Syngress Managing and Securing a Cisco Structured Wireless Aware Network Apr 2004 _ www.bit.ly/taiho123

Lev Shklover CCNP, CCDP, Cisco WLAN Design and SupportSpecialist, Certified Solaris Administrator, Nortel Networks Routerand Network Management Specialist is a Senior Consultant withInte

s o l u t i o n s @ s y n g r e s s c o m

Over the last few years, Syngress has published many best-selling and

critically acclaimed books, including Tom Shinder’s Configuring ISA

Server 2000, Brian Caswell and Jay Beale’s Snort 2.0 Intrusion Detection, and Angela Orebaugh and Gilbert Ramirez’s Ethereal Packet Sniffing One of the reasons for the success of these books has

been our unique solutions@syngress.com program Through this

site, we’ve been able to provide readers a real time extension to theprinted book

As a registered owner of this book, you will qualify for free access toour members-only solutions@syngress.com program Once you haveregistered, you will enjoy several benefits, including:

■ Four downloadable e-booklets on topics related to the book Each booklet is approximately 20-30 pages in Adobe PDF format They have been selected by our editors from other best-selling Syngress books as providing topic coverage that

is directly related to the coverage in this book.

■ A comprehensive FAQ page that consolidates all of the key points of this book into an easy to search web page, pro- viding you with the concise, easy to access data you need to perform your job.

■ A “From the Author” Forum that allows the authors of this book to post timely updates links to related sites, or addi- tional topic coverage that may have been requested by readers.

Just visit us at www.syngress.com/solutions and follow the simple

registration process You will need to have this book with you whenyou register

Thank you for giving us the opportunity to serve your needs And besure to let us know if there is anything else we can do to make yourjob easier

Register for Free Membership to

Cisco ®

Structured Wireless-Aware

Network

M a n a g i n g a n d S e c u r i n g a

David Wall CCSI, Technical Editor

Jan Kanclirz Jr CCIE #12136

Youhao Jing CCIE#5253

Jeremy Faircloth

tion (collectively “Makers”) of this book (“the Work”) do not guarantee or warrant the results to be obtained from the Work.

There is no guarantee of any kind, expressed or implied, regarding the Work or its contents.The Work is sold AS IS and WITHOUT WARRANTY.You may have other legal rights, which vary from state to state.

In no event will Makers be liable to you for damages, including any loss of profits, lost savings, or other incidental or consequential damages arising out from the Work or its contents Because some states do not allow the exclusion or limitation of liability for consequential or incidental damages, the above limitation may not apply to you.

You should always use reasonable care, including backup and other appropriate precautions, when working with computers, networks, data, and files.

Syngress Media®, Syngress®, “Career Advancement Through Skill Enhancement®,” “Ask the Author UPDATE®,” and “Hack Proofing®,” are registered trademarks of Syngress Publishing, Inc “Syngress:The Definition of a Serious Security Library”™, “Mission Critical™,” and “The Only Way to Stop a Hacker is

to Think Like One™” are trademarks of Syngress Publishing, Inc Brands and product names mentioned

in this book are trademarks or service marks of their respective companies.

Noted figures in chapter 6 have been reproduced by Syngress Publishing, Inc with the permission of Cisco Systems Inc COPYRIGHT © 2004 CISCO SYSTEMS, INC ALL RIGHTS RESERVED.

Managing and Securing a Cisco® Structured Wireless-Aware Network

Copyright © 2004 by Syngress Publishing, Inc All rights reserved Printed in the United States of America Except as permitted under the Copyright Act of 1976, no part of this publication may be repro- duced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher, with the exception that the program listings may be entered, stored, and executed in a computer system, but they may not be reproduced for publication.

Printed in the United States of America

1 2 3 4 5 6 7 8 9 0

1-932266-91-7

Acquisitions Editor: Christine Kloiber Cover Designer: Michael Kavish

Technical Editor: David Wall Copy Editor: Judy Eby

Page Layout and Art: Patricia Lupien Indexer: J Edmund Rush

The incredibly hard working team at Elsevier Science, including Jonathan Bunkell, Ian Seager, Duncan Enright, David Burton, Rosanna Ramacciotti, Robert Fairbrother, Miguel Sanchez, Klaus Beran, Emma Wyatt, Rosie Moss, Chris Hossack, and Krista Leppiko, for making certain that our vision remains worldwide in scope.

David Buckland, Daniel Loh, Marie Chieng, Lucy Chong, Leslie Lim, Audrey Gan, Pang Ai Hua, and Joseph Chan of STP Distributors for the enthusiasm with which they receive our books.

Kwon Sung June at Acorn Publishing for his support.

