WHITE PAPER
As WLANs become more critical to core business functions, the operational aspects of wireless networking have become a primary enterprise IT concern. How can WLANs be deployed easily and cost-effectively? How can enterprise wireless networks be managed with limited IT resources? How can a WLAN scale without sacrificing reliability, availability, or performance?
Cisco Systems® incorporates unique, patent-pending software within its wireless LAN controllers, offering a lightweight solution for WLANs that addresses the operational challenges of enterprise wireless networking. At the heart of this embedded software are intelligent Radio Resource Management (RRM) algorithms designed to consistently fine-tune WLAN parameters to best meet ongoing WLAN requirements. This paper discusses how these RRM algorithms work and addresses how real-time RF management can be used to improve WLAN operations, tighten wireless security, and enable enterprises to support wireless applications that are critical to day-to-day business functions.
THE WIRELESS SPECTRUM-A FIXED RESOURCE
The most common response to strained network capacity is to add more access points. However, wireless is a fixed resource-there are only three channels available as part of 802.11 b/g standard, each with substantial bandwidth and hence spectral overlap. To minimize co-channel interference, channels 1, 6, and 11 are usually the only ones used in medium to high-density enterprise deployments. As a result, adding more access points can actually exacerbate performance problems as opposed to correcting them. This situation can be somewhat improved by using 802.11a, which provides significantly more channels than 802.11 b and g.
COVERAGE BEYOND BUILDING WALLS
Traditional wired networks have the benefit of physical security. Wired jacks are located inside a building, which means that card keys and security passes can be used to keep out unauthorized users. This level of physical protection does not exist in a wireless world. Radio signals can radiate beyond physical walls, potentially expanding an enterprise WLAN into a parking lot or neighboring building. Proper RF design, transmit power control, and advanced location technology are required to minimize this problem.
STATISTICAL OR DETERMINISTIC?
Wired networks are deterministic in nature-Layer 2 (Ethernet) and Layer 3 (IP) switches and routers are well-understood and predictable. However, the user experience in a wireless network is dependent on radio propagation and other building characteristics, which can change rapidly, affecting connection speeds and error rates. An urban office's RF environment will look dramatically different at 10 a.m., when hundreds of people are walking around, than at 3 a.m., when doors are closed, no people are present, and neighboring offices and cafés are not generating RF interference.
What makes this more difficult is that while adept at Layer 2 and 3 management, IT professionals usually have limited knowledge about wireless and RF propagation. As these issues directly affect the quality of service (QoS) delivered to users, wireless users may not have the same experience that they are accustomed to from the wired data network.
A NEW WLAN ARCHITECTURE
Cisco has designed a centralized, lightweight WLAN architecture to holistically address the unique RF management needs of enterprises. A core component is its "split MAC" architecture, where the processing of 802.11 data and management protocols and access point capabilities is distributed between a lightweight access point and a centralized WLAN controller (Figure 1). More specifically, time-sensitive activities, such as beacon handling, handshakes with clients, media access control (MAC) layer encryption, and RF monitoring, are handled in the access point. All other functions are handled in the WLAN controller, where systemwide visibility is required. This includes 802.11 management protocol, frame translation, and bridging functions, as well as systemwide policies for user mobility, security, QoS, and, perhaps most importantly, real-time RF management.
Figure 1. Typical Split-MAC Architecture
CISCO WIRELESS LAN CONTROLLERS
Real-time RF management is key to the Cisco lightweight wireless solution, and a unique product differentiator. The Cisco Wireless LAN Controller uses dynamic algorithms to create an environment that is completely self-configuring, self-optimizing, and self-healing, making Cisco WLANs ideal for the delivery of secure and reliable business applications. This is done via the following specific RRM functions:
• Radio resource monitoring
• Dynamic channel assignment
• Interference detection and avoidance
• Dynamic transmit power control
• Coverage hole detection and correction
• Client and network load balancing
Radio Resource Monitoring
Management of an RF network requires strong visibility into the factors affecting the air space. Cisco lightweight access points are specially designed to not only offer service, but to also monitor all channels at the same time. This is a result of the extensive development work Cisco has performed on the 802.11 MAC layer as part of its split MAC architecture.
In addition to offering service, Cisco lightweight access points can simultaneously scan all valid 802.11a/b/g channels for the country of operation, as well as for channels valid in other geographies. This provides the highest level of protection-the system will discover rogue access points that might be imported from other countries, or a hacker that knows how to change the country of operation such that the rogue would be out of band and not detected by most WLAN intrusion detection systems (IDSs).
The Cisco lightweight access point goes "off-channel" for a period not greater than 60 ms to listen to these channels. Packets collected during this time are sent to the Cisco Wireless LAN Controller, where they are analyzed to detect rogue access points (whether service set identifiers [SSIDs] are broadcast or not), rogue clients, ad-hoc clients, and interfering access points.
