The Impact of 802.11ac Wireless Networks on Network Technicians
The 802.11ac standard brings opportunities to deliver higher performance and end-device capacity over wireless networks. This allows the enterprise network to support the growing variety of wireless end-devices such as BYODS (Bring-Your-Own Devices) smartphones, tablets and new generations of M2Ms (Machine-to-Machine devices) and IoTs (Internet of Things). This white paper discusses key enhancements 802.11ac brings to the network, the challenges when transitioning to 802.11ac and how the Network Operation Team can get ready to meet these challenges.
Table of Contents
With the popularity of BYOD in enterprise, network designers expect that each network client has up to 3 devices connected to the network, most commonly being their smart phone, tablet and PC. With the recent popularity of the 2nd generation of M2M or IoT devices, and the prospect of BYOT (Bring Your Own Thing) happening to enterprise network, the client-to-end-device ratio is predicted to go up to 5 by the year 2022. There is a growing requirement for higher end-device density with fluid distribution because of the mobile nature of the wireless end-device. Traffic profiles are also changing as we used to expect download traffic to be greater than uploads. Now smartphones and tablets constantly send/receive emails, send staying-alive pings and have applications that upload photos, videos and files to cloud-based storage. IoTs (IE Security camera) may continually send video stream to the cloud. In addition, mobile devices continuously authenticate and synchronize while roaming thus requiring seamless roaming changes from one access point (AP) to the next. All these hit the enterprise network as soon as a Wi-Fi enabled end-device enters a building and gets connected to the Wi-Fi network. The 802.11ac Wi-Fi network is the latest platform to meet these growing needs with greatly improved capacity and throughput. To realize the potential, the network operation team will need to step up their skills when planning, deploying and maintaining the 802.11ac wireless network.
To meet user needs to stay connected with multiple devices, planning for sufficient bandwidth for up and downstream is essential. This means you must plan for capacity and throughput, not just coverage. RF planning and surveying tools such as NETSCOUT’s AirMagnet Planner and Survey Pro will aid and simplify the design and validation of 802.11ac network’s deployment to ensure not just coverage but capacity is included in the design from the start.
In the advent of these greater speeds, it is important that your existing wired infrastructure be reviewed and a plan put in place to provide higher-speed, wired connections to 802.11ac APs in conjunction with greater Power over Ethernet (PoE) capabilities that meet the 802.3at or 802.3af requirements. In addition, with the use of multiple SSID per AP to segregate traffic, such as those for Guest and Corporate users, the provision of multiple VLANs in the switch networks needs to be carefully mapped out and maintained.
Post-installation tests should also be made on the wireless network. Given the gains in speed expected with 802.11ac it would be wise to verify the speed and throughput actually being achieved over the network while it is loaded with user traffic. 802.11ac has matured quickly and it is not atypical for a user to bring their 802.11ac devices into the work place to either make a convenient wireless connection to their laptop or cast data to the cloud from their IoT device. This could cause a major security breach potentially allowing outsiders to connect to this unauthorized AP or trigger a DDoS attack from the cloud-based IoT devices. Therefore, it’s imperative that any devices that you use to detect rogue APs can detect those which support 802.11ac. Most if not all the measurements discussed above can easily and quickly be performed using a handheld tool such as NETSCOUT’s OneTouch AT Network Assistant, which makes these measurements from a wired and wireless client’s perspective, saving time and money in the process.
What 802.11ac Delivers?
The 802.11ac IEEE standard is designed to operate exclusively at 5 GHz band with more available non-overlapping channels that can deliver data networking rates of potentially three to more than six times faster than earlier 802.11a and n networks. 802.11ac products accomplish this by evolving the 802.11n technologies rather than a revolution in technology. Most of the 802.11ac equipment available in the market today are Wave 1 delivering only evolutionary advancement in features as the following table shows:
|Features||802.11n*||802.11ac Wave 1*||802.11ac Wave 2+|
|802.11n vs 802.11ac features|
|*: These are typical 802.11n and 802.11ac Wave 1 equipment features|
|Operation Frequency Bands||2.4 GHz and 5 GHz||5 GHz||5 GHz|
|Maximum # of Transmit and Receive Antennas||4||4||8|
|Maximum Channel Bonding||40 MHz||80 MHz||160 MHz|
|Transmission Modulation||64 QAM||256 QAM||256 QAM|
|MIMO||Single User 3x3||Single User 3x3||Multi-user 8 x 8|
Wave 1 802.11ac products promise to deliver data rates of 1.3 Gbps. But to achieve this rate, it requires both the client and AP operating with at least three streams and communicating over 80 Hz or wider bonded channel, as shown below. Simply getting on the 802.11ac network does not guarantee higher throughput. Likewise, when Wave 2+ APs are available, the client must be able to support MU-MIMO for the Wave 2+ APs to realize the gain in speed as well as optimize the use of available airtime.
|Device/Streams||20 MHz||Channel Bonding
|40 MHz||Channel Bonding
|802.11n vs 802.11ac Data speeds|
|Smartphone (one stream)||72 Mbps||150 Mbps||200 Mbps||433 Mbps|
|Tablet (two streams)||144 Mbps||300 Mbps||400 Mbps||866 Mbps|
|Notebook (three streams)||216 Mbps||450 Mbps||600 Mbps||1300 Mbps|
802.11ac should be backwards compatible with the other 5 GHz Wi-Fi standard (802.11a and n). This means that “a” and “n” clients will still be able to connect to APs that have been migrated to 802.11ac. However, there is a cost to this. When 802.11a/n clients exist on the wireless network, the 802.11ac clients will be slowed down to a/n speeds when the slower clients hog the available airtime while they are transmitting. It is also important to note that whenever a Wi-Fi enabled client is on the network, it will scan for Wi-Fi networks. This simple act by the Wi-Fi client always reverts to the slowest possible speed first, and inadvertently hogs valuable airtime during the process even if it is not connected to the Wi-Fi network. Knowing what types of AP and clients exist on the same or adjacent channel bands will help understand what may interfere with the performance of the network and offer actionable insight.
802.11ac wireless networks operates only at unlicensed 5 GHz frequency, and it is believed to be more robust as it will not be subject to the interference that plagues the 2.4 GHz band caused by Bluetooth, microwave ovens, analog wireless security cameras, etc. However, new generations of wireless devices, such as 5.8 GHz phones and IoTs, that also operate on the same 5 GHz band have already started to appear. Radar will be a consideration when choosing channels in some countries where they broadcast in the 5 GHz band. It is important to have visibility to the RF environment during and after deployment to ensure that the 5 GHz RF band stays clear for the Wi-Fi network.
How Does 802.11ac Affect Network Technicians?
802.11ac has already become the defacto Wi-Fi standard to deploy. But as seen above, 802.11ac brings new expectations and has its own limitations. Between a network engineer and technician, the network operation team needs to synchronize the knowledge, such as configuration, authorization, coverage and performance expectation when 802.11ac network is deployed. Network engineers and technicians need to understand the unique characteristics of 802.11ac, such as bonded channel, spatial streams, and channel bands, as well as Pass/Fail criteria for key application and network performance parameters so that they can be more effective during the following tasks:
Deployment and migration
- Coverage and connectivity
- Roaming behavior
- RF health & interferers
Throughput and service availability
- Wired network feature and service provisioning
- Multiple APs accessibility and performance
- Rogue device such as AP with open security or unauthorized AP using the company’s SSID
- Documentation of AP and end-devices that are authorized
Deployment & Migration
Coverage vs Connectivity
802.11ac runs exclusively on 5 GHz frequency bands which has a higher number of available non-overlapping channels. Most 802.11ac deployment are optimized for higher end-device density and availability by packing more 802.11ac access points that are in closer proximity to each other than older Wi-Fi APs. This allows the Wi-Fi networks to be future solidified to support the growing end-device to client ratio, and avoid the need for rewiring. In addition, the signal power of APs can be tuned to reduce interference to adjacent APs. It is important to validate the coverage area after deployment and the roaming characteristic of mobile end-devices for applications that requires high-availability and user mobility.
|Band||20 MHz Channels available||20 MHz||40 MHz||80 MHz||160 MHz||20 MHz||40 MHz||80 MHz||160 MHz|
|Number of non-overlapping channels||13||2||1||1||19||9||4||2|
In addition, Wi-Fi architects will consider channel allocation and management to determine the maximum channel width to use. It is common for a designer to use 40 MHz bonded channels and even 20 MHz channels in a high-traffic and high end-device density area where available airtime per client is a premium. 80 MHz or 160 MHz bonded channels will be reserved exclusively in an area where high throughput is critical. It is critical to conduct a survey of the RF environment to validate the optimal channel selection against AP placement before and after deployment. It is also important when a network technician troubleshoots a client complaint of poor performance, to have the ability to validate not only if the end-device can connect to the Wi-Fi network but the width of the channel the AP connected can offer, and the number of spatial streams that the end-device uses.
To ensure a good wireless network and design, use a wireless planning and survey tool (i.e. AirMagnet Planning and Survey Pro) to place access points, meet user-capacity and data-rate capabilities. Please note when designing for user-capacity, plan for 3 to 5 devices per person, while the majority of the end-devices, BYOD and IoT, may support only 1 antenna or spatial stream.
With the complication of having multiple 802.11 technologies in one wireless network it is also useful to have mobile handheld tools, such as NETSCOUT's OneTouch AT Network Assistant or AirCheck G2, that can be taken to quickly spot check a wireless network on location. During troubleshooting: verify connectivity; bonded channel width supported by each AP; and determine what performance levels 802.11ac clients can achieve. For example, to realize >500 Mbps throughput, both the 802.11ac APs and the end-device will have to support three spatial streams and a 80 MHz channel connection. If clients are connected using 802.11a, not only will they suffer slower speeds, but they will also make the connections of other users slower.
OneTouch AT can discover 802.11ac APs and provide AP details: such as classifying .11ac APs by authorization status, SSID supported, signal and noise strength, discover associated clients and client details, 2.4 and 5 GHz channels used. Advanced tools such as locate or connect to an 802.11ac AP, and even capture 802.11ac management and control frames.
Verifying the ability to link and gain network access is an important part of solving connectivity issues. OneTouch AT can connect to 802.11ac networks and access points. In addition to this results screen, a complete log of the connection process is shown under the LOG tab, making it easy to identify here in the association, authentication or IP address process the problem exists.
OneTouch AT will report all clients associated to an 802.11ac AP that it sees. It offers detailed client information, including # of streams supported and channel width used, making it easy to spot connectivity and performance issues with the client.
With the ever-increasing number of BYOD’s and IoT’s in the enterprise network, seamless roaming between wireless access points is now accepted as an everyday requirement. In addition, many applications including data, voice and video running on these mobile and other devices depend on a persistent network connection with even a momentary loss of that connection possibly being disruptive to the communication and negatively impacting a user’s productivity. Wi-Fi roaming test with adjustable roaming threshold can emulate an end-device roaming experience when moving from one AP to another AP within the same network. This serves as a quick check for a dead zone within the coverage area.
In a more advanced situation, roaming transaction details for clients including PCs, phones, and other mobile devices should be examined for signal level, noise, channel number and retries as these determine if network coverage, congestion, or interference are the cause of bad roams. These parameters can be easily captured by a technician using handheld tools such as the NETSCOUT OneTouch AT and shared to engineers for advanced analysis using the AirMagnet Wi-Fi Analyzer.
OneTouch AT provides a summary of the Wi-Fi connection and local network health. Roaming details include AP, MAC, connected channel#, security method and network traffic health statistics.
OneTouch AT keeps log of each roaming event during a walkthrough. If roaming fails, it reports the cause of failure such as no matching AP for the connected SSID found. This can be an indication of a coverage dead zone or an AP that has gone offline.
RF Health and Interferences
All Wi-Fi networks, including those operating with 802.11ac Wave 1 equipment, operate in half duplex mode. Even with 802.11ac Wave 2+ AP, unless the clients can support Multi-user MIMO, only one end-device can communicate with the AP at any one direction. As such, presence of RF interferers, either other Wi-Fi devices operating in the same frequency band, or non-802.11 sources such as cordless phone or proprietary IoT devices, has a significant impact to user experience of the Wi-Fi network. It is important for a network technician to have visibility to what’s on the RF channel(s) used by the network that may interfere with operation. Tools with dedicated hardware, such as the NETSCOUT AirCheck G2 and OneTouch AT, are designed to detect non-broadcasting APs, as well as non-802.11 RF signal to reveal otherwise hidden interferers that hog the valuable bandwidth. The OneTouch AT has the unique ability to identify and locate common non-802.11 interferer types for quick identification and isolation of interferers.
OneTouch AT shows bandwidth of all Wi-Fi channels in both 2.4 and 5 GHz. Number of APs in each band, as well as channels affected by non-802.11 interferers are highlighted.
OneTouch AT shows how the bandwidth is utilized for each channel band, as well as number of SSIDs, APs, clients and interferers using the channel.
OneTouch AT has a unique capability to identify the type of interferer and how much it impacts the network during the last 90 seconds, so that it is easier to locate and remove it from the network.
Wired network capacity and power requirements
With increased wireless capacity and throughput from 802.11ac comes the requirement to ensure the wired network can support this increased bandwidth. An audit of your switch and router devices should be made to ensure the network paths of 802.11ac APs are capable of providing multiple gigabit ethernet connections to client services. This is especially important when most APs offer support to multiple SSID’s to provide connectivity to various types of users, such as visitors and employees. To maintain security, a Wi-Fi network architect may rely on proper VLANs provisioned in the switches to segregate traffic to prevent access to critical corporate assets by visitors. Before deployment of the Wi-Fi, these VLAN configurations should be checked end-to-end to validate that assets reserved to conduct company business are only accessible to employees, and not by guests connected to the guest Wi-Fi networks.
Most of the 802.11ac will be powered by PoE to reduce adding the cost of wiring power cable to the APs. Even though 802.11ac APs are more power efficient than other legacy APs, 802.11ac AP wired connections still require higher wattage available from 802.3at “PoE plus or Type 2” switches or midspans. Network technicians will be tasked to validate the PoE type of the switch ports. During troubleshooting, this is especially important when more economic switches that cannot power all the switch port are deployed. Technician tools, such as the NETSCOUT LinkRunner AT or OneTouch AT, offer integrated features to validate the speed and connectivity to the network, as well as the PoE voltage and wattage of the switch ports that will be connected to the APs.
OneTouch AT can be configured to connect directly to specific VLAN and verify if important assets are accessible. The configuration can be stored into profile and recalled by field technician to execute quickly. This is particularly useful to validate switch provisioning before deploying Wi-Fi APs that rely on complex VLAN infrastructure.
OneTouch AT’s Path Analysis discovers switches in the LAN between the AP and the Gateway or Router and identifiers the speed and VLAN configuration of each port. This will help isolate where it failed to supporting 802.11ac speeds, and where the VLAN infrastructure failed to safeguard corporate assets.
Ensure performance of the wired link to the AP with the OneTouch AT’s performance test. Measure upstream and downstream throughput up to 1 Gbps as well as loss and latency.
802.11ac APs can be tested for wired connectivity and PoE capability with OneTouch AT. On connecting to the switch port, a test is automatically run to display the TruePowerTM available to the APs.
Throughput and Service Availability
The ultimate goal of designing and installing an 802.11ac network is to meet the required user experience when they are streaming video, calling using VoIP, and uploading/downloading files, emails, etc. The ability to measure the end-to-end network performance would be a great advantage to understanding what’s happening in the path between the client and the server or application. These measurements should be made from the LAN to the network core, then through WAN links to data centers and remote office buildings. Comparing the result from the wired and Wi-Fi network provides valuable information to determine if the problem is unique to the Wi-Fi network.
After making these tests, the results should be examined to verify good throughput and response times. These tests will vary from network to network and from where the measurements are made to and from. Shared knowledge of Pass/Fail criteria amongst the team is critical for effective diagnosis and troubleshooting. Regular testing of these parameters from a variety of clients to different services will help you to understand what is normal, making it easy to detect when there is a problem. If the results of the tests are deemed to be good and clients are still complaining about the response, then it may be necessary to capture the trace between the client and the access point (inline) for escalation for further analysis by application team or 3rd parties such as the WAN service provider.
There are speed tests available in the market, such as iPerf, that could estimate the maximum throughput that the link to a server could bear using standard devices such as a tablet or notebook PC. But these tests cannot truly load the network because it is limited by the hardware. Test tools with specialized test hardware, such as the NETSCOUT OneTouch AT, will be able to generate much higher load to the network, Wi-Fi or Wired, to fully exploit any issue that may be hidden while the network is unloaded.
Verifying applications’ connection speed and throughput could not be easier with OneTouch AT. A variety of application tests including FTP, email, video and web connectivity can be included in a profile, then tested simultaneously from a wired and wireless connection, providing a direct comparison between both access methods.
OneTouch AT has the capability to make throughput testing through the wired or wireless connection to either another OneTouch AT peer or a LinkRunner AT. This powerful feature enables network technicians to quickly and easily verify traffic throughput capabilities through to the core network, servers, and remote sites.
There are situations where no anomalies can be found in the results of an application or service test, but clients are still complaining about application throughput and response times. The OneTouch AT has the ability to connect inline with the AP and the network or on a wireless connection to collect packets for escalation and further analysis with a protocol analyzer such as ClearSight Analyzer, which is an application-centric analyzer that provides quick answers to application performance problems.
There are many small office/home office 802.11ac wireless routers available in the market. In addition, the growing number of IoT devices, such as cameras, may eventually find their way on to enterprise networks. Unfortunately, they could also be causing a major security leak on the corporate network. To ensure this does not happen on your network, a 24x7 intrusion detection system (IDS) or intrusion prevention system (IPS) that can detect 802.11ac rogue devices should be used. If one of these systems is not available, the network technician can use a handheld wireless tool, like the OneTouch AT or AirCheck G2, which can discover Wi-Fi devices and categorize them plus quickly locate rogue devices. If you do have such a system, the portable nature of these tools make them the go-to tools for finding the physical location of the offending devices.
The OneTouch AT also features a unique “cross-linked” discovery which shows the wired location (port/switch) of APs discovered on the wireless side of the network. This facilitates the ability to quickly disable network access for unauthorized devices.
Once discovered, an 802.11ac access point can be physically located based on its signal level. Using the OneTouch AT Locate function, track down a device to mitigate a rogue security threat or to find an access point to perform move, add or change operations.
The OneTouch AT is able to detect and classify 802.11ac capable access points by decoding specific information in beacons. Discovered 802.11ac access points are reported under the AP tab as well as in network, client and channel lists and marked with an 802.11ac icon. 802.11ac is included in media type sorting so a user can raise the visibility of detected 802.11ac access points in the list of discovered access points. This can be used to quickly identify rogue devices or review a newly deployed network of 802.11ac access points.
By allowing you to tag and name known AP’s on your network, the OneTouch AT makes rogue detection quick and easy.
When implementing an 802.11ac Wi-Fi network, network technicians, engineers and IT management should make plans for how they will deploy and manage the network site by site. Many considerations will be made not only during deployment but also as the network evolves to accommodate more connected devices. It is critical that the network team, especially the less skilled network technicians, can access up-to-date knowledge on how the network is configured, and maintains standardized validation procedures and pass/fail criteria that can be implemented during deployment and troubleshooting. NETSCOUT offers a complete family of test solutions that facilitates effective Wi-Fi network planning, standardized testing and collaborative troubleshooting through ease of sharing test data across the network team.
About OneTouch AT Network Assistant
The OneTouch™ AT Network Assistant is an automated all-in-one tester for understanding end-user gigabit ethernet and Wi-Fi network performance. Combined twisted pair, fiber-optic and Wi-Fi testing resolves countless connectivity and network health problems. Automated testing with pass/fail analysis speeds problem identification. User-definable AutoTest profiles can standardize troubleshooting and performance validation practices, and empower less-skilled technicians to be more productive. Wired and Wi-Fi end-to-end path performance measurement to a remote peer or reflector documents SLA compliance. Inline VoIP analysis troubleshoots IP phones in real-time and measures call quality. Wi-Fi and inline wired packet capture streamlines collaboration and problem escalation. Discovery and analysis provides visibility into wired and Wi-Fi networks. Comprehensive cable-to-server testing isolates the problem’s root cause.
To facilitate visibility and collaboration across the network operation team, all NETSCOUT handheld test tools share a cloud-based result and report portal called Link-Live. It is a free cloud-based service that can upload test results. There are free-text and context sensitive search-to-search for test results based on switch name, devices IP address or name and time. During network deployment, a progress report can be easily generated showing the switch ports tested each day, their link speed and duplex distribution, and PoE test results. During troubleshooting, previous test results from a switch port can be compared against current test results for quick change identification.