Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Optimise your WLANs for phones and tablets

176 views

Published on

A presentation from Jisc's wireless mobility event on 27 February 2019.

Published in: Education
  • Be the first to comment

  • Be the first to like this

Optimise your WLANs for phones and tablets

  1. 1. Jason Tyler Consulting Systems Engineer Cisco Enterprise Networks UK&I jatyler@cisco.com Optimize Your WLANs for Phones and Tablets
  2. 2. Agenda © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 2 • Introduction • Getting Connected – build your first cell • Probing and AP selection behavior • Optimizing Roaming • Cell position and overlaps • Optimizing Application Performances • Dos and Don’ts of WLC and iOS tuning • Conclusion
  3. 3. Building your First Cell
  4. 4. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Imagine That You Are an IPhone 4 • You need to connect • You do not know where the APs are • You do not know what SSIDs are available • You do not know what channels are available • You do not know if the user is moving • You are in the dark
  5. 5. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Improved Scanning Behavior 5 • iOS 8 and later only probe the broadcast (when not associated) • Increased efficiency, increased security • Do not set your SSIDs to “no response to broadcast” • 2 probes at 20 ms interval on each channel • If first request / reply collides, second will get the SSID • 5 GHz scanned first (e.g. UNII-1, 3, then 2, 2e), then 2.4 GHz
  6. 6. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public DFS Channel Exceptions 6 • Scanned channels are based on country config • All country channels are scanned (5 GHz and 2.4 GHz) • Channels 100 – 140 are DFS -> cannot probe directly Listen… If 802.11 frame detected → channel is safe to use → send probe requests You may wait up to 100 ms… or 60 s! To avoid time waste, iOS scans all other channels first, then 100 – 140 E.g. (US, A Domain) 36, 40, 44, 48, 52, 56, 60, 64, 149, 153, 157, 161, 165, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10,11 Repeat 5 times, then scan 100, 104, 108, 112, 118, 120, 124, 128, 132, 136, 140 Refresh only every 6 scan cycles Your iPhone / iPad may take up to one minute to detect an AP on channel 100 - 140 144 140 136 132 128 124 120 116 112 108 104 100 165 161 157 153 149 64 60 56 52 48 44 40 36 UNII-1 UNII-2 UNII-2e UNII-3 96 92 88 84 80 76 72 68 1234567891110
  7. 7. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public AP Arbitration Logic 7 • iOS 9 and before: strongest signal over -70 dBm Phone would choose AP B • Issue: strong signal does not equate to “good AP” iOS client selects AP2 Load: 10% AP1 Load: 100% AP2 -30dBm-50dBm A B - 63 dBm - 57 dBm
  8. 8. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Getting Connected 8 • iOS 10 and later: strongest signal and best throughput potential (APs with 100% load are also discarded) Load: 10% AP1 Load: 80% AP2 -50dBm-60dBmLoad: 30% Load: 70%
  9. 9. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public You are now Connected 9 • Your iPhone / iPad will continue to probe: • At regular intervals (327 seconds) • And if the AP signal falls below -70 dBm • iOS probes the broadcast and your associated SSID Probe for awareness Roaming probe
  10. 10. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Determining Android Probing Behavior – if You Have Some Time 11 • Android behavior depends on OS version, but also NIC firmware and vendor tweaks: best is to test • Keep in mind that a happy BYOD barely probes • Example Samsung S7: when connected to a network, with data traffic and good signal (not mobile and/or mobile within good AP signal range), S7 probes with a 313, 1813 and 1430 second cycle
  11. 11. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Samsung AP Arbitration Behavior 12 • Disclaimer: SP “customizations” may modify the behavior! • UNII-2 lag = 70 seconds (6 cycles) • Scans and remembers (only re-scan if not valid AP in the list) If multiple profiles, pick highest security first (WPA2 vs Open) Is one Radio 7 dB better than the others? Compare Radios SNR Pick best SNR Pick best MCS (likely 5 GHz), or best SNR if MCS identical Are best radios within 5 dB SNR? Has one radio potentially better MCS? Pick best MCS Pick 5 GHz, and best SNR if both radios are 5 GHz Yes Yes Yes Yes Yes No No No Scan at -75 dBm
