3, STA1 must transmit frames to AP1 first. The
Mo
re
Le
ar
ni
ng
distribution system connected to AP1 is responsible for transmitting the frames to

AP2, which is connected with STA3. AP2 then transmits the frame to STA3.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
APs are connected to the 802.3 Ethernet network. All the hosts in wireless networks
communicate through the APs.
The wireless AP works in half-duplex modes. It receives, buffers, and forwards data
between STAs and the wired network. Wireless communication is implemented by the
AP.
An AP covers dozens of users and the radius of coverage area can reach a hundred
ce
s:
ht
ur
meters. An AP can connect a wireless network to a wired network.

The infrastructure network consists of multiple APs and DSs. The network is also
called an ESS. Each AP in the ESS is an independent BSS. All APs share an ESSID.
A mobile terminal can roam between the wireless networks with the same ESSID. The
Re
so
ng
wireless networks with different ESSIDs form a logical subnet.

The channels between APs cannot overlap. The overlapping signal coverage areas
Mo
re
Le
ar
ni
range from 10% to 15%.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
WDS working principle:
ht
WDS can transmit data in a wired network through a wireless network to
The wireless networking bridge function usually works in point-to-point mode.

However, WDS supports the point-to-multipoint mode and can connect wired
ce
s:
another wired or wireless network. This function is also called wireless

networking bridge because data is transmitted over virtual wireless links.
Compared to traditional wired networks, WDS has the following advantages:
ng
Re
so
ur
systems or wireless network adapters. Therefore, at least two APs of the same
function exist in the WDS. The maximum number of APs is determined by the
vendor's network structure. WDS connects APs using wireless links and does
not affect the coverage capabilities of APs.
It can be constructed without laying out cables or digging grooves. The

Companies except for the Telecommunications Department cannot lay out
ar
ni
deployment and capability extension can be implemented rapidly.
Le
cables for wired network connection in public places. However, the WDS
system can flexibly establish private networks through the 2.4 GHz or 5.8 GHz
Mo
re
ISM open frequency bands according to the customers' requirements.
The O&M troubleshooting is difficult on wired networks. Fault locating and

recovery can be quickly implemented in the WDS because you only need to
maintain bridging devices.
Huawei dual band APs can support a series of comprehensive services, and feature
long transmission areas, high anti-interference capabilities, simple network
deployment, automatic AC discovery and configuration, and real-time management
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
in
g.
hu
and maintenance. These APs meet the network coverage and connection
requirements of indoor and outdoor WLAN.
Mo
The WDS network can be deployed quickly, which provides assurance in

temporary, emergency, or anti-disaster situations.
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
This figure shows an example of a WDS application scenario.
ht
For indoor WDS deployment, you can select the P2P or P2MP networking
so
Outdoor WDS deployment: select the networking modes flexibly according to

the service requirements and architecture designs. When there are obstacles
between two LANs or the transmission distance is too far, you can connect the
Re
ur
ce
s:
modes flexibly according to the service requirements and architecture designs.

In indoor scenarios where network cabling is difficult or the coverage area is
far away from the switch, WDS networking is an effective solution. However,
the WDS application in indoor scenarios is subjected to restrictions caused by
building obstacles.
two LANs using APs as repeaters.
ng
The application scenario in this figure is the outdoor P2P networking mode.
Mo
re
Le
ar
ni
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
WDS connects two networks through two APs. The peer MAC address is configured
on each AP to determine the link to be set up in the actual application.
The P2P WDS networking mode can connect two networks in different places. You
need to specify the same channel for the root AP and leaf AP.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The P2MP WDS networking mode can integrate several remote and isolated
networks together. Compared to the P2P mode, it has a more complicated structure.
ht
If LAN segment 2 needs to establish connections with LAN segment 3, it must

connect to root AP first.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
As shown in the figure, root AP is the center device. The other APs set up wireless
links with root AP. LAN segments 2, 3, and 4 can only communicate through root AP.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
When there are obstacles between two LANs or the transmission distance is too far,
two LANs can be connected through a repeater AP. The repeater AP connects two
ht
APs and transmits data between them, extending the coverage areas of the system.
s:
The repeater AP can extend the wireless transmission distance to tens or dozens of
kilometers without increasing the network bandwidth.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Root: The AP functions as a root to connect to the AC through a wire, and

functions as an AP bridge to connect to a STA bridge.
s:
ht
Depending on the AP's location on the WDS network, a wireless bridge works in root,
middle, or leaf mode.
Middle: The AP functions as a middle node to connect to an AP bridge and an

STA bridge. When connecting to an AP bridge, the AP is an STA bridge; when
ce
The hand-in-hand mode applies to typical WDS indoor scenarios, such as homes,
warehouses, subways, and enterprises. WLAN signals deteriorate because of walls
Re
Leaf: The AP connects to an AP bridge as an STA bridge.
so
ur
connecting to a STA bridge, the AP is an AP bridge.
ng
and other obstacles. One AP cannot provide signal coverage for all indoor areas. A
WDS network connects multiple APs, enlarging signal coverage area and saving
For users that do not have high bandwidth requirements, this mode is cost-effective.
Mo
re
Le
ar
ni
cabling costs.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The back-to-back mode applies to typical WDS outdoor scenarios. When there are
obstacles between two LANs to be connected or the transmission distance is too far,
ht
ur
When users require high bandwidth, two repeater APs can be deployed in back-toback mode to provide the wireless bridge function. The two APs work at different
channels to provide high link bandwidth.
Mo
re
Le
ar
ni
ng
Re
so
ce
s:
you can select the back-to-back mode. As is shown in the figure, two repeater APs
are deployed in back-to-back mode on the network to provide the wireless bridge
function. This network deployment ensures wireless link bandwidth for a long
transmission distance.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
A wireless mesh network (WMN) is a communications network that consists of

multiple wirelessly connected APs in a mesh topology and connects to a wired
ht
network through a portal node or two portal nodes.
s:
On a traditional WLAN, APs exchange data with STAs using wireless channels and
connect to a wired network through uplinks. If no wired network is available before a
WLAN is constructed, it takes much time and money to construct a wired network. If
positions of some APs on a WLAN are adjusted, the wired network must be adjusted
accordingly, increasing the difficulty in network adjustment. A traditional WLAN
requires a long construction period and has a high cost and poor flexibility, so it does
so
ur
ce
Re
not apply to emergency communication, wireless MANs, or areas that lack weak wired
Mo
re
Le
ar
ni
ng
network infrastructure. The construction of a WMN requires only APs to be installed,

which greatly speeds up network construction.
Fast deployment: Mesh nodes can be easily installed to construct a WMN in a

short time, much shorter than the construction period of a traditional WLAN.
Dynamic coverage area expansion: As more mesh nodes are deployed on a
WMN, the WMN coverage area can be rapidly expanded.
Robustness: A WMN is a peer network that will not be affected by the failure of
a single node. If a node fails, packets are forwarded to the destination node
in
Flexible networking: An AP can join or leave a WMN easily, allowing for

flexible networking.
Various application scenarios: Besides traditional WLAN scenarios such as
enterprise networks, office networks, and campus networks, a WMN also
applies to scenarios such as large-scale warehouses, docks, MANs, metro
lines, and emergency communications.
/l
Cost-effectiveness: Only MPPs need to connect to a wired network, which

minimizes the dependency of a WMN on wired devices and saves costs in
wired device purchasing and cable deployment.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
ea
rn
g.
hu
along the backup path.
A WMN allows APs to wirelessly connect to each other, solving the preceding
problems. A WMN has the following advantages:
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Point-to-multipoint mode
Repeater mode
ht
Point-to-point mode
s:
What are P2P networking modes? What are its disadvantages?
ce
What are the common WDS networking modes?
In the P2MP networking scenarios, an AP is used as the center device. The
ur
Mo
re
Le
ar
ni
ng
Re
so
other APs set up wireless links with the center AP. Data forwarding between
sub-networks must be implemented through the center AP.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
tp
:/
802.11 physical layer
802.11 MAC layer
ht
The IEEE 802.11 working group has defined the standards related to:
802.11 physical layer standard defines the frequency, modulation method, and highest rate.
IEEE 802.11: In 1990, the IEEE standard association (IEEE-SA) appointed the
IEEE 802.11 working group, which defined the standards related to physical
layer and MAC layer. The physical layer, working at 2.4000-2.4835 GHz,
defines signal characteristics and modulation in data transport. The highest
rate at this layer is 2 Mbps.
IEEE 802.11a: IEEE 802.11a standard was completed in 1999. It defines the
frequency of WLAN, which is between 5.15 GHz and 5.825 GHz. The data
transport rate reaches 54 Mbps.
Re
so
ur
ce
s:
IEEE 802.1b: IEEE 802.1b standard was approved in 1999. According to

802.1b, WLAN works at 2.4-2.4835 GHz. The data transport rate reaches 11
Mbps.
IEEE 802.11g: IEEE 802.11g improves the rate of 802.11b (Wi-Fi) from 11
Mbps to 54 Mbps. 802.11g access points are compatible with 802.11b and
802.11g clients.
Le
ar
ni
ng
Mo
re
IEEE 802.11n: IEEE 802.11n uses 2.4 GHz and 5 GHz frequency bands.
Multiple-input multiple-output (MIMO) and OFDM are the core technologies of
IEEE 802.11n. The transport rate is 300 Mbps and reaches 600 Mbps at the
maximum. IEEE 802.11n is compatible with 802.11b and 802.11g.
802.11 MAC layer standard defines the features of WLAN at the MAC layer, such as
QoS, security, and roaming.
aw
ei
.c
om
/e
IEEE 802.11e standard allows WLAN MAC protocols to support multimedia

traffic transmission and QoS on all radio interfaces.
802.11h, refers to the amendment added to the IEEE 802.11 standard for
Spectrum and Transmit Power Management Extensions. It solves problems
like interference with satellites and radar using the same 5 GHz frequency
DFS ensures that channels containing radar are avoided by an Access

Point (AP) and energy is spread across the band to reduce interference
to satellites. TPC ensures that the average power is less than the
regulatory maximum to reduce interference to satellites.
The IEEE 802.11h standard provides an additional 11 channels to the
802.11a standards 12 non-overlapping channels for a total of 23 nonoverlapping channels.
:/
/l
ea
rn
in
g.
hu
band. It was originally designed to address European regulations but is now

applicable in many other countries. The standard provides Dynamic Frequency
Selection (DFS) and Transmit Power Control (TPC) to the 802.11a PHY.
IEEE 802.11i uses user and device authentication of IEEE 802.1x. It is an
IEEE 802.11s is an IEEE 802.11 amendment for mesh networking, defining

how wireless devices can interconnect to create a WLAN mesh network, which
ce
IEEE 802.11r, fast BSS transition (FT), reduces the delay to transit clients
between APs. IEEE 802.11h is designed to manage spectrum.
s:
ht
tp
amendment to MAC layer standard. IEEE 802.1i defines strict encryption and
authentication mechanism to improve WLAN security.
Mo
re
Le
ar
ni
ng
Re
so
ur
may be used for static topologies and ad-hoc networks.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Advantages of infrared rays: no wireless interference, visual transmission distance,

difficult in detection, and secure. Disadvantage: hard to traverse opaque objects, short
ht
transmission distance, interference by sunlight and fluorescent lamps, and half-duplex.
s:
Compared with infrared ray, radio frequency allows longer distance, faster
transmission, and higher security.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Physical layer is classified into two sublayers: Physical Layer Convergence Procedure
(PLCP) and Physical Medium Dependent (PMD). PLCP maps MAC frames to the
ht
transmission medium. PMD transports the frames.
s:
PLCP combines the MAC frames with radio waves. PLCP adds a header to frames.
Usually, a frame contains a preamble to synchronize data receiving. However, the
preambles vary according to modulation method. Therefore, PLCP adds its own
preamble to the frames to be transmitted. Then PMD transmits the frames from PLCP
to the air.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Bandwidth is the maximum frequency width of signals that can pass a channel. The
unit is Hz.
Nowadays, wireless signals transmit more and more information; therefore, bandwidth
usage is higher than before.
Broadcasting signals consume 175 kHz bandwidth to provide high
quality audio.
ce
s:
ht
TV signals contain audio and video, consuming 4500 kHz bandwidth.
WLAN uses 802.11 protocol and uses 20 MHz bandwidth.
Mo
re
Le
ar
ni
ng
Re
so
ur
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Spread spectrum technology is used to transmit data on the WLAN. It was originally used
by military departments to prevent wiretapping and signal interference.
Spread spectrum is the basis for ISM transmission. Traditional wireless communication
focus on how to transmit more signals with low bandwidth. Spread spectrum uses
mathematics functions to spread signals to a wide frequency range. The receiver restores
the signals to narrowband signals. Moreover, the narrowband noise can be filtered out.
A WLAN device is a transceiver that connects to servers or other network segments

through Ethernet cables. There are two wireless technologies that establish a WLAN:
Narrowband radio: It is similar to broadcasting. The transmitter and receiver must
be in the same frequency band.
Re
so
ur
ce
s:
ht
Spread spectrum radio: It broadcasts signals in a wide range, preventing the issues
occurring in narrowband transmission. This technology uses a type of codes to
transmit signals, and the receiver uses the same type of codes to restore signals.
Spread spectrum radio can work in the frequency bands occupied by other signals.
Spread spectrum radio does not interfere with other wireless radio because it has
weak energy.
Mo
re
Le
ar
ni
ng
Confidential Information of Huawei. No Spreading Without Permission
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Industrial Scientific Medical (ISM) is used by industry, science, and medicine fields.
Generally, each country has some radio frequencies for industry, science, and
ht
The ISM frequency bands in different countries are different. For example, the USA
uses 902-928 MHz, 2400-2483.5 MHz, and 5725-5850 MHz; however, in Europe, 900
MHz is used for GSM. Frequency band 2.4 GHz is used by all countries. Therefore,
WLAN (IEEE 802.11b/IEEE 802.11g) and other wireless networks can work at 2.4
so
ur
ce
s:
medicine use. Using these frequencies does not need license, but must use certain
transmit power (< 1 W). In addition, signals in different frequency bands cannot
interfere with each other.
Re
GHz.
902-928 MHz is used by cordless phones.
2.400-2.4835 GHz is used for microwave. The typical applications are microwave
ng
5.725-5.875 GHz is the microwave frequency band, which is used for highway RFID
ar
ni
oven, Bluetooth, and 802.11 networks.
Mo
re
Le
system, gate control (shopping mall) system, and 802.11 networks.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Frequency hopping (FH or FHSS):
ht
FHSS is a method of transmitting radio signals by rapidly switching a carrier
DSSS uses mathematics functions to spread power to wider frequency band.
ur
ce
Direct sequence (DS or DSSS):
Orthogonal Frequency Division Multiplexing (OFDM)

OFDM divides available channels into sub-channels and decodes some
signals on each sub-channel.
Mo
re
Le
ar
ni
ng
Re
so
s:
among many frequency channels, using a pseudorandom sequence known to

both transmitter and receiver.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Frequency hopping spread spectrum (FHSS) is a method of transmitting radio signals

by rapidly switching a carrier among many frequency channels, using a
ht
s:
pseudorandom sequence known to both transmitter and receiver. As shown in the

figure:
Available frequencies are divided into several frequency slots, and the time
axis is also divided into time slots.
The frequencies in use are 3, 8, 5, and 7. The frequency hopping time is

important. The transmitter and receiver must be synchronized so that the
frequencies at the two ends are the same.
Re
so
ur
ce
FHSS is defined only in IEEE802.11, but is rarely used in practice. The WLAN using
ng
FHSS supports two rates: 1 Mbps and 2 Mbps.

FHSS prevents wireless devices from interfering with major users at certain frequency
Similarly, major users only interfere with the spread spectrum device at a certain time
ar
ni
bands. FHSS users only interfere major users in a moment.
The figure shows the impact on signals when time slot 7 is used. Signals in time slot 4
are damaged, but the signals in previous three time slots are successfully transmitted.
For example, time slot 7 is used by microwave oven. The microwave oven only
interferes with the signals in time slot 7, and signals in other time slots are
successfully transmitted.
Mo
re
Le
slot, like instance noise.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Direct sequence spread spectrum (DSSS) was originally specified in the primary, 802.11
standard and provides 1 and 2 Mbps RF communications using the 2.4 GHz ISM band.
An updated implementation of DSSS (HR-DSSS) was also specified in the 802.11b
addendum and provides 5.5 and 11 Mbps RF communications using the same 2.4 GHz
ISM band. The 802.11b 5.5 and 11 Mbps speeds are known as High-Rate DSSS (HRDSSS).
802.11b devices are backward compatible with the legacy 802.11 DSSS devices. This
ur
ce
s:
ht
Unlike FHSS, where the transmitter jumped between frequencies, DSSS is set to one
channel. The data that is being transmitted is spread across the range of frequencies that
ng
Re
so
means that an 802.11b device can transmit using DSSS at 1 and 2 Mbps and using HRDSSS at 5.5 and 11 Mbps. However, 802.11b devices are not capable of transmitting
using FHSS; therefore, they are not backward compatible with 802.11 FHSS devices.
Mo
re
Le
ar
ni
make up the channel. The process of spreading the data across the channel is known as
data encoding.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Everyone know the many ways that RF signals can get altered or corrupted. Because
802.11 uses an unbounded medium with a huge potential for RF interference, it had
ht
s:
to be designed to be resilient enough that data corruption could be minimized. To

achieve this, each bit of data is encoded and transmitted as multiple bits of data.
The barker code uses 11 bit sequence, for example, 10110111000. It effectively
prevents interference, but reduces transmission rate.
Each bit code is an 11-bit barker code. The generated data object is a chip. A chip is
a binary numeral used in spread spectrum. Bit is advanced data, while chip is a binary
numeral used during coding. They do not have difference in mathematics.
Information volume actually transmitted is 11 times of effectively transmitted
Re
so
ur
ce
Mo
re
Le
ar
ni
ng
information volume.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
CCK codes four or eight bits in any 8-bit sequence, so the total throughput is 5.5
Mbps or 11 Mbps. In addition, CCK uses the transfer function to make the receiver
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
easily identify various codes even if interference or multi-path attenuation occurs.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
BPSK: Binary Phase Shift Keying
QPSK: Quadrature Phase Shift Keying
Modulation
BPSK
180
QPSK
QPSK
90
QPSK
180
10
QPSK
270
11
s:
ur
ce
BPSK
Code
01
ng
Re
so
00
QPSK uses four-level coding mechanism to provide higher throughput than BPSK.
However, if multi-path interference is serious, QPSK does not take effect. Multi-path
ni
Phases difference
ht
ar
interference occurs because signals from the transmitter to the receiver through the
branch. The lengths of paths are different, so there is time difference between the
Mo
re
Le
signals received from different paths. If multi-path interference is serious, QPSK will
be down earlier than BPSK.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
802.11b uses DSSS to provide four rates: 1 Mbps, 2 Mbps, 5.5 Mbps, and 11 Mbps.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
802.11a is based on Orthogonal Frequency Division Multiplexing (OFDM).
OFDM divides a wide channel into sub-channels. Each sub-channel can transmit data.
The sub-carriers used by OFDM overlap, but they do not interfere with each other.
Sub-carriers can be distinguished by using orthogonal. In mathematics, orthogonal
describes independent projects.
The waveform of a sub-carrier is not affected by other sub-carriers. Signals are
ur
ce
s:
ht
Mo
re
Le
ar
ni
ng
Re
so
classified into three sub-carriers. The waveform of each sub-carrier is used for coding,
as shown in the bullets in figure. The sub-carriers is designed to maintain the
orthogonal relationship. Pay attention to the peak of wave. The amplitudes of the
other two sub-carriers are 0.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ht
OFDM divides the specified channels into orthogonal sub-channels, and
modulates and transmits data on the sub-channels.
s:
OFDM divides a channel into 52 sub-channels, in which 4 are used for phase
reference. Therefore, only 48 sub-channels are available.
Mo
re
Le
ar
ni
ng
Re
so
ur
The bandwidth of each signal is lower than the channel bandwidth.
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
QAM represents digital signals by using the amplitude change of two orthogonal
carriers. Phase modulation of analog signals and PSK of digital signals can be
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
considered as the QAM with amplitude unchanged and phase changed.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
To increase data rate, use the constellation with more bullets. When the data rate
increases, the received signals must have high quality; otherwise, the adjacent bullets
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
cannot be distinguished. If two bullets are too close, the acceptable error of each
bullet is small. 802.11a defines the maximum acceptable error of each bullet at the
physical layer. The figure shows the constellation used by 802.11a. BPSK and QPSK
have the lowest bit rate. They are the PSK technologies used by DSSS.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
OFDM PHY has four rate levels: 6 and 9 Mbps, 12 and 18 Mbps, 24 and 36 Mbps,
and 48 and 54 Mbps. The mandatory rates are 6 Mbps, 12 Mbps, and 24 Mbps. The
ht
three rates are most stable even if there is interference.
s:
The first level rate uses binary BPSK. Each sub-channel has a one-bit code.
That is, each symbol has 48 bits. About a half or a quarter of these bits are
used to correct errors. Therefore, each symbol has only 24 or 36 available bits.
ce
ur
The second level rate uses binary QPSK. Each sub-channel has a two-bit
code. That is, each symbol has 96 bits. About a half or a quarter of these bits
are used to correct errors. Therefore, each symbol has only 48 or 72 available
bits.
The third and fourth levels use QAM. 16-QAM codes 16 symbols into 4 bits,
and 64-QAM codes 64 symbols into 6 bits. 64-QAM uses 2/3 and 3/4 code rate
ng
Re
so
Mo
re
Le
ar
ni
to increase transmission rate.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
DSSS: direct sequence spread spectrum
OFDM: Orthogonal Frequency Division Multiplexing
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
tp
:/
802.11 uses three physical layer technologies:

Frequency Hopping Spread Spectrum (FHSS)
Direct Sequence Spread Spectrum(DSSS)
s:
ce
ht
Which technologies are used at 802.11 physical layer?
Which rates are supported by OFDM?

Eight. They are 6 Mbps, 9 Mbps, 12 Mbps, 18 Mbps, 24 Mbps, 36 Mbps, 48
so
ur
Mo
re
Le
ar
ni
ng
Re
Mbps, and 54 Mbps.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
802.11 defines interfaces used to transmit signals in air between a station and a
wireless client or between wireless clients.
After release of the 802.11 standard, a series of standard extensions are developed.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
802.11a was released in 1999 but related products were not available unitl a long
period after 1999.
802.11a hardware first appeared in the market at the end of 2001.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
In January, 2004, IEEE announced to establish a committee to develop new 802.11

standatds. IEEE 802.11n was approved by Sep, 2009. Currently, the 802.11n
standard provides a theoretical bandwidth of 600 Mbit/s.
Different from 802.11a/b/g standards, 802.11n uses dual bands (2.4 GHz and 5 GHz),
making it backward compatible with 802.11a/b/g standards.
802.11n combines the MIMO and OFDM technologies, which doubles the
transmission speed.
Additionally, advanced antenna and transmission technologies extend the WLAN

transmission distance to several kilometers and ensure a transmission rate of 100
Mbit/s.
The IEEE 802.11n standard improves the original 802.11 standards not only in the
physical layer but also in the MAC layer. IEEE 802.11n uses high-performance
wireless transmission technology to improve MAC layer performance and optimize
data frame structure, improving network throughout performance.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
802.11g/n uses OFDM to provide more subcarries for flexiable adjustment. More
subcarriers indicates a higher transmission rate. Even if 802.11n uses single-input
single-output (SISO) antennas, it provides higher receive and transmit rate than
802.11g.
Traditional 802.11a/g provides a total of 52 subcarriers (48 subcarriers can be used)

in 20 MHz mode with a rate of 54 Mbit/s.
802.11n provides a total of 56 subcarriers (52 subcarriers can be used) in 20 MHz

mode with a rate of up to 58.5 Mbit/s.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Forward error correction (FEC) uses error-correcting codes (ECCs) to correct wireless
data errors caused by attenuation or interference during transmission. The corrupted
data can be recovered.
802.11n ECCs maintain the same error correcting ability but consume less frequency
bandwidth. The ratio between the error correcting ability and the bandwidth
consumption is called the code rate.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Short Guard Interval Short GI
ht
802.11a/b/g defines an interval of 800 ns between data transmissions. This
interval is called Guard Interval (GI).
s:
802.11n uses the GI of 800 ns by default. If the multipath effect causes little
effect on data transmission, the GI should be set to 400 ns, which can increase
the throughput by 10%. This interval is called Short GI.
ur
ce
Usage scenario: Short GI applies to scenarios with good a radio environment and few
multipath problems. Short GI must be disabled on a network with severe multipath
effect.
In a multipath situation, data is transmitted over multiple paths. If a short GI is set, the
Re
so
ng
second data block interfers with the sending of the first data block. A proper GI
prevents this problem. An improper GI reduces efficient SNR, as shown in the
Mo
re
Le
ar
ni
preceding figure.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Guard intervals (GIs) are the delay required for receiving or sending wireless data or
between wireless data transmissions.
When the radio chip sends data in OFDM modulation mode, it divides a frame into
different data blocks. To ensure data transmission reliability, GIs are inserted between
data blocks to ensure that the receive end correctly parses each data block.
802.11a/g uses GI of 800 ns, while 802.11n uses short GI. A short GI of 400 ns
increases data transmission rate by 10%.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The 40 MHz frequency bandwidth doubles the transmission rate of the wireless
network. However, the number of 40 MHz channels supported by 2.4 GHz and 5 GHz
ht
networks are different.
s:
A 2.4 GHz network supports only one 40 MHz channel. while the number of 40 MHz
channels supported by the 5 GHz network varies according to countries. Theoretically
a maximum of eleven 40MHz channels are supported
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
SISOSingle Input Single Output
MIMOMultiple Input and Multiple Output
The 802.11n network uses APs and STAs that support MIMO technology to provde
high reliablity and data throughput. Even if only APs support MIMO, the 802.11n
network ensures 30% higher performance than an 802.11a/b/g network.
The improvement of network performance is benefited from MIMO antennas which
ur
ce
s:
ht
Mo
re
Le
ar
ni
ng
Re
so
allow more reliable data transmissions between the AP and STAs. Compared to
standard antenana diversity, the MIMO antenna provides higher data transmission
rate for STAs. For example, when an 802.11a/b/g STA communicates with a
traditional AP, the transmission rate decreases from 54 Mbit/s to 48 Mbit/s or 36
Mbit/s. However, if the same STA communicates with an 802.11n AP that supports
MIMO, the transmission rate remains 54 Mbit/s.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Multiple antennas are used on the receive and transmit ends in a wireless
communication system. Proper use of MIMO technology greately improves
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
performance. The input and output in the MIMO system refers to wireless channels).
Multiple antennas of the transmit end allow multiple signal inputs in the wireless
channel (Multiple antennas of the receive end allow multiple signal outputs from the
wireless channel. Multiple-antenna receiver uses advanced spatial code processing
technology to separate and decode data signal streams, which has good processing
results and effectively prevents space-selective fading.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Beamforming: The beamforming technology adjusts transmit signals of multiple

antennas to enhance signal strengths on the receive end.
When two different antennas send two signals, the two signals are superposed at the
receive end. Their phases may be different at the receive end due to transmission
directions. This affects the signal strength at the receive end. The phases of wireless
signals on the transmit end can be adjusted to enchange signal strength, that is to
increase the SNR.
ur
ce
s:
ht
The beamforming technology applies to the scenario where the receive end
has only one antenna and no obastacle exsits. If the beamforming technology
is not used, two signals received by the receive end go out of phase, as shwon
Re
so
in figure 1. If the beamforming technology is used, the receive end receives
Mo
re
Le
ar
ni
ng
positive phases that maximize signal strength, as shown in figure 2. The SNR
is increased on the receive end.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
For example, MIMO 2*2 indicates two groups of tranmission links: two receive links
and two spatial streams that are processed through multi-tasks and transmitted over
ht
If the MIMO 2*1 is increased to MIMO 4*4, the SNR of the AP is increased every time
one transmit antenna or receive antenna is added on the AP.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
wireless links. The AP can transmit different information over multiple spatial streams
to increase data transmission rate.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
802.11 MAC layer protocols consume excessive bandwidth for link maintenance and
protection, which greately reduces the system throughput.
802.11 MAC layer protocols have a large amount of overhead, especially

acknowledgment of transmitted frames. At the highest data rates, this overhead
occupy more bits than the data frame. For example, 802.11g supports a theoretical
transmission rate of 54 Mbit/s but the actual transmission rate is 22 Mbit/s. Half of the
rate is wasted.
Wireless network conflicts and congestion also lower the 802.11 throughput. 802.11n
improves the MAC layer to reduce fixed cost and transmission loss caused by
congestion.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
A-MSDU and A-MPDU reduce payloads and can aggregate only frames of the same
QoS level. However, there may be transmission delay because they have to wait for a
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
time for packet aggregation. Only MPDU uses the Block acknowledge frame.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
A-MSDU is short for aggregation of MAC service data units.
A-MSDU aggregates packets that have the same destination and application. After
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
aggregation, these packets share one MAC frame header. The playload, transmission
time, and acknowledge frame in the packet header decreases. This improves wireless
transmission rate. The maximum length of an A-MSDU frame is 7935 bytes.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
A-MPDU is short for agregation of MAC protocol data units.
A-MPDU aggregates packets that have the same destination but different
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
applications. It is less efficient than A-MSDU aggregation, but it can reduce playload
in the packet header and transmission time. The maximum length of the A-MPDU
frame is 65535 bytes.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
To ensure reliable data transmission, 802.11n defines that an ACK frame must be
sent to respond to every received unicast data frame. After receiving an A-MPDU, A-
ht
The sender only needs to retransmit frames that receive no ACK frame. In
environments with high error rates, A-MPDU that uses the Block Acknowledgement
mechanism allows higher WLAN efficiency than A-MSDU. In this mechanism, only
error frames rather than the all aggregation frames are retransmitted. This reduces
so
ur
ce
s:
MPDU receivers must process each MPDU and send an ACK frame to respond to
each MPDU. Block Acknowledgement uses a single Block Acknowledgement frame
to acknowledge multiple MPDUs to reduce the number of ACK frames.
Mo
re
Le
ar
ni
ng
Re
the number of data to be transmitted.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
IEEE 802.11ac is a wireless computer networking standard of 802.11, currently under

development, providing WLANs on the 5 GHz band. Theoretically, this specification
ht
s:
will enable multi-station WLAN throughput of at least 1 Gbit/s and a maximum single
link throughput of at least 500 Mbit/s.
802.11ac is forward compatible with current and later 802.11 full series standards and
regulations, including the 802.11s wireless network architechture to be released.
It complies with the 802.11i security standard and supports WiFi security standards
required by enterprise-level users. 802.11ac can implement seamless roaming for
enterprises and households in the future and can support various WiFi applications,
such as security, management, and diagnossis.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Theoretically, the highest rate of 802.11a is 54 Mbit/s. 802.11a uses 5 GHz frequency
band.
802.11b is the earliest and most popular WLAN standard. The theoretical rate is 11
Mbit/s, and the actual throughput can reach 5 Mbit/s.
802.11g greatly increases the physical-layer transmission speed in 2.4 GHz frequency
band. The maximum rate reaches 54 Mbit/s, and the throughput reaches 20 to 26
ce
s:
ht
so
802.11n uses dual bands (2.4 GHz and 5 GHz). The theoretical transmission rate is
300 Mbit/s and even reaches 600 Mbit/s in certain conditions. The tested rate is over
Re
ur
Mbit/s. In addition, 802.11g is compatible with 802.11b.
100 Mbit/s. It is compatible with 802.11a/b/g.