By default, each access point spends only 0.2 percent of its time off-channel. This is statistically distributed across all access points so that adjacent access points are not scanning at the same time, which could adversely affect WLAN performance. This enables administrators to build a picture of what is happening in their WLANs from the perspective of every access point, and increases network visibility beyond what an overlay network can provide, eliminating the "hidden node" problem that can result when air monitors are deployed for every three to five access points.
Note: Cisco lightweight access points can be deployed exclusively as air monitors if required, but cost metrics and increased network visibility typically drive end users to deploy them as described above.
Dynamic Channel Assignment
802.11 MAC capability requires a collision avoidance scheme with binary exponential backoff, called Carrier-Sense Multiple Access/Collision Avoidance (CSMA/CA). The 802.11 MAC layer is defined by a four-way exchange protocol:
Request to Send (RTS) <-> Clear to Send (CTS)
Data <-> ACK
When a station has something to say, it announces it to the media. An access point will allow the station to send its data if the medium is open. If not, the station will be told to wait to transmit until other stations using that medium are finished with it. This prevents two clients from transmitting on the same channel at the same time, which would result in corrupted frames.
With CSMA/CA, two access points on the same channel (in the same vicinity) will get half the capacity of two access points on different channels. This becomes an issue, for example, when someone reading e-mail in a café affects the performance of the access point in a neighboring business. Even though these are completely separate networks, someone sending traffic to the café on Channel 1 can cause data corruption in an enterprise using the same channel. Cisco wireless LAN controllers address this problem and other co-channel interference issues by dynamically allocating access point channel assignments to avoid conflict. Since the Cisco lightweight solution has enterprisewide visibility with its RRM tools, channels are "reused" to avoid wasting scarce RF resources. In other words, Channel 1 will be allocated to a different access point far from the café. This is much more effective than not using Channel 1 altogether, which is what other WLAN systems often do.
The Cisco Wireless LAN Controller's dynamic channel assignment capabilities are also useful in minimizing co-channel interference between adjunct access points in a Cisco lightweight WLAN solution. For example, with 802.11a, channels 35 and 40 cannot both simultaneously use 54 Mbps, depending on the orientation of the access points and clients. By assigning channels, the Cisco Wireless LAN Controller keeps adjacent channels separated, avoiding this problem (Figure 2).
Figure 2. Dynamic Channel Assignment
The Cisco Wireless LAN Controller examines a variety of real-time RF characteristics to efficiently handle channel assignments. These include:
• Access point received energy-This is the static topology of the network; this feature optimizes channels for the highest network capacity.
• Noise-This limits signal quality at the client and access point. An increase in noise reduces the effective cell size. By optimizing channels to avoid noise sources, the Cisco Wireless LAN Controller can optimize coverage while maintaining system capacity. If a channel is unusable due to excessive noise, that channel can be avoided.
• 802.11 interference-If other wireless networks are present, the Cisco Wireless LAN Controller will shift the usage of channels to complement the other networks. For example, if one network is on Channel 6, an adjacent WLAN will be assigned Channel 1 or 11. This increases the capacity of the network by limiting the sharing of frequencies. If a channel is used so much that no capacity. is available, the Cisco Wireless LAN Controller may choose to avoid this channel.
• Utilization-When this is turned on, the capacity calculations can consider that some access points are deployed in ways that carry more traffic than other access points (a lobby versus an engineering area, for example). More emphasis is given to assigning channels to the access points that require the most bandwidth.
• Client load-Client load is taken into account when changing the channel structure to minimize the impact on the clients currently on the WLAN system. The Cisco Wireless LAN Controller periodically monitors the channel assignment in search of the "best" assignments. Change only occurs if it significantly improves the performance of the network or corrects the performance of a poorly performing access point.
The Cisco Wireless LAN Controller combines the RF characteristic information with intelligent algorithms to make systemwide decisions. Conflicting demands are resolved using soft decision metrics that guarantee the best choice for minimizing network interference. The end result is the optimal channel configuration in a three-dimensional space, where access points on the floor above and below play a major factor in an overall WLAN configuration.
Interference Detection and Avoidance
"Interference" is defined as any 802.11 traffic that is not part of the Cisco WLAN system, including a rogue access point, a Bluetooth device, or a neighboring WLAN. Cisco lightweight access points are constantly scanning all channels looking for major sources of interference (Figure 3).
If the amount of 802.11 interference a predefined threshold (the default is 10 percent), a trap is sent to the Cisco Wireless Control System (WCS).The Cisco Wireless LAN Controller will attempt to rearrange channel assignments to increase system performance in the presence of the interference. This might result in adjacent Cisco lightweight access points being on the same channel, but logically this is a better choice (due to utilization) than staying on a channel that is totally unusable due to an interfering access point.
Figure 3. Dynamic Channel Assignment Reacting to Interference
An administrator can view the RF environment in real time from Cisco WCS (Figure 4). This aids in understanding what is happening in the air space, particularly when attempting to troubleshoot WLAN problems.
Figure 4. Cisco WCS Radio Statistics View
Dynamic Transmit Power Control
Proper access point transmit power settings are essential for smooth WLAN operations. This is also required for network redundancy and helping to ensure real-time failover in the event of access point loss.
