Hello.
Wi-Fi: non-obvious nuances for good carding (for example, a home network)
Many carders are buying 802.11n access points these days, but not everyone is able to achieve good speeds. In this post, we will talk about not very obvious small nuances that can significantly improve (or degrade) Wi-Fi performance. Everything described below is applicable both to home Wi-Fi routers with standard and advanced (DD-WRT & Co.) firmware, and to corporate hardware and networks. Therefore, as an example, let us take the "home" theme, as more dear and close to the body. For even the most administrative admins and engineering engineers live in apartment buildings (or villages with a sufficient density of neighbors), and everyone wants fast and reliable Wi-Fi.
A few notes before starting:
- The style of presentation is deliberately simplified, because some things you may have to explain to neighbors who are completely unfamiliar with the basics of radio networks, the 802.11 standard, and government regulations.
- Everything described below is of a recommendation nature. They may not apply to your situation. There are exceptions to any rule that are omitted for brevity. The limiting cases can be discussed in the comments.
- Please pay attention to the word "non-obvious". A detailed proof of some of the theses requires immersion in standards, I do not want to do this (although I had to a couple of times).
1. How to live well yourself and not disturb your neighbors.
[1.1] It would seem - what is already there? Crank the point at full power, got the maximum possible coverage - and rejoice. Now let's think about it: not only the signal from the access point has to reach the client, but also the signal from the client has to reach the point. The power of the TD transmitter is usually up to 100 mW (20 dBm). Now look in the datasheet for your laptop / phone / tablet and find the power of its Wi-Fi transmitter there. Found it? You are very lucky! Often it is not indicated at all (you can search by
FCC ID). However, we can confidently state that the power of typical mobile clients is in the 30-50 mW range. Thus, if the AP broadcasts at 100mW, and the client only at 50mW, there will be places in the coverage area where the client will hear the point well, and the client's AP - bad (or will not hear at all) - asymmetry.
This is true even taking into account the fact that the point usually has better reception sensitivity - look under the spoiler. Again, this isn't about range, it's about symmetry. There is a signal, but there is no connection. Or downlink is fast and uplink is slow. This is true if you use Wi-Fi for online games or Skype, for normal Internet access this is not so important (only if you are not on the edge of the coverage). And we will complain about a poor provider, a buggy point, driver curves, but not about illiterate network planning.
Rationale (for those interested in the details).
Conclusion: it may turn out that in order to obtain a more stable connection, the power of the point will have to be reduced[/B] . Which, you see, is not entirely obvious
[1.2] Also far from the most well-known fact, adding to the asymmetry, is that the majority of client devices have the transmitter power reduced on the "extreme" channels (1 and 11/13 for 2.4 GHz). Here is an example for an iPhone from the
FCC documentation (Power at Antenna Port).
As you can see, on the extreme channels, the transmitter power is ~ 2.3 times lower than on the middle ones. The reason is that Wi-Fi is a broadband connection, it will not be possible to keep the signal clearly within the channel frame. So it is necessary to reduce the power in "borderline" cases so as not to affect the bands adjacent to the ISM.
Conclusion: if your tablet does not work well in the toilet, try moving to channel 6.
2. Speaking of channels
Everyone knows the "non-intersecting" channels 1/6/11. So, they overlap! Because Wi-Fi, as mentioned earlier, is a broadband technology and it is impossible to completely contain the signal within the channel. The illustrations below demonstrate the effect for 802.11n OFDM (HT). The first illustration shows the 802.11n OFDM (HT) spectral mask for a 20MHz channel at 2.4GHz (taken straight from the standard). Vertical - power, horizontal - frequency (offset from the center frequency of the channel). In the second illustration, I have overlaid the spectral masks of channels 1,6,11, taking into account the neighborhood. We draw two important conclusions from these illustrations.
[2.1] Everyone thinks that the channel width is 22MHz (it is). But, as the illustration shows, the signal does not end there, and even non-intersecting channels do overlap: 1/6 and 6/11 - by ~ -20dBr, 1/11 - by ~ -36dBr, 1/13 - by -45dBr.
