Clear To Send: Wireless Network Engineering

What’s new with Nyansa Voyance since Mobility Field Day 2? I take a look into Voyance in this new episode… This episode is sponsored by Metageek Wi-Fi Analytics with Nyansa Voyance I wanted to look back at what Nyansa has been doing with Voyance since Mobility Field Day 2. Nyansa has been around since 2013 and their focus has been on using network analytics to drive next steps with troubleshooting and trending Wi-Fi data. To review Voyance, I was able to get access to a demo account. Within the product I grabbed many screenshots to share with you. The information presented is interesting and getting to root causes of various Wi-Fi issues is very helpful. The Recommendation Engine is an interesting view to look at Wi-Fi issues. Clicking on a specific issue drills into the issue with more detail. A new addition to Voyance is the Service Desk view. This is for your help desk or service desk folks to view different clients and what issues they may be having. Nyansa added a global view to the dashboards. If there are multiple sites you have to manage you can overlay them on a map and have quick views into any potential problems. All looks good here. Charts are a great way to represent data. This is viewing a specific AP. Here’s an interesting look at client data rate vs the max negotiated rate. You can view exact details by hovering your mouse over the chart. Want to see it on a timeline? Click on the hovered area for more information. Get a graphical look at how APs hear each other and whether you have co-channel interference.   Links and Resources * Nyansa * Episode 71 – Wi-Fi Analytics with Nyansa

What is Cisco DCA and how does it work with RRM. This episode is sponsored by Metageek Cisco RRM DCA – Dynamic Channel Assignment DCA, or Dynamic Channel Assignment, is a core component of Cisco Radio Resource Management (RRM). It runs a critical algorithm which dynamically changes an access points (AP) client serving channel based on multiple parameters, collectively called a Cost Metric. To really get an understanding of Cisco RRM, start with our previous episode on Cisco NDP. DCA is configured under 802.11a/n/ac (5 GHz) and 802.11b/g/n (2.4 GHz) Channel Assignment Method The first thing you will notice is the Channel Assignment Method of Automatic, Freeze, or Off. Automatic will run the DCA algorithm at the define Interval which is every 10 minutes by default. The anchor point is used to set the time of day the DCA algorithm would start. For less frequent channel changes, increase the interval. Keep in mind that clients will be disconnected briefly for a channel change. Freeze does not run the DCA algorithm unless triggered. Off disables the use of RRM and its auto-rf capabilities. Avoid Foreign AP interference Enabling this option allows RRM to take surrounding neighboring APs that are not part of your network into consideration. RRM will create a channel plan to help mitigate co-channel interference. Avoid Cisco AP Load This option allows RRM to consider the traffic load on an access point to help build a better channel plan. I don’t believe in enabling this feature because it can be difficult to make a client device associate with a specific AP. Avoiding non-802.11a|b noise This RRM option takes interference on the channel into consideration for the channel plan. The category of interference is anything coming from a non-AP. Persistent Device Avoidance Sometimes there is non-Wi-Fi device interference affecting your wireless network. DCA can help mitigate the issue if Avoid Persistent Non-WiFi Interference option is enabled. RRM will receive information from CleanAir and if the interference is creating a negative impact, RRM can issue a channel change to avoid it. Viewing persistent devices can be done by viewing the details of an AP from the web interface. At the bottom of the page are all the persistent devices being tracked including the class type, on what channel the interference was heard, what the duty cycle is, RSSI, and when it was last seen. DCA Channel Sensitivity DCA has three different modes it could be in: * Scheduled – DCA algorithm runs at a selected time. Usually to minimize changes to off peak hours. * Steady State – DCA algorithm running at a specified interval. * Startup Mode – Used when making changes to the wireless network architecture. It restarts the DCA algorithm and runs for 100 minutes at high sensitivity. By default, DCA has a medium channel sensitivity at 15 dB for 5 GHz and 10 dB for 2.4 GHz. This is the DCA Sensitivity Threshold. By changing the channel sensitivity to high, then a cost metric of 5 dB better will recommend a channel change. DCA Channel List To have DCA dynamically select a channel, it must be in the Channel List. You can select specific channels for DCA to select from or select them all, including the UNII-2 channels. Dynamic Bandwidth Selection RRM has a flexible way to assign bandwidth to APs by analyzing the RF and selecting the best channel width. By default, DCA uses 20 MHz channels. You can configure Cisco RRM DCA all the way up to 160 MHz channels or select Best to have RRM pick for you. If an AP doesn’t support 40/80/160 MHz channels it will not be configure...

