We understand roaming technologies (Handover, Band steering, IEEE 802.11k, r, v) and conduct a couple of visual experiments that demonstrate their work in practice.

Introduction

Wireless networks of the IEEE 802.11 group of standards today are developing extremely rapidly, new technologies, new approaches and implementations appear. However, as the number of standards grows, it becomes more and more difficult to understand them. Today we will try to describe several of the most common technologies that are referred to as roaming (the procedure for reconnecting to a wireless network), and also see how seamless roaming works in practice.

Handover or "client migration"

By connecting to a wireless network, the client device (be it a smartphone with Wi-Fi, a tablet, laptop or PC equipped with a wireless card) will support wireless connection if the signal parameters remain at an acceptable level. However, when the client device moves, the signal from the access point with which the connection was originally established may weaken, which sooner or later will lead to a complete impossibility of data transmission. Having lost connection with the access point, the client equipment will select a new access point (of course, if it is within reach) and connect to it. This process is called handover. Formally, a handover is a migration procedure between access points initiated and performed by the client itself (hand over - "transfer, give, give up"). V this case The SSIDs of the old and new points do not even have to match. Moreover, the client can fall into a completely different IP subnet.

To minimize the time spent on reconnecting a subscriber to media services, it is necessary to make changes both to the backbone wired infrastructure (make sure that the client's external and internal IP addresses do not change) and to the handover procedure described below.

Handover between access points:

1. Determine the list of potential candidates (access points) for switching.
2. Set the CAC-status (Call Admission Control - control of the availability of calls, that is, in fact, the degree of congestion of the device) of the new access point.
3. Determine the moment to switch.
4. Switch to new access point:

In IEEE 802.11 wireless networks, all handover decisions are made by the client side.

Source: frankandernest.com

Band steering

Band steering technology allows a wireless network infrastructure to transfer a client from one frequency band to another, usually a forced client switch from 2.4 GHz to 5 GHz. Although band steering is not directly related to roaming, we decided to mention it here anyway, as it is related to client device switching and is supported by all of our dual-band APs.

When can it be necessary to switch a client to a different frequency range? For example, such a need may be associated with the transfer of a client from an overloaded 2.4 GHz band to a more free and high-speed 5 GHz band. But there are other reasons as well.

It should be noted that at the moment there is no standard that strictly regulates the operation of the described technology, so each manufacturer implements it in its own way. However, the general idea remains roughly the same: access points do not advertise the SSID in the 2.4 GHz band to a client performing an active scan, if activity of this client at a 5 GHz frequency has been noticed for some time. That is, access points, in fact, can simply keep silent about the presence of support for the 2.4 GHz band, if it was possible to establish the availability of client support for the 5 GHz frequency.

There are several modes of band steering operation:

1. Force connection. In this mode, the client, in principle, is not informed about the availability of support for the 2.4 GHz band, of course, if the client has support for the 5 GHz frequency.
2. Preferred connection. The client is forced to connect in the 5 GHz band only if the RSSI (Received Signal Strength Indicator) is above a certain threshold, otherwise the client is allowed to connect to the 2.4 GHz band.
3. Load balancing. Some clients that support both frequency bands connect to the 2.4 GHz network, and some to the 5 GHz network. This mode will not overload the 5 GHz band if all wireless clients support both frequency bands.

Of course, customers with support for only one frequency band will be able to connect to it without any problems.

In the diagram below, we tried to graphically depict the essence of the band steering technology.

Technologies and standards

Let's return now to the very process of switching between access points. In a typical situation, the client will maintain the existing association with the access point as long as possible. Exactly as long as the signal level allows it to be done. As soon as a situation arises that the client can no longer maintain the old association, the switch procedure described earlier will start. However, handover does not happen instantly, it usually takes more than 100 ms to complete it, which is already a noticeable amount. There are several standards for radio resource management working group IEEE 802.11 aims to improve wireless reconnection times: k, r and v. In our Auranet line, 802.11k support is implemented on the CAP1200 access point, and in the Omada line on the EAP225 and EAP225-Outdoor access points, the 802.11k and 802.11v protocols are implemented.

802.11k

This standard allows a wireless network to tell client devices a list of neighboring access points and channel numbers on which they operate. The generated list of neighboring points makes it possible to speed up the search for candidates for switching. If the signal of the current access point weakens (for example, the client is removed), the device will look for neighboring access points from this list.

802.11r

Version r of the standard defines the FT - Fast Transition (Fast Basic Service Set Transition) function to speed up the client authentication procedure. FT can be used when switching a wireless client from one access point to another within the same network. Both authentication methods can be supported: PSK (Preshared Key) and IEEE 802.1X. Acceleration is carried out by storing encryption keys at all access points, that is, the client does not need to go through the full authentication procedure when roaming with the involvement of a remote server.

802.11v

This standard (Wireless Network Management) allows wireless clients to exchange service data to improve the overall performance of the wireless network. One of the most used options is BTM (BSS Transition Management).
Typically, a wireless client measures its connection to an access point to make a roaming decision. This means that the client has no information about what is happening with the access point itself: the number of connected clients, device boot, scheduled reboots, etc. Using BTM, the access point can send a request to the client to switch to another point with better working conditions , even with a few worst signal... Thus, the 802.11v standard is not directly aimed at speeding up the switching process of a client wireless device, but when combined with 802.11k and 802.11r, it provides faster program performance and improves the convenience of working with Wi-Fi wireless networks.