Jackie Gross, Gayle Voycey, Alexia Penny, Anik Robitaille, Craig Siddall, Iolanda Miller, Jane Mackay, and Marie Skelly at Jackie Gross & Associates for all their help and enthusiasm representing our product in Canada.

Lois Fraser, Connie McMenemy, Shannon Russell, and the rest of the great folks at Jaguar Book Group for their help with distribution of Syngress books in Canada.

David Scott,Tricia Wilden, Marilla Burgess, Annette Scott, Geoff Ebbs, Hedley Partis, Bec Lowe, Andrew Swaffer, Stephen O’Donoghue and Mark Langley of Woodslane for distributing our books throughout Australia, New Zealand, Papua New Guinea, Fiji Tonga, Solomon Islands, and the Cook Islands.

Winston Lim of Global Publishing for his help and support with distribution of Syngress books in the Philippines.

Contributors

Jan Kanclirz Jr. (CCIE #12136-Security, CCSP, CCNP, CCIP,CCNA, CCDA, INFOSEC Professional) is a Senior NetworkInformation Security Engineer working for IBM Global Services.Currently, he is responsible for strategic and technical evolution of alarge, multi-customer/multi-data center networks and their securityenvironment Jan specializes in multi-vendor, hands-on implementa-tions and architectures of network technologies such as routers,switches, firewalls, intrusion sensors, content networking, and wire-less networks Beyond network design and engineering, Jan’s back-ground includes extensive experience with Linux and BSD

administration and security implementations

In addition to Jan’s full time position at IBM G.S., he is involved

in many different projects such as MakeSecure.com, where he cates his time to security awareness Jan also runs a small InternetService Provider (ISP), where he provides several services such asnetwork consulting and Linux server hosting solutions

dedi-Jan would like to acknowledge the understanding and support ofhis family and friends during the writing of the book,“Thank You”

Youhao Jing (CCIE#5253) is currently Director of ProductManagement and Consulting at Alcatel IP Division, responsible fordefining the company’s carrier class IP product strategy with a focus

on the Asia Pacific market He has held various senior level sulting positions at AT&T, Procket, Juniper Networks, and ICGNetcom, where he was responsible for new service and solutiondevelopment, network and product architecture, design consultingfor large-scale converged multi-service IP/MPLS networks

con-Youhao Jing received his M.S degree from UC Berkeley andpursued further study on high performance networking systems atStanford University He lives with his wife Jane and two sons, Albertand Geoffrey, in Sunnyvale, CA

Jeremy Faircloth (Security+, CCNA, MCSE, MCP+I, A+, etc.) is aStaff Systems Administrator for EchoStar Satellite L.L.C., where hearchitects and maintains enterprise-wide client/server and Web-basedtechnologies He also acts as a technical resource for other IT profes-sionals, using his expertise to help others expand their knowledge As

a systems engineer with over 12 years of real world IT experience, hehas become an expert in many areas including Web development,database administration, enterprise security, network design, and pro-ject management Jeremy has contributed to several Syngress books

including C# for Java Programmers (ISBN: 1-931836-54-X), Snort 2.0

Intrusion Detection (ISBN: 1-931836-74-4), and Security+ Study Guide

& DVD Training System (ISBN: 1-931836-72-8).

Jeremy currently resides in Colorado Springs, CO and wishes tothank his wife and son, Christina and Austin, for their support in hisvarious technical endeavors

Joel Barrett (CCNP, CCDP, CWNA, MCSE, and Novell’s MasterCNE) is a wireless specialist with Cisco Systems, Inc He supportsCisco’s wireless partners and developers throughout the southeastUnited States, assisting partner executives to develop technical go-tomarket strategies Joel also educates partner engineering teams with

a full understanding of wireless LAN technologies and solutions With over fifteen years of IT experience, Joel has earned Cisco’sand Planet3’s certifications Joel serves as the team leader for theChannels Technology Advisory Team for Mobility, an advisor for theEnterprise Mobility Virtual Team, and a member of Cisco’s EnterpriseMobility Technology Leadership Program He is a board member forthe Wireless Technology Forum in Atlanta, and a speaker for theGeorgia Wireless Users Group He is also the facilitator for the AtlantaCisco Study Group, helping over 200 network engineers attain Ciscocertifications

Joel was co-author and principle technical editor for several

wireless LAN and IT books, including Certified Wireless Security

Professional (CWSP) Official Study Guide, Wireless Networks First-Step,

and the Cisco Advanced Wireless training course Joel and his wife,

Barbara Kurth, live near Atlanta, Georgia with Barbara’s son anddaughter, Shane and Paige, and Joel’s daughter, Ashley

