Wi-Fi

From Navas Wireless Wiki

Jump to: navigation, search

Welcome! Navas Wireless Wiki is a practical, comprehensive, and objective resource for wireless communications, particularly wireless access to the Internet, and related wireless technologies (e.g., cellular). Founded by John Navas and Jeff Liebermann.

Click to Search Navas Wireless Wiki with Google

Contributions and corrections are encouraged and appreciated, but please first visit our Community Portal for Important Policies on Content, Style, What we are, What we aren't, and other answers to your questions.

Please donate to help keep the Navas Wireless Wiki free.

This article covers the practical aspects of wireless access to the Internet via Wi-Fi.


Wi-Fi articles
Wi-Fi (main article)
   alt.internet.wireless (discussion group)
Fast Fixes to Wi-Fi Problems
Wi-Fi How To
Wi-Fi on a Boat
   rec.boats.electronics (discussion group)
Wi-Fi Phones

Contents

Introduction to Wi-Fi

Wi-Fi logo

Wi-Fi wireless networks provide all the functionality of wired networks, without the need for physical connections. Data is sent over various radio frequencies depending on the service. Typical Wi-Fi connection speeds are 11 and 54 Mbps. In practice, throughput is about half the connection speed. Wireless Networks basically consists of computers equipped with wireless NICs, which may be USB, PCI, Mini PCI, CF card, PCMCIA/CardBus, or other interface. Connectivity to a wired network requires a wireless access point (AP) used as a bridging device. Connectivity to the Internet usually requires a wireless router, which includes an access point. AP's are typically located near the centre of the wireless client concentration.

Related Resources

The Three Rules of Wireless Networking

  1. It never goes as fast as they say it does
  2. It never goes as far as they say it does
  3. It never sets up as easily as they say it does
[Wireless Networking Need To Know 2006]

Getting Started

See Wireless Networking Need To Know 2006

Essential Checklist

 ☐  Use WPA2 security. If you don't do this, assume you will get hacked. WEP is essentially worthless. WPA-TKIP can new be cracked. Replace wireless equipment that doesn't support WPA2. Seriously. (See Wi-Fi Security)
 ☐  Use a strong WPA2 passphrase. A good way to do that is with diceware words. (See What Makes for a Strong Password or Passphrase?) Write your passphrase on a label and stick it on the bottom of your wireless router so you won't forget it. (If someone gets to your wireless router, you are compromised regardless.)
 ☐  Make your wireless SSID unique. This helps avoid network collisions. A good way to do this is to use your address, phone number, and/or name for your SSID (making it easy for you to be contacted if something is wrong with your wireless network).
 ☐  Don't bother with SSID hiding or MAC address filtering. They don't do any real good (improve security) but they can cause you grief. (See Wi-Fi Security Myths)
 ☐  Turn off Universal Plug and Play (UPnP) in your wireless router. Because most consumer-grade wireless routers lack UPnP authentication they are vulnerable to attack. (See Problems with UPnP, Lack of Authentication)
 ☐  Set a strong password on the administration interface of your wireless router. Again, diceware is a good way to do that.
 ☐  Turn off remote administration. If your wireless router supports remote administration, turn it off (unless you really know what you're doing).
 ☐  Configure Windows not to connect to open networks automatically. See Do Not Auto-Connect to Open Wi-Fi Networks
 ☐  On unsecured Wi-Fi use VPN (Virtual Private Networking). Otherwise your wireless traffic can be snooped and compromised. (See Secure Internet access in a public hotspot)

Wi-Fi Network Types

Infrastructure

Star topology of
Infrastructure WLAN

The network topology of an Infrastructure Wireless LAN (WLAN) is a point-to-multipoint star, with a single central controller (wireless access point or wireless router), and one or more wireless clients.

  • Clients can connect to one and only one access point, and not to other clients.
  • An access point can only connect to clients, not to other access points.

Some products can be switched between different modes; e.g., either an access point or a client bridge, but not both at the same time.

Most Wi-Fi WLANs are Infrastructure.

