Professional Documents
Culture Documents
Wireless Standards and Implementation
Wireless Standards and Implementation
Introduce myself
My name is Masafumi OE. Im senior researcher in NAOJ.
NAOJ: National Astronomical Observatory of Japan Astronomical Research institute is founded by the government.
Introduce myself
Why the astronomer does teach on this workshop?
Im network professional researcher.
Operate the entire of NAOJ network.
When I was belonging to NAIST, I had a employment opportunity that NAOJ is requesting a researcher of Network area to WIDE Project.
MIzusawa
OKINAWA HAWAII,US
Subaru Telescope
8.2m Primary Mirror located on the summit of Mauna Kea, a dormant volcano on the Big Island of Hawaii. The air is only 60% as thick as at sea level. =>The summit of Mauna Kea is one of the best astronomical observing sites in the world
Introduce yourself
Your name and etc.. Your ability and experience of a wireless. Your aim on this WS.
Quiz
Test your knowledge about wireless technologies. TIME LIMIT is 30MIN.
Your aim
Goal
Participants acquire new experience by absorbing my lecture.
You practice to construct a wireless site. I hope to construct and operate a good wireless site.
DAY2
Advanced configuration Designing of a wireless site
DAY3
Practice
Construct a wireless site on this site.
DAY1
selfintroduce/milestone Introduction of 802.11 11:00 - 12:30 Introduction of 802.11 (2) Install and Initial setup Cisco-APs 13:30 - 15:00 Basic configuration (1) 15:30 - 17:00 Basic configuration (2)
MAY BE RESCADULE ON OUR PROGRESS.
9:00 - 10:30
DAY1 11:00-12:30
Introduction of 802.11
Now
wireless PC-card based on 802.11b/g is only $30.
It is able to install wireless device to consumer gaming machines due to low priced wireless chipset.
Nintendo DS is $150, PSP by Sony is $200.
It becomes easy to develop built-in wireless devices. Various size (type) of NIC released.
ONLY 2.4cm
10
802.11
On 2.4Ghz-band, 802.11 has two types of spectrum spread method.
FH-SS, Frequency Hopping - Spectrum Spread.
Fault tolerance is high, transmission rate is slow. Bluetooth use FHSS.
11
FHSS on 802.11
Spread-spectrum signals are highly resistant to noise and interference. b: Actual bandwidth
Hopping Hopping T i m e Hopping Radio frequency
DS-SS
Sender
Add PN-Sequence
Receiver
spread-spectrum transmissions
De-Spread
Spread
Decode the digital data from the spectrum
12
About IEEE802.11a(1)
IEEE approved 802.11a at 1999, too.
Product released at 01. Manufactures released after successful of 802.11b.
5GHz-band may have some effect by rain and snow. 5Ghz of straightness is higher than 2.4GHz of it.
S/N rate is low on furnitures shadow.
13
About IEEE802.11a(2)
Link speed is 54Mbps.
802.11a use OFDM (Orthogonal Frequency Division Multiplexing) as modulation. OFDM is able to use a radio bandwidth in efficiently than DSSS in 802.11b. Merit of OFDM is strong in phasing and the multi-pass.
TDMA
Time Division Multiple Access
TIME
Frequency
14
FDMA
Frequency Division Multiple Access
TIME
Frequency
Ex) AM Radio
Spectrum of FDMA
Signal Level Frequency bandwidth
Frequency
15
Orthogonal-FDM
Signal Level OFDM
Distributes the data over a large number of carriers that are spaced apart at precise frequencies. This spacing provides the "orthogonally" in this technique
Frequency bandwidth
Frequency
About IEEE802.11a(3)
Usage limitation of 802.11a is different each country.
In Japan, Permitted frequency from 5.15GHz to 5.25GHz without a license and also indoor use only.
Because 802.11a interferes in weather observation system, AMEDAS, that use 5GHz-band.
16
About IEEE802.11a(4)
Usage limitation of 802.11a is different each country.
In Japan, Permitted frequency from 5.15GHz to 5.25GHz without a license and also indoor use only.