In this episode, we go over the Cisco Neighbor Discovery Protocol. The basis of Cisco RRM. This episode is sponsored by Metageek. Cisco WLC Neighbor Discovery Protocol (NDP) Cisco NDP, short for Neighbor Discovery Protocol and Neighbor Discovery Packets, is a critical component of Cisco’s auto RF feature, Radio Resource Management (RRM). The purpose of NDP is to provide over the air (OTA) messages between access points (AP). It monitors and manages what each AP sees in the radio frequency (RF). It’s essentially how every AP sees other APs in an RF Group or Neighborhood. The end result is actual RF path loss between APs. I see NDP as a way for APs to build a map of their locations in relation to each other based on RF propagation and path losses. Every 180 seconds (3 minutes), an AP will send an over the air (OTA) message to a multicast address, 01:0B:85:00:00:00, from each channel. NDP messages are sent at the highest transmit power and at the lowest data rate supported for the channel being transmitted on. The transmit power and data rate selection is not configurable by the end user and is hard coded. Cisco Neighbor Discovery Protocol forms the basis of many algorithms within Cisco RRM. Because of that, it goes without saying, if NDP doesn’t work neither does RRM. Learn more RRM from the white paper. NDP is used by the following * RF Grouping Algorithm * Transmit Power Control (TPC – basis calculation for TPCv2) * Flexible Radio Architecture (FRA – basis for coverage overlap factor) * Rogue detection (If AP isn’t sending NDPs or unintelligible NDP then it is a rogue) * CleanAir (Used for interference reports) * CMX (For AP RF distance and path loss measurements) As you can see, NDP is very important for RRM. What’s inside a Cisco NDP Packet? Field Name Description Radio Identifier Slot ID for the sending radio Group ID IP Address and Priority code of sends WLC Hash RF Group name converted to a hash for authentication IP address IP of sending AP’s RRM Group Leader Encrypted ? Are we using Encrypted NDP? Version Version of NDP APs Channel Operating channel of the sending radio Encryption Key Length Encryption Key Name Message Channel Channel the NDP was sent on Message Power The power (in dBm) the message was sent at Antenna Antenna pattern of the sending radio When an AP hears and receives an NDP message, it will validate the message from the transmitting AP to determine if it is a member of the same RF group. If it’s a valid NDP, the receiving AP will forward the message to the controller along with information such as the received channel and RSSI. If the message is not in the same RF group it will be invalid and the packet will be dropped. The message is added to a neighbor database. Each radio on each AP can store up to 34 neighbors ordered by RSSI, high to low. There are two measurements taken:

François and Rowell discuss their experiences capturing wireless frames for analysis and what tools they used to do it. This episode is sponsored by Metageek Capturing Wireless Frames It’s one of my favorite things to do. Capture wireless frames anywhere there’s a wireless network present. I know. I’m a boring guy. But I can’t help taking a look. In this episode on capturing wireless frames, we go over our favorite tools and apps which help us solve real world problems. Why should you capture frames? If you want to learn how wireless works, then you need to start diving into frames. That’s how you’ll learn exactly what you need to know by seeing how it works. It’s perfect for learning any of the CWNP certifications and especially for the CWAP. By looking at wireless frames, you’ll begin seeing how wireless devices and access points talk to each other and acquire the shared medium. Another reason for capturing wireless frames is to perform analysis. There may be an issue that’s hard to solve and requires wireless frame analysis. This could be as simple as finding out a device does not negotiate the same parameters as the BSS. Or maybe you’re trying to find out what could be slowing down wireless for every other device. It’s the old saying, packets never lie. But in this case, frames never lie! You can capture wireless frames on any platform such as MacOS, Windows, and Linux. When it comes to the platform of choice, we prefer to use MacOS. By default, you can place the MacOS wireless adapter in promiscuous mode. This mode is used to capture all frames, even those not destined to the host. By utilizing an app such as Airtool, it’s possible to fine tune a frame capture down to parameters such as the channel, channel width, payload or no payload, etc. Then with Wireshark, the analysis can be performed. In the episode, François and I speak about our experiences in using frame analysis. I bring up a situation where Skype calls kept dropping but the issue was really a consumer level device trying to take up most of the airtime. There are other examples also described in the episode. Here are some screenshots of different applications of frame capture and analysis. Links and Resources * What are radiotap headers * Windows Network Monitor 3.4 * Eye P.A. Coloring Rules * Mojo Packets * Airtool * Wireshark * Omnipeek * AirPcap NX

