by David Veneski
Examining the potential for high-speed, mobile connections anywhere across the LAN.
Businesses and consumers have grown excited about 802.11n wireless local area network (WLAN) technology—a set of draft standard specifications from the Institute of Electrical and Electronics Engineers (IEEE; www.ieee.org) used for designing products that deliver wireless networking data rates four to six times faster than current 802.11a/g networks.
This new wireless technology also promises much greater range than previous-generation versions. The protocol achieves transmission enhancements by combining several radio-frequency (RF) and networking techniques—using multiple transmit and receiveantennas, spatial multiplexing, channel-bonded 40-MHz operation, and frame aggregation.
The combined traffic from multiple wireless clients using 802.11n will require cable links capable of supporting gigabit speeds.
Early 802.11n products typically deliver peak data-connect rates of 300 Mbits/sec and at least 100 Mbits/sec ofactual throughput. This opens the possibility of all-wireless LAN access networks, in which users are truly mobile and have no permanent wired connection. Such networks are likely to emerge in organizations withhighly mobile users and that run bandwidth-intensive streaming and interactive multimedia applications.
Though the final IEEE 802.11n standard will not be formally ratified until year-end 2009, many consumer- and enterprise-class products are available as "pre-standard" devices. These products comply with Draft 2.0 of the emerging standard, and vendors are banking on that specification not changing significantly. The 802.11nstandard may change before it is finalized, but hardware vendors will resist modifications that make shipping products difficult to upgrade. Right or wrong, this is stabilizing 802.11n and diminishing the risk of deploying it.
11n's value and risk
Why will network owners adopt 802.11n? The first reason is speed. At the data rates mentioned above, 802.11n is about four times the speed of 802.11g wireless. And if higher data rates are achieved—802.11n has an upper limit of 600 Mbits/sec—so much the better.
Another reason to adopt 802.11n is better coverage. 802.11n access points (APs) offer greater range andpromise to reduce the number and size of dead zones. This translates to better aggregate coverage andsimpler management.
Finally, 802.11n highlights two advantagesinherent to all WLANs—flexibility and cost. If users roam to change work areas frequently, then it is easiest to supportthem with a WLAN. Equally compelling is cost. The price of copper has doubled since early 2005 and tripled since early 2004, and is reflected in the cost of twisted-pair cable.
But for all these benefits, 802.11n is not a cure-all. As with any new technology, opportunity is accompanied by new challenges. Among the pitfalls that might arise in early deployments are:
- The capacity of existing wired LANs must be sufficient to support aggregate 802.l1n traffic volumes;
- Placement of APs and other RF management considerations will change, requiring adjustments for increased power output, multipath signal propagation, and "smart" antenna designs;
- Some 802.11n APs require greater power than what today's standard Power over Ethernet (PoE) equipment supplies to operate at maximum potential;
- New security considerations come into play, associated with 802.11n's extended coverage range and new frame formats.
Impact on the wired world
802.11n hyperbole and rapid technology change have created confusion about 802.11n data rates. A clearer understanding of the facts is needed:
While the IEEE 802.11n standard stipulates a top data rate of 600 Mbits/sec, most vendors claim data rates between200 and 300 Mbits/sec. More skeptical observers believe that 100 Mbits/sec is a more reasonable expectation for the maximum data rate, and that average rates will be less. The reason is that many 802.11n networks will use the 2.4-GHz band for 802.11b/g compatibility. When this is the case, the 802.11n AP downshifts to slower data rates that are compatible withlegacy wireless clients.
Wireless access points (WAP) often use Power over Ethernet. To gain the most performance from 802.11n access points, power levels over network cabling will increase to 30 watts.
Even though the foreseeable future offers speeds in the range of 100 to 200 Mbits/sec, a network planner might shiver at the magnitude of the potential traffic being added to an existing LAN. 802.11n uses multiple transmitting and receiving antennas working in parallel, called multiple input, multiple output, or MIMO. The phrase "N x N" is used to describe the number of antennas at each end of the 802.11n transmission. The minimum configuration required by the emerging IEEE standard is 2 x 2—two transmitting and two receiving antennas operating concurrently.
If documentation is not available for cable links supporting 802.11n, the recommended approach is to test and document the links.
A 2 x 2 MIMO can overload existing infrastructure. Many enterprises have 10/100-Mbit/sec switches installed in their wiring rooms. They have been adequate to aggregate traffic from 802.11a/b/g networks, which support actual through-put of up to about 22 Mbits/sec; however, aggregatingtraffic from dual-radio APs that support about 200 Mbits/secper client (100 Mbits/sec per radio) requires faster upstream connections so as not to create a performance bottleneck. In fact, many 802.11n APs support 1-Gbit/sec wired uplinks.As the 802.11n network begins to crank at fullcapacity, 10/100-Mbit/sec switches will likely need an upgrade to 1-Gbit/sec speeds.
Cable is also a "must" consideration. The Category 5 cabling standard predates the IEEE 1000Base-T standard, so Category 5 was not defined to support 1 Gbit Ethernet. But before retiring it and investing in new cabling, a certification test for compliance to TIA Telecommunications Systems Bulletin TSB-95, or to the Category 5e standard, will indicate whether 1-Gbit support is possible. Many quality Category 5 links will pass certification tests to TSB-95 or even the TIA/EIA-568-B Category 5e performance level.The latter assures a better performancethat translates to better margins for 1000Base-T support. If the installed links pass either of these performance levels, they will support 802.11n APs.
Newer Category 5e and 6 cabling systems should easily support the backhaul demands of an 802.11n network. If thenetwork owner has documentation that the twisted-pair copper was certified to Category 5e, 6, or even 6A, the network is suitable for 802.11n APs. If documentation does not exist, testing is the recommended solution.