An attempt to put two access points tuned to adjacent "non-overlapping" channels close to each other will cause each of them to interfere with the neighbor in 20dBm - 20dB - 50dB [which we add to the signal propagation loss for a short distance and a small wall] = -50dBm! This level of noise can completely overwhelm any useful Wi-Fi signal from the next room, or block your communications entirely!
Conclusion: if you put a dot next to the wall, and your neighbor is on the other side of the wall, his dot on the adjacent "non-overlapping" channel can still cause you serious problems. [/B]Try to calculate the noise values for channels 1/11 and 1/13 and draw your own conclusions.
Similarly, some people try to "compact" the coverage by placing two points tuned to different channels on top of each other in a stack - I think there is no need to explain what will happen (the exception here will be competent shielding and competent antenna spacing - everything is possible if you know how).
[2.2] The second interesting aspect is the attempts of slightly more advanced users to "escape" between the standard 1/6/11 channels. Again, the logic is simple: "I will catch less interference between channels." In fact, no less interference is usually caught, but more. Previously, you suffered completely from only one neighbor (on the same channel as you). But these were not the interference of the first OSI layer (interference), but the second one - collisions - since your point shared a collision domain with a neighbor and coexisted in a civilized manner at the MAC-level. Now you are catching interference (Layer1) from two neighbors on both sides.
As a result, delay and jitter may have tried to decrease a little (since there are no collisions now), but the signal-to-noise ratio has also decreased. And with it the speeds have decreased (since each speed requires a certain minimum SNR - see [3.1]) and the percentage of good frames (since the SNR margin has decreased, the sensitivity to random bursts of interference has increased). As a result, retransmit rate, delay, jitter usually increase, and bandwidth decreases.
In addition, with a significant overlap of channels, it is still possible to correctly receive a frame from an adjacent channel (if the signal-to-noise ratio allows) and still get a collision. And if the interference is above -62dBm, the above-mentioned CCA mechanism will simply not allow you to use the channel. This only aggravates the situation and negatively affects the throughput.
Conclusion: do not try to use non-standard channels without calculating the consequences, and discourage neighbors from doing so. In general, the same as with power: discourage neighbors from turning on points at full power on non-standard channels - there will be less interference and collisions for everyone. How to calculate the consequences will become clear from [3].
[2.3] For approximately the same reasons, you should not put the access point near the window, unless you plan to use / distribute Wi-Fi in the yard. There is no sense in the fact that your point will shine into the distance, you personally will not - but you will collect collisions and noise from all neighbors in line of sight. And add yourself to the clutter of the ether. Especially in apartment buildings built in zigzags, where neighbors' windows look at each other from a distance of 20-30m. For neighbors with dots on the windowsills, bring lead paint on the windows
[2.4] Also, for 802.11n, the issue of 40MHz channels is relevant. My recommendation is to enable 40MHz in “auto” mode at 5GHz, and not to enable (“20MHz only”) in 2.4GHz (the exception is the complete absence of neighbors). The reason is that in the presence of 20MHz neighbors, you are most likely to get interference on one of the halves of the 40MHz channel + 40 / 20MHz compatibility mode will turn on. Of course, you can hard-code 40MHz (if all your clients support it), but the hindrance will still remain. As for me, stable 75Mbps per stream is better than unstable 150. Again, exceptions are possible - the logic from [3.4] applies.
3. Speaking of speeds.
[3.1] We have already mentioned rates (rate / MCS - not throughput) several times in conjunction with SNR. Below is a table of the required SNRs for rates / MCS, compiled by me based on the materials of the standard. Actually, this is why the receiver sensitivity is lower for higher speeds, as we noted in [1.1].
In 802.11n / MIMO networks,
MRC and other multi-antenna tweaks can provide the desired SNR even with a lower input signal. Usually, this is reflected in the sensitivity values in datasheets.
From this, by the way, we can draw another conclusion: the
effective size (and shape) of the coverage area depends on the selected rate (rate / MCS). This is important to consider in your expectations and when planning your network.