The tested rate of 802.11a/b/g/n products cannot reach the theoretical rate defined in
ng
the standards. In acutal conditions, half of the bandwidth is consumed by information
Mo
re
Le
ar
ni
such as group load balancing, checksum, frane bit, and error correcting data. The
signal strength and obstacles also affect the transmission rate.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ht
An increase of transmission rate to 600 Mbit/s
Higher reliability of wireless links
Compatible with 802.11a/b/g
Support for MIMO
s:
ce
What are the advantages of 802.11n over 802.11a/b/g?
What is MIMO technology?
ur
MIMO allows 802.11n to use two or more spatial streams for data
so
Mo
re
Le
ar
ni
ng
Re
transmissions between 802.11n APs and STAs.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
For many years, the conventional access point was a standalone WLAN portal device
where all three planes(Management Plane, Control Plane, Data Plane) of operation
ht
ce
s:
existed and operated on the edge of the network architecture. These APs are often
referred to as fat APs, or standalone APs. However, the most common industry term
for the traditional access point is autonomous AP.
All configuration settings exist in the autonomous access point itself, and therefore,
the management plane resides individually in each autonomous AP. All encryption
and decryption mechanisms and MAC layer mechanisms also operate within the
autonomous AP.
A typical fat AP is a wireless router. Unlike traditional APs, wireless routers have
Re
so
ur
WAN and LAN interfaces and support Dynamic Host Configuration Protocol (DHCP)
Mo
re
Le
ar
ni
ng
servers, domain name server (DNS), and MAC address clone, as well as VPN access
and firewall functions.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The next progression in the development of WLAN integration is the centralized

WLAN architecture. This model uses a central WLAN controller that resides in the
ht
To build operational WLAN and to realize quick deployment of WLAN, centralized

management of network devices, and fine-grained user management. Enterprises and
carriers prefer the fit AP + AC networking to the fat AP networking because the fit AP
+ AC networking realizes fast WLAN deployment, centralized network device, and
so
ur
ce
s:
core of the network. In the centralized WLAN architecture, autonomous APs have
been replaced with controller-based access points, also known as lightweight APs or
Fit APs (thin APs).
An AC and a fit AP run the CAPWAP protocol to communicate with each other.
Mo
re
Le
ar
ni
ng
Re
refined user management, helping build a maintainable, manageable WLANs.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Control And Provisioning of Wireless Access Points
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
LWAPP has a complete protocol architecture and defines detailed packet structure
and multiple control control messages. However, the effectiveness of the newly
ht
ur
The CAPWAP team compared and evaluated the four protocols, and extended the
LWAPP protocol to create the CAPWAP protocol, using DTLS technology and merits
of the other three protocols.
Mo
re
Le
ar
ni
ng
Re
so
ce
s:
created security mechanism is yet to be proven. The highlight of SLAPP is the DTLS
technology, which is highly applauded in the industry.CTP and WiCoP can satisfy the
demands of centralized WLAN architecture. However, they have drawbacks,
especially in terms of security.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Local forwarding of data packets
Service data of APs is forwarded locally and the AC only manages the APs. That is,
ht
Centralized forwarding of data packets
Centralized forwarding is also called tunnel forwarding. Service data of APs is

encapsulated and forwarded to the AC over the CAPWAP tunnel. The AC manages
the APs and forwards service data of APs to the upper layer network. Both the AP's
management flows and data lows are encapsulated in the CAPWAP tunnel and
sent to the AC.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
AP management packets are encapsulated in CAPWAP tunnels and terminated on

the AC; whereas AP service flows are directly forwarded to switching devices
without being encapsulated.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
CAPWAP is an application-layer protocol using UDP ports.
CAPWAP transmits two types of packets:
Data packets: encapsulate wireless frames
Control packets: management packets exchanged between APs and ACs.
s:
ce
CAPWAP data and control packets are transmitted on different UDP ports:
Control packets are transmitted on UDP port of 5246.
Data packets are transmitted on UDP port of 5247.
ur
Mo
re
Le
ar
ni
ng
Re
so
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
If an AC IP address list is configured on an AP, the AP starts the static discovery

process after being powered on and associates with a specified AC.
If no AC IP address list is configured, the AP starts the dynamic AC discovery

process. In this process, the AP obtains it own IP address and DNS server address
through DHCP, obtains an AC IP address list from the DHCP server or DNS server,
and broadcasts discovery packets to discover an AC and associates with the AC.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
1. After an AP starts, it obtains an IP address, DNS server address, and domain name
through the DHCP server.
2. The AP broadcasts a request packet at Layer 2 to attempt to associate with an AC.
3. If the AP does not receive a response after 30s, it starts Layer 3 discovery. The AP
obtains the IP address of an AC using Option 43 or the domain name of an AC using
Option 15 from the DHCP server, and then sends a discovery request to the IP
ur
address or domain name.
ce
s:
ht
4. After receiving the discovery request, the AC checks whether the AP has the right
to access the AC. If the AP is authorized, the AC replies with a discovery response.
5. The AC and the AP establish a CAPWAP tunnel.
Mo
re
Le
ar
ni
ng
Re
so
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
DHCP four-message exchange:
ht
When no AC IP address list is preconfigured, the AP starts the dynamic AC
First, the AP sends a discovery request to the DHCP server. The DHCP server
detects the discovery request packet and responds to the AP with a DHCP
ce
s:
auto-discovery process. The AP obtains IP address through DHCP and returns

to IP address list of AC through Option in DHCP protocols.
Since DHCP offer packets can be either unicast or multicast packets. When
Re
so
ur
offer packet with an unleased IP address and other TCP/IP configuration. The
packet contains information about lease duration.
the AP receives responses from multiple DHCP servers, it chooses the offer
ng
first received and sends a DHCP request to require all servers to send DHCP
offer packets aobtain. The DHCP server specifies which IP address is to be
ni
used. The AP sends an ARP packet to check whether the IP address is used
by another device. If the address is used, the AP sends a DHCP decline
ar
packet to the DHCP server to reject the DHCP discovery packet.
When the DHCP server receives the AP request packet, it responds with a
DHCPACK packet, which contains the IP address of the AP, lease duration,
gateway information, and DNS server IP address. By now, the lease contract
takes effect and the DHCP four-message exchange is completed.
Mo
re
Le
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
AC discovery:
ht
The AP finds available ACs through the AC discovery mechanism and decides
ce
s:
to associate with the best AC through CAPWAP tunnel. The discovery

mechanism is optional. If there is preconfigured AC on the AP, there is no
need to conduct the discovery process.
The AP activates CAPWAP protocol discovery mechanism and sends unicast
Mo
re
Le
ar
ni
ng
Re
so
ur
or broadcast request packets to try to associate an AC. The AC responds the

requests with unicast discovery response packets, containing the information
about the AC priority level and the number of APs The AP determines to
associate with the appropriate AC based on the AC priority level and the
number of APs.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
DTLS handshake:
ht
After the AP obtains the AC IP address, it triggers negotiation with the AC.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
After the AP receives a response message from the AC, it starts to establish a
CAPWAP tunnel with the AC. The Datagram Transport Layer Security (DTLS)
protocol can be used to encrypt and transmit User Datagram Protocol (UDP)
packets.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Join:
ht
After the DTLS handshake is completed, the AC and the AP establish control
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
channel. The AC sends a join response packet containing information about

user upgrade version number, the interval/timeout period of the handshake
packet, and the priority level of the control packets. The AC checks the version
of the current AP. If the AP version cannot meet the demands of the AC, the
AP and the AC enter image data state for AP hardware upgrading. If the AP
version meets the demands, the two enter the configuration state.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
image data
ht
The AP checks whether it is running the latest software version based on
ce
After the software version is updated, the AP restarts, discovers the AC,
establishes a CAPWAP tunnel with the AC, and joins the AC again.
Mo
re
Le
ar
ni
ng
Re
so
ur
s:
negotiation parameters. If the current version is not the latest version, the AP
obtains the latest software version from the AC using the CAPWAP tunnel.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Configuration
ht
The configuration state is for the matching of the current AP configuration and
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
the configuration required by the AC. The AP sends a configuration request to

the AC, containing information about the current AP configuration. When the
current AP configuration does not meet the requirement of the AC, the AC
sends a configuration response packet to notify the AP.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Data Check
ht
When the configuration is completed, the AP sends change state event
The management tunnel is established when the data check is completed and
ur
ce
s:
request message, which contains information about radio, result, and code.
When the AC receives the message, it replies with change state event
response message.
Mo
re
Le
ar
ni
ng
Re
so
the AP enters run state.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Run
ht
The AP sends a Keepalive message to the AC to establish a data tunnel.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
When the AC receives the Keepalive message, the data tunnel is established.
The AC then replies with a Keepalive message. The AP enters the normal
state and starts to work when receiving the Keepalive message from the AC.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Management tunnel maintenance:
ht
When the AP is in run state, it sends echo request packet to the AC to
ce
s:
demonstrate the CAPWAP management tunnel is established and activates

the echo sending timer and tunnel monitoring timer to monitor the
management tunnel.
When the AC receives the echo request packet, it enters run state, replies with
so
When the AP receives echo response packet, it resets the tunnel timeout
detection timer.
Mo
re
Le
ar
ni
ng
Re
ur
echo response packet, and activates tunnel timeout timer.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
As shown in the figure, the left two APs belong to region 101 and are added to VLAN
11. Their SSID is Huawei 101 and bound to the service VLAN 101. STAs obtain the IP
ht
ce
s:
address 10.1.101.51. The right APs belong to region 102 and are added to VLAN 12.
Their SSID is Huawei102 and bound to WLAN 102. The STAs obtain the IP address
10.1.102.51. The AC uses the management VLAN 100 to manage all APs.
The gateways of device VLAN, management VLAN, and service VLANs reside on the
core switch. The source IP address of the AC is 10.1.100.100. To ensure normal
communications, the AC creates a VLANIF interface for each service.
On the AC, the interface that connects the AC to the core switch is configured as a
trunk interface and is configured to allow the management VLAN 100, service VLANs
Re
so
ur
101 and 102. The AC functions as a Layer 2 device and uses the tunnel forwarding
Mo
re
Le
ar
ni
ng
mode.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The above is the description of the topology. The following pages are going to show you
how data flows are transmitted in this deployment mode. Take the transmission of DHCP
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
data packets as an example. After a wireless terminal connects to the wireless network, it
sends a DHCP request. The DHCP request packet carries the source IP address 0.0.0.0. The
wireless terminal has not obtained an IP address yet. The destination IP address will be
255.255.255.255.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
After the data packet reaches the AP, the AP encapsulates the packet into a
CAPWAP packet. The encapsulated packet carries the source IP address
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
10.1.11.101. This IP address is the IP address of the AP. The packet is destined for
the IP address 10.1.100.100, which is the AC's IP address. Since the packet is a
CAPWAP data packet, its UDP port is 5247.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
After receiving the packet, the AC decapsulates the packet and obtains the original
data sent by the terminal. Since the network uses an independent DHCP server, the
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
AC will send this request to the DHCP server.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The DHCP server receives the request packet and sends a DHCP offer packet to the
AC. The DHCP offer packet carries information such as the IP address, mask,
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
gateway IP address, and DNS IP address. The AC then encapsulates the offer data
into the CAPWAP tunnel and sends it to the AP. The AP decapsulates the packet
after receiving it, and sends the offer packet to the terminal. The terminal finally
obtains the requested IP address.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
What methods can a fit AP use to discover an AC?
ht
Automatic discovery of AC includes static discovery and dynamic discovery.
Dynamic discovery includes DHCP discovery and DNS discovery.

How a CAPWAP tunnel is established?
s:
Discovery phase
2.
DTLS handshake (optional)
3.
Join phase
4.
Image data phase (optional)
5.
configure
6.
Data check phase
7.
Run (data) phase
ni
ng
Re
so
ur
1.
Run (control) phase
re
Le
ar
8.
Mo
ce
CAPWAP tunnel establishment:
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
In home or SOHO network, the WLAN coverage area is small, so Fat AP networking
is used. Fat APs not only provide wireless coverage, but also route packets to or from
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
the wired network.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Enterprise networks and other large networks require large WLAN coverage. If fat AP
networking is used, APs are connected to access switches and the data is forwarded
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
by the switches to the core network. NMSs can also be deployed on the core network
to manage APs.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
In AC + fit AP networking, the AC controls wireless network access, manages

roaming, controls network security, forwards data, collects traffic statistics, configures
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
APs, and monitors APs. The AP just implements some simple functions, for example,
encrypting and decrypting 802.11 packets, realizing functions of 802.11 physical
layer, and collecting statistics about radio frequency (RF) air interfaces.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
In Layer 2 networking, the AC and APs are connected in inline mode or through Layer
2 network, it is called Layer 2 networking.
Layer 2 networking is easy to deploy because its structure is simple. It is applicable to

simple or temporary networking but not to large networking.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
In Layer 3 networking, the AC and APs are connected toa Layer 3 network, it is Layer
3 WLAN networking.
Actual networking can be complex with one AC connecting to as many as hundreds of

APs. For example, in enterprise networks, APs can be placed in offices, meeting
rooms, and guest rooms, while the AC can be deployed in the equipment room.
Therefore, the network between APs and the AC is a complex Layer 2 network. So
Layer 3 networking is used in large networking.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
In this mode, APs, the AC, and the core layer network are connected in line. All data
going to the core layer are forwarded by the AC.
In inline networking, the AC must have high throughput and processing capabilities, or
the AC becomes the bandwidth bottleneck. The inline networking is easy to deploy
and with clear architecture.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
In bypass networking, the AC is connected to the network between APs and the core
network in bypass mode.
In actual networking, most WLANs are established based on wired networks. Bypass
networking is easy to expand. The AC can be connected to the network (such as the
aggregation switch) in bypass mode to manage the APs. So bypass networking is
used more often.
In bypass networking, The AC only manages APs. Management flows are transmitted
in CAPWAP tunnels. Data flows can be forwarded by the AC over the CAPWAP
tunnel, or forwarded to the upper layer network by the aggregation switch and do not
pass the AC.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The AC6605 processes both control flows and data flows. Management flows must be
transmitted over Control And Provisioning of Wireless Access Points (CAPWAP)
ht
tunnels. Data flows can be transmitted over CAPWAP tunnels or not, as required.
s:
The CAPWAP protocol defines how APs communicate with ACs and provides a
general encapsulation and transmission mechanism for communication between APs
and ACs. CAPWAP defines data tunnels and control tunnels.
ce
ur
Control tunnels transmit control flows for remote AP configuration and WLAN
management.
Re
Data tunnels encapsulate 802.11 data packets to be sent to the AC6605.
so
Two forwarding modes are available according to whether data flows are transmitted
Tunnel forwarding: is also called centralized forwarding. It is usually used to

control wireless user traffic in a centralized manner.
Mo
re
Le
ar
Direct forwarding: is also called local or distributed forwarding.
ni
ng
on CAPWAP tunnels:
You can select the chain or branched mode according to networking requirements.
On the AC6605, you can configure direct forwarding for some APs and tunnel
forwarding for other APs. In tunnel forwarding mode, all wireless user traffic is
aggregated to an AC, which may create a switching bottleneck. Therefore, tunnel
forwarding is seldom used on enterprise networks.
aw
ei
.c
om
/e
Chain Networking
In chain networking mode, APs or access switches are directly connected to
the AC6605. The AC6605 functions as both an AC and an aggregation switch
g.
hu
to forward and process APs' data and management services.

Branched Networking
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
in
In branched networking mode, the AC6605 is connected to a network device

(usually an aggregation switch) to manage APs.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
In chain networking mode, APs or access switches are directly connected to the
AC6605. The AC6605 functions as both an AC and an aggregation switch to forward
ht
and process APs' data and management services.

In chain networking mode, the AC6605 sets up CAPWAP tunnels with APs to
configure and manage these APs over CAPWAP tunnels. Service data of wireless
users can be forwarded between APs and the AC6605 over CAPWAP data tunnels or
be directly forwarded by APs.
In chain networking mode, direct forwarding is often used so that user service data
can be forwarded on APs.
The AC6605 functions as the DHCP server to allocate IP addresses to APs. APs
Re
so
ur
ce
s:
Mo
re
Le
ar
ni
AC6605.
ng
obtain the IP address of the AC6605 using the DNS function, DHCP Option 43 in
DHCP packets, or Layer 2 discovery protocols, and then set up data tunnels with the
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
In branched networking mode, the AC6605 is connected to a network device (usually

an aggregation switch) to manage APs.
The AC6605 only manages APs. Management flows are transmitted in CAPWAP
tunnels, and data flows are forwarded to the upper layer network by the aggregation
switch and router and do not pass through the AC6605.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Direct forwarding is also called local forwarding. In direct forwarding mode, data
packets between APs and the AC do not go through the CAPWAP tunnel and are
ht
In direct forwarding, an AP sends packets without any change on the packets.
ce
s:
directly forwarded to the upper-layer network. This forwarding mode improves packet
forwarding efficiency.
Direct forwarding prevents AC from being the bandwidth bottleneck. Service holding
Mo
re
Le
ar
ni
ng
Re
so
ur
upon CAPWAP link disconnection can reduce risks of network disconnection.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Tunnel forwarding is also called centralized forwarding. In this mode, data packets
between APs and the AC go through the CAPWAP tunnel to the upper-layer network.
ht
This forwarding mode improves packet forwarding security.

By tunnel forwarding, all data packets go through the CAPWAP tunnel to the AC,
which forwards the packets to the upper layer network.
Tunnel forwarding greatly improves transmission security and realizes centralized
ce
s:
Mo
re
Le
ar
ni
ng
Re
so
ur
control of the data, such as QoS.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Management VLAN:
ht
In most cases, only one Layer 3 virtual interface is configured on a Layer 2
ce
s:
switch. Therefore, a management VLAN must be configured for the Layer 3

virtual interface. An IP address is bound to the management VLAN so that you
can remotely manage the switch. For example, you can log in to the switch to
view logs, analyze the switch status, and locate faults.
ur
On a WLAN, a management VLAN transmits management packets between

an AC and AP, including DHCP packets, ARP packets, and CAPWAP packets
(control and data CAPWAP packets). PVIDs and trunk VLANs of XGE
interfaces on an AC are the same as those of physical interfaces on a switch.
During AC deployment, the PVID must be configured as the management
VLAN ID and packets of the management VLAN are allowed to pass through a
trunk interface.
Mo
re
Le
ar
ni
ng
Re
so
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
Service VLANs transmit data required for WLAN user access.
On an AP:
In direct forwarding mode, the service VLAN is specified by the VLAN ID that
an AP adds to a data packet.
In tunnel forwarding mode, the service VLAN is specified by the VLAN ID in
ur
s:
tp
:/
ht
On a WLAN:
ce
On an AC:
PVID VLAN of a WLAN ESS interface: indicates the default VLAN of user
packets that an AC sends and receives. The PVID VLAN is manually
Re
so
the user packet encapsulated with a CAPWAP header.
Service VLAN in a service set profile: indicates the VLAN that an AP adds to a
user packet. APs use service VLANs to forward user packets.
Mo
re
Le
ar
ni
ng
configured by the administrator and valid only when packets sent by an AP are
untagged packets.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ht
User VLANs are assigned based on user rights. The following user VLANs may be
used on a WLAN:
VLAN used in 802.1x authentication
Unauthenticated users can only access resources in a guest VLAN. For

example, when no 802.1x client software is installed for a user device,
the user can access resources in the guest VLAN to download and
install the 802.1x client software. After the user passes 802.1x
authentication, the user can access the WLAN.
Users can access resources in a restrict VLAN when the authentication
server rejects users for some reasons, for example, users enter
incorrect user names or passwords. If users fail to pass authentication
because the authentication times out or the network connection is
terminated, users are not added to a restrict VLAN.
ar
ni
ng
Restrict VLAN
Re
so
ur
ce
Guest VLAN
s:
Authorization VLAN
Static VLANs fail to control mobile users. WLAN devices support dynamic
VLAN assignment based on users. For example, on an enterprise network,
dynamic VLAN assignment ensures that a user belongs to the same service
VLAN when the user roams between two APs. This prevents user services
from being interrupted.
Le
Mo
re
When management VLANs, service VLANs, and user VLANs are configured on a
WLAN, these VLANs are deployed according to the following rules:
An authorization VLAN has the highest priority, and so users are added to the
authorization VLAN during authentication, re-authentication, re-authentication
for roaming, or delivery of a Change of Authorization (CoA) packet with the
VLAN field.
Users are added to the service VLAN to which their AP belongs if no
authorization VLAN is configured during authentication, re-authentication, re-
g.
hu
authentication for roaming, or delivery of a CoA packet with the VLAN field.
Generally, user VLANs take precedence over service VLANs. When both a
service VLAN and a user VLAN (an authorization VLAN, a guest VLAN, or a
in
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
restrict VLAN) are configured, users are added to the user VLAN.
Mo
VLAN Deployment
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Advantages of Layer 2 networking
Simple and easy to configure, Layer 2 networking is applicable to

uncomplicated and temporary networking that can be quickly deployed.
s:
ht
What are the advantages and disadvantages of Layer 2 and Layer 3 networking?
Advantages of Layer 3 networking

Actual networking can be complex with one AC connecting to as many
ur
ce
Mo
re
Le
ar
ni
ng
Re
so
as hundreds of APs. For example, in enterprise networks, APs can be

placed in offices, meeting rooms, and guest rooms, while the AC can
be deployed in the equipment room. Therefore, the network between
APs and the AC is a complex Layer 2 network. So Layer 3 networking
is used in large networking.
Advantages of inline networking
Direct forwarding is often used in inline networking mode. This

networking mode simplifies network architecture and applies to largescale and centralized WLANs.
Advantages of bypass networking
The networking mode is commonly used. Wireless user service data
g.
hu
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
in
does not need to be processed by an AC, eliminating the bandwidth

bottleneck and facilitating the usage of existing security policies.
Therefore, this networking mode is recommended.
Mo
What are the advantages and disadvantages of inline networking and bypass
networking?
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The AC6605 in branch mode
The Switch assign service VLANs to users and tags AP management packets with
the management VLAN ID.
The AC functions as a DHCP server to allocate IP addresses to APs.
AP1 and AP2 directly forward service data.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ht
The configuration roadmap is as follows:
Configure the Switch and the AC to enable APs to communicate with the AC.
Configure basic AC attributes, including :
s:
the AC ID
carrier ID
source interface that the AC uses to communicate with APs
Configure the AC as a DHCP server
so
ur
ce
Set the AP authentication mode and add APs to an AP region.
Configure VAPs and deliver VAP parameters so that STAs can access the WLAN.
Re
ng
Configure a radio profile on the Switch and bind it to a radio to enable STAs to
communicate with the AP.
ar
Configure a WLAN-ESS interface and bind it to a service set so that radio

packets can be sent to the WLAN service module after reaching the AC.
ni
Configure a service set and bind a security profile and a traffic profile to it to
ensure security and QoS for STAs.
Le
Mo
re
Configure a VAP and deliver VAP parameters so that STAs can access the
WLAN.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Configure the Switch and the AC to enable APs to communicate with the AC.
Configure GE0/0/3 of the access switch connected to the aggregation switch to
transparently transmit packets of all service VLANs and the management VLAN.
# Configure GE0/0/1 and GE0/0/2 of the Switch connected to APs as trunk interfaces,
and set the PVID of the trunk interfaces to 100.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Configure GE0/0/2 of the Switch connected to the AC to transparently transmit

packets of all service VLANs and the management VLAN. Configure GE0/0/3 of the
Switch connected to the access switch to transparently transmit packets of all service
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
VLANs and the management VLAN.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Configure GE0/0/1 on the AC to transparently transmit packets of all services and the
management VLAN.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ht
the WLAN configuration roadmap is as follows:

Configure basic AC attributes.
Configure parameters for communication between the AC and APs.
Configure radios for APs.
Configure service sets for APs.
Configure virtual APs (VAPs) and deliver VAP parameters to APs.
ur
ce
s:
Mo
re
Le
ar
ni
ng
Re
so
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The AC6605 in branch mode
The Switch assign service VLANs to users and tags AP management packets with
the management VLAN ID.
The AC functions as a DHCP server to allocate IP addresses to APs.
AP1 and AP2 directly forward service data.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Run: system-view The system view is displayed.
Run:WLAN ac-global ac id ac-id [ carrier id { cmcc | ctc | cuc | other } ]
ht
To facilitate AC management, configure an AC ID and a carrier ID on each AC.
By default, the AC ID is 0, and the carrier ID is other.
ce
The supported carrier IDs are cmcc (for China Mobile), ctc (for China Telecom),
cuc (for China Unicom), and other.
ur
s:
so
Run: wlan ac-global country-code country-code The country code is configured.
Mo
re
Le
ar
ni
ng
Re
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
(Optional) Configure the AC as a DHCP server to allocate IP addresses to APs.
ht
Run: dhcp enable
s:
DHCP is enabled on the VLANIF interface.
ce
Run: interface
ur
vlanif vlan-id or interface loopback number.
Re
Run: ip address
so
A VLANIF interface or loopback interface is created.
An IP address range is configured for APs.
ni
ng
Run: dhcp select interfaceCreate an interface address pool according to the

interface address.
ar
Run: quit
Return to the system view.

An AP can set up a connection with an AC only after obtaining an IP address from the
AC, switch, or a DHCP server. When the AC is configured as a DHCP server, it can
Le
Mo
re
allocate IP addresses to APs.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Run: wlan
The WLAN view is displayed.
Run: wlan ac source interface { LoopBack loopback-num | Vlanif vlanif-id }
s:
ht
The AC uses the IP address of the specified source interface as the source IP
address. All APs connected to the AC can learn this IP address.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
The source interface of the AC is configured.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The AP authentication mode is set to MAC address authentication or SN

authentication.
The default authentication mode is MAC address authentication.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Configuration file of the AC
ht
s:
sysname AC
ur
vlan batch 100 to 102
ce
Re
dhcp enable
so
ng
WLAN ac-global carrier id ctc ac id 1
ni
ar
interface Vlanif100
Le
ip address 10.1.100.1 255.255.255.0
Mo
re
dhcp select interface
#
interface Vlanif101
ip address 10.1.101.1 255.255.255.0
dhcp select interface
#
interface Vlanif102
WLAN
aw
ei
.c
om
/e
WLAN ac source interface Vlanif100

ap-region id 101
ap-region id 102
ap-auth-mode no-auth
ap id 0 type-id 7 mac 80fb-0616-31d1 sn AB34002078
ap id 1 type-id 6 mac 5489-9849-8265 sn AB36015000
in
region-id 102
rn
wmm-profile name wmm-1 id 1
ea
security-profile name security-1 id 1
/l
service-set name huawei-1 id 1

WLAN-ess 0
:/
ssid huawei-1
s:
service-set name huawei-2 id 2
ce
WLAN-ess 1
traffic-profile id 2
so
service-vlan 102
ur
ssid huawei-2
Re
radio-profile name radio-1 id 1
ng
wmm-profile id 1
ni
ap 0 radio 0
radio-profile name radio-1
ar
service-set id 0 WLAN 1
Le
ap 1 radio 0
Mo
re
radio-profile name radio-1

service-set id 1 WLAN 1
#
return
ht
tp
traffic-profile id 1
service-vlan 101
g.
hu
region-id 101
Configuration file of the access switch
aw
ei
.c
om
/e
#
vlan batch 100 to 102
#
interface GigabitEthernet0/0/1
port link-type trunk
g.
hu
port trunk pvid vlan 100

port trunk allow-pass vlan 100 to 101
in
rn
ea
/l
port trunk pvid vlan 100

port trunk allow-pass vlan 100 102
:/
ht
tp
ce
s:
Configuration file of the aggregation switch
ur
so
Re
ng
ni
Mo
re
Le
ar
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
What are need configure about basic AC attributes?

Configure carrier ID and AC ID
ht
s:
Create a VLANIF interface
ce
Configure the country-code
ur
Enable DHCP(Optional)
Re
so
Configure the AC source interface
What are the AP join the AC three authentication modes?
How to submit the configuration to take effect on the AP?
ni
ng
{ mac-auth | no-auth | sn-auth }
Mo
re
Le
ar
Use commit ap id.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Networking Requirements:
The customer must lay out a large number of network cables to deploy a wired
ht
ce
s:
network which does not support flexible user access. Deployment of network
cables requires huge costs and human resources. The customer wants to use an AC
and a Fit AP to deploy a WLAN network, which can reduce deployment costs,
improve access flexibility, and enhance network maintainability.
ur
As shown in Figure, the aggregation switch connects to the upper layer network and an
AC connects to the aggregation switch in bypass mode. An AP connects to the AC through
the access switch and aggregation switch. The AP and AC communicate through a Layer 2
network and the AP and AC belong to the management VLAN 100. Tunnel forwarding is
used to effectively manage data packets.
Mo
re
Le
ar
ni
ng
Re
so
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
The configuration roadmap is as follows:
Use the configuration wizard to configure the AP to go online on the AC.
Use the configuration wizard to configure the WLAN service on the AC.
Deliver the WLAN service to the AP and verify the configuration.
ar
ni
ng
Re
so
ur
ce
s:
Le
re
Mo
tp
Configuration Roadmap
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
You can view device status information to verify that a device runs properly.
The Device Information page includes the following areas:

Customized Display Mode
Device Status
Statistics Details
Device Information
Log
Rogue Device Info
Top10 AP Statistics
Top10 SSID Statistics
Top10 AP Association Failure Rate
Top10 AP Uplink Traffic And Channel Usage
ce
ur
so
Re
ng
ni
ar
Customized Display Mode
Le
re
s:
Mo
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
Interface name: Name of the interface.
Default VLAN: Default VLAN of the interface.
VLAN (Untagged): VLAN to which the interface is added in untagged mode.
VLAN (Tagged): VLAN to which the interface is added in tagged mode.
Connection Status: Connection status of the interface.
Link type: Link type of the interface.
Interface Rate: Rate of the interface.
Description: Description of the interface.
Re
so
ur
ce
s:
ht
ni
ar
Le
re
Mo
tp
Interface parameters:
ng
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Interface name: Name of the Ethernet interface.
Default VLAN: Default VLAN to which the interface is added.