The Cisco Wireless LAN Controller is used to dynamically control access point transmit power based on real-time WLAN conditions. In normal instances, power can be kept low to gain extra capacity and reduce interference. The Cisco lightweight solution will attempt to balance access points such that they see their neighbors at -65 dbm, based on best practices experience.
If a failed access point is detected, power can be automatically increased on surrounding access points to fill the gap created by the loss in coverage. WLAN solutions that only allow for static configuration of transmit power are severely limited in their ability to support dynamic network requirements.
Cisco RRM algorithms are designed to create the optimal user experience. For example, if an access point's power is turned down to Level 4 (where Level 1 = highest and Level 5 = lowest) and a user's received signal strength indicator (RSSI) value drops below an acceptable threshold, the access point power will be increased to provide a better experience to that client. Power will never be lowered if a user is at the threshold.
Individual power levels and access point neighbor information can be easily viewed from within Cisco WCS (Figure 5).
Figure 5. Monitoring Power Levels with Cisco WCS
Coverage Hole Detection and Correction
If clients on an access point are detected at low RSSI levels, Cisco lightweight access points will send a "coverage hole" alarm to Cisco WCS. This indicates the existence of an area where clients are continually getting poor signal coverage, without having a viable location to roam to.
The administrator can look up the historical record of access points to see if these alarms are chronic, indicating the existence of a persistent coverage hole as opposed to an isolated problem. If it makes sense, the Cisco Wireless LAN Controller will adjust access point power levels to correct the detected hole. If not, accurate location information can be used to help IT staff rectify the problem.
Client and Network Load Balancing
WLAN capacity is only effective if clients can be load-balanced in such a way that they take advantage of this capacity. Unfortunately, clients are not smart enough to make their own decisions on this front, even if it would result in better performance. For example, all users in a conference room can associate with a single access point due to its close proximity, ignoring other access points that are farther away but much less utilized.
The Cisco Wireless LAN Controller provides a centralized view of client loads on all access points. This can be used to influence where new clients attach to the network. In addition, if set up to do so, the Cisco lightweight wireless solution can proactively "herd" existing clients to new access points to improve WLAN performance. This results in a smooth distribution of capacity across an entire wireless network.
A TRUE REAL-TIME SOLUTION
The Cisco solution-Cisco WCS lightweight access points, and wireless LAN controllers-delivers real-time RF management. Other WLAN vendors have tried to address RF spectrum issues in different ways, falling short of Cisco's ability to truly detect RF changes in real time and adjust WLAN configurations accordingly.
Some WLAN implementations, for example, handle channel assignments by having access points listen for the least active channel. This implementation results in the access point making a channel decision that only accounts for a point in time, and usually ends up with the access point on a channel other than 1, 6, or 11. As this is susceptible to interference, it may not work in many enterprise environments.
Another strategy involves developing a network management application that lets IT staff group access points together and send those access points to the same channel, where they will send out beacons at multiple power levels. The results are analyzed to create a crude topology for WLAN channel assignments, which is saved and then sent to the access points by the administrator. The problem with this approach is that a multifloor building will always have both vertical and horizontal overlap. These applications typically do not account for both, and often create just a partial topology. In addition, these scans are disruptive to WLAN operations, and should be run during non-business hours-at which time, unfortunately, buildings are typically empty, with closed doors and quiet neighboring WLANs-yielding a very different RF story than what would be seen midday. The RF environment is dynamic; IT staff cannot rely on a snapshot for WLAN configuration, especially if that snapshot is taken off-peak.
It is also difficult for enterprises to rely on site survey tools and scheduled sweeps of the RF to handle WLAN configuration. Even tools that enable "one-touch" WLAN analysis and configuration pushes are not dynamic enough to account for real-world wireless traffic. They also require hands-on IT intervention, making them ill-equipped to handle large enterprise wireless networks.
Real-time RF management should mimic Open Shortest Path First (OSPF). OSPF uses routing metrics to constantly monitor the state of the network and make changes to the routing tables as necessary to utilize the best possible topology, but with enough intelligence built in to change channels only when it significantly improves the network performance or capacity. Wireless strategies that involve management systems that push a configuration to a group of access points but cannot provide continuous feedback on system performance and user behavior are similar to static routing of the past. When the routes were entered into the table they may have been current, but with a constantly changing network, there is no guarantee that the tables will be accurate at a future time-even one day (or one hour) after they were put in place.
CONCLUSION
Enterprise wireless needs are constantly evolving. It is difficult for any network to foresee the changes that will happen in the future. As a result, a centralized and dynamic system is required to provide real-time intelligence to account for these changes.
Cisco offers the only WLAN infrastructure with patent-pending RRM techniques that essentially provide "an RF engineer in the system". With Cisco's solution, network administrators can quickly deploy a highly reliable and secure WLAN with minimal operational costs and little RF expertise. Wireless continues to grow as a strategic resource for business operations; real-time RF management, as offered by Cisco, is essential to the design, delivery, and maintenance of scalable enterprise WLANs.