[3.2] This item may not be feasible for owners of access points with very simple firmware that do not allow setting Basic and Supported Rates. As mentioned above, the rate (rate) depends on the signal-to-noise ratio. If, say, 54Mbps requires 25dB SNR, and 2Mbps requires 6dB, then it is clear that frames sent at 2Mbps will "fly" farther, i.e. they can be decoded from a greater distance than faster frames. Here we come to Basic Rates: all service frames, as well as broadcasts (if the point does not support BCast / MCast acceleration and its variations), are sent at the lowest Basic Rate. This means that your network will be visible from many quarters.
Here's an example (thanks to Motorola AirDefense).
Again, this adds to the picture of collisions considered in [2.2]: both for the situation with neighbors on the same channel, and for the situation with neighbors on close overlapping channels. In addition, ACK frames (which are sent in response to any unicast packet) also go at the minimum Basic Rate (if the point does not support their acceleration)
Conclusion: turn off low speeds - both for you and for your neighbors, the network will work faster. For you - due to the fact that all the service traffic will start to go faster, for neighbors - due to the fact that now you do not create collisions for them (however, you still create interference for them - the signal has not gone anywhere - but usually enough low). If you convince your neighbors to do the same, your network will work even faster.
[3.3] It is clear that when low speeds are turned off, it will be possible to connect to the point only in the area of a stronger signal (SNR requirements have become higher), which leads to a decrease in effective coverage. The same is the case with power reduction. But here you can decide what you need: maximum coverage or fast and stable connection. Using the datasheet and datasheets of the point manufacturer and clients, it is almost always possible to achieve an acceptable balance.
[3.4] Another interesting question is the compatibility modes (the so-called "Protection Modes"). Currently there is a compatibility mode bg (ERP Protection) and a / gn (HT Protection). In any case, the speed drops. How much it falls is influenced by a bunch of factors (there will be enough material for two more articles), I usually just say that the speed drops by about a third. At the same time, if you have an 802.11n point and an 802.11n client, but a neighbor has a g point behind the wall, and his traffic reaches you, your point will fall into compatibility mode in the same way, because the standard requires it. It's especially nice if your neighbor is homemade and sculpts something based on an 802.11b transmitter.
What to do? Just as with the departure to non-standard channels - evaluate what is more important for you: collisions (L2) or interference (L1).
If the signal level from the neighbor is relatively low, switch the points to pure 802.11n (Greenfield) mode : it is possible that the maximum throughput will decrease (SNR will decrease), but traffic will flow more evenly due to getting rid of excessive collisions, bursts of guard frames and switching modulations. Otherwise, it is better to endure and talk to your neighbor about the AP power / movement. Well, or put a reflector ... Yes, and do not put a dot on the window!
[3.5] Another option is to move to 5 GHz, where the air is cleaner: there are more channels, there is less noise, the signal is weakened faster, and the points are more expensive, which means there are fewer of them. Many people buy a dual radio point, configure 802.11n Greenfield at 5 GHz and 802.11g / n at 2.4 GHz for guests and all kinds of gadgets that don't need speed anyway. And it's safer this way: most script kiddies don't have the money for expensive toys with 5 GHz support.
For 5 GHz, remember that only 4 channels work reliably: 36/40/44/48 (for Europe, for the US there are 5 more). The rest have radar coexistence (
DFS) enabled. As a result, the connection may periodically disappear.
4. Speaking of security
We will mention some interesting aspects here as well.
[4.1] How long should the PSK be? Here is an excerpt from the text of the 802.11-2012 standard, section M4.1:
Keys derived from the pass phrase provide relatively low levels of security, especially with keys generated form short passwords, since they are subject to dictionary attack. Use of the key hash is recommended only where it is impractical to make use of a stronger form of user authentication. A key generated from a passphrase of less than about 20 characters is unlikely to deter attacks.
Conclusion: well, who has a home point password of 20+ characters?
[4.2] Why is my 802.11n point not "overclocking" above a / g speeds? And what does this have to do with safety?