NOTE: The default VLAN must exist on the device.
s:
ht
Interface status: Status of the physical interface (open or close).
Link type: Link type of the interface.
Description: Interface description, for example, "HUAWEI, AC Series, GigabitEthernet0/0/1
ur
ce
so
Interface".
PHB mapping: Enables or disables PHB mapping for outgoing packets on an interface. By
default, PHB mapping is enabled for outgoing packets on an interface.
VLAN ID: VLAN IDs allowed on the interface.
Re
ng
When Link type is Hybrid, packets of VLANs are configured to pass through the
interface in tagged or untagged mode.
ar
When Link type is Access, only packets of the default VLAN are allowed to pass
through the interface.
ni
When Link type is Trunk, packets of VLANs are configured to pass through the
interface only in tagged mode.
Mo
re
Le
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
Interface Name: Name of the virtual interface.
Interface type: Type of the virtual interface.
VLAN ID: VLANIF interface ID.
Interface number: Loopback interface ID.
Primary IP address/mask: Primary IP address and subnet mask of the virtual
ce
s:
ht
re
Le
ar
ni
ng
Re
so
interface.
Mo
tp
Virtual interface parameters:
ur
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Log in to the web platform and choose Configuration > AC Management > DHCP > IP Pool.
The IP Pool tab page is displayed. In the IP Pool List area, click Create. In the Create IP Pool
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
dialog box that is displayed.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
IDAC ID.
Country code AC country code.
AP authentication modeThe AC uses the configured authentication mode to

authenticate APs. By default, the AC authenticates APs using MAC address authentication.
s:
NOTE:
MAC: The AP authentication mode can be set to MAC address
ur
ce
ht
authentication.
No authentication: The AP authentication mode can be set to nonauthentication.
ng
Add APsIf the AP authentication mode is set to MAC or SN authentication, you can add
APs offline.
Manually Add: Enter the MAC address or SN of an AP to add the AP offline.
Import from local file: Configure an AP's MAC address or SN in a local file and
ar
ni
so
SN: The AP authentication mode can be set to SN authentication.
Re
Mo
re
Le
import the MAC address or SN to the AC from the local file.
The file is in .txt format and contains rows of MAC addresses or SNs. Each
row provides one MAC address or SN. The following example is a file
containing rows of MAC addresses.
60de-4474-9640
60de-4474-9680
dcd2-fc9a-2110
g.
hu
AC source addressSource interface of the AC.
VLANIF: A VLANIF interface is used as the source interface.
LoopBack: A loopback interface is used as the source interface.
Virtual IP address: The virtual IP address of the VRRP group is used as the source
interface.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
in
NOTE:
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Add the AP.
Set AP type to AP6010DN-AGN and MAC address to 60de-4476-e360 on the

Create AP page to add the AP.
Select the AP and click Next.
Mo
re
Le
ar
ni
ng
Re
so
ur
ht
Click Create on the Configure AP page. The Create AP page is displayed.
s:
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Select 2.4 GHz.
Create a radio profile named radio. Create a WMM profile named wmm and use the
ht
default settings in the profile.
s:
Click Next.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
Create a security profile named security.
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Confirm the settings
Confirm that the settings are correct, and then click Finish. In the message that is
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
displayed, confirm that the configuration is to be delivered to the AP.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Configure radio calibration. By default, the radio mode and power mode are both auto in
the radio profile, and the radio calibration mode is manual. The configuration procedure is
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
therefore not provided here. If the radio calibration mode is manual, run the calibrate
manual startup command to manually trigger radio calibration.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Configure a calibration channel set to specify the channels on which the AP implements
radio calibration. This example configures a calibration channel set for the 2.4 GHz radio,
ht
which consists of channels 1, 5, 9, and 13.
[AC6605-wlan-view] calibrate 2.4g 20mhz channel-set 1,5,9,13
To configure a calibration channel set for the 5 GHz radio, run the calibrate 5g 20mhz
channel-set channel-value command.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The STA can associate with the WLAN and obtain an IP address 192.168.101.x/24 and its
gateway address is 192.168.101.1.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
An AP sends discovery requests and finds available ACs based on the received
discovery responses. Then the AP selects an appropriate AC to establish a
ht
An AP discovers ACs according to a preconfigured AC IP address list or by obtaining

AC IP addresses from a DHCP server or DNS server. If an AC IP address list is
preconfigured on an AP, the AP establishes a connection with a specified AC based
on the list; otherwise, the AP obtains AC IP addresses from a DHCP server or DNS
server, then associates with an AC successfully.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
connection with. After an AP is powered on, it can discover ACs according to static
configuration or dynamically.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
An AC supports the following AP access control modes.
ht
Add the MAC addresses or SNs of some APs to the blacklist to reject access
from these APs.
s:
Add the MAC addresses of some APs to the whitelist and configure MAC
ur
Add APs to the AC offline to allow the APs to connect to the AC without
authentication.
ce
address authentication.
so
Add the SNs of some APs to the whitelist and configure SN address
authentication.
Re
Manually confirm identifies of APs and allow authorized APs to connect to the
Mo
re
Le
ar
ni
ng
AC.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Direct forwarding is also called local forwarding. In direct forwarding mode, data
packets between APs and the AC do not go through the CAPWAP tunnel and are
ht
In tunnel forwarding mode, data packets between APs and the AC go through the
CAPWAP tunnel to the upper-layer network. This forwarding mode improves packet
forwarding security.
The encapsulated packets are UDP packets. On the AC side, data packets
carry the port number 5247, and control packets carry the port number 5246.
Re
so
ur
ce
s:
directly forwarded to the upper-layer network. This forwarding mode improves packet
forwarding efficiency. In direct forwarding, In direct forwarding, an AP does not
process the packets and sends packets directly.
Port number of data and control packets on the AP side is randomly assigned.
The Data field in UDP packets contains the contents of original packets and
ng
Common packet capturing tools cannot parse original packets encapsulated
ar
ni
the 8-byte CAPWAP header.
Mo
re
Le
with CAPWAP headers.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Data collection: APs collects radio environment information in real time according to
policies provided by the AC.
Data analysis: The AC analyzes and evaluates data collected by APs.
RF allocation: The AC allocates channels and transmit power according to analysis

results.
RF adjustment: APs adjust radio resources according to configuration delivered by the
ur
ce
s:
ht
Mo
re
Le
ar
ni
ng
Re
so
AC.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Radio calibration is implemented based on AP regions.
Multiple APs can be grouped into one region. AP regions are configured based on AP
ht
deployment on carrier networks. Generally, a region maps a hotspot.
s:
Radios and channels of all APs in a region are adjusted using a radio calibration
algorithm. The AP deployment mode in an AP region affects the radio power and
channels of APs in the region. APs in a region can be deployed in any of the following
ce
so
Distributed deployment: APs are deployed independently. An AP is equivalent

to a region and does not interfere with other APs. APs work at the maximum
Re
ur
modes:
power and do not perform radio calibration.

Common deployment: APs are loosely deployed. The transmit power of each
ng
radio is less than 50% of the maximum transmit power.
ni
Radio calibration is classified into global radio calibration and partial radio calibration:
Le
Centralized deployment: APs are densely deployed. The transmit power of

each radio is less than 25% of the maximum transmit power.
ar
In global calibration, the AC adjusts radio parameters of all the APs in the
Mo
re
region. Global calibration can adjust radio parameters of multiple APs quickly.
In partial radio calibration, the AC adjusts radio parameters of only some APs.
Partial calibration is triggered according to the air interface performance
Radio calibration can be triggered in any of the following modes:
aw
ei
.c
om
/e
counters detected periodically, including the conflict rate threshold and packet
loss/error packet threshold.
Global calibration can be triggered automatically at intervals.
Global calibration can be triggered manually.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
in
g.
hu
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
WLAN load balancing ensures sufficient transmission rate and bandwidth for each
STA by evenly distributing traffic of STAs among APs. This function is used on
ht
wireless networks with high user densities to ensure access of STAs.
s:
Load Balancing Mechanism: An AC performs load balancing between APs when

STAs connect to these Aps; Each AP periodically reports STA association information
to the AC, and the AC distributes user traffic among APs based on received STA
association information.When a STA sends an association request to an AP, the AC
checks whether the number of STAs connected to the AP has reached the threshold.
If the number of STAs is smaller than the threshold, the AC instructs the AP to accept
so
ur
ce
Re
the association request. Otherwise, the AC determines whether to accept the

association request according to the load balancing configuration.
Load Balancing Mode
ng
ni
An AP works in either traffic volume-based or session-based load balancing mode,

which is configured on the AC. The threshold of the load difference among radios in a
ar
load balancing group is expressed in percentage.
Traffic volume-based load balancing:The load difference is the gap between

the traffic volume (sum of upstream and downstream traffic volumes) on one
radio and that on another radio. If the load difference threshold is exceeded,
load between radios in a load balancing group is unbalanced.
Mo
re
Le
threshold is exceeded, load between radios in a load balancing group is
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
in
g.
hu
unbalanced.
Mo
Session-based load balancing: The load difference is the gap between the
number of STAs on one radio and that on another radio. If the load difference
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
When the AP and STAs support both 5 GHz and 2.4 GHz, the 5 GHz radio is
preferred for WLAN access.
By default, the STAs supporting both 5 GHz and 2.4 GHz access the 2.4 GHz radio
first. To connect them to the 5 GHz radio, you must manually configure it. The
performance of 5 GHz radio is much higher than that of 2.4 GHz.
To improve user experience, you can configure the AP to connect STAs to the 5 GHz
ce
s:
ht
so
When user density is high or there is interference with 2.4 GHz, the 5 GHz radio can
provide higher access capability.
Mo
re
Le
ar
ni
ng
Re
ur
radio first.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
On a traditional WLAN, each AP must connect to a wired network to provide wireless

services. To enlarge a wireless network, more APs are required, and a lot of cables,
ht
WDS technology allows APs to be connected wirelessly, so it facilitates WLAN

construction in a complex environment. On a network constructed using WDS, APs
set up wireless connections over multiple hops and connect to ACs wirelessly. WDS
has the following notable advantages:
A wireless bridge connects two independent LANs and forwards data between
the LANs.
Re
so
ur
ce
s:
switches, and power supplies are used to connect these APs. This increases network
construction costs and prolongs network construction period.
The network construction cost is low while the network performance is high.
The wireless network is highly scalable. New APs can be added to the network
ng
WDS can easily set up WLANs in a complex environment, such as company,
ar
ni
without adding cables.
Mo
re
Le
subway station, large warehouse, manufacturer factory, and dock where wired
networks are difficult to deploy.
On a traditional WLAN, service virtual access points (VAPs) are created on APs to
WDS networks have two networking modes: point-to-point and point-to-multipoint.
aw
ei
.c
om
/e
provide access for wireless stations (STAs). On a WDS network, bridge VAPs are
created on APs to provide access for neighboring bridges. The bridges then set up
wireless virtual links (WVL).
Depending on the AP's location on the WDS network, a wireless bridge works in root,
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
in
g.
hu
middle, or leaf mode.
On a traditional WLAN, APs exchange data with STAs using wireless channels and
connect to a wired network through uplinks. If no wired network is available before a
ht
tp
:/
/l
ea
rn
in
g.
hu
aw
ei
.c
om
/e
P-14
A WMN allows APs to wirelessly connect to each other, solving the preceding
Re
so
ur
ce
s:
WLAN is constructed, it takes much time and money to construct a wired network. If
positions of some APs on a WLAN are adjusted, the wired network must be adjusted
accordingly, increasing the difficulty in network adjustment. A traditional WLAN
requires a long construction period and has a high cost and poor flexibility, so it does
not apply to emergency communication, wireless MANs, or areas that lack weak wired
network infrastructure. The construction of a WMN requires only APs to be installed,
which greatly speeds up network construction.
problems. A WMN has the following advantages:
ng
Fast deployment: Mesh nodes can be easily installed to construct a WMN in a

short time, much shorter than the construction period of a traditional WLAN.
ni
Dynamic coverage area expansion: As more mesh nodes are deployed on a
ar
WMN, the WMN coverage area can be rapidly expanded.
Robustness: A WMN is a peer network that will not be affected by the failure of
a single node. If a node fails, packets are forwarded to the destination node
along the backup path.
Mo
re
Le
Flexible networking: An AP can join or leave a WMN easily, allowing for

flexible networking.
Various application scenarios: Besides traditional WLAN scenarios such as
enterprise networks, office networks, and campus networks, a WMN also
applies
to scenarios such
as large-scale
warehouses, docks, MANs, metro
lines, and emergency communications.
Mesh point (MP): a mesh-capable node that uses IEEE 802.11 MAC and
physical layer protocols for wireless communication. This node supports

automatic topology discovery, automatic route discovery, and data packet
forwarding. MPs can provide both mesh service and user access service.
Mesh point portal (MPP): an MP that connects to a WMN or another type of

network. This node has the portal function and enables mesh nodes to
communicate with external networks.
Neighboring MP: an MP that directly communicates with another MP or MPP.
g.
hu
For example, in Figure 1, MP2 is the neighbor of MP1.
Candidate MP: a neighboring MP with which an MP prepares to establish a
in
mesh link.
Peer MP: a neighboring MP that has established a mesh connection with an
rn
A WMN includes the following devices:
aw
ei
.c
om
/e
P-15
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
MP.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
On a WLAN, blacklist or whitelist can be configured to filter access from STAs based
on specified rules. The blacklist or whitelist allows authorized STAs to connect to the
WLAN and rejects access from unauthorized STAs.
ht
s:
Blacklist: A blacklist contains MAC addresses of STAs that are not allowed to
connect to a WLAN. After the blacklist function is enabled, STAs in the
blacklist cannot connect to the WLAN, and other STAs can connect to the
WLAN.
Re
so
ur
Whitelist: A whitelist contains MAC addresses of STAs that are allowed to

connect to a WLAN. After the whitelist function is enabled, only the STAs in
the whitelist can connect to the WLAN, and access from other STAs is rejected.
ce
In public places (such as airports and cafes), carriers' networks, medium- and largesized enterprises, and financial organizations, users may need to connect to the
Internet wirelessly. In these scenarios, user isolation can ensure security of data
transmitted between users. User isolation can be implemented based on VAPs or
user groups.
WLAN security involves the following:
ar
ni
ng
Perimeter security: An 802.11 network is subject to threats from unauthorized

APs and users, ad-hoc networks, and denial of service (DoS) attacks. A
wireless intrusion detection system (WIDS) can detect unauthorized users and
APs. A wireless intrusion prevention system (WIPS) can protect an enterprise
network against unauthorized access from wireless networks.
Mo
re
Le
User access security: Link authentication, access authentication, and data

encryption are used to ensure validity and security of user access on wireless
aw
ei
.c
om
/e
networks.
Service security: This feature protects service data of authorized user from
being intercepted by unauthorized users during transmission.
WLAN Quality of Service (QoS) provides differentiated service for wireless users to
satisfy their traffic requirements. WLAN QoS has the following functions:
High-efficiency use of wireless channels: The Wi-Fi multimedia (WMM)

standard enables the high-priority users to preempt wireless channels.
g.
hu
Efficient bandwidth use: Priority mapping preferentially transmits the data of
rn
Network congestion prevention: Traffic policing limits users' transmission rate,

preventing network congestion.
Fairness in wireless channel usage: Airtime scheduling assigns users on the
ea
in
high-priority users.
Differentiated services for different types of packets: The same QoS services
are provided for packets that match a specified ACL. In this way, differentiated
services are implemented for different types of packets.
tp
:/
/l
same radio with equal channel occupation time.
WLAN positioning involves WLAN tag positioning and terminal positioning.
WLAN tag positioning technology uses radio frequency identification (RFID) devices
ht
Terminal positioning technology uses APs to collect strength information about radio
signals in the surrounding environment to locate Wi-Fi terminals and rogue APs. The
APs report the collected information to a positioning server. The positioning server
computes locations of terminals based on AP's location and data received from the
APs, and presents the computing results to users through a display terminal.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
and a positioning system to locate a target through the WLAN. An AP sends the
collected RFID tag information to a positioning server. The positioning server then
computes the physical location and sends the location data to a third-party device so
that users can view the location of a target through maps and tables.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Two ACs work in 1+1 active/standby mode and provides backup of CAPWAP control
ht
tunnels. The active AC provides services for APs, while the standby AC is a backup to
s:
the active AC. APs establish CAPWAP tunnels with both active and standby ACs. If
ce
the active AC fails, services are switched to the standby AC which then becomes the
As long as AP authentication is not performed on the ACs, services are not
so
ur
active AC.
interrupted in local forwarding mode. In centralized forwarding mode, services are
Re
interrupted but instantly recovered on the data tunnel established between the AP and
Mo
re
Le
ar
ni
ng
the standby AC.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Definition:
ht
Dual-link backup is implemented by deploying a standby AC at the same layer
Purpose:
An AC usually controls hundreds of APs and tens of thousands of STAs;

therefore, the AC must be highly reliable. Configuring dual-link backup can
ensure stable service operating on a WLAN network.
Advantage:
The dual-link backup technology provides high reliability between important

network nodes to ensure service availability.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
as the active AC. The standby AC is powered on and has the same
configuration as the active AC. When the active AC fails, the backup AC starts
to manage services quickly.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Setting up the first tunnel:
ht
In the Discovery phase, the AP sends Discover Request packets to both ACs
As long as the ACs are working properly, they will return Discover Responses
packets to the AP. The Discover Response packets contain the dual-link
ce
s:
on which dual-link backup is enabled. If the AP does not obtain IP addresses

of the ACs, it broadcasts a Discover Request packet to discover the ACs.
so
After receiving the Discover Response packets, the AP compares information

in the packets and selects an AC to set up the CAPWAP tunnel. (The AP
Re
ur
backup flag, priorities, workload, and IP addresses of the ACs.
selects the AC with a smaller priority value. If the ACs have the same priority,
ng
the AP selects the AC with a lower workload. If the ACs' workloads are also
the same, the AP selects the AC with a smaller IP address.) If an AC fails to
ni
return a Discover Response packet, the AP selects the other AC to set up the
CAPWAP tunnel. The tunnel set up first may not be the primary tunnel. The AP
Le
ar
will determine the primary and backup tunnels after it successfully establishes
tunnels with both the two ACs.
re
Mo
The subsequent tunnel establishment process is the same as the

establishment of the first CAPWAP tunnel.
Note: The value of AC priority is an integer that ranges from 0 to 7. A smaller value
indicates a higher priority.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Setting up the second tunnel with the other AC:
ht
A Discover Response packet contains the dual-link backup flag. The AP starts
s:
to set up the second tunnel only after the first AC has delivered configurations
to the AP. This avoids repeated configuration delivery.
The AP sends a unicast Discover Request packet to another AC.
If the AC is working properly, it returns a Discover Response packet containing
ur
ce
the dual-link backup flag, workload, and priority to the AP.
so
After receiving the Discover Response packet, the AP knows that the dual-link
backup function is enabled on the AC and stores the AC's priority. (The AP
does not perform an active/standby switchover even if this AC has a higher
Re
ng
priority.)
The AP sends a Join Request packet that carries customized information,
ar
ni
notifying the AC that the configurations have been delivered. After receiving
the Join Request packet, the AC obtains the customized information and sets
Le
up a CAPWAP tunnel with the AP but does not deliver configurations to the
AP.
Mo
re
The AP compares the priorities and IP addresses of the two ACs and
determines the active and standby ACs. The AP performs a revertive
switchover if the second AC becomes the active AC.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Active/standby switchover
After an AP sets up links with the active and standby ACs, it sends Echo
packets to monitor the link status. The Echo packets contain the
active/standby status of the links. When the AP detects that the primary link
fails, it sends an Echo Request packet with the active flag to the standby AC.
After receiving the Echo Request packet, the standby AC becomes the active
AC, and AP transfers STA data to this AC.
The service interruption time lasts from the moment an active AC failure is detected to
the moment the active/standby switchover is complete.
By default, it takes three echo intervals for an AP to detect the failure after the
active AC fails. Each echo interval lasts 25 seconds. The number of echo
intervals required ranges from 2 to 120. The value of each interval ranges from
3s to 300s. A smaller value is not recommended because the AP may
incorrectly determine the fault on the active AC that works properly.
After detecting the active AC failure, an active/standby switchover is performed.
ar
ni
ng
Re
so
ur
ce
s:
ht
If STAs do not go offline such as STAs using open system or WAP

authentication, the service interruption time is the service switchover time, and
is at the millisecond level.
Le
Mo
re
If STAs go offline and reconnects with the AP, the service interruption time
depends on STA reconnection time, that is, STA connection mode (automatic
or manual) and STA performance.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Revertive switchover:
ht
The AP periodically sends Discover Request packets to check whether the
Re
so
ur
ce
s:
original primary link recovers. If the original primary link recovers, the AP
switches STA data back to this link after a delay because this link has a higher
priority than the other one. The AP triggers a revertive switchover after a delay
to avoid frequent switchovers caused by network flapping. The delay time is
fixed at 500s, which is 20 times the echo interval (default interval 25s). When
the delay expires, the AP sends an Echo packet to request the ACs to carry
out a revertive switchover. Additionally, the AP transfers STA data to the new
active AC.
A command is provided on ACs to enable the revertive switchover function. If
Mo
re
Le
ar
ni
ng
this function is disabled, the ACs do not perform a revertive switchover after
the original active AC recovers.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
You can set different priorities for the ACs. The AC with a higher priority functions as
the active AC, while the other AC is the standby AC. A smaller value indicates a
ht
In Layer 3 networking, IP addresses of ACs are clarified in the option 43 field. For
example, [Quidway-ip-pool-huawei] option 43 sub-option 3 ascii 11.1.1.2,11.1.1.3.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
higher priority. If the ACs have the same priority, the AC with a lower workload is the
active AC. If the ACs' workloads are also the same, the AC with a smaller IP address
is the active AC.)
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
How many data forwarding modes are supported and what are their differences?
ht
Data forwarding modes include the direct forwarding and Tunnel forwarding.
Direct forwarding is also called local forwarding. In direct forwarding
mode, data packets between APs and the AC do not go through the
CAPWAP tunnel and are directly forwarded to the upper-layer network.
This forwarding mode improves packet forwarding efficiency.
In tunnel forwarding mode, data packets between APs and the AC go

through the CAPWAP tunnel to the upper-layer network. This
forwarding mode improves packet forwarding security.
Re
so
ur
ce
s:
What is 5G prior and What are its advantages?
When the AP and STAs support both 5 GHz and 2.4 GHz, the AP can allow
the STAs to access the 5 GHz radio preferentially.
When the user density is high or there is interference on the 2.4 GHz
frequency band, the 5 GHz radio can provide higher access capability and
ar
ni
ng
Mo
re
Le
capacity to improve user experience.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Purpose: The most obvious advantage of WLAN networks is that a STA can move
within a WLAN network without physical media restrictions. WLAN roaming allows the
ht
Subnets with different VLAN IDs are in different network segments. STAs
roaming between these subnets roam at Layer 3.
so
ur
Depending on whether a STA roams within the same subnet, WLAN roaming is
categorized as Layer 2 and Layer 3 roaming.
Re
ce
s:
STA to move within a WLAN network without service interruption. An ESS includes
multiple APs. When a STA moves from an AP to another, WLAN roaming ensures
seamless transition of STA services between APs.
Sometimes, two subnets have the same VLAN ID but belong to different
ng
network segments. Based on the VLAN ID, the system may incorrectly
consider that STAs roam between the two subnets at Layer 2. To prevent this
ni
situation, configure a roaming domain to determine whether the STAs roam

within the same subnet. The system considers that the STAs roam at Layer 2
Mo
re
Le
ar
only when the STAs roam within the same VLAN and roaming domain;
otherwise, the STAs roam at Layer 3.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
To avoid packet loss or service interruption due to long authentication duration. The
packet exchange duration of 802.1x or portal authentication is longer than the WLAN
ht
s:
connection setup duration; therefore, STAs will not be reauthenticated or re-negotiate

keys with APs after they roam to another place.
Users' authorization information must be kept unchanged. Users' authentication and
authorization information is their "passports" on wireless networks; therefore, after
they roam, the authentication and authorization information must be the same as that
stored on the original AC.
Users' IP addresses must be unchanged.
Re
so
ur
ce
Application protocols are transmitted using IP addresses and TCP/UDP
ni
The roaming technology synchronizes authentication, authorization, and PMK

information to shorten the authentication duration and keep
ar
ng
sessions. STA IP addresses do not change after roaming. If the IP addresses

are changed, the TCP/UDP sessions set up for the STAs are interrupted.
Mo
re
Le
authentication/authorization information consistency.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The STA monitors channel beacons. When it finds new APs, it sends probe requests
to the APs. The new APs respond the requests through the channels. The STA
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
evaluates the responses and decides which AP is the best to associate with.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Triggering conditions vary according to the following factors:
ht
Ratio of the signal strength of the current AP to the signal strength of
neighboring APs: STA roaming is triggered when the ratio reaches a threshold.
s:
Service performance indicators such as packet loss ratio: STA roaming is

triggered when the service performance indicators reach the preset thresholds.
Roaming triggered this way is slow and less effective.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Generally, after sending a roaming request, the STA sends a request to associate
with a new AP. After its request is accepted, the STA associates with the new AP and
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
then disassociates with the original AP. In some cases, the STA directly associates
with a new AP and then disassociates with the original AP.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The figure shows the network architecture of WLAN roaming. AC_1 and AC_2
manage APs on the WLAN. AP_1 and AP_2 associate with AC_1, and AP_3
ht
s:
associates with AC_2. A STA roams on the WLAN. During roaming, the STA
associates with different APs. The roaming process is as follows:
The STA moves from the coverage area of AP_1 to AP_2. Since AP_1 and AP_2
both connect to AC_1, the STA implements Intra-AC Roaming. The STA associates
with AP_1 first. AP_1 is the STA's HAP, and AP_2 is the STA's FAP. AC_1 is the
STA's HAC and FAC.
The STA moves from the coverage area of AP_2 to AP_3. Since AP_2 and AP_3
associate with AC_1 and AC_3 respectively, the STA implements Inter-AC Roaming.
Re
so
ur
ce
AP_1 and AC_1 are the STA's HAP and HAC, and AP_3 and AC_2 are the STA's
ni
ng
FAP and FAC. AC_1 and AC_2 belong to the same Roaming Group. The STA can
only roam between ACs of the same roaming group. ACs in a roaming group
synchronize data of each other and forward packets over the Inter-AC Tunnel.
ar
AC_1 and AC_2 need to know information about each other. AC_1 functions as the
Master Controller to manage group members and deliver member information to other
Le
Mo
re
group members.
Home AC (HAC): the AC in a roaming group that the STA first associates with, for
example, AC_1 in Figure.
Home AP (HAP): the AP that the STA first associates with, for example, AP_1 in
Figure.
Foreign AC (FAC): the AC that the STA roams to, for example, AC_2 in Figure.
Foreign AP (FAP): the AP that the STA roams to, for example, AP_3 in Figure.
Intra-AC Roaming: The STA roams within the same AC. As shown in Figure, the STA
aw
ei
.c
om
/e
g.
hu
roams within the same AC when moving from AP_1 to AP_2.
Inter-AC Roaming: The STA roams between different ACs. As shown in Figure, the
STA roams between different ACs when moving from AP_1 to AP_3. Intra-AC
in
roaming can be regarded as a special case of inter-AC roaming where the HAC and
FAC are the same AC.
Roaming Group: You can add ACs on WLAN networks to different groups. The STA
can roam between ACs of the same group. The group is called a roaming group. As
shown in Figure, AC_1 and AC_2 form a roaming group.
Inter-AC Tunnel: Inter-AC roaming requires that ACs of a roaming group synchronize
/l
ea
rn
tp
:/
STA and AP information with each other. To enable inter-AC roaming, the ACs set up
a tunnel to synchronize data and forward packets. For example, AC_1 and AC_2 in
Figure set up a tunnel for data synchronization and packet forwarding.
Master Controller
To support inter-AC roaming, ACs of a roaming group must be able to identify each
other. You can configure one AC as the Master Controller to maintain the membership
table and deliver member information to ACs of the group. In this way, ACs of the
group can identify each other and set up tunnels. In Figure, AC_1 is configured as the
Master Controller.
The Master Controller can be an AC in or out of the roaming group.
One Master Controller cannot be managed by another.
The Master Controller must be able to communicate with all managed ACs but does
Re
so
ur
ce
s:
ht
Mo
re
Le
ar
ni
ng
not need to provide high data forwarding capability.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
During Layer 2 roaming, the STA stays within the same subnet. The FAP/FAC
processes packets of a Layer 2 roaming STA in the same way as it processes
ht
tp
:/
/l
ea
rn
in
g.
hu
aw
ei
.c
om
/e
P-12
ce
The STA sends a service packet to the HAP.
After receiving the service packet, the HAP sends it to the HAC.
The HAC forwards the service packet to the upper-layer network.
Re
After roaming:
so
ur
The STA sends a service packet to the FAP.
After receiving the service packet, the FAP sends it to the FAC.
The FAC forwards the service packet to the upper-layer network.
Mo
re
Le
ar
ni
Before roaming:
ng
s:
packets of a newly online STA. The FAP/FAP forwards the packets on the local
network but not send the packets back to the HAP over the inter-AC tunnel.
The STA stays in different subnets before and after Layer 3 roaming. To ensure that
the STA can still access the original network after roaming, user traffic is forwarded to
the original subnet over tunnels.
ht
tp
:/
/l
ea
rn
in
g.
hu
aw
ei
.c
om
/e
P-13
In tunnel forwarding mode, service packets exchanged between the HAP and HAC
are encapsulated through a CAPWAP tunnel, and the HAP and HAC can be
considered in the same subnet. Instead of forwarding the packets back to the HAP,
the HAC directly forwards the packets to the upper-layer network.
Before roaming:
so
ng
Re
After roaming:

ar
ni
ur
ce
s:
The FAC forwards the service packet to the HAC through a tunnel between
them.
Mo
re
Le
In direct forwarding mode, service packets exchanged between the HAP and HAC are
not encapsulated through the CAPWAP tunnel; therefore, whether the HAP and HAC
ht
tp
:/
/l
ea
rn
in
g.
hu
aw
ei
.c
om
/e
P-14
ur
After a user roams to a new AP, the user uses the Home AP (HAP) as its home agent
by default. A tunnel is automatically set up between the Foreign AP (FAP) and home
agent when the user is roaming. User traffic is forwarded by the home agent to ensure
so
ce
s:
reside in the same subnet is unknown. Packets are forwarded back to the HAP by
default. If the HAP and HAC are located in the same subnet, configure the HAC with
higher performance as the home agent. This reduces the load on the HAP and
improves the forwarding efficiency.
Re
that the user can still access the original network after roaming.
If the AC and user's gateway can communicate at Layer 2, for example, when the AC
Le
Before roaming:
Mo
re
ar
ni
ng
is located in the user VLAN or happens to be the gateway, you can configure the HAC
as the home agent to reduce traffic load on the HAP. This also reduces the length of
the tunnel between the FAP and the home agent, which improves the forwarding
efficiency.
aw
ei
.c
om
/e
them.
The HAC sends the service packet to the HAP.
The HAP forwards the service packet to the upper-layer network.
g.
hu
Configuring the AC as the home agent
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
them.
in
After roaming
rn
P-15
A small enterprise needs to provide access services for users through a WLAN and
requires nonstop service transmission when the users move within the enterprise. To
ht
tp
:/
/l
ea
rn
in
g.
hu
aw
ei
.c
om
/e
P-16
In Figure, the enterprise deploys one AC to manage multiple APs. The STA can
connect to the WLAN through AP_1 and AP2. When the STA roams from AP1 to AP2,
services are not interrupted.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
meet the requirements, deploy one AC and multiple APs inside the enterprise and
configure the AC to manage the APs and provide WLAN services for users.
A medium or large enterprise is composed of many working areas. The enterprise

needs to provide access services for users through a WLAN and requires nonstop
ht
tp
:/
/l
ea
rn
in
g.
hu
aw
ei
.c
om
/e
P-17
ur
In Figure, AC1 and AC2 belong to the same roaming group and manage APs in area
1 and area 2 respectively. The STA can connect to the WLAN through AP1 and AP2.
When the STA roams from AP1 to AP2, services are not interrupted.
Mo
re
Le
ar
ni
ng
Re
so
ce
s:
service transmission when the users move between different working areas. To meet
the requirements, deploy one AC and multiple APs in each working area of the
enterprise and configure the ACs to manage the APs and provide WLAN services for
users.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Multiple APs are used to cover the scenarios from al angles. Roaming prevents
services from being interrupted when users roam from one AP to another.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
What are the differences between Layer 3 roaming and Layer 2 roaming?
ht
Subnets with different VLAN IDs are in different network segments. STAs
roaming between these subnets roam at Layer 3.
s:
The system considers that the STAs roam at Layer 2 only when the STAs
roam within the same VLAN and roaming domain.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
What is roaming?
ht
WLAN roaming policies mean free roaming of a STA in a WLAN. When the
STA roams within an extended service set (ESS), services are not interrupted.
Triggers roaming.
Performs roaming.
so
What are the application scenarios of roaming?
WLAN Roaming on Small Enterprise Networks, WLAN Roaming on Medium

and Large Enterprise Networks
Roaming occurs in places including grand halls, sports stadiums, and
dormitories.
re
Le
ar
There are Layer 2 and Layer 3 roaming depending on whether the STA
crosses between VLANs.
Re
Mo
s:
ce
Requests to roam.
ur
ng
Working Principles of Roaming
ni
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Wireless access is not restricted by positions of cables and ports. 802.11-based

WLAN provides high wireless access bandwidth, so more users start to use the
ht
WLAN.
WLANs are especially applicable to public places such as office buildings, airports,
resorts, and hotels.
WLAN wireless data is transmitted over the air and can be received by any proper
ce
s:
Mo
re
Le
ar
ni
ng
Re
so
ur
device. Therefore, how to protect the security of confidential data and user privacy is
WLAN users' top concern.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Unauthorized users use WLAN network resources, which is the most common threat
to WLAN security.
Unauthorized use of network resources increases bandwidth occupation, lowers user

experience and even causes information leaks.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Rouge APs are unauthorized but deployed on enterprise WLANs and interfere
authorized APs, such as launching denial of service (DoS) attacks. Rouge APs that
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
have correct WEP keys configured may intercept client data. Rogue APs with proper
configurations may also provide access services for unauthorized users or allow them
to intercept data packets and send fake packets, even worse, allow them to access
servers and files. Most rogue APs are installed by employees unintentionally.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Unlike wired LANs, wireless networks use wireless communication technology. User
information is transmitted over a wireless communication network and can be easily
ht
intercepted and captured.
s:
Wireless signals can be easily captured by malicious users who may intercept user
information by simply using tools to parse packets.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The following functions ensure WLAN security:
ht
User authentication: ensures that authorized users and clients access the
network through trusted APs.
s:
The WLAN security solution uses user authentication and data encryption to protect
data transmitted over the wireless network. User authentication and data encryption
are implemented differently but all apply to SOHO and large enterprise WLANs. A
large enterprise network also requires IDS for other levels of security protection.
Currently, IDS not only detects attacks to the wireless networks but also protects
WLAN networks against unauthorized clients and untrusted APs. However, IDS
configured on many enterprise networks aims not to prevent external threats but to
prevent access of rogue APs installed by employees unintentionally. Although
employees can enjoy the convenience of mobility and wireless networks, these rogue
APs bring potential threats to WLAN security.
Mo
re
Le
ar
ni
ng
Re
so
System Attack Defense: ensures system security and availability through

WLAN intrusion detection system (IDS) and intrusion prevention system (IPS).
ur
Data encryption: protects data privacy and confidentiality.
ce
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
An 802.11 network is vulnerable to threats from unauthorized AP users, Adhoc

networks, and DoS attacks. Rogue APs pose security threats on enterprise networks.
The WIDS can detect malicious attacks and intrusions from external networks at an
early stage.
The WIPS prevents unauthorized devices on a WLAN from accessing enterprise

networks. The WIDS or WIPS can detect rogue devices on the WLAN and take
ce
s:
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
countermeasures against them.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
WIDS/WIPS terms:
ht
Rogue AP: an unauthorized or malicious AP on the network. A rogue AP can
Rogue client: an unauthorized or malicious client on a network, similar to a
rogue AP.
so
Rogue wireless bridge: an unauthorized or malicious wireless bridge on a

network.
Re
ur
ce
s:
be any one of the following: an AP that connects to the network without being
authorized, a non-configured AP, a neighbor AP, or an AP operated by an
attacker. Hackers may use vulnerabilities of these APs to attack networks.
Monitoring AP: an AP that scans and listens on the wireless medium. It can
ng
detect attacks on wireless networks.

