Clear To Send: Wireless Network Engineering

A new release that has both of us excited is the VenVolt 2 from Ventev. We do quite a number of AP-on-a-Stick surveys that require a portable battery pack for an access point. The previous VenVolt provided a lot of runtime when it came to the battery. But the unit itself was rather large and heavy. The latest version, VenVolt 2, comes with a lot of welcomed updates. First off, it has a USB type C input and output (60W). So not only can you utilize an existing cable you might have, but you can also charge any other USB-C devices out of this port. For example, charging your Macbook Pro won’t be a problem with the VenVolt 2. The battery itself is 26,400mAh / 98Wh Lithium Polymer battery. This battery can provide quite the power for an extended amount of time. The PoE ports onboard can provide 802.3af/at/bt. Pretty much covers nearly all access points out there. The VenVolt 2 can even power two PoE devices at once! When it comes to charging the VenVolt 2, it will take approximately 3 hours to full charge. With that full charge, you can expect 7 hours and 43 minutes battery life when a Cisco 9120 (EWC) is connected running at full power. For a Cisco 3802e running mobility express, it will run for 5 hours and 54 minutes at full power. The VenVolt 2 is absolutely portable. It fits right into a backpack and has a USB port so you can charge your mobile devices while you’re on the go. Just check out the MFD6 video for yourself.

At MFD6, Mist has released their framework for how to design Wi-Fi networks. There are many videos to go through with supporting content. Many more videos are in the works. The Wi-Fi design framework was developed by Peter Mackenzie. There’s a lot of great information on the site and they make it entertaining with characters such as Misty (the Mist personality) and Stanley (the old way of doing Wi-Fi personality). A great presentation of how anyone can manage personal pre-shared keys using the Mist API was done by Thomas Munzer. He built a solution that can be self-service and managed. Additionally, the pre-shared keys can be used to identify devices. This could help solve the MAC randomization problem. By automating the personal pre-shared key, one can use it to secure IoT devices without provisioning a dedicated SSID! There’s even a way to build lifecycle management of the pre-shared keys. Use the API to create and distribute the personal pre-shared key through a portal and also allow the user to manage their own pre-shared keys.

Arista Networks rejoins Mobility Field Day and in this episode we’re discussing Arista’s cloud solution and the openness. The solid cloud solution presented by Arista comes with their own Autonomous Artificial Intelligence named Ava. The AI has a lot of data at her disposal. It’s an impressive amount of data stored in the cloud giving Arista a lot to work with. From the presentation, we can see they go deep into the analysis of potential issues, providing a network operator the tools to analyze 802.11 frames. But of course, we must go a step further and take action on those issues with remediation recommendations. It’s good to see the curtain pulled. This level of thought is useful for any engineer. We can see how Ava thinks. There’s a lot involved with troubleshooting Wi-Fi Arista is still working on making Wi-Fi infrastructure open. What does that mean? There’s an API available to integrate with other systems. It’s possible to use white box access points with Arista’s solution. Possibly integrate other vendors too, if they participate. This is where OpenConfig with gNMI is used to ingest data from other vendors.

Aruba Central is the future of Aruba Networks. The vision of cloud being a central platform is taking shape with the addition of services beyond AP management: * Edge Services Platform* AI Insights* AI Ops* Remote Troubleshooting Over the last few years, Aruba Networks has improved Aruba Central significantly as it becomes a huge part of any Aruba installation. The focus on AI Insights provides network operators an improved view of their network, helping them identify root causes quickly. Edge Services Platform makes it easy for organizations to adopt Aruba Networks without requiring big capital expenditures. Instead, an organization pays for a monthly cost for everything, including hardware. This creates a seamless experience for users. The new Wi-Fi 6E AP from Aruba Networks is the AP630 Series, the first enterprise Wi-Fi 6E to market. It’s a mid-market AP with three 2×2:2 radios (2.4 GHz, 5 GHz, and 6 GHz. In the future we will probably see 4×4:4 APs. The AP630 will be certified in the United States first. An interesting discussion about the hardware are the filters. Inside of the AP630 are Ultra Tri-Band filtering (UTB) which is required to be able to use high 5 GHz on the same AP. Listen to the episode to hear more about UTB.