Access point and RF management
The extended range offered by 802.11n brings the possibility of fewer APs being required to effectively cover a given area. This is fortunate, given that new 802.11n APs are currently about 2 to 3 times the price of 802.11 a/b/g APs. (Most are in the $1,300 range.) Ultimately, the number anddeployment of 802.11n APs should follow the recommendations of the manufacturer and requirements of the applications that will run on the network.
The current generation of WLAN simulation and site survey tools can be valuable in both planning and managing the placement of 802.11n APs. The point of a site survey is to figure out how many APs to install and where to place them to provide a minimum throughput rate with adequate coverage throughout the building. Extremely sophisticated tools are emerging that allow enterprises to perform site surveys electronically by feeding application information about the layout of the building and its construction materials, and then programming in the desired coverage, minimum data rate, and received signal strength information (RSSI). Note, though, that it is not uncommon that there might be environmental conditions unaccounted for in the building's blueprints that require an occasional visit to a physical site.
Unlike its predecessors, 802.11n relies on multipath—the combination of an original transmitted signal plus duplicates created from reflection off obstacles during transmission—to enhance performance. The effects of multipath,however, will change the optimum layout of APs.
And what about making use of both the 2.4-and 5-GHz bands? Using both while transitioning from earlier WLAN can mitigate the performance impact of legacy 802.11 networks on the 802.11n infrastructure. One option is to run 802.11n traffic and 802.11b/g traffic in different bands. Most vendors sell dual-radio APs with one 2.4-GHz radio and one 5-GHz radio. Assigning all 802.11n traffic to the 5-GHz channel and 802.11b/g traffic to the 2.4-GHz channels (the only spectrum in which 11b and g operate) helps maximize the 11n infrastructure's performance while continuing to serve 802.11b/g clients as usual.
In installations with 802.11a clients, which run in the 5-GHz band, the 11aclients will communicate with 11n APs at 11a speeds, or 54 Mbits/sec. But again,this impacts the speed of 11n clients.
Deriving maximum performance from some 802.11n systems requires upgrading the existing power infrastructure. Today's IEEE standard for delivering Power over Ethernet (PoE) cabling—802.3af—specifies power output of 15.4 watts, sustainable at 12.95 watts over 100 meters. Some 802.11n APs, however, require greater wattage to run both 2.4-GHz and 5-GHzradios for maximum performance. The IEEE is working on a 30-watt upgrade to PoE, called 802.3at, which might be ratified as early as next year.
In the meantime, here are some options. You can install APs with a single 802.11n radio in them, since single-radio devices are likely to operate within the power budget, and forfeit some capacity. Enterprises seeking a dual-radio implementation, with 802.11n capabilities in both the 2.4- and 5-GHz bands, should be sure to investigate the vendors claiming they can "do it all" with an 803.2af power infrastructure. Somemay automatically disable some AP services, require two ports on a PoE switch and/or two cables, or sacrifice range to stay within the power budget and maintain performance. These tradeoffs might be perfectly acceptable, as long as the enterprise is aware that it is making them.
Another option is to use a power injector compatible with pre-standard 802.3at specifications, becoming available by a number of sources. Local powering of an 802.11n AP is an option, too, if a power source is available.
802.11n systems require the use of industry-standard 802.11i security authentication and encryption. As such, the systems can be deemed inherently more secure than their predecessors, some of which used weak encryption methods, such as Wired Equivalent Privacy (WEP), or even no security at all. Still,there are new risks of which users should be aware.
802.11n is capable of transmitting twice the distance of earlier WLANs. This means its tendency to leak RF signals outside a building is potentially greater. If 802.11i is accurately deployed and the internal wired network is properly secured, leaked signals shouldn't be a problem. But if even one AP has been misconfigured, it could be vulnerable to outside rogue devices operating in promiscuous mode that can passively listen to all network packets passing by—regardless of destination address. This is a greater threat when signals travel outside the corporate perimeter where hackers might go undetected.
Users of promiscuous devices can gathersensitive information, such as user credentials or credit-card information, if the data hasn't been properly encrypted. The listening WLAN devices do this without emitting any signal of their own, so they are undetectable to wireless intrusion detection/prevention systems (WIPS). This is why regular audits that checksecurity configurations are important.
Driver vulnerabilities make a system open to administrative access by a hacker,and the WLAN industry's rush to get 802.11n technology to market has resulted in some vulnerable code. Tools are becoming available, however, that use a database of known wireless vulnerabilities to assess the versions of installed drivers and identify systems and specific drivers that are at risk to wireless driver exploit tactics.
Finally, IEEE 802.11n introduces a mechanism to acknowledge a block of packets, instead of individual packets, identified by a beginning and ending sequence identi-fier to improve network efficiency. At the time of this writing, the block ACK mechanism is not protected; an attacker can spoof one of these messages and create an enormous window within which frames can be sent with no ACK. In this way, they could potentially create an 802.11n denial-of-service (DoS) attack.
802.11n offers many advantages for the wireless portion of enterprise networks. Before those advantages can be realized, however, the wired infrastructure needs comprehensive evaluation. 802.11n APs might require new cabling; some or all of the existing infrastructure may require upgrading to support this new wireless technology. When in doubt, test it.
Access-point placement, RF management, power consumption, and security assessments also change with 802.11n. All these new challenges have solutions, and the promise of a high-speed wide-range all-wireless network is here for system integrators, installers, and network owners who are ready to work with this new technology.
DAVID VENESKI is marketing manager for Fluke Networks' copper and fiber certification products (www.flukenetworks.com).