Ad-hoc mode: A wireless client working in Ad-hoc mode can communicate on
Mo
re
Le
ar
ni
the network without any support from other devices.
An AP supports three working modes: access mode, monitor mode, and hybrid mode:
Access mode: If background neighbor probing is not enabled on an AP, the AP
aw
ei
.c
om
/e
only transmits data of wireless users and does not monitor wireless users on
the network. If background neighbor probing is enabled, the AP can not only
transmit data of wireless users but also scan wireless devices and listen on all
802.11 frames on wireless channels.
in
Note:
An AP can implement the WIDS or WIPS function only when it works in monitoring
or hybrid mode.
ea
Hybrid mode: An AP can monitor wireless devices while transmitting data of

wireless users.
rn
Monitor mode: An AP scans wireless devices on the network and listens on all
802.11 frames on wireless channels. In this mode, all WLAN services on the
AP are disabled and the AP cannot transmit data of wireless users.
g.
hu
APs periodically report collected device information to an AC, and the AC identifies rogue
Interference AP: an AP that works on the same channel or adjacent channels with
:/
/l
devices according to the reported device information.
tp
the monitor AP.
Rogue AP: an AP not managed by the local AC or not on authorized AP list.
Rogue STA: a STA that does not go online on the local AC
Rogue bridge: a WDS device not managed by the local AC
Rogue Ad hoc device: all Ad hoc devices detected
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
WIDS/WIPS identifies an Ad-hoc device or a rogue wireless bridge by checking

whether it is on the static attacker list or allowed MAC address list.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
An AC can prevent wireless intrusion of three types of unauthorized devices:
Rogue AP: After an AC identifies a rogue AP, it sends rogue AP information to a
ht
ce
s:
monitoring AP. The monitoring AP uses the rogue AP's identity information to
broadcast a Deauthentication frame. After STAs that associate with the rogue AP
receive the Deauthentication frame, they disassociate from the rogue AP. This
countermeasure prevents STAs from associating with rogue APs.
Unauthorized STA: After an AC identifies an unauthorized STA, it sends unauthorized
STA information to a monitoring AP. The monitoring AP uses the unauthorized STA's
identity information to unicast a Deauthentication frame. After the AP with which the
unauthorized STA associates receives the Deauthentication frame, the AP
disassociates from the unauthorized STA. This countermeasure prevents APs from
associating with unauthorized STAs.
Ad hoc device: After an AC identifies an ad hoc device, it sends the ad hoc device
information to a monitoring AP. The monitoring AP uses the ad hoc device's identity
ni
ng
Re
so
ur
Le
ar
information (BSSID and MAC address of the device) to unicast a Deauthentication

frame. After the STAs that associate with the ad hoc device receive the
Deauthentication frame, the STAs disassociate from the ad hoc device. This
Mo
re
countermeasure prevents STAs from associating with ad hoc devices.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The WIDS can protect small and medium WLANs against flood, weak IV, and
spoofing attacks. It detects vulnerabilities on the network and notifies the
ht
administrator by logs, statistics, or trap messages.
s:
In the preceding figure, the WLAN can have WIDS enabled while providing access
services to ensure access security.
ce
Malicious users may send a large number of connection request packets to
Re
so
ur
AP3. AP3 will forward these packets to the AC for processing, affecting normal
network running. If flood attack detection and dynamic blacklist are enabled,
the WIDS can detect the flood attacks of malicious users and adds these users
to the dynamic blacklist. All packets from these users are discarded to protect
network security.
Weak IV attack detection: If data packets from clients use WEP encryption, the
ng
ni
WIDS detects weak IV attacks based on IV security policies after IV detection

is enabled. Once a weak IV packet is detected, the detection is recorded in
ar
logs.
Spoofing attack detection: Potential spoofing attackers use identity information

of other devices to send attack packets. For example, a malicious AP or user
may send a spoofing deauthentication packet to disconnect a wireless client.
These packets are considered as spoofing attack packets and are recorded in
logs.
Mo
re
Le
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
AAA, short for AuthenticationAuthorization and Accounting, manages network

security. It provides a uniform framework to configure authentication, authorization,
ht
and accounting functions.
Authentication: determines which users can access network servers.
Authorization: determines which types of services authorized users can use.
Accounting: determines how to charge users that are using network resources.
ur
ce
s:
Authentication: authenticates users and available network services. Authorization:

authorizes users to use network services based on the authentication results.
Accounting: records network traffic usage information and provides these records to
the accounting system. The AAA system works effectively in network management
and security.
AAA uses the client/server model. In this model, the client runs on the managed
ng
Re
so
Mo
re
Le
ar
ni
resource side, while the server stores user information. Therefore, AAA features good
scalability and easily implements centralized user information management.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
AAA is a management framework and can be implemented by multiple protocols. In

pratice, RADIUS services are used to implement AAA.
RADIUS services include the following components:
ht
s:
Protocol: RFC 2865 and RFC 2866 define the UDP/IP-based RADIUS frame
format and message transmission mechanism, and specify UDP ports 1812
and 1813 as the authentication and accounting ports respectively.
Client: RADIUS clients run on network access servers (NASs) located on the
entire network.
Re
Server: RADIUS servers run on central computers and workstations to

maintain user authentication and network service access information.
so
ur
ce
Moreover, RADIUS servers can also function as the clients of other AAA servers to
provide proxy authentication and accounting services.
Mo
re
Le
ar
ni
ng
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Three functions are implemented to ensure WLAN security:
ht
User authentication: ensures that authorized users and clients access the
network through trusted APs.
s:
RADIUS services include the protocol, server, and client.
Mo
re
Le
ar
ni
ng
Re
so
System attack defense: ensures system security and availability through IDS
and IPS.
ur
Data encryption: protects data privacy and confidentiality.
ce
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
EAP stands for Extensible Authentication Protocol.
TKIP stands for Temporal key Integrity Protocol.
CCMP stands for Counter Mode with CBC-MAC (short for cipher block chainingmessage authentication code) Protocol.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Open system authentication (OSA) is the default as well as the simplest

authentication mode. Users do not need to be authenticated in this mode. When the
ht
ce
s:
authentication mode is set to OSA, all STAs that sends authentication requests can
pass authentication. OSA applies to carriers' large-sized WLANs with a great number
of users.
OSA consists of two steps only. An AP only checks whether an STA uses the same
authentication mode as itself and does not verify the STA's WEP encryption key. This
slide shows the authentication process.
The OSA process is as follows:
Re
so
ur
The STA sends an authentication request to the AP.
The AP sends an authentication success response packet to the STA. After
ng
receiving the packet, the STA registers with the AP.

The advantages and disadvantages of OSA are as follows:
Advantages: As a basic authentication mechanism, OSA can be used on
ar
ni
Le
wireless devices that do not support complex authentication algorithms. Since
Mo
re
authentication defined in 802.11 is connection-oriented, you can deploy OSA

on scenarios where STAs are required to connect to a WLAN quickly.
Disadvantages: OSA cannot distinguish hacker STAs from authorized STAs.

When this authentication mode is used, any users can connect to a WLAN if
they know the WLAN SSID.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Usage scenario:
ht
Open system authentication is also called plain-text access. It neither verifies
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
identities of STAs or users nor encrypts data exchanged between STAs and
the network. This authentication method is mainly used in public areas or
hotspot areas, such as airports, restaurants, and lobbies, to provide wireless
access (for example, access to the Internet) for users.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
An STA can access an AP only if it has the same SSID as the AP. If their SSIDs are
different, the STA cannot access network resources in the service area covered by
ht
Currently, however, there are available devices or software that can be used to find
WLANs with hidden SSIDs. The SSID hiding function alone is no longer powerful
so
ur
ce
s:
the AP. By setting SSIDs, carriers can group users and restrict access from roaming
users to ensure security and access performance. Carriers can also configure SSID
hiding, define SSID areas, and assign different rights to SSID areas to ensure data
confidentiality. Therefore, an SSID can be considered as a simple password to
implement network security using the password authentication mechanism.
Mo
re
Le
ar
ni
ng
Re
enough to protect the WLAN security.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
MAC address authentication controls the network access right of a user based on the
access interface and the user's MAC address. In this authentication mode, no
ht
authentication client software is required.
s:
MAC address filtering identifies STAs by controlling network adapters. The network
adapter of each STA is identified by a unique MAC address. Therefore, the source
MAC address in the data packets sent from an STA can be checked to determine the
STA validity. To perform MAC address filtering, a valid MAC address list must be
preconfigured on the AC (in fat AP mode, the list is preconfigured on the AP). The AP
communicates with an STA only when the STA's MAC address matches the address
so
ur
ce
Re
in the valid MAC address list.

However, many network adapters allow MAC addresses to be reconfigured. In that
Le
The RADIUS server also supports MAC address authentication. The MAC address list
is configured on the RADIUS server connected to the AC. If the MAC address of an
STA is not included in the list, the STA sends an authentication request to the
RADIUS server. After the RADIUS server authenticates the user's MAC address, the
user can access the WLAN and obtain the authorization information.
Mo
re
ar
ni
ng
case, the MAC addresses are easy to be forged or copied. Therefore, MAC address
authentication is more an access control method than an authentication mode. It is not
recommended that you use the MAC address authentication only, except for the
situation that some legacy devices do not support better security mechanism.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Like open system authentication, shared key authentication is another link

authentication mechanism.
Shared key authentication requires that an AP and STA use the same key (static
WEP key) and is implemented based on WEP encryption. It consists of four steps.
The last three steps complete a WEP encryption and decryption process, which is
similar to the process of Challenge Handshake Authentication Protocol (CHAP).
Verifying the WEP key ensures that the network card and AP use the same key when
the network card sends association requests. This slide shows the authentication
process.
The shared key authentication process is as follows:
Re
so
ur
ce
s:
ht
The STA sends an authentication request to the AP.
The AP randomly generates a challenge packet and sends it to the STA.
After receiving the encrypted packet, the AP decrypts it with its key and
compares the decrypted packet with the original one.
Mo
re
Le
ar
The STA copies the challenge packet to a new packet, uses its key to encrypt
the packet, and sends the encrypted packet to the AP.
ni
ng
If the packets are the same, the STA and AP have the same key and
the STA is successfully authenticated.
If the character strings are different, the STA cannot pass the
authentication.
This authentication mode is not suitable for large-scale networks because a
long key string must be configured for each device.
The disadvantages of shared key authentication are as follows:
aw
ei
.c
om
/e
A static key is used until the next key is configured. If a key is used for a long
time, malicious users can decipher the key by collecting data encrypted by this
key. Given that static WEP keys are easy to be decrypted, shared key
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
in
g.
hu
authentication threatens WLAN security.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
IEEE 802.1X defines port-based network access control protocols. The port can be a
physical port or a logical one, while in a wireless local area network (WLAN) scenario,
ht
ur
The ultimate objective of 802.1X authentication is to check whether a port is available.

If 802.1X authentication succeeds, the port is enabled and allows all the packets to
pass. If 802.1X authentication fails, the port is disabled and allows only the Extensible
so
ce
s:
it refers to a channel. Examples of typical application scenarios: computer stations

where each port of an access switch connects to one single user (physical portbased); WLAN access scenarios defined in the IEEE 802.11 standard (logical portbased).
Re
Authentication Protocol over LANs (EAPoL) packets to pass.

Note: The letter X in 802.1X is capitalized. In the IEEE naming rules, lowercase letters
Mo
re
Le
ar
ni
ng
(such as 802.11a and 802.11b) are used to name regulations attached to existing
standards, while uppercase letters are used to name independent regulations. Since
802.1X is a complete and independent protocol standard, the letter X must be
capitalized.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
As shown in the slide, the 802.1X system operates in the typical client/server (C/S)
model. It consists of the following components: the supplicant, authenticator, and
ht
authentication server.
802.1X is an enhanced network security solution. On a WLAN using 802.1X

authentication, the STA equipped with the 802.1X client software functions as the
supplicant, and the AP/AC with built-in 802.1X authentication proxy functions as the
authenticator. The AP/AC also functions as the client of the RADIUS server, and is
responsible for forwarding authentication information between the STA and the
RADIUS server.
Boasting its distinct advantages on security and cost, 801.1X is an ideal wireless
Re
so
ur
ce
s:
Mo
re
Le
ar
ni
ng
authentication solution. It applies to enterprise WLANs of all scales.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
802.1X is developed based on EAP. EAP is a simple encapsulation protocol and can
run at any link layer. However, it has not been widely used on Point-to-Point Protocol
ht
(PPP) links.
This slide shows the EAP encapsulation format. In a WLAN scenario, the EAP
packets are transmitted over LAN links, forming EAPoL packets.
EAP encapsulation format:
Code: This field is the first field of an EAP packet. It is one byte in length and
identifies the EAP encapsulation type. The Data field must be parsed
according to the Code field.
Re
so
ur
ce
s:
Identifier: This field is one byte in length. It contains one unsigned integer,
ng
which is used to send requests and responses.

Length: This field occupies two bytes. It specifies the total number of bytes in
Data: The length of this field is based on the encapsulation type of the EAP
ar
ni
an EAP packet.
Mo
re
Le
packet.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Extensibility (what the letter E in EAP stands for) is a feature with two sides. With
extensibility, new functions can be developed to meet new requirements. However,
ht
The commonly-used EAPs include:
EAP-MD5: It is the first EAP authentication mode. EAP-MD5 is an

authentication mode based on the user name and password. Its authentication
process is similar to that of the CHAP authentication.
Re
so
ur
ce
s:
extensibility also allows different carriers or enterprises to use different types of EAP
and incompatibility occurs as a result. This explains the narrow coverage of the
802.1X system.
EAP-TLS: It is an authentication mode based on certificates, authenticating the
ng
certificates of both the client and authentication server.

EAP-TTLS is co-developed by Funk Software and Certicom. It is an IETF open
ar
ni
standard, and is well-supported among different platforms. EAP-TTLS provides

strong security and uses the Public Key Infrastructure (PKI) certificate to the
authentication server.
EAP-PEAP: It is an authentication mode based on certificates. A server uses a

certificate for authentication while a client can use either a certificate or a user
name and password for authentication.
Le
Mo
re
Except for the previous types, EAP-SIM and EAP-AKA are also widely used,
both of which use the database of mobile phones to implement authentication.
aw
ei
.c
om
/e
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
in
g.
hu
EAP-SIM provides an interface for the SIM card database on the Global
System for Mobile Communications (GSM) network. EAP-AKA is an
authentication system used on 3G networks. AKA stands for Authentication
and Key Agreement.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The pre-shared key (PSK) mode is also named individual mode. It is developed for
household families and small-sized companies, for whom the 802.1X authentication
ht
ce
s:
servers are high in costs and complex in operation. Each user must enter a specific
password to access the network. The password can have a length of 8 to 63 ASCII
characters or 64 hexadecimal numbers (256 bits). Users can decide whether to save
their passwords to avoid repeated input, but the passwords must be saved on APs.
This authentication mode requires that a key be configured for an STA before the STA
starts an authentication attempt. The AP implements a 4-way handshake key
negotiation to authenticate the validity of the STA-side key.
WPA-PSK can be used for small-sized networks with few important data. It mainly
Re
so
ur
applies to small-sized networks with low risks and network users that do not have high
ni
Since large-sized enterprises have high requirements on security, 802.1X

authentication is used.
Mo
re
Le
ar
ng
security requirements.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Portal authentication is also called web authentication. When a user accesses the
authentication page on the web server or when a user attempts to access other
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
external networks using HTTP, the user is forcibly redirected to the web
authentication page. After the user enters the account and submits the web page, the
web server obtains the account. The web server sends the user account information
to the WLAN server using the Portal protocol. The WLAN server and authentication
server exchange messages to complete user authentication.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The process of login triggered by IP packets is described as follows:
ht
1. A WLAN client (STA) is assigned with a static IP address or obtains a dynamic

IP address using DHCP.
ce
s:
2. The WLAN client sends an HTTP request packet to the WLAN server (AC) to
visit a web page.
so
ur
3. The WLAN server redirects the requested URL to the web authentication page
(IP address of the Portal server) and sends the redirection packets to the
WLAN client.
Re
4. The user enters the user name and password on the web authentication page
and the WLAN client submits them to the Portal server.
ni
ng
5. The Portal server obtains the account information and encrypts the password
with the challenge from the WLAN server. After that, the Portal server sends
an authentication request packet, which carries the user account information
and IP address, to the WLAN server.
Mo
re
Le
ar
6. The WLAN server exchanges authentication information with the RADIUS

server to complete authentication. After the WLAN client is authenticated, the
WLAN server allocates resources to the user, delivers a forwarding entry, and
starts online user probe. In addition, the WLAN server sends an authentication
response packet to notify the Portal server of the authentication result.
7. The Portal server sends the authentication result to the WLAN client and
notifies the WLAN server that it has received the authentication response
packet.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
WLAN is featured with its openness. Therefore, if no link encryption mechanism is

used, data security is threatened. Anyone can tamper or eavesdrop the unencrypted
ht
data as long as they have proper devices.
s:
Communication security is supposed to achieve the following three goals. In addition

to network administrators, data protection protocols must also play a role in protecting
data during transmission.
ce
ur
Confidentiality: prevents data from being intercepted by an unauthorized thirdparty device.
so
Integrity: ensures that the data is not modified.
Authentication: basis of all security policies. As data credibility partly depends
Re
ng
on the reliability of the data source, data users must verify the data source and
therefore authentication is essential for data protection. Authorization and
ar
ni
access control are both based on authenticity. Before a user accesses any
data, the system must verify the user identity and decide whether to allow the
user to access the data.
Le
Authentication has been mentioned in the previous section. In this section, we will talk
about the protection of data confidentiality and integrity, which is what WLAN
encryption all about.
Mo
re
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
For WEP encryption, the following items are needed:
Secret key used to encrypt the frames (WEP allows four secret keys to be
stored at the same time.)
Initialization vector (IV) used together with secret keys during frame
transmission
ce
ht
Original data that needs to be protected
s:
WEP delivers the following item after processing the preceding three items:
An encrypted frame that can be transmitted even on an insecure network and
that carries sufficient data for the receiver to decrypt it.
so
ur
Re
If Rivest Cipher 4 (RC4) is used, the same plain-text password will generate the same
encryption result. Therefore, decryption is not that difficult after the encryption
regularity has been figured out.
To break the regularity, IV is introduced to 802.11. IV is entered together with
the key to generate a key stream. In that way, using the same key will no
longer generate the same encryption result.
ar
ni
ng
IV is carried in packets as plain text so that the receiver can decrypt the
encrypted packets.
Le
Mo
re
Although IV varies depending on packets, the 24-bit length will lead to IV

repetition sooner or later. For a busy AP, the repetition occurs within hours.
Therefore, IV cannot break the regularity of packets in the true sense.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ht
The analysis is as follows:
The encryption keys used in WEP encryption include:
As shown in the functional block diagram of encryption, IV keys are added in the
ur
24-bit encryption keys (also called the IV key) configured for each message
block by the sender
ce
40-bit or 104-bit common keys preset on the sender and receiver
s:
Re
so
message block without encryption to inform the receiver. If a message block with a
certain IV is collected through wireless interception, it is possible to work out the
secret common key by analyzing the IV.
Due to the lack of message integrity check, messages can be easily modified by
Mo
re
Le
ar
ni
ng
hackers.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The Temporal key Integrity Protocol (TKIP) is the first commonly used new encryption
protocol at the link layer. TKIP is developed to improve the security of the legacy WEP
ht
ur
Note: TKIP was first named WEP2 when written into the 802.11 standard. After
it is proved that WEP has defects, this protocol changes its name to TKIP to
differentiate itself from WEP.
so
ce
s:
hardware. Generally, chips enabled with the WEP function support the RC4
encryption mechanism. Since it is the hardware that implements encryption, security
can be enhanced simply by upgrading the software or firmware. Therefore, TKIP
inherits the basic WEP architecture and encryption process.
TKIP has the same encryption mechanism with WEP. To guard against attacks on IV,
Re
TKIP increases the IV length from 24 bits to 48 bits so that more IV values are
Mo
re
Le
ar
ni
ng
supported. In addition, TKIP uses a cryptographic mixing function to defend attacks

against the WEP seed. Each frame is encrypted using a specific RC4 key, which
improves the IV security.
The most important item combined into a TKIP key is the base key. Without a method
to generate unique base keys, TKIP cannot solve the biggest problem: all WLAN
aw
ei
.c
om
/e
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
in
g.
hu
users are repeatedly using a key that is known to the public. To solve this problem,
TKIP generates a unique base key for each packet key. Each time an STA connects
to an AP, a new base key is generated. To generate a base key, you must first obtain
the following data:
(1) Specific session
(2) Random numbers generated at an AP and an STA
(3) MAC addresses of the AP and STA
After that, use the hush algorithm to calculate the data and generate a base key.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Key management deals with problems produced during the period from key
generation to key destruction. The two major protocols in key management defined in
ht
so
ur
ce
s:
802.11i are the 4-way handshake protocol and multicast key upgrade protocol. The 4way handshake protocol is used for unicast key negotiation. An STA and an AP
dynamically negotiates a pairwise master key (PMK). The STA and AP then conduct a
4-way handshake to negotiate a unicast key based on this PMK. Each STA uses a
different PMK to communicate with the AP and the PMK is updated periodically,
ensuring communication security.
The 4-way handshake protocol is the most important part in the key management
Re
system. It is conducted to ensure that the STA and AP obtain the same PMK and that
ng
the PMK is the latest, so that the latest pairwise transient key (PTK) can be generated.
The PMK is negotiated between the STA and AP after the authentication is
ni
implemented. The PTK can be upgraded periodically through the 4-way handshake
initiated by an AP. In the case that the PMK remains unchanged, an STA can send a
Le
ar
4-way handshake initialization request to generate a new PTK. The key negotiation
messages exchanged between the STA and AP are encapsulated with EAPOL-Key.
Mo
re
The process of 4-way handshake is shown in the slide.
The STA generates SNonce. ANonce and SNonce use the pseudo-random
function (PRF) to generate a PTK. The STA sends an EAPOL-Key frame that
includes SNonce and MIC.
The AC uses ANonce and SNonce to generate PTK, checks MIC, and sends
an EAPOL-Key frame. The EAPOL-Key frame includes ANonce, MIC, and a
message indicating whether to install an encryption or integrity key.
The STA sends an EAPOL-Key frame to confirm that the key has been
installed.
in
The AC generates ANonce and sends an EAPOL-Key frame containing

ANonce. In the slide, SNonce stands for the STA's Nonce and ANonce stands
for the AP's Nonce. Nonce refers to a single-use value used by any specified
user, including timestamps, large random numbers, and sequence numbers.
aw
ei
.c
om
/e
This slide shows the 4-way unicast EAPOL-Key negotiation process.
g.
hu
A PTK is a unicast key and also a base key used in cryptographic mixing.
TKIP generates a unique key for each transmitted frame. This key consists of a
sequence counter (IV), the IP address of the sending end (not necessarily the frame
source), and a temporal key. Key mixing ensures that each frame uses a key
significantly different from the other, and defends attacks which assume that the
secret part of the WEP key remains unchanged. Key mixing also considers the IP
address of the sending end, so that STAs using the same IV can derive different RC4
keys. The key mixing function is restricted by the 802.11 controller's processing
capability. TKIP divides the key mixing process into two phases. In the first phase, the
input items are the IP address of the sending end, the first 32 bits of a sequence
number, and a 128-bit temporal key; the output item is a 80-bit value. This sounds a
little complicated, but the computing is composed of simple calculations such as
addition, shifts, and XORs and the computing burden is eased. If the first 32 bits of the
sequence number is a constant, the value computed in the first phase must be a
constant. Therefore, calculation only needs to be performed once every 65535 frames.
In the second phase of key mixing, calculation must be performed for each frame.
Input items in this phase include the computing result in the first phase, the temporal
key, and the last 16 bits of the sequence number. Only the sequence number
changes. The sequence number changes based on a fixed definition. Therefore, the
sequence number required by the frame to be transmitted can be pre-computed
according to the following sequence number. The output value in the second phase is
a 128-bit RC4 key, which can be used as a random WEP seed. The last 16 bits of the
sequence number are used to generate a high byte and a low byte of the WEP IV.
The middle byte of the WEP IV is a dummy byte with a fixed value, which is used to
avoid RC4 key weakness. Some 802.11 interfaces can, with the help of hardware, use
the RC4 key as the input to generate a key string and use the key string to encrypt the
frame. The output items in the second phase can be directly transmitted to 802.11
interfaces that support such hardware.
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
Mo
Encryption key generated using 4-way handshake and key mixing ensures that each
time an STA connects to the network, it has a unique key.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
One of the biggest WEP weaknesses lies in integrity check, which is used to ensure
that frames will not be modified when being transmitted through wireless media. WEP
uses the cyclic redundancy check (CRC) to check the frame integrity, but it has been
proved that CRC is not capable of doing that. Therefore, the task for improvement
falls on TKIP. TKIP aims to work out an applicable algorithm based on solid
cryptography to implement message integrity check (MIC). The final algorithm is one
called Michael, which is an outcome of the compromise of multiple factors. Compared
with the simple linear hash algorithm, Michael is robust. However, the Standards
Committee expects an easy application of algorithms, so the design of Michael is
largely restricted.
The development of Michael results from some attacks, among which the most
serious attacks are the modification of bit and header. The modification of bits takes
advantage of the CRC's weakness in cryptography. As a linear hash algorithm, any
change of the CRC input bits will result in a change of the output ones. It is no longer
something that is known to only a limited circle of people. Attackers can modify
several bits of a frame and to balance the difference resulted, they can change the
WEP MIC value at the same time. For the modification of headers, malicious attackers
may forge an IP address of a source end or a sending end. They may also modify the
destination IP address to control the transmission direction of a frame.
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
Michael cannot be counted as a highly secure encryption algorithm. It is designed for

networks with a lot of devices. Michael helps to protect the data security when the
existing network security is being upgraded. In other words, it is only a temporal
measure that will be replaced when a long-term solution comes out.
Mo
re
The MIC Key shown in the slide is the key to protect frame content used by Michael.
TKIP will derive a pair of keys, so that the workstation-to-base station MIC key is
aw
ei
.c
om
/e
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
in
g.
hu
different from the base station-to-workstation key. MIC keys are used in TKIP, making
TKIP different from WEP.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
CCMP: The combination of AES-based encryption algorithm and CCM authentication

greatly improves WLAN security. CCMP is a must for robust security network (RSN)
construction. Since AES has high requirements on hardware, CCMP cannot be
implemented simply by upgrading the existing devices.
CCMP is not an outcome of compromise; instead, it is independently designed.

Therefore, CCMP can provide highly reliable security.
AES is an encryption standard first used by the U.S. government in 2001. It

supersedes the Data Encryption Standard (DES). AES adopts the Rijindael block
encryption algorithm developed by two Belgians, where the block size is 128 bits and
the key size is 128 bits, 192 bits, or 256 bits. Different number of iteration rounds are
performed in accordance with the key sizes, say, 10, 12, or 14 rounds.
Counter (CTR) and CBC-MAC were first put forward in 1970s, and are now
standardized. CCMP uses CBA-MAC to calculate MIC values and CTR to encrypt
data. To put it in another way, CCMP defines an application method of AES. The
relationship between AES and CCMP is similar to that between RC4 and TKIP.
Security: The U.S. government says the security of AES meets its requirements on
secret data encryption.
ar
AES cracking: The AES encryption algorithm cannot be cracked currently.