You are probably burned out. This pandemic had some of us working in overdrive to connect users, COVID clinics, remote users, and more. So how do we, as IT professionals, tackle mental health and burnout? We’re working to capacity and often more than 8-10 hours a day. Morning, day, and night we’re working. In between numerous meetings we are doing a lot of troubleshooting and spending lots of brain power. It can be draining. It can be difficult to disconnect. Burnout can happen even if you love what you do. Maybe you love it too much and next thing you know, you’ve been at it for hours without a break. If you leave your mental health unchecked, you could have reduced patience and be struggling to focus or concentrate or your decision making is compromised. In this episode, we’re discussing our experience with burnout and stress. We talk about some of the things we do to maintain our mental health such as saying no to new projects and learning to set boundaries (protecting your calendar). Maybe tasks need to be delegated to someone else. Sometimes exercise helps relieve that stress and gets your body moving. Many times, meditation does the trick with some simple breathing exercises. Getting exposure to sunlight and spending time in nature can flip that switch in your brain. Taking it a step further, a vacation can really do wonders. I know you have plenty of vacation time! Time to use it. Join us in this discussion and let us know what are some of your tips to maintain your mental health and curb burnout in the comments below. Resources: * Books: Do the work from Dr Nicole LePera* Blogs: https://networkingnerd.net/2021/04/23/racing-on-the-edge-of-burnout/* Podcast on optimizing sleeping: https://tim.blog/2021/07/06/andrew-huberman/* Tools: 21 days meditation from Deepak: https://chopracentermeditation.com/login* https://www.linkedin.com/posts/angiemcquillincoaching_selfdevelopment-burnout-selfcare-ugcPost-6818075657973592065-Ba3m* The 23.5h day: https://www.youtube.com/watch?v=aUaInS6HIGo* High Performance Habits

We welcome Brian White, Director of Systems Engineering at Celona. He handles customer deployments and interactions and provides initial education consulting of the product with the customers. One of the primary reasons for using private cellular is the promise of reliable mobility. It lends itself to specific use cases. We’ve had Celona on the show previously. You can find those episodes below: * CTS 245* CTS 232 When it comes to Private LTE, we have to stop thinking about traditional cellular and change our mindset into thinking of it as an alternative wireless data network that uses different protocols to accomplish similar functions. Certain conditions and environments shine for Private LTE where it’s challenging for Wi-Fi. Some of the possible use cases are: * AGVs* Forklift operations* Healthcare Private LTE will provide a regimented scheduling for communication leading to improved roaming/handover methods. Cellular infrastructure controls the handover compared to Wi-Fi, where the client device controls roaming. Predictability is key and can be achieved. QoS can be enforced, even under a network load. Do you need a device that supports SIM? The SIM is just the chip that holds the authentication credentials which can be moved from device to device. Cellular will now have eSIM (embedded SIM) where the network credentials are electronic, stored on the device. eSIM will grow in popularity due to simplicity in onboarding. What about device support? How do you approach it?Private Cellular devices in two buckets: native support for the frequencies or devices that allow other networking technologies to be the connectivity method. For example, using private LTE as a backhaul. Vendors such as Cradlepoint have handled similar use cases. Is it difficult to deploy private LTE and does it come with a high learning curve? Not very much if you look into using the solutions from Celona. Much of the complexity is abstracted and made as simple as possible for the network operator. Listen in on the rest of the episode to find out how Private LTE can be used on your network infrastructure. Here are some resources:– Celona website; https://www.celona.io/– Celona APs: https://www.celona.io/access-points– Celona setup demo: https://www.cleartosend.net/celona-edge-architecture-live-demo/– CBRS capable devices: https://docs.celona.io/en/articles/3484781-cbrs-capable-devices-in-the-market– Celona documentation (deployment guides, best practices…): https://docs.celona.io/en/