IEEE 802.11k in detail

The standard extends the capabilities of Radio Resource Management (RRM) and allows 11k-enabled wireless clients to query the network for a list of potential peer-to-peer access points. The access point informs clients of 802.11k support through a special flag in the Beacon. The request is sent in the form of a management frame called an action frame. The access point also responds with an action frame containing a list of neighboring points and their wireless channel numbers. The list itself is not stored on the controller, but is generated automatically upon request. It is also worth noting that this list depends on the location of the client and does not contain all possible wireless access points, but only neighboring ones. That is, two wireless clients geographically located in different locations will receive different lists of neighboring devices.

With such a list, the client device does not need to scan (active or passive) all wireless channels in the 2.4 and 5 GHz bands, which reduces the use of wireless channels, that is, free up additional bandwidth. Thus, 802.11k allows you to reduce the time spent by the client for switching, as well as improve the process of choosing an access point for connection. Plus, eliminating the need for additional scans helps extend the battery life of the wireless client. It is worth noting that access points operating in two bands can inform the client about points from an adjacent frequency band.

We decided to visually demonstrate the operation of IEEE 802.11k in our wireless equipment, for which we used an AC50 controller and CAP1200 access points. One of the popular instant messengers with support for voice calls, running on a smartphone, was used as a traffic source Apple iPhone 8+, known to support 802.11k. The voice traffic profile is shown below.

As you can see from the diagram, the used codec generates one voice packet every 10 ms. The noticeable spikes and dips in the graph are due to the slight variation in latency (jitter) that is always present in Wi-Fi based wireless networks. We configured traffic mirroring to which both access points participating in the experiment are connected to. Frames from one access point fell into one network card traffic collection systems, frames from the second to the second. In the received dumps, only voice traffic was sampled. Switching delay can be considered the time interval that has passed since the traffic was lost after one network interface, and before it appears on the second interface. Of course, the measurement accuracy cannot exceed 10 ms, which is due to the structure of the traffic itself.

So, without enabling support for the 802.11k standard, switching the wireless client took an average of 120 ms, while activating 802.11k allowed this delay to be reduced to 100 ms. Of course, we understand that although the switching latency was reduced by 20%, it still remains high. Further reduction in latency will be possible with the combined use of 11k, 11r and 11v standards, as is already implemented in the home series of wireless equipment.

However, 802.11k has another up its sleeve: timing to switch. This possibility is not so obvious, so we would like to mention it separately, demonstrating its work in real conditions. Typically, the wireless client waits until the last, maintaining the existing association with the access point. And only when the characteristics of the wireless channel become completely bad, the procedure for switching to a new access point is started. With the help of 802.11k, you can help the client with the switch, that is, offer to make it earlier, without waiting for significant signal degradation (of course, we are talking about a mobile client). Our next experiment is devoted to the moment of switching.

Qualitative experiment

Let's move from the sterile laboratory to the real customer's site. The room installed two 10 dBm (10 mW) APs, a wireless controller and the necessary supporting wired infrastructure. The layout of the premises and the locations of the access points are presented below.

The wireless client moved around the room making a video call. First, we turned off support for the 802.11k standard in the controller and set the places where the switch took place. As you can see from the picture below, this happened at a considerable distance from the "old" access point, near the "new" one; in these places the signal became very weak, and the speed was barely enough to transmit video content. There were noticeable lags in voice and video when switching.

Then we turned on 802.11k support and repeated the experiment. The switchover now took place earlier, in places where the signal from the "old" access point was still strong enough. There were no lags in the voice or video. The switching point has now moved approximately halfway between the access points.

In this experiment, we did not set ourselves the goal of elucidating any numerical characteristics of switching, but only qualitatively demonstrating the essence of the observed differences.

Conclusion

All standards and technologies described are intended to improve the customer experience. wireless networks, to make its work more comfortable, to reduce the influence of irritating factors, to increase overall performance wireless infrastructure. We hope that we were able to demonstrate clearly the benefits that users will receive after implementing these options in wireless networks.

Is it possible to live in an office without roaming in 2018? In our opinion, this is quite possible. But, having tried once to move between offices and floors without losing the connection, without having to re-establish a voice or video call, without being forced to repeat what was said or ask again, it will no longer be realistic to refuse.

P.S. but this is how you can make seamlessness not in the office, but at home, which will be discussed in more detail in another article.

Introduction

As I said, I have on the topic of capsman settings in mikrotik. Nowadays, due to the speed of development of information technologies, information becomes outdated very quickly. Although the article is still relevant, read and used regularly, there is now something to add to it.

Came out a new version Controlled Access Point system Manager (CAPsMAN) v2. I'll tell you a little about her. In my work I will rely on the experience of the previous article and on the official Manual: CAPsMAN from the microtic manufacturer's website.

