802.11k/r/vProtocol Analysis of the impact on Voice
Andrew McHale
@mac_wifi | mac-wifi.com | [email protected]
2© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
Setup
• iPhone XS Max iOS 13.1
• Vocera B3000N - Channel plan 36-64
• Cisco vWLC 8.5
• 3x Cisco 3502i (Ch 36, 48 & 64) – need 3 to trigger Enterprise roaming
• WLAN - PSK & PEAP, Fastlane=Disabled
• Microsoft Active Directory, Certificate Services & Network Policy Server (RADIUS)
• Omnipeek, 2x Anker A7513, 8x Netgear A6210/AC1200
• Channels scanned = 1, 36, 40, 44, 48, 64, 140, 149
• Vocera VoIP call between iPhone & Badge
802.11k
4© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
Why 802.11k?
• Drugs are bad, m’Kay?
• More information = Better Decisions
• Faster decisions = Smoother roams
• Smoother roams = Happier voice users
Roaming without 11k
6© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
Client Roaming
• Some clients scan the whole channel plan. Others keep a cache of channels
they’ve seen around each BSSID.
• Some clients scan just at the time they need to roam. Others proactively scan all
the time to learn the WLAN.
• Active and Passive scanning
• Reset iPhone/Badge before every 11k test to clear cache
7© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
iPhone Upstream
8© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
iPhone Upstream + Probes
9© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
iPhone Upstream + Probes + Downstream
1 0© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
iPhone (much later)
1 1© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
Typical iPhone scan
Without 11k
3.046 secs
1 2© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
Badge Upstream
1 3© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
Badge Upstream + Probes
1 4© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
Badge Upstream + Probes + Downstream
1 5© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
Typical Badgescan
Without 11k
1.712 secs
Roaming with 11k
1 7© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
iPhone Upstream + Probes + Downstream + Key 4 + Neighbour Info
1 8© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
iPhone 802.11k ComparisonW
ith
With
ou
t
1 9© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
Typical iPhone scan
Without 11k
3.046 secs
With 11k
0.178 secs
2 0© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
Badge Upstream + Probes + Downstream + Key 4 + Neighbour info
2 1© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
Badge 802.11k ComparisonW
ith
ou
tW
ith
2 2© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
Typical Badge scan
Without 11k
1.712 secs
With 11k
0.561 secs
2 3© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
802.11k Thoughts
• Impact is minimal for clients with small & configurable channel plan
• Huge benefit to:
• consumer clients without configurable channel plan
• large channel plans (*cough* 6GHz *cough*)
• Most useful for users moving through new areas (shoppers) vs local users (nurses)
• Better on than off – minimal risk
802.11rFast Transition
2 5© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
Why 802.11r/Fast Transition?
• R is for Roaming.
• Historically advised to use PreShared Key for short
predictable associations.
• Proprietary solutions (CCKM / OKC) been
available but not as widely supported by clients.
• CCKM/OKC/FT provide faster roams than PSK.
• Useful in deployments like EduRoam where your
authenticator could be 1000’s miles away.
R is for
Roaming
Roaming without 11r FT
2 8© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
Full RADIUS Authentication
Roaming with 11r FTOver-The-Air (OTA)
3 1© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
802.11r FT OTA
Without 11r
0.472 secs
With 11r OTA
0.002 secs
Roaming with 11rOver-The-DS (OTDS)
3 4© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
802.11r FT OTDS
Without 11r
0.472 secs
With 11r OTDS
0.060 secs
With 11r OTA
0.002 secs
3 5© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
iPhone 802.11 Comparison
802.11r OTA
802.11r OTDS
No 802.11r
3 6© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
802.11r Fast Transition Thoughts
• 802.11r Fast Transition has huge impact on Dot1X roams.
• CCKM and OKC already provided this feature.
• Being part of the IEEE 802.11 Standard will hopefully encourage client vendor
adoption where CCKM and OKC were seen as ‘nice to have’.
• Voice roaming is not a reason to stick with PSK anymore.
• Over-The-DS not advised for highly mobile time-sensitive applications
• Requires connection to current BSSID to initiate – no good for
stairwells/lifts
• Proprietary mechanisms used for LAN segments
• 11r FT can co-exist with non-FT clients (on Cisco) - mac-wifi.com/ciscos-802-
11r-ft-settings-adaptive-mode-explained/
802.11vBSS Transition
3 8© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
802.11v
• Victory or “Don’t give me the V’s”
• ‘11k++’ - not just information but
recommendations too.
• Can insist a client moves, but not a default
setup (thankfully).
• No AP can know what is happening at the
client. Client best placed to make decisions.
• A wrong decision can cost 100’s of
milliseconds.
• Balance your less mobile clients, and leave
time-sensitive clients alone. Use QBSS instead.
3 9© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
802.11v Results
4 0© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
802.11v Results
4 1© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
802.11v Results
4 2© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
iPhone Upstream + Probes + Downstream + 11v Req/Resp (zoomed)
4 3© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
Android Upstream + Probes + Downstream + 11v Req/Resp
4 4© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
802.11v Thoughts
• The phones were too good at roaming.
• To force 11v I had to make Optimized Roaming very aggressive
which led to a poor voice experience
• Cisco bug forced ‘Disassociation Imminent’ even when Disabled.
• If client vendor is advanced enough to include support for 11v then
they probably have adequate roaming triggers and algorithms.
Layer them together…
4 6© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
iPhone + 802.11k + 802.11r OTA + 802.11v
4 7© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
Summary
1. Testing was conducted with two very capable voice clients.
2. 11k allowed iOS device to focus.
3. 11r FT has a big impact on Dot1X roam times but isn’t new.
4. 11r FT Over-The-DS not recommended for voice.
5. 11v showed to have little value due and could be dangerous.
4 8© 2 0 1 9 V O C E R A C O M M U N I C A T I O N S . A L L R I G H T S R E S E R V E D .
11k11r OTA
11v
The Winners
Thank You!Andrew McHale
@mac_wifi | mac-wifi.com | [email protected]
Top Related