  12. 12. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Samsung Galaxy is Enterprise-Friendly 13 • Roams if signal is below -75 dBm • Scans at -65 dBm (and lower) if CU > 70% • Scans if beacon lost for 2 seconds • Picks AP with 10 dB better signal than current • Remembers channels (only undergo full scan if no satisfactory AP within known list) • All Galaxy S6/Notes and higher support 802.11r • All Galaxy S8/Notes and higher support 802.11k/v https://support.samsungknox.com/hc/en-us/articles/115013403768-Enhanced-Roaming-Algorithm
  13. 13. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public What About the Other Clients? 14 • Mac OS Roaming Logic (https://support.apple.com/en-us/HT206207) • No 11v/k/r support Target 5 GHz only Pick 11ac 80 MHz Pick 11ac 40 MHz Pick 11ac 20 MHz Pick 11n 40 MHz Pick 11n 20 MHz Pick 11a (or g) Yes No Is 5 GHz -68 dBm or better? Do not scan Signal below -75 dBm? Yes Scan. New BSSID 12 dB better? No Do not roam, scan in background Yes Consider 2.4 GHz and 5 GHz networks No
  14. 14. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Determining Android Probing Behavior – if You DO NOT Have Time 16 • Best case scenario: you have primarily on type of BYOD, and it is a major brand: its behavior might be documented here: http://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-0/device_classification_guide.html • https://cisco.jiveon.com/people/jerhenry/blog/2015/03/15/byod-characterization-probes-as-a-happiness-index • Worst case scenario: you have all sorts of BYODs, or a minor brand: assume roaming when AP RSSI reaches -70 dBm (from the BYOD perspective). Compare the below to a test device: Model EIRP 2.4 GHz Worst* EIRP 5 GHz Iphone 6 14.5 dBm 10.2 dBm Ipad 4 15.2 dBm 22.67 dBm Nexus 6 14.8 dBm 11.1 dBm LG G3 12.05 dBm 11.24 dBm Samsung S5 13.4 dBm 10.61 dBm HTC One M8 14.4 dBm 13.8 dBm Nokia Lumia 1520 13.1 dBm 11.6 dBm PC (e.g. ASUS PCE- AC66) 22 dBm 22.83 dBm * EIRP varies with sub-band, displaying worst of all sub-bands Survival rule: 6 dB difference halves the distance I know I will get 6 dB less at d Received signal = X Distanced 2d
  15. 15. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Impact on Your Network Design 17 1. Make sure that at least one AP is available at > -70 dBm at entrance points 2. With iOS 10, you can add APs for high density 3. Avoid DFS channels if low density • With high density, DFS channels are okay, as active channels will be probed • 40 MHz channels may force you to DFS - 70 dBm
  16. 16. Optimizing Roaming
  17. 17. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public How to Make iOS Roam 19 • IOS does not scan ‘if you move’ (no accelerometer trigger), until the AP signal falls below -70 dBm RSSI*. At that point phone scans and tries to roam. AP1 - 70 dBm AP2 - 70 dBm Admin I want you to roam to AP 2 at point A Point A (where my design says that the client should roam) *(any packet from the AP, beacon or data is used; signal has to be received at less than -70 dBm for more than one second to trigger behavior) AP signal is below –70 dBm, I need to roam to a better AP -> I start scanning
  18. 18. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public iOS and Aggressive Load balancing 21 • To steer clients to other available APs or bands, AP2 denies association • No standards compliant reason for denial • No information about neighboring Access Points • If AP is the best signal… iPhone / iPad tries again… • After 5 attempts, SSID (not ‘BSSID’) is blacklisted 2. AP2 denies association AP1 AP2 -30dBm-50dBm Assoc Response (Status: Denied) Assoc Req Load: 10% Load: 100% 1. Client attempts association with AP2 Do not use Client Load Balancing with iOS… 802.11v can help