I will have 2 RB951G-2HnD routers at my disposal, which are in accordance with my recommendations on this topic. I recommend that you familiarize yourself with them, just in case, so that you have a general idea of ​​the basic settings of routers. On one of these routers, I will configure an access point controller, the other will connect to this controller. Both points form a single seamless wifi network with automatic switching customers to the nearest point.

An example of two access points will be enough for a general idea of ​​how the technology works. Further, this setting is linearly scaled to the required number of access points.

What is capsman v2

First, I'll tell you what capsman v2 is and how it differs from the first version. It should be said right away that there is no compatibility between the two versions. If you have a v2 controller, then only access points with the same version can connect to it. And vice versa - if you have v2 points, you will not be able to connect to the controller of the first version.

CAPsMAN v2 has a different package name on the system - wireless-cm2... It has appeared in the system since RouterOS v6.22rc7. The previous version had a name - wireless-fp, it appeared in version v6.11. If you don't have a new package, go to the last one.

List of innovations in capsman v2:

• Ability to automatically update managed access points.
• The protocol of information exchange between the controller and access points has been improved.
• Added “Name Format” and “Name Prefix” fields in Provision rules settings.
• Improved logging of the client switching process from point to point.
• Added L2 Path MTU discovery.

If you already have capsman configured on your network, then the developers suggest the following way to upgrade your entire network to v2:

1. Configure the temporary capsman v2 controller on the original network.
2. You are starting to gradually upgrade your managed APs to include the wireless-cm2 package. All updated access points will connect to the temporary controller.
3. After all managed APs are updated to the latest version, update the main capsman controller. After this happens, turn off the temporary controller.

There is an easier way if you are not critical of network downtime for a while. Run the update at the same time on all routers - both on the controller and on the points. As soon as they are updated, everything will work on the new version.

I warn you right away if you have any questions on this topic. I have not personally tested the upgrade to v2, it was not necessary.

Configuring a wifi network controller

Moving from theory to practice. First of all, we will configure the capsman controller before connecting access points to it. As I said, we update the system before that. We must have the package installed and activated wireless-cm2.

To activate the wireless controller function, go to the section CAPsMAN, click on Manager and check the Enabled box.

Before proceeding with the configuration, I'll tell you a little about how the system works. An access point controller is configured on the network. Individual wifi points are connected to it and settings are received from it. Each connected access point forms a virtual wifi interface on the controller. This allows standard means to manage traffic on the controller.

Presets on a controller can be combined into named configurations. This allows you to flexibly manage and assign different configurations to different points. For example, you can create a group with global settings for all access points, but at the same time, individual points can be set additional settings which will overwrite the globals.

Once the managed point is connected to the network master, all local wireless settings on the client are no longer valid. They are replaced by the capsman v2 settings.

Let's continue configuring the controller. Let's create a new radio channel and specify its parameters. Go to the tab Channels, click on the plus sign and specify the parameters.

There is no drop-down list in the settings and this is inconvenient. You can peep the settings in the current Wifi parameters if it is already configured.

We continue the settings on the tab Datapaths... Click the plus sign and set the parameters.

I will linger a little on the parameter local-forwarding... If it is activated, then all traffic of the clients of the access point is controlled by the point itself. And most of the datapath settings are not used, since the controller does not control the traffic. If this parameter is not set, then all traffic from clients goes to the network controller and is controlled there depending on the settings. If you need traffic between clients, then specify the Client To Client Forwarding parameter.

Let's move on to the security settings. Open the tab Security Cfg. and press the plus sign.

It's time to merge the previously created settings into a single configuration. There can be several such configurations with different settings... For example, one is enough. Go to the tab Configurations and press the plus sign.

On the first tab Wireless, specify the configuration name, ap mode and the SSID name of the future seamless wifi network. On the other tabs, simply select the settings created earlier.

The basic settings of the mikrotik controller capsman v2 are now complete. Now we need to create rules for distributing these settings. As I wrote earlier, different configurations can be assigned to different points. The controller can identify access points by the following parameters:

• If certificates are used, then by the Common name field of the certificate.
• In other cases, MAC addresses of points are used in the format XX: XX: XX: XX: XX: XX

Since in my case I do not use certificates, let's create a rule for distributing settings based on the MAC address. And since I have a single configuration for all points, the distribution rule will be the simplest. Let's make it. Go to the tab Provisioning and press the plus sign.

Description of Provisioning Settings

Radio mac	Access point MAC address
Hw. Supported Modes	did not understand what it is for, the documentation is empty
Identity Regexp	there is nothing in the documentation either
Commom Name Regexp	and no about it
IP Address Ranges	and about that too
Action	selection of actions with the radio interface after connection
Master Configuration	selection of the basic configuration that will be applied to the created radio interface
Slave Configuration	secondary configuration, you can connect another config to clients
Name Format	defines the syntax for naming generated CAP interfaces
Name Prefix	prefix for the names of the CAP interfaces to be created

This completes the configuration of the capsman v2 controller, you can connect wifi access points to it.

Connecting access points

In my story, two access points with addresses are involved 192.168.1.1 (Mikrotik) and 192.168.1.3 (CAP-1) connected to each other via ethernet cable. The first is the controller, the second is a simple point. Both points see each other on the local network. The Wifi interface of the controller, like a regular point, connects to capsman and takes the settings from it. That is, the controller is both a controller and a member access point at the same time. Even a combination of two points organizes a full-fledged seamless wifi network over the entire area covered by their radio modules.