In this week’s episode we are talking about what has been happening in the Wi-Fi world in the past couple of weeks. 6GHz More and more countries are allowing licence-exempt use on 6GHz. In the Americas, most countries are allowing use of the entire 1200MHz. Follow Chuck Lukaszewski on Twitter to get the updates: https://twitter.com/RF_ChuckCanada 6GHz regulations: https://semfionetworks.com/blog/6ghz-regulations-in-canada/Morocco is the first country in Africa to allow unlicensed use of 6GHz. Aruba Announced the first Wi-Fi 6E AP Aruba 630 series access point key features – Comprehensive tri-band coverage across 2.4 GHz, 5 GHz, and 6 GHz with 3.9 Gbps maximum aggregate data rate and ultra-triband filtering to minimize interference – Up to seven 160 MHz channels in 6 GHz to better support low-latency, high bandwidth applications like high-definition video and AR/VR – Operates on existing IEEE 802.3at standards for PoE power so there is no need to rip and replace existing power supplies – Advanced security with WPA3 and Enhanced Open to better protect passwords and data – Flexible failover with two HPE Smart Rate Ethernet ports for 1-2.5 Gbps, offering true hitless failover from one port to another for both data and power – Application assurance to guarantee stringent application performance for latency sensitive and high bandwidth uses by dynamically allocating and adjusting radio resources – Cloud, controller, or controllerless operation modes to address campus, branch, and remote deploymentsOfficial announcement: https://news.arubanetworks.com/news-release-details/2021/Aruba-Introduces-Industrys-First-Enterprise-Grade-Wi-Fi-6E-Solution/Wi-Fi 6E speed test: https://youtu.be/8gvB5MCi9do Changes at Aruba Partha Narasimhan (CTO) and Keerti Melkote (CEO) left the company. They said they are retiring.David Hughes is taking over the CTO role (previously CEO of silverpeaks).Phil Mottram is taking over the President and General Manager role.https://blogs.arubanetworks.com/uncategorized/my-aruba-journey/ Wi-Fi 6 Stress Test Report Tested performance of Aruba AP535, Extreme AP650, Mist AP43, Meraki MR46, Ruckus R750. Read the report at: http://wifi6stresstest.com Wi-Fi Day World Wi-Fi day is a global initiative to help bridge the digital divide.It is a platform to recognize and celebrate the significant role Wi-Fi is playing in cities and communities around the world by driving exciting and innovative projects to ‘connect the unconnected’.http://worldwifiday.com/ Metageek Signifi Business Now provides quick and easy remote tech support for home Wi-Fi networks.Signifi Agent installs on a desktop (Windows and Mac soon) and the IT administrator login into a cloud portal to retrieve the data.https://community.metageek.

It’s been a while since we last talked about Spectrum Analysis (SpecAn). It was all the way back on Episode 39. In this episode, we’re going to define what Spectrum Analysis is. We’ll then discuss why we should perform SpecAn. Maybe it’s because you want to locate a source of interference. What are the different scenarios when you would perform spectrum analysis? It could be done during the validation survey as part of your verification of Wi-Fi operation. We’ll discuss how we, Rowell and François, perform Spectrum Analysis with our own tools. We use a combination of the Ekahau Sidekick and Metageek Chanalyzer. But after you perform Spectrum Analysis, how do you document your findings? Be sure to check out the YouTube video recording to get the visual representation of the podcast. In the video we simulate sources of interference, what it looks like from the frequency density view, waterfall view, and channel utilization view, and talk about the impact of interference. Links & Resources Episode 39: https://www.cleartosend.net/when-how-to-use-spectrum-analysis/ Ekahau poster: https://f.hubspotusercontent00.net/hubfs/2140159/Infographic-Wi-Fi-Competition-SK-Analyzer.pdf Metageek signatures: https://www.metageek.com/training/resources/wifi-and-non-wifi-interference

Mathy Vanhoef, a well respected Wi-Fi security researcher, has identified a dozen vulnerabilities in the 802.11 protocol called FragAttacks. FragAttacks is short for Fragmentation and Aggregation Attacks. It’s based upon how wireless frames are received and reassembled on a device or access point (AP). Unfortunately, this vulnerability has been present since Wi-Fi existed  and nearly all wireless devices are vulnerable to FragAttacks. All security methods are impacted, from WEP to WPA3. FragAttacks exploits the way 802.11 stations receive, store and process frames that are transmitted using the 802.11 protocol.  The frame fragmentation and aggregation functionality vulnerability could allow an attacker to forge encrypted frames to exfiltrate sensitive data from a targeted device. Additionally, a victim could be exploited to inject additional data at the right time, such as performing packet injection of  a malicious DNS server towards the client. It’s important to note that this doesn’t mean Wi-Fi encryption is broken, although we should point you to the previous research Mathy has done on KRACK Attack. The act of leveraging this vulnerability is possible. It will require a malicious attacker to be in proximity of a target victim. The attacker would need to perform a man-in-the-middle (MiTM) attack to get the victim to join a rogue AP. From there, the attacker must perform the frame fragmentation and aggregation attack.  What should you do? Educate yourself on how FragAttacks works. We’ve listed several resource links down below, especially to Mathy Vanhoef’s research paper. Discuss the topic with your peers to get a further understanding.  Most importantly, do not freak out.  Reach out to your AP vendor to identify a fix you can apply to your infrastructure. We’ve listed major vendor releases down below. If you’re using cloud-managed APs you’ll be able to update easily. For those using WLAN controllers, it may be more challenging. The fix will require new code to be deployed. Before deploying new code, understand which APs are supported in that code. You may need to replace older APs first. The weakest point will be end user and IoT devices. Everything needs an update to patch this vulnerability. All operating systems and consumer routers need to apply a patch, many of which are coming in the near future. Educate users to update their devices regularly in order to address past and present vulnerabilities. Links & Resources * Official FragAttacks website* Official FragAttacks Paper* FragAttacks tools for testing (Github)* Video showcasing the FragAttacks exploit* Official announcement from the ICASI* FragAttacks Overview* Wi-Fi alliance announcement*