Comparison between CCMP and TKIP: The major difference is that CCMP adopts
AES block encryption algorithm where the block size is 128 bits and the key size is
128 bits. AES encryption algorithm applies to packet encryption, key management,
and message integrity code calculation.
Mo
re
Le
ni
ng
Re
so
ur
ce
s:
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
In shared key authentication mode, two WEP encryption modes are available: WEP40 and WEP-104. One access security profile can only be configured with one data
ht
encryption mode; otherwise, only the latest configuration takes effect.
s:
To enable shared key authentication, the STA and AP must be configured with the
same shared key. In shared key authentication mode, a maximum of four WEP
encryption keys can be configured at the same time. The key IDs are 0, 1, 2, and 3
respectively. If WEP-40 is used, the encryption key can be configured as a 10-digit
hexadecimal number or five ASCII characters; if WEP-104 is used, the encryption key
can be configured as a 26-digit hexadecimal number or thirteen ASCII characters
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Choose Configuration > AP Management > Service Set > Security Profile.
In the Security Profile List area, click Create. In the Create Security Profile dialog box
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
that is displayed.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Wi-Fi Protected Access (WPA) is a commercial standard drafted by the Wi-Fi Alliance
to substitute the insecure Wired Equivalent Privacy (WEP) standard before IEEE
ht
ur
802.1X+EAP
An authentication server is needed.
WPA pre-shared key (WAP-PSK)
so
ce
There are two WPA authentication modes:
No authentication server is needed and pre-shared key authentication
Re
s:
802.11i was published. WPA uses the RC4 algorithm, which is called the Temporal
Key Integrity Protocol (TKIP) algorithm.
Mo
re
Le
ar
ni
ng
is configured.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Note:
ht
If the security policy uses 802.1X authentication, run the dot1x-authentication
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
enable command and dot1x authentication-method { chap | pap | eap }

command to enable 802.1x authentication in the WLAN-ESS interface and set
the 802.1x authentication method for WLAN users.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
With the proposal of the 802.11i security standard, the Wi-Fi Alliance introduced
WPA2 based on the IEEE802.11i Standard in 2004. Different from WPA, WPA2
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
adopts 802.1X authentication that includes EAP authentication, LEAP authentication,

EAP-TLS authentication, EAP-TTLS authentication, and PEAP authentication. The
pairwise master key (PMK) is used as a seed to generate an encryption key. A
different PMK is generated every time a user goes online, which ensures security of
the encryption key. WPA2 adopts the CCMP encryption.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
ur
Choose Configuration > Security Management > AAA > RADIUS Setting.
In the RADIUS Server Template area, click Create. In the Create RADIUS
Server Template dialog box that is displayed.
so
ce
Creating a RADIUS server template
Click Create in the Authentication Scheme area, and set parameters in the
Create Authentication Scheme dialog box that is displayed.
Creating an authentication or accounting server
Choose Configuration > Security Management > AAA > RADIUS Setting.
In the Authentication/Accounting Server area, click Create. In the Create

Authentication/Accounting Server dialog box that is displayed.
Mo
re
Le
ar
ni
Re
Choose Configuration > Security Management > AAA > AAA Schemes.
s:
ht
Creating an authentication scheme
ng
tp
:/
/l
ea
rn
in
g.
hu
aw
ei
.c
om
/e
P-42
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
WPA-WPA2 and TKIP-CCMP: User devices vary and support different authentication
and encryption modes. This security policy supports simultaneous configuration of
ht
By default, WPA-WPA2 uses 802.1X authentication + TKIP-CCMP encryption.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
WPA and WPA2 on the AC so that multiple types of terminals can access the
network, facilitating network management. If the security policy is set to WPA-WPA2,
any terminal that supports WPA or WPA2 can be authenticated and access the
WLAN; if the encryption mode is set to TKIP-CCMP, any authenticated terminal that
supports TKIP or CCMP can implement service packet encryption.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
WAPI is a security mechanism defined in the Chinese national WLAN standard.
On June 15, 2009, the Broadband Wireless IP Standard Working Group told that
ht
ce
s:
WAPI had, for the first time, been approved unanimously by over ten participant
countries including America, Britain, and France, and that it would be recognized as
an international standard and be published in the form of an independent text.
WAPI is China's first self-developed technical standard for access security in the field
WAPI allows only robust security network association (RSNA), providing higher
Re
so
ur
of broadband wireless LAN communication. China owns the intellectual property right
of WAPI.
security than WEP and WPA. It can be identified by the Information Element field in a
Mo
re
Le
ar
ni
ng
Beacon frame.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The 802.11 system has the following weaknesses:

The dual-element authentication architecture has not been changed.
ht
WAPI is an instance that applies the access control method based on a triple-element
architecture and peer authentication to WLANs. In this architecture, the AP is
allocated with a unique certificate and bidirectional authentication is performed
between the three entities on two links.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
The AP is not assigned with a unique digital certificate.

The AP identifies WLANs based on SSIDs.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
WAI:
s:
Establishes a security policy
Completes bidirectional authentication (two authentication modes:

certificate authentication and pre-shared key authentication)
ce
Negotiation between unicast and multicast keys
ur
ht
The WAPI protocol includes the following core content:
WPI:
Solves all the known problems of WEP
Mo
re
Le
ar
ni
ng
Re
so
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
On most carrier WLAN scenarios, only Portal authentication is used. In other words,
none of the three encryption methods (WEP, WPA, and WAPI) are used. The carrier
ht
ce
s:
WLANs are open and data is transmitted in plain text. It can been seen that most of
the public WLANs that are widely used currently have low security and application
layer protocols are needed to guarantee the WLAN security.
On enterprise WLANs, however, WPA2+802.1X authentication is used to protect the
user security.
This table presents a summary of the WLAN authentication and encryption, and
various combinations of authentication and accounting applied at the service layer.
Mo
re
Le
ar
ni
ng
Re
so
ur
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ht
Authenticator
Authentication server
s:
Supplicant
ce
The IV length is increased from 24 bits to 48 bits so that more IVs are
supported.
A mechanism for key generation, management, and transmission is introduced
into TKIP encryption.
Each user uses a unique key.
The key used in data encryption is transmitted in a secure way.
Use MIC to check the data integrity.
Mo
re
Le
ar
ni
ng
ur
Features of TKIP encryption
so
Port-based access control authentication and authorization can be implemented only

if the 802.1X architecture has the following three components:
Re
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Protocol: The protocol version is 0, indicates the unique version.
Type: indicates the frame type.
Subtype: indicates the subtype of a frame. Request to Send (RTS): Type=0,

Subtype=1011. Clear to Send (CTS): Type=01, Subtype=1100.
To DS and From DS: indicate the frame sent to the AP or from the AP.
More Fragments: indicates whether there are other frames that are divided from a
ur
ce
s:
ht
Retry: indicates that the frame needs to be retransmitted. All the retransmitted frames
Re
so
large frame. If the upper-layer frames are fragmented, all the fragments except the
last one set this bit to 1.
set this bit to 1 so that the receiver can reject repeated frames.
Power Management: indicates the power status of the transmitter after a frame is
transmitted. The value 1 indicates that the STA is in Power_save mode, and the value
0 indicates that the STA is in active mode.
More Data: this bit is only used by management frames. The value is fixed as 0 in the
ar
ni
ng
Protected Frame: the value 1 indicates that the frame body is encrypted, and the
value 0 indicates that the frame body is not encrypted.
re
Le
control frame.
Mo
Order: indicates that the frames and fragments can be transmitted in a certain order;
however, the transmitter and receiver must number the frames and fragments. The
value is 1 if frames and fragments are transmitted in a certain order.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
When the 15th bit is set to 0, the Duration/ID bit is used to set NAV.
This bit indicates the number of microseconds used by the transmission medium to
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
transmit the frame. The workstation must monitor all received frame headers and
update NAV. If the transmission consumes more time than expected, the NAV is
updated and other workstations are rejected.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The receiver is the workstation that decrypts wireless signals into 802.11
frames.
If Address 1 is a broadcast or multicast address, the workstation must check
ur
Destination refers to the encapsulated workstation in the frame.
s:
ht
Address 1 indicates the receiver's address. In some cases, the receiver's address is
the destination.
ce
Address 2 is the transmitter's address, which is used to sent response message. In

some cases, the transmitter's address is the source. The source address is the
Re
so
BSSID. The workstation responds to the broadcast or multicast messages

from the same BSS, and discards the messages from other BSSs.
ng
workstation that encapsulates frames into network layer protocol, and the transmitter
sends frames to wireless links.
Address 3 is used to filter stations and transport systems. The use of this bit depends
on the network type.
Address 4 is used in the WDS.
Mo
re
Le
ar
ni
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The sequence number is the number of transmitted frames Mod 4096. The number of
transmitted frames starts from 0, and increases 1 every time the MAC processes an
ht
The fragment number is used when the upper-layer packets are fragmented. The
number of the first fragment is 0. The fragment number increases 1 for consecutive
fragments. All fragments of a packet have the same sequence number. The sequence
number of retransmitted frame is unchanged.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
upper-layer packet. If a frame is retransmitted, the sequence number is unchanged;

therefore, repeated frames can be discarded.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The workstations use the same algorithm, so they can use FCS to verify frame
integrity. All bits in MAC header and frame body are counted. 802.3 and 802.11 use
ht
so
ur
ce
s:
the same algorithm to calculate FCS; however, the MAC headers are different.
Therefore, the workstations must recalculate FCS. When a frame arrives at the
wireless link, the workstation calculates the FCS first, and forwards the frame through
RF or IR link. The receiver then calculates the FCS for the received frames, and
compares the FCS with the recorded one. If the FCSs are the same, it indicates that
the frame is not damaged during transmission.
On the Ethernet, the frames with incorrect FCSs are discarded or sent to the upper-
Re
layer protocol. On the 802.11 network, the receiver must respond to the frames
ng
passing integrity check. If no response is returned, the frame is retransmitted. No

response is returned for the frames that do not pass FCS check. Therefore, the
Mo
re
Le
ar
ni
workstation must wait until timer expires before retransmission.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Control frame: 01
Data frame: 10
The value 11 is reserved.
ce
Subtype is the specific type of frames.
Re
ng
ni
ar
Le
re
Mo
ht
Management frame: 00
s:
so
Type values:
ur
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Frame Control: Each frame control bit may affect the description of other bits in MAC
header. Especially, the address bit meaning depends on the To DS and From DS bits.
Duration: The Duration bit records the NAV value. NAV specifies the time limit for
access medium.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The Distribution System (DS) is the backbone network for forwarding frames between
access points. Generally, the DS is the Ethernet.
SA refers to the source address, DA refers to the destination address, RA refers to the
receiver, and TA refers to the transmitter.
BSSID: The coverage area of an AP is a BSS. Each BSS is identified by a BSSID,

which indicates the MAC address of an AP.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The four figures match columns 1-4 in the previous slide.
1. The source and transmitter are STA, and the destination and receiver are AP.
ht
connected to the AP.
so
3. The source is the switch connected to the AP, and the transmitter is the AP. Signals
are transmitted from AP to the wireless link, so the From DS field is 1. The destination
Re
ce
2. The source and transmitter are STA, and the receiver is AP. Signals are transmitted
from the wireless link to AP, so the To DS field is 1. The destination is the switch
ur
s:
Signals are transmitted by the STA, and the STA attempts to associate with the AP.
The BSSID is used to discard the signals from other STAs.
and receiver are STA.
4. This is a WDS model. All the four address bits are used only in this model. In WDS,
ng
signals may be transmitted from wireless link to AP and from AP to wireless link.
Mo
re
Le
ar
ni
Therefore, the To DS and From DS fields are both 1.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ht
Some bit values in Frame Control are fixed.
Type: 01. All control frames use this value.
To DS and From DS: The control frame is used to process access to wireless
medium; therefore, it is generated by the wireless workstation. The
transmission system does not receive or transmit control frames. Therefore,
the value of these two bits must be 0.
More Fragments: The control frame is not fragmented, so this value is fixed as
0.
Retry: Unlike management frames and data frames, control frames are
transmitted in sequence. Therefore, this value is fixed as 0.
More Data: This bit is only used by management frames. The value is fixed as
0 in the control frame.
Protected Frame: The control frames are not encrypted. Therefore, this value
is fixed as 0.
ar
ni
ng
Re
so
ur
ce
s:
Order: The control frames is a component in atomic frame exchange operation;

therefore, they must be transmitted in sequence. The value is fixed as 0.
Mo
re
Le
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The RTS frame is used to obtain the medium control authority for transmitting frames.
Frame Control: It is the same as the Frame Control bit of other frames. The value
ht
1011 indicates the RTS frame. The other bits are the same as those of other frames.
s:
Duration: The RTS frame specifies the medium access authority for atomic frame
exchange operation. Therefore, the transmitter must calculate the remaining time after
RTS frame is sent. After calculation is complete, the microseconds used for frame
ce
so
ur
transmission are set to the Duration bit. If the result is not an integer, it is
automatically changed to the next microsecond.
Receiver Address: indicates the address of the workstation receiving RTS frames.
Transmitter Address: indicates the address of the RTS frame transmitter.
Mo
re
Le
ar
ni
ng
Re
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
After receiving the CTS frame, the neighboring workstations do not response.
Frame Control: The subtype value is set to 1100, indicating the CTS frame.
Duration: When responding to RTS, the CTS transmitter uses the duration value of
RTS frame as time basis. RTS reserves medium use time for the RTS-CTS-frameACK interaction process. After the CTS frame is sent, only the other frames,
fragments, and response messages need to be transmitted. The CTS transmitter
ce
s:
ht
Receiver Address: The CTS receiver is the RTS transmitter, so MAC copies the RTS
Re
so
ur
deducts the time required for transmitting CTS frames and other frames from the RTS
duration, and sets the result to CTS duration.
Mo
re
Le
ar
ni
ng
transmitter address to the CTS receiver address.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ACK is the positive acknowledgement to any received data, including RTS/CTS

frames and fragments. By using the service quality expansion function, ACK is not
needed for some types of frames.
ht
Frame Control: The subtype value is set to 1101, indicating the ACK frame.
Duration: The value in the last frame or fragment is set to 0 depending on the ACK
position in frame transmission.
Receiver Address: The receiver address is copied from the response packet.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Frame Control: The subtype value is set to 1010, indicating the PS-Poll frame.
AID: In the PS-Poll frame, the third and fourth bits in MAC header are the association
ht
s:
ID. AID, specified by the workstation, is used to distinguish connections. By adding

the AID to frames, the AP can find buffered frames.
BSSID: This field contains the BSSID of the transmitter. The BSS is set up by the
connected AP.
Transmitter Address: indicates the MAC address of the PS-Poll frame transmitter.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Management frames have the following types:

Beacon frame
Beacon frames are used to declare network existence. Mobile

workstations use the Beacon frames to detect network existence, and
adjust parameters used to join the network.
The access points transmit Beacon frames.
On the IBSS network, the workstations transmit Beacon frames in turn.
ur
so
Probe Request and Probe Response
The workstations send Probe Request frames to scan 802.11 networks.
If the Probe Request is compatible with the discovered network, the
Re
ce
s:
ht
Authentication and Deauthentication
Mo
re
Le
ar
ni
ng
network returns a Probe Response frame.
The workstation uses shared key and Authentication frame for

authentication.
The Deauthentication frame is used to terminate the authentication

relationship.
Association Request
After the workstation discovers a compatible network and passes
authentication, it sends an Association Request frame to the network.
The Disassociation frame is used to terminate the association
relationship.
Reassociation Request
Disassociation
aw
ei
.c
om
/e
In an ESS, if a workstation moving between BSSs needs to use the DS,

it must be associated with the network again. Different from the
Association Request frame, this frame contains the address of the

access point associated with the workstation.
Association Response and Reassociation Response
g.
hu
When a workstation attempts to connect to an access point, the access
in
point returns an Association Response or Deassociation Response

frame. The response frame contains an Association ID specified by the
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
access point.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The Type field in Frame Control decides the frame types.

Management frame: 00
Control frame: 01
Data frame: 10
s:
Mo
re
Le
ar
ni
ng
Re
so
ur
ht
Which parameter controls the 802.11 frame type?
ce
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Carrier Sense (CS): Before transmitting data, a station monitors the line to check
whether the line is idle. In this manner, chances of collision are decreased.
ht
Multiple Access (MA): Data sent by a station can be received by multiple stations.
s:
Collision Detection (CD): If two stations transmit signals at the same time, the signals
are superimposed, and the voltage amplitude over the line doubles the normal value. A
collision occurs. Stations stop data transmission after detecting the conflict, and resume
ce
Mo
re
Le
ar
ni
ng
Re
so
ur
the transmission after a random delay.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Working process:
Terminal A detects the status of the shared line continuously.
If the line is in use, terminal A waits until the line becomes idle.
s:
If the line is idle, terminal A sends data.
ur
ce
If terminal B sends data simultaneously, collision occurs. Signals of the line become
unstable.
The terminals stop sending data when they detect the unstable signals.
so
Terminals then send a succession of interference pulses and wait for a period to send
data.
Re
ht
Terminals send interference pulses to notify other devices of the collision,
Mo
re
Le
ar
ni
ng
especially notifies the device that sends data at the same time. The time to wait
for resuming data transmission is random.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Collision detection wastes transmission resources. Therefore, 802.11 WLAN protocol

uses the collision avoidance mechanism.
Carrier Sense (CD): Before transmitting data, a station monitors the line to check
whether the line is idle. In this manner, chances of collision are decreased.
Multiple Access (MA): Data sent by a station can be received by multiple stations.
Collision avoidance: 802.11 allows stations to send Request to Send (RTS) packets
ur
ce
s:
ht
Mo
re
Le
ar
ni
ng
Re
so
and Clear to Send (CTS) packets to clear the transmission line. This avoids
interference of other stations during data transmission.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
As shown in the figure, the AP can communicate with PC1 and PC2 but PC1 and PC2
cannot communicate with each other due to some restrictions. (PC1 and PC2 cannot
ht
PC2 is a hidden node of PC1. PC1 and PC2 may send data simultaneously, which
causes collision and the AP cannot identify information from PC1 and PC2. PC1 and
PC2 cannot detect the error.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
receive radio signals of each other because they are for from each other. Obstacles
between PC1 and PC2 have little impact on the hidden node problem.)
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
PC1 sends an RTS frame to the AP. After receiving the frame, the AP returns a CTS
frame. PC2 cannot receive the RTS frame sent by PC1 but receives the CTS frame
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
sent by the AP. Therefore, PC2 does not send data frames over the channel.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
PC1 is transmitting data to AP1. When PC2 wants to send data to AP2, it listens on
the signal channel as defined in CSMA/CA. PC2 detects that PC1 is sending data and
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
mistakenly considers that it cannot send data to AP2. However, PC2 can send data to
AP2 without interfering data transmission of AP1. The exposed node problem occurs.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
PC1 sends an RTS frame to AP1. After receiving the frame, AP1 returns a CTS
frame. If PC2 receives the CTS frame, PC2 does not send data. If PC2 receives only
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
the RTS frame, it still sends data. PC2, as an exposed node, will not receive the CTS
frame of AP1. Therefore, PC2 can send data to AP2.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
InterFrame Space (IFS)
The duration of the delay depends on the frame type. High priority frames are
sent ahead of lower priority frames. A station only waits for a short delay to
send frames with higher priority and has to wait for a long delay for sending
frames with lower priority.
ur
ce
A station has to wait for a delay to send the next frame (listening on the
channel) after the previous frame is sent. This delay is called InterFrame
Space (IFS).
ht
s:
so
Short Interframe Space (SIFS)

The SIFS defined in 802.11g has the value of 10 microseconds and is the
smallest IFS. It differentiates frames in each exchange. The station switches
back to the receive mode from the transmit mode within this period.
ar
ni
ng
A station defers the transmission of lower priority frames if it detects that the
medium is busy handling higher priority frames. This reduces the chance of
collision.
Re
SIFS applies to transmission of the following frames.
Mo
re
Le
Acknowledgement frames, CTS frames, data frames of the fragmented

MAC frames, AP probe reply frames, frames sent from the AP to the
STA that uses the PCF mode.
Point coordination function (PCF) Interframe Space (PIFS)

The PIFS is greater than the SIFS. A station that has PCF enabled waits for a
PIFS duration to access the medium.
The PIFS duration is the SIFS duration plus one slot time, that is 30
microseconds.
Distribute coordination function (DCF) Interframe Space (PIFS)
The DIFS is used for frame transmission and management in DCF mode.
The DIFS is the shortest time for a medium to remain idle in competitive
services. If the medium is continuously idle for a time longer than the DIFS
duration, a station can access the medium.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
in
g.
hu
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The preceding figure demonstrates how Network Allocation Vector (NAV) ensures
noninterference of the whole process.
The access of a work station to the medium is described in bars in shadow. Each bar
is marked with the frame type. If no frame is sent, the operation of the station is
marked with frame interval.
At the bottom of the figure, the bar align with the NAV represents the NAV timer. NAV
ce
s:
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
is carried in the header of RTS and CTS frames. Other stations postpone medium
access because the CSMA/CA mechanism senses that the medium is busy.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
A WLAN enables users to access the Internet by using wireless clients.
A STA scans wireless networks first. After the authentication and association process
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
is complete, the STA sets up a connection with an AP and accesses the wireless
LAN.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
In active scan, a STA periodically searches for near wireless networks. The STA can
send a Probe Request frame with or without an SSID.
ht
The STA sends a Probe Request containing an SSID in 11 channels to search for
the AP with the same SSID. Only the AP with the same SSID will respond to the STA.
s:
The STA periodically sends a Probe Request that does not contain an SSID in the
supported channels. The APs return Probe Response frames to notify the STA of the
ce
so
In passive scan, a STA waits for the Beacon frames sent by APs. The Beacon frames
contain the BSS information of the APs.
Mo
re
Le
ar
ni
ng
Re
ur
wireless services they can provide.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Authentication is the first of two steps required to connect to the 802.11 basic service
set. Both authentication and association must occur, in that order, before an 802.11
ht
client can pass traffic through the AP to another device on the network.
The 802.11-2007 standard specifies two different methods of authentication: Open
System authentication and Shared Key authentication.
If open system authentication is used, the WLAN client can be authenticated as long
ce
s:
Shared key authentication requires that the WLAN server and client use the same
Re
so
ur
as the WLAN server supports open system authentication and packets exchanged
between them are not encrypted.
shared key. The WLAN server checks whether the client uses the shared key. If the
Mo
re
Le
ar
ni
ng
client uses the same shared key as the server, the client is authenticated; otherwise,
the client fails to be authenticated.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The WLAN client has already obtained the service configuration parameters such as
the access authentication algorithm and encryption key in the WLAN service
ht
After link negotiation is complete, an 802.11 link is set up between the WLAN server
Mo
re
Le
ar
ni
ng
and client.
Re
so
ur
ce
s:
discovery stage. These parameters are carried by the Beacon frame or probe
response sent by the WLAN server. In the client association stage, the association or
re-association request sent by the client carries the client's parameters and the
parameters that the client selects according to the service configuration, including the
transmission rate, channel, QoS capabilities, access authentication algorithm, and
encryption algorithm.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
How many stages are required for an STA to access the network and what are they?
WLAN access process:
Three stages: scan, authentication, and association
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Electromagnetic wave (namely, electromagnetic radiation) moves in the air using the
electric field and magnetic field that are mutually vertical and flap in the same
ht
direction.
Radio wave is the electromagnetic wave emitted in the free space (including air and
vacuum). The frequency of radio wave is lower than 300GHz (The lowest frequencies
are different. The commonly used lowest frequencies are 3 KHz-300 GHz, 9 KHz-300
GHz, and 10 KHz-300 GHz).
The current change in the conductor generates radio waves. Therefore, information
can be carried by radio wave through modulation. When electromagnetic wave
reaches the receiver, the electromagnetic field change caused by the electromagnetic
Re
so
ur
ce
s:
wave generates current. Information can be extracted from current through
Mo
re
Le
ar
ni
ng
modulation. Information is thus transmitted.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Frequency is an important physical index. The frequency of a wave is the flapping

frequency of the wave. The unit is Hz. If a wave flaps once per second, the frequency
ht
is 1 Hz.
Wave consists of consecutive crests and troughs. The distance between adjacent
crest and trough is the wavelength. Waves vary in size from very long radio waves the
size of a football field, to very short gamma-rays smaller than the size of the nucleus
of an atom. The higher the frequency is, the shorter the wavelength is.
The frequency of electromagnetic waves ranges from 3 kHz to 300 GHz, and the
wavelength ranges from 10 km to 0.1 mm.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
When radio waves reach the receiver, the electric field may be vertical to or in parallel
with the group.
When the phases are the same (or 180), the electric field is linear polarization.
In this case, the electric field vectors are in the same plane. The amplitude E
of electric field changes at an interval in period t, but the direction is not
changed. The wave of electrical field E that is vertical to the group is called
vertical polarized wave, and the wave that is parallel with the group is called
parallel polarized wave.
Generally, the amplitude and phase of waves are random values, and the
electric field E is an ellipse. This is called elliptical polarization. If the transmit
ng
If the vertical vector and parallel vector of an electric field are the same and the
phases are 90 (270, the wave is the circular polarized wave.
Re
so
ur
ce
s:
ht
ni
antenna uses circular polarization, the receiver antenna must also use circular
polarization, and the polarization directions must be the same. This is called
Mo
re
Le
ar
polarization matching.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
When electric charge is added to the metal conductors. The electric field is generated
between the conductors, as shown in figure 1. In figure 2, the conductors is placed far
ht
When the conductor length L is greatly smaller than wavelength , emission is weak.
When the conductor length is near the wavelength, current on the conductor greatly
increases and emission increases. The linear conductor is called dipole.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
away from each other. If the conductors forms a line, the electric field is outside the
conductors, as shown in figure 3.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The antenna converts guided waves on cables into free space electromagnet waves
or converts free space electromagnet waves into guided waves. Antennas on wireless
ht
ce
s:
devices transmit and receive electromagnetic waves. The signals transmitted by the
wireless transceiver are received by the antenna through the feeder, and transmitted
by the antenna as electromagnet waves. The electromagnet waves are received by
the antenna of the receiver, and sent to the wireless transceiver through the feeder.
Generally, an antenna can transmit and receive electromagnet waves. The features
and specifications of an antenna are basically the same when it transmits and
receives electromagnet waves. This is the reciprocity principle.
Guided waves: electromagnet waves transmitted along a transmission line in a certain
Re
so
ur
direction. The typical guided waves are the waves transmitted along the parallel lines
Free space waves: electromagnet waves transmitted in free space.
Mo
re
Le
ar
ni
ng
or coaxial cables, waves transmitted along the pipe, and waves transmitted along the
ground from the launchers to the receiver.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
To analyze antenna performance, antennas are classified into two types: linear
antenna (metal cables of which the semidiameter is smaller than the wavelength) and
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
plane antenna (metal or medium of which the semidiameter is greater than the
wavelength). The linear antenna is used for long, medium, and short frequency bands.
The plane antenna is used for centimeter or millimeter frequency bands.
Veryhighfrequency (VHF) is transmitted by linear antennas, and ultrahigh frequency
(UHF) is transmitted by both linear and plane antennas. The working mechanisms of
linear antenna and plane antenna are the same.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Half-wavelength dipole generates electric wave of which the wavelength is two times
of the dipole length. The two ends of the generated standing wave are voltage
ht
ur
In short wave, ultrashort wave, and microwave, the half-wavelength dipole functions
as the dipole of antennas, feeders, or antenna arrays.
Mo
re
Le
ar
ni
ng
Re
so
ce
s:
antinode and the center is current antinode. It is similar to electric dipole, which can
be used as antenna (dipole antenna). When it is used as dipole antenna, the
wavelength is half wavelength. Symmetrical dipole is the typical and commonly used
antenna.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
An antenna can transmit waves to different directions and receive waves from
different directions. An antenna pattern is a plot of the relative field strength of the
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
electromagnet waves emitted by the antenna at different angles. The omnidirectional

antennas emit and receive equal power in all horizontal direction. The directional
antennas emit and receive relatively high power in one or multiple directions. The
omnidirectional antennas are undirectional, so they are usually used by point-tomultipoint console. The directional antennas emit and receive high power in certain
directions, so they have relatively high gain than omnidirectional antennas. The
directional antennas are suitable for long-distance, point-to-point communication. In
addition, they can effectively prevent interference.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The radiation of a vertical half-wavelength symmetrical dipole is represented by a

three dimensional perspective.
The flat pattern shows the radiation direction of an antenna at the specified plane. The
radiation in the axes direction is zero, and the radiation in the horizontal direction is
the maximum value. The antenna has equal radiation in all directions.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
When the pattern becomes flat, signals are focused. The signals are strong in certain
directions, and weak in other directions.
The flat pattern shows the reflector function: The reflector reflects energy to one side
to increase gain. The paraboloid reflector focuses energy to an angle, like a
searchlight. A paraboloid antenna consists of a paraboloid reflector and radiation
source.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Polarization refers to the orientation of antennas in the plane perpendicular to a

transverse wave's direction of travel. The electrical field and magnetic field have fixed
ht
Due to the characteristics of electrical waves, the horizontally polarized signals

generates current when approaching to the ground. Polarized current generates heat
due to ground impedance. As a result, electrical field signals are attenuated. The
vertically polarized signals do not generate current, so energy will not be attenuated.
so
ur
ce
s:
relationship, so polarization direction of antennas is represented by the direction of

electrical field. It is the electrical field direction in which the antenna emits highest
energy.
Re
Therefore, vertical polarization is widely used in mobile communication. Huawei uses
Mo
re
Le
ar
ni
ng
vertical polarization or 45 dual-polarized antennas in wireless systems.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Dual-polarized antennas: combination of vertically polarized antenna and horizontally

polarized antenna, or combination of +45 polarized antenna and -45 polarized
ht
antenna.
s:
With development of new technologies, dual-polarized antennas are widely used now.
Dual-polarized antennas use two polarization modes: vertical and horizontal
polarization and 45 polarization. The performance of 45 polarization is higher
than the performance of vertical and horizontal polarization. Therefore, 45
polarization is widely used. The dual-polarized antenna consists of +45 and -45
antennas that are mutually orthogonal and work in full duplex mode. Fewer antennas
so
ur
ce
Re
will be used if dual-polarized antennas are adopted. In addition, the 45 antennas
Mo
re
Le
ar
ni
ng
are mutually orthogonal, signal transmitting and receiving performance is improved.
Vertically polarized waves need to be received by vertically polarized antennas, and

horizontally polarized waves need to be received by horizontally polarized antennas.
aw
ei
.c
om
/e
Right-handed circular polarization waves need to be received by right-handed circular

polarization antennas, and left-handed circular polarization waves need to be
received by left-handed circular polarization antennas. If the polarization direction of
received waves is different from the polarization direction of the receiving antenna,
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
in
g.
hu
signals will be weakened. That is, signals are attenuated due to polarization. For
example, when the + 45 polarized antenna receives vertically or horizontally
polarized waves or when the vertically polarized antenna receives +45 or -45
polarized waves, signals are attenuated. When the circular polarization antenna
receives linear polarization waves or when the linear polarization antenna receives
circular polarization waves, signals are attenuated. The received signals may be only
a half of the total signals.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The indoor ceiling-mounted antenna must have simple structure and be easy to install.
The antenna has low gain, which is about2-5 dBi. Such antennas are usually used on
ht
indoor distributed devices. The antenna receives signals through feeder.
s:
Wall-mount antennas also feature in light weight and easy installation. The gain of
wall-mount antennas is about 5-8 dBi. The wall-mount antennas can be used on
indoor distributed devices or directly connected to the signal source.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Outdoor antennas are the most important part in WLAN outdoor project. Antenna type
decides whether signals can be stably transmitted in a long distance. Antenna's
ht
Directional antennas can provide high gain. Generally, the antennas that have small
angles provide high gain, and signals are transmitted longer. However, the antennas
so
ur
ce
s:
coverage area and angle must be considered when selecting antenna types. When
the space to be covered is small, the low-gain omnidirectional or directional antennas
can be used. When the space to be covered is large, the high-gain directional
antennas must be used. The high-gain, small-angle antennas are suitable for outdoor
long distance, point-to-point transmission.
Re
that have focused directions are difficult to install and adjust. The antennas on two
ng
sides must point to each other; otherwise, signal transmission is inaccurate. Such
antennas are suitable for long-distance transmission. Therefore, there are high
Mo
re
Le
ar
ni
requirements on the antennas' locations.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Physically, gain has the following meaning: ratio of the signal output of a system to
the signal input of the same system. If the transmitter antenna is an ideal undirectional
ht
ce
s:
source, the input power should be 100 W. If the transmitter antenna is a directional
antenna of which gain is G=13dB(20 times), the input power is 100/20=5W. That is,
an antenna's gain is the amplifier of input power of the undirectional ideal radiation
source.
If the gain is calculated based on half-wavelength symmetrical dipole, the gain unit is
dBd.
When selecting gain, ensure that the beam matches coverage area. If coverage area
is small, select the low-gain antenna with wide vertical lobe.
Mo
re
Le
ar
ni
ng
Re
so
ur
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Antennas have different patterns. Some antenna patterns have many lobes. The lobe
that has the highest radiation is the main lobes, and the other lobes are backlobes
ht
and sidelobe. The areas between lobes have weak radiation.