CAP access points can be connected to the CAPsMAN controller using two different protocols - Layer 2 or Layer 3. In the first case, the access points must be located physically in the same network segment (physical or virtual, if it is an L2 tunnel). It is not necessary to configure ip addressing in them, they will find the controller by MAC address.

In the second case, the connection will be over IP (UDP). It is necessary to configure IP addressing and organize the availability of access points and the controller by IP addresses.

First, let's connect a separate wifi point. We connect to it via winbox and go to the section Wireless... There we click on CAP and specify the settings.

In my case, I specified a specific IP of the controller, since the ip addressing is configured. If you want to connect points to the controller via l2, then the field with the capsman address is left blank, and in Discovery Interfaces select the interface that is connected to the controller. If they are in the same physical network segment, then the point will automatically find the master.

We save the settings and check. If the access point correctly connects to the controller, then the point itself will have the following picture:

And on the controller in the list Interfaces the newly created radio interface of the connected access point will appear:

If your access point stubbornly does not connect to the controller and you cannot understand what the problem is, then first of all check that you have activated wireless-cm2 packages on all devices. It turned out that after the update, the wireless-fp package was enabled at one of the points, instead of the necessary one. The access point did not want to connect to the controller in any way, which I just did not try. I did it with a controller, the other did not want to connect to it. I reset all the settings, but that didn't help either. When I was completely desperate to solve the problem, I checked the package version and found that it was not the right one.

Now let's do the same on the mikrotik controller itself - connect its wifi interface to capsman v2. This is done in exactly the same way as just done on a separate wifi point. After connecting, we look at the picture on the controller. It should be something like this:

That's it, the basic settings are complete. Now this configuration can be expanded further to new access points and cover a large area with a single seamless wifi network. All connected clients will be displayed in the tab Registration Table indicating the point to which they are connected.

Checking the work of seamless wifi roaming

Now you can take an android phone, put the program on it Wifi Analyzer and walk around the entire territory covered by wifi, test the signal strength, switch from point to point. Switching does not occur immediately, as soon as the signal of the new point is stronger than the previous one. If the difference is not very large, then switching to a new one will not occur. But as soon as the difference starts to be significant, the client jumps. This information can be observed on the controller.

After analyzing the coverage area, you can adjust the power of the access points. Sometimes it can be useful to set different wattage at different points, depending on the room layout. But in general, even in basic setting everything works quite stably and efficiently. These microtik models (RB951G-2HnD) can connect and work comfortably for 10-15 people. Further, there may be nuances depending on the load. I cited these figures from my examples of real work.

2 networks in capsman using the example of guest wifi

Let's consider, for example, one common situation that can be implemented using the capsman technology. We have a seamless wifi network configured with password authorization. We need to add another guest network to the same access points for open access. In a single mikrotik, this is done with Virtual AP... Let's do the same in capsman.

To do this, you need to add a new security setting. Go to Security Cfg. and create a setting for passwordless access. We call it open.

We create another configuration in which all other settings are left the same, only we change the SSID and the security setting.

Go to the tab Provisioning, open the previously created configuration and add there in the parameter Slave Configuration our second configuration we just made.

We save the changes. Then I waited a few seconds, the new setting did not apply to points. I did not wait, went to each point and reconnected it to the controller. Perhaps this was not necessary to do, but it was necessary to wait. I don't know, I did it as it is. New setting spread and at each access point a new network such as Virtual AP with an open wifi network.

I checked the work just in case - everything is in order. Connects clients to both networks at the same time and allows you to work.

For an example of how Virtual AP works in capsman, I considered the current situation. Here, the clients of the guest network are connected to the same bridge and address space as the users of the closed network. For good reason, you need to make additional settings:

1. Create a separate bridge on the controller for an open network, assign it your subnet and address in it, add a second wlan interface to this bridge, which will appear after connecting to capsman with two configurations.
2. Configure a separate dhcp server on this subnet with the distribution of addresses only from this subnet.
3. In the capsman settings in the datapath create a separate configuration for the open network. In it, specify a new bridge and do not select the local forwarding parameter.
4. In the open network configuration, select a new datapath.

After that, all connected to the open wifi network will be sent to a separate bridge, where there will be its own dhcp server and an address space that is different from the main network. Do not forget to check the gateway settings in dhcp and dns server that you will transfer to clients.

Capsman setup video

Conclusion

Let's summarize the work done. Using the example of two Mikrotik RB951G-2HnD access points, we set up seamless wifi roaming in the area covered by these points. This area is easily expanded by additional wifi dots any model of microtic. They do not have to be the same, as it is, for example, implemented in some Zyxell configurations that I have set up.

In this example, I considered almost the simplest configuration, but at the same time I described all the settings and the principle of operation. More complex configurations can be easily constructed based on this data. There is no fundamental complication here. If you understand how it works, then you can work further and make your own configurations.