Donald Lloyd (CISSP), author of Syngress Publishing’s Designing a

Wireless Network (1-928994-45-8) is a senior consultant for

International Network Services, Inc (INS) and a regional leader fortheir Fixed Wireless Practice His specialties include network secu-rity architecture and wireless network design In addition to

“unwiring” corporate offices, Donald spends considerable timedesigning and deploying secure wireless networks in remote oil andgas fields, airports, municipalities, and warehouses

This is the third book that Donald has co-authored withSyngress, and Donald wishes to thank INS for their patience whilefinishing this book He also sends a BIG hug to the pride and joy ofhis life, his son

Lev Shklover (CCNP, CCDP, Cisco WLAN Design and SupportSpecialist, Certified Solaris Administrator, Nortel Networks Routerand Network Management Specialist) is a Senior Consultant withInternational Network Services, Inc (INS); a leading global com-puter networking and security consultancy He has over 13 years ofexperience in designing and implementing large computer networksfor major U.S and International corporations

Lev’s other specialization is lab testing of network designs, work devices and network protocols to maintain network reliability

net-He started working with Cisco WLAN hardware in early 2000,right after Cisco’s acquisition of Aironet Communications As amember of INS’s Wireless Networking Practice, Lev has designedand deployed numerous Cisco 802.11a/b/g solutions for variousclients, including a WLAN for a 44-story building

Lev graduated from the Technical University of RadioElectronics and Automation in Moscow, Russia with a MS Degree

in Optical Engineering He currently resides in NJ with his wifeand two children

David Wall (CCSI #22530), author of Multi-Tier Application

Programming with PHP: A Practical Guide for Architects and Programmers,

contributes regularly to technical and general-interest publicationsand reviews books for online bookseller Amazon.com David alsoworks as a consultant, specializing in voice over IP applications andnetwork design A Cisco Certified Systems Instructor, David teachesengineers and salespeople about technologies from Cisco Systems.David’s other professional interests include hosting applicationsfor small businesses, and the integration of disparate systems usingopen-source technologies

A pilot, David enjoys flying around eastern Australia Davidmaintains a Web presence at http://www.davidwall.com

Technical Editor

Interference from Radio Transmitters 20Harmonics 21

Integrated Wired and WLAN Services using the Cisco Infrastructure and Cisco IOS Software 32

Wireless Domain Services for IEEE 802.1X Local Authentication Service and Fast Secure

Rogue AP Detection and Location 34Interference Detection to Isolate and Locate Network Interference 35Simplified WLAN Deployment Processes with Assisted

Streamlined WLAN Management and Operations Support 36Seamless Delivery of Enhanced Network Security

Solutions 38Wireless-aware Design Considerations 39Summary 40

Introduction 48

Transmitting Radio Signals over EM Waves 48

Propagating a Strong Radio Signal 57Understanding Signal Power and S/N Ratio 57Attenuation 58Bouncing 61Refracting 63

Penetration 64Understanding the Wireless Elements 66

Laws, Regulations, and Environmental Considerations 70

Regulations for Low Power, Unlicensed Transmitters 71

Does the 802.11 Standard Guarantee Compatibility

DSSS 78

IEEE 802.11b Direct Sequence Channels 78IEEE 802.11a OFDM Physical Layer 80

Performing an Interior Wireless Site Survey 115Performing an Exterior Wireless Site Survey 124Summary 129

Summary 174

Introduction 180

Multicast WLAN Deployment Recommendations 186Configuring Multicast and Broadcast Minimum

IP Multicast WLAN Configuration 190Controlling IP Multicast in a WLAN with APs 191

Introduction 202

Design 203Topology 203

Access Point and Switch Configuration 207

Summary 209

Chapter 6 Implementing Cisco Wireless LANs 211

Introduction 212The Cisco Wireless and Wireless-aware Vision 212The Cisco Structured Wireless-aware Network

Cisco Wireless LAN Switches and Routers 216Cisco Wireless Antennas and Accessories 217Ceiling Mount Omnidirectional

Antenna 2.4 GHz (AIR-ANT1728) 219Mast Mount Omnidirectional

Antenna 2.4 GHz (AIR-ANT2506) 219High-Gain Mast Mount Omnidirectional

Antenna 2.4 GHz (AIR-ANT24120) 219Pilar Mount Diversity Omnidirectional

Antenna 2.4 GHz (AIR-ANT3213) 220POS Diversity Dipole Omnidirectional

Antenna 2.4 GHz (AIR-ANT3351) 220Diversity Ceiling Mount Omnidirectional

Patch Antenna 2.4 GHz (AIR-ANT5959) 221Directional Wall Mount Patch Antenna

2.4 GHz (AIR-ANT3549, AIR-ANT1729) 221Diversity Directional Wall Mount

Patch Antenna 2.4 GHz (AIR-ANT2012) 222Yagi Antenna 2.4 GHz (AIR-ANT1949) 222Dish Antenna 2.4 GHz (AIR-ANT3338) 222Cisco’s 2.4 GHz Antennas Summary 223

