Here is a new Technical Brief from our engineering team on….
Seamless Connectivity and Mobility in Wireless Networks
Wired clients rely on an ISP for quality of service to supply network connectivity. Today, the growing amount of mobile devices indicates that roaming clients are increasing in many ways.
Roaming can be simply considered as a wireless client disconnected from the current access point (AP) due to poor signal strength, which then connects to a new AP which has a stronger signal strength.
In reality, roaming does not act as most people expect and causes poor performance and high latency. To deal with that, the D-Link technical team has developed various roaming technologies and involved several different network protocol designs. From roaming concerns to coping with stubborn roaming behavior, the D-Link Unified Wireless Solution offers multiple proprietary technologies to extend roaming capacity where a consistent and seamless user experience is needed.
The use of the Internet is meeting user wants and needs in many ways. What’s even more remarkable is how deeply Wi-Fi has become embedded in our daily lives. Figure 1 shows a regular home WLAN scenario. Due to the rise of devices that rely on these wireless networks (WLANs) such as smartphones, tablets, smart TVs, digital cameras, printers, and digital set-top boxes, making wireless coverage throughout your home increasingly important.
As shown in Figure 2, the quickest and easiest way to achieve this is through the use of another access point, delivering wireless connections to multiple wireless clients simultaneously in the farthest corners of the entire home.
A typical user-scenario of Wi-Fi Roaming in the home Wi-Fi environment is when a user’s device automatically switches from one access point to another as needed to provide seamless connectivity.
Widely available Wi-Fi Hotspots make wireless coverage almost everywhere: the airport, subway stations, resorts, hotels, restaurants, and cafés to name a few.
The common greeting, “How’s it going?” has been replaced by “what’s the Wi-Fi password?” All over the world, people choose hotels, airlines, and even new cars based on Wi-Fi connectivity.
Wi-Fi Roaming in Depth
Roaming occurs when the client has a previous association to an AP and migrates its connection with the same SSID to another AP within overlapping coverage. They do this when roaming to the new AP can provide a better user experience than the current one. Wireless client roaming algorithms are typically optimized to minimize the time required to roam between APs to avoid interruptions to time-sensitive data delivery.
It is important to understand in an 802.11 network, the client device, not the WLAN infrastructure, controls the roaming decision. Nevertheless, the WLAN system still can influence the client’s decision in many ways through load balancing, proprietary fast-roaming feature, and vendor-specific roaming techniques.
To seamlessly access local resources or surf the Internet, regardless of which AP the user is connected to, enterprise WLAN solutions support both layer 2 and layer 3 roaming to keep the same IP address and maintain application sessions seamlessly. As the 802.11 standard defines, a wireless client can only connect to a single AP at any given time; it must break its Tx/Rx (Transmit and Receive) data path with one AP before establishing new connection to another AP.
The Intersection of Mobility and Security
Employees require the mobility to obtain resource access from multiple locations throughout the workplace, while the general public requires it for real-time applications such as voice and video. Enterprise networks also require the strongest security to protect internal sensitive data, as well as the need for shopping or banking online.
In reality, you can’t always get what you want. The trade-off between mobility and security has become an issue to companies because strong security involves time-consuming implementation and maintenance. Companies may leverage weak security with Open or WPA2-Personal mode for high-performance mobility, but this leaves sensitive corporate data at higher risk of exposure. On the other hand, a stronger WPA2-Enterprise mode can be implemented to lower the risk, but this reduces performance due to the time-killing authentication process. So, bringing a more secure Wi-Fi network solves one problem, but creates another!
Implementing a WPA2-Enterprise mode with 802.1X authentication and dynamic encryption-keying provides the best Wi-Fi security for businesses. It takes hundreds of milliseconds for 802.1X authentication with a RADIUS server which is located on the local LAN, or even longer (> 1 sec) if the RADIUS server is located across a WAN link. Due to unpredictable Internet connectivity, this may cause packet loss and reduced performance for most applications. Take VoIP as an example. It transmits frames at regular 20-30ms intervals whereas the quality of conversation becomes unacceptable to users when it reaches 400ms or higher, as they will experience a poor or scrambled audio connection with sound distortion.