Traffic from access points can be controlled in the same way as from regular interfaces. All the basic functionality of the system works - firewall, routing, nat, etc. You can make bridges, share the address space and much more. But it should be borne in mind that in this case, all traffic will go through the controller. You need to understand this and correctly calculate the performance and throughput networks.

Let me remind you that this article is part of a single cycle of articles about.

Useful reviews about the work of capsman

A little useful information from reviews to the article from real users capsman technologies:

Vladimir, good article! Many letters are useful! :) When setting up capsman at the enterprise, I referred to your article - I learned a lot, but changed a little. Changes affected the "Channels" tab - removed the Frequency position since I would not recommend using the same frequency at all points, because nearby points start to "choke" and, accordingly, there are connection breaks ... My users complained about a low signal level when they were near an access point (but in fact they were connected to a point with a poor level signal) ... in order for users to "jump" from point to point, which has a better signal, I decided to limit the signal level threshold by making an entry in the AccessList tab. I entered the values ​​into SignalRange => -71..120 Interface => all Action => accept, this made it possible that when the signal reaches below -71, the subscriber "leaves" the point :) The value of -71 was not taken by chance (the minimum signal level at a speed of 54Mbit ) Also, in the Provisioning tab, I changed the NameFormat value, put identity instead of cap (when connecting to the controller, it shows the name of the point that is written in the system-> identity of the device), whoever has an implementation in home devices may not need it, but who has points scattered over a large territory and there are many of them - it will be useful :) In general, thank you very much and sorry for the many letters :)

And one more tip:

The article is very good, but I would add / revise it in the part of the guest wifi network:
1) split 2 wifi networks over different radio channels.
2) For security, I would separate the guest network from the main one. Considering that you have a guest network without a password, every student with a smartphone will want to break you. A bridge (bridge_open) is created, an ip address is assigned to the bridge from another network (192.168.200.1/24), dhcp-pool is created (192.168.200.10-192.168.200.100), the server rises on the created bridge, we create another Datapaths (Datapaths_open) in where we indicate the created bridge (bridge_open), to configure the cfg2 guest network we use Datapaths_open. Next, we set up NAT and firewall so that there is access to the Internet from the guest network (192.168.200.0/24), and blocked to the local work network (drop forward from 192.168.200.0/24 to the local network).

Mikrotik online courses

If you have a desire to learn how to work with microtic routers and become a specialist in this area, I recommend taking courses in a program based on information from the official course MikroTik Certified Network Associate... In addition to official program, the courses will include laboratory work in which you can check and consolidate the knowledge gained in practice. All the details on the site. The cost of training is very democratic, a good opportunity to gain new knowledge in the current subject area. Features of the courses:

• Practice oriented knowledge;
• Real situations and tasks;
• The best of international programs.

• Like using Mikrotik.
• Simple and fast.
• Setting up on a separate server.
• to reserve a channel to the Internet.

802.11R. Fastswitching between points (handover)

Many Wi-Fi manufacturers promise seamless hotspot switching using their ingenious proprietary protocol.

Despite the nice promises, in practice, the delays during switching (handover) can turn out to be significantly more than the declared 50-100 ms (switching can take up to 10 seconds when using the WPA2-Enterprise protocol). The fact is that the decision to switch to another access point is always made by the client equipment. Those. Your smartphone, laptop or tablet decides when to switch it and how to do it.

Often proprietary protocols of well-known Wi-Fi manufacturers are based on forced de-authentication of a device when signal quality deteriorates. Sometimes in Wi-Fi settings points can be set "aggressiveness of roaming" - the minimum signal value at which the device will be "thrown" from the network. Often, client equipment does not respond correctly to such a kick in the ass. The TCP session is terminated, file uploading stops. The connection with mail server, virtual machine... Connecting to the SIP server requires re-authentication.

Quite often, the client device instead of connecting to the neighboring point with the best signal ( To this decision pushes himWi-Ficontroller) to no avail tries to reconnect to the previous point. It is even worse if the device tries to cling to another network from the list of saved ones (for example, a guest network).

But even if the switchover process goes according to plan, re-key exchange (EAP) and authorization on the Radius server (WPA-2 Enterprise) take a significant amount of time.

To solve these problems, the Wi-Fi association developed the 802.11R protocol. Most mobile devices currently support it (Apple since iPhone 4S, Samsung Galaxy S4, Sony Xperia Z5 Compact, BlackBerry Passport Silver Edition, ...)

The essence of 802.11R is that a mobile device knows its own and others' points by the mobile domain membership signal (MDIE). This signal is added to the SSID beacon.

If your iPhone sees a point from its mobile domain with a better signal-to-noise level, it pre-authorizes with another point of the mobile domain before starting the switching procedure on the existing "thread".

Secondly, authorization follows a simplified scenario - instead of long authorization on the Radius server, the client device exchanges a PMK-R1 key with the Wi-Fi controller. (The original PMK-R0 key is transmitted only during primary authentication and is stored in the memory of the Wi-Fi controller).

At the moment when another point "retroactively" authorized the device, the actual handover takes place. Reconfiguring the frequency and channel in a smartphone takes no more than 50 milliseconds. In most cases, it goes completely unnoticed for the user.