Upgrading from VxWorks to IOS 227Using the Aironet Conversion Tool for Cisco

Using CiscoWorks WLSE for IOS Conversion 229Cisco Aironet Access Points (APS) 229

Mitigating Vulnerabilities with the Cisco Security Suite 253Cisco Secure Access Control Server (ACS) 3.2 254Enhanced Client Network Management Features with Extended

Cisco Aironet 1400 Wireless Bridge 263Cisco Aironet 350 Wireless Bridge 266

Summary 270

Introduction 278

How Wireless Technology Changes Network Security 292

Protecting the Data Link and Physical Layers 294Tracking and Attacking Anonymity 294

Authentication 295

Preventing War Driving and Unauthorized Use of

Devices Required in War Driving 297

Antenna 297GPS 298

Protecting Against Unauthorized Wireless Access 301

Detecting and Protecting against Rogue Access Points 305Corporate Policy and User Awareness 305

Sniffers 306Cisco Rogue Detection by Client Reports 306

Implementing Firewalls for Additional Security 311Public Secure Packet Forwarding 312Filters 313

EAP 314

802.1x 316

Cisco EAP 318

IKE 329

ESP 332

Summary 348

Chapter 8 WLAN Rogue Access Point Detection

Introduction 356The Problem with Rogue Access Points 356

A Rogue Access Point is Your Weakest Security Link 358

An Intruder’s Rogue Access Point 359Preventing and Detecting Rogue Access Points 360Preventing Rogue Access Points with a Security Policy 360Provide a Secure, Available Wireless Network 360Sniffing Radio Frequency to Detect and Locate Rogue

Chapter 9 Wireless LAN VLANs 387

Introduction 388

Primary (Guest) and Secondary SSIDs 410

Using RADIUS for VLAN Access Control 411

Summary 415

Introduction 422The Requirement for Service Quality 423Bandwidth 423Latency 423

Jitter 424

Extending QoS Support to WLAN Wireless Network 428Integrating QoS in Wireless and Wired Networks 430

Dimensioning WLAN Network for Sufficient Capacity 432Handling Roaming Introduced Delay 434Configuring for Wireless QoS in IOS 435MetroWiFi integrated QoS Design 435Configuring EDCF Frame Prioritization Scheme 438Configuring Traffic Classification for EDCF

Using Existing Network QoS Configuration 442Summary 443

Wireless networking is all about freedom Freedom is a worthy goal in its ownright, and freedom in an organizational context pays dividends.

It’s tremendously cool to be able to sit down in an office or conferenceroom, open your portable computer, and have instant connectivity to theresources you need to do your job.With wireless networking in place, there’s

no need to fiddle with Ethernet cables and the associated software settings —you just get on with whatever you want to do Simple, mobile connectivity likethis makes you more efficient and more capable

Considered from a manager’s point of view, wireless networking is anempowering technology, a “force multiplier” if you want to use the militaryterm A given number of people, given a method of working more efficientlythan usual, can do the work of a larger number of people.The fact that wirelessnetworking enables people to connect to the network from anywhere in theirwork area, without any overhead, means that they can spend more time doingtheir jobs and not getting stressed out about hooking up to the network

If you consider that wireless networking makes possible new modes ofwork, the advantages become even more apparent Quite a few organizationsare using wireless devices to scan items (for inventory management andtracking, to cite the two main examples) and report the scanned data to a cen-tral repository in near-real time.This makes more current—and therefore morevaluable—information available to the people who need it.That wouldn’t bepossible without wireless networking A few shops are already experimentingwith wireless telephone service, in which users can roam all over their work-place while maintaining connectivity to the organizational telephone switch via

a portable handset.This means they can be reached at their usual phone sion wherever they go, with no need to configure forwarding.The next genera-tion of such portable phones will be able to connect to the wireless LAN when

exten-xxiii

Foreword

a suitable one is available, and switch over to the public cellular network whenthe user goes out of range.Wireless networking is not a gimmick It is a pro-ductivity-enhancing, profit-enhancing infrastructure element that makes busi-nesses stronger.