The 802.11n standard only supports two encryption modes: CCMP and None. Wi-Fi 802.11n Compatible certification requires that when TKIP is enabled on the radio, the point ceases to support all new 802.11n speed modes, leaving only 802.11a / b / g speeds. In some cases, you can see associations at higher rates, but the throughput will still be low.
Conclusion: forget about TKIP - it will still be banned from 2014[/B] (Wi-Fi Alliance plans).
[4.3] Should I hide the (E) SSID? (this is a more well-known topic)
5. All sorts of things
[5.1] A little about MIMO. For some reason, to this day, I come across formulations like 2x2 MIMO or 3x3 MIMO. Unfortunately, this wording is of little use for 802.11n, since it is also important to know the number of Spatial Streams. A 2x2 MIMO point can only support one SS, and will not go above 150Mbps. A point with 3x3 MIMO can support 2SS, being limited to only 300Mbps. The complete MIMO formula looks like this: TX x RX: SS. It is clear that the number of SS cannot be more than min (TX, RX). So the above points will be written as 2x2: 1 and 3x3: 2. Many wireless clients implement 1x2: 1 MIMO (smartphones, tablets, cheap laptops) or 2x3: 2 MIMO.
So it is useless to expect 450Mbps from a 3x3: 3 AP when working with a 1x2: 1 client. However,
buying a point like 2x3: 2 is still worth it , because more receiving antennas add MRC Gain. The greater the difference between the number of receiving antennas of a point and the number of transmitting antennas of the client, the greater the gain (if on fingers). However, multipath comes into play.
[5.2] As you know, multipath for 802.11a / b / g networks is evil. An access point placed with an antenna in a corner may not work in the best way, and an access point extended from this corner by 20-30 cm can show a much better result. Likewise for clients, rooms with complex layouts, heaps of metal objects, etc.
For MIMO networks with MRC and especially for
multi-SS operation (and therefore to get high speeds) multipath is a prerequisite. For if it does not exist, it will not work to create several spatial streams. It is difficult to predict anything without special planning tools here, and even with them it is not easy. Here is an example of calculations from Motorola LANPlanner, but only radio reconnaissance and testing can give an unequivocal answer.
It is more difficult to create a multipath environment for three SSs than for two SSs. Therefore, the newfangled 3x3: 3 dots usually operate at maximum performance only in a small radius, and even then not always. Here's an
eloquent example from HP (digging deeper into the announcement of their
first point 3x3: 3 - MSM460)
[5.3] Well, and some interesting facts for the collection:
- The human body attenuates the signal by 3-5dB (2.4 / 5GHz). By simply turning to face the point, you can get higher speed.
- Some dipole antennas have an asymmetric H-plane ("side view") pattern and perform better when inverted.
- In an 802.11 frame, up to four MAC addresses can be used simultaneously, and in 802.11s (the new standard on mesh) up to six!
Total
802.11 technology (and radio networks in general) has many non-obvious features. Personally, I have tremendous respect and admiration for the fact that people have perfected such a complex technology to the level of "plug-and-play". We examined (in varying amounts) different aspects of the physical and link layer of 802.11 networks:
- Capacity asymmetry
- Limitations on transmit power in border channels
- Crossing "non-overlapping" channels and consequences
- Work on "non-standard" channels (other than 1/6/11/13)
- Работу механизма Clear Channel Assessment and blocking the channel
- The dependence of the rate (rate / MCS) on SNR and, as a consequence, the dependence of the receiver sensitivity and coverage area on the required speed
- Features of service traffic forwarding
- Consequences of enabling low speed support
- Consequences of enabling compatibility modes support
- Channel selection in 5GHz
- Some fun aspects of security, MIMO and more.
Not everything was considered in full and exhaustive form, as well as unobvious aspects of coexistence of clients, load balancing, WMM, power and roaming, exotic such as Single-Channel Architecture and individual BSS were left behind - but this is already a topic for networks of a completely different scale. If you follow at least the above considerations, in an ordinary residential building you can get quite a decentcommunismmicrocell as in high-performance corporate WLANs. I hope you found the article interesting.
Setting up a Wi-Fi connection for carding is described in detail in this topic, please read:
