802.11h is part of the 802.11-2007 specification. Many airport radars use the UNII-2 and UNII-2 frequency ranges (channels 52 to 140). Any 802.11 equipment operating in this frequency range is supposed to be able to detect these airport radar signals and move away so that the radars can operate safely without our APs interference. This process is called DFS, Dynamic Frequency Selection.
I have never seen any airport radar actually using these frequencies to land planes. They have plenty of other frequencies for that. The UNII-2 and UNII-2 extended are more commonly used for weather reporting. The worst I saw was a radar reporting snow in a hot summer due to an AP interference... but the AP had an amplifier, a directional antenna and was pointing directly at the radar. This was experimental more than anything else. In most cases, your AP is too weak to disturb a radar. The 802.11h still rules that if your AP detects a radar blast, it has to move to another frequency. The process is as follows:
- Your AP, operating on any of the UNII-2 or UNII-2 extended channels, receives a blast from a radar. The AP recognizes this signal as a blast, because the AP is used to performing Radar Detection Measurements, through which it can recognize several typical "radar blast patterns", such as "pulses of identical power, 1 microsecond wide, with a frequency of 700 pulses per second, with blasts of 26 milliseconds each". This description is just an example. The 802.11h protocol actually states that has to be considered as a radar blast any signal in these frequencies stronger than -61 dBm at the Ap level, and that the AP "cannot prove not to be radar blasts". In other words, if you don't know what it is, it's a radar blast.
- From this instant, your AP has 10 seconds to move to another channel. This is called the channel move time.
- During these 10 seconds, your AP has a lot to do! It must find another channel to jump to. In a controller based solution, the controller picks up a random new channel (among the list of allowed channels) and sends it to the AP.
- The AP jumps to the new channel, and silently listens for 60 seconds. Its aim is to detect any radar blast on this new frequency (in which case the AP changes channel again). If the new frequency is quiet, the AP resumes its conversations after this 60 second period. This is called the Channel Availability Check Time.
- Radars do not always use the same frequencies. They try to detect a certain weather pattern at a certain distance, for which a specific frequency is more efficient. As the weather usually does not change every minutes, radars typically use a frequency for a little while (until they get a clear picture of the weather trends reported in this frequency), then leave the frequency. For this reason, when your AP leaves a channel, it blacklists the channel for 30 minutes. This is called Channel non-occupancy Period. After 30 minutes, if the AP has to change channel again, the previously blacklisted channel re-becomes part of the list of potential channels.
All this is well, but what about the clients? If the AP suddenly moves to another channel, clients will be disconnected!... and 60 seconds of Channel Availability Check Time? This is going to kill all sessions!
Well, there is another solution. The AP could check new channels... before blasts occur. In this mode, the AP leaves the main channel every now and then, and scan new channels. To avoid losing client frames while the AP is away, the AP can send a Channel Quiet 802.11 "action message", which is a beacon telling the clients in the cell not to send anything for a while (the while is defined in another beacon) while the AP is away. With this method, the AP would know about the new channels when the problem occurs, could jump to a new channel and immediately resume its conversations. This was the original mechanism, called In Service Monitoring (the AP scans while serving an active channel). But if you think about it, this may not be the most efficient method. First of all, the AP still needs to scan any new channel for a total of 60 seconds before being able to use it. How many times would this AP have to jump from its original channel to get 60 seconds worth of information on any new channel? Secondly, what guarantee does this mechanism offer? Even if a channel was seen as "free", a blast could occur any time (the channel on which the AP was previously transmitting was also "free" until it got a sudden blast). So this method might not be that better after all.
Verifying the new channel availability when needing to jump is probably more efficient, even if UDP connections might probably drop. TCP connections will probably just have their window slide down while asking for missing packets retransmission. This if the stations know that the AP is jumping, and to which channel! This is where the screenshot above plays its role. During the channel move time (the 10 second window), the AP is supposed to stop all communications, but this is not realistic. What about beacons, client frames, probes, etc.? The 802.11h mechanism allow a certain number of transmissions: 260 milliseconds. In other words, whatever the AP transmits during these 10 seconds, the total duration all these frames added together must not exceed 260 milliseconds worth of channel utilization. This is called the Channel Closing Transmission Time. Don't get it wrong. It is not one long message. The AP can send a few milliseconds worth of traffic, then stop, then send something else, etc. At the end of the 10 second window, the transmitted amount must be less than 260 milliseconds worth of channel utilization. So the AP is going to look carefully at what it can send. It is actually going to continue sending beacons (so that clients still detect the AP), and also answer probe requests (with probe responses). All other transmission is stopped: no data packet, no ACK. All wireless packets reaching the AP are silently dropped.
Wow, that's rough: clients send packets, never get any ACK, and after 10 seconds the AP disappears to a new, unknown, channel... and when they scan to find the AP, they won't hear anything from this AP for another 60 seconds! To make the all process smoother, you can check the Channel Announcement box. This makes that when the AP jumps to the new channel, it first sends an 802.11h Channel Announcement message, telling its client that it is jumping to another channel, and giving them the channel frequency. This allows the clients to jump along with the AP. They know that the AP has to stay silent for 60 seconds when getting to the new channel, but they can jump and wait (to a new, silent channel) for the AP to resume its communications. At least they know where the AP is, even if they do not hear it.
To be even nicer, you can check the Channel Quiet Mode box. This makes that the AP, upon entering the Channel Move Time window, sends a "Quiet Message" to its clients, in which it says "do not communicate". The clients know that they don't have the right to communicate, so you avoid this situation where they send packets that are never acknowledged (therefore retransmitted again and again in vain).
The upper section of the screen is about the second feature, TPC, Transmit Power Control. The 802.11h protocol states that the AP (and the wireless clients!) must be able to reduce its power level to the minimum value needed for its operation. In other words, if you are an access point, do not shout! You may disturb a neighboring radar. Reduce your power to be just loud enough to be heard by your clients, no more. The fine line is that the 802.11h protocol states that the AP must “be able to” reduce its power, not that it “has to” reduce its power. So most vendors implement the ability without forcing the behavior. It is the case for this feature. The controller can reduce the AP power with 802.11h (this is called Transmit Power Control, TPC, not to get mixed with Dynamic Transmit Power Control, which is a CCX feature by which an AP can as a client to be louder or quieter to improve the communication quality). To actually use the TPC, check the Power Constraint box. A new field allows you to set “how quieter” the AP is allowed to be. Keep in mind that - 3 dB is half the power, so every 3 dB allows the AP to reduce its power by half. A common value is 9 dB, allowing the AP to divide its power level by a factor of 8 (3 dB + 3 dB + 3 dB, which is power level divided by 2, then divided by 2 again, and divided by 2 another time).
Posts
J,
ReplyDeleteIs the first sentence supposed to read unii-2 and unii2 extended?
Thanks a lot. There was no documentation for "quite channel mode" in cisco documents. Thanks a lot for explaining it.
ReplyDeleteHey Jerome,
ReplyDeletePlease pardon my ignorance, but I wanted to ask a general wireless question. Didn't find any link ot post random wireless question. Hence posting it here.
Suppose we have 3 wireless clients. A,B and C. C is sending packets on the wireless channel.As soon as it receives the last ACK from the AP with a NAV of 0, the DIFS starts ticking. NOW, after the end of DIFS the CW sarts off. Suppose client A randomly selects a slot time of 2 and B selects a slot time of 4. I would like to understand the process of traffic transmission after this.
Many thanks in advance.
Manish
Hey Manish,
ReplyDeleteThanks for asking. B and C would count down in parallel (and each would ignore that the other one picked a CW and is counting down). At each number down (3 for B and 1 for A), both would listen to the channel to check if there is any signal detected (the signal has to be a certain strength, defined as 20 dBM above the minimum sensitivity defined by the 802.11 standard for that band, most of the time we say that the signal should be about -65 dBm to be read, but it is a bit more complicated than that). If there is a signal, each detecting station would try to see if it can detect an 802.11 header that would tell them the duration of the transmission (Duration field in the header). If that field can be read, then each detecting station adds this duration to its CW and restarts counting down from the new number. If the duration field is not read but the signal is strong enough, each detecting station stops counting down and listens to the air at each slot time (as if the station was counting down, but the CW does not decrease) until the signal is gone. The stations then resume their countdown. A funny aspect is that if one station hears the signal above the threshold (say -65 dBm) it will stop counting down for the duration of the signal, but if the other station is farther away from the signal source, it may hear it way below the threshold and simply ignore it (continuing to count down).
If both stations heard the signal the same way, A will get down to 0, listen to the medium, find it silent, and will start sending its frame. At this point B (still left at 2 in the countdown) would hear A signal, would try to read the duration field, and would restart counting down from 2+duration field...
Does that make sense? :-)
Thanks for the excellent explanation Jerome..and apologies for reading it so late...It definitely clarifies my doubt. One more relevant question : Do all the wireless clients (irrespective of the supplicant) implement the same algorithm to grab the slot during the CW ?
ReplyDeleteThanks in advance.
Manish
Hi Manish,
DeleteYes, if the clients are 802.11 certified, they have that same behaviour...
Hi Jerome,
ReplyDeleteThe article written above is about DFS (802.11h). I understood that the PA actually sends a channel switch announcement for the clients before changing the channel and the clients stop sending traffic for the specified period. However, in the case of Off-channel scanning done on both 802.11b/g or 11a radio, when the Cisco AP goes off-channel after every 16 seconds for a period of 50ms , what happens to the client traffic ?
Regards,
Manish
Okk...so just going once again through the above article I assume that my question is related to in-service monitoring. So, during in-service monitoring, does the AP always send the channel quiet message to the clients to let them know that "I am going to jump to some other channel to scan it for 50 ms". The clients will not expect any ACK form the AP during this period.
ReplyDeleteRegards,
Manish
Hi Manish,
DeleteSadly no... the 802.11h mechanism is reserved for radar ("valid emitter") avoidance operations. So the APs can't use it (also, 802.11h is only valid in UNII-2 and UNII-2, so a 802.11b/g client would not understand it anyway.
When the AP has buffered traffic for some configurable queues, it defers its jump to another channel (it understand that there is active communication in the cell). It only jumps away if there is no active traffic. It is always possible that a client would wake up during the time the AP is away and would send a frame. It would not get Acked, so the client would wait an EIFS, pickup a new number and resend. Most likely, the AP will be back by then...
Hi Jerome,
ReplyDeleteIf we select 9dBm at the power constraint value, does that mean AP cannot go below 1/8th of its max power ? Is this is the place where we control AP power cannot go down certain value in Unified Wireless environment ?
Regards
Rasika
Hi Rasika,
Deletethe dBm start from the AP max power (level 1, which is the max power allowed in the AP country of operation, of course the exact value depends on the country), then each chunk of 3 dB is one power level less.
So: level 1 is max power (0 dBm)
-3 dBm is power level 2
-6 dBm is power level 3
-9 dBm is power level 4.
Selecting 9 dBm means that you allow your AP to be set to power levels 1, 2, 3 or 4, but not lower than 4. This is the place where you control how low the AP can go when dynamically negotiating its power with TPC/802.11h, typically on a mesh backhaul. The reason is to avoid drops in the links. Suppose the following structure:
RAP----MAP1----MAP2
Suppose that RAP and MAP1 figure out that they can lower their power by 15 dBm (from level 1 to level 6)... they do it, but MAP2 is a bit far from MAP1, and now MAP2 can't hear MAP1 anymore (because MAP1 was negotiating with RAP, not with MAP2), this would be an issue. Of course, MAP2 would scream at MAP1, and they would renegotiate together. But this makes the structure unbalanced (MAP1 might go down again next time RAP asks it to do so). This is why the config allows you, the admin, to set up a floor value, below which you know that your APs should not go.
Now, this is for mesh and TPC. For normal operations, there is a wireless / 802.11a|802.11bg page with a DCA tab, where you can decide how high or how low your normal APs can go (as far as power is concerned). You can also statically set the power at the AP level.
hth
Jerome