What’s more, wireless networking makes it easy for an organization to do abit of public service By installing an access point that covers a portion of a publicpark or a nearby café—where the organization’s employees would probably want

to work from time to time anyway—it’s possible to give wireless Internet access(under proper control, of course) to anyone who cares to connect.That’s the kind

of corporate philanthropy that people appreciate, and it’ll do more for the pany image than putting the logo on a theater program

com-Critics of wireless networking call attention to security worries A networkwith wireless service is subject to attack over the airwaves by anyone withinradio range Stripping unauthorized modems from the network and keepingintruders out of the building is no longer sufficient.The problem is compli-cated by the fact that anyone with 50 bucks to spare can plug a cheap accesspoint, meant for home use, into an Ethernet port and start providing potentiallyunregulated access to the company network (The fact that people are veryoften willing to part with 50 bucks to provide themselves with wireless service

at the office says a lot about the value of wireless connectivity, by the way.)That is why you need to take a managed approach to wireless networking.Rather than let rogue access points sprout haphazardly, and rather than allowaccess to your corporate network without proper authentication and auditing,you need to design your network to give the people of your organization whatthey need to do their jobs happily (and maybe a bit more, just to see what they

do with the extra capability) If you’re going to allow guest access, and maybeeven some public use, you need to build that in.You need, however, to be pre-cisely aware of what you’re allowing, and use the best tools you can to preventthe kind of network activity that would do harm to your organization

The Structured Wireless-Aware Networking (SWAN) solutions from CiscoSystems are excellent tools, and they’re the subject of this book.With Cisco’shardware and software—some of it specific to the wireless portions of your net-work, some of it part of the Internetwork Operating System (IOS) and therouters on which it runs—you can allow the kind of access you want to allow,and prevent unauthorized access It’s a technical challenge, and Cisco’s products

go a long way toward providing a solution

The capabilities of the Cisco SWAN products are pretty astounding Notonly will they allow you to cover a work area (office, factory, outdoor campus,whatever) with wireless LAN service, they’ll manage authentication seamlesslyeven when a user roams from the coverage area of one access point to that ofanother.The access points can monitor each other, determine when one oftheir number is no longer on the air, and “heal” the network by increasing thepower outputs of the active antennas.They’ll also tell the difference betweenlegitimate access points and rogues, and use triangulation to estimate the loca-tion of rogue APs—which the Wireless LAN Solution Engine (WLSE) canthen display graphically on a scanned floor plan SWAN is powerful.

Regardless of how powerful Cisco SWAN is, you have to cover the rest ofthe ground yourself, with knowledge and forethought A tool is only as good asthe person who wields it, and the quality of your Cisco wireless implementa-tion will be proportional to your level of knowledge about the relevant equip-ment and protocols.That’s where this book comes in It covers the whole range

of knowledge you need to design and deploy a good Cisco SWAN installation,from the basics of communicating data over radio waves to specific IOS com-mands to be used in implementing quality of service (QoS) for packet tele-phony and VLANs for compartmentalized access A lot of experts have workedhard to make this book the best on the market

I hope you enjoy this book, and that it’s useful in your work with CiscoSWAN Please visit my Web site (www.davidwall.com) or contact me by elec-tronic mail (david@davidwall.com) if you have any comments or ideas for thenext edition

—David Wall Sydney, Australia

Wired versus Wireless and Wireless-aware LANs

Solutions in this Chapter:

■ What is a Wireless LAN (WLAN)?

■ WLAN Benefits

■ WLAN Design Considerations

■ WLAN Modes of Operation

■ What is a Wireless-aware LAN?

■ Wireless-aware LAN Benefits

■ Wireless-aware Design Considerations

Chapter 1

1

Summary Solutions Fast Track Frequently Asked Questions

This chapter provides an introduction to wireless local area networks (WLANs)

It explains what a WLAN is and how it is different from both hard-wired andpurely wireless local area network (LAN) solutions.There is also an introduction

to the inherent security problems associated with wireless and wireless-awarenetworks as contrasted with their wired ancestors

This chapter also details what a WLAN is and how it should be designed Itcovers some of the pitfalls that you can run into when designing a WLAN.Thereare many factors that can affect a WLAN design, many of which are covered inthis chapter providing an excellent understanding of the best way to create asecure, reliable, and useful WLAN

What is a WLAN?

