2011_MTSC_IW

Document Sample
2011_MTSC_IW Powered By Docstoc
					2011 MTSC IW Presentation
2011 MTSC IW Presentation

 What’s new this year?
 Turbo Roaming with security
 Higher Throughput with IEEE 802.11n
 VPN and GuaranLink for the OnCell
 Wifi Antenna Installation
 FAQ




                    Confidential
What’s New This Year?

   IW 2010 Product Overview




           Confidential
The AWK series

 AWK-3131/4131
  • New 802.11n standard

 Wireless Controller WAC-1001
  • 50 ms turbo roaming with security




                       Confidential
The OnCell Series

 VPN implementation
  • VPN Client on OnCell 5004 series and OnCell G3100
    series.

 GuarenLink
  • Solution to any disconnection issue caused by the ISP.




                        Confidential
Turbo Roaming with Security

    50 ms roaming with WPA/WPA2




              Confidential
The Evolution of Roaming

 500 ms without security
  • AWK-3121/4121
 100 ms without security
  • AWK-3121/4121/5222/6222
 50 ms with WPA/WPA2 security
  • AWK-3121/4121/5222/6222




                    Confidential
50 ms Roaming

 Wireless controller makes decision to roam.
 Roaming decision based on Client’s RSSI as
  seen from the AP.
 Capability to setup roaming domain
Test Setup Network Diagram




              Confidential
Confidential
Confidential
Confidential
Confidential
Confidential
Confidential
Higher Throughput

    IEEE 802.11n




      Confidential
802.11n History

 802.11b/a  1999


 802.11g  2003


 802.11n-draft  2007


 802.11n- official release  2009



                     Confidential
802.11 a/b/g/n Spec




        Confidential
          What’s MIMO?


1. What’s MIMO?
2. MIMO Type
3. 802.11n Data Rate
4. How to get HT data rate?
5. What’s special about 802.11n?



                  Confidential
MIMO Type

  MIMO




  SIMO




  MISO




  SISO



            Confidential
802.11n data rate




               Confidential
How to provide HT data rate?

 For Example

802.11n 2 x 2   HT40                 --   Max rate=300Mbps

802.11a/g Bandwidth 20MHz            --   Max rate=54Mbps

Add Bandwidth from 20MHz to 40MHz --54Mbps x 2 = 108Mbps

Add Antenna from 1 to 2                  --108Mbps x2 = 216Mbps



      216Mbps < Max Rate
          300Mbps
                          Confidential
HT20 for Single Antenna Data Rate




 HT20 Add Sub-Carrier Number From 48 to 52

802.11g Max Data rate 54 Mbps
54 ÷ 48 = 1.125Mbps per Sub-carrier
1.125Mbps x 52 = 58.5Mbps--- >add 8.333% for 802.11n

 Enhancement Coding Rate From 3/4 to 5/6

Coding rate from ¾ to 5/6,Can be get 65Mbps

 Reduce Guard Interval From 800ns to 400ns

Short Guard interval add data rate from 65Mbps to 72.2Mbps

                            Confidential
 HT40 for Single Antenna Data Rate

 HT40 add Sub-Carrier Number From 52 to 108

Add Bandwidth from HT20 to HT40 ---     150Mbps




802.11n 2 x 2 = 150Mbps x 2 = 300 Mbps
802.11n 3 x 3 = 150Mbps x 3 = 450 Mbps
802.11n 4 x 4 = 150Mbps x 4 = 600 Mbps




                         Confidential
What’s different about 802.11n ?

 SDM
 Beam-forming
 Diversity
 Short Guard Interval
 40MHz Channel Bandwidth
 Greenfield and Mixed mode
 Frame Aggregation



                    Confidential
  Space Division Multiplexing (SDM)




   The technique of transmitting data via parallel channels over multiple
antennas to create different data paths is called space division multiplexing.


                                Confidential
Beam-Forming




Beamforming can improve the throughput when further away form the
            AP, but cannot increase the coverage area


                            Confidential
Antenna Diversity




   Use multiple antennas to improve coverage area and
                        reliability


                         Confidential
Short Guard Interval




   Shortening the guard interval can improve throughput, but
         intersymbol interference will degrade the SNR

                         Confidential
40MHz Channel Bandwidth




  An increase of bandwidth from 20MHz to 40MHz can double the
 data rate but will reduce the available channels for other devices.