At the two sides of the main lobe, radiation is reduced by 3 dB (power is reduced a
half). The angle between the two sides is beamwidth (main lobe width, half-power
angle). When the beamwidth is narrow, radiation distance is long and interference is
prevented.
When deploying the antennas, note that sidelobes will interfere with peripheral
residential areas. Generally, the main lobe radiation needs to be enhanced, and side
lobe radiation needs to be suppressed. However, in the areas near the antennas, the
Re
so
ur
ce
s:
sidelobes enlarge the coverage distance.

There is another beamwidth (10 dB). It is the angle between the two points of which
ng
Mo
re
Le
ar
ni
radiation is reduced by 10 dB (power is reduced 1/10).
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
3 dBm = 2mW
-3 dBm = 0.5 mW
10 dBm = 10 mW
-10 dBm = 0.1 mW
s:
ce
ur
dBi and dBd: indicates the gain (power gain).
The reference source of dBi is omnidirectional antenna. The reference source

of dBd is dipole. dBd=dBi+2.14
so
tp
0 dBm = 1 mW
ht
Re
dBm: indicates an absolute power value. Typical values:
That is, the gain 16 dBd is equivalent to 18.14 dBi, that is 18 dBi.
dB: indicates a relative power.

For example, if the power of antenna A is two times of the power of antenna B,
10lg(power of antenna A/power of antenna B)=10lg2=3dB. That is, the power
of antenna A is 3 dB higher than the power of antenna B.
ar
ni
ng
When transmitting signals within 100 m at frequency band 2.4 GHz, the power
loss of the 1/2-inch feeder is about 12.1 dB.
Le
Mo
re
If the power of antenna A is 46 dBm and the power of antenna B is 40 dBm,

the gain of antenna A is 6 dB higher than the gain of antenna B.
If the power of antenna A is 12 dBd and the power of antenna B is 14 dBd, the
gain of antenna A is 2 dB lower than the gain of antenna B.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The splitter equally divides energy.
The splitter cascades two, three, or four channels to distribute power.
Note
s:
ht
Cavity splitter is applicable to high transmit power.
The output arms of cavity splitter are not separated; therefore, the cavity
splitter cannot be used as combiner.
When working for a long time, the cavity splitter is stabler than the microstrip
splitter.
When connecting passive components, consider port definition; otherwise, the

system cannot work.
Passive components cannot work under overloaded power; otherwise, the

components may be damaged or the active devices may be faulty.
ur
so
Re
ng
ni
When connecting components, ensure that the interfaces are reliably

connected; otherwise, interface performance may degrade and the system
ar
ce
Mo
re
Le
cannot work.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Product Type
ht
Couplers are classified into cavity coupler and microstrip coupler based on
power distribution.
ce
Note
Cavity splitter is applicable to high transmit power.
When working for a long time, the cavity splitter is stabler than the microstrip
splitter.
When connecting passive components, consider port definition; otherwise, the

system cannot work.
Passive components cannot work under overloaded power; otherwise, the

components may be damaged or the active devices may be faulty.
so
Re
ng
When connecting components, ensure that the interfaces are reliably

connected; otherwise, interface performance may degrade and the system
ar
ur
ni
The couplers must be selected properly.
s:
Mo
re
Le
cannot work.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The combiner combines signals of multiple systems into a set of antenna system. In
wireless antenna system, input and output signals of different frequency bands are
ht
s:
combined ,and the antenna system is connected to the console through a feeder. This
saves feeders and prevent antenna switching.
In the WLAN field, combiners include single-band combiners (2.4G) and multi-band
combiner).
The input port on the combiner limits frequency.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The coaxial cable has inner conductor and the outer shield sharing a geometric axis.
Coaxial cable has an inner conductor surrounded by a tubular insulation layer,
ht
s:
surrounded by a tubular conducting shield. The coaxial cable transmits highfrequency signals with little loss, prevents interference, and provides high bandwidth.
There are two types of coaxial cables: 50 and 75.The 75 coaxial cable uses
CATV system, and the 50 coaxial cable uses radio communication.
FR coaxial cable is the coaxial cable that transmits signals and energy within the
radio frequency range. FR coaxial cables are classified into three types based on
functions, CATV coaxial cable, radio coaxial cable, and leakage coaxial cable.
When signals are transmitted in the feeder, there are impedance loss and media loss.
Re
so
ur
ce
Mo
re
Le
ar
ni
ng
The loss increases when the feeder length and working frequency increase.
Therefore, the feeder should not be too long.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
RF coaxial connector (RF connector) is installed on a cable or instrument to separate

or combine electricity)
Compared with other electrical components, RF connector has a shorter

history.1930The UHF connector invented in 1930 is the earliest RF connector. During
the second world war, radar, broadcasting station, and microwave communication
technologies developed fast. Accordingly, the N-type, C-type, BNC, and TNC
connectors were developed. After 1958, the SMA, SMB, and SMC connectors were
developed. In 1964, the US issues the MIL-C-39012 RF coaxial connector
specifications. Then, the RF connectors were standardized and commonly used.
RF connector type:
The major name of a converter is the connector name or fraction.
ng
Re
so
ur
ce
s:
ht
Example: SMA-50JK represents the SMA-type 50 converter. One end is
Mo
re
Le
ar
ni
male and the other end is female. BNC/SMA-50JK represents the converter
with BNC male and SMA female, and the impedance is 50.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The surge protection device is usually used between electrical conduction and ground,
and connected to the protected device. When voltage exceeds the upper limit, the
ht
Functions of antenna surge protection device: transmits wireless signals and protects
interfaces, transmits control signals and protects receiving device, protects television
satellite device, monitors signal transmission, protects receiving device, protects
wireless communication device, and protects other radio devices.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
surge protection device limits voltage to protect the device. When voltage is restored,
the surge protection device restores the working voltage.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Combiner, power splitter, and coupler are commonly used passive components used
in indoor distribution system. The combiner is mainly applied to multi-system
ht
Antenna surge protection device and network interface surge protection device are
used outdoors.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
(GSM/CDMA/3G/WLAN), or to different WLAN frequency bands. The coupler is used

to unequally divide power and splitter is used to equally divide power.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Omnidirectional antenna, directional antenna
s:
23dBm=?Mw
+23 dBm can be divided into +10dBm +10dBm +3dBm.
Calculation:
ce
1 mW x 10 = 10 mW
10 mW x 10 = 100 mW
100 mW x 2 = 200 mW
ur
Mo
re
Le
ar
ni
ng
Re
ht
How many antenna types are there based on direction?
so
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
When the network load is heavy, you can configure QoS to control factors that may
cause network congestion, to reduce the possibility of congestion during resource
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
allocation and traffic control. When congestion occurs, the system allocates resources
based on service characteristics and requirements to minimize the impact of
congestion on QoS.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
In the Best Effort model, an application can send any number of packets at any time
without any approval or notifying the network. The application attempts to send
ht
The Best Effort model is the default service model on the Internet and can be applied
to various network applications, such as FTP and email.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
packets with the best efforts, but cannot ensure performance such as delay and
reliability.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
An application notifies the network of the QoS requirements, including the delay,
bandwidth, and packet loss ratio, through the signaling protocol. After receiving the
ht
When the resource is allocated to the application, the network ensures the QoS for
the application as long as the packets of this application are controlled within the
range specified by the traffic parameters. The network nodes on the reserved path
can perform packet classification, traffic policing, and queue scheduling with a short
so
ur
ce
s:
RSVP request, the network nodes on the transmission path perform admission control
to check the validity of the user and the availability of the resources. After that, the
network nodes decide whether to reserve resources for the application.
Re
delay to ensure the QoS. Combined with multicast, the IntServ model can be used in
ng
real-time multimedia applications that require high bandwidth and low delay, such as
video conference and video on demand (VoD). The traditional telephones use this
ni
model for communication. When the resources are not reserved, the line is occupied
and calls cannot be connected. When the resources are reserved, the quality of calls
Mo
re
Le
ar
can be guaranteed.
The advantage of the IntServ model is that it can provide end-to-end QoS guarantee,
whereas its disadvantage lies in the poor scalability. Network nodes must maintain
aw
ei
.c
om
/e
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
in
g.
hu
soft state information for each resource reserved. In the multicast application, network
nodes need to periodically send resource requests and path update information to the
network so that group members can join or leave a multicast group dynamically. It
takes a long time to perform these operations and a lot of memory resources are
consumed. When a network is expanded, the cost of maintenance increases greatly,
which seriously degrades the performance of network nodes, especially the core
nodes that need to process packets at line speed. Therefore, the IntServ model is not
applicable to backbone networks where traffic aggregates.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Unlike IntServ, an application in the DiffServ model does not need to send resource
reservation requests to all network devices on the transmission path. Instead, the
ht
s:
application sets the precedence field in the packet header to notify the network
devices of its QoS requirements.
In the DiffServ model, network devices provide differentiated services for each flow
based on the precedence field in the packet but do not need to maintain the status of
each flow. QoS can be specified based on various information, such as the IP
precedence, source address, and destination address of packets.
The QQ voice and QQ video services use the Best Effort model, which does not
ensure good communication quality. The video conference service uses the DiffServ
Re
so
ur
ce
Mo
re
Le
ar
ni
ng
model which helps to improve the communication quality.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
QoS profiles can be classified into two types: the traffic profile on the wired side and
the WMM profile on the wireless side.
The traffic profile contains various priority mapping and traffic suppression
parameters including the profile name, 802.3 priority mapping policy, tunnel
priority mapping policy, UP mapping policy, and traffic policing.
ce
s:
ht
The WMM profile contains parameters related to Wi-Fi Multimedia (WMM),
Mo
re
Le
ar
ni
ng
Re
so
ur
including the profile name, WMM status, EDCA parameters, and ACK policies
and parameters. WMM defines a priority range based on data types for
wireless communication. Delay-sensitive data, such as video data and voice
data, has higher priorities than common data. To support WMM, STAs must
have WMM enabled. STAs can also choose not to enable WMM.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Access Category (AC): WMM prioritizes queues of four access categories in a

descending order: AC-voice (AC-VO), AC-video (AC-VI), AC-best effort (AC-BE), and
ht
Enhanced Distributed Channel Access (EDCA) is a channel preemption mechanism

defined by WMM, enabling high-priority packets to be sent first and allocated more
bandwidth.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
AC-background (AC-BK). Packets in a high-priority access category have greater

capabilities in channel preemption.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
User priority (UP) represents the priority of 802.11 packets. The UP is included in the
QoS field of the 802.11 MAC header. The value of UP ranges from 0 to 7. The WMM
ht
ce
s:
protocol specifies the mapping relationships between WMM and UP. WMM is
classified into four categories, and each category maps two UP values. APs
determine the WMM access category of data packets based on UP values and
forward the packets based on the priority of AC queues.
There are four AC queues with different priorities. Packets in a high-priority AC queue
have greater capabilities in channel preemption so that differentiated services are
provided for different AC queues.
The voice and video data in video conferences maps the AC_VO and AC_VI queue
Re
so
ur
Mo
re
Le
ar
ni
ng
respectively. The QQ voice and QQ video on the Internet maps the AC_BE queue.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
WMM defines a set of EDCA parameters for each AC. The meanings of parameters
are as follows:
Arbitration Inter Frame Spacing Number (AIFSN): AIFSN is similar to the DIFS
in the IEE802.11, which is a fixed value. However, WMM defines different
AIFSNs for ACs. A larger AIFSN value indicates a longer idle duration.
ce
s:
ht
ECWmin and ECWmax: These two values determine the average backoff time.
so
Transmission opportunity limit (TXOPLimit): This value determines the

maximum duration in which a STA can occupy a channel. A larger value
Re
ur
A larger value indicates a longer average backoff time.
indicates a longer duration. If this parameter is set to 0, a STA can send only
Two ACK policies are specified in WMM: Normal ACK and No ACK.
In no ACK mode, if the communication quality is good and interference
is low, no ACK packet is sent to confirm the receiving of a packet from
ni
ng
one packet each time it occupies a channel.
Mo
re
Le
ar
the sender. This improves the transmission efficiency, but may cause
increased packet loss if the communication quality is low.
In normal ACK mode, the receiver sends an ACK packet to confirm the
receiving of every unicast packet from the sender.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
AIFS
Cwmin
CWmax
ht
Category
2/3
0.25 min
0.5 min
Video
2/3
0.5 min
1 min
Best Effort
1 min
7/3
1 min
max
The AIFS value of the BE queue is set to 1. AIFS values of other AC queues are
ur
max
ce
Background
s:
Voice
so
calculated based on the ratio compared with that of the BE queue.

The AIFS is the idle duration of each AC queue. A higher-priority queue has a shorter
duration and enters the backoff period first. The AIFS values of the AC-VO and AC-VI
queues are the same.
Backoff slots indicate the backoff duration for each AC queue. A higher-priority queue
has a shorter backoff duration and occupies the channel first.
Channel occupying and packet sending principle:
ar
ni
ng
Re
Before occupying a channel to send packets, STAs monitor the channel. If the
channel idle time is longer than or equal to the AIFSN, each STA selects a
random backoff time between ECWmin and ECWmax. The STA whose
backoff time expires the first occupies the channel and starts to send packets
over the channel.
Mo
re
Le
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
802.11 provides services of the same quality for all applications. Different
applications, however, have different requirements for wireless networks. 802.11
ht
tp
:/
/l
ea
rn
in
g.
hu
aw
ei
.c
om
/e
P-16
cannot provide services of different qualities for different applications.

To provide services of different qualities for different applications, the Wi-Fi Alliance
defines the Wi-Fi Multimedia (WMM) standard, which classifies data packets into four
access categories (ACs) in descending order, that is, AC-voice (AC-VO), AC-video
(AC-VI), AC-best effort (AC-BE), and AC-background (AC-BK). This standard ensures
that high-priority packets preempt channels.
A WMM profile is created to implement the WMM protocol. After a WMM profile is
created, packets with higher AP or STA priority preempt a wireless channel first,
Re
so
ur
ce
s:
ensuring better quality for voice and video services on WLANs.

You can configure WMM profiles to provide different services on STAs or APs with
ng
Choose Configuration > AP Management > Radio Profile > WMM Profile to display
ar
ni
different channel preemption capabilities and implement different QoS.

the WMM Profile page.
Le
On the WMM Profile page, click Create to display the Create WMM Profile page.
Mo
re
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
(Optional) Run the wmm edca ap { ac-vo | ac-vi | ac-be | ac-bk } { aifsn aifsn-value |
ecw ecwmin ecwmin-value ecwmax ecwmax-value | txoplimit txoplimit-value | ack-
ht
(Optional) Run the wmm edca client { ac-vo | ac-vi | ac-be | ac-bk } { aifsn aifsn-value
| ecw ecwmin ecwmin-value ecwmax ecwmax-value | txoplimit txoplimit-value }*
command to set EDCA parameters for the four WMM queues on a STA.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
policy { normal | noack } }* command to set EDCA parameters for the four WMM
queues on an AP.
A radio profile is a set of commonly-used basic radio parameters, including channel

mode, power mode, calibration switch, and calibration interval. If a radio is bound to a
ht
tp
:/
/l
ea
rn
in
g.
hu
aw
ei
.c
om
/e
P-19
ce
s:
radio profile, the radio has all parameters configured on the radio profile. Since one
radio profile can be bound with multiple radios, the radio profile can simplify radio
configuration.
Choose Configuration > AP Management > Radio Profile to display the Radio Profile
page.
On the Radio Profile page, click Create to display the Create Radio Profile page.
On the Create Radio Profile page, select or enter each parameter based on actual
requirements.
Click OK to save the parameter settings.
Mo
re
Le
ar
ni
ng
Re
so
ur
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
A traffic profile can be created, deleted, modified, and queried. The traffic profile
cannot be deleted after it is bound to an ESS. After a traffic profile is created, it must
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
be bound to an ESS and applied to the corresponding VAP.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
If a traffic profile configured with rate limit is applied, high
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
transmission rate of packets may result in packet loss.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
so
To forward an 802.11 packet sent from a STA to an Ethernet network, an AP converts

the 802.11 packet into an 802.3 packet. During this process:
The AP may retain the packet priority.
The AP may change the packet priority according to the VAP configuration.
The AP may map the user priority to the 802.1p priority.

The new priority can be stored in the CoS field or DSCP field (TC of IPv6
packets) or both.
ni

the 802.11 packet into an 802.3 packet. During the conversion, the AP maps the user
priority to a new priority and stores it in the CoS field of the 802.3 packet or the DSCP
field of the IP header.
Mo
re
Le
ar
IPv6 packets contain the traffic class (TC) field.
Re
VLAN tagged-802.3 packets transmitted on the Ethernet contain the CoS field.
If an 802.3 packet is also an IP packet, it also contains the DSCP field.
ur
s:
802.11 packets sent by STAs supporting WMM contain the user priority (UP)
field.
ce
ht
802.3 and 802.11 packets indicate their priorities with different fields, which can be
changed during the transmission and forwarding process on networks.
ng
aw
ei
.c
om
/e
Query the mapping mode of the upstream packets.
If the packet priority retains, the priority is 0.
If the priority is configured according to the VAP configuration, the

packet priority is set as the fixed value specified by the VAP.
If the UP-based mapping is set, the user priority is mapped to the
802.1p priority.
Configure the priorities according to the priority settings obtained from the
VAP.
If only the DSCP field is configured, and the packets are IP packets,
store the priorities in the DSCP field of the IP packet header.
If both CoS and DSCP fields are configured, perform the two
operations.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
If only the CoS field is configured, and the packets contain VLAN tags,
store the priorities in the CoS field of the 802.3 packets.
g.
hu
The conversion process is as follows:
in
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
When an upstream 802.3 packet is transmitted over a CAPWAP tunnel, it is

encapsulated as the valid payload of a CAPWAP packet and the QoS information
ht
ur
ce
s:
contained in the packet cannot be identified. Therefore, the device must implement
QoS mapping again on this upstream packet. The DSCP priority of the IPv4 packet
and the TC priority of the IPv6 are processed in the same way. Six mapping modes
are available: fixed CoS, fixed DSCP, mapping from CoS to CoS, mapping from CoS
to DSCP, mapping from DSCP to CoS, and mapping from DSCP to DSCP.
Query the mapping mode of the upstream packets according to the VAP
configurations.
ng
In fixed DSCP mode, set the DSCP priority of the CAPWAP packet to the fixed
DSCP value of the VAP. The CoS value is 0.
ar
In fixed CoS mode, set the CoS priority of the CAPWAP packet to the fixed
CoS value of the VAP. The DSCP value is 0.
ni
Re
so
In CoS to CoS mapping mode, set the CoS priority of the CAPWAP packet
according to the CoS->CAPWAP CoS mapping table of the VAP. The DSCP
Le
Mo
re
value is 0.
In CoS to DSCP mapping mode, set the DSCP priority of the CAPWAP packet
according to the CoS->CAPWAP DSCP mapping table of the VAP. The CoS
aw
ei
.c
om
/e
value is 0.
In DSCP to CoS mapping mode, set the CoS priority of the CAPWAP packet
according to the DSCP->CAPWAP CoS mapping table of the VAP. The DSCP
value is 0.
In DSCP to DSCP mapping mode, set the DSCP priority of the CAPWAP
packet according to the DSCP->CAPWAP DSCP mapping table of the VAP.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
in
g.
hu
The CoS value is 0.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
When an AP receives a packet forwarded by an AC, the AP should convert it to an

802.11 packet and forward it to an STA. The user priority in the 802.11 packet is
ht
ce
s:
determined by DSCP (TC in IPv6) or CoS field value, or set by a traffic classifier. The
traffic classification can be implemented based Layer 2 and Layer 3 parameters
carried in the packet. The AP obtains a new priority based on the mapping mode
configured on the VAP and stores it in the UP field of the 802.11 packet.
Query the mapping mode of the upstream packets according to the VAP
configurations.
Re
so
ur
If the packet priority retains, the priority is 0.
If traffic classification is configured, set the priority value based on the traffic
ng
classification result.
After mapping, the priority is stored in the UP field of the 802.11 packet.
Mo
re
Le
If the DSCP mapping is configured, maps the DSCP priority to UP.
ar
If the CoS mapping is configured, maps the CoS priority to UP.
ni
Upstream and downstream packets can be classified based on Layer 2, Layer 3 and
Layer 4 parameters. A priority can be obtained based on the traffic classification result
aw
ei
.c
om
/e
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
in
g.
hu
and stored in the packet. Layer 2 parameters that can be used for traffic classification
include: MAC DA, MAC SA, VLAN ID, IEEE802.1p) user priority, Ethernet type (such
as MAC Control, PPPoE, and PWE3). Layer 3 and Layer 4 parameters that can be
used for traffic classification include: the destination IP address, source IP address, IP
type (such as ICMP, IGMP, TCP, and UDP), IP ToS/DSCP, destination TCP/UDP port,
and source TCP/UDP port. IPv6 parameters that can be used for traffic classification
include: the source IP address, destination IP address, IP type, and flow label.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
After a traffic profile is created, parameters in the profile use default values. Run the
display traffic-profile { all | id profile-id | name profile-name } command to view the
ht
default configuration of a traffic profile.
s:
After receiving an 802.3 packet from the Ethernet network, the AP converts the 802.3
packet into an 802.11 packet and forwards it to the STA. The user priority in the
802.11 packet is determined by DSCP or CoS priority in the 802.3 packet or set by a
traffic classifier.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
tp
:/
/l
ea
rn
in
g.
hu
aw
ei
.c
om
/e
P-31
STA upstream rate limit(kbit/s): Upstream rate limit for a STA.
STA downstream rate limit(kbit/s): Downstream rate limit for a STA.
VAP upstream rate limit(kbit/s): Upstream rate limit for all terminals associating with a
VAP. The value must be larger than the upstream rate limit for a STA.
VAP downstream rate limit(kbit/s): Downstream rate limit for all terminals associating
with a VAP. The value must be larger than the downstream rate limit for a STA.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ur
ce

the 802.11 packet into an 802.3 packet. During this process:
The AP may retain the packet priority.
The AP may change the packet priority according to the VAP configuration.
The AP may map the user priority to the 802.1p priority.
so
Mo
re
Le
ar
ni
ng
AC queues can be classified into four types: AC_VO, AC_VI, AC_BE, and
AC_BK. They are listed in descending order.
s:
ht
What are the types of AC queues? Are they defined by default or do they need to be
manually configured on a STA?
Re
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Introduction to QoS and three service models:
ht
Quality of service (QoS) includes transmission bandwidth, transmission delay
ce
s:
and packet data loss for network services. To be specific, QoS provides endto-end quality guarantees for user services through a set of performance
indicators, including the bandwidth, delay, jitter, and packet loss ratio during
packet transmission.
ur
AC queues, EDCA parameters, CACU-APSD, and ACK.
Introduction to the traffic profile on the wired side:
ng
Re
Introduction to the WMM profile on the wireless side:
Priority mapping of upstream packets
ni
Three service models are available: the best effort model, IntServ model, and
DiffServ model.
so
Tunnel priority mapping of upstream packets

Priority mapping of downstream packets
Traffic policing
Mo
re
Le
ar
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
You need to clarify the basic requirements for WLAN network construction, such as
field strength requirements, bandwidth requirements, and the services to support.
Bring a drive test mobile phone to the site and conduct the onsite survey to obtain the
building drawings and measure the attenuation values of obstacles.
Make a deployment plan based on the survey result and customer requirements.
When you make the plan, consider frequency interference, network capacity, the
ce
s:
ht
ur
upper-layer network, and power supply.

Review the deployment plan. If it passes the approval, begin the onsite construction. If
not, modify the plan.
After the construction is complete, conduct the acceptance test using Huawei network
Re
so
ng
test tools and output an acceptance report. If the project is accepted, the WLAN
Mo
re
Le
ar
ni
deployment process ends.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Determine the key coverage area and secondary coverage area according to the site
survey and building drawings, and make coverage mode planning for areas with a
ht
high density of users.
s:
Determine the deployment modes (indoor settled, indoor distribution, and outdoor
coverage) according to site requirements.
ce
The transmit power of an AP is controlled to adjust the field strength of
The capability of an AP is limited. If a large number of STAs exist, more
Re
so
ur
covered areas. Before planning the WLAN network, consider the following
points:
APs need to be deployed.
APs provide a limited bandwidth. If there is high requirement on the
ng
bandwidth, more APs need to be deployed.

Select the AC inline or bypass networking mode according to site
requirements.
ni
Mo
re
Le
ar
You can use AC power or PoE switches to supply power.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Conduct the site survey to obtain detailed building drawings and learn the building
structure.
Check the coverage area for wireless interference sources and 2G/3G antennas.
Perform outdoor survey to determine the method for installing APs (pole mounted or
wall mounted), and check the frequency band, transmit power, and antenna direction
of APs already deployed on the site.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Indoor settled deployment: This mode is widely used because the installation is easy
and the AP position is flexible. An AP can provide signal coverage since it is
ht
s:
connected to a network and powered on. When using this mode, you need to consider
network access, signal interference, and power supply.
Indoor distributed deployment: You can use a small number of APs since couplers are
used to integrate WLAN signals to the planned indoor distribution system. When using
this mode, you need to consider the antenna installation and bandwidth requirements.
Outdoor coverage: This mode is used when WLAN cannot be deployed indoors or
when you construct a wireless city. When using this mode, you need to consider the
sector coverage, antenna selection, wireless network bridges selection.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
In Japan, channel 14 uses only the direct sequence spread spectrum (DSSS) and
complementary code keying (CCK) modulation modes but not orthogonal frequency
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
division multiplexing (OFDM).
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Center frequency = 5000 + 5 x Nch
The standard frequency band in China can be extended to 5.850 GHz on the basis of
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
UNII high frequency band. Five non-overlapping channels are provided.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ht
Channels 1 to 9 or Channels 5 to 13 are used in Europe.
Channels 1 to 7 or Channels 5 to 11 are used in America.
802.11n provides two frequency band modes: HT20 and HT40.

HT20 provides high signal compatibility. For example, when 802.11b and 802.11g
signals co-exist in an area, you can set the HT20 mode to reduce interference
ur
ce
2.4 GHz channel planning in HT40 mode:
s:
In HT40 mode, a 2.4 G network has only two non-overlapping channels 3 and 11
ar
ni
ng
Re
so
between the two signals.

HT40 provides high performance. In HT40 mode, two neighboring 20 MHz channels
are bundled to form a 40 MHz channel. One channel is the main channel, and the
other the auxiliary channel. The main channel sends Beacon packets and data
packets, and the auxiliary channel sends other packets.
It is recommended that you use the 5 GHz but not 2.4 GHz in an area with cellular
signal coverage because the bandwidth in HT40 mode is 40 Mbit/s.
among the valid channels 3 to 13. Interference between APs is unavoidable.
Le
This table lists the 5 GHz frequency band in HT40 mode used in America and China.
Mo
re
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
To prevent interference between channels, the interval between center frequencies of

each two channels in the 2.4 GHz frequency band must be larger than or equal to 25
ht
MHz. It is recommended that channels 1, 6, and 11 be used in overlapping mode.
s:
In the 5.8 GHz frequency band, non-overlapping channels 149, 153, 157, 161, and
165 are used, with 20 MHz of separation between each two channels.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Use the channel distribution with the lowest co-channel interference to prevent cross
floor interference.
If the AP's channels conflict with channels of users' Wi-Fi devices, adjust the channel
distribution.
If channel conflicts cannot be avoided by adjusting APs' channel distribution, discuss

with the owners of the Wi-Fi devices to re-distribute the channels.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
If directional antennas are used, you can prevent channel conflicts by adjusting the
antenna directions. In this way, you can make full use the channels that have been
ht
planned.
s:
For example, in outdoor coverage scenarios, you can install APs on poles or towers in
back-to-back mode. This fully uses the channels in different sectors that provide
signal coverage in different directions, improving channel utilization.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
APs are directly connected to the AC or connected to the AC through a switch. All
data is forwarded by the AC. Service data is not encapsulated by CAPWAP. The
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
service data is transparently transmitted by service VLANs. The AC must have high
forwarding performance. If there are a few APs and traffic volume is not high, this
mode can be used.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
APs are directly connected to the AC or connected to the AC through a switch. All
data is forwarded by the AC. Service data is encapsulated by CAPWAP and is
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
transparently transmitted by the management VLAN. The CAPWAP encapsulation

and decapsulation are carried out by the AC. This mode is simple, but requires that
the AC must have high forwarding performance.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The AC is connected to an aggregation switch. AP's management data is forwarded

to the AC through the switch. Service data is not processed by the AC. The AC is
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
connected to the existing network in bypass mode. This mode has little impact on the
existing network.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The AC is connected to an aggregation switch. AP's management data is forwarded

to the AC through the switch. All data is forwarded by the AC. Service data is
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
encapsulated by CAPWAP and is transparently transmitted by the management

VLAN. The CAPWAP encapsulation and decapsulation are carried out by the AC. The
AC is connected to the existing network in bypass mode. This mode has little impact
on the existing network.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
This table lists some common data services. The minimum downstream and upstream
bandwidth must be ensured for these services.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The bandwidth of each AP must be available bandwidth. As the number of access

users increases, the total available bandwidth decreases. It is recommended that less
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
than 30 users be connected to each AP. (For details about AP's capability, see the
product manual.)
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Calculate the AP's coverage based on AP's transmit power, antenna gain, and signal
loss. Place the AP according to its coverage radius.
When the AP's signal traverses the wall from outdoors to indoors, determine whether
signal loss affects indoor signal strength. If indoor signal is weak, add more APs to
increase signal strength indoors.
If signals traverse a barrier with a degree, the traverse depth is larger than that when
ce
s:
ht
so
In the area containing a lot of access users, AP density should be high, ensuring that
each user connected to the AP can obtain guaranteed bandwidth.
Mo
re
Le
ar
ni
ng
Re
ur
signals traverse the barrier vertically. Therefore, vertical traverse reduces signal loss.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
You can use Huawei eSight WLAN Planner to import building drawings and set
various obstacles.
The tool supports automatic AP deployment, facilitating the planning of AP position

and channel.
The tool can display the signal strength and SNR by figures.
The tool allows you to export standard planning reports, facilitating communication
Mo
re
Le
ar
ni
ng
Re
so
with the customer.
ur
ce
s:
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
You can know the penetration loss of some obstacles through site survey and
experiences. These values help AP planning and signal strength rendering.
In the scenario where APs are deployed outdoors to support indoor wireless access,
wireless signal strength decreases when signals penetrate glasses, walls, or wooden
doors. You need to consider the penetration loss into link budgets.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Co-channel interference may be caused by incorrect WLAN planning or come from

WLAN devices of other users. To prevent co-channel interference, perform onsite RF
ht
Improve frequency multiplexing efficiency and ensure that the same signal channel is
not used in a coverage area or adjacent coverage areas. Use the isolation degree
so
ur
ce
s:
scanning and unified AP planning during the survey and planning stage and adjust
APs' transmit power and antenna direction to control signal coverage in the
optimization stage. Perform RF scanning in onsite survey to check wireless
environment, negotiate channel usage with other carriers or wireless router users to
avoid co-channel interference.
interference.
Re
formed by surrounding environment for channel planning to prevent co-channel
Use directional and intelligent antennas to reduce internal signal interference.