Because 802.11a interferes in weather observation system, AMEDAS, that use 5GHz-band.
About IEEE802.11g
First product was released at 03.
Manufacturers release products while IEEE is finalizing specification of 802.11g from draft.
17
The performance decreases when both of 11g client and 11b client exist in same area because OFDM-CCK has more overhead than OFDM.
CCK
CTS
OFDM
DATA
CCK
ACK
OVERHEAD OVERHEAD
18
Channels
Channels and available frequency on 11a/b/g are different each country.
Channel availability of NIC is different by selling region of product. We should pay attention for participant's country.
802.11b Channels
19
802.11g Channels
802.11a
20
Infrastructure mode
Node associate with AP as client. Client communicate via access point(AP). AP works as bridge. This mode is usually used in wireless network.
AP
21
Ad-hoc mode
A node commutates other node without AP. No AP is required
Repeater mode(1)
Connects between LAN and LAN via AP.
AP
AP
ro ad
Bldg A
22
Repeater mode(2)
AP can work as a relay station.
AP AP as a Relay station.
AP
AP
Wireless Interoperability
WECA (Wireless Ethernet Compatibility Alliance) is founded.
WECA established to popularize wireless technologies at 1999.
Founded by Lucent, Intersil, Airnet (now Cisco) .
tests wireless device to interoperable with IEEE 802.11 specification. Certified Logo
23
WEP function
Client
XOR operated
Access Point
XOR operated
Encry pted data Encry pted data
data
Pseudo-Random Number Generator
data
Pseudo-Random Number Generator
WEP PASSWORD
WEP PASSWORD
24
25
Access Point
XOR operated
Encry pted data Encry pted data
data
KEY(WEP+IV+MAC) is hashed. WEP is only 128bit. WEP PASSWORD
data
MAC Address
WEP PASSWORD
24bit ->
40bit
Key include clients MAC address. Use different key each client.
26
Summarize(1)
Introduce 802.11b, 11a and 11g.
11g and 11a is up-to 54Mbps. 11b is 11Mbps.
Summarize(2)
Channel availability is depending on local regulation. IEEE802.11 has three operation mode, Infrastructure mode, ad-hoc mode and Repeater mode. 802.11 has security features to protect a wireless LAN.
WEP, WPA(802.11i) as link-layer.
27
DAY1 13:30-15:00
Touch Cisco Aironet Wireless access point.
What is AP1140AG
You learn a wireless operation with Cisco AP1140AG. Features
Slim and Smart body. Support IEEE802.11b,11g, and 11a. Support one Ethernet port and one serial console port. It works the IOS and support CLI (Command Line Interface).
28
What is AP1140AG
A retail price of AP1140AG in Japan is about US$450.
Including a wall mount kit and POE injector.
Teaching Equipments
Rent equipments
Laptop
With USB Serial
Cisco AP
Fought with CUSTOM officer.
Serial Cable (RJ45-DUB9) PoE Injector UTP (patch cable/Yellow) AC/DC adapter
AC cable (JP type connecter) JP-ID converter plug
Subaru postcard
29
AP1130AG
This AP is marketed in Japan.
Then, APs specification fits the law of Japan.
Usable channels, Transmit power
Attention
The base plate of AP is HOT in power-ON.
Interface
Ethernet 100BaseTX or 10BaseT Console RS232C compatible/ 9600bps DC-IN 48V 2 status LEDs POWER The top over (DC-IN) indicator MODE button
MODE Button
30
PoE
The AP supports Power Over Ethernet (PoE).
No need wiring a power cable.
Bring DATA and DC power to AP with one UTP cable. The AP supports IEEE802.3af and Cisco inline power (non-standard PoE spec. by Cisco) specification. In Cisco catalyst supporting PoE, Its product code has PS at the end of the product code.
Get more smart connection to AP.
31
DC Power AP Power and Data PoE injector unit HUB Over UTP Data(ethernet)
AC
32
Start Hyperterminal.
