Special guests, Samuel Clements and George Stefanick join the show to discuss the Ekahau Sidekick with Rowell Dionicio and Jussi Kiviniemi.
Wireless site surveys have been performed with USB adapters for a long time. Many have had grueling battles with getting these USB adapters working, we’ve had them fail, and have seen varying inconsistencies between adapters. Or if you’re me, I nick my adapters all the time.
Recently, Ekahau came out with a game changer. It replaces all your USB adapters into a shoulder strapped, supercharged, all-in-one measuring device. As said on the product’s website, the Sidekick dramatically streamlines the site survey process by replacing and outperforming the previously-used USB hubs providing greater reliability, accuracy and convenience.
That’s our discussion in this episode regarding the Sidekick. How does it stand out in the field in terms of performance, reliability, and accuracy. The added benefit here is convenience.
In this episode, I start things off by asking why the development and release of the Ekahau Sidekick. You’ll get the response directly from Ekahau but additionally, we hear from two customers – Samuel Clements and George Stefanick.
Some of the reasons why they prefer to use the Ekahau Sidekick:
Receive sensitivity dial
Ease of use
Ekahau decided to build the Sidekick from scratch to produce a device capable performing excellent spectrum analysis and Wi-Fi gathering capabilities. Listen to the episode to hear more of our discussion.
One special treat, Jussi shows us what Wi-Fi sounds like.. Yes you read that right.. what Wi-Fi sounds like. You hear it in this episode.
Jim Vajda, CWNE #183, is our special guest who has done K12 Wi-Fi deployments. Jim provides insights into his requirements, challenges and design process.
K12 Wi-Fi Deployments
Requirements in a K12?
A primary requirement for K12 involves a low cost solution. Many schools use tax dollars or E-Rate. When using tax dollars schools must be careful with their spending. E-Rate is a federal program which provides schools with discounts to obtain affordable IT equipment.
Getting to the technical requirements, it must be simple to use. Most IT departments are spread thin. A system that is easy to implement is ideal.
High density is important. Many classrooms are teaching with tablets, such as iPads, and Chromebooks. Each classroom does a 1-to-1 distribution of tablets or Chromebooks. With each classroom containing 20 or so students streaming video or performing online testing, we can see this becoming a high density classroom. This is especially so with Faculty carrying their own devices. Some students have their own devices as well.
Security requirements include Role Based Access Controller (RBAC). RBAC is used to control what network resources a user has access to. This is important in an environment where pre-shared key (PSK) is used heavily in K12 environments.
Content filtering is a must in order to protect children from content they should not be viewing. For simplicity of management, K12 would like to see this implemented in the wireless solution they select. In Jim’s experience, he has seen Meraki being used in the majority of K12 public schools in Ohio.
What is not a requirement is fast roaming, centralized data plane, and layer 3 roaming. Most devices are stationary.
A nice to have is layer 7 visibility and wireless client statistics.
With older K12 schools, additions to buildings are common. Be sure to do a walk-through to catch any surprises such as a new concrete wall that was just put up.
Perform your own wall attenuation measurements to include in your predictive site surveys. You will create the most accurate results using this method.
Jim uses a D-Link DIR510 to get his wall measurements. To get the measurement, place the AP in the middle of the room or about 20 feet away from the wall. You can use a laser distance tool to measure the distance. Take your first measurement inside the room next to the wall. Then take your next measurement on the other side of the wall. The difference will be your wall dB loss.
The site survey application of choice for Jim is Ekahau Site Survey Pro. Within his surveys he ensures he is using an AP that will be deployed in the K12 school.
When it comes to channel planning, Jim used to start with 40 MHz channel widths but now starts with 20 MHz. This is because of the channel reuse he can get in 5 GHz spectrum for high density. Jim recommends using DFS channels if you can. Make sure to perform spectrum analysis to discover any radar in the area.
In K12 schools it is very rare to see external antennas used. If they are used, it is usually outdoors for coverage. Indoors, you will not see external antennas.
The major challenges Jim sees in K12 schools:
IT lacks clout
Limited IT staff
Poor RRM settings
Tx power set too high
Excessive Co-Channel Contention in 2.4 GHz
Too many SSIDs being broadcasted
In regards to 1 AP per classroom, this is really a big marketing push. While many environments may not need 1 AP per classroom, some may push for it because it is easy. In some scenarios, 1 AP per classroom can be justified. This can be due to wall material attenuating signals significantly.
It’s that time, a new episode about WiFi! Our main topic is Troubleshooting WiFi with Wireshark.
I saw this get shared on Twitter which is an article from The Guardian. Apparently, AirBnb WiFi is a security threat for travelers. This shouldn’t be a surprise to anyone but it is possible that the owner could be spying on your traffic, collecting information on you or even stealing your passwords. The best thing to do is not use the WiFi. I know, hard to do. From another perspective, a maliciuos hacker could break into your access point and install a backdoor and have his/her way with your WiFi. Now that’s a scarier thought.
I noticed Keith Parsons shared an interesting photo on social media. He displayed what he carries every day as part of his WLAN Professional toolkit. My toolkit is a lot lighter than that only because I hate carrying a lot of gear. Here’s a look into my toolkit:
Before capturing wireless frames, there are a few things to take note. If you’re using a Macbook Pro/Air then you should be okay capturing frames using your built-in wireless adapter. I highly recommend using Airtool to assist in capturing frames on specific channels and channel widths. Airtool will conveniently save that capture for you on your desktop and open it right up in Wireshark.
If you’re using a PC, capturing wireless frames may not be that easy. Normally, the wireless adapter in Windows doesn’t allow you to capture frames in promiscuous mode. You’ll want to capture all the wireless frame details. Those frames I am referring to, not just the data frames, but also the frames used for management and control of the wireless medium.
On a Windows PC I have used the AirPcap adapter from Riverbed.
Once you’ve captured enough wireless frames, go ahead and stop it. Now we should be looking at Wireshark. The window is divided into three sections:
List of frames captured at the top pane
Middle pane shows the details of the frame selected at the top pane
Bottom pane shows the frame bytes of the selected frame.
We can see details such as the source mac address, destination mac address, and the details of the frame.
On the Info column, you can see what kind of frame is captured. For example, the first frame is a probe request from a device. What’s awesome about diving into wireless frames is being able to see so many details. Expand the Radiotap Header and we can see what data rate this frame was sent out on, which frequency, the signal, etc.
Expand IEEE 802.11 Probe Request and we can identify what kind of frame this is. It’s a Management frame with a subtype of 4 which is a Probe Request.
Now the meat of this specific frame is where you will expand IEEE 802.11 wireless LAN management frame. Here we will find the details of this probe request from the client device. It is probing for a specific SSID called test and has included all of the client’s capabilities.
We’re already seeing how powerful it is to analyze wireless frames when troubleshooting client devices.
So that’s looking at wireless frames. Let’s add more functionality to Wireshark. We can add columns to the frame list pane in order to see more details.
A few columns I like to have visible are:
To add a column, right click on an existing column and select Column Preferences. Click on the Plus icon to add a new column. So for example, to add a Duration column, give the title of this column Duration, change the type to Custom and the in the field Name we will use what’s called a filter. For duration it is wlan.duration.
Display filters are your best friend. Display filters are used to find specific types of frames or packets. For example, if I wanted to see frames from a specific source MAC address, I would type in wlan.addr == mac_address in the display filter bar.
It is possible to filter from almost any type of frame.
Typically when capturing wireless frames, I capture everything without any filters. In Wireshark, it is possible to apply a capture filter. I don’t like this approach because you may miss a frame that may be required for troubleshooting. Instead, I capture everything and filter down from that capture. Sure it takes up a lot of hard disk space but that’s the life of a protocol analyzer. I know, I need a hobby.
But if you really want to conserve on space, Airtool has an option to not save layer 3-7 payloads. A neat little feature.
So how is this useful? Let’s say an client is unable to join the wireless network and all you are able to do is perform wireless captures. So if it were me and this was my only option, I’d go to where the client is having issues. Assuming the client drivers are good and the SSID can be seen by the client and the only issue is it never connects to the SSID, we need to find out what channel to start capturing on.
We could use another useful tool such as WiFi Explorer, same author of Airtool, to find out what the strongest signal is on what channel. That’s where I would start capturing wireless frames, then while capturing frames, have the client try to connect. After the process fails, I would stop the capture.
Assuming we captured on the correct channel, we should be able to see the probe request coming from the MAC address of the client which you can obtain from the computer itself. After looking at the capture we should be able to see the 802.11 State Machine. If we don’t see successful authentication and association then that’s when we need to look closely at the capture. Maybe it’s because the client doesn’t support the requirements of the BSS such as a mandatory rate the client doesn’t support.
If you’re more of a visual person, Wireshark does have the capability to display the capture in a graph. What if we wanted to see how many retransmissions are occurring. In Wireshark, navigate to the Statistics menu and select I/O Graph. In the graph window, we will add a new data point by clicking on the plus icon. Rename it to Retries. The display filter to show retries is “wlan.fc.retry == 1”. Since this is bad we will color it as red. Next we modify the Y Axis to display Packets per second and also display All Packets so we can compare retries to all packets captured. That graph shows you the amount of retry frames compared to all frames captured.
There we have some basic Wireshark troubleshooting. That should be enough to get you going and it will take some practice. We went over installing Wireshark and how to capture wireless frames. Then we went over the different panes within Wireshark and how to add additional columns for easier viewing of frames. Next I went over how I use Wireshark to capture frames and troubleshoot an example issue. Also I provided two tool that will assist you in capturing frames, Airtool and WiFi Explorer.
In the news we talked about how insecure it is to use WiFi at an AirBnb. I know I wouldn’t.. The list of tools Keith Parsons has in his bag which is quite impressive. What’s in your bag? and a discussion of how to deal with someone spoofing your SSID.
Attending CWNP’s 2nd annual (I think) conference, WifiTrek, was a positive experience. I share my thoughts about the conference which had great presentations.
In addition, I add a couple of interviews from the following:
Joel from Metageek
Murray – first time attendee
Nathan York – CWNE #138
Jussi from Ekahau
I had a blast meeting people I speak with on Twitter. Can’t forget the new friendships created in-person. The wireless industry sure has a great group of smart people. Everyone I met was friendly and enthusiastic with sharing their experiences.