Omnidirectional antennas are not recommended for networking of many APs.
Adjust transmit power and feeder system to reduce impact of co-channel interference
ni
ng
Mo
re
Le
ar
on AP performance.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
When the interval between center frequencies of two channels is smaller than 25 MHz,
there is signal overlapping between the two channels. You can use adjacent channels
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
to increase available center frequencies. Usually, non-overlapping channels 1, 6, and

11 are used for the 2.4 GHz frequency band.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Microwave ovens, cordless phones, and Bluetooth devices are non-WLAN

interference sources that use 2.4 GHz frequency band.
Wireless cameras and routers are other WLAN interference sources.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
If many STAs associate with the same AP, a large number of STAs and services
compete for this AP resource, causing QoS deterioration. If this AP keeps this state
ht
s:
for a long period whereas its adjacent AP is lightly-loaded, the entire network is
unstable, reducing the overall efficiency and performance.
When a network is not load balanced, STAs switch among APs randomly. A large
number of STAs disconnect from the original AP and try to associate with an AP on a
hotspot area, but the association may fail. When the number of STAs connected to
that AP reaches the threshold, new STAs cannot associate with the AP or the
association causes network congestion and service interruption.
A few APs on hotspot areas are fully-loaded whereas other APs are not used, causing
Re
so
ur
ce
Mo
re
Le
ar
ni
ng
waste of network resources.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
An AC performs load balancing between APs when STAs connect to these APs.
Each AP periodically reports STA association information to the AC, and the AC
ht
distributes user traffic among APs based on received STA association information.
s:
When a STA sends an association request to an AP, the AC checks whether the
number of STAs connected to the AP has reached the threshold. If the number of
STAs is smaller than the threshold, the AC instructs the AP to accept the association
ce
As shown in this figure, STA1 requests to associate with AP1. However, the number
Re
so
ur
request. Otherwise, the AC determines whether to accept the association request

according to the load balancing configuration.
Mo
re
Le
ar
ni
ng
of STAs connected to AP1 has reached the threshold, so STA1 associates with AP2.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
As shown in this figure, a WLAN has three APs. The coverage area of AP1 does not
overlap the coverage areas of AP2 and AP3. The AC load balances traffic among
ht
This example shows that load balancing can be implemented among APs only when
the APs are connected to the same AC and all these APs can be discovered by a
so
ur
ce
s:
APs. When STA1 sends an association request to AP1, the AC detects that the
number of STAs connected to AP1 has reached the threshold. Therefore, the AC
instructs AP1 to reject the association request of STA1. STA1 then attempts to
connect to AP2 or AP3. Because STA1 is not in the coverage area of AP2 and AP3,
STA1 finally associates with AP1.
Mo
re
Le
ar
ni
ng
Re
STA.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Traffic-based load balancing: Traffic is load balanced based on the difference

between the traffic volume on different radios. The traffic-based load balancing
ht
algorithm is as follows:
s:
Load percentage of a radio = (Traffic rate of the radio/Maximum rate of the
radio) x 100%
so
The AC compares load percentages of all radios in the load balancing group
and obtains the smallest load percentage value. When a STA requests to
Re
ce
The AC calculates the load percentage of each radio in a load balancing group
using the formula:
ur
associate with an AP radio, the AC calculates the difference between the
ng
radio's load percentage and the smallest load percentage value and compares
the load difference with the threshold (configured using a command). If the
ni
load difference is smaller than the threshold, the AC allows the STA to
associate with the radio. If not, the AC rejects the association request of the
Le
ar
STA. If the STA continues sending association requests to this AP, the AC
allows the STA to associate with the AP when the number of association
Mo
re
requests sent by the STA exceeds the maximum number configured on the AC.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Session-based load balancing: Traffic is load balanced based on differences between

STA quantities on different radios. The session-based load balancing algorithm is as
ht
follows:
s:
The AC calculates the load percentage of each radio in a load balancing group
using the formula:
ce
Load percentage of a radio = (Number of associated STAs on the
so
The AC compares load percentages of all radios in the load balancing group
and obtains the smallest load percentage value. When a STA requests to
Re
ur
radio/Maximum number of STAs allowed on the radio) x 100%
associate with an AP radio, the AC calculates the difference between the
ng
radio's load percentage and the smallest load percentage value and compares
the load difference with the threshold (configured using a command). If the
ni
load difference is smaller than the threshold, the AC allows the STA to
associate with the radio. If not, the AC rejects the association request of the
Le
ar
STA. If the STA continues sending association requests to this AP, the AC
allows the STA to associate with the AP when the number of association
Mo
re
requests sent by the STA exceeds the maximum number configured on the AC.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Session-based load balancing is recommended. To implement session-based load

balancing, set the maximum gap between the numbers of STAs connected to APs on
ht
s:
an AC. When the threshold is exceeded, an AP starts load balancing and rejects the
association request from any STA.
When the difference between the number of STAs on each radio is smaller than the
threshold, the AP accepts the association request from a STA.
By default, a load balancing group uses the session-based load balancing mode.
Load difference between radios in the group is 4% (value range 1 to 100), and the
maximum number of association attempts is 6 (value range 1 to 30). If the number of
times a STA requests to associate with a radio exceeds the threshold, the STA is
allowed to associate with the radio regardless of whether the traffic is balanced in the
load balancing group.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Why do people need to plan channels and how do they plan channels?
ht
To prevent interference between channels, the interval between center
ce
s:
frequencies of each two channels in the 2.4 GHz frequency band must be
larger than or equal to 25 MHz. It is recommended that channels 1, 6, and 11
be used in overlapping mode.
In the 5.8 GHz frequency band, non-overlapping channels 149, 153, 157, 161,
so
What are the major WLAN network designs?

Direct forwarding in inline mode
Tunnel forwarding in inline mode
Direct forwarding in bypass mode
Tunnel forwarding in bypass mode
ng
Re
Mo
re
Le
ar
ni
ur
and 165 are used, with 20 MHz of separation between each two channels.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
As various Wi-Fi terminals are developed and WLAN sizes increase, WLAN is widely
used and a lot of new service requirements emerge. WLAN is applied to many new
ht
scenarios. Currently, WLAN is mainly used in the following scenarios:
s:
Campus
Network size is large and the network needs to operate various

services. The campus WLAN usually covers teaching buildings, library,
ce
Public area
The public area, such as coach station, railway station, airport lounge,
restaurant, amusement park, library, hospital, and large gymnasium,
Re
so
ur
restaurant, apartments, gymnasium, and playground.
Exhibition center
ni
ng
has temporary and mobile troops and high population density.
ar
Office building
Mo
re
Le
The exhibition center also has temporary and mobile troops and high
population density.
The office building features in large area and middle height. The WLAN
covers meeting rooms, restaurant, and office area.
The hotels have different areas and heights. The WLANs cover guest
Hotel
aw
ei
.c
om
/e
rooms, halls, meeting rooms, restaurants, and entertainment places.

Industrial park
The industrial park covers workshop, office building, apartment, and

outdoor area. This scenario is similar to campus network.
Residential area
The residential areas have various structures, and most homes access
g.
hu
wired networks. Therefore, wired networks are the most important way
to access the Internet.
in
Pedestrian
The WLAN covers streets, rest places, entertainment places, and
rn
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
shops along streets.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Indoor settled APs have lower power, 100 mW usually. They can use multiple
antenna arrays to support 2x2 MIMO and 3x3MIMO, providing high throughput.
Indoor distributed AP is also called high-power AP. The indoor distributed system
enlarges signal coverage area, and works with the 2G/3G indoor distribution system
to provide signal coverage. The indoor distributed system is a cost-effective solution.
Outdoor APs are applicable to rugged environment. Compared with indoor APs,
ce
s:
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
outdoor APs have higher waterproof, surge protection, and dust-proof capabilities.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Case:
ht
Requirement analysis: An office area has 200 employees. The user concurrent
rate is 75%. Each user must be assigned 2 Mbps bandwidth.

Site survey: The employees are separated by glass, plasterboard, and loadbearing walls.
Network design:
ur
ce
s:
Deploy the indoor settled APs with dual bands: 2.4 GHz and 5 GHz.
Available channels at 2.4 GHz: channels 1, 6, and 11; available

frequencies at 5 GHz: 149, 153, 157, 161, and 165.
Each AP covers 8-12 meters.
Number of concurrent users is 150, and each AP connects to 40 users;

therefore, four (150/40) APs are required.
Device configuration: 10 dBm@2.4 GHz, 20 dBm@5 GHz
Mo
re
Le
ar
ni
ng
Re
so
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
For the indoor areas such as meeting rooms and coffee houses, the wall-mount or
ceiling-mount APs are recommended.
For the ordinary guest room, the ceiling-mount APs can be installed in corridor. For
the VIP guest rooms, the antennas can be deployed in the rooms.
The office building has a wide indoor area, and the rooms are separated by walls. The
ceiling-mount APs installed in the corridor can offer signals for ordinary offices.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Local powering is inconvenient. In addition, the exposed power cables bring security
risks.
PoE adaptor powering: The PoE module is a potential failure point.
PoE switch powering is convenient, stable, and safe.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
In most countries, the available channels at 2.4 GHz are 1-13 and 1-14, and there are
three available non-overlapping channels.
The frequencies at 5 GHz vary according to countries and regions. They are mainly
distributed at 5.1-5.3 GHz, 5.4-5.7 GHz, and 5.8 GHz. Before planning the network,
determine the available frequencies.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
If the terminals and APs are separated by blocks, consider the penetration loss and
the incidence angle of signals traversing the walls.
In the premise of meeting receiver sensitivity requirement, reserve certain link margin
in case of extra loss. If the reserved link margin is high, the wireless system has high
capability to overcome signal transmission loss, and communication quality is high.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Example:
ht
An office has 150 2.4 GHz terminals. The concurrent user rate is 60%. The
bandwidth requirement is: 2 Mbps downlink and 1 Mbps uplink.
s:
Each AP connects to 20 terminals. The number of required APs is 4.5

(150*60%/20) in the case of no interference. Therefore five APs are required.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
More and more companies choose mobile offices today. Existing network interfaces
cannot meet growth requirement of new employees, and adding network interfaces
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
will cause office reconstruction. In addition, wired network cannot meet mobile office
requirements. Wireless network remedies the defects of wired network.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The half-open area has a few obstacles.

The office area contains enclosed rooms, and the walls' materials may be
different.
s:
ht
Office buildings have the following command characteristics:
User density is high, requiring high network capacity and stability.
Users have mobile office requirement.
ur
ce
Signals must cover a large area for high density users. The half-open structure has a
few obstacles. The indoor settled system is recommended because of its high
capacity and easy installation.
2.4 GHz & 5 GHz dual frequency needs to be supported to increase bandwidth.
Mo
re
Le
ar
ni
ng
Re
so
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ht
The half-open area has a few obstacles, so it is recommended to use fewer APs to
reduce signal interference. Less than 3 APs are recommended in a short distance.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
The building has five floors. Signal leaking may occur between floors. Therefore,
the signals of different floors must overlap.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Wireless network and wired network are connected seamlessly, and there is no
physical connection failures. Network access is convenient.
Wireless network is easy and fast to deploy. Network deployment has little impact on
hotel operation.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Signal coverage is the primary goal for a hotel. Before planning the wireless network,
check the hotel's decoration and wall material.
Hotel rooms have the following common characteristics:
ht
s:
Indoor distributed AP has only one antenna output interface, and does not support
MIMO.
Mo
re
Le
ar
ni
ng
Re
so
Guests are equally distributed in rooms. Medium user density
ur
The wash rooms are close to corridors and separated by plasterboards or brick
walls.
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
In some scenarios, antennas cannot be deployed in rooms due to the limit of

decoration and cable deployment. In these scenarios, antennas can be installed in
ht
It is recommended to test signal strength by simulating antenna coverage area,

distribution, and output power.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
corridors; however, signal strength is weakened. Due to the impact of obstacles and
decoration materials, signal strength in some corners may be weak.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
A high-gain antenna provides weak signal strength for the areas under the antenna.
To cover a small area (< 500 meters), choose a low-gain antenna, which provides
ht
high signal strength in nearby areas.
s:
When coverage area is small (< 300 meters) and coverage angle is larger than 120,
the omnidirectional antenna is recommended. When coverage area is large and
coverage angle is small, the directional antenna is recommended.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
A high-gain antenna provides weak signal strength for the areas under the antenna.
To cover a small area (< 500 meters), choose a low-gain antenna, which provides
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
high signal strength in nearby areas.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
A wireless distribution system (WDS) connects two or more wired or wireless LANs
wirelessly to establish a large network.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Measure the backhaul distance using Google Earth or GPS tester, and measure the
distance on site.
Use 5 GHz for WDS backhaul, and 2.4 GHz for user access.
The frequencies at 5 GHz vary according to countries and regions. Choose

appropriate frequencies. If there is radar on site, do not use the frequencies conflicting
with the radar.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
After measuring the coverage distance, calculate the gain using the distance longer
than that you measured. When selecting the antennas, consider the coverage
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
distance and ensure signal coverage for the nearby areas.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ht
Consider the following aspects when designing wireless network capacity:

Device performance
Number of concurrent users
Bandwidth requirement
Interference
ce
s:
Mo
re
Le
ar
ni
ng
Re
so
ur
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
As the WLAN technology improves, enterprises are increasing investments in the

construction of WLAN, deploying WLAN in hotspot areas such as office buildings,
hotels, and airports to meet users' increasing requirements.
Compared with a wired LAN, WLAN has wide coverage and high mobility and is
easier to install and expand. However, it is difficult to deploy a WLAN.
Signal quality: The quality of wireless signals is determined by the distance between
terminals and the closest APs. It decreases as the distance increases.
so
ur
ce
s:
ht
Coverage: The performance of a wireless network is affected by network
ng
Signal interference: A WLAN can be affected by surroundings such as

microwaves, wires, and multipath interference.
The preceding challenges impose higher requirements on technical engineers'
ni
Re
coverage and layout of the buildings.
The WLAN Planner, as a auxiliary tool for wireless network planning, provides
functions of environment planning, AP deployment, network signal simulation, and
Le
ar
skills in deploying the WLAN.
automatic report export, which helps technical engineers with network planning and
Mo
re
improves work efficiency.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
WLAN Planner Characteristics
ht
Environment planning
The WLAN Planner can be used to customize the materials of walls,

windows, and doors and draw coverage areas and dead zones.
AP deployment
ur
ce
s:
It can be used to automatically calculate the number and location of APs,
Network signal simulation
Report management
ni
re
Le
ar
Mo
It can be used to view drawings of signal coverage and location.
ng
Re
so
as well as deploy APs manually and adjust coverage of the signals based
on the building drawing and coverage requirements.
This function allows users to export the planning reports.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Common toolbar : Provides shortcut icons of the common operations.
2.
Shortcut toolbar : Allow users to quickly create a project, open a project, and
calculate the number of APs.
3.
Project list : Lists the projects that have been created.
4.
Planning flow diagram : Provides flow diagram for using the WLAN Planner.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
1.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The number of APs that need to be deployed is automatically calculated based on the
actual area of the deployment environment, the number of concurrent users, and a
single user's bandwidth requirements.
The sales personnel use the WLAN Planner to preevaluate the number of APs,
modify the number as required, and make a business quotation based on users'
requirements on the coverage of wireless signals.
1.
ur
ce
s:
ht
On the home page of the WLAN Planner, click AP Calculator. The AP
so
Calculator page is displayed.

Select the AP type to be deployed.
3.
Select the Bandwidth to be deployed.
4.
Select the environment mode as required in the Environment type dialog box.
ni
ng
Re
2.
Le
ar
such as office buildings and factories.

Tunnel environment: The deployment environment is tunnel, such as
tunnels and corridors.
re
Semi-open environment: The deployment environment is semi-open,
Open environment: The deployment environment is open, such as
Mo
stadiums and squares.
Closed environment: The deployment environment is closed, such as
boxes and rooms.

5.
Enter area of the network to be planned and performance parameters.
6.
Click OK.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
This topic describes how to configure the global attributes of the WLAN Planner.
Global Configuration:
ht
On the home page, click Configure. The Configure page is displayed.
2.
On the Configure page, click Global Configuration.
3.
On the Basic Setting and Advanced Setting tab pages of the Configure page,
configure the global parameters.
4.
Click OK.
so
ur
ce
s:
1.
Frequency for Automatic AP Deployment: 2.4 G, 5 G.
Throughput Calculation By SNR, By field strength.
Mo
re
Le
ar
ni
ng
Re
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
User can bind antennas to pre-defined system APs.
The transit and receive capabilities of an AP are determined by the type of the AP.
Different types of antennas are different in transmit power and receive sensitivity.
ht
s:
Users can configure the type of the antennas in the Bind AP Antenna interface.
2.
On the Configure page, select Bind AP Antenna.
ur
so
On the Bind AP Antenna tab page, click Operate icon in the Operate list to
open the Bind Antenna interface.
Re
3.
ce
1.
NOTE: Antennas can only be bound to APs whose Built-in Antennas are
shown as No.
ng
Configure the 2.4G and 5G antenna type in the Bind Antenna interface.
5.
Click OK.
Mo
re
Le
ar
ni
4.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The WLAN Planner preconfigures five default types of switch devices: S2700-26TPPWR-EI, S2700-9TP-PWR-EI, S3700-26C-HI, S5700-28C-PWR-EI, and S5700-52CPWR-EI. These switch types cannot be deleted.
The WLAN Planner supports the function of planning and deploying the third-party
switches. Users can customize the switches type on the Preconfigured Switch page
and deploy the customized switch on the Routing and Power Supply tab page.
ur
ce
s:
ht
2.
On the Configure page, click + Preconfigured Switch.
Re
so
1.
On the Preconfigured Switch tab page, click . The New Switch Type page is
displayed.
4.
Enter the parameters for customizing the switch.
5.
Click OK.
Mo
re
Le
ar
ni
ng
3.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
WLAN signals are related to the blocking capacity of the obstacles. Different
obstacles have different blocking capacity. Users can customize the obstacle type on
the Preconfigured Obstacle page and draw different types of obstacles on the
ht
s:
drawing.
The WLAN Planner preconfigures ten default types of obstacles, such as wooden
doors, concrete, and glass windows. These obstacle types cannot be deleted.
Procedure:
so
ur
ce
On the Configure page, click Preconfigured Obstacle.

On the Preconfigured Obstacle tab page, click + . The New Obstacle Type
page is displayed.
ni
ng
Re
On the New Obstacle Type page, enter the parameters for customizing the
ar
obstacle.
Click OK.
Mo
re
Le
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Before technical engineers design the wireless network, make clear the users'
requirements on the wireless network planning, including requirements on frequency
band, bandwidth, signals, the number of users who are connected to the wireless
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
network, cabling, and services. Obtain basic information about the project, including
diagrams of building layout, weak current cabling, and strong current cabling. Plan the
WLAN network using the WLAN Planner, calculate the number and location of APs,
and export the planning reports to provide reference for the on-site implementation
engineers. this slide describes the detailed procedure.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Before you use the WLAN Planner to plan the WLAN network, you need to create a
project, select a country, and set the environment type first.
Create a project.
s:
ht
On the home page, click Create Project. The Create Project page is displayed.
2.
Enter the project name.
3.
Select the country or area.
ur
ce
1.
Select Indoor in Environment Type area and select the corresponding

environment mode.
ni
4.
ng
Re
so
NOTE: Different countries or area use different wireless channels. Select the
corresponding country or region when creating a new project. In this way,
the WLAN Planer automatically filters out channels that cannot be used
in this country.
ar
Click OK.
Mo
re
Le
5.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
After you create a project, you need to add a building and import the drawing, so that
you can set the environment type and deploy APs on the drawing to simulate the
WLAN network.
Procedure
On the home page of the WLAN planning project, select project nodes.
Click building icon. The Add new building page is displayed.
Enter the name and import the drawing and click OK.
How to set building and floor parameters.
ng
Create a floor: Right-click a building node and select Add New Floor. Set Floor
Number, Name, and Drawing, and click OK.
Update a drawing: Right-click the newly added building node and select Update
ni
Re
so
ur
ce
s:
ht
ar
Drawing to update a drawing for the floor.

Create multiple floors and import drawings: Right-click a building node and
select Import Drawings in Batches. The WLAN Planner will then create multiple
Le
Mo
re
floors and import a drawing for each floor based on the number of drawings.
Set floor attributes: Right-click a floor node and select Property. Set Floor
Height, Floor Materials, 2.4G Attenuator, and 5G Attenuator, and click OK.
Adjust the floor sequence: Directly drag a floor node to adjust the floor
sequence.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ht
Configure the scale.

1.
On the floor page, click Set Scale. The mouse status changes to .
2.
Click the start point of the scale on the drawing.

Click the end point of the scale on the drawing. The Set Scale dialog box is
displayed.
ur
ce
3.
s:
Enter the drawing scale interface and select the unit as required.
5.
Click OK. The scale is displayed on the drawing.
Mo
re
Le
ar
ni
ng
Re
so
4.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Adjust the datum mark.
The datum marks of all the floors must be on the same vertical line.
You can manually drag the datum marks of multiple floors to align them, to better
simulate actual environment among the floors.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Configure the obstacle.

1.
ht
Select the obstacle type from the toolbar of the drawing.
NOTE: Users can customize the obstacle type. For detailed procedure,
see Preconfiguring an Obstacle.
ce
s:
Select an obstacle figure, such as rectangle or polyline, from the toolbar.
3.
Draw obstacles based on actual environment.
Mo
re
Le
ar
ni
ng
Re
so
ur
2.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
s:
You can select the shapes of the coverage area, including polygon or
rectangular in the coverage area drawing toolbar.
Draw the coverage area.
5.
Right-click or double-click the created coverage area.
Re
ng
Select Property. The Coverage dialog box is displayed. Modify the attributes of
this coverage area.
Click Save.
re
Le
ar
7.
so
4.
6.
Mo
tp
:/
3.
Select the coverage area type from the toolbar.
ce
2.
On the home page of the WLAN planning project, click Environment Setting.
The Environment Setting page is displayed.
ur
1.
ht
Configure the coverage area.
ni
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
On the home page of the WLAN planning project, click Environment Setting.
The Environment Setting page is displayed.
s:
1.
ht
Configure the interference source.
2.
In the toolbar, click the interference source icon.
3.
Click on the drawing to add an interference source.
ur
ce
NOTE: Click repeatedly to add multiple interference sources to the drawing.
so
Right-click to end this operation.

Right-click the interference source icon.
5.
Select Property. The interference source dialog box is displayed.
6.
Configure the attribute as required.
7.
Click Save.
Mo
re
Le
ar
ni
ng
Re
4.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
1.
Select the AP deployment area from the toolbar.
2.
Draw AP deployment area.
ce
ur
so
Re
ng
ni
ar
Le
re
Mo
tp
ht
Configure the AP deployment area.
s:
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Deploy manually.
1.
ht
Users can deploy APs manually based on the actual environment and
deployment experience. Users can perform operations such as adding APs,
s:
deleting APs, adjusting AP location, and configuring AP attributes.

On the home page of the WLAN Planner, click AP Deployment. The AP
deployment page is displayed.
3.
Select the AP type to be deployed from the toolbar.
4.
Deploy APs manually in the drawing.
5.
Right-click the AP icon.
6.
Select Property. The dialog box of AP attributes is displayed. Configure AP
ng
Re
so
ur
ce
2.
Click Save.
Mo
re
Le
ar
7.
ni
attribute.
Deploy automatically.
The WLAN Planner automatically calculates the number, location, and
aw
ei
.c
om
/e
1.
signaling channels of APs based on the obstacle status and requirements on

the coverage areas (such as the AP type, minimum field strength, and signal
type), and places the calculated APs in the drawing.

2.
On the home page of the WLAN Planner, click AP Deployment. The AP

deployment page is displayed.
Click Automatic Deployment to deploy APs.
4.
After adjusting the location or attributes of APs, obstacles, and coverage areas,
users can click Channel Calculation to recalculate the AP signaling channels.
This step is optional.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
in
g.
hu
3.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Simulate the environment wireless signals.
Preview the coverage of wireless signals by signal simulation diagram and determine
whether it meets the designing requirements. This tool is available for Received Signal
Strength Indication (RSSI) simulation diagram, Signal to Interference plus Noise Ratio
(SINR) simulation diagram, physical layer throughput diagram, and application layer
throughput diagram.
ce
s:
ht
Select the type of simulation diagram.
2.
Click Open Simulation to export the simulation graph.
3.
After adjusting the location or attributes of APs, obstacles, and coverage areas,
users can click Refresh Simulation to refresh the simulation graph. This step is
optional.
4.
Optional: After adjusting the location or attributes of APs, obstacles, and

coverage areas, you can click Refresh Simulation to refresh the simulation
graph. This step is optional.
Mo
re
Le
ar
ni
ng
Re
so
ur
1.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
On the home page of the WLAN planning project, click AP Deployment.
The AP Deployment page is displayed.
2.
In the toolbar, Click Access Simulation.
3.
Configure the information about the simulation access point in the dialog
box.
4.
Deploy the simulation access points.
5.
Right-click each simulation access point and select View to view

information about accessible sources of this point.
Re
so
ur
ce
1.
ar
Le
re
Mo
tp
s:
Access point simulation is used to simulate the information about wireless

signal sources that can be received by a single access point, such as
information about frequency, signaling channels, and field strength.
ni
ht
Simulate access points.
ng
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
After AP deployment is complete, deploy switches and connect APs and switches using
network cables to provide reference for implementation engineers.
Procedure:
ht
On the home page of the WLAN planning project, click Routing and Power Supply. The
Routing and Power Supply page is displayed.
2.
Deploy switches.
ur
ce
s:
1.
Select the switch type to be deployed from the toolbar.
Deploy switches on the drawing.

Right-click the switch icon and select Property. The dialog box of switch attributes is
displayed. Configure the switch attributes.
Re
so
Deploy ACs.
Select the AC type to be deployed from the toolbar.

Deploy ACs on the drawing.
ar
ni
3.
Click Save.
ng
Le
NOTE: Click View Planned Resource on the toolbar at the bottom to view the APs
and switches deployed on the drawing.
Select the network cable type from the toolbar.
re
4.
Mo
5.
Click and draw network cables on the drawing to connect APs, switches, and ACs.
NOTE: The WLAN Planner allows you to connect devices of different types only.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The WLAN Planner allows users to export detailed planning reports, AP lists, and
material lists to provide reference for implementation engineers.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
Click Generate WLAN Planning Report. The WLAN Planning Report dialog box
is displayed.
Select the planning map.
4.
Select the content to be exported.
5.
Select the language of the network planning reports.
6.
Select the format of the network planning reports.
7.
Click Generate
Re
so
ur
3.
ni
ar
Le
re
Mo
tp
s:
2.
On the home page of the WLAN planning project, click Import and Export. The
page for import and export is displayed.
ce
1.
ht
Export the network planning reports.
ng
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
s:
ht
Export the AP lists.
Click Export AP List. The AP Bill dialog box is displayed.
Select planning maps.
Click Export.
ce
Mo
re
Le
ar
ni
ng
Re
so
ur
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
s:
ht
Export material lists.
Click Export Materiel Bill. The Materiel List dialog box is displayed.
Select planning maps.
Click Export.
ce
Mo
re
Le
ar
ni
ng
Re
so
ur
WLAN Planner Characteristics
ht
tp
:/
/l
ea
rn
in
g.
hu
aw
ei
.c
om
/e
Course name
Environment planning
The WLAN Planner can be used to customize the materials of walls,

windows, and doors and draw coverage areas and dead zones.
AP deployment
ur
ce
s:
It can be used to automatically calculate the number and location of APs,
Network signal simulation
Report management
ni
It can be used to view drawings of signal coverage and location.
ng
Re
so
as well as deploy APs manually and adjust coverage of the signals based
on the building drawing and coverage requirements.
This function allows users to export the planning reports.
Mo
re
Le
ar
x-33
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Any customer:
ht
eSight provides multiple editions to meet management and business
requirements of different enterprises.
s:
Any service:
Service-oriented SLA, directly presenting the service quality
Visible WLAN management and wizard-based service configuration

Unified network monitoring through MPLS VPN and one-click fault diagnosis
ar
ng
so
Unified management on multi-vendor IP and IT devices reduces network

management costs.
Re
ur
Any device:
ni
The open secondary development platform and API facilitate enterprises to

integrate existing systems and develop personalized tools.
ce
O&M: operation and maintenance
Le
API: application programming interface
re
SLA: Service Level Agreement
Mo
MPLS VPN: Multiprotocol Label Switching virtual private network
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
NE: network element
IPSec: Internet Protocol Security
VPN: virtual private network
MPLS: Multiprotocol Label Switching
SLA: service level agreement
s:
ce
ur
so
Re
ng
ni
ar
Le
re
Mo
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
eSight employs the browser/server (B/S) architecture. It can only be installed on the
server, and a client can access eSight through the browser supported by the client's
operating system.
Server environment:
ce
ur
The server of the compact edition runs on the Windows 7 operating system,
and its database is MySQL 5.5.
The server of the standard edition runs on the Windows 2008 Server platform,
and its databases are MySQL 5.5 and SQL Server 2008.
The server of the professional edition can run either on the Linux operating
system or the Windows 2008 Server platform. When running on the Linux
operating system, the server database is Oracle 11g; when running on the
Windows 2008 Server platform, the server databases are MySQL 5.5 and SQL
Server 2008.
Client environment:
Mo
re
Le
ar
ni
so
The eSight edition (compact, standard, or professional) selected determines

the server operating system.
Re
The server configurations depend on the number of managed nodes. The

configurations include CPU, memory, and hard disk.
ng
s:
ht
The client can only determine the browser version and device memory. The
supported browser versions are IE 8.0 and Firefox 3.6, and the device memory
must be no less than 1 GB.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Wizard-based service configuration:
ht
Originally it takes 100 minutes to enable services on 100 APs. With this
configuration wizard, it takes only 10 minutes.