Use the shortcut named Cisco-access.
Serial port is COM4. Speed 9600bps with None parity, 8bit data late, 1 stop bit, non parity and non flow control.
33
Access the command history with Up (or CTRL+P) and Down (or CTRL+N) key.
[return]
ap> my name is MASAFUMI. % Invalid input detected at '^' marker. ap>_
34
HELP system
If you forgot the command, use HELP to input ?, TAB key and help command.
EXAMPLE
ap> ?. ap> show <type-? aaa Show AAA values auto Show Automation Template caller Display information about dialup connections . . Ap> show ? Async Async interface BVI Bridge-Group Virtual Interface CTunnel CTunnel interface Dialer Dialer interface
_ is a cursor.
HELP system(2)
complement of command input.
ap> ?. ap> sho <-TAB ap>show ap>
35
Configuration mode
Permit to exec configuration commands
ENABLE MODE
configure command end or exit command
CONFIGURATION MODE
36
Configuration mode
Completely enter a configuration command per line.
No interactive input and output.
A command that are entered will be effective at the same time. A configuration is stored on a RAM memory.
To save your configuration to a media, you have to exec write memory command on ENABLE MODE. If you have a miss-configuration, you restart your AP without saving.
37
Example
Name your AP.
hostname [your APs name] Ex) ap(config)# hostname CISCO CISCO(config)#
Example
Set a password for enable mode.
enable secret 0 [your password] Ex) ap(config)# enable secret 0 SOI ap(config)# end ap# disable ap> enable Password: <-enter SOI ap#
38
Do command
Exec enable command with DO under configuration mode.
Ap(config)# do show run.
Omitting
you can omit a command under matching only one exact command.
Ap(config)# show running. Ap(config)# sh run.
39
Take care!
The startup configuration is erased.
40
GREEN
GREEN
UMBER
41
Basic command
COMMIT TO YOUR MEMORY!!
42
Write memory
Write memory(write mem) command can save current running config to startup config.
Copy
Copy X Y
Copy A to B. AP has a flush memory. Destination is flush/tftp/ftp/scp etc..
43
Reboot the AP
Use reload command
Ap# reload System configuration has been modified. Save? [yes/no]: no Proceed with reload? [confirm] <= if you didnt save save.
Show command
Show is one of basic important command.
IF you want to know, type SHOW.
44
Show running
Show APs current configuration
Show running
Show startup
Show APs startup configuration
Show interface
show status of the interfaces on AP.
45
Example
Show interface fastethernet 0 SHOW status 1st interface of fastethernet.
46
dot11Radio interface
Dot11radio 0 is for 2.4Ghz band
11b and 11g
BVI 1 interface
Logical interface
Input and output physical interface are automatically selected.
47
Shutdown
To shutdown a interface, shutdown on interface layer
48
IP address parameter
We are allocated static private address for AP.
10.0.0.91/24 10.0.0.92/24 10.0.0.93/24 10.0.0.94/24 10.0.0.95/24 10.0.0.96/24 Our gateway is 10.0.0.1 .94 .91 .95 .92 Lecturer .96 .93
49
Set IP address
Int bvi 1
Ip address X.X.X.X y.y.y.y X: your IP address. Y: netmask.
Default gateway
Ip default-gateway x.x.x.x x: D.GW.
50
channel
Set Channel under dot11radio interface
CHANNEL ALLOCATION
7 1 9 3 Lecturer 11 5
51
Speed
Set a link-media speed.
ap(config)#int dot11Radio 0 ap(config-if)#speed ? 1.0 Allow 1 Mb/s rate 11.0 Allow 11 Mb/s rate 12.0 Allow 12 Mb/s rate 18.0 Allow 18 Mb/s rate 2.0 Allow 2 Mb/s rate 24.0 Allow 24 Mb/s rate 36.0 Allow 36 Mb/s rate 6.0 Allow 6 Mb/s rate 9.0 Allow 9 Mb/s rate basic-1.0 Require 1 Mb/s rate basic-11.0 Require 11 Mb/s rate basic-12.0 Require 12 Mb/s rate
Speed
ap(config-if)#speed basic-1.0 basic-2.0 basic-5.5 basic-11.0 =that is 11b only. ap(config-if)#speed throughput ofdm =Only access OFDM client expect 11b.