                           Confidential
Greenfield and Mixed mode




Greenfield is for all 802.11n compatible devices. Mixed mode is when
                 802.11a/b/g devices are also present.



                              Confidential
Frame Aggregation




   Data can be combined into larger frames to save header
                        overhead.


                         Confidential
Wifi Antenna Installation




         Confidential
The Omni-Directional Antenna




              Confidential
The Directional Antenna




               Confidential
Basic Antenna Spec Example

 Technical information
  • Frequency:2400 - 2500MHz
  • Gain:12 dBi
  • Polarization:Vertical
  • Beamwidth deg vertical & horizontal:
    Horz.360°Vert.7°
  • VSWR:≦1.5:1
  • Impedance:50 Ohm
 Dimensions
  • Length:H1500㎜
  • Weight:850 g
  • Connector:N-type / female

                     Confidential
Antenna Gain Comparison

 Higher gain means stronger (both) sent and
  received signals; check the relevant
  regulations in your country


            Antenna Type           Gain Range
            Omni Antenna            2~12dBi
        Semi-Directive Antenna      5~18dBi
          High Gain Antenna         20~40dBi


                    Confidential
Deployment Consideration

 Matching polarity on both sides
 Power Budget – Enough Gain? Low loss?
 Free space loss – is the distance achievable?
 Site Survey – Use Network Stumbler
 Antenna height
 Antenna alignment (pointing direction)
  • Jperf or Chariot is useful!
  • Use GPS and compass for tuning angle
  • Check RSSI, bit rate, noise level, throughput…


                        Confidential
Antenna Polarity

  Polarity must match (vertical or horizontal)




                    Confidential
       Power Budget

                               + Antenna Gain                    + Antenna Gain

                                              - Path Loss over link
RF Cable                         Antenna      distance                 Antenna                        RF Cable



                               - LOSS                       - LOSS
                               Cable/connectors             Cable/connectors
        Lightning Protector                                                       Lightning Protector


           pigtail cable                                                              pigtail cable


  AP                       + Transmit Power                                                             Client


                           RSL (receive signal level) > sensitivity + Fade Margin                WP II
       WP II


                                                  Confidential
New OnCell Features

    VPN & GuaranLink




        Confidential
     Basic IPSec Operation
   Step 1: Interesting traffic initiates IPsec. What this means in practical terms: it takes some interesting traffic to get the
    router to try to do IPsec. This is good, since you don't want idle routers maintaining a Security Association (SA) -- that
    takes work!
   Step 2: IKE Phase 1: set up IKE SA. For routers to get started doing IPsec, they first need to negotiate and agree on
    how to do IKE. There are several choices, and they have to agree on something or Step 2 fails. This roughly
    corresponds to agreeing as to how securely the devices are going to be, about how they exchange keys. Part of IKE is
    mutual authentication, and there are several choices for this: pre-shared key, encrypted RSA nonces, RSA or DSS
    signatures, Certificate Authority (CA). For now, please content yourself with recognizing that these names all represent
    authentication techniques, in order of increasing security.
   Step 3: IKE Phase 2: set up IPsec SA. Once the IPsec devices form the IKE SA, they negotiate an IPsec SA. As we'll
    see (below), there are several IPsec choices the devices need to agree upon. And while they're at it, they also need to
    come up with a shared DES or 3DES key.
   Step 4: Data transfer. Once all this work is done, data can flow. Interesting traffic matching the access list (Step 1) gets
    encrypted. By the way, the access list also tells the router what traffic to decrypt. The best thing to do is to be precise
    about which hosts or subnets are on each end (senders and receivers). If you don't know which subnets are where, this
    is rather hopeless. If you have a well-thought out addressing scheme and network design, particularly one using
    summarizable blocks of subnets for routing, then you'll find the access list much, much easier to write! Another tip: since
    encryption should be thought of as costly, not encrypting traffic that doesn't require encryption is a Best Practice.
   Step 5: IPsec terminates. IPsec terminates because of SA lifetime timeout, or because the SA lifetime packet byte
    counter was exceeded. The idea here is that if your TCP connection is done, there's no point to maintaining IPsec state.
    Lifetime and packet byte count matter because all codes can be cracked, the key question is how long it takes to crack
    them. Expiring the IPsec SA after an amount of time forces the formation of a new IPsec SA, hence a new key. Expiring
    early renders the encryption less likely to be cracked, but also means the IPsec device will need to re-key more often:
    more work. The more coded text you have, the faster you can crack the key. So rekeying after a certain number of bytes
    have been sent is desirable. Note that a new SA is negotiated before the old one expires, to make sure it is available
    when needed.