Robert Boardman joins the podcast to discuss his install of Ubiquiti AirFiber24 at his campus. This episode is sponsored by Metageek Ubiquiti AirFiber24 Robert Boardman is a network engineer in Monterey, CA. He recently deployed a point-to-point link using Ubiquiti AirFiber24. These are 24 GHz radios operating in unlicensed spectrum. This is one of the reasons why this looked attractive to Robert. He could have easily went with a 5 GHz deployment. Robert knew that this would potentially be an issue in the future. 5 GHz is widely deployed on his campus and didn’t want to risk any co-channel or adjacent channel interference. He decided to use the less widely deployed frequency. The reason is to avoid potential WiFi deployments that would happen in the parking lot, which this PtP has to cross. These radios operate in full-duplex, providing about 1.4+ Gbps of throughput. It’s not a bad radio to think about when it comes to creating a bridge or a backhaul connection. In this scenario, Robert used it as a backhaul to a couple of remote buildings in which lectures are done for students. Aligning the radios would seem to be a challenge but Robert mentioned how there’s an LED indicator which helps you align the radios. This is called the Radio Alignment Display. It will provide you with the signal strength indication. The radio itself is a decent size. It is 36.94 x 18.44 x 11.08″ and weighs 35.27 lbs. You may need two people for mounting just to be safe. You can find more about Ubiquiti AirFiber24 from a video recorded for the WiFi of Everything. Resources and Links * @robb_404 * robb404.com * @woe_show * Robert and Rowell have started a new WiFi YouTube channel called WiFi of Everything. * Ubiquiti AirFiber24

A look back at the podcast all the way to the beginning! Be sure to check out the giveaway at the bottom of this post! This episode is sponsored by Metageek We Made It To Episode 100! I never thought I’d make it to episode 100 of this podcast. The first episode was published in August of 2015. The reason for starting the podcast was to learn more about Wi-Fi. To get into the community and help others who were getting started. At the time I was an IT Manager with a strong interest in Wi-Fi. I didn’t have many friends of colleagues specializing in Wi-Fi which led to this podcast being born. At first it was difficult to produce an episode each week. It actually is still difficult but it comes natural now. Especially with François joining as a co-host. François and I have known each other through Twitter. I’m not sure how we even connected but a fun fact is that we didn’t meet in person until October of 2017. We met in Toronto, Canada where our families had dinner together. With the addition of François the quality of the podcast has increased. So I thank him for all this efforts! We both record at home and for me it is in my garage. We do it when we have spare time and often have enough time just to hit the publish button for the week

Steve McKim shares his experience in starting a new WISP in his town, how he gets customers, and what equipment he uses. This episode is sponsored by Metageek Starting A WISP Steve McKim, a good friend of ours, lives in Rossburn Manitoba, Canada. He recently started his own WISP to provide high speed internet to the people of his city. Steve has had previous experience in working at a WISP back in Winnipeg. So it comes natural to him. So born in Manitoba is 45networks owned and operated by Steve. What is a WISP? It stands for Wireless Internet Service Provider. In areas where internet is slow, unreliable, and maybe over-priced, a WISP can come in and with minimal installation, provide a high speed connection. There’s no construction or trenching needed to provide this connectivity. When it comes to starting a WISP, the first thing you need to do is come up with a business plan. Your mindset also much change to become consumer oriented. From there you work on your marketing through the newspaper, Facebook, and mailers. Steve created a survey using Google Forms which gathered many responses. This became his list of potential customers. What does it take to build a WISP? It starts with a survey. You can begin plotting using Google Earth. A wonderful tool at your disposal! Once you’ve found your locations a physical site survey is needed. Making sure you have line of sight to your base station with no obstructions. With the equipment Steve is using, customers can get throughput of 150-160 Mbps down and 60 Mbps up using GPS sync. The equipment he uses are Ubiquiti RocketAC Prisms. On the customer side he is deploying Ubiquiti Lite Beam Gen 2 and Nano Beam, depending on the distance. Ubiquiti is great to use because of the cost and the tools they provide you with. When it comes to interference, Steve is able to determine what his noise floor is because of the built-in utilities. In addition to interference, he can see his competitors’ channels being used. This is where Steve uses a static channel plan so he knows what to expect. Some of the tips Steve wants to share are the following: * Plan accordingly * Create a link budget * Study local regulations * Learn about licensed and unlicensed frequencies * Learn about the effects of weather on frequency bands * Lear about ground reflections Tools and Resources * 45networks * AirLink * Ubiquiti * Sonar  

