HE MU-RTS and CTS deep-dive

The second powerpoint series in my deep dive into the HE/802.11ax protocol is about the Multi User Request to Send (MU-RTS) and Clear to Send (CTS) process.

MU-RTS is one of the new Trigger Frames in the HE process and will be used instead of the legacy RTS.

I’ve have rewritten the slides some times while I have discovered new items during my interpreting of the IEEE802.11ax draft, so the coherence of the slides could have been better.
If I have interpreted it wrong, please tell it to me

My lab is consisting of Cisco equipment and Cisco have not implemented this functionality yet, so nothing is tested in real life.

I hope it useful

 

MU-RTS_CTS_final

Cisco 9800 CL and AP in FlexConnect

 

Last week I got one of my colleagues to install Vmware Workstation and Cisco Catalyst 9800 CL at one of my clients and after 24 hours of configuring and troubleshooting, I finally made it works with APs in FlexConnect mode.

Ciscos documentation on Catalyst 9800 CL and APs in FlexConnect mode is not perfect and I had a lot of challenges during configuration. I have therefore made this recipe for myself and anyone else

Read More »

OFDM, HT and VHT PHY cheat sheet

I mentioned in my latest blogarticle that I have read the book “Next Generation Wireless LANs” second edition from Eldad Perahia and Robert Stacy. This is fantastic book that goes way beyonds study material for the CWAP-certification .

To memorize this bit-by-bit stuff I have made myself a ODFM, HT and VHT PHY cheat sheet

Remark: This is a 50% product and in A3 format.

Constructive feedback are welcome

Downloadable file (pdf): OFDM, HT and VHT PHY Reference cheat sheets

ODFM, HT and VHT PHY reference cheat sheets

 

DL MU OFDMA bit-by-bit

There are a lot of blogs, podcast and videos at the internet explaining 802.11ax at a high level. And some have done testing with 802.11ax compatible devices. But I have not found anyone that explains 802.11ax at a deep level. So why not me

The last year, since I bought the Perahia and Staceys book “Next Generation Wireless LANs”, I have been interested in the PHY-level of 802.11. And to go deep at 802.11ax I had to buy the 802.11ax, Draft 4.0.
There are so many new topics in the 802.11ax technologies so I had to make usecases for some of the topics and I have choosen the MU OFDMA process. This first blogarticle, in a series of articles, are about the frame where the AP sends data down to stations that needs data, the DL MU OFDMA frame. This frame is sent in i HE MU PPDU format, one of the four different frame formats in the 802.11ax standard.

Later on I will cover other aspect of the MU OFMDA process, like the MU-RTS/CTS process, the uplink OFDMA (UL MU OFDMA) process and the Acknowledgement process

Nothing of this is testet in real world, it’s picked out of the 802.11ax draft

DL MU OFDMA
DL MU OFDMA is the process where the AP sends data down to several stations that need/want data in a parallell process. In this slides I have used a example where four stations receives data in parallell. The AP have, before it starts to send data, decided how it should allocate its RUs.

A overview of this frame (PPDU) is like this

DL OFDMA transmission overview

The presentation (slides) could be downloaded at this link (pdf)

DL OFDMA, bit-by-bit

If someone have constructive feedback I would be grateful

Useful links

  • Cleartosend 802.11ax podcast-series,  link
  • David Colemans presentation at WLPC_US 2019, link
  • Wifininjas, link
  • IEEE 802.11ax draft 4.0 ($400), link

 

Pcap-quiz #1, 802.1X/EAP Authentication and Roaming

I have over a periode of time had a wish to make some pcap-quiz into the wireless community. And its time to jump into it

I am using this method

  • Make a topology file that shows the network and all necessary data like mac-addresses and so on
  • Take a wireless capture while i’am doing something with the clients
  • Filter the pcap to reasonable sizes containing frames/packets that matters
  • Make a questionare
  • copy the same file and fill in some answers
  • Zip it in a downloadable file

 

Background
Back in January 2019 I startet do play with WlanPi and packet capturing. Nigel Bowden had a article where he showed how to do packet capturing with the WlanPi and a compatibel WiFi-adapter on a Windows client. I ask him to update his script so that the WlanPi could capture 80MHz channels. And he did. Nigels link

Under my testing I discovered that the WlanPi could capture on four separate 20MHz-channels in a 80MHz-channel.  See my blog article

Peter Mackenzie did a deeper analysis on my pcaps and wrote a article where he explained what happens much better than I can do in english. Peters link

The point is that with my Realtek 8812AU adapter on the WlanPi it can capture 4 different 20MHz-channels in one capture, instead of using four adapters. Yes, it has some limitations. But in a lab environment its good enough.

In the zip-file I attached to this article is a pcap capture where the WlanPi captures on a 80MHz channel and it is 4 different APs each configured with the same SSID on 20MHz. Channel 36, 40, 44 and 48. The WlanPi is set to primary channel 36. That is the reason why the 802.11 radio information in Wireshark reports channel 36 for all 4 APs.

The original capture has almost 100.000 frames beause all clients also did pinging to the default gateway, just to create some traffic. I have filtered out the frames that matters to this questionare. It is the mangement- and EAPOL frames, so the capture contains only 8695 frames

Here is the case

  • 4 AP, each at 20MHz using channel 36, 40, 44 and 48
  • The pcap file contain captures from all four channels
  • The network uses 802.1X/EAP authentication, so all clients/suplicants communicate with a authentication server (Radius-server) during 802.1X/EAP authentication
  • Three clients, a MacBookPro, a iPAD and a Samsung A5. The iPAD and the Samsung  does a roam during the capture
  • Fast roaming is enabled
  • The questionare have 5 questions about 802.1X/EAP authentication and 5 questions about roaming
  • The topology file contains all mac addresses that matters
  • Eddie Forero had a awesome presentation during WLPC_US using Wireshark and how to customize it
  • Brian Long had a presentation at WLPC_US regarding 802.1X/EAP authentication

 

The zip-file:    Pcap Quiz #1

 

Please try it and make some comments. Next time it will be more against 802.11 radio informations

Note
We all know that a pcap contains frames, but I changes between writing frames or packets all the time

Usable links
Gjermunds article about fast secure roaming, part 1  part 2
Eddie Forero, WiFiShark Fu, youtube video, Link
Brian Long, The Anatomy of the 802 1X Association, youtube video  Link

 

Using WLANPi to capture on four 20MHz-channels

I have always thought that capturing wireless frames on several channels must have been done with several NIC-adapters in monitor mode. I have seen several pictures and videos showing 4, or even 8, adapters in a usb-hub, each capturing on a single 20MHz-channel.

But last week I used my WLANPi and the script from Nigel Bowden to capture on a 80MHz-channel. And what do I see when capturing at UNII-1 with 4 APs, each at 20MHz and using channels 36, 40, 44 and 48

Beacon from all 4 APs

Read More »

Make TPC work, is it possible? Part 2, from the WLC perspective

My recent blogpost was a theoretical approach using Ekahau ESS to find out if its possible to use Cisco WLCs TPC algorithm to set Tx-power on my access point according my predictive design in ESS

My design was based on Cisco 2802i access points, primary/secondary coverage -67dBm/-75dBm, Tx-power at 25mW/14dBm and 5GHz only

My conclusion from the theoretical approach was that the WLC would have problems with a consistent Tx-power setting. But I would give it a try

Read More »

Make TPC work, is it possible? Part 1, theoretical approach

I started my wifi-career in 2016 with Cisco WiFi-Fundamental as self-study. While reading about Radio Resource Management (RRM), Transit Power Control (TPC) and design principles I wondered how the network and the controller (WLC) was able to set the transmit power (Tx) on each AP according to design requirement. Since then I have read through CWNP-programme, Cisco RRM white paper and some  Cisco Design Guides and recommendations. Two ECSE–courses has also been completed. One instructor recommended static design and the other recommended tuning of TPC/RRM parameters

Read More »

Fast Secure Roaming, part 2

My last blog was about some flavours of fast secure roaming (FSR). Based on feedback from the community, especially from Nicolas Darchis (thanks), I´ve learned that its possible to enable fast secure roaming with both AKM-suite 1 (WPA) and AKM-suite 3 (FT over IEEE802.1X) on the same wlan (also possible with PSK). Cisco calls it Hybrid Mode

We can configure our Cisco WLC like this; enable Fast Transition and both 802.1X and FT 802.1X AKM-suite. The controller will warn you that some non-802.11r clients may not join this WLAN

Read More »