When choosing a solution for an office Wi-Fi network, pay attention to whether the selected equipment supports the open roaming protocol 802.11R, which is understandable for client devices. For example, Edimax Pro hardware fully supports this protocol, so there are no problems with roaming in most cases. However, if your device is old and does not understand the 802.11R protocol, it is possible to tune the aggressiveness of roaming based on signal drops below the threshold, as other Wi-Fi manufacturers do, presenting it as an "innovative solution."

802.11 K.Load balancing on a wireless network

In addition to roaming problems, corporate users often have to deal with congestion of one access point. In the classic Wi-Fi implementation, all devices tend to connect to an access point with the best signal. Sometimes, as a result of the wrong location of the point (radio planning error), all the "office inhabitants" are registered at one point, and the rest are "resting".

Due to the uneven load, the speed of the local network drops significantly, since the radio broadcast is one big "hub" where the devices "speak in turn".

To smooth out unevenness and optimal distribution of users between points operating on different radio channels, the 802.11K protocol was developed.

802.11K works in conjunction with 802.11R (as a rule, devices that support the “R” standard also support the “K” standard).

If a mobile device “sees” a beacon signal from other points in the same mobile domain, the device sends a broadcast “Radio Measurement Request frame” request, in which it requests information about the current state of other access points within the range of visibility:

number of registered users

average channel speed (number of transmitted packets)

how many bytes were transferred in a certain time interval

In the extended specification of the standard, the client's smartphone can query the channel status from other mobile devices connected to a potentially interesting access point that support the 802.11K standard. Devices respond not only to real statistics, but also to signal / noise status.

Thus, if your smartphone sees 2 or more points within the same mobile domain, it will choose the point not with the best signal, but the point that will provide a faster connection to the local network (less busy).

The reception conditions, the number of users and the load on the point can change dynamically, but using the 802.11K and 802.11R protocols, devices will switch seamlessly and the load on the network will always be evenly distributed.

Many vendors using proprietary protocols implement a semblance of 802.11K, where a congested point forcibly disconnects clients with worse reception conditions or limits the maximum number of simultaneously registered devices and disables registration if the number of clients exceeds acceptable limits. These proprietary protocols are not as effective, but still prevent the Wi-Fi network from collapsing at all.

How to save money on radio planning with802.11K

The use of equipment supporting 802.11R and 802.11K protocols partly corrects mistakes made during radio planning. Dynamic protocols with roaming support help avoid congestion of individual points and distribute the load between points evenly across the network.

The WiFi-solutions team recommends to always do radio planning, but sometimes in small networks, you can dot chaotically. Dynamic protocols will improve wifi quality and load balancing between channels of adjacent points.

The use of dynamic protocols for seamless roaming can reduce the coverage area. Thus, you can provide high-quality coverage with fewer dots. Savings on equipment - up to 25%.

I need a consultation. Contact me.

What is seamless wifi roaming?

Seamless roaming is when access points in your network are controlled by a special controller wireless network. A controller in a seamless network can be either one of the routers or access points, or a separate device that monitors the general state of the air, the load on each of the wireless access points and the signal level between clients and APs. When the signal degrades between the client and the access point, the controller "forcibly flips" the client to a more suitable AP. The fact is that in a regular network, a client (phone, laptop, tablet) will until the last "cling" to the AP's MAC address (WLAN interface address), and not to its SSID (name), which leads to negative consequences when moving around the building. The controller will continuously monitor the load of access points and the quality of the signal between the base station and the client hundreds of times per second. In such networks, when moving from one end of the room to the other, the access point that is closer and not loaded will work. It is very useful for business and shopping centers, large shops, government agencies, hospitals and educational institutions... Load sharing technology will be needed when there are large numbers of people in places such as conference rooms or amusement parks.

Looking for a cost-effective, automatic client switching solution for your $ 150 home?

For 2020, affordable mesh kits appear, which are no longer a shame to install and be sure of the result. It is a pity that we are talking about several manufacturers, but still there is a light at the end of the tunnel. The budget niche includes:

Asus, TP-Link, Tenda, Ubiqiuty, Mikrotik, Zyxel and Xiaomi. Almost each of these manufacturers has several types of access points for the street and the house, for walls or ceilings, for a separate wifi network controller or controller is one of the access points.

And now, specifically, with numbers. They drove.

Seamless Wi-Fi systems from Asus.

The easiest wireless network option without controller, but with automatic selection of the best access point, it may consist of several of the most common ASUS routers. For these purposes, the following models are suitable: RT-N11P, RT-N66U, RT-AC55U, RT-AC66U and newer "P" series routers. They must be connected to each other with a wire - twisted pair of category 5e and higher, as shown in the picture below. On these models, there is only the option to configure Roaming Assist, which is the only way on this type of device. The following will happen: if the signal level is low, after a certain time, the router will disconnect it from the network and the client will reconnect to the point with the best signal. It should be understood that this type of wireless network setup is not seamless, but rather voluntary-compulsory, with a short-term, but complete loss of the connection. When installed correctly, it will allow you to save a lot, compared to even the most simple networks with an access point controller, but in practice this works with difficulties for the user, especially when he is in an area of ​​poor reception from both points, which in turn can start to "kick" our poor user and the Internet will not work for him. Please remember this. Routers RT-AC68U and older already have a proto version of Mesh networks from such access points, but I do not like the price in relation to the result obtained, it is better to take the Lear's access points sharpened for this business. They will be discussed below.