Understanding this see-saw effect is a simple concept. It may not be correct for all cases, but it fits for most user-scenarios. Quite honestly enterprise needs a secure and painless implementation and maintenance solution, while end users barely care about what technologies or protocols are used for network applications, except the fact that it should work as smoothly as possible so that we hardly notice there is one.
Where D-Link Solutions Help
The following features are D-Link proprietary technologies on the Unified Wireless System. The main idea is to help with STA roaming to be smarter and more effective, to prevent STAs from connecting to the wrong (or weaker) AP, and to get better performance.
D-Link Fast Roaming Technology
As mentioned earlier, the mobility and security conflicts can be accomplished through fast roaming or session caching techniques that eliminate steps in the authentication process. Fast roaming can only occur after an initial connection has been performed to ensure the client has successfully completed all required authentication and authorization.
To speed up the hand-over time of roaming behavior, the D-Link Unified Wireless solution implements a seamless roaming solution with the following features:
Note: This feature is enabled by default, and works by the backend system.
- Keeping the client’s IP address while it roams (L2-Distributed Tunnel Mode)
The wireless client can keep its IP address after roaming to another AP, regardless of whether it is L2 or L3 roaming. Even if these two APs are in the different subnets, the client can continue keep the same IP address.
- Re-authentication can be totally avoided or re-authentication time can be shortened.
WPA2 Pre-Authentication (WPA2-PSK & Enterprise), Pre-Auth info will be forwarded by the Unified System to neighboring APs, so that the authentication is not needed when STA roams to a neighboring AP.
WPA2 Key Caching (WPA2-PSK & Enterprise), when the client roams to another AP and then roams back; re-authentication is not necessary.
Dynamic Key Forwarding (WPA2-Enterprise), key can be cached in Unified System in the same roaming group to shorten roaming time.
You can prevent STA from connecting/roaming to a crowded or heavy traffic-loaded AP. Once you enable load balancing, you can control the load utilization and maximum STAs that are allowed on the AP.
If Load Balancing is set to ON, this field allows you to set a threshold for the percentage of network bandwidth utilization allowed on the radio. Once the level you setup is reached, the AP stops accepting new client associations. Enter a percentage of utilization from 1 to 100.
Setup the maximum number of stations allowed to associate with this access point (per radio). You can enter a value between 0 and 200.
In most roaming cases, the STA can get stuck to the current associated AP which is already 30-40 meters away, rather than connect to the nearest AP. To avoid this problem and get better performance during the roaming process, the Forced Roaming feature is the one you’re looking for.
Forced Roaming works by sending a de-authentication packet to the STA, which is delivering lower RSSI than the configured threshold on the Unified System, therefore the STA is forced to disconnect from the current associated AP then connect to another AP. This feature would prevent STAs from reconnecting when they are not within the desired range.
Note: RSSI (Received Signal Strength Indicator) is a measurement of the power present in a received radio signal in percentage; the higher the RSSI number, the stronger the signal.
Remember that this is a soft approach, and it is still up the STA to find a better AP to connect to. It may connect back to the same AP, especially if it is the only one within the coverage.
on the AP or controller so that a STA is required to meet the minimum signal level to be able to reliably connect a particular AP that receives higher RSSI from STA.
Note: The signal strength of -30dBm is considered to be RSSI 100%, while -80 ~ -90dBm is RSSI 0%.
With the D-Link Unified Wireless Solution, the proprietary Fast Roaming feature speeds up the roaming processes between APs without sacrificing the security level of sensitive data. The Load Balancing feature utilizes the maximum connected clients and the threshold of wireless utilization to avoid roaming clients from busy or crowded APs. Last but not least, the Forced Roaming feature enables clients to make smarter roaming decisions to associate the AP that provides the strongest signal, rather than to stay connected to the current AP, which is weak and far away from roaming client.
When set up properly, the D-Link Unified Wireless Solution will be the one for you to deliver a consistent roaming experience and sufficient bandwidth to customers.