Ad Hoc

Full Connected topology
of Ad Hoc WLAN

The network topology of an Ad Hoc Wireless LAN (WLAN) is fully connected matrix, with two or more wireless clients connecting to each other, without any central controller.

Connecting an Ad Hoc network to other networks (e.g., the public Internet) typically involves bridging or routing in one of the wireless clients (e.g., Windows Internet Connection Sharing) to some other network connection.

Wi-Fi Channels

Wi-Fi uses spectrum near 2.4 GHz, which is standardized and unlicensed by international agreement, although the exact frequency allocations vary slightly in different parts of the world, as does maximum permitted power. However, channel numbers are standardized by frequency throughout the world, so authorized frequencies can be identified by channel numbers.

     
Wi-Fi Channels
 Channel   Center Freq (GHz)   Americas   EMEA   France   Israel   China   Japan 
1 2.412 Y Y     Y Y
2 2.417 Y Y     Y Y
3 2.422 Y Y   Y Y Y
4 2.427 Y Y   Y Y Y
5 2.432 Y Y   Y Y Y
6 2.437 Y Y   Y Y Y
7 2.442 Y Y   Y Y Y
8 2.447 Y Y   Y Y Y
9 2.452 Y Y   Y Y Y
10 2.457 Y Y Y   Y Y
11 2.462 Y Y Y   Y Y
12 2.467   Y Y     Y
13 2.472   Y Y     Y
14 2.484           Y
  • EMEA = Europe, Middle East and Asia (except where otherwise specified)
  • Maximum permitted power varies by region.
  • Channel spacing is 0.005 GHz (5 MHz), except for channel 14 (which is ignored for much that follows).
  • Each channels overlaps its neighbors, with the amount of interference decreasing the farther apart they are.
  • Most interference is with the two adjacent channels in each direction (above and below); e.g., channel 6 mostly interferes with channels 4, 5, 7 and 8.
  • There is significant interference with two more channels in each direction; e.g., channel 6 also has significant interference with channels 2, 3, 9 and 10.
  • There can even be some interference beyond four channels in each direction, particularly with strong transmitters; e.g., channel 6 can interfere with channels 1 and 11.
  • As a good rule of thumb, there should be minimal interference between channels that are five numbers apart, except channel 14, which has minimal interference with other channels.
  • In the USA:
    • There are three minimum interference channels: 1, 6, 11.
    • For four channels with somewhat more interference that may still be usable, channels can be three or four numbers apart:
Option #1 Option #2 Option #3
1, 4, 7, 11 1, 4, 8, 11 1, 5, 8, 11

References:

Wi-Fi Hardware

Wireless Access Point

A Wireless Access Point (AP) is the central bridge device used in an Infrastructure (as opposed to Ad Hoc) wireless network. (See Wi-Fi Network Types) Traffic from the wireless side of the bridge is sent to the Ethernet (wired) side of the bridge, and vice versa. The wireless access point controls all traffic with wireless client radios.

Note: A wireless router, which is often less expensive than a wireless access point, can be configured to work as just a wireless access point -- see Wi-Fi How To Use a wireless router as a wireless access point.

Wireless Router

A wireless router typically consists of three sections:

  1. Ethernet router, including:
    • DHCP client and server
    • NAT(PAT)
    • Firewall (sometimes, not always -- NAT alone is not a real firewall)
  2. Ethernet switch
  3. Wireless access point (radio)

Some boxes also include either:

Note: A wireless router, which is often less expensive than a wireless access point, can be configured to work as just a wireless access point -- see Wi-Fi How To Use a wireless router as a wireless access point.

Wireless Bridge

All 802.11 wireless is bridging, where everything is done on Layer 2. IP addresses are used only for configuration of the access points. Wi-Fi encapsulates 802.3 Ethernet packets inside 802.11 wireless packets.

Wireless Bridge Types

Common client radio used in workstations, laptops, and PDA's. Limited to connecting one computer to an infrastructure access point.
  • Multiple MAC address client adapter
Client wireless adapter that can bridge more than one MAC address. Used for connecting more than one computer via a single wireless link to an infrastructure access point.
  • Point-to-point wireless bridge
Two identical radios used to connect two networks. Same as transparent bridge. Will bridge more than one MAC address.
  • Transparent bridges.
Bridges more than one MAC address. Same as point to point bridge.
  • Point-to-multipoint wireless bridge
Three or more identical radios used to connect multiple networks. Bridge more than one MAC address
  • Workgroup bridge
Bridges a limited number of MAC addresses (usually 4, 8, or 16) to an infrastructure access point. (Examples: 3Com 3CRWE675075, 3CRWE83096A, Cisco AIR-WGB352)
  • Game adapter
Muddled marketing term for either a workgroup bridge or single MAC address client adapter. Bridges an indeterminant number of MAC addresses. Some do one MAC, some do more. Good luck.
Store-and-forward repeater. Repeats all packets it hears for a configured SSID. Also repeats all broadcasts. Used to extend the range or coverage of a wireless network.
Simultaneously act as a bridge and as an access point. Used to extend the range or coverage of a network. Wireless users can connect to any WDS bridge as if were an access point. WDS bridge radios talk to each other as if they were transparent bridge radios.
Multiple simple access point radios connected to a central intelligent switch. Offers centralized management and monitoring. Very easy to expand. Note that a switch is a bridge with more than two ports.

Wireless Ethernet Bridges

Note: There are limits on how many units (MAC addresses) these products are able to bridge (even with a separate wired hub or switch). Some (which may be called "game adapter") are only able to bridge a single MAC address. Some (but not necessarily all) bridges able to handle more than one MAC address are identified with multi, with a number in parentheses if the specific limit is known. This information may not be reliable, and should be verified before making a purchase!

WISP Router

Service from a WISP (Wireless Internet Service Provider) may be provided through a "WISP [mode] Router", effectively a wireless host version of a wired or wireless broadband router:

Adapter Types

Link Calculations

The easiest way to do this is by example. Your setup and numbers will vary. This is the best case solution, with no consideration for atmospherics, Fresnel zone edge diffraction, folliage attenuation, and non-line of sight effect. Fade margin only gets worse, never better.

We'll use a pair of Linksys WRT54G v4 802.11g with DD-WRT alternative firmware setup as a transparent bridge. This makes it easy because both sides are the same. The transmit output is about +17 dBm. The WRT54G will be mounted in a weatherproof box somewhere near the antenna with a single 3 ft cable (pigtail) using LMR-240 coax with a loss of about 4 dB including connectors.

Next, we gotta do some guesswork. I'll assume that we can live with about 6 Mbits/sec thruput. That means the connection speed will be about twice that or 12 Mbits/sec. The receiver sensitivity varies with the speed and modulation type. The following is from the Dlink DI-624 datasheet but is close enough for most similar 802.11g radios:

Mbps Type PER dBm
54 OFDM 10% -68
48 OFDM 10% -68
36 OFDM 10% -75
24 OFDM 10% -79
18 OFDM 10% -82
12 OFDM 10% -84
Mbps Type PER dBm
11 CCK 8% -82
9 OFDM 10% -87
6 OFDM 10% -88
5.5 CCK 8% -85
2 QPSK 8% -86
1 BPSK 8% -89

12 Mbps connect speed thus sets the receiver sensitivity at -84 dBm.

PER (Packet Error Rate) is similar to BER (Bit Error Rate) but is easier to measure. You would not want to operate at a 10% PER error rate. 1 in 10 packets trashed is useable, but no fun. This is approximately the same as a BER of 1E105, which is one of the common reference levels for measuring receiver sensitivity. Again, these are measurement reference levels, not operating points.

Next, we must guess the fade margin. Fade margin or system operating margin is how much stronger the operating level is above the receiver reference level. 20 dB is considered to be a good minimum. In other words, your operating signal level must be 100 times stronger than the receiver sensitivity or the link is going to be flaky and unreliable.

