RealTime IT News

Troubleshooting Your 802.11 WLAN

Last month we discussed how RF interference hinders the installation of wireless LANs, and we covered the use of site survey tools that help with deployments. Once you have the network installed, everything should continue to operate without any problems, right? Don't count on it!

Unforeseen problems can drive you crazy
Chances are that you'll eventually encounter troubles with an 802.11 deployment because of unplanned environmental changes (e.g., moved walls), utilization growth, security breaches, and improper configuration parameters. These problems go beyond what site survey tools can detect before installation. Let's look at some examples.

An 802.11 network may easily satisfy a handful of users at first. As the company starts seeing the benefits of wireless, they'll likely add more applications and users to the wireless LAN. This increases network utilization, which often leads to operational delays that aggravate users. In most cases without the use of effective support tools, you won't know that a problem exists until users start complaining.

To make matters worse, the performance of an 802.11 network is difficult to forecast. The 11 Mbps data rate of 802.11b doesn't mean that each end user can depend on that rate for sending information. The real throughput depends on the number of other users who are actively accessing the network at the same time, with the actual throughput closer to 5 to 6 Mbps at best with just a few users. The throughput will decrease even more as you add more simultaneous users.

Because of current inadequacies of 802.11 WEP, you might not plan to implement any security mechanisms on your wireless LAN in the foreseeable future. Keep in mind, however, that wireless intruders may try accessing and damaging your network resources. If you do utilize WEP, intruders can still easily crack into your system. Some enjoy doing this for fun just outside your facility, using free tools such as AirSnort that passively determines the WEP key after monitoring applicable 802.11 traffic. The bottom line is that you need to carefully monitor traffic on your network to spot corrupt activity.

The vast number of 802.11 configuration parameters do a good job of leading users astray, resulting from wrong SSIDs, network usage conflicts with other users because of hidden nodes, and conflicting access point channel allocations. In some cases, such as a user with an SSID that doesn't match the one at the access point, the problem results in no network connection at all. Hidden node problems and channel allocations often result in poor performance. The dilemma is that many factors can be the source of poor performance, and it's difficult to find the root causes.

802.11 network analyzers to the rescue
All of the above problems and others that are "protocol-related" are difficult to solve without the use of an 802.11 network analyzer, which is special software that runs on a laptop equipped with an 802.11b radio card. As examples, take a look at Sniffer Technologies (Santa Clara, CA) Sniffer Wireless and Wildpackets (Walnut Creek, CA) AiroPeek.

The following provides an overview of the major functions these analyzers provide:

  • Monitoring and Capturing. The analyzer passively monitors and captures all data traffic sent over the wireless LAN within radio range of the analyzer and stores the data in a defined buffer on the laptop's hard drive. The passive operation of the analyzer avoids adding any performance impact on the network.
  • Decoding. The analyzer interrogates the received data and decodes its protocol type and frame structure. This includes the definition of all 802.11 control, management, and data frames, as well as other information embedded within the frames, such as SSID, access point channels, and data rates of each user's radio. Analyzers decode WEP encrypted data if you configure the analyzer with the proper WEP key. Most also decode higher layer protocols, such as TCP/IP, AppleTalk, and NetBEUI.
  • Filtering. The analyzer filters the received data and then performs statistical analysis, displaying the results in various ways. This offers a flexible means for monitoring and troubleshooting the network. For example, an analyzer can display all access point and user SSIDs, which will help spot whether an end user is trying to associate using a wrong SSID. Analyzers can also display the actual throughput of all users (by specific channel) and identify unauthorized users and access points that don't fit an acceptable profile.

    Should I purchase an 802.11 network analyzer?
    The answer to this question depends on your involvement in wireless LANs. Expect to pay several thousand to ten thousand dollars for 802.11 analyzer software, depending on the richness of its features. Is this expense worth it? That's for you to ultimately decide; however, here are some general questions to consider before plunking down the money to buy an analyzer:

    1. Are you currently having problems that a network analyzer can help resolve?
    2. Are you a system integrator or IS department that supports multiple wireless LANs (even if each one is relatively small)?
    3. Does your wireless LAN you support have greater than ten access points?
    4. Does your wireless LAN include greater than 25 users?
    5. Do you have enough money?

    If the answer to the majority of these questions is yes (especially questions 1 and 2), then you'll likely benefit by owning an 802.11 analyzer. Otherwise, it'll probably be more cost effective to hire someone with an 802.11 analyzer to perform tests when needed.

    Author Biography: Geier provides independent consulting services to companies developing and implementing wireless networks. He is the author of the book, Wireless LANs (2nd Edition), and his Online Guide to wireless networking is located at