Raymond Hendrix joins the show to discuss his experience in deploying event Wi-Fi. This episode is sponsored by Metageek Event Wi-Fi Raymond Hendrix is the man behind Veni Vidi Wi-Fi. It is operated by Hendrix IT. He is located in Merselo, Netherlands. This episode is an expansion of his Ten Talk from WLPC EU. Raymond got his start in RF when he worked for the Dutch Department of Defense. Quite the interesting start! In this episode, we talk about Raymond’s experience with deploying event Wi-Fi. Just like any environment, it always depends on the requirements of the event holder. They will vary quite a bit. Some of the most challenging aspects of event Wi-Fi are of course interference. You can be sure to run into interference outdoors. Whether that is from the visitors or even the exhibitors. But even more challenging that interference is time. Typically, Raymond has just days to set up Wi-Fi and that includes providing internet service for the whole event. This is a great episode to listen to if you’re being tasked with setting up Wi-Fi for an upcoming event. Some of the other topics we discuss: * In-house vs contractor hardware * Bringing in internet service * Use of mesh * Types of equipment used * Equipment selection * Survey and validation Links & Resources * Ten Talk * Veni Vidi Wi-Fi * @raymondhendrix

François talks about this experience in studying for the CCNP Wireless certification and how you can get started. This episode is sponsored by Metageek CCNP Wireless In order to get the CCNP Wireless certification, you need to pass the following 4 exams: 300-360 WIDESIGN – Designing Cisco Wireless Enterprises Networks 300-365 WIDEPLOY – Deploying Cisco Wireless Enterprises Networks 300-375 WISECURE – Securing Cisco Wireless Enterprises Networks  * 300-370 WITSHOOT – Troubleshoot Cisco Wireless Enterprises Networks François recommends studying them in the order above. They are ranging between 55 and 60 questions each and you have 110 mins to complete them and each exam is $300 USD each. How to study Self study Read the exam objectives WIDESIGN Exam Topics – The Cisco Learning Network WIDEPLOY Exam Topics – The Cisco Learning Network WITSHOOT Exam Topics – The Cisco Learning Network WISECURE Exam Topics – The Cisco Learning Network Create a study book of all of the subjects you want to study Research Cisco documentations to find more information about these specific subjects Look at the Study Materials Tab on the exam page Cisco Design Documents Cisco Support Articles Cisco Admin Guide documents If you have equipment, you can setup a lab and practise the configurations Setup your own labs you will need at least 1 AP and 1 WLC Configure dynamic interfaces Configure Interfaces groups Configure AP Groups and RF Profiles Configure different SSID configurations Troubleshoot an AP no joining Ask a friend to break your config and try to troubleshoot it Setup a freeradius server so you can test 802.1X even if you don’t have ISE If you don’t have access to a WLC, you can download a virtual WLC with a 60 days eval license at Wireless – Cisco Virtual Wireless Controller – Cisco It will be a .ova file ready to be used as a virtual machine If you don’t have a Cisco AP, you can purchase an older one on eBay for cheap (ex: 3502) Other ways to study E-Learning proposed by Cisco for $750 a course can be purchased with Cisco Learning Credits Designing Cisco Wireless Enterprise Networks (WIDESIGN) – The Cisco Learning Network Store