A WLAN is a LAN that uses radio waves as the physical medium In a traditionalwired LAN, individual network stations are linked via some type of physicalcabling.This cabling can vary from shielded copper wires to fiber-optic cables.Most office structures are wired throughout to facilitate networking using thismedium

The three main problems with physical cabling are cost, distance limitations,and mobility.The installation of any type of physical cabling requires a great deal

of effort and is therefore very expensive.The cost to wire an average sized officebuilding can be thousands of dollars In addition, there are physical limitations as

to the length of any given physical cabling scheme.These distances vary

depending on the type of cable used, but there is always a defined maximum tance that the signal can travel along the cable before it deteriorates.To send asignal any farther than this maximum distance requires additional hardware toboost the power of the signal Lastly, using physical cables becomes inconvenientwhen network users need to be mobile A good example is a sales representativethat must carry a laptop to different conference rooms to make presentationsusing data on the LAN Assuming that all of the conference rooms are wired intothe LAN, the sales representative would have to carry a cable to connect into anyconference room that they visit, find the appropriate wall jack, and connect intothe network

dis-With a WLAN, most of the physical cabling (such as Cat 5 for client desktopconnections) becomes unnecessary as you are now using radio waves to carryyour signal In a typical WLAN design, the only cables used are those necessary

to connect devices that do not support wireless networks As this technology

evolves, devices that support wireless networking are becoming more prevalent

and easier to find

How does a Wireless LAN Work?

The standards used for Wireless LAN (WLAN) communications are based on the

Institute of Electrical and Electronic Engineers (IEEE’s) 802.11 series.The

802.11 standards are responsible for defining the Physical and Media Access

Control (MAC) layers of operation in a WLAN.The primary standard used in

this chapter is 802.11b, which is an extension of the original 802.11 standard

802.11b’s primary objective defines the use of the 2.4 Gigahertz (GHz) band in

radio frequency (RF) for high-speed data communications 802.11b supports the

original 802.11 data rate of 2 Mbps up to 11 Mbps.There is also an 802.11g

standard that supports speeds up to 54 Mbps and also uses the 2.4 GHz

fre-quency band

The frames generated by a WLAN device differ in many ways from theframes generated by an Ethernet device WLANs are not physically connected by

cables like an Ethernet LAN is, so new fields in the frames must be created to

describe aspects of the WLAN.The following section examines a typical 802.3

Ethernet frame and compares it to an 802.11b frame

An 802.3 Ethernet frame is comprised of seven fields each with a specificfunction (Figure 1.1 illustrates an 802.3 Ethernet frame):

Figure 1.1 802.3 Frame Format

SOF=Start of Frame Delimiter 1 byte

DA = Destination Address 6 bytes

SA = Source Address 6 bytes

DU = Data Unit 46-1500 bytes FCS = Frame Check Sequence 4 bytes

S O F

■ Preamble The Preamble field is a 7-byte long alternating pattern of 0sand 1s that tells receiving devices that a new frame is arriving.

both an Ethernet and an IEEE 802.3 frame is a Start of Frame (SOF)Delimiter.This byte ends with two consecutive 1 bits, which serve tosynchronize the frame reception portions of all stations on the LAN

(DA) and Source Address (SA) fields are 2 or 6 bytes long and containthe MAC address of the source device on the network and the DA.The

DA may be a single MAC address in the case of a unicast, a broadcast toall nodes on the network, or a multicast to a group of nodes on the net-work

data following this field

is 46 to 1500 bytes long.This is where the data being encapsulated intothe frame is located (for example, a graphic in a Web page requested byyour system).This field will vary in length based on the data encapsu-lated

bytes long.The FCS is a cyclic redundancy check (CRC) that allows thereceiver of a frame to perform basic error control on the frame If aframe fails the CRC check, it is discarded and the upper layer protocol

is typically responsible for retransmission

An 802.11b frame (illustrated in Figure 1.2) is comprised of nine fields:

■ The first field in an 802.11b frame is the Frame Control (FC) field,which is 2 bytes long.The FC field contains the following 11 subfields,which are some of the prime differentiators in an 802.11b frame:

within the FC field and is 2 bits long.The default value for this field

is 0 with all other values being reserved

■ Type The Type field is 2 bits long and works in conjunction with the4-bit Subtype field to identify the function of the frame.The possiblecombinations and their descriptions are illustrated in Table 1.1

with the 2-bit Type field to identify the function of the frame.Thepossible combinations and their descriptions are illustrated in Table 1.1

sent by an associated station with an access point (AP) to signify thatthe frame is destined for the network behind the AP, such as a serverconnected to the same Ethernet network as the AP All other frameshave the To DS bit set to 0

frames exiting the DS All other frames have the From DS bit set to 0

Figure 1.2 802.11b Frame Format

A2

FC=Frame Control 2 bytes D/ID = Duration/ID 2 bytes A1 = Address 1 6 bytes A2 = Address 2 6 bytes A3 = Address 3 6 bytes