The relationship between fade margin and reliability is:

SOM dB Reliability % Downtime per year
8  
18  
28  
38  
48  
58  
90
99
99 .9
99 .99
99 .999
99 .9999
876 hours
88 hours
8 .8 hours
53 minutes
5 .3 minutes
32 seconds

99% reliability might sound great, but that means your link will be useless for 1% of the year, or 3.6 days per year. Don't go below 20 dB fade margin, which is 70 hours of downtime per year.

Plugging the above guesswork into a suitable Link Calculator and trying various antenna gains until we get a 20 dB fade margin:

TX power 
TX coax loss 
TX ant gain 
Distance 
RX ant gain 
RX coax loss 
RX sens 
Fade margin 
 +15 dBm
 4 dB (3 ft LMR-240 plus a mess of connectors)
 unknown
 2 miles
 unknown
 4 dB (same at other end)
 -84 dBm (at 12 Mbits/sec)
 20 dB

yields a minimum antenna gain of +21 dBi. Any less than +21 dBi antenna gain will result in insufficient fade margin and a corresponding loss in link reliability. That makes the required antenna to be a dish. We can use a lower gain antenna by running at a slower speed, shorter coax, or more transmit power at both ends.

Online link calculators:

Performance and Speed

Wireless connection speed and thruput are quite different. The wireless may offer a connection speed of 54 Mbits/sec, but the actual thruput is considerably less, typically less than half. That's because of management packet overhead, 802.11b compatibility, inter-symbol gaps, and necessary timing delays. Also, note that wireless is half-duplex, where only one radio in a given airspace can transmit at a time.

This is taken from an Atheros paper with some additions and corrections.

Wi-Fi type Non-overlapping
Channels
Modulation Max Link Max TCP Max UDP
 802.11b only   3 CCK   11   5.9   7.1
 802.11g with 802.11b    3 OFDM/CCK   54 14.4 19.5
 802.11g only   3 OFDM   54 24.4 30.5
 802.11g turbo   1 OFDM 108 42.9 54.8
 802.11a 13 OFDM   54 24.4 30.5
 802.11a turbo   6 OFDM 108 42.9 54.8

The paper claims that encryption is enabled for these calculations, but the numbers seem to indicate that these number are for encryption disabled. (Don't know for sure.) The maximum TCP and maximum UDP are the theoretical maximum throughput rates. No calculations for Turbo and SuperG modes yet.

There is also a relationship between speed and range. The following table is from a paper by Intel on wireless hotspot deployment for 802.11b/g.

Rate Mbps Range ft
1
2
5 .5
6
9
11
350
250
180
300
250
150
Rate Mbps Range ft
12    
18  
24  
36  
48  
54  
200
170
140
100
  95
  90

The rather optimistic ranges listed are probably with a better than standard omnidirectional antenna and with unobstructed line of sight. There are similar charts in the Intel Wi-Fi hotspot paper for other frequencies and protocols.

Attenuation

Solid objects greatly attenuate (reduce) Wi-Fi radio signals, so clear line of sight is best. The amount of attenuation is expressed in dB, where each 3 dB of attenuation is a power loss of 1/2.

Indoor

Attenuation Properties of Common Building Materials
Building Material 2.4 GHz Attenuation
Solid Wood Door 1.75"   6 dB
Hollow Wood Door 1.75"   4 dB
Interior Office Door w/Window 1.75"/0.5"   4 dB
Steel Fire/Exit Door 1.75" 13 dB
Steel Fire/Exit Door 2.5" 19 dB
Steel Rollup Door 1.5" 11 dB
Brick 3.5"   6 dB
Concrete Wall 18" 18 dB
Cubical Wall (Fabric) 2.25" 18 dB
Exterior Concrete Wall 27" 53 dB
Glass Divider 0.5" 12 dB
Interior Hollow Wall 4"   5 dB
Interior Hollow Wall 6"   9 dB
Interior Solid Wall 5" 14 dB
Marble 2"   6 dB
Bullet-Proof Glass 1" 10 dB
Exterior Double Pane Coated Glass 1" 13 dB
Exterior Single Pane Window 0.5"   7 dB
Interior Office Window 1"   3 dB
Safety Glass-Wire 0.25"   3 dB
Safety Glass-Wire 1.0" 13 dB
[Source: 3Com Wireless Antennas Product Guide]

Outdoor

To Do: Please contribute if you can, or check back later for content.