Hemant Chaskar, VP of Technology and CISO of Mojo Networks, joins the podcast to talk about the technical details around KRACK. Hemant Chaskar On KRACK Let’s welcome Hemant Chaskar of Mojo Networks. Hemant Chaskar is a Vice President and CISO at Mojo Networks. His past work has spanned wireless, networking and security, with the recent 12 years in enterprise WiFi as technology expert, product designer and technical evangelist. At Mojo, he has been spearheading the development of access, intrusion prevention and cloud based WiFi solutions. Mojo Networks is a provider of enterprise cloud managed WiFi solution, with a vision to create networks that reach new heights in performance, security, scalability, and ease-of-use. It strives to liberate networks from proprietary hardware and utilize the full power of the cloud to deliver Cognitive WiFi™: a self-driving network that makes things remarkably simple and reliable at massive scale. This episode gets very technical as François and Hemant go into the details of how KRACK works by starting from the beginning.. What exactly is in this episode? * Review of WPA2 crypto * CCM * Review of AES-CTR * What is an AES-CTR Nonce * What is a nonce? * How does GCM differ from CCM * Attacking the EAPOL 4-Way Handshake * EAPOL overview * Impact * Severity * Countermeasures * Attacking Group Key Handshake * Attacking 802.11r FT Handshake * Lessons learned Links and Resources * Hemant on Twitter * Hemant Chaskar videos on KRACK * Mojo Networks

Ian Beyer and Jonathan Boyle discuss helping others by deploying Wi-Fi communications. When a natural disaster hits the first thing everyone needs is reliable communications. Ian Beyer and Jonathan Boyle join the podcast to talk about their experiences in deploying Wi-Fi for first responders, families, and departments running critical operations. Ian Beyer is the Region 7 Technology Manager for Team Rubicon. Jonathan Boyle is the Region 7 Director for IT Disaster Resource Center (ITDRC). If we look at Hurricane Harvey, there was a record rainfall. Team Rubicon National Operations Center in Dallas, TX began planning for response. This started before Harvey made landfall. Team Rubicon is a Veteran-led disaster response organization with 50,000 volunteers. They work with major tech vendors such as Palantir, Motorola, Inmarsat, ITDRC, Google, and more. ITDRC’s mission is to provide communities with the technical resources necessary to continue operations and begin recovery after a disaster. Much of their efforts are made possible due to the partnerships and cooperation with numerous partners such as Dish network, Google, Ruckus, Fortinet, Cambium Networks, Dell, Cisco Meraki, HP, Intel, CiscoTACOPS, and more. ITDRC has 900+ volunteers nationwide. In this episode, Ian and Jonathan discuss what it is like to deploy where communications is needed. It all starts with volunteers with the right skillsets to configure and deploy the right technology. In most scenarios, many engineers are fortunate to have a clean and safe environment to work in. The volunteers at Team Rubicon and ITDRC run into many Wi-Fi challenges. There’s interference everywhere, hotspots running around, neighbors in the building, etc. In many cases, the backhaul can be the most challenging. Cradlepoints are often used with hotspots for connectivity. With many people using that connection it can get congested and spotty. As Ian will talk about, sometimes RRM is your friend in these hostile conditions. At the time of this recording, ITDRC had volunteers deployed in Puerto Rico. We hope to have an update in the near future after those efforts have been completed. To hear the full dialog, listen to the episode today! Links and Resources * Ian’s blog * @canerdian * @doubleoboyle * Team Rubicon * ITDRC

We provide an overview of the KRACK Attack targeting Wi-Fi security. KRACK Attack On October 16th, 2017 a vulnerability within WPA2 security was released. In this episode, we provide an overview of what the KRACK Attack is, how it affects Wi-Fi networks, and what you can do to seal this security threat. KRACK Attack targets a weakness in the 4-Way Handshake. Specifically, the key management process. Within the 4-Way Handshake it is possible for an attacker to reinstall an already in use key. This is a security weakness because it causes devices to reinstall a key. Keys should only be installed once thus causing a weakness in security. An attacker would need to perform a Man-In-The-Middle attack in order to be successful in pulling off the attack. This means Wi-Fi devices are at risk. This becomes the challenge with ensuring security. All devices would need to receive this security patch. On the infrastructure side, an attacker would be able to perform a replay attack on APs with 802.11r enabled. Major vendors are releasing a patch for this vulnerability but as a workaround you could disable 802.11r. Listen in on our discussion around KRACK Attack, our thoughts, and our opinions on security as a whole. Links & Resources * Packet6 – KRACK Attack * Semfio Networks – Understand KRACK in 2 Hours * Revolution WiFi – WPA2 KRACK Vulnerability – Getting Information * KRACK Attacks.com