     Source: IPSec Simplified (http://www.netcraftsmen.net/resources/archived-articles/446-ipsec-simplified.html)
                                                       Confidential
OnCell VPN Specifications

 OnCell initiates VPN connection to VPN Server
 Site-to-Site topology
 IPsec VPN tunnel
  • Manual Key/ESP, IKE/PSK
  • DES/3DES/AES128/AES192/AES256 encryption
  • MD5/SHA1 authentication
 IPsec NAT traversal, Anti-Replay, and PFS
  (Perfect Forwarding Secrecy).




                     Confidential
Network Topology



    LAN 1                                                             LAN 2
   192.168.127.0/24                                                  192.168.0.0/24




                Static WAN IP

                                    Internet
                                                   60.251.94.119
                                                                   VPN Gateway
                                                                   Router: D-link DIR-130
 OnCell G3110-HSDPA

                                IPSec VPN Tunnel



                                  Confidential
D-link router settings


                                 D-link’s Local subnet
                                                   OnCell’s WAN IP
                               OnCell’s Local subnet
                                     Passcode




                Confidential
D-link router settings




                Confidential
                      IKE mode

                      D-link’s WAN IP
                     D-link’s local subnet


                     OnCell local subnet



               Passcode


                  Use OnCell’s WAN IP for identification


                  IKE main mode

               DEC, 3DES, AES
               MD5, SHA-1
                      Group 1, 2, 5




Confidential        Protection against duplicate packets
                    Send keep alive packets
               VPN established!




Confidential
Why need GuaranLink?

 Possible causes for cellular disconnection
  • Unable to register to GSM
     •   Scan and find no base station
     •   Wrong GSM frequency band selection
     •   Wrong PIN code
     •   Base station forces disconnect
  • Unable to connect to GPRS/UMTS/HSDPA
     •   Wrong APN
     •   Base station periodically forces disconnect
     •   Authentication error
     •   Weak signal level



                          Confidential
Three ways to check cellular
connection
 ISP initial connection check
  •   Check if OnCell is registered to GSM network (check
      PPP connection), then reboot OnCell
      •   Set PPP retry count (per 3min)
      •   Set network registration timeout (10~600min)
 Cellular connection alive check
  •   Check if there is any data flow, if not, check if
      connection is alive then reconnect to GPRS
      •   Set cellular connection alive check interval
          (1~600min)
      •   Set cellular connection alive check retry count
          (1~5/15sec)


                          Confidential
Three ways to check cellular
connection
 Packet-level connection check
  • Periodically ping remote host to check if the connection
    is still alive or not, then reconnect to GPRS.
     • Set Packet-level connection check interval (1~600min)
     • Set Packet-level connection check retry count (1~5/15
       sec)




                        Confidential
When to use GuarenLink

 ISP initial connection check
  • If sometimes OnCell cannot connect to GSM after boot
    up.
  • Introduces no additional data traffic

 Cellular connection check
  • If sometimes after OnCell is idle for a while, the GPRS
    connection is dropped by ISP.
  • Introduces ping traffic when DNS check fails

 Packet-level connection check
  • If ISP disconnects the OnCell at random times.
  • Introduces ping traffic periodically


                        Confidential
Frequent Asked Questions

  Common questions from TS cases




             Confidential
Question #1

 Can I connect two directional antennas to the
  AWK-3121/4121?




                    Confidential
Question #2

 I’m not seeing 5 bars of LED on the AWK-3121
  at only 20 meters distance, why is this?
Question #3

 How long can my RF cable be?
Question #4

 Does AWK-3121/4121 have the capability to
  transmit and receive signals on both antennas?
  What is antenna diversity?
Question #5

 Why is the max throughput only about ½ of the
  data rate?
Question #6

 Why is the throughput lower when sending
  multicast data?
Confidential

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:5
posted:8/3/2011
language:English
pages:61