SC = Sequence Control 2 bytes A4 = Address 4 6 bytes

FB = Frame Body 0-2312 bytes FCS = Frame Check Sequence 4 bytes

FCS

■ More Fragments The More Fragments (MF) field is 1 bit long and

is set to 1 in all frames that contain another fragment of the currentMAC Service Data Unit (MSDU) or MAC Management ProtocolData Unit (MMPDU) All other frames have the MF bit set to 0

■ Retry The Retry field is 1 bit long and is set to 1 in all frames, data

or management, which are retransmissions of earlier frames Framesthat are not retransmissions of a previous frame are set to 0

■ Power Management The Power Management (PM) field is 1 bitlong and is used to indicate the power management mode of a sta-tion.The value is used to indicate the state that the station will be inafter the successful completion of the frame exchange sequence Avalue of 1 is used to indicate that the station will be in power-savemode, whereas 0 indicates that the station is in active mode

NOTE

The PM field in frames transmitted by a wireless AP will always be set to

0, indicating active mode It would not be desirable for an AP on your network to go into power-save mode.

■ More Data The More Data (MD) field is 1 bit long and used totell an associated station in power-save mode that one or moreframes are buffered for the station on the AP.The MD field is set to

0 for all other directed frames

■ WEP The WEP field is 1 bit long and is set to 1 if the frame bodycontains data that has been processed by the WEP algorithm Framesthat have not been processed by WEP have a WEP field value of 0

■ Order The Order field is 1 bit long and is set to 1 in any data

frame that contains data using the StrictlyOrdered service class All

other frames have a value of 0 in the Order field

Table 1.1 802.11 Type and Subtype Combinations in the FC Field

Type Subtype

indica-tion message (ATIM)

Continued

Table 1.1 802.11 Type and Subtype Combinations in the FC Field

Type Subtype

■ The basic service set identifier (BSSID) is the MAC address of theAP

■ The DA is the MAC address of the final recipient

■ The SA is the MAC address of the sending station on the WLAN

■ The receiver address (RA) is the MAC address of the intendedimmediate recipient station on the WLAN

■ The transmitter address (TA) is the MAC address of the sending tion on the WLAN

sta-■ The next field in an 802.11b frame is the Frame Body field, which is 0 to

2312 bytes long.The frame body is the payload, or data contained withinthe frame.This is where the data being encapsulated into the frame islocated (for example, the graphic in a Web page requested by yoursystem).This field will vary in length based on the data encapsulated

■ The final field in the 802.11b frame format is the FCS.

As you can see, there are a number of differences between Ethernet and802.11b frames.These differences are required to enable high-speed communica-

tions on a physical medium of radio waves rather than standard copper or fiber

media

WLAN Benefits

There are many obvious benefits to using a WLAN design, most of which hinge

around the problems with typical wired LANs Convenience is certainly a benefit

to using wireless communications With wireless, as long as you are in range of

an AP, you have a connection to the network.This is a tremendous advantage to

mobile sales forces, personnel performing physical inventories of a warehouse, or

IT professionals who may need to get access to data from anywhere in a

building Using wireless technology makes it easy and effective to let people

physically go wherever they need to go and still be able to access any data that

they need from the network

Another benefit to using a WLAN is that cable distance limitations becomeless of an issue.There are many situations where the distance between the net-

work link and the end user is such that the signal strength is degraded by the

time the cable has been routed up walls, through floors, and around permanent

objects Wireless communications negate this by doing direct “line-of-sight”

con-nections to a system.The signal strength from a wireless AP or network card is

typically between 150 to 300 feet indoors (depending on the design and

struc-ture of the building) and up to 1000 feet outdoors Obviously, the 1000-foot

outdoor range outdistances the maximum unshielded twisted pair (UTP) cable

length of 328 feet In addition, a wireless signal can be boosted by using more

than one AP or by using a wireless relay to extend the range even farther Figure

1.3 shows an example of a wireless network design with an additional AP

When the total cost of the elements of a traditional wired LAN such asswitches, cables, cable racks, routers, and implementation time are added up, theprice can be very high A small office network for ten workstations and a couple

of servers can cost thousands of dollars just in wiring and networking equipment.When setting up a WLAN, most of the costs associated with a traditional net-work are negated by the simple fact that not as many cables are used and not asmuch equipment is needed to support the LAN For a good example, take a look

