1 / 80

Wireless Technologies

Wireless Technologies. Ashok K. Agrawala December 16, 2002. Today…. Wireless Traffic Characterization/Sniffing AP Monitoring SIM-based Wireless Security Sensor Networks/Adhoc Networking RSSI based Location Determination. Wireless Traffic Characterization.

stan
Download Presentation

Wireless Technologies

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Wireless Technologies Ashok K. Agrawala December 16, 2002

  2. Today… • Wireless Traffic Characterization/Sniffing • AP Monitoring • SIM-based Wireless Security • Sensor Networks/Adhoc Networking • RSSI based Location Determination

  3. Wireless Traffic Characterization

  4. Understanding Wireless Traffic Characteristics • University UMDnet • >1000 Aps • >300 Now • Large User population • Monitoring • Wired Net • AP • Over the Air (Sniffing)

  5. Wireless Traffic Monitoring • Easy to setup: no interaction with existing infrastructure • Provide local and global status of network nodes at the same time • Provide good traces of 802.11 link-level operations

  6. Captured Information • Physical layer (Prism2 monitor header) • RSSI (Received Signal Strength Indication, SQ (Signal Quality), Signal strength and Noise (in dBm) • 802.11 Link layer • Protocol version, frame type(management, control and data), Duration for NAV(Network Allocation Vector) calculation, BSS Id, Source and Destination address, fragment, sequence numbers • TCP/IP, application layer info also available

  7. 802.11 Basic Architecture Channel-6 WAN Access Point Ethernet LAN Channel-1 Access Point DS (Distribution System)

  8. Sniffing Each Access Point Channel-6 WAN Access Point Ethernet LAN Ch. 6 Sniffer Channel-1 Access Point Ch. 1 Sniffer DS (Distribution System)

  9. Wireless Monitoring –Hidden Terminal Problem, Losses • Hidden Terminal Problem • Difficult for sniffers to detect all the wireless stations. • Various losses are observed in sniffers • Frame loss • AP loss : Some APs are not correctly detected by some cards. • Type loss : Control/Management types are not correctly detected by some cards. • Loss variability • Due to signal strength variability and card variability

  10. Sniffing n APs with m sniffers Channel-6 Hidden Terminals WAN Access Point Ethernet LAN Ch. 6 Sniffer Channel-6 Access Point DS (Distribution System)

  11. Challenges of Wireless Monitoring – Placement of Sniffers • Proper placement of sniffers can improve terminal detection ability and reduce various losses in sniffers. • Where to place sniffers? • Too close to APs: incur signal saturations. • Too far from APs: cause hidden terminals. • How many sniffers to place?

  12. Study to date • Extensive passive observations on loss and loss variability • Observed hidden terminal problems • Observed frame loss, AP loss and Type loss • Observed loss varies from 0% to 100% • Active end-to-end delay experiment • Causes of end-to-end delay in wireless network

  13. Methodology • Location: A.V. Williams Bldg, UMD. • 3 different WLANs (umd, cswireless, nist) • 58 Access Points: 29 Cisco (umd), 12 Lucent (cswireless), 17 Prism2-based (nist) • Sniffers • Linux OS 2.4.19 • Wireless card driver: orinoco_cs • Capturing tool: libpcap 0.7, ethereal 0.9.6 • Wireless cards used: Lucent Orinoco, Linksys, D-Link etc.

  14. Passive Observations: Hidden Terminals and Losses • Hidden terminals: vary depending on cards used in sniffers and sniffer locations. • Loss in sniffers • Frame losses are calculated from 802.11 sequence numbers. • “From-AP” and “To-AP” losses are noted separately. • Findings: • More To-AP losses are observed than From-AP. • Most of To-AP losses are caused by a small number of wireless stations. • Linksys cards cannot detect some APs correctly. • Lucent cards cannot detect ACK/RTS/CTS frames.

  15. Passive Sniffing on Ch. 11 with 6 Sniffers (4th floor, A.V. Williams Bldg) APs Ch.1 Ch.1 Ch.1 Hidden terminals are observed by 6 sniffers. Detected sets of wireless stations vary depending on sniffer locations and the cards used. umd cswireless nist Sniffers L S Z ZoomAir Lucent LinkSys L1 Z1 L3 S3 L2 Z2 Ch.11 Ch.11

  16. Hidden terminals are observed by 6 sniffers. Detected set of wireless stations varies depending on sniffer locations and the cards used. Frame losses calculated by sequence numbers. To-AP frame loss is more than From-AP loss. Majority of losses are caused by a small number of clients.

  17. Linksys and Lucent sniffers are set to Ch. 11. Linksys sniffer has AP losses on AP3 and AP7. Linksys detects AP2, whose channel is 6.