Service view
s:
View the Control and Provisioning of Wireless Access Points (CAPWAP)
ur
ce
The service view helps you to:
Check user information on an AP.
Quickly troubleshoot faults.
Quickly identify rogue APs and speed up fault diagnosis.
Re
Colors indicate channels.

The color depth indicates the signal strength.
ar
ng
Location view
ni
so
tunnel between an AC and an AP.
Rogue APs are identified.
Le
Mo
re
Collision domains are marked.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
eSight automatically searches for AC and LSW and adds the found ones to eSight.
Use the intelligent configuration tool to configure the network connectivity between
ht
s:
eSight and the AC and LSW so that eSight can deliver services to and implement
management on them.
Set basic AC information.
Import APs in batches using plan sheets.
APs download corresponding configuration files from the AC.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
WLAN stands for wireless local area network.
ht
so
Wireless Resource Statistics on the Network: Displays numbers of ACs and

APs (online and total) deployed on the network.
Interference Source Statistics: Displays types and numbers of interference
sources that may influence the WLAN.
Re
ur
Displays overview information on the portal, including key performance indicators on

WLAN management. So far, 13 KPIs are supported. Including:
TopN CPU Usage: Displays TopN CPU usage of APs.
TopN Memory Usage: Displays TopN memory usage of ACs.

TopN AP Air Interface Usage: Displays TopN air interface usage of APs (traffic,
usage (2.4G and 5G))
ar
ng
It uses the wireless technology to implement fast Ethernet access.
ce
A WLAN is a resource-sharing communication network that connects two or

more computers or devices by using the wireless telecommunication
technology.
s:
ni
WLAN User Statistics: Displays the trend chart of WLAN online users in a
specified period.
Le
Mo
re
TopN AP User Association Failures: Displays TopN AP user association

failures.
TopN Region Statistics: Displays region statistics (number of APs, access AP
users, STA connections).
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
User Statistics of Client Radio Types: Displays 2.4G and 5G users.
TopN SSID User Statistics: Displays TopN SSID user statistics.
TopN AP Interface Traffic Utilization Trend: Displays AP Interface Traffic Utilization

Trend.
Rogue Devices And Rogue Clients Statistics: Displays Rogue Devices And Rogue
Clients Statistics.
Channel Utilization Trend: Displays the trend chart of WLAN channel utilization in a
specified period.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
ce
ur
so
When a hardware fault occurs on an AP, you can quickly replace this AP
through eSight.
The services configured do not change after the AP is replaced.
Re
Check link connectivity.
Ping the IP address of an uplink device from an AP to check the AP's service
uplink status.
Ping an AP from the AC to check the link connectivity between the AP and AC.
ar
When the configurations of APs are incorrect, you can restore these APs to
factory settings in batches.
Replace an AP.
s:
Restore APs to factory settings.
After APs are upgraded online, you can remotely restart these APs in batches.
ng
tp
:/
Only Huawei WLAN devices support all these operations. APs here refer to Fit APs
re
Le
controlled by the AC.
Mo
ht
Restart APs.
ni
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
On the Add Device page, set basic information of the WLAN device to be added, the
SNMP parameters, and the information about the subnet that the device is to be
ht
added to.
On the Auto Discovery page, set the network segment discovery parameters, SNMP
parameter, and the information about the subnet that the device is to be added to.
On the Import Device page, download the template, enter the information about
ce
s:
so
Commands for setting SNMP community parameters for the AC:

[AC1]snmp-agent community read publicro
[AC1]snmp-agent community write privaterw
[AC1]snmp-agent sys-info version v2c
ng
Re
Mo
re
Le
ar
ni
ur
WLAN devices, and upload the configuration files to eSight.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ICMP can also be used to discover and add devices, but SNMP is preferred for
unified device management.
Set parameters of an SNMP agent on the AC:
ht
[AC1]snmp-agent community read publicro
[AC1]snmp-agent community write privaterw
[AC1]snmp-agent sys-info version v2c
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ht
ACs have been created in eSight.
APs and ACs are connected correctly.
The SNMP read and write permission has been configured.
s:
Procedure
ce
Prerequisites:
The wizard-based configuration involves the complete procedure for
ur
Select an AC and click Synchronize to ensure that WLAN configurations

on eSight and the AC are consistent.
Re
so
configuring WLAN services.
Select an AC and click Next to set AC attributes.
Mo
re
Le
ar
ni
ng
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
When Forwarding type is set to AP, the AP forwards user data in the
forwarding mode set when APs are created.
The Country Code parameter identifies the country in which the radio
frequency is located. This parameter specifies RF features, such as power,
channel value, and total number of channels that can be used for frame
transmission. Before configuring the device for the first time, you must
configure the country code.
ng
Re
so
s:
When Forwarding type is set to ESS, the AP forwards user data in the
forwarding mode set in the bound ESS profile.
ce
ht
Set basic AC information, including Interface name, AP authentication mode, and

Forwarding type.
ur
If an AP whose identity is confirmed exists in eSight, the AC attributes cannot be
Mo
re
Le
ar
ni
changed.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Click Add AP, select required APs, and click OK. Then click Next.
Note: You can add APs in either of the following two ways:
Choose Add AP > Batch Import, and import an AP plan sheet to create APs
in batches
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
Choose Add AP > Create Manually, and add APs offline.
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Configure profiles:
ht
Click Add and create an ESS profile. The configuration is shown in the next
slide.
You can bind multiple ESS profiles to an AP.
Note: The parameters marked with an asterisk in red must be set.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Select all the configured ESS profiles and click OK.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
Click Next.
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
When the service is deployed, click Deploy.
If an AP is added to the whitelist, the AP automatically enters the running status when
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
getting online. If an AP is not in the whitelist, the AP enters the running status only
after manual confirmation.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
When Success is displayed in Result, click Finish to complete the WLAN

configuration wizard.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
tp
:/
Any customer:
eSight provides multiple editions to meet management and business

requirements of different enterprises.
s:
The open secondary development platform and API facilitate

enterprises to integrate existing systems and develop personalized
ce
tools.
so
Any device:
Unified management on multi-vendor IP and IT devices reduces
Re
ht
What are the features of eSight?
ur
network management costs.
Any service:
Mo
re
Le
ar
ni
ng
Service-oriented SLA, directly presenting the service quality
Visible WLAN management and wizard-based service configuration
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Displays overview information on the portal, including key performance indicators on

WLAN management. So far, 13 KPIs are supported.
Including:
Wireless Resource Statistics on the Network: Displays numbers of ACs and APs
(online and total) deployed on the network.
Interference Source Statistics: Displays types and numbers of interference sources
ur
ce
s:
ht
that may influence the WLAN.
TopN CPU Usage: Displays TopN CPU usage of APs.
TopN Memory Usage: Displays TopN memory usage of ACs.
TopN AP Air Interface Usage: Displays TopN air interface usage of APs (traffic, usage
Re
so
WLAN User Statistics: Displays the trend chart of WLAN online users in a specified
ni
ng
(2.4G and 5G))

period.
TopN AP User Association Failures: Displays TopN AP user association failures.
TopN Region Statistics: Displays region statistics (number of APs, access AP users,
STA connections).
Le
ar
User Statistics of Client Radio Types: Displays 2.4G and 5G users.
TopN SSID User Statistics: Displays TopN SSID user statistics.
Mo
re
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
TopN AP Interface Traffic Utilization Trend: Displays AP Interface Traffic Utilization

Trend.
Rogue Devices And Rogue Clients Statistics: Displays Rogue Devices And Rogue
Clients Statistics.
Channel Utilization Trend: Displays the trend chart of WLAN channel utilization in a
specified period.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Allow users to view information about AC basics, APs managed by the AC, regions,
alarms, and online user statistics.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
On the Fit AP tab page, click the AP name to check the AP parameter settings.
Mo
re
Le
ar
ni
ng
Re
so
ur
In the pane on the right, click Synchronize to synchronize the AP information

to eSight.
s:
ht
After an AP is connected to a WLAN, you can query information about all the APs
managed by eSight.
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
1. Data Forwarding Mode
ht
Direct forwarding: The AP sends the original packets without any change on
them.
s:
Region is a logical concept. You can group multiple APs into one region.
Regions are planned based on the actual deployment.
so
ur
2. AP Region
You can specify an AP region as the default region. An AP that is
Re
Tunnel forwarding: The AP encapsulates packets to the CAPWAP tunnel and

forwards them to an upper-level network to ensure packet forwarding security.
ce
automatically connected to a WLAN (that is, in no-auth mode) is added to the

3. Antenna
4. Frequency Bandwidth
Le
AP signals are transmitted through antennas. If AP signals transmitted through

an antenna are poor in quality, use another antenna mode for transmission.
ar
ni
ng
default region automatically.
To avoid interference of neighboring APs, you must set the neighboring APs'
Mo
re
radio channels to different frequencies.
When the frequency band is 20 MHz, the transmission rate is low but multiple
channels are provided for selection, effectively reducing the interference.
5. Channel Value
You can set the number of managed channels.
Setting rule:
2.4 GHz frequency band
ea
Note: In a radio profile bound to an AP, if Channel Mode is set to Manual, set
Operating Channel Value to the same value as that of Channel Value; if
Channel Mode is set to Automatic, the value of Channel Value is allocated
ht
tp
You can view the number of current operating channels.
:/
/l
6. Operating Channel Value
rn
5.0 GHz frequency band
20 MHz: 149, 153, 157, 161, 165

40 MHz-minus: 153, 161
40 MHz-plus: 149, 157
in
20 MHz: 1-13
40 MHz-minus: 5-11
40 MHz-plus: 1-7
g.
hu
When the frequency band is 40 MHz-minus or 40 MHz-plus, the transmission

rate is high but only a few channels are provided for selection. The 40 MHzminus and 40 MHz-plus bandwidths have the same transmission rate but
different available channels.
aw
ei
.c
om
/e
by eSight.
You can view the current operating power.
Note: The operating power determines whether the signal coverage can
be displayed in the location topology.
8. Transmit Power Level
Value range: 0-15
The value 0 indicates full power. The power depends on the AP type. A
Re
so
ur
s:
7. Operating Power
ce
9. Available Antennas
The number of available antennas must be no more than the number of actual
antennas.
ar
ni
ng
greater power level indicates a lower power.
To lower power consumption, you can shut down excess antennas.
Mo
re
Le
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
You can browse information about all STAs on the live network.
STA is short for station, referring to terminals such as a desktop with a wireless
ht
network adapter or a laptop.
s:
Click Synchronize to browse information about all STAs on the live network.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
1. Monitor the signal quality of terminal users in a trend graph in real time.
2. Basic user information includes:
s:
User service information: user online duration, go-online time,

receiving/sending traffic, receiving/sending rate.
Mo
re
Le
ar
ni
ng
Re
so
ur
User attributes: user name, IP address, MAC address, AC name, AP name,

AP IP address, authentication mode, radio, SSID, signal-to-noise ratio.
ce
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
SSIDs are used to divide a WLAN into subnets, each of which requires a specific
identity for authentication. Only the users who have passed identity authentication can
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
access the corresponding subnet. In that way, unauthorized users cannot access the
WLAN.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Create: Create a subregion.
Delete: Delete selected regions and APs.
Import: Plan regions and APs by plan sheet.
Export: Export regions and APs in the current WLAN topology.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
You can check logical relationships between ACs, APs, rogue APs, and STAs in the
service topology.
Right-click a device and select one of the following options.
ht
Synchronize: synchronizes data on the selected AC to eSight.
View Physical Topology: checks the physical topology view of ACs.
View Alarms: checks the alarm list of an AC.
Details: checks detailed device information.
ce
ur
so
Ping: checks the connectivity between two network devices by pinging each
device on an AP.
Re
s:
View Users: checks users connected to the AP.
Hide Users: hides users connected to the AP.
Mo
re
Le
ar
ni
ng
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
eSight allows you to test the connectivity between an AP and an AC and between two
APs.
Prerequisites
The AP or AC whose connectivity is to be tested is online.
The Telnet parameters have been correctly configured for the AC.
Background Information
Ping is used to test whether a remote host is reachable by sending ping

packets to the host. Use the ping function to check the network connectivity or
to test the line quality.
Re
so
ce
s:
ur
ht
Tracert is used to discover the routes that packets pass when traveling from
Select a proper diagnosis method based on the site scenario.
Le
When a fault is detected on a network using the ping function, use the tracert
function to locate the fault.
ar
ni
ng
the source host to the destination host. Use the tracert function to locate a
network fault.
Mo
re
Performing the ping operation on an AP:
Check the connectivity between two network devices by pinging each

device on an AP.
Check the connectivity between an AP and an FTP server during an
upgrade.
The AP ping function takes effect only when the AP works properly.
You can ping the AP from the AC to check the tunnel connectivity
between the AP and AC.
Procedure
1. In the main menu, choose Network Application > WLAN Management.
g.
hu
2. In the navigation tree on the left, choose WLAN Topology > Service
Topology.
3. Double-click the subnet icon to display the WLAN service topology.
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
in
4. Select a proper diagnosis method based on the site scenario.
Mo
Performing the ping or tracert operation on the tunnel between an AP and an

AC:
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ht
When AP configuration is faulty, a hardware fault occurs, or the network is calibrated,

rectify the fault by the following operations:
Restore Factory Settings: Perform this operation when AP configuration is faulty.
Restart: Perform this operation when an AP is upgraded online.

Replace: Perform this operation when a hardware fault occurs on an AP. This
relieves you from reconfiguring data.
Mo
re
Le
ar
ni
ng
Re
so
ur
s:
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
You can create a location topology view and add APs to the location topology view
based on the WLAN management requirements. In the location topology, you can
ht
s:
view the current signal coverage scope and current device status, and simulate actual
networks to facilitate daily maintenance.
Right-click in the location topology, and choose Add Location. In the dialog box that is
displayed, set Layer 1 subnet name, and click OK.
NOTE:
ur
so
A location topology view may contain multiple devices.
Mo
re
Le
ar
ni
ng
A location topology view may support multiple layers of sub location topology
views. A maximum of nine sub layers are supported.
Re
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Double-click the new location icon, and click Set Background on the shortcut icon bar.
In the dialog box that is displayed, select Select image, and select a proper image of
ht
the physical network environment based on the site scenario.

Note:
An image can be in GIF, JPG, JPEG, or PNG format. The image size cannot exceed 2
MB.
Right-click menu description:
1. Add Region: Add a location based on the physical location of a device in the live
network to display the device layer relationship in the location topology.
2. Add Pre-deployed AP: Pre-deploy an AP in the topology during WLAN planning,
Re
so
ur
ce
s:
ng
preset the AP transmit power, and display WLAN deployment effect in graphics.
3. Add AP: Add an AP that is managed by eSight to the topology.
4. Display Signal Coverage: The signal coverage scope can be displayed in any of
the following modes: by signal strength, by rate, and by channel. The signal coverage
ar
ni
Le
scope displayed is determined by the operating power in the radio profile. If the signal
coverage scope is not displayed properly, check the operating power in the radio
re
profile.
Mo
5. Hide Signal Coverage: Hide the signal coverage scope.
7. Add Block: Add blocks for the following purposes:
Ensuring that the location topology view is consistent with the real network layout.
Controlling signal attenuation.
8. Set Channel Color: Set channel colors as required.
Procedure for displaying signal coverage in the location topology:

1. Import the background image.
2. Set the scale based on the scale of the background image.
3. Import APs to deploy in the region.
4. Drag APs to the actual location in the region.
5. Draw blocks based on the background image.
6. Display the signal coverage by signal strength, by rate, or by channel.
ar
ni
ng
Re
so
ur
ce
s:
ht
tp
:/
/l
ea
rn
in
g.
hu
Le
re
Mo
6. Set Scale: Set the scale based on the actual network layout size to map the
network layout to the location topology.
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
How do you rectify AP faults through eSight?
ht
Restore APs to factory settings: When the configurations of APs are incorrect,
restore these APs to factory settings in batches.
s:
Replace an AP: When a hardware fault occurs on an AP, replace the AP. This
method can relieve you from reconfiguring data for the faulty AP.
Mo
re
Le
ar
ni
ng
Re
so
ur
Restart APs: After APs are upgraded online, restart these APs in batches.
ce
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The main content of this slide: The first part introduces the WLAN troubleshooting
methods. The second part introduces common diagnostic commands and tools for
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
WLAN troubleshooting. The last part introduces WLAN troubleshooting solutions

based on specific cases.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Management block: APs are classified into Fat APs and Fit APs. A Fat AP can
manage itself independently, while Fit APs are uniformly managed by an AC.
Service block: This part includes service VLAN configurations and wireless services.
Port block: VLAN is configured based on ports.
Wired block: This block includes the connection between APs and switches,
connection between access switches and aggregation switches, connection between
ur
ce
s:
ht
Mo
re
Le
ar
ni
ng
Re
so
ACs, and connection between ACs and the upper-layer devices.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Check the segment between a terminal and an AP. The terminal includes laptops,
tablet computers, and Wi-Fi-supported mobile phones. You must check the terminal
ht
device and the wireless environment.
Check the segment between an AP and a switch, including the AP hardware and PoE
power supply.
Check the segment between a switch and an AC, including the switch, hardware
ce
s:
so
For example, in areas where users can only access the Wi-Fi network at a low rate,
troubleshooting can be implemented from the terminal. First, check whether the low
Re
ur
version, software version and configurations of the AC.
access rate is caused by the terminal. Then, check whether there is a fault on the AP.
Mo
re
Le
ar
ni
ng
Finally, check whether there is a fault on the switch or AC.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The replacement troubleshooting method can quickly locate a fault and find proper
s:
ce
AP: Fit APs can start with no configurations, and it is convenient to replace
them. When Fat APs are replaced, you need to configure them again.
Network cable: When the cable on a specified network segment is suspected
to be faulty, replace the network cable for testing.
Mo
re
Le
ar
ni
ng
Re
STA: If there are several terminals, replace them with other terminals of the
same type or different types.
ur
Network adapter: Replace the built-in network adapter with an external

network adapter, or reinstall the network adapter driver.
so
ht
troubleshooting solutions. Its operation is fast and simple.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Trace command:
This diagnostic program sends packets with different TTL (time to live)
ur
Trace command is classified into two types: tracert command in

Windows and traceroute command in Linux.
s:
ht
Common commands for network diagnosis also include the trace command and
debug command.
ce
Debug command:
Re
so
values and receives ICMP TTL-expired messages to determine the

route to the destination.
When network faults occur, run the debug command to obtain
Mo
re
Le
ar
ni
ng
information about packets and frames exchanged, which is of vital

importance in fault locating.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Response to ICMP Echo Request messages sent by a local device: If no Response

message is received within a certain period, the message "Request time out" is
ht
Packet statistics include the number of packets sent and Response packets received,
percentage of packets that receive no response, and minimum, maximum and
average response time.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
displayed in the output. Otherwise, the number of bytes, the sequence number, TTL,
and response time of the Response message are displayed.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The common display commands help to query and display information about device
ht
versions and configurations.
Devices from different vendors may have different commands.
Run the display current-configuration command to display the configurations of the
ce
s:
current system.
ur
Run the display interface command to display interface information.
Mo
re
Le
ar
ni
ng
Re
so
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Check the status of all APs on the current AC.
ht
Display information about APs, including AP ID, AP Type, AP MAC, Profile ID,
s:
Region ID, and AP State. Information about one AP is displayed in one line.
ce
The total number of APs is displayed in the last line.

If an AP goes online successfully, "normal" is displayed in the AP State
ur
column. If an AP cannot go online, "fault" is displayed in the AP State column.
so
("download" is displayed during the upgrade. "config-failed" is displayed when
Re
an AP fails to initialize the configuration).

Check the IP address.
ng
Run the display ap all command to display IP address, MAC address, expired (M),
ni
type-vlan, interface, and vpn-instance.

10.1.101.100 0013-d326-a32f
D-0
GE0/0/1
ar
These items are the IP address, MAC address, remaining lifetime (in minutes), entry
type and slot number on which obtains the entry, type and number of interface that
Le
Mo
re
learns the entry, and name of VPN instance to which the ARP entry belongs.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The display access-user command displays information about online users.
If user-id is specified, detailed information about the specified user is displayed.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
ht
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
inSSIDer is a new open source Wi-Fi scanner. It is developed by MetaGeek, who is
ht
also the developer of the Wi-Spy spectrum analysis program. It is a common signal
inSSIDer can display the change of signal strength in the time axis and the distribution
ce
s:
scan tool with simple operations and concise GUI.
of signal strength in each AP channel by figure. This tool can also filter AP information
ur
based on the frequency band, channel ID, signal strength and encryption mode of
For situations where a large number of APs need to be managed, the inSSIDer tool
also supports GPS functions, to locate the positions of APs in Google Maps.
Mo
re
Le
ar
ni
ng
Re
so
APs.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ht
Descriptions of each column in the above figure:
Column 1: MAC address (the MAC address of this hotspot is unique)
Column 2: SSID (Service Set Identifier, also called network name)
Column 3: RSSI (the received signal strength indicator, in dBm)
Column 4: channel ID (the channels occupied by different wireless signals)
Column 5: vendor
Column 6: encryption mode (WEP, WAP2-PASK, and Open which means
so
ur
ce
s:
encryption is not required)

Column 7: maximum rate (link setup rate)
Column 8: network type (infrastructure in common)
Column 9: discovered the first time
Column 10: discovered the last time
ng
ni
Column 11: latitude; Column12: longitude. (When the GPS function is enabled,
you can determine the AP location according to the latitude and longitude.)
Le
ar
Re
Remarks: Ensure that the wireless network adapter and the driver are installed
Mo
re
before using inSSIDer, and the wireless network adapter should be enabled.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Figure of signal strength:
ht
This figure shows the change of signal strength at different times. Different
signals are marked by different colors.
This figure shows the signals and strengths of different channels, and also the
channel bandwidth. You can click the corresponding icon to select the 2.4 GHz
ur
s:
Figure of channel usage status:
ce
Mo
re
Le
ar
ni
ng
Re
so
or 5 GHz channel.
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
WLAN Fault Locating Procedures
ht
Check the services on terminals --> check the received signal strength -->
ce
Locate the fault step by step.
Mo
re
Le
ar
ni
ng
Re
so
ur
s:
check the AP --> check the wired network devices --> check the AC --> check
the uplink devices
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Ask the users about the fault symptoms and reproduce the faults.
Check user terminals:
Check whether the wireless network adapter is enabled.
Check the signal strength.
Check the surrounding interference sources.
ce
s:
Check WLAN services using a self-brought device:

Implement troubleshooting on the common services, including FTP unloading,
so
ur
ht
FTP downloading, and webpage browsing.
Re
Check whether the specific services such as voice service and video service
are normal.
Mo
re
Le
ar
ni
ng
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Scan the surrounding signals with common network diagnostic tools, such as
ht
inSSIDer. Analyze the influences of various signal strengths on the local signal. In
s:
general, RSSI in major coverage areas ranges from -40 dBm to -65 dBm; RSSI in
ce
edge areas should be larger than -75 dBm; co-channel interference should be smaller
than -80 dBm.
Through network diagnostic tools, the local signal strength and the strength of other
ur
Re
so
signals in the same channel can be detected. Weak local signal strength is usually
caused by the poor wireless environment. When a large number of other signals with
strong signal strength co-exist in the channel, change a signal channel. For example,
channels with less signal interferences, such as channel 1, channel 6, or channel 11,
Mo
re
Le
ar
ni
ng
can be selected for the 2.4 G frequency band.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The appearances differ for APs of various types. However all APs have the radio
ht
signal indicator, system status indicator and link status indicator.

If the indicator is steady on, the related functions are enabled. If the indicator
s:
ce
blinks, data is transmitted or the device is started. If the indicator is off, the
related functions are disabled.
After logging in to an AC, you can check the status of an AP by running the display
command. For example, you can run the display ap all command to check the
so
For some APs, there is only one PWR indicator.
ur
Mo
re
Le
ar
ni
ng
Re
working status of all APs.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Check whether the switch is obviously extruded or damaged.
Log in to the switch through the console port to check whether the switch is correctly
ht
configured.
s:
Check the network status to see whether broadcast storms or packet attacks occur.
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
WLAN supports four authentication modes: Wired Equivalent Privacy (WEP)

authentication, Wi-Fi Protected Access (WPA) authentication, WPA2 authentication,
ht
and Privacy Infrastructure (WAPI) authentication.
ce
s:
Different devices support different authentication and encryption modes. Check whether
the AC supports the configured authentication and encryption modes.
Check whether services are correctly configured on the AC.
The configurations of basic AC services include:

AC ID and carrier ID
country code
source interface
Re
so
AP WMM profile and radio profile

WLAN-ESS, security profile, traffic template and WLAN service set
Mo
re
Le
ar
ng
The configurations of AP radios and VAP parameters include:
ni
ur
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
If the AC and its downlink devices all work properly, check the AC uplink devices. First,
check whether the hardware is damaged. Then, check whether the router is correctly
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
configured.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
When performing routine maintenance on wireless devices, comply with the

regulations to ensure the normal running of devices, prevent the potential faults in
ht
Mo
re
Le
ar
ni
ng
Re
so
ur
ce
s:
advance, and rectify the existing faults in time.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
During the installation of antennas (especially outdoor antennas), carry out operations
strictly confirming to the regulations. Ensure strong signal strength first, and take
ht
lightening protection and waterproof measures to avoid accidents.
s:
For example, the two antennas on the same AP should be installed at a proper
distance according to the regulations. Otherwise, it may result in saturated received
signals and severe interferences. As is shown in the left figure, the two antennas
should be installed at a larger distance.
so
When the antennas are installed in the vertical direction, the distance between
antennas should be around one meter. When the antennas are installed in the
horizontal direction, the distance between antennas should be around two
Mo
re
Le
ar
ni
ng
meters.
Re
ur
ce
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
Note: If the power supply indicator (PWR) is off during the routine maintenance of AP,
the AP is powered off or the power supply (by the PoE switch or the power adapter) is
ht
abnormal.
The status of indicators helps to locate the faults.
The indicators on APs produced by different vendors vary from each other slightly.
For APs of different types, the number of indicators and their locations are not the
ce
s:
Mo
re
Le
ar
ni
ng
Re
so
ur
same.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
First, check whether the terminal is working properly (the wireless adapter is enabled
or not).
Second, check whether the surrounding wireless signals are normal. By using
network diagnostic tools (for example, inSSIDer), you can check the status of the
current signals and other signal interference sources, such as a microwave oven.
Third, check whether the password is valid and correct. If the password is incorrect,
ce
s:
ht
so
Forth, check whether the certificate is correctly installed for users who adopt dot1x
authentication.
Mo
re
Le
ar
ni
ng
Re
ur
enter the correct password.
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
The AP is faulty.
ht
Check whether the PWR indicators and network cable indicators are blinking
Check whether an IP address has been assigned to the AP.

Run the display ip pool command on the DHCP server.
If the AP does not have an IP address, configure the DHCP server to assign
ur
so
Check the AP status after logging in to an AC.
ce
s:
normally.
Re
an IP address to the AP.

If they cannot ping each other or one end cannot ping another end, modify the VLAN
ng
configurations.
If the AP fails to be authenticated, add the AP to the whitelist.
Check whether the number of APs connected to the AC reaches the upper limit.
ni
If no license is loaded, the AC6605 supports a maximum of four APs by default.
If the number of connected APs reaches the upper limit, apply for and load an
Le
ar
AP license.
Check whether the MAC address or SN of the AP conflicts with that of another AP.
Mo
re
n
aw
ei
.c
om
/e
g.
hu
in
rn
ea
/l
:/
tp
ht
Block Troubleshooting Method
Segment Troubleshooting Method
Replacement Troubleshooting Method
s:
Which command can be used to check the status of all APs on an AC?
Run the display ap all command to display the status of all APs.
Mo
re
Le
ar
ni
ng
Re
so
ce
What are the WLAN troubleshooting methods?
ur
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
g.
hu
in
aw
ei
.c
om
/e
re
Mo
ni
ar
Le
ng
ur
so
Re
s:
ce
ht
tp
ea
/l
:/
rn
in
g.
hu
aw
ei
.c
om
/e

Oaw AP Matrix

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Oaw AP Matrix

Uploaded by

Copyright:

Available Formats

re

Huawei Certified Network Associate-WLAN

Huawei Technologies Co.,Ltd

No part of this document may be reproduced or transmitted in any

Copyright Huawei Technologies Co., Ltd. 2014. All rights reserved.

Trademarks and Permissions

and other Huawei trademarks are trademarks of Huawei

The information in this document is subject to change without notice.

Huawei Certified Network Associate-WLAN

Huawei Certificate System

Relying on the strong technical strength and professional training system,

Huawei Certified Network Associate-Wireless Local Area Network

The HCNA-WLAN certificate system introduces you to the industry and

marking the maturity of WLAN technologies. Many standards such as 802.11a,

802.11b, 802.11g802.11e802.11f802.11h802.11iand 802.11j have been

CDMA/GPRS, and Bluetooth, technologies closely related to personal computers and

mobile devices become increasingly popular. Meanwhile, the mass production of

The high-speed mobile 3G and 4G (LTE) networks further popularized mobile

Characteristics: easy to use, low cost, convenient

Main technology: Bluetooth technology. It works on the 2.4 GHz band.

WLAN: 2.4 GHz and 5 GHz bands

Flexible design and multiple users supported

Main technology: 802.11a/b/g/n

Main technology: WiMax (802.16)

Main technology: 2G/3G, satellite transmission

Low bandwidth, accounting based on time or traffic

Ir DA: A P2P transmission technology. This technology is applicable to short-distance

Wi-Fi: Wireless Fidelity. Uses standards such as IEEE802.11a/b/g/n to provide

wireless coverage for LANs.

for mobile network data transmission and WWAN coverage.

This chart demonstrates the performance of WLAN, Modem, ADSL/LAN, and

Wide coverage range: 100 m for 802.11a/g, 500-1000 m for 802.11n

The AC + Fit AP mode is used to replace the Fat AP mode.

more economic than leased lines from carriers.

WLANs in exhibition and securities halls realize real-time interactive service

WLANs deployed in stadiums allow correspondents to give live broadcasting.

WLANs provide more flexible networking to improve working efficiency.

WLANs in office buildings realize wireless office working.

Wireless Local Area Network

Wireless Metro Area Network

Wireless Wide Area Network

What is the relationship between Wi-Fi and WLANs?

What are advantages of WLANs compared to wired networks?

Wireless Personal Area Network

What are the types of wireless network?

regulate two categories of wireless communications: licensed spectrum and

unlicensed spectrum. The difference is that unlicensed users do not have to go

Maximum power of the intentional radiator (IR)

Maximum equivalent isotropically radiated power (EIRP)

Use (indoor and/or outdoor) the FCC

The European Telecommunications Standards Institute (ETSI) is an independent,

approved by the technical conference, and researched by each technical committee.

The IEEE is approved by the International Organization for Standardization as an

than 30000 volunteers who participate in standards research and development,

In 1999, several visionary leaders came together to form a global non-profit

local area networking.

The Wi-Fi Alliance is a growing non-profit international organization composed of

provides testing and certification for the world.

Wi-Fi CERTIFIED implements the interoperability of WLAN technology and provides

The IETF is an international non-governmental organization with all participants and

unchanged after being approved.

WAPI Industry Association (Technical Committee on Wireless Network and Secure

social organization and industrial cooperation platform that is composed of enterprises,

of broadband wireless IP networks, improves the competitiveness of members,