  19. 19. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public The Subtle Way: 802.11k (and 802.11v) 22 • Let’s start with 802.11k 4. Device loses WiFi connectivity with AP1 before re-establishing connection with AP2. (Non- seamless handover)Post-Association Steering: What could my next AP be? Here are the best 6 for you 802.11k neighbor list
  20. 20. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 802.11v: Send your BYOD to the Next (Best) Cell 24 • 802.11k vs 802.11v BSS Transition Management What could my next AP be? Here are the best 6 for you Need to roam, what AP do you recommend? Try this one Want to join your cell Nah, load too high, go there instead 802.11k neighbor list Your RSSI / rates are too low, roam to there instead 802.11v Solicited request 802.11v Unsolicited Optimized Roaming request 802.11v Unsolicited request
  21. 21. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 802.11r: Fast BSS Transition (AKA Fast Roaming) 25 RADIUS 802.11r (FT) Score: less than 100 ms Standard WPA2 (802.1x) Score: up to 6 seconds RADIUS Disassociation Full reauth 4 way handshake -> new key Disassociation 4 way handshake -> new key MDIE MDIE PMKR1 PMKR2
  22. 22. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Roaming Performance : 10x Better end-user Browsing and App Experience 26 QoS, 802.11r/k/vNo QoS, No 802.11r/k/v Time (s)* *Time Interval between last packet on previous AP, and first packet on next AP Up to 10x Improvement
  23. 23. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Impact on your Network Design • 2.4 GHz vs 5 GHz issue • AP1 power level 1 for 5 GHz • AP1 power level 1 for 2.4 GHz • Solution: make sure that AP power on 2.4 GHz is at least 2 levels below AP power on 5 GHz (e.g. 5 GHz -> level 3, 2.4 GHz -> level 5) • RRM “should” do it for you if your design is right and RRM config correct AP1 -70 dBm ch 36, -63 dBm ch 11 -70 dBm ch 11
  24. 24. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Impact on your Network Design 30 Design your 5 GHz / 2.4 GHz overlap wisely: • 2.4 GHz signal, at same distance from the AP, is commonly 7 dB better than 5 GHz signal • IOS is “supposed to” roam to next BSSID only if its signal is at least 8 dB better than previous one (this in theory avoid the 5 GHz to 2.4 GHz poor roaming behavior) • BUT measurement sensitivity uncertainty in mass silicon is 3 to 4 dB* • To limit roaming, limit the SSID to one band (5 GHz if possible). With dual-band SSIDs, expect frequent 5 GHz -> 2.4 GHz roams * This means that your Iphone can show -70 dBm for the AP, while my Iphone at exact same position can show between -66 and -74. Measure next day on your Iphone and you may also see anything between -66 and -74 AP “- 70 dBm” for 5 GHz, -61 dBm for 2.4 GHz, same SSIDIphone “roams” from 5 GHz to 2.4 GHz, same AP, same SSID
  25. 25. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Impact on your Network Design 31 If you can, design for 5 GHz only, and design optimized overlaps AP1 At the point where AP1 signal is -70 dBm, AP2 signal is -62 dBm AP2 That’s a -66 dBm edge
  26. 26. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Strategically Position Your Transition APs 32 1 3 2A B C • At “A” the phone is connected to AP 1 • At “B” the phone has AP 2 in the neighbor list, AP 3 has not yet been scanned due to the RF shadow caused by the elevator bank • At “C” the phone needs to roam, but AP 2 is the only AP in the neighbor list • The phone then needs to rescan and connect to AP 3 • 200 B frame @ 54 Mbps is sent in 3.7 μs • 200 B frame @ 24 Mbps is sent in 8.3 μs • Rate shifting from 54 Mbps to 24 Mbps can waste 1100 μs
  27. 27. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Strategically Position Your Transition APs 33 A B C 1 2 3 • At point A the phone is connected to AP 1 • At point B the phone has AP 2 in the neighbor list as it was able to scan it while moving down the hall • At point C the phone needs to roam and successfully selects AP 2 • The phone has sufficient time to scan for AP 3 ahead of time
  28. 28. iOS Analytics (Tell me about you)