at the designs shown in Figure 1.4

Figure 1.3 Wireless Network with Additional AP

User5

Server1

Server2 User6 User7 User8

Wireless Access Point

STRTMODEDUPLX44-Port Switch User1 User2 User3 User4

Wireless Access Point

In Figure 1.4, there are two LAN designs—one for a wired LAN and one for

a WLAN In the wired LAN design, a 12-port switch is required due to the

number of connections to workstations and servers In addition, Cat-5 cabling

must be laid in the building to support these systems All systems must also have

network interface cards (NICs).This design is pretty typical for an average small

office

A more cost-effective solution is shown in the second design.This design isconsidered a hybrid WLAN as it contains elements of both wireless and wired

networking.The workstations use wireless communications to connect to the

network; however, the servers are using traditional wiring into a switch A 4-port

switch could be used rather than a 12-port to save on cost.The only wiring

nec-essary is used to connect the servers to the switch.The servers would require

standard NICs and the workstations would require wireless NICs.The only

addi-tional requirement is the wireless AP.The savings are in the cost of networking

hardware, wiring, and maintenance For example, if the office was to be

rear-ranged and the systems moved, there would be no additional wiring changes

Figure 1.4 Wired vs WLAN Designs

Typical Office Wired LAN

User1

User2 User3 User4 User5 User6 User7 User8

Typical Office Wireless LAN

User1

User2 User3 User4 User5 User6 User7 User8

Wireless Access Point 12-Port Switch

4-Port Switch

necessary.The systems would simply connect to the wireless network regardless

of their physical location

WLAN Design Considerations

In order to create a design for a wireless system, you must consider commonWLAN transmission and reception impairments such as attenuation, RF interfer-ence, and application and structural considerations Many environmental factorscan also affect your WLAN design.This section explains various common types

of impairments and considerations that you may face in your wireless design andtesting efforts

Designing & Planning…

Indoor vs Outdoor Implementation

A lot of the issues covered here as WLAN design considerations are based

on factors that can occur both indoors and outdoors However, as a eral rule, if you are looking at implementing a WLAN in a building that has been built within the last ten years and does not have any special struc- tural considerations (i.e concrete shielding for radiation labs), then imple- menting a WLAN should be pretty straight forward There are a lot of additional factors when extending a WLAN over long distances outdoors, but in a standard office implementation these are usually not an issue.

gen-Attenuation

Attenuation is the decrease in strength of a radio wave between a transmitter and

a receiver; the strength decreases as the distance from the antenna increases It can

be caused by natural conductivity or by resistance of all sorts of physical matter,but the greatest resistor to radio waves is the Earth Radiated energy from theEarth and interference from trees and buildings will cause attenuation of a signal’sground waves, just as radiated energy and interference from water and dust parti-cles in the atmosphere will affect a signal’s sky waves.You must plan your designand equipment use based on affecting ground and sky wave propagation such astransmitter height, distance between transmitters, and solar radiation factors

Attenuation Due to Antenna Cabling

Loss due to antenna cable length must always be considered when designing a

wireless system Cisco cabling produces 6.7 decibels (dBi, also referred to as dB)

of loss per 100 feet of cabling.The reason for this is that the radio wave actually

starts at the radio device.The radiated energy traveling through the cabling from

the radio device to the antenna induces a voltage in the cabling, decreasing the

strength of the wave as the distance from the radio device to the antenna

becomes greater

Attenuation Due to Exterior Considerations

If you plan on coverage outdoors that is point-to-point or point-to-multipoint,

you will need to pay particular attention to considerations that are

distance-related For example, Earth bulge will come into play only if you are

imple-menting a point-to-point or point-to-multipoint WLAN, whereas weather is a

consideration for any outdoor implementation

All matter produces attenuation (loss) to some degree Because weather canproduce rain, snow, or fog, all of which are matter, weather must be considered in

a WLAN design

Researching any unusual weather conditions that are common to the sitelocation is important.These conditions can include excessive amounts of rain or

fog, wind velocity, or extreme temperature ranges If extreme conditions exist

that may affect the integrity of the radio link, you should take these conditions

into consideration early in the planning process

Rain, Snow, and Fog

Except in extreme conditions, attenuation (weakening of the signal) due to rain

does not require serious consideration for frequencies up to the range of 6 or 8

GHz When microwave frequencies are at 11 or 12 GHz or above, attenuation

due to rain becomes much more of a concern, especially in areas where rainfall is

of high density and long duration

The attenuation rate for snow is generally higher, due in large part to the size

of the particles of snow or for that matter rain and fog as well, in compared to

the wavelength of the signal For example, a 2.4 GHz signal will have a

wave-length of approximately 125 millimeters, or 4.9 inches A 23 GHz signal will

have a wavelength of approximately 0.5 inches A raindrop approaches 0.25 of an

inch At 2.4 GHz, heavy rain or snow should not have much of an impact on the