Sudheer Matta, VP of Products, of Mist Systems joins the podcast to talk about how they are using machine learning and A.I. to build better wireless networks. Mist Systems The intention of Mist is to add artificial intelligence and machine learning into the wireless networking stack. This provides a lot of insight into the Wi-Fi experience of a user. Why do this now? Because there was no architecture for devops, programmability and automation for MSPs and for IT teams. What is artificial intelligence (A.I.)? A.I. at Mist is dynamically doing packet captures when an issue is occurring. It segments these problems and helps determine if a device is a victim of the problem or is it a systemic problem? Other things are identified as well such as, is it wired or wireless? If it is on wireless, what type of device is having an issue, what OS is it running, what channel is it on and on which AP, etc. For the wired side, some examples are is it DHCP, DNS, etc. What about machine learning? These insights are based on machine learning algorithms. It is about correlation intelligence. It is the foundation for A.I. driven insights. Machine learning comes in two flavors, supervised and unsupervised. Mist has large clients utilizing their technology in the retail and education space. Within a matter of days both clients have been able to solve long outstanding issues that they weren’t able to successfully fix with their prior wireless vendor. Even Managed Services can take advantage of Mist as they roll out wireless to multiple clients. You can see all service levels across the whole organization. Listen to the episode to get the whole story! Links and Resources * Sudheer Matta on Twitter * Mist Systems on Twitter * Mist’s Website

Mike Leibovitz joins the show to speak about exciting times at Extreme Networks, what they’ve done with acquisitions and where they are headed, Extreme Wi-Fi updates with AC Wave 2, and more. Mike Leibovitz of Extreme Networks 10 years Mike has been at Extreme Networks. Since 2007/2008 he has focused primarily on Wi-Fi. He has done his fair share of work from sales enginneer, switching, routing, and voice. The way Mike Leibovitz got into Wi-Fi was through a project. Now he holds Director of Product Strategy role for wireless projects. There are two Wi-Fi product lines that Extreme Networks carries. One is for the campus market and the other is for distributed enterprise. In a campus environment, you’ll want more with the control plane for things such as layer 3 roaming and centralization of traffic. Extreme Network’s flagship access point is a Wave 2 4×4 with a tri-radio. It works with their security solution, AirDefense. A key thing to know about is the Flow based characteristics which splits the data plane. Analytics runs on top and then you have flow based rules. This episode on Extreme Networks goes into so much more information. Listen to hear more about: * Beyond RF * Security * 802.11ax Links and Resources * Extreme Networks * Mike Leibovitz on Twitter

New York City flipped the switch and enabled Wi-Fi and cellular network in all underground subway stations. Jeremy Ward, of Transit Wireless, joins us to talk about this large scale project and what it took to do it. This episode is sponsored by Metageek New York City – A Connected City Jeremy Ward of Transit Wireless joins us on the show to talk about getting the underground subway stations connected with Wi-Fi and cellular connectivity. The project includes 120 miles of fiber optic cabling, 4,000 cellular antennas, and 5,000 Wi-Fi access points. The network supports the users who use mass transportation every day, public safety, transit communications, and over 3,000 Help Point kiosks for riders. Jeremy discusses the challenges that came up with deploying a solution like this in an underground subway station. Many challenges to Wi-Fi make planning very important. There are issues from the environment, including: * Noise * Dirt * Heat * Cold weather * Brake dust from the trains * Pressure washers * Vandalism * and RF It’s very possible to get RF reflected from moving trains! Placement can be tough to tackle underground. One of the important things to consider is vandalism. Jeremy’s team has tested different enclosures by taking a baseball bat to them! Other topics discussed on this episode: * Design requirements * User traffic * Hardware considerations * Extreme Networks * Motorola * Wireless LAN Controllers * Security * Analytics New York City Subway Wi-Fi Stats Links & Resources * @realjeremyward * Transit Wireless