Repeaters

To Do: Please contribute if you can, or check back later for content.

Antennas

Antenna Manufacturers

Do It Yourself

Manufacturers

Belkin

Buffalo Technology

D-Link

Hawking Technology

Intel

Linksys

Motorola

NETGEAR

  • NETGEAR home page
  • WG511 PC Card
    • Version 1 (v1) has about the best range and performance of readily available 802.11g PC Card adapters
    • Version 2 (v2), a different design, isn't as good as Version 1.

3Com

2Wire

3rd-party Firmware

Replacing the standard firmware in certain wireless routers and access points (e.g., Linksys WRT54GL) can provide greatly increased functionality (e.g. hotspot capability) and improved stability, although a fair amount of technical skill may be needed. For specific features and supported products, see:

Replacing the standard firmware in certain wireless routers and access points (e.g., ZyxelP330W) can provide greatly increased functionality (e.g. hotspot capability) and improved stability, although a fair amount of technical skill may be needed. For specific features and supported products, see:

Wi-Fi Software

Connection Managers

Software for rapid changing of network configuration profiles.

Network Monitors

Monitor network throughout, amount of data sent/received, etc. Recommended products are shown in bold.

Site Survey Tools

See Why and How to do a Site Survey

WEP cracking

Wi-Fi Speed

  • The raw speed reported by your wireless network adapter is not necessarily a reliable indicator of actual raw speed. The reason is that transmit speed fluctuates according to the wireless error rate, and when the wireless link is idle, unrealistic speed may be reported (since no errors are occurring when the wireless link is idle).
  • Data can only flow on one wireless link in one direction at any one time, which means that the maximum data transfer rate will be well below half of the raw wireless network speed.
  • To measure Wi-Fi speed, see Wi-Fi How To Measure wireless network performance.

Wi-Fi Safety

Anti-Virus (free)

If you're not already protected, then you're probably already infected!

Resident protection

Online scanners (good when you think you might be infected)

Anti-Spyware (free)

Run only one resident protection at any given time.
(Multiple scanners are OK, and may be needed in difficult cases.)

Other good anti-spyware (e.g., for on-demand scanning)

Diagnostic tools for spyware

Wi-Fi Security

Wi-Fi Security Myths

Intruder Detection

WEP

  • See Wikipedia:Wired Equivalent Privacy (WEP)
  • WEP can be easily cracked and is not secure. Use WPA2 instead.
  • WEP keys can usually be entered in either ASCII format (all letters, numbers, etc.) or hex (hexadecimal) format (only 0-9 and A-F), and the difference can result in (frustrating) key mismatch. To avoid this problem, enter all keys in hex (using only symbols 0-9 and A-F).
WEP Type (Bits) Number of key characters
ASCII Hex
 WEP64 (40) 5 10
 WEP128 (104) 13 26

WPA/WPA2

Tip: WPA-TKIP can be cracked! Use WPA2 if possible!
WPA/WPA2 can be cracked if a weak passphrase is used!
See What Makes for a Strong Password or Passphrase?


Universal Plug and Play

Turn off Universal Plug and Play (UPnP) in your wireless router. Because most consumer-grade wireless routers lack UPnP authentication they are vulnerable to attack. (See Problems with UPnP, Lack of Authentication)

SSL/TLS

Software Firewall

  • A good software "firewall" will protect your computer from network attacks, particularly on unencrypted Wi-Fi networks (e.g., public hotspots).
  • If running Microsoft Windows XP:
    1. Update with SP2 (Service Pack 2), and install all security updates.
    2. Make sure the Windows Firewall is enabled for the wireless connection.
  • Good free software firewalls

VPN

VPN (Virtual Private Networking) is used to construct and connect private networks using the public Internet. Communications are secured by means of some type of encryption, depending on the specific type of VPN. In general, there are two kinds of VPN:

  • Remote-access, in which both payload and data are encrypted.
  • Site-to-site, in which only data are encrypted.