  29. 29. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Device Profile Client shares these details 1. iPhone 7, iPad Pro 2. iOS 11 Support per device- group Policies and Analytics 1 Wi-Fi Analytics Client shares these details 1. BSSID 2. RSSI 3. Channel # Insights into the clients view of the network 2 Assurance Client shares these details Error code for why did it previously disconnected Provide clarity into the reliability of connectivity 3 Cisco DNA-C Assurance Apple Insights 35
  30. 30. Deeper Dive on Cell Size and Power
  31. 31. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Higher Power Does not Always Mean Better Signal 38 Aim for: •Noise level ≤ -92 dBm •RSSI ≥ 67 dBm -> 25 dB or better SNR •Channel Utilization under 50%. You are a bit quiet Blah blah blah Is it better now? now? now? now? RSSI dBm Noise Level Time
  32. 32. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public If AP Signal is Strong, Client Uses High Data Rate 39 • Client power can be low, noise at the AP high, HW specs may be different… This is the AP ‘signal’ (at phone level) This is the phone ‘signal’ (at AP level)
  33. 33. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Can Power Really Damage Cell Conditions? 40 § Bad design example: Client @ 12 dBm, AP @20 dBm Based on Rx AP signal, BYOD thinks 54 Mbps rate is okay… But client message is too weak, and AP does not ACK until rate falls to 12 mbps Each message takes 8 times more to be transmitted (including EIFS and retries)
  34. 34. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public So, what is the right Power? 41 § In short: half your worst client max power • E.g. you design for 5 GHz, worst client max is at 12-14 dBm, set your AP power to 14 dBm § Otherwise, you get this:
  35. 35. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Power and Roaming 43 § First Mandatory Data Rate is used for beacon transmission • Can be used to modulate cell useful area • But iOS will roam if more than 20 beacons lost AP1 Beacon can be heard to here Signal can be demodulated to here Signal can be detected to here Client will try to roam by here
  36. 36. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Avoid Ping Pong Zones 44 Ping-pong effect occurs when a wireless client is at the edge of two cells and hops between them. Client stays here
  37. 37. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Impact on Your Network Design 45 • Set your AP power to 11 to 14 dBm • When your AP signal is at -62 dBm / - 67 dBm on the phone, another AP should be in range • Make sure that your first allowed rate is mandatory / beacon rate • Don’t hide the SSID • Avoid Designs with sudden signal degradation (Ping Pong syndrome) GoodBad Outside space where people on a call pace back and forth
  38. 38. Real Time Applications Performances
  39. 39. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public QoS – Working with IETF and Vendors 49 IEEE 802.11 Model Voice Access Category Best Effort Access Category Video Access Category Background Access Category UP 7 UP 5 UP 3 UP 2 UP 6 UP 4 UP 0 UP 1 OAM Signaling Realtime Interactive Transactional Data Multimedia Conferencing Bulk Data AF2 CS3 CS4 AF4 CS2 AF1 Scavenger CS1 Best Effort DF Multimedia Streaming AF3 Broadcast Video Voice + DSCP-Admit RFC 4594-Based Model CS5 EF + 44 Internetwork Control CS6 DSCP Network Control (CS7) Remark / Drop if not in use ü Apple ü Samsung/Google ü Microsoft
  40. 40. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public QoS – Today 50 Endpoint/Client Voice (EF) Video (AF41/42) Control (CS3) WMM Convention 6 4, 5 4 Audio on iOS (iPad, iPhone) 6 5 5 Audio on Android 6 5 5 Audio on OSX 6 5 5 Audio on Windows (desktop) 5, soon 6 4 3, soon 4 Unified IP Phones (DX650, 9971) 6 5 4 Apple FaceTime (iPad) 6 5 5 Note:Thesemaychangedepending ontheversion
  41. 41. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Impact on Your Network Design 51 • Enable QoS (your clients use it!) • Trust DSCP (CoS, 802.1p are things of the past) • Use AVC if needed • Only enable ACM if your realtime audio is predominantly on iOS and/or Cisco phones
  42. 42. Thank you

×