In this episode, we are trying to assess how easy it is to troubleshoot common Wi-Fi problems using RUCKUS cloud. We want to give you an idea of what it would look like to perform troubleshooting from our point of view. We outline what we like and what we would want to see improved. We want to thank RUCKUS for sending us an R750 and giving us access to the cloud. Similar to our other episodes on the same topic, but with different vendors, we present three issues: * PSK issue: user entering the wrong password when connecting to a WPA2-Personal Wi-Fi network* 802.1X issue: RADIUS server not reachable* 802.1X issue: user entering wrong password when connecting to a PEAP[Ms-CHAPv2] Wi-Fi network We found that RUCKUS allows you to view details of your Wi-Fi network but it would require you to look through logs to identify any real problems. Not until you start using RUCKUS Analytics then do you see how easily the impact of an issue is along with clear language of what the problem is. Just check it out from the screenshot below. RUCKUS Analytics The RUCKUS Analytics feature is a premium subscription or service. It does speed up the identification of Wi-Fi issues. In addition to having analytics around Wi-Fi issues, RUCKUS has a virtual network assistant, called Melissa, that can be asked questions to help gather information for you and potentially solve issues faster. We found that there is still a lot of room for improvement.

In this episode, we are trying to assess how easy it is to troubleshoot common Wi-Fi problems using the Mist solution. We want to give you an idea of what it would look like to perform troubleshooting from our point of view. We outline what we like and what we would want to see improved. SPONSOR This episode is sponsored by SemFio Networks, a Juniper Mist partner, founded by your co-host François Vergès. We specialize in building reliable Wi-Fi. SemFio Networks is a trusted Juniper Mist partner in Canada. One of the reasons we partnered with Mist is because we believe in the new technologies they are using, especially those that allow automation. We try to integrate automation in every project we work on today and we see significant gain in time and efficiency for our customers. Leveraging the Mist API, we have developed tools that help us to deliver easy to manage solutions and we make sure that the customer feels comfortable taking over when we are done. Feel free to book a session with me to talk about your Wi-Fi needs. I would be really excited to be working with you. It’s time to rely on your Wi-Fi to get things done. Book a session with François Here are the problems we had generated: * PSK issue: user entering the wrong password when connecting to a WPA2-Personal Wi-Fi network* 802.1X issue: RADIUS server not reachable* 802.1X issue: user entering wrong password when connecting to a PEAP[Ms-CHAPv2] Wi-Fi network Enjoy the recording and let us know which Mist tool you like using while performing troubleshooting

In this episode, we are trying to assess how easy it is to troubleshoot common Wi-Fi problems using the Meraki Health solution. We want to give you an idea of what it would look like to perform troubleshooting from our point of view. We outline what we like and what we would want to see improved. SPONSOR This episode is sponsored by Packet6, a Meraki Partner, founded by your co-host, Rowell Dionicio. Start designing your Wi-Fi with Packet6. You need a reliable partner that has your best interests and won’t over-sell you on products and services you don’t need. At Packet6, you can work with Rowell directly to bounce ideas off of for your next Wi-Fi project and get a quote for Wi-Fi equipment. You don’t have it do it alone because no matter what your skill level is, whether you’re a novice or an expert, Packet6 is a good fit for most organizations. See for yourself at packet6.com. Get reliable, simple, and seamless Wi-Fi today from Packet6. Nowadays, we’re relying on cloud dashboards to rapidly identify issues with the network. Many vendors include this as a feature when using their dashboard. But how well are they at identifying issues? How quickly do they log the issues? This is something we will try to evaluate in a series of episodes with different vendors. It’s a big improvement from viewing raw logs or searching for a needle in a haystack. Meraki offers a feature called Meraki Health. It provides the network administrator with an overall view of the network. If you needed to view details of a specific client or AP, the Health feature displays any issues that could be happening over a given time period. Here are the problems we had generated: * DHCP issue: DHCP server not providing an IP address* PSK issue: user entering the wrong password when connecting to a WPA2-Personal Wi-Fi network* 802.1X issue: RADIUS server not reachable* 802.1X issue: user entering wrong password when connecting to a PEAP[Ms-CHAPv2] Wi-Fi network Enjoy the recording and let us know which Meraki tool you like using while performing troubleshooting