  18. Lucent shows Type loss on control frames (ACK, RTS, CTS and Power-Save).

  19. Passive Observation: Loss Variability • Findings: • Frame loss varies upto 100% during 4-day passive experiments • “To-AP” shows more loss variability than “From-AP” • Card/AP compatibility may affect AP loss variability.

  20. Figure 1. Loss percentage varies from 0% to 100% during 4-day experiment. To-AP loss shows more variability than From-AP loss.

  21. Frame loss varies over the card and the associated AP: All the traffics are measured in the same experiment. Card variability affects frame loss.

  22. Diagnosis on End-to-end Delay • Active experiment set-up • Use NetDyn on wireless network • Source, echo and sink timestamps are available • Source and sink machines are the same • Sniffers are in between source(sink) and AP • Objective: infer the causes of high RTT end-to-end delays, using the sniffer traces.

  23. NetDyn NetDyn Tool Fine-grained RTT measurements Expose fine-grain characteristics of Networks

  24. Avg loss of both F/B paths < 3% NetDyn Packet Loss (Average) Avg loss of both F/B paths > 10% 90° 67.5° 112.5° 45° 135° Problem case 1 X X 22.5° X 157.5° X X X X S S 180° S 0° Ch.11 Problem case 2 72 48 36 24 24 36 48 60 72 84 96 84 60 12 0 12 96

  25. Effect of Weak Signal Strength • Problem Case 1:RTT(Roundtrip Time) delay of 1 second and 57% packet loss. • Weak signal strength causes retransmissions between source and the AP. • Delays occur in the sending buffer in source.

  26. High RTT delays up to 0.8 seconds and 57% packet loss.

  27. Source, echo, sink timestamps (by NetDyn), From-AP, To-AP timestamps (by sniffers). Delays exist between source and echo every 0.5 second periodically. No high delays exist on wireless path.

  28. Signal strength is consistently low, which incurs many retransmissions between source and the AP.

  29. Effect of Signal Strength and Card Variability • Problem Case 2: RTT delay of 2.2 seconds and 75% packet loss. • Signal strength variability makes the AP shift the sending data rate (at 11/5.5/2 mbps adaptively). • Source wireless card fails to receive traffic at lower data rates (due to card implementation variability). • Delays occur on wireless “From-AP” path due to many retransmissions at lower data rates.

  30. High RTT delays up to 2.3 seconds and 75% packet loss.

  31. Source, echo, sink timestamps. Delays exist between echo and sink.

  32. To-AP/From-AP traffics are captured by the sniffers. Delays may reside on wired echo-AP path or wireless AP-sink path.

  33. RTS/CTS data rates captured by sniffers. AP tries to synchronize its data rate with source consistently.

  34. AP varies data rates at 11, 5.5 and 2 Mbps (From-AP data rate, graph on top). Source but cannot synchronize with the AP, send/receive packets only at 11Mbps (To-AP data rate, graph at bottom).

  35. High variability in signal strength is observed by sniffers, which causes AP to shift data rate adaptively.

  36. Where are we? • Sniffing in wireless environment is much more difficult than we thought • Using multiple sniffers we can get a good estimate of wireless traffic

  37. Access Point Monitor(APM) Kevin Kamel Jaime Lafleur-Vetter

  38. Why APM? • Currently Available AP Monitoring Tools • Provided By The Manufacturer • Closed source • Unsupported • Functionality • Limited feature set • Not extendable • Difficult to use • More robust solution needed

  39. Introducing APM • AP Platform • Soekris NET4521 Board • 486 133mhz AMD (x86) • 64MB onboard RAM • 64MB compact flash • Prism2 PCMCIA card • In Host AP mode • External Antenna • RJ-45 Port for LAN/WAN connectivity • Operating System • Customized OpenBSD 3.2

  40. APM (Continued) • AP Patch • Extends open source AP software • Sends event messages to kernel device • System daemon • Reads and broadcasts events over the wire. • Listens for Admin requests • Sets daemon and AP configuration settings • Monitor Client • .NET Windows GUI • Listens for broadcasted events from the AP • Displays event information graphically • Sends configuration information

  41. Current Features • Multiple simultaneous monitor applications that can see multiple APs. • Station Monitoring • Current state (i.e. Auth, Assoc) • Event history • AP Diagnostics • Interface counters • Logger

  42. Feature Walkthrough:Initialized View

  43. Feature Walkthrough: Initialized Statistics

  44. Feature Walkthrough:Clients Are Logged In

  45. Feature Walkthrough:Client Disassociates

  46. Feature Walkthrough:Client times out

  47. Feature Walkthrough:AP Interface Statistics

  48. Features Under Development • Administrative Control • Settings: TX Rate, SSID, MTU, Channel, MAC • Control: Shutdown, Restart • Access: Wireless client ACL support • On Board Packet Monitoring • Obsoletes traditional wireless packet capture • Traffic log • User Friendly Addressing • Alias MAC addresses

More Related