Now let's look at the most optimal option, this is MESH networks from Asus. This set is called Lyra and let's see what it can give us, but it can give us much more than our OGV, joke, 350 - 450 megabits it can give us over the entire area and you can move anywhere without breaks.

Your goal is to make a high-quality wireless wifi network with roaming?

For our clients, we have professional solutions for wifi networks with the highest characteristics in terms of reliability, speed and level of security. In such cases, the network consists of a number of access points connected by a twisted pair through switches and an access point controller. The functions of a wi-fi network controller include:

• tracking the load on each individual access point and its distribution.
• monitoring the quality and level of the signal between the access point and the client.
• centralized management of all access points in the network.
• providing instant switching of the client from one access point to another, without losing the connection to the Internet.

Such a network can be scalable and gradually expand.

For a hotel, large office, cottage settlements, one access point, even the most productive and long-range one, is not enough. The distribution of access points gives much better results and is scalable. The above figure clearly shows the coverage area of ​​seven access points and one controller configured for seamless roaming.

If your goal is to make sure that, when you move from one access point to another, the connection to the Internet does not disappear, then we can help you with the search and purchase of equipment for a wifi network with roaming.

To organize a fast and loaded wireless network in the whole building, the functionality of ordinary wifi routers will not be enough due to the fact that the decision to "fall off" from the access point is taken by the end device itself and the router will not help here. It turns out that the same smartphone or tablet will cling to the access point until the last, taking into account the fact that in the list of networks known to it there will be an access point with a hundred percent signal.

There are two good way make such a grid and a lot of bad ones :) Consider the good ones, but I would not recommend messing around with the bad ones.

1) WiFi network with a certain number of access points interconnected by a switch and controlled by a special controller of wireless access points in the local network. This option is the most reliable, unpretentious and of course expensive. A network of this type using the example of Zyxel equipment will cost in the region of $ 2000-3000 for an area of ​​10000m 2 (100x100m). For country houses, seamless roaming will be cheaper; 1000-1500 $ for a large house and a personal plot. Such networks are able to withstand heavy loads and evenly distribute users across access points, depending on the load on each of them. These networks are easy to administer and are well suited for commercial properties, hotels, restaurants, parks and similar public spaces.

2) A well-proven method is to use the Roaming asist function. This method is the most cost-effective. With four ASUS RT-AC66U routers, you can get an analogue of seamless wifi roaming and a wireless network speed throughout the house and the surrounding area of ​​300-500 megabits per second on the 802.11ac standard. with automatic switching between access points. In both cases, wifi routers are connected with a wire.

Budget and professional solutions in our store with installation and customization.

In the corporate environment, WiFi is playing an increasingly prominent role and is playing an increasingly important role. You can connect a smartphone or tablet to WiFi, but, more importantly, a corporate phone, a mobile data collection terminal or an online cashier for accepting payments and printing checks. It's good if the WiFi coverage area your business needs is small, and you can get by with an ordinary inexpensive access point, but what if you need to cover thousands of square meters over several floors with wireless communication? There are certainly options.

At first, it is possible to spawn multiple WiFi networks on multiple autonomous access points. The bad option is that such an economy is difficult and inconvenient to manage, when moving through the territory of the enterprise, some mobile devices you will have to switch between these networks manually, and, most importantly, all this will have to be explained to users who do not always understand IT well, and are simply unable to absorb these wisdom. There is only one plus for such a solution: it is cheap.

Secondly, can broadcast one WiFi network using the same type of autonomous access points with support for WDS technology. The main disadvantage of such a solution is that the overwhelming, absolute and unconditional majority of more or less affordable (up to 300 USD) access points of popular vendors operate ugly in WDS mode. Broadcasting can be lost and restored, connectivity between primary and dependent access points will be disrupted, and mobile devices will lose connection and, with it, their functional characteristics. So it's best to leave this option for real samurai.

Ideologically and technologically correct option is the use of a controller and dependent access points. This option is called "seamless WiFi". Its essence is that there can be many access points, and one centralized controller device is engaged in managing them and their broadcasting. Controller:

• monitors the status of subordinate access points, the load on them;
• adjusts signal strength and bandwidth depending on the number of clients and the nature of their work;
• independently restores areas unattended due to equipment failures by increasing the coverage area from nearby access points;
• provides web authentication and dynamic accounts for the implementation of the so-called. "guest access" (for some controllers options like printers are available to generate and print temporary user credentials);
• provides fast roaming, with which you can freely roam, for example, with a WiFi phone, between the coverage areas of different access points, without interrupting the conversation and without observing any interruptions in connection. At the same time, the controller in a timely manner "sets" on your device a signal from the closest access point.

Modern controllers allow you to connect access points via WiFi in repeater mode (the so-called Mesh technology) without cable connection to the network, and also provide integration with related IT systems (for example, Active Directory, geolocation services, etc.).