VPN Resources

VPN Service Providers

What Makes for a Strong Password or Passphrase?

Wireless Isolation

  • If you want to open up wireless to outsiders (even just a neighbor), look for a wirelesss router with an isolation feature that blocks wireless-to-wired networking, most often found in "hotspot" routers.
  • If you also have wireless devices, then look for a wireless router or access point with a wireless isolation feature that blocks peer-to-peer wireless networking (e.g., NETGEAR WG302).

See also Two wireless networks on one router.

Guest Account

A good alternative to Wireless Isolation is a Guest Account feature that not only isolates wireless guests from your own wireless (and wired) networking, but also can provide security (WPA/WPA2) for your guests. Products with such capability include:

See also Two wireless networks on one router.

What is Wardriving?

Wi-Fi Hotspots

Free Public HotSpot Directories

Commercial Hotspots

Special Wi-Fi Applications

Marine

See Wi-Fi on a Boat

Mesh networks

Mesh is a wireless co-operative communication infrastructure between multiple individual wireless transceivers (i.e., a wireless mesh) that have IP networking capabilities.

More information:

Streaming Audio to Home Stereo

Troubleshooting Wi-Fi

Interference

  • Checklist of possible interference sources:
CheckBox.gif Microwave oven
CheckBox.gif 2.4 Ghz video or security camera link (X10).
CheckBox.gif Municipal wireless network.
CheckBox.gif Bluetooth devices (mouse, phone, PDA, headset, cell phone, etc.)
CheckBox.gif Portable wireless TV camera used at sports events.
CheckBox.gif Spread spectrum Frequency hopping cordless phones (e.g., Panasonic Gigarange)
Note: 2.4 GHz phones are not an issue in the UK(Eur), as DECT phones operate from 1.88 GHz to 1.9 GHz.
CheckBox.gif Wi-Fi (IEEE 802.11b/g) wireless keyboard, PDA, and/or cell phone.
CheckBox.gif 2.4 GHz wireless gamepad and/or controller.
CheckBox.gif RF Excited Lighting (e.g., Fusion Lighting).
See Part 18 RF Lighting, A Potential "Extinction Level Event" For Communications Users Of The 2.4 GHz Band
CheckBox.gif 2.4 GHz wireless baby monitor.
CheckBox.gif 2.4 GHz ham radio operation.
CheckBox.gif WISP (Wireless Internet Service Providers) which may be using non-Wi-Fi type of modulation (e.g., WiMAX).
CheckBox.gif Breezecom/Alvarion/Symbol/Raylink spread spectrum frequency hopping networks.
CheckBox.gif Western Multiplex or Proxim non-Wi-Fi wireless links (e.g., Lynx).
CheckBox.gif HomeRF spread spectrum frequency hopping network.
CheckBox.gif ZigBee IEEE 802.15.4 sensor wireless network.
CheckBox.gif Microwave fruit drying oven, plastic mold preheater.
CheckBox.gif Unstable high power Wi-Fi power amplifier spewing RF "garbage".
  • Non-interfering Wi-Fi channels
    Closely spaced Wi-Fi channels overlap, and signals on two different channels can interfere with each other, especially when they are less than 5 channels apart, with the amount of interference decreasing with increasing channel separation. (Thus channels 1 and 3 interfere less with each other than channels 1 and 2.) For minimum interference between different Wi-Fi networks, first try channels 1, 6, and 11, which have minimal overlap.

Poor Signal

SSID Conflict

When two networks have the same SSID, wireless devices on one network may try to connect to the other network (because they look like the same network), which can cause problems. This can easily happen when two different networks use hardware from the same vendor with the same default SSID. To avoid such problems, configure a unique SSID for your network that won't conflict with other networks, now or in the future.

MAC Address Cloning

Stub: This article is a stub. You can help the Navas Wireless Wiki by expanding it.
Personal tools