www.wildpackets.com© WildPackets, Inc.

Why Every Engineer Needs WLAN

Packet Analysis

How to solve 10 common Wi-Fi problems by

dissecting packets

Jay Botelho

Director of Product Management

WildPackets

jbotelho@wildpackets.com

Follow me @jaybotelho

© WildPackets, Inc.

Critical Elements of a

Packet Analysis Solution

• Performance

• Multi-channel analysis

• Visualization

• Analysis modules

• High-quality decodes

© WildPackets, Inc.

10 Common Problems

• Verifying device capabilities

‒ Networks

‒ Clients

• Verifying device

configuration

‒ Poor configuration choices

• Connection issues

‒ Authentication

• Poor VoFi quality

• Identifying network

bottlenecks

‒ Chatty clients (let me count

the ways)

‒ Probe requests

‒ Inefficient network utilization

• Roaming

‒ Sticky clients

‒ Roaming latency

© WildPackets, Inc.

Verifying Device Capabilities

• Network capabilities – Beacons

• Client capabilities – Probe Requests

© WildPackets, Inc.

Verifying Device Configuration

• QoS enabled/disabled

• Beacon intervals

• CTS frames sent out with 10,000 microsecond

duration field (viewed as duration attack)

© WildPackets, Inc.

Connection IssuesAuthentication – EAPOL Key Exchange

• The AP sends a nonce-value to

the STA (ANonce)

• The STA sends its own nonce-

value (SNonce) to the AP

together with a MIC, including

authentication

• The AP sends the GTK and a

sequence number together

with another MIC

• The STA sends a confirmation

to the AP

© WildPackets, Inc.

Poor VoFi Quality

• RTP packets (g.711)

• Jitter, packet loss, latency

• Relative packet timing

© WildPackets, Inc.

Identifying Network Bottlenecks

• Chatty clients (let me count the ways)

• Probe requests‒ Probe Requests to all SSIDs, not just current one, flooding

device with responses

• Inefficient network utilization

© WildPackets, Inc.

Chatty Client - Unassociated

http://www.sniffwifi.com/2012/04/phones-on-wlan.html

© WildPackets, Inc.

Chatty Client - Associated

http://www.sniffwifi.com/2012/04/phones-on-wlan.html

© WildPackets, Inc.

Inefficient Network Utilization

http://www.sniffwifi.com/2014/05/why-are-you-slowing-down-my-wifi-apple.html

© WildPackets, Inc.

Inefficient Network Utilization (cont.)

http://www.sniffwifi.com/2014/05/why-are-you-slowing-down-my-wifi-apple.html

© WildPackets, Inc.

Roaming Issues

• Sticky clients‒ Clients make poor roaming

decisions

‒ Look for: signal strength,

data rates, etc.

• Roaming latency‒ Criteria for determining

latency depends on your

perspective

http://revolutionwifi.blogspot.com/2012/12/wi-fi-roaming-analysis-part-3-measuring.html

© WildPackets, Inc.

© WildPackets, Inc.

Additional Resources

• http://www.sniffwifi.com/2012/04/phones-on-wlan.html

• http://www.sniffwifi.com/2014/07/i-guess-apple-wireless-routers-dont.html

• http://www.sniffwifi.com/2014/05/why-are-you-slowing-down-my-wifi-apple.html

• http://www.sniffwifi.com/2013/12/iphones-be-chatty.html

• http://www.sniffwifi.com/2013/09/a-fish-in-desert-chomecast-sniffed.html

• http://www.sniffwifi.com/2013/08/eighteen-seconds-of-very-chatty-iphone.html

• http://www.sniffwifi.com/2012/08/testing-mobility-with-omnipeek.html

• http://www.sniffwifi.com/2011/11/how-do-i-know-if-it-really-links-me.html

• http://www.sniffwifi.com/2011/11/tell-me-whys-tell-me-sweet-little-whys.html

• http://www.sniffwifi.com/2011/11/what-is-wrong-with-this-wifi-and-what.html

• http://sc-wifi.com/2013/08/27/troubleshooting-done-motorola-style/

• http://sc-wifi.com/2012/11/12/tag-vendor-specific-nintendo/

• http://www.wifikiwi.com/cwap/a-sticky-problem-wi-fi-clients-that-wont-roam/

• http://revolutionwifi.blogspot.com/2012/12/wi-fi-roaming-analysis-part-3-measuring.html

www.wildpackets.com© WildPackets, Inc.

Thank You!

WildPackets, Inc.

1340 Treat Boulevard, Suite 500

Walnut Creek, CA 94597

(925) 937-3200