What to build seamless Wi-Fi on

Our solutions catalog has already carefully selected and described options for household, corporate and industry WiFi solutions:. And if you go "to the top", then the most successful options for seamless Wi-Fi on the market are presented by the following vendors:

2. In the middle-end segment, another American manufacturer reigns. Relatively inexpensive, Cambium is also reliable and powerful.

Similar to Ruckus Unleashed, Cambium can also operate in network management mode without a controller. Cambium calls this ecosystem autoPilot and supports up to 32 access points on the network and up to 1000 wireless clients. Functionally, it is almost not inferior to the version with a controller, moreover, it does not require any investment, in addition to purchasing the access points themselves, there is no need to buy licenses, service contracts and their updates.

Need faster, higher, stronger? Please! Free cloud the cnMaestro controller already supports up to 4000 access points and up to 25000 wireless clients. The software can be installed completely free of charge on your own server if your beliefs do not allow using cloud solutions. Cambium's functionality is also all right: here you and centralized management ecosystem, and services of geolocation, analytics, radio analysis, integration with related systems ... in general, everything that the soul desires.

The disadvantage of Cambium can be considered a relatively poor line of access points:. Although everything you need is present in it: there are access points with sector antennas, with support for 802.11ac Wave 2, MU-MIMO 4x4: 4, outdoor and indoor. In general, a complete gentleman's set is at your service!

3. In the budget segment, the competition is much higher, but we distinguish TP-LINK from other daring Chinese. This is the main and most interesting competitor to Ubiquiti (which will be discussed below), although such a comparison in 2019 for TP-LINK is not at all flattering.

First, let's take a look at the TP-LINK label itself: there are actually two of them. There is TP-LINK, which makes cheap home routers and plastic switches, and there is TP-LINK, which makes Enterprise line products - WiFi systems, Smart series switches, accessories for them. These are, in fact, 2 different companies, since there are no intersection points between these two directions neither in R&D, nor in production lines. And, for the sake of objectivity, Enterprise TP-LINK is significantly higher in quality than its younger brother, which specializes in products for SOHO.

Now to WiFi. TP-LINK has Auranet CAP line- currently in some oblivion (but this is temporary). The ceiling of the solution is 500 access points, 10,000 wireless clients. Controllers - hardware only, for 50 or 500 access points. Access points - in a rather old, "clumsy" design, but with support for honest seamless roaming in accordance with 802.11k / v standards, Beamforming, Band Steering, Airtime Fairness - in general, the set is completely complete. High Density on TP-LINK, of course, cannot be provided, but we have already served events for 200-300 users in one hall, and this did not cause complaints from customers.

TP-LINK's second ecosystem is called Omada, it introduces the EAP series access points. The controller - Omada Controller - is available in hardware (with a limit of 50 access points in the 1st network), but there is also a software version that can be installed on a server running Windows or Linux. EAPs look modern and, of course, can do everything a self-respecting access point needs to be able to do in 2019.

4. Our next patient is Ubiquiti UniFi series. This is when you want beautiful and cheap. Moreover, it will be "beautiful" with Ubiquiti all the time, tk. they have everything subordinate to design: from packaging to design of management interfaces. And the design is truly one of the best in the industry. In general, Ubiquiti products are characterized by an extremely low price with a fairly high quality of the product as a whole.

The main disadvantage of Ubiquiti is that it still does not support truly seamless WiFi roaming in accordance with the IEEE standards, offering a proprietary implementation instead. Which works, well, let's say so-so. Therefore, if you need to organize flawless roaming of WiFi clients with voice or video applications, then Ubiquiti, sadly, is no longer for you. The same goes for High Density - this is not about Ubiquiti. In general, in the radio part, Ubiquiti is far from ideal, but thanks to a powerful component base, a very wide range of equipment and the right marketing policy, they are still one of the most popular manufacturers of WiFi solutions. In Russia, Ubiquiti reveals 2 more significant shortcomings: the lack of official service and representation. The first means that the guarantee on the territory of the Russian Federation works a little better than nothing, and the second - that you will not have either technical support or certificates for equipment (which closes his way to state enterprises and to telecom operators).

Ubiquiti's advantage lies in their UniFi ecosystem, which now includes not only WiFi equipment, but also switches, routers, video surveillance, telephony, and more recently even some components of a smart home. Moreover, the management of all this economy is available through very beautiful and convenient applications (including mobile ones) that integrate with the Ubiquiti "cloud", i.e. You can "steer" the UniFi ecosystem from anywhere in the world, and this is without any dances with port forwarding, static IP addresses and other leapfrog. All in all, it's really convenient.

5. Mikrotik, Edimax, Wisnetworks, TG-NET, etc. We add the 5th item on this list only because the number 5 is prettier than 4. Or he has a better reputation. Objectively, the vendors listed here do not yet even reach the level of Ubiquiti (they may not be worse, but by the totality of factors of their perception by the market they are still not so significant), but they still occupy some niche in the market and enjoy some popularity.

We bravely brag: we have accumulated extensive experience in deploying large Wi-Fi networks, we managed to "touch" live the most diverse solutions of most specialized vendors, and we know their strengths and underwater rocks... We are ready to apply our experience to the design and installation of wireless networks in your enterprise. - save your time and money!