52
Power
ap(config-if)#power local cck 30
SET transmit power 30mW
53
Sub-layer on a interface.
Interface has sub-layer structure
Dot11radio 0 has SSID. Use EXIT to move to upper layer.
Ap(config)# int dot11radio 0. Ap(config-if)# <-ENTER Interface layer Ap(config-if-ssid)# <-ENTER ssid layer under IF. Ap(config-if-ssid)# exit Ap(config-if)#
54
SSID naming
Erase tsunami
How do you erase it?
Guest-mode
no guest-mode
55
2nd DAY
11:00-12:30
Advanced configuration(2)
13:30-15:00
Adv. Configuration(3) Monitoring techniques
15:30-17:00
How to design the wireless site toward to built-up your group work.
56
Welcome, Again
Newcomers are arrival.
Please introduce yourself. Your name and etc.. Your ability and experience of a wireless. Your aim on this WS.
57
Introduce myself
My name is Masafumi OE. Im senior researcher in NAOJ.
NAOJ: National Astronomical Observatory of Japan Im network professional researcher.
Operating the entire of NAOJ network. Operated the wireless LAN on IETF-Korea and IETF-Japan.
Quiz
Newcomer, Test your knowledge about wireless technologies. TIME LIMIT is 30MIN.
58
59
60
61
62
Set a channel.
(conf-if)# channel X
Enter N
63
Interface
For newcomers
Ethernet 100BaseTX or 10BaseT Console RS232C compatible/ 9600bps DC-IN 48V 2 status LEDs POWER The top over (DC-IN) indicator MODE button
MODE Button
64
For newcomers
For newcomers
GREEN
65
For newcomers
GREEN
UMBER
For newcomers
66
IP address parameter
We are allocated static private address for AP.
10.0.0.91/24 10.0.0.92/24 10.0.0.93/24 10.0.0.94/24 10.0.0.95/24 10.0.0.96/24 Our gateway is 10.0.0.1 .94 .91 .95 .92 Lecturer .96 .93
For newcomers
channel
For newcomers
67
Go to next stage
68
Connect to LAN
Connect your AP to LAN
Use a UTP cable that is wired to your table. Connect the UTP cable to Network port on the injector.
And you try to associate your laptop to your AP with your SSID.
If you success, you get IP address from the DHCP server via YOUR AP.
Practice
1) 2)
69
WEB SNMP
70
71
Practice
1)
2)
Create your account and erase the default account. Try access to your AP via Telnet.
72
Added to a list
ap(config)# access-list 90 permit 192.168.0.0 0.0.0.255 ap(config)# do show access-list 90 Standard IP access list 90 10 permit 192.168.0.0, wildcard bits 0.0.0.255 ap(config)# access-list 90 permit 192.168.11.0 0.0.0.255 ap(config)# access-list 90 deny any ap(config)# do show access-list 90 Standard IP access list 90 10 permit 192.168.0.0, wildcard bits 0.0.0.255 20 permit 192.168.11.0, wildcard bits 0.0.0.255 30 deny any Ap(config) no access-list 90 < erace.
73
Practice
1)
2) 3)
Make an access list to only permit from your Laptop's IP. Set the access list to vty. Check an accessibility.
74
Clear association
Clear dot client is able to disassociate the client. Clear dot client X.X.X
X.X.X = the clients MAC address
WEP setting
Try to set WEP key.
(config-if)#encryption key 1 size 128bit 0 [HEXDATA] You prepare HEX code of WEP key. W I D E ! =0x5749444521 =40bit. To Enable WEP mode, type as follows. (config-if)#encryption mode wep mandatory
75
Practice
1) 2) 3)
MAKE your SSID. SET WEP CHECK AND ASSOCIATE WITH YOUR AP.