Are we relying too much on proprietary tech to optimize Wi-Fi for client devices? Recently, Rowell had to optimize a wireless network which became this episode. What do we think about features like client load balancing? Can it work efficiently and how do client devices react to it? Is there a better way to load balancing clients across access points? Ultimately, the client device decides where it wants to join, right? Maybe 802.11k/v can help with transitioning client devices more smoothly. We would think so but sometimes client devices don’t leverage 802.11k/v properly. Do you turn on all DFS channels? If a client device supports the channel, why not? But what about which AP is operating on which channel within DFS. That’s going to be important when designing a network that relies on roaming. Then there’s the discussion of matching transmit power levels from the APs with your client devices. How do you know which transmit power to set it to when you have many different types of clients? These are the topics we talk about in this episode. Let us know what your optimization tips are in the comments below.

New IEEE-802.11 Standard The IEEE published, on February 26th, a new version of the IEEE 802.11 standards. It is called IEEE-802.11-2020. Did you get your copy yet? Congratulations to the TGmd Task Group on the publication of IEEE 802.11-2020, officially published on 26 February, 2021!— Rick Murphy (@RickMurphyWiTS) February 26, 2021 But take note: 802.11ax didn’t make it to this version – womp womp. You can buy it here if you cannot wait: https://standards.ieee.org/standard/802_11-2020.html Here is the timeline of the 802.11 group: https://www.ieee802.org/11/Reports/802.11_Timelines.htm Wi-Fi Awards They have announced the 2021 winners: * 2021 Company Leadership of the Year: Mist Systems, a Juniper Company* Product of the Year: Ekahau Analyzer* Innovation of the Year: WLAN Pi* Rookie of the year: Gjermund Raaen* 2021 Content Contribution of the Year: Rowell Dionicio* Lifetime Achievement Award: Peter Mackenzie Check out all the winners here: https://thewifiawards.com/2021-award-winners For all the award finalists, check them out here: https://thewifiawards.com/award-finalists News from the WLA The Wireless LAN Association published a standardized framework for WLAN standards this week. Here is the link: https://wlanassociation.org/wla-standards-framework/ They are working on 4 standards documents: * Red book: Define* Blue book: Design* Grey book: Deploy* Green book: Diagnose Validate What are your thoughts? News from the Wi-Fi Alliance The Wi-Fi Alliance has been announcing a few things since the beginning of the year: Wi-Fi CERTIFIED Vantage: Wi-Fi Alliance certification problem that improves mobility and allows users to experience more consistent connections while roaming within and across networks by reducing airtime overhead and enabling faster authentication to the selected access point. Wi-Fi CERTIFIED Vantage is composed of the following certifications: * Wi-Fi 5 or 6* Passpoint* Wi-Fi Agile Multiband* Wi-Fi Optimized Connectivity (the new kid on the block) Wi-Fi CERTIFIED Optimized Connectivity: improves mobility and allows users to experience more consistent connections while roaming within and across Wi-Fi® networks, and between Wi-Fi and cellular networks. Link: https://www.wi-fi.org/discover-wi-fi/wi-fi-optimized-connectivity Technical document: https://www.wi-fi.org/downloads-registered-guest/Wi-Fi_Optimized_Connectivity_Specification_v2.0_0.pdf/37256 FILS: Fast Initial Link Setup (802.11ai)

In this episode, Rowell and I talk about some of the reasons why we do some AP-on-a-Stick site surveys. Both of us share some of the APoS work we have been doing in different environments. We get into some of the equipment we used to make our measurements. And we also talk about what we do with the data we have collected. Have fun listening and feel free to share it with your friends and colleagues! If you want to learn more about APoS site surveys, both Rowell and I developed a practical guide that we have available on this website: courses.cleartosend.net. Here is a gallery of some pictures we have taken from the work we have been doing: