You are on page 1of 44

How to: Fix Your Wireless Network – Part 1

Eric Geier October 08, 2007


Introduction

Wireless networks are a wonderful thing. However, the freedom and convenience they provide can also come
with a healthy dose of frustration and annoyance. Your pain might come in the form of frequent network
disconnects, sluggish speed, inability to connect or, if you're really lucky, combinations of all three.

Fortunately, armed with a basic understanding of how wireless networks (also commonly known as wireless
LANs or WLANs) work and some simple troubleshooting techniques, you can find, fix or at least minimize
many WLAN problems.

In this first article of a series, I'll first provide an explanation of WLAN basics and then move on to describe
common wireless problem symptoms and their probable causes. The goal is to help you choose the correct path
toward solving the problem you actually have. This is important, since some "fixes" that are applied blindly can
often make the actual problem worse!

WLAN Types

The two main types of wireless networks are Infrastructure, which are the most commonly encountered, and
ad hoc.

In Infrastructure wireless networks, wireless clients (commonly referred to as Stations or STAs) connect to
access points (APs), which coordinate and relay traffic among STAs. Note that in an Infrastructure WLAN,
STAs do not directly communicate, which is a common misconception. APs also bridge data traffic between
the wireless and wired segments of a LAN.

Note: A wireless router contains an access point (AP), router and switch combined to share a single Internet
connection among wired and wireless clients. Wireless routers are normally used in small networks at homes
and small businesses that require only a single AP. However, if additional wireless coverage is required,
additional APs can be connected to the wireless router.
In this series, I'll usually use the term AP, but this can also mean wireless router.

Figure 1 illustrates the coordination and relaying functions in an Infrastructure WLAN. For a file transfer from
Computer A to B, the data packets are transmitted from Computer A to the AP, then retransmitted to Computer
B.

Figure 1: Sending and receiving on an infrastructure wireless network

In ad hoc wireless networks, STAs create a peer-to-peer network without an access point. The communication
on a ad hoc network is regulated by protocols that are included in the 802.11 standards and implemented in each
STA.

In this series, we'll concentrate on Infrastructure wireless networks since they are the predominant type.

Channels

As you may have noticed when configuring your AP, there are 11 channels available in the U.S. for operation in
the 2.4 GHz band. (The 2.4 GHz band is used by 802.11b, 802.11g and draft 802.11n gear.)

Figure 2 provides a visual representation of the channels and frequencies.

Figure 2: Depiction of 2.4GHz frequencies for 802.11b/g channels.

From Wi-Fi Hotspots: Setting Up Public Wireless Internet Access

(Cisco Press, 2006) by Eric Geier , used by permission

While technically you can choose any of these channels, in practice, you should use only channels 1, 6, or 11.
The reason for this limitation is channel overlap. 802.11b and g use eleven channels in the 2.4GHz band,
spaced at 5MHz intervals. Since the commonly accepted width of each channel is 22MHz for 802.11b and
20MHz for 802.11g, both 802.11b and g are said to have three non-overlapping channels (1, 6 and 11).

Tip: Now-defunct wireless networking management company Cirond argued that there are actually four
channels (1, 4, 8, 11) that can be used for 802.11b and g with virtually no performance penalty.

Now if all the energy of the transmitted signal actually were contained within a 20 (or 22MHz) band, the
definition of "non-overlapping" might be simpler. But reality is somewhat more complicated.

Figure 3: 802.11b Transmit Spectrum Mask


From Matthew Gast's 802.11 Wireless Networks: The Definitive Guide , used by permission

Figure 3 shows an idealized spectral plot (power vs frequency) of an 802.11b signal. To paraphrase the
explanation in Chapter 10 of Matthew Gast's excellent book, this plot shows that transmitted power is reduced
by 30dB (1/1,000) below the power at the center of the channel (that's what the dBr notation means) at +/-
11MHz away from the channel center and 50dB (1/100,000) below at +/-22MHz away.

NOTE: The following spectrum diagrams are based on Figure 3 and are not done to exact scale. Any
inaccuracies are not intentional!

Since 11b and g channels are on 5MHz spacings, two channels right next to each other (1 and 2 for example)
would overlap as shown in Figure 4.

Figure 4: 802.11b adjacent channel overlap

The yellow shaded area represents the power from channel 2's signal that overlaps into channel 1's main lobe
(the largest "hump" and also the frequency band that contains most of the signal's power). Since a significant
amount of channel 2's main lobe overlaps into channel 1's main lobe (and vice versa), communication on both
channels will suffer. Contrast this picture with the situation shown in Figure 5.
Figure 5: 802.11b "non-overlapping" channel overlap

This figure has the same scale as Figure 4, but shows signals in the "non-overlapping" channels 1, 6 and 11.
Since the power from each signal doesn't magically stop at the 22MHz channel boundaries, there is still overlap
between "non-overlapping" channels. But in this case, the yellow shaded area that represents channel 11's power
that is overlapping into the main lobe of channel 6 is at least 30 dB lower (1/1000) than channel 11's peak
power.

Put simply, channels 1, 6 and 11 are considered to be "non-overlapping" because the amount of power that does
overlap is supposedly too small to significantly affect each channel's operation. Whether that's actually the case,
however, depends on many other factors, including the device's Adjacent Channel Rejection (ACR) capability,
and, of course, the physical distance between devices on different channels. By the way, although I've been
using examples based on 802.11b, the situation is pretty much the same for 802.11g.

Note: For a better picture of what real 802.11g signals look like when captured on a spectrum analyzer you
can refer to some screen shots shown here.

RF Basics

When troubleshooting your wireless network, it is helpful to understand how wireless signals, or RF (Radio
Frequencies), travel through your home or office. Similar to other radio devices such as cordless phones or
walkie-talkies, signal quality and strength decreases as the distance between the transmitter and receiver
(wireless router and computer) increases. Additionally, obstacles such as walls, floors, and furniture can block or
reduce the wireless signal.

To better understand how these signals travel, imagine your AP as a tiny light—a naked light bulb (to simulate
an omni-directional, or dipole antenna). This analogy works well in an "open field" environment where there is a
clear line of sight between the bulb (your Access Point or wireless Router) and your eye (your wireless-equipped
laptop), but requires a little bit of tweaking for an indoor environment.

So also picture your home's walls, ceilings, and furniture not as solid objects, but more like translucent panels or
objects with varying opacity. The more panels or objects between the bulb and your eye, the more difficult it
will be to see the light.

The antennas used on your wireless networking devices play a major role in how the signal propagates, or
travels. Most wireless networking gear (wireless routers and adapters) come with omni-directional antennas,
which means the signal is transmitted with equal strength in all directions. Other types of antennas include
directional antennas with varying "gains" or amplification factors and high-gain omni-directional antennas.

Going back to the light bulb example, you could think of putting a curved reflector behind the naked light bulb
as similar to attaching a directional antenna to your AP. The reflector wouldn't change the amount of light (radio
power from the AP) being transmitted, but instead concentrate the light in a desired direction.

We’ll cover more on antennas and their uses later in this series.

RF Interference

In addition to interference caused by other wireless networks on the same channel or from overlapping channels,
other radio devices can interfere with wireless networks. The following devices that use (or bleed onto) the 2.4
GHz frequency band are common culprits:

• Cordless phones
• Baby monitors
• Kitchen microwaves
• Wireless speakers and headphones
• Bluetooth devices

Note: We are focusing primarily on the 2.4GHz band, which is used by 802.11b, g and draft n products. But
similar interference problems can occur with 802.11a and draft 11n products that use the 5 GHz frequency band.

However, since each channel in the 5 GHz band uses non-overlapping frequencies, and 5 GHz WLAN gear is
much less commonly used, interference is typically less of a problem. But it is only a matter of time until the 5
GHz band suffers from the same congestion as the 2.4 GHz band.

The effect of the interference by devices like these varies. It can be minimal, causing only a slight drop in
performance and speed. However it’s not uncommon for the interference to completely drown out the wireless
signals, stopping your Wi-Fi network in its tracks.

An interesting round of tests performed by the Farpoint Group, released in a paper last January titled The Effects
of Interference on General WLAN Traffic, shows how bad interference can be to your wireless network. They
found that a microwave oven caused more than 62% reduction of throughput (the amount of data transferred) on
their wireless test network compared to measurements without the intentional interference. Additionally the
study found a 89% reduction from a neighboring wireless LAN and almost a 20% reduction in throughput from
a Bluetooth headset. But the most damaging interferer was a cordless phone, causing "complete obliteration
(100% degradation) of a Wi-Fi link." (my cordless phone does this too!)

Revisiting the light bulb example, you could imagine these interfering devices as "light" sources as well.
Depending upon the number, location, and power of these other light sources (2.4GHz cordless phones or
microwaves) it may make it difficult, or even impossible, to differentiate the light in the area from the lamp bulb
(your AP) and the interfering sources.

We’ll cover more on how to address and overcome RF interference in another part of this series.

Problem Identification

Now that we've covered some Wi-Fi basics, it's time to start figuring out the cause of your wireless LAN's
problems. This can be more difficult than you might expect, since wireless problem symptoms can often have
multiple causes.

Table 1 presents the most common problem symptoms encountered and their possible causes. Note that some of
the possible causes are common to multiple symptoms!

Symptom Possible Causes


- Low signal
WLAN doesn't cover expected / required area - Too many obstacles
- AP placement
- STA configuration
Can't connect to AP, even at close range
- AP configuration
- RF interference
Low and/or inconsistent throughput (actual operating speed) - Neighboring WLANs
- Low signal
- Neighboring WLANs
Computer intermittently connects with another network - STA configuration
- Low signal
- RF interference
AP intermittently disappears or disconnects - Neighboring WLANs
- Low signal
- RF interference
Constantly changing link rate (i.e. "connection" speed reported by STA) - Neighboring WLANs
- Low signal
- STA configuration
Link rate never reaches advertised maximum - AP configuration
- Incompatible AP & STA

Table 1: WLAN Problem Symptoms and Causes

Because of the multiple possible causes, getting to the cause of your problem may require multiple passes and
careful experimentation. While you might be tempted to short-cut this process and just try to throw money at the
problem by purchasing the latest wireless wonder being hyped by WLAN product manufacturers...don't!

Although it's possible that a new wireless thingy will solve your problem, keep in mind that the manufacturers
are mainly focused on profits and market share. And the consumer WLAN industry has never been shy about
introducing new technology that, at least in the early going, can cause as many problems as it solves.

Conclusion

To sum up the key points so far:

• Always use the non-overlapping 2.4 GHz channels: 1, 6, or 11.


• Think like radio waves (or light bulbs and lamps!) when troubleshooting your wireless network.
• Cordless phones, microwaves, and other 2.4 GHz devices can cause interference.
• Determine the underlying problem before trying to fix your network.

In Part 2, I'll show you how to use equipment that you already have to perform a simple Site Survey.
How To: Fix Your Wireless Network - Part 2: Site Surveying
Introduction

In Part 1 of this series, I provided an explanation of WLAN basics and described common wireless problem
symptoms and their probable causes. In this installment, I'll show you how to use equipment that you probably
already have to perform some simple tests that can help point you to the correct problem(s) to solve.

To uncover potential issues or causes of problems when troubleshooting Wireless LANs and for an overall better
Wi-Fi networking experience, you should scan the airwaves, i.e. perform a site survey.

For small residential or small-office wireless networks, a site survey can serve three purposes:

• To check for nearby wireless networks


• To verify desired wireless coverage
• Look for non-WiFi RF (Radio Frequency) sources

Site surveys for Enterprises can be quite involved and often include RF spectrum scans, which can detect non
Wi-Fi RF interference. RF spectrum analyzers such those from Cognio and Airmagnet [reviewed] can cost up
to $4,000. But there are lower-cost alternatives, such as the Wi-Spy [reviewed] and AirSleuth, for personal use.

But since we're the targeting home and small-office users, I'll be discussing slimmed-down site surveys that can
be done quickly and easily.

Surveying Tools

If you already have a notebook with either a built-in or add-on wireless card, you might already have what you
need to do a simple site survey. The software utilities included with many wireless adapters have a survey or
scan function, such as shown in Figure 1. Note that what are listed are Access Points (APs), or wireless routers.
(When I use "AP", please think access point or wireless router.) The information we're interested are the SSID
or network name, signal strength and channel number.
Figure 1: Example of a wireless adapter utility.

Your wireless adapter's utility might be found on your Windows Start > Programs menu, or there might be an
icon in the system tray that can be clicked to bring it up.

If it's not already installed, you might be able to download the utility from the manufacturer's website. Note that
the utility might be bundled with the adapter's driver download. But keep in mind not all manufacturers release
utilities for all their adapters.

Tools - Windows Wireless Zero Configuration

But what if your adapter or notebook didn't come with a utility? If you're running Windows XP or Vista, you're
probably familiar with the results you get from clicking the "View Wireless Networks" button in the wireless
adapter network properties window (Figure 2).
Figure 2: Windows XP Wireless Network Scan

Unfortunately, the Windows "Wireless Zero Configuration" (WZC) utility doesn't provide much actionable
information for wireless problem debug. First, it doesn't provide channel information, which, you'll later see is
essential. And the simple 5-bar signal strength display doesn't provide enough resolution for serious
troubleshooting.

But the biggest problem with WZC is that it doesn't show multiple instances of the same SSID/network
name. So if you have three neighbors with Linksys wireless routers who haven't changed the factory defaults,
you'll see only one "linksys" in the "Choose a Wireless Network" window. Definitely not helpful for wireless
problem solving.

Figure 3: Windows XP Wireless Status

One last issue with the information provided by Windows is worth mentioning. Figure 3 shows the Wireless
Network Connection status window for an active wireless adapter, with a Speed value of 54 Mbps. This is not
the actual throughput that the adapter is getting! The more appropriate titles for this value would be the data,
operational, or link rate. This number is the equivalent of the 100 or 1000 Mbps you see for your computer's
Ethernet adapter, i.e. the negotiated maximum possible data rate.

Many people wonder why their wireless adapter Speed reads 54 Mbps, yet their file transfer takes forever, or
their video is constantly breaking up. The reason is that the Speed value is only vaguely related to the actual data
throughput that you are getting. In fact, the drivers for some wireless adapters never update this value, showing
only the maximum possible rate. So the Speed number isn't very reliable for wireless troubleshooting.
NetStumbler

Fortunately, there are other tools available if you don't have a decent wireless client utility. In fact, even if you
have a client utility that shows channel, signal strength, all the in-range networks and even actual data
throughput, there are other tools worth considering.

NetStumbler is the grand-daddy of network survey tools and used in countless wardrives, flies, trains and
walks. Created by Marinus Milner back in 2002, it's still the tool of choice by many today, despite the fact that
active development stopped on it back in 2005.

NetStumbler is free (although donations are appreciated) and comes in versions for Windows 2000 and XP and
PocketPC 3.0, PocketPC 2002 and Windows Mobile 2003. It has not been tested on Vista.

Tip: The other most popular wireless network detector is Kismet. It uses a command-line interface and non-
graphic display, so isn't recommended for those who are lost without a GUI. Although it is available in a form
that will run on Windows, it's best run in Linux.

If you're game, the easiest way to go is to use the BackTrack live CD, which contains Kismet and a host of other
network tools. But since ease-of-use is the watchword here, we'll be doing our site surveying with NetStumbler.

Note that Kismet can detect both APs and wireless clients (also referred to as Stations or STAs). This is helpful
for some wireless surveys, but not required for our simple needs.

The NetStumbler readme file says, "The requirements for NetStumbler are somewhat complex and depend on
hardware, firmware versions, driver versions and operating system. The best way to see if it works on your
system is to try it."

It turns out that this is pretty good advice. But you can first save yourself some time by checking this list of
cards that have been reported to work with NetStumbler 0.4 (the latest and last version) on Windows XP. The
list is pretty inclusive and includes cards using Atheros, Broadcom and Intel chipsets. Chances are that if you
have a wireless card supporting 802.11b or g, NetStumbler will work with it.

So download and install NetStumbler and launch it. It should automatically select your wireless adapter and go
into capture mode. If for some reason it doesn't start, choose Device from the menu bar and select another
adapter or another driver. Make sure the green "Play" button (next to the Disk "Save" icon) is depressed, or click
on it anyway!

Assuming that you have an active access point nearby, you should see it appear in NetStumbler's right-hand-
pane. Figure 4 shows a display with four APs found. Let's see what we can find out about this wireless
environment.
Figure 4: Example of NetStumbler displaying info on nearby wireless networks.

• The four APs are using only two channels (1 and 6).
This isn't necessarily a bad thing as we'll see shortly.

• One of the APs is not broadcasting an SSID (third one down).


See why blocking SSID broadcast doesn't really hide you from the bad guys?

• All of the APs are 802.11g


This is indicated by the 54 Mbps speed. 11b APs would show 11 Mbps.

• The closest (strongest) AP is "Net"


"Net" has a -35 dBm signal level, the highest value recorded. (Smaller numeric values represent higher
signal levels since the values are negative.) The farthest AP is 2WIRE534, since it has the lowest signal
level.

Although NetStumbler sometimes displays Noise and SNR (Signal-to-Noise) values, you're better off using the
Signal value in most cases to determine AP signal strength. The reason is that Wi-Fi adapters can't really
measure non-802.11 signal levels. So we really don't know what is being reported here. For an accurate
assessment of signal levels from microwave ovens, cordless phones, Bluetooth headsets and other devices that
use the 2.4 GHz band and can interfere with your wireless network, you need to use a spectrum analyzer, as
noted earlier.

Tip: If the adapter that you are using does report "noise", you'll see it as a varying red bar overlaid on the
green signal bar as shown in Figure 5.
Figure 5: Example of graph view of AP signal and noise levels.

Performing the Survey

As noted earlier, ther are three types of surveys you can do:

• Neighboring networks
• Coverage
• RF Interference

Neighboring networks

You can perform this survey with either a good wireless client utility or NetStumbler. Since we're looking for
neighboring networks, you must shut off your AP or wireless router before starting the survey. If you have
noticed wireless problems at certain times of the day or days of the week, be sure to do the scan during those
times.

Now open NetStumbler or launch your wireless utility and set it to scan for wireless networks. If you're using a
wireless utility, you will probably have to refresh the screen manually;NetStumbler will automatically refresh.

While scanning start in the room where your AP is located, then walk slowly through the area where you desire
wireless coverage. Pay special attention to the areas where you most frequently use wireless connections and
spend a minute or so there. Refresh the wireless client utility a few times to be sure that it captures any nearby
networks.

Even though the antennas built into your notebook or client card are omni-directional, they are still somewhat
directional, especially since you're holding the notebook, which blocks some of the signal. So try turning the
notebook in different directions while NetStumbler is scanning or trigger a manual scan in each orientation.

Do a screen capture and/or record the SSID, channel number and signal level of any networks you see. Once
you've walked the complete area you're done.

When this scan is complete, there are two things that you might want to do right away, depending on the data
you've gathered:

• Change your SSID - If for some reason you haven't followed good security practice and changed your
AP's SSID from its default, you should do it now. Check the list of neighboring networks you've found
and make sure your new SSID is different.

• Change your Channel - If you've found neighboring networks that are using the same channel as your
AP, change it to a different channel, sticking with the choices of Channels 1, 6 or 11. Use whichever
channel isn't already in use. If all channels are in use, set your AP's channel to the same one as the
weakest network that you found, i.e. the one closer to - 100 dBm. This will give you the best shot at
trouble-free operation.

Wireless Coverage

In a wireless coverage scan, you're looking to assess the signal level of your AP, so first make sure that it is on.
Start with your notebook in the same room as your AP, fire up Netstumbler and expand either the Channel or
SSID tree in the left-hand pane until you get the signal vs. time plot.

Do the same walk as before, making sure to visit the areas where you have particular trouble either getting or
keeping a wireless connection. At each location, record the signal level of your AP, making special note of
locations where the level disappears, indicated by the green dot in the left-hand pane turning grey and gaps in
the plot (Figure 6).

Figure 6: NetStumbler Example Scan 1


Tip:As good as NetStumbler is, sometimes it doesn't quite show what's really going on. For example, if you
get a constant signal level no matter how far you move your notebook away from you AP, then you'll need to try
another card. You don't have a super AP, but just an incompatibility between NetStumbler and the card you're
using.

In other cases, NetStumbler might not show a disconnect from your AP. Figure 7 shows an adapter that didn't
disconnect, but instead showed a constant low signal level when it actually had lost connection.
Figure 7: NetStumbler Example Scan 2

If you're using a wireless client utilty, record the signal, signal quality or whatever signal value the utility
provides and where your network disappears from the wireless client utility list of networks.

If your scan found that you lost connection with your AP in places where you need to be connected, the only
simple thing you can do at this point is to try to move your AP. Sometimes even just moving if from one side of
the room to another, or placing it as high as possible in the room (on top of a bookcase, for example) might
make the difference. Solving wireless coverage problems is a pretty broad subject and will be the subject of a
future How To.

RF Interference Survey

As mentioned earlier, you really need a spectrum analyzer to actually measure the RF energy from non Wi-Fi
sources. Even though you can buy the AirSleuth-Lite for under $100, that might still be more than you're willing
to spend. But you can do a simple RF Interference survey by simply taking an inventory of devices that can
cause Wi-Fi interference.

Take a look around your home for the following devices:

• Microwave ovens
• 2.4 or 5.8 GHz cordless phones
• Baby monitors
• Bluetooth headsets, keyboards, mice, etc.

If you have any of these devices, you can do a simple experiment to see if they are causing problems. Place your
wireless notebook in the location where you usually have problems, or go to a troublesome wireless-connected
desktop computer. Now, turn each device on—one at a time— and see if you have the problem that you tend to
have in that location. (Make sure you put a cup of water or something else in the microwave before running it so
that you won't damage it.)

You can also try running a long continuous ping, transfer a large file or watch a video while turning on the
devices. If you experience problems, then you may have found a source of your wireless woes. Unfortunately,
the most effective fix for RF interference is to eliminate the interference itself, which may be costly,
inconvenient or not possible.
Conclusion

Site surveys are an important step to solving wireless networking problems because they provide important
information to guide you in solving the right problems. Some of the fixes can be simple, which I hope is the case
for you. In our next installment, we'll begin to describe how to improve wireless coverage.

How To: Convert a Wireless Router into an Access Point


Tim Higgins March 10, 2008

I have long had a Wireless FAQ that explained how to re-purpose a wireless router as an access point (AP). But
it occurred to me that some folks might be able to use a little more of a step-by-step, so here it is. I'm going to
use the virtually ubiquitous Linksys WRT54G as the object of our conversion.

Step 1: Connect a computer that is set to obtain its IP address information automatically to a LAN port on the
wireless router that you want to convert to an AP. If you don't know how to do this, Figure 1 shows the
applicable Windows XP screens. (Get to the Network Connections window by Start > Settings > Network
Connections.)

Figure 1: Checking for "Obtain an IP address automatically"


Log into the admin page of the wireless router that you want to convert to an access point. From here on, I'll call
this the "AP".

Step 2: For simple, one segment LANs, there must be only one DHCP server. Your LAN's router has a
DHCP server and you don't want the two to conflict. So turn off the DHCP server on the AP. In Figure 2, you
can see that the DHCP server in the WRT54G AP has been disabled.

Figure 2: Shut off the DHCP server; change the IP

Step 3: Find your LAN Router's DHCP server range. Figure 3 shows the Basic Network Settings page of
the D-Link DGL-4300 that is my LAN's router. This is where the DHCP server controls happen to be.
Different routers might have the DHCP server controls on a separate page, so you may have to poke around a
little.
Figure 3: LAN router settings

The 4300 normally has its Router IP Address set to 192.168.0.1 by default. But you can see in Figure 3, I
changed it to 10.168.3.254. This shifted the DHCP server to the 10.168.3.X subnet instead of the 192.168.0.X. I
also could have used 10.168.3.1 or any address as long as it wasn't between 10.168.3.100 and 10.168.3.249,
which is the DHCP server's range.

The bottom line is that my LAN router's DHCP server range is 10.168.3.100 to 10.168.3.249.

Step 4: Change the address of the AP to an unused LAN IP address. This will ensure that you can reach the
admin pages of the AP to change settings when needed. Referring back to Figure 2, you can see that I set the AP
to 10.168.3.250. Again, this could be any IP from 10.168.3.1 to 10.168.3.99 or 10.168.3.250 to 10.168.3.254,
which are all outside the LAN DHCP server range.

Step 5: Connect the AP to the LAN. Unplug the computer you used to configure the AP and plug it back into
one of your LAN router's switch ports. Now take an Ethernet cable, plug one end into another unused router
switch port and the other end into one of the AP's LAN ports. Be sure to use a LAN port and not the WAN port.
Figure 4 shows the proper connection for the WRT54G.
Figure 4: AP connection detail

Step 6: Check the AP LAN connection. You should now be able to use any of your LAN's computers to reach
the AP. So open a browser, enter the address that you set for the AP in Step 4 (which is at 10.168.3.250 in
this example) and you should get the login prompt.

If you don't get the prompt, recheck that you have the Ethernet cable running from LAN port to LAN port on
your router's switch and the AP. The respective port lights on the router and AP should be lit.

Step 7: Check the AP wireless connection. Fire up a wireless notebook or other client and check that it
properly associates and pulls an IP address from your LAN router's DHCP server. Congratulations! You now
have a new AP!

How To: Add an Access Point to a Wireless Router


Tim Higgins March 20, 2008

Introduction

In this earlier How To, I showed you how to convert a wireless router into an access point (AP). This how to
will show you how to properly configure the second AP, so that it works in harmony with your main wireless
router.

1) Set the AP's Static IP Address

This was covered in the previous How To, but bears repeating. In this example, the existing wireless router has
an IP address of 10.168.3.254 and a DHCP server range of 10.168.3.100 to 10.168.3.249.

So you can set the AP to any IP from 10.168.3.1 to 10.168.3.99 or 10.168.3.250 to 10.168.3.254, which are all
outside the existing wireless router's DHCP server range. Figure 1 shows how to perform the change for a D-
Link DIR-625 (or just about any D-Link router).
Figure 1: Setting the AP IP address and disabling DHCP

2) Connect the AP

This can be easy if you have Ethernet cabling at the location where you want to place the AP. But if you don't
have CAT5 run to where you want to place the AP, consider connecting it via powerline networking.

Powerline networking uses your home's electrical wiring as the network cabling. So it provides the maximum
flexibility for locating the AP. Figure 2 shows how to do it, using the IP addresses we're using in this example.
Figure 2: Connecting the AP via powerline networking

Powerline can be a good alternative to Ethernet, but not all powerline products are the same. The powerline
networking industry seems like it has gone out of its way to prevent consumers from having a smooth powerline
networking experience. There are two competing technologies that don't interoperate (HomePlug and UPA) and
even versions of the same technology that don't interoperate (HomePlug AV and earlier versions).

The solution to this is buy two of the same make and model of powerline adapters. This will guarantee that
they'll play together. And if you have problems, you won't get the run-around from the manufacturer's tech
support. I recommend you go with either HomePlug AV or UPA 200 Mbps products. These have the best
chance of not being a speed bottleneck.

When you install the adapters, they should be connected directly to wall outlets. Powerstrips with short cords
and no line filtering are usually ok, but direct connection is best. Light dimmers and some fluorescent lights can
generate noise that can lower powerline networking throughput. So don't plug either of them into the same
outlet or even another outlet in the same room.

Note in Figure 2 that I haven't put IP addresses on the powerline adapters. This is because you usually don't
have to worry about configuring them. They usually plug in and just work.

If you don't go with powerline networking, you just need to connect one of the AP's LAN ports to one of the
primary router's LAN ports using a regular Ethernet patch cable.

Once you're connected, fire up your favorite web browser, enter the IP address of the AP (10.168.3.250 in our
example) and you should get the login prompt for the AP.
3) Set the AP SSID

After you're logged into the AP, surf to the Basic Wireless Settings page and find the Wireless Network
Name or SSID box.

If you don't want to control the AP that your client connects to, i.e. either your main wireless router or the new
AP, set all your APs to the same SSID. This is how multiple access points are set in large "enterprise" or
campus installations.

But most wireless clients are very "sticky" and tend to stay associated to the first AP they encounter, even when
APs with stronger signals are available. So I recommend setting a different SSID for the AP, so that you can
manually control connection.

The other advantage of setting a different SSID for the AP is that you'll be able to see both the AP and your
main wireless router if you're using the Wireless Zero Configuration utility that is built into Windows. Even in
Vista, Microsoft has stubbornly chosen to not show multiple wireless networks that use the same Network
Name / SSID.

4) Set the AP channel

One large network practice that you do want to follow is to set the AP to a different channel than the main
wireless router. In the U.S. you should use only the non-overlapping channels 1, 6 and 11. So, if your main
wireless router is set to channel 6, set the AP to either 1 or 11.

You should probably do a quick site-survey first (see this HowTo), to make sure that you aren't setting the AP
channel to one used by a neighbor's network. If you can't find a completely clear channel, choose the weakest
neighboring network and set the AP to its channel.

5) Set the AP Encryption

Although you want the option of telling your wireless client to connect to either your wireless router or new AP,
you don't want the hassle of having to set up another WEP key or WPA password. So be sure that the wireless
security on the AP is set up the same as that on your main wireless router. Of course, this should be at least
WPA / TKIP, but preferably WPA2.

6) Test

Now that everything is set up, fire up your wireless notebook or other client and make sure that you can see and
connect to both the main wireless router and your new AP. If you're having trouble getting your notebook to
stay connected where you want it to, see these tips. You might also need to move the positions of the wireless
router and AP in your client utility's Preferred Networks list.

Now, sit back and enjoy your improved wireless network!


How To: Build an Open Source Wi-Fi HotSpot with DD-WRT
Eric Geier September 06, 2007

Introduction

Figure 1: Students using a Wi-Fi hotspot.

If you've ever tried to set up a Wi-Fi HotSpot, you may have already discovered that you need more than a
broadband Internet connection and wireless router or access point. Off-the-shelf routers and APs don't provide
the "captive portal" function needed to either authenticate users or just let them know who to thank for their free
connection. Nor do they usually provide other features such as billing support, bandwidth limiting and user
isolation. To obtain hotspot-specific features and capabilities, you must use a device commonly referred to as a
hotspot gateway.

If you have already figured out that you need a hotspot gateway to set up a Wi-Fi hotspot, you might not know
about the great benefits open-source projects offer in this realm. The focus of this How To is to get you up to
speed on open-source resources and walk you through a simple configuration example.

Alternative Firmware - Pros and Cons

Many wireless routers are based on open source operating systems and tools, which open the door to
enterprising developers to either provide minor tweaks, or entire alternative firmware distros. These alternative
firmwares open up features not usually available in inexpensive SOHO routers, including hotspot features such
as captive portal and bandwidth limiting.

Whether you’re setting up wireless Internet access at a public venue (such as a small B&B, store or restaurant)
or in an office building (for visitors, consultants, and salespeople), open source firmware offers an alternative
solution for your hotspot needs. Before you take the plunge, you should be aware of the negatives, along with
the benefits you can reap, shown in Table 1.

Pros Cons
Saves money Voids factory warranty
Enterprise features No guaranteed support
Customization More complex setup

Table 1: Pros and Cons of Alternative router firmware


Saving money is one of the greatest benefits. You can spend just $40 to $60 for a simple router and load it with
free firmware to gain functions similar to those in a "real" hotspot gateway costing hundreds more.

Additionally, the third-party firmware gives you the ability to use features usually available only in enterprise
devices, such as VLANs, virtual/multiple SSIDs, VPN server, bridging and Quality-of-Service (QoS)
capabilities. Another benefit is being able to customize the functionality of the router even beyond what’s
provided by the open-source firmware—if you know your way around coding and networking.

On the minus side, using third-party firmware will definitely void your warranty. So if you have problems, you
can't tap your product's vendor for help or product replacement in case of failure. And given that you’re
essentially messing with the "brains" of electronic equipment, setup is a bit more complex than using off-the-
shelf hotspot gateways, which are specifically designed for hotspot solutions.

Fortunately, the more popular alternative distributions, like the one we'll use, tend to have active user
communities with wikis, forums and other lifelines that you can grab onto in case of problems. But if you're the
type who needs to be able to call someone when you run into a problem, then alternative firmware probably isn't
for you.

The Projects

There are three popular general open-source firmware projects offering hotspot capabilities:

• DD-WRT: Offers many firmware versions to support many different routers. Along with adding new
general features, open-source projects designed specifically for hotspots are intergraded.
• Sveasoft: Also offers multiple firmware versions, including a free public release supporting the
ubiquitous Linksys WRT54G/GS routers and more advanced editions supporting additional routers. It
includes hotspot specific features, but requires a yearly $20 subscription fee.
• OpenWRT: Unlike most other firmware replacements, setting up hotspot features and a web-based GUI
interface requires advanced knowledge and additional installation.

There are also many open-source projects specifically developed for hotspot solutions, including the following
(which I discuss later):

• ChilliSpot
• Wifidog
• NoCat
• Sputnik
• CoovaAP

If you're designing large public networks, there are also firmware replacements designed for mesh networking,
such as freifunk and Roofnet.

Setting Up DD-WRT For Hotspot Use


I’ve chosen to cover setting up DD-WRT, as it’s a well-rounded, feature-rich firmware replacement offering
many hotspot solutions. The following steps will walk through the process of installing and setting up DD-WRT
for a public hotspot solution.

Step 1: Get a Supported Router

The first step is to round up a supported 802.11g wireless router, such as the following:
• Linksys WRT54G/GL/GS
• Buffalo WHR-G125 and WHR-HP-G54
• Asus WL-500G and WL-300G

You can also view the full list of supported devices on the DD-WRT website, along with a great comparison
chart and list of top routers.

Note: You should try to avoid devices with only 2MB of flash memory (such as WRT54G/GS v5.0/6.0)
because you’ll only be able to run the micro version of DD-WRT. You should also note the Asus WL-500G
premium is only supported by v23 SP3 and later releases.

Step 2: Get the DD-WRT Firmware

Next you need to download the firmware, based on the particular router you’re using and your desired features,
from the collection on the DD-WRT website.

Before you start browsing the collection, however, you should familiarize yourself with the firmware naming
and organization schemes. You’ll see the firmware organized into three different sections: stable, release
candidates, and beta. As you can perhaps infer, the stable section is your best bet, providing thoroughly-tested
firmware releases.

Note: The most recent stable release (at the time of this writing) is v23 SP2 and the latest release candidate
is v24 RC1.

Each firmware release offers a common set of versions (see Figure 2 for a comparison) which provides more
control over the features included in the firmware to conserve router resources, and to support routers with
smaller memory sizes. In most cases, the Standard version is the best choice for hotspots, as it embraces all the
features except the special VoIP and VPN components.
Figure 2: Comparison of DD-WRT firmware file versions.

There are also different firmware types:

• ASUS: For the WL-300/500G models.


• Generic: For routers that don’t require their own version and for special cases.
• Linksys specific: Specific firmware versions for the particular models, beginning with wrt.
• Motorola specific: For micro and mini file versions only, and identified by moto.

Tip: When flashing from original Linksys firmware, you must first use the mini version; then you can
upgrade/flash to another version. When using the web interface method, you must use the generic firmware
types.

When browsing through the firmware collections, you’ll see file names in the following format: dd-
wrt.vXX_set_type.bin. The XX identifies the firmware version, set defines the firmware collection (such as
micro or VOIP and is displayed for only nonstandard sets), and type identifies the hardware type (such as ASUS
or Generic).
Step 3: Flash Router with the DD-WRT Firmware

There are two basic methods to flash a router: Trivial File Transfer Protocol (TFTP), a simple file transfer
method using a command line interface, and using a router's web interface firmware upgrade feature.
Flashing via the web interface is easier and supported by most routers. The exception is Buffalo devices, where
you must use TFTP.

Warning! Warning! Warning! Warning!

- As with any open-source firmware, it’s very important to follow all the directions and
precautions because one mistake could ruin (brick) your router.

- Making these changes will, of course, void your warranty.

- SmallNetBuilder, Pudai LLC and I are not responsible for any damage that the
information in this article may cause.

Since the exact flashing procedure can vary depending on the router manufacturer vendor and model, you need
to reference the flashing directions on the DD-WRT website.

Step 4: Setup a Hotspot Solution

As touched on before, DD-WRT integrates many independent open source projects specifically designed for
hotspots into its firmware, including the following:

• Sputnik: Integration with a free/paid hosted service from Sputnik that provides user authentication and
device management for use with free or pay access hotspot solutions. Although you may pay for the
service, it’s a bit more user-friendly than the other solutions, which are all open-source.
• Wifidog: Integrated into the firmware, providing advanced captive portal and content management
features for free access hotspots. You must set up an external server with their proprietary software
which requires some advanced web development skills and knowledge.
• Chillispot: Enables hotspot user authentication and management for free or pay access hotspot
solutions, but requiring an external RADIUS server. Hosted servers, however, provide an easily way to
obtain the advanced hotspot features and functionality. Here’s a few places that offer free/paid hosted
services for use with this solution:
o Worldspot.net
o Skyrove
o HotSpotSystem.com
o WirelessOrbit
• NoCatSplash: Provides only a simple captive portal (splash screen) feature with a few filtering options,
however is excellent for giving away free access (or even paid access with some work) when user
tracking and advanced hotspot management isn’t necessary. It’s best to have some web development
experience, as you must create your own splash screen. Otherwise it’s fairly straightforward.

Now that you have chosen a solution, here are the basic steps (in v23 SP2) to set it up:

1. Login to the web interface (figure 3 shows an example) using the router’s IP address (by default
192.168.1.1).
Figure 3: Example of the DD-WRT web interface.

2. Click the Services tab.


3. Enter the router’s username and password (by default root and admin) into the dialog box.
4. Click the Hotspot tab. Figure 4 shows an example of this page.
Figure 4: Example of the hotspot settings page in DD-WRT.

5. Enable one of the hotspot solutions, configure the settings, and click Save Settings.

Although we won’t discuss configuring each solution, most of the bullets given earlier offer links to
configuration instructions or at least the website of the project where you can obtain help.

Setting Up NoCatSplash

So that you end up with at least one working solution from this How To, I'll walk through setting up
NoCatSplash.

Before configuring the settings, you need to create a web page (.html file) for the splash screen. You can then
upload it to the router or host it on a website. After connecting to the hotspot, a user must click the button (such
as I agree) on your splash screen before browsing the web.

Use code similar to the following to create a form on the splash page:
<p><b><font size="5">Welcome to $GatewayName!</font></b></p>

<p><b><font size="2">Read the following terms and conditions,


and hit the I Agree to proceed.</font></b></p>

<p><font size="2">...</font></p>

<form name="login" method="post" action="http://192.168.1.1:5280/">


<input type="hidden" name="accept_terms" value="yes" />
<input type="hidden" name="redirect" value="$redirect">
<input type="hidden" name="mode_login">
<input type="submit" value="I Agree">
</form>

You can use the $redirect variable to send users to a site of your choice (instead of the URL they originally
tried to access) after they "authenticate" by clicking the "I Agree" button.

Another optional variable is $GatewayName, which displays the value of the Gateway Name (defined later in
the settings) on the splash page.

Now you need to configure the settings:

Figure 5: Example of the NoCatSplash settings in DD-WRT.


Gateway Name: This value can be displayed on the splash page when using the optional variable,
$GatewayName.

Home Page: Enter your website address, if you have one.

Allowed Web Hosts: List of domains (separated by a single-space) that users can access before hitting the
button. If the splash page is on a website, you must enter its domain.

Document Root: The directory on the router where the SplashForm (or splash webpage) is located. If you’re
hosting the splash page on a website you can ignore this field.

Splash URL: Enter the webpage address of your splash page, if hosting on a website; otherwise leave blank if
uploading to the router.

Exclude Ports: Specify TCP ports (such as 25 for SMTP) to block from the hotspot users. Separate each port
number by a single-space.

MAC White List: List of MAC addresses (separated by a single-space) that have unrestricted access. You can
for example, enter the MAC addresses of your radio cards so you are not blocked from any ports you’ve
excluded.

Login Timeout: Specifies how often (in seconds) the splash screen is displayed. For example, you could set
this to 86400 seconds, so every 24 hours the user will see the splash page and have to click the button again.

Verbosity: This specifies the amount of actions that’s written to the syslogd log. The default value of 5, logs
most actions and should be fine for most situations. However, to log everything, set this to 10, or 0 to disable
logging.

Route Only: When enabled, your router won’t run NAT. Unless you have a strictly routed network, the default
setting (disabled) should be fine.

Figure 6 shows the end result of the splash page created with the code given earlier and the settings configured
in Figure 5.

Figure 6: Example of the DD-WRT splash page.


Step 5: Configure Additional Settings

To better adapt your DD-WRT powered router for hotspot use, you should think about making these changes:

• Enable Info Site Password Protection: By default, a page showing status details of the router is
displayed (Figure 7) without requiring a password, when a user accesses the router's admin IP address.
Although, the information isn’t particularly sensitive, you should prevent public access to it. Go to the
Management settings on the Administration tab and refer to the Web Access section.

Figure 7: Example of the Info Site page in DD-WRT.

• Filter SMTP traffic: To prevent users from sending SPAM using your Internet connection, you can
block SMTP traffic. Refer to the Blocked Services section on the Access Restrictions tab. Depending on
the solution you use, this can also generally be set using your hotspot management settings.
• Enable AP Isolation: Prevents communication (i.e. file sharing) between the hotspot users which helps
secure users that forget to disable sharing. Go to the Advanced Settings on the Wireless tab.
• Configure QoS: To control the bandwidth each person uses on the hotspot you can configure QoS. Go
to the QoS Settings section of the QoS subtab of the NAT/QoS tab. Depending on the solution you use,
you may also be able to control this with your hotspot management settings.

Conclusion

In this article, we discussed how you can take advantage of the open-source community when it comes to
setting up a Wi-Fi hotspot. You can use third-party firmware on simple off-the-shelf routers, instead of buying a
commercial hotspot gateway. Although requiring some extra time and a bit more risk, our solution saves
hundreds of dollars.

Among the three general firmware solutions discussed, DD-WRT is most likely the best bet for open source
and Linux beginners. In addition, it is integrated with the most popular open source hotspot solutions.

Have fun with your new hotspot!


**************************************************
Below this section is older (possibly outdated) material!!
**************************************************

How To: When Wireless LANs Collide!


Tim Higgins February 28, 2004

Introduction

Wireless networks are wonderful things - when they work! But an increasing number of consumers are finding
that even if they manage to get their WLAN (wireless LAN) working, keeping it up and running reliably with
good performance is often a frustrating and unsuccessful struggle. Though flaky equipment and improper setup
can sometimes be the cause, all too often the growing popularity of WLAN equipment is itself the cause of
wireless woes.

In this ProblemSolver, I'll explain the causes of problems in closely-spaced wireless LANs (and dispel some
myths). I'll then give you fixes for common problems, and even tell you what not to waste your time trying.

So, how do you know that you have a problem from neighboring WLANs and not just something wrong with
your own equipment? Take this little test:

• Your WinXP "View Available Wireless Networks" window shows wireless networks other than your
own - and lots of 'em
• You keep losing connection to your AP, even when you're in the same room
• Your wireless connection seems to crap out around the same time each day...usually in the late afternoon
or early evening
• You overhear your neighbor talking about the problems he's having with his wireless LAN
• You live in a dorm, apartment building or neighborhood with large homes on small lots and broadband
Internet service

If any of these sound familiar, then you probably should read on. If, on the other hand, you live out in the
boonies where your cell phone doesn't even work and you have to drive over to see your neighbor, then this
article probably isn't going to be much help!

NOTE: Please read references to access points (AP) or wireless routers as applicable to both kinds of products
unless otherwise noted.

What's the problem?

The primary causes of wireless LAN problems in high-density areas are:

1) Too many users trying to use the same channel.

2) RF (Radio Frequency) interference from nearby WLANs

The first problem is a capacity issue, i.e. not enough bandwidth to go around. Simply put, there are too many
radios trying to use the same channel (i.e. frequency) at the same time in the same area. "High density" is a
relative term, but if you live in an apartment building or school dorm, you're definitely in this category. And
even if you live in a single-family dwelling, if the distance between your and your neighbors' homes is 50 feet
or so, and you know the names (SSIDs) of your neighbors' wireless networks, you're also in this category!

An 802.11b network has a best-case useable bandwidth of about 5Mbps. This capacity can actually support a
large number of users, if their transmissions are short and intermittent - as they would be for web-browsing,
email, IM and the like. But with typical broadband connection speeds of 1-2Mbps, you can see that it doesn't
take too many long downloads, video streams or webconferencing sessions running simultaneously to exhaust
this relatively small data "pipe".

Switching to 802.11g makes the "pipe" bigger, but nowhere near the 54Mbps touted on product boxes. My
testing shows that best-case real (available) bandwidth for current-generation 11g products with clients
running WinXP is around 25Mbps. Using Win98 typically drops that to closer to 20Mbps, and having any
802.11b stations (clients) associated to an 11g WLAN will drop maximum throughput to around 12Mbps.

TIP: See our 802.11g NeedToKnow - Part 2 for more info on what happens when 11b and 11g clients mix
on the same WLAN.

Too Much Noise

The second cause falls into the category of RF-based interference. Though you might think of wireless LAN
interference only in terms of 2.4GHz cordless phones and microwave ovens, WLAN equipment itself is
becoming another growing - and perhaps dominant - category of RF "noise".

Every form of communication has to deal with two components: signal, which is the part that contains the
desired information; and noise, which is everything else. Key attributes of radio receiver design are maximizing
sensitivity to signal and minimizing sensitivity to noise.

As long as 802.11b / g products receive sufficient signal, the Carrier Sense Multiple Access/Collision
Avoidance (CSMA/CA) mechanism built into the protocol coordinates their communication. This access
method - similar to CSMA/CD used in wired Ethernet - makes sure that only one product transmits at a time, so
that the data is understood by all receivers.

But when the radio energy detected by a piece of WLAN gear can't be understood - even if that energy comes
from valid WLAN equipment - it turns into noise. Wireless LAN gear does a remarkable job of differentiating
between signal and noise, but not all products are created equal in this area.

If you're using 802.11b or 802.11g equipment, you probably know that your access point has eleven channels
that it can be set to. You may not know, however, that only three of those channels should be used. The
reason for this is illustrated in Figures 1 and 2.

Figure 1: 802.11b adjacent channel overlap

The yellow shaded area in Figure 1 represents the power from channel 2's signal that overlaps into channel 1's
main lobe (the largest "hump" and also the frequency band that contains most of the signal's power). Since a
significant amount of channel 2's main lobe overlaps into channel 1's main lobe (and vice versa),
communication on both channels will suffer. (Note that this effect is the same for any two adjacent channels,
not just Channels 1 and 2.)

Contrast this picture with the situation shown in Figure 2.

Figure 2: 802.11b "non-overlapping" channel overlap

TIP: See this section of our Atheros Super-G NeedToKnow - Part 1 for a full explanation of channel
overlap

This figure has the same scale as Figure 1, but shows signals in the "non-overlapping" channels 1, 6 and 11.
Since the power from each signal doesn't magically stop at the 22MHz 802.11b channel boundaries, there is still
overlap between "non-overlapping" channels. But in this case, the yellow shaded area that represents channel
11's power that is overlapping into the main lobe of channel 6 is at least 30 dB lower (1/1000) than channel 11's
peak power. For most well-designed radios, this 30dB difference between signal and "noise" is sufficient to
ensure good rejection of the adjacent channels' signals (i.e. noise).

Use of overlapping channels isn't the only source of WLAN RF interference. As I'll explain later (What
Doesn't Help), some of the techniques that your might be using to "ignore" other WLANs actually can hurt
rather than help your own WLAN's performance!

The take-away from all this is that not only do you have to deal with possible problems from microwave ovens
and 2.4GHz phones, but neighboring WLANs themselves can also become interference sources.

Tip: Wireless networking management company Cirond argues that there are actually four channels (1, 4, 8,
11) that can be used for 802.11b and g with virtually no performance penalty. I recommend you stick with using
Channels 1, 6, and 11 since they are more likely to be used by neighboring WLANs.

Change Channels

Now that you understand the primary mechanisms at work, you're ready to move on to ways to combat them. A
simple first step is to change your access point's channel. Since Windows XP's Wireless Zero Configuration
utility is no help in determining the channels that neighboring wireless LANs are operating on, you'll need to
fire up the wireless client utility that came with your wireless adapter card.
Figure 3: ASUS WL-100g Site Monitor Search
(click on the image for a full-sized view)

Figure 3 shows a nice utility that comes with ASUS' WL-100g CardBus client card. It not only shows the
SSID and channel of each in-range AP, but its MAC address and signal strength - all very handy info!

One you know the lay of the airwaves, the countermeasure is simple. You'll just need to choose a channel - 1, 6,
or 11 - that is used by the fewest neighboring APs, has the lowest signal, is the least busy, or hopefully all
three!

Changing channels is easy, but you have to know how to access your access point or wireless router's setup
screens (this info is in your product's setup guide and user manual). As an example, Figure 4 shows the main
Setup screen for the Linksys WAP54G, with the yellow highlight indicating the Channel and SSID settings.
Figure 4: Linksys WAP54G access point setup screen

You'll probably want to change both settings - I'll explain the how and why of the SSID setting later. Be sure to
Apply, Save or whatever your product has you do to make the settings stick after you change them.

By the way, while client utilities can help you count APs and determine their operating channel, they won't
show you how busy each of those AP's are, i.e. how many clients are associated to them. For that, you need a
handy tool like my personal favorite - AirMagnet.
Figure 5: AirMagnet Handheld showing APs at CES2004

Figure 5 shows just one of the many views that AirMagnet can provide of all in-range wireless equipment. This
tree-type view shows access points (the little towers) and their associated clients (the little laptops). You can see
that there are plenty of idle APs, and with a few stylus taps, AirMagnet can show the channel they're operating
on, too.

Unfortunately, AirMagnet and similar wireless LAN analysis tools are not intended for consumers and are
priced accordingly ($3000 and up). If you're handy with Linux, you can try Kismet, but otherwise you'll have to
make do with counting APs and looking at signal strength to guide you in your choice of new channel.

NOTE: Don't bother trying to change the operating channel of your wireless client. The operating channel
of Infrastructure-based wireless LANs (those that use access points or wireless routers) is determined by the
AP, not the client. All you need to do is change the AP channel, and its associated clients will follow.

One of these WLANs is not like the other

Finding unused airspace will solve most neighboring LAN problems. But if that's not an option (or you've tried
it and you still need help), you might just need to tell your laptop to not go wandering and stay home!

In its zeal to make wireless networking as easy and automatic as possible, the default behavior of WinXP's
built-in Wireless Zero Configuration utility is very, well, promiscuous. Once you use it to successfully connect
to a wireless LAN with a particular name (i.e. SSID), it automatically considers that a "preferred network" and
will connect your wireless computer to it whenever it comes within range.

This convenient feature becomes a problem, however, in areas where there are multiple access points with the
same name, but that are not part of the same network! As far as your wireless laptop is concerned, APs with
the same name are part of the same network (this is how wireless LANs with multiple APs are set up, actually).
Since your laptop has no way of knowing that those other APs with the same SSID as your AP are actually
belong to your neighbors' APs, it will at some point try to connect to them, usually when it detects an AP with
a stronger signal.

But if your neighbor's AP happens to have WEP or WPA encryption enabled, or is using MAC address filtering
(association control), your laptop won't be able to connect. What you'll see is your wireless connection
dropping, then (maybe) reconnecting to your own AP (you may have to rescan for networks and manually
reconnect). You may think that your wireless network has gone haywire, but in truth, your laptop's wireless card
is just trying to do its job and keep you connected to the best signal available.

What makes this situation worse - by interfering with proper diagnosis of the problem - is that the Available
Networks part of XP Zero Config doesn't show multiple instances of the same network name (SSID). So unless
you run the wireless client utility that came with your adapter and it shows every AP that it detects, you can
only guess at what your wireless client is really seeing.

Turning again to the ASUS WL100g card as an example, Figure 6 shows that its client utility accurately
displays multiple APs, even if they have the same SSID.
Figure 6: Multiple APs with same SSID

What this particular utility doesn't allow, however, is to force connection to a specific AP. In the quick
experiment that I ran, I could only get a connection to the AP with the strongest measured signal (at the time
when the client scanned for APs). In most cases AP association rules are baked into a wireless adapter's driver
and unfortunately, most manufacturers don't give users any control over it.

Making your client stay home

Fortunately there are two things you can do to keep your wireless clients on their own network. The first is to
change your SSID from its default value and one not used by nearby WLANs. Choose something unique
and which doesn't divulge your name or location. Using only letters, numbers, underscores and no spaces
should give you plenty of options for the SSID name.

TIP: Referring back to Figure 4, some APs allow you to set an "AP Name", which has nothing to do with its
SSID, but is used to tell multiple APs apart for management purposes. So make sure you change your APs
SSID (sometimes called ESSID).

The second step - if you're using WinXP - is to clear the Preferred Network list and make sure connection to
non-preferred networks is disabled. You'll find the icon for your wireless adapter in the Network Connections
window (Start > Settings > Network Connections). Right-clicking on the icon and selecting Properties should
bring up a window similar to Figure 7.
Figure 7: Too many "Preferred" networks

The upper portion of the window lists Available, i.e. currently detected, wireless networks while the lower
section lists Preferred networks. Simply delete every network except yours by selecting them and clicking the
Remove button. Then click the Advanced button to bring up that window, and make yours look like Figure 8.

Figure 8: Advanced Wireless Network Properties

This will prevent your card from trying to connect to Ad-Hoc networks (in the unlikely event that any are
around), but more importantly prevent automatic connection to any new wireless LANs that appear in your
neighborhood.

TIP: If your wireless client is moved to another location where wireless LANs are present, you should repeat
the Preferred Network clean-out when you return to your normal location.
If you're not running WinXP or use your wireless adapter's client utility instead, check it to see if has a similar
"preferred network" capability, and perform a similar clean-out if possible. Some utilities use "connection
profiles", which store all the settings for connecting to a particular WLAN and require you to manually switch
among them. You shouldn't have to perform a "clean-out" in this case, but you may need to delete unwanted
profiles if your client utility automatically creates them when it detects new networks and automatically
switches among them.

Survey the possibilities

If you can't find a clear channel and still have problems after locking your clients down so that they don't go
straying to other WLANs, it's time to see if you can do something about all the unwanted signals bombarding
your poor little WLAN, i.e. reduce the RF noise. This is an area where understanding the problem is especially
important before implementing a solution and that means you'll need something to measure signal strength to
help you perform a site survey.

A "site survey" is just a fancy term for walking around with something that can measure wireless signal strength
and recording what you see. You can do this with your wireless laptop, provided that its client application has
the ability to show all in-range APs, their channels and some indication of signal strength. It doesn't matter
whether the signal indicator reads in %, dBm, or no units at all, or whether it measures signal strength, signal
quality or both, since you'll be looking mainly for changes in whatever indicator you use. It's also helpful if the
client utility has a fast-responding, real-time signal indicator for the AP that it's connected to, and even better if
it can plot the signal strength over time.

If your client utility doesn't have any of these features, you have a couple of choices, both of which will
probably involve purchasing a new client card. This isn't as bad as it sounds since the price of 11b cards has
dropped down to around $50. NetStumbler is a great free tool for checking out your wireless neighborhood. It
includes signal and noise plotting capability and comes in versions that run on Windows and PocketPCs. It
works with cards using the Lucent (now Agere Systems) Hermes chipset, which includes the ORiNOCO
802.11b card, but check the release notes for the version you download for a list of other supported cards.

If you'd rather go with a commercial solution, the client utility that comes with ASUS WL-100 and WL-100g
cards is excellent.

Once you have your signal measurement tool, take it to your problem location(s) and see what it can see. Since
you've already addressed the SSID-related problems (right?), you're mainly looking for the signal levels and
channels of neighboring APs. The APs most likely to be causing you grief are those on the same channel and
with signal levels greater than or equal to that of your own AP.

Once you understand the wireless environment your client is operating in, you're ready to take steps to change
it. Most of the techniques at your disposal are described in the Wireless LAN Performance Improvement
NeedToKnow, but my general advice is to focus on solutions that reduce interference from neighboring
WLANs vs. boosting your own signal and creating a problem for someone else. Many times a little aluminum
screening, intelligent use of directional antennas and just relocating your AP can go a long way.

802.11a

Sometimes, it's just time to move on. If your efforts at battling 802.11b / g interference are proving to be futile,
consider changing to 802.11a. Contrary to what you've probably read, current-generation 802.11a products have
performance equal to or better than many 802.11b and g products. And since they operate in the relatively
quiet (at least for now) 5GHz band, all the neighboring 11b and g WLANs that are causing you so much grief
will, for all intents and purposes, disappear.
If you go this route, avoid single-band, i.e. 11a-only products. They all have first-generation technology,
which did have inferior range. (See the Second-generation 802.11a NeedToKnow for more info.)

Shop only for dual-band (11a / 11g) or dual-band, tri-mode (11a/b/g) products. Also be sure to hit the shopping
search engines and check for bargains since products containing 11a seem to move slowly and retailers
occasionally like to clear out inventory.

Updated March 6, 2004

NOTE: A helpful reader pointed out that there are still some dual-band products out there that
have first-generation 11a radios - most notably, the Linksys WRT55AG .

Social Engineering

As much as you may hate to admit it, you may not be able to solve your wireless problems by yourself. Since
the heart of the problem is caused by lack of coordination (and communication) among users trying to run a
number of wireless LANs in too small an area, the most effective solution would be to apply the design
techniques used in large multi-AP WLANs.

You may be surprised at the willingness of people to work together to solve a common problem - especially if
they don't really have to do much. Put up a sign and call a meeting of your apartment building, dorm, or
neighborhood. If you've got the a WLAN problem, chances are others do too.

Once you've got the interested parties together, the main order of business is to see if you can work out a
satisfactory channel assignment scheme. If there are only three APs involved, the job is pretty simple. But if
you're dealing with more APs, you'll have to put in a more effort.

Make a diagram of the APs as close to scale as you can get it. Once you have the APs located, it's just a matter
of juggling channel assignments so that APs using the same channels have the lowest signal strength with
respect to each other. Since signal strength is primarily related to distance, a practical approximation of this
rule is to locate same-channel APs as far apart as possible. In some cases, building construction and other
RF-unfriendly obstacles like trees, water, screens, etc. may allow you to bend this "farthest-distance" rule a bit.
In multi-story situations, be sure to think in three dimensions because radio waves travel in all directions!

Once you have your channels assigned, but sure to assign unique SSIDs to each AP. Though you want to treat
the APs as one big WLAN from a channel assignment point of view, you still want multiple, separate WLANs
from an operational point of view. Unique SSIDs will keep clients from trying to roam where they're unwanted.

Finally, if you find that your neighbors are unfamiliar with the wonders of WEP / WPA, MAC address
association control (filtering) and other WLAN security features, help them get that set up too. With the
problem of WEP-related throughput essentially gone from current-generation WLAN equipment, there's no
reason to run wide-open WLANs if you don't want to.

What Doesn't Help

When faced with a wireless LAN that won't behave, people will try most anything in search of a cure. But some
"solutions" don't really help and can actually hurt your (and your neighbors') WLANs performance. Let's look at
some "solutions" commonly suggested:
• Turning on WEP / Using authentication
Encryption methods such as WEP and WPA or using one of the many 802.1x authentication methods
will keep unwanted clients from associating with your wireless LAN, but not from trying! Preventing
association keeps clients from using significant amounts of your WLAN's bandwidth, but association
attempts - especially in areas with many wireless clients - can still cause performance to degrade,
particularly in slower 802.11b networks.

Put another way, use of encryption doesn't do anything to the radio signal itself, but only to the
information it is carrying. So while I recommend enabling WPA (or WEP if WPA isn't available) for
security reasons, it doesn't do anything to reduce the effect of too many radios in too small a space.

• Turning off SSID broadcast

Although it's not the security precaution that some articles make it out to be, and it won't really help
keep your clients from trying to associate with other wireless LANs, turning off the broadcast of your
APs SSID could help your neighbor's clients to stay on their own WLAN. But again, change your
default SSID, too, because if your neighbor's laptop detected and saved it in its "Preferred network" list
at some point, it will still look for it during its association attempts.

• Selecting 11g-only mode


Owners of 802.11g equipment may have a few other knobs to fiddle with, depending on the products
they have. Some 11g APs allow disabling of the 802.11b "Protection" mechanism that enables slower
11b clients to interoperate with faster 11g APs. Disabling "protection", however, is similar to enabling
WEP or WPA in that the radio signal - and its negative effects - is still present. Shutting off protection,
however, can have a larger negative performance effect on your WLAN than enabling WEP or WPA.

Figure 9: The effect of disabling 11b "protection"


(click on the image for a full-sized view)

Figure 9 shows throughput plots made with a Linksys WRT54G router and WPC54G CardBus card. Both
traces were made with the pair set to 11g-only mode, i.e. "protection" disabled. The top trace shows throughput
with no other clients in-range, while the bottom trace shows the effect of a single 11b client card just trying to
associate with WRT54G - almost a 20% reduction in average throughput!

The amount of performance hit varies with many factors, but is so pronounced because turning off protection
essentially turns off the coordination between 11b and 11g AP and clients. This raises the occurrence of
transmit collisions and increases the probability that data will need to be retransmitted, lowering throughput.

TIP: For more on 11b protection, see the 802.11g NeedToKnow - Part 1.

• Boosting your signal

As pointed out in the Wireless LAN Performance Improvement NTK, signal boosting solves at best
half the problem since it can only help a client to "hear" an AP better and not vice-versa. Though I have
to admit that boosting could help keep your client from straying by providing a stronger signal to latch
onto, I would personally use this only as a last resort. Solving a problem by passing it on to someone
else (your neighbor) isn't really a solution, in my opinion.

• Using Super-G

Super-G's controversial "channel bonding" technique can cause severe problems in nearby WLANs
under certain conditions (see the Atheros Super-G NeedToKnow - Part 1 for the details). But I put
using Super-G for this purpose in the same category as signal boosting, i.e. not a real solution and
something that may cause more problems than it solves.

Closing Thoughts

The 802.11 protocol that modern wireless LANs are based on is amazingly robust and capable of supporting
dozens, if not hundreds of stations in a given area. The key to successful operation, however, is cooperation,
not competition.

The old saw of "thinking globally, and acting locally" really is the best approach to having multiple wireless
LANs operate successfully. Now that you know how, get out there and lead your wireless neighborhood to
wireless networking harmony!