76
Check a connectivity to TFTP server with ping. ping [target IP] on enable mode. if you are operating a firewall, disable or open UDP port for TFTP server.
Try to use
Backup a running configuration to TFTP server. Copy running tftp://10.0.0.x/run-conf
Copy progress.
AP#copy running-config tftp://10.0.0.99/run-config Address or name of remote host [10.0.0.99]? Destination filename [run-config]? !! 2085 bytes copied in 0.098 secs (21276 bytes/sec) ap#
77
Copy from tftp to running-config. HOGE#copy tftp://10.0.0.99/test run HOGE#copy tftp://10.0.0.99/test running-config Destination filename [running-config]? Accessing tftp://10.0.0.99/test... Loading test from 10.0.0.99 (via BVI1): ! [OK - 2186 bytes] 2186 bytes copied in 9.341 secs (234 bytes/sec) TEST# TEST#
78
Sample
Perl script
Tips
no ip domain-lookup ip name-server 10.0.0.1
79
80
Interface SSID
Guest
Research divistion
Marketing
81
Tagging
On LAN
802.11q tagged vlan.
On Wireless
Multiple SSID
82
RADIUS authentication
83
84
Design points
Wireless network design is quite different from a wire network design. Understand characteristics of wireless.
Cover range of a access point. Interference with between channels.
85
Understanding Trade-off.
Operate wireless network with high security level.
It is possible to construct it with 802.11i/WPA etc. We can enjoy a safe network. HOWEVER
86
Understanding Trade-off.
Management side needs an account work of each user. And require to support user side.
Assistant settings, distributing account, etc.
Security level and operation costs(1) Operate a wireless network with WEP
We can prevent to tapping of the wireless network from unauthorized users. We need to provide the parameter information, such as WEP key to authorized users.
Management cost is UP.
87
It is easy to install this security feature in a enterprise network because users and type of clients are limited.
MAY NOT CARE UNIX CLIENTS on WLAN.
When the distributing information is required by a wireless network, a human cost is also required.
88
2401 2405 2411 2416 2421 2426 2431 2436 2441 2446 2451 2456 2461
2473
2496
2412MHz
Frequency MHz
89
Location of access point is decided to avoid overlapping of combination of channels. Example on next slide. Ch1 2 3 4 5 6 7 8 9 10 11 12 13 14
2401 2405 2411 2416 2421 2426 2431 2436 2441 2446 2451 2456 2461
2473
2496
Frequency MHz
Example-1
Decide each position of access point to avoid overlapping.
Wireless Access Point
1ch
11ch
6ch
90
91
92
93
Example
A plenary session at IETF meeting, the number of users is up to 500+.
If you choose AP B, You have a lot of troubles.
Case study
94
New associating clients are rejected by AP. Cant manage the AP. reboot Halt, need to restart in manually. Crash with damaged configuration files.
400 clients existed in the room 6ch AP3:150 users Conference room
95
6ch
2.Clients under AP3 do handover to other APs. 6ch AP3: under rebooting
96
97
ALL OF AP are UP and REBOOT. 6. Wireless service terminated until session end. 6ch
98
99
Other clients is confused, because two or more DHCP server exists on same network. Disassociate illegal clients from network immediately.
100
2nd Floor
6 EPS 1 Note: another AP is right below covering lobby lounge MTG1 (60) Gardenia A2 Note: another AP are right up and down the escalator 11 Fiber runs from Jade to NOC Cat5 runs from Jade to SW/AP Multicast Desks Storage Jade
Router Big Distribution Switch Distribution Switch Access Switch AP Server PDP 802.11b channels 1 6 11 6 MTG7 (500) Crystal 1,2 1
11
3rd Floor
IESG Topaz 6 MTG2 (100) Sapphire 1 MTG5 (300) Sapphire 2,3 MTG6 (300) Sapphire 4 6 11
11
101
This system has a function to disassociate a client from entire of wireless network.
Illegal clients such as worm infected, un-official dhcp server, RA server and etc are forced out.
2/29Sun 21:00
2/30 9:00
3/1 9:00
3/4 9:00
102
It is synchronous to living.
2/29Sun 21:00
2/30 9:00
3/1 9:00
3/4 9:00
Results
Total unique client was 1297. Peek of 11b clients was 524.
Recorded at 2004/3/1 15:51:21
103
Results
10 nodes were shut out from the wireless network.
Number of wire-wireless bridging enabled node is 5. Worm infected node : 3 RA enabled node : 1 DHCP enabled node : 1
104
105
11:00-12:30
Construct a wireless site
You know how to mount a AP.
13:30-15:00
Site survey, tuning and monitoring the site.
15:30-17:00
Advance configuration and withdraw the wireless site.
Hints (1)
You remember the case studies on yesterday session. You have to fix ..
POSITION of access points
Design a wire plan. Channel allocation
802.11 parameter
SSID NAME LINK SPEED/TRANSMIT POWER Security features
Then you write out on the MAP and make the configuration information.
106
Hints (2)
You make the configuration file for APs form the plan. Mount the APs to the planed position.
Cabling, mounting
Request to you
It is group work, cooperate with each other. You should operate multiple SSID. You support WEP and no WEP service with different SSID. Serve 11g/b as link-media. It is Manageable from a LAN. Share account and password among yours.
For smoothly operation.
107
108
109
Mounting
Mount an AP on a high position.
This AP are mounted at the upper part of door
Configuration procedure
1.
2.
Mount APs
Wire UTP cabling and monitor boot-up at Serial port.
3.
110
Construction
111
Knowledge is power.
Site survey Mounting Setup procedure
112
AirMagnet
AirMagnet
It is a market product A retail price is over 8000$!!
Software for Windows XP with Special NICs..
113
What is Netstumpler
It is free and useful. You can download from the site. http://www.netstumbler.com/
114
Netstumpler (1)
If it is no working, Select NDIS driver.
Netstumpler (2)
Start and stop.
115
Netstumpler (3)
SSID list
Netstumpler (4)
Display APes per channel.
116
Netstumpler (5)
Display AP.
Netstumpler (6)
Display S/N signal graph per node.
117
Tune power.
Check S/N rate with Netstumpler. If you find too much covered by an AP. ->Change a transmit power on the IOS int dot 0 power local cck [-1,2,5,8,11,14] power local ofdm [-1,2,5,8,11,14] ->Change a position of AP.
118
Start tuning
You survey your site on a live field. and you discuss and change configurations.
119
Operation request
120
121
Examination / Quiz
What is tests?
I set questions for all participants.
The content of question is you configure your AP in accordance with requirement.
122
Common requirements
Set your original name as hostname. Set your assigned IP address to AP. Take care about account and enable password. Stop disused service. To submit your answer, Upload your configuration to tftp://10.0.0.99/[your name]
Requirements
Group A
Create two SSID, yama and kawa. yama has 128bit WEP. kawa has no WEP and is broadcasting SSID.
WEP key is 0x00010203040506070809101112.
Group B
Create apple as broadcast SSID. Only Provide 802.11b. Not 11g. Install an access control.
You allow an access from 10.0.0.193~10.0.0.222.
Group C
Create AI3 as SSID with no Broadcast. Only Provide 802.11g. Not 11b. Install an access control.
You allow an access from 10.0.0.1~10.0.0.126.
123
ANS
Common
To broadcast a SSID, add guest-mode on the SSID section. No ip http server Set IP address to BVI1. Change secret and erase default username and create new one.
A
Dot 0.1 and dot 0.x are joined to same bridge group 1 and use native vlan ( vlan=1 ).
B
To limit 11b, set 11bs speed.
speed 1.0 2.0 5.5 11.0
C
To limit 11g clinet, set channel as follows.
speed basic-6.0 1.0 2.0 11.0 12.0 18.0 24.0 36 48.0 5.5 54 9 basic-6 = OFDM channel support is required = 11g
End
Do you want to get AP? Your AP become to your friend
124