A Location-Based Management System for Enterprise Wireless LANs Ranveer Chandra, Jitendra Padhye, Alec Wolman and Brian Zill Microsoft Research.

A Location-Based Management System for Enterprise Wireless LANs

Ranveer Chandra, Jitendra Padhye, Alec Wolman and Brian Zill

Microsoft Research

2

Wireless Network Woes

• Corporations spend lots of $$ on WLAN infrastructure– Worldwide enterprise WLAN business expected to grow

from $1.1 billion this year to $3.5 billion in 2009

• Wireless networks perceived to be “flaky”, less secure than wired networks– Users complain about:

• Lack of coverage, performance, reliability

• Authentication problems (802.1X protocol issues)

– Network administrators worry about• Providing adequate coverage, performance

• Security and unauthorized access

Better WLAN management system needed!

3

Typical Questions Asked by Network Administrators

• Are all areas of the building covered?

• Are there areas in the building where clients repeatedly switch between APs?

• Are there locations with very high loss rates?

• Where do most of the clients use the wireless network from? – Conference rooms? Offices?

Many problems are location-specific

4

Two Key Requirements for WLAN Management Systems

• Integrated, accurate location system

• Dense array of sensors– Complex, time-varying signal propagation indoor environments– Many channels need to be monitored

5

State of the Art

• AP-based monitoring [Aruba, AirDefense…]

– Pros: Easy to deploy (APs are under central control)– Cons:

• Can not detect coverage problems using AP-based monitoring• Single radio APs can not be effective monitors

• Specialized sensor boxes [Jigsaw, WIT – SIGCOMM 06]

– Pros: Can provide detailed analysis– Cons: Expensive, not scalable

• Monitoring by mobile clients [ClientConduit - Mobicom 04]

– Pros: Inexpensive, suitable for un-managed environments – Cons: Unpredictable coverage, client locations not known, battery

power may become an issue

6

Observations• Desktop PC’s with good wired connectivity are

ubiquitous in enterprises

• Outfitting a desktop PC with 802.11 wireless NIC is inexpensive– Wireless USB dongles are cheap

• As low as $6.99 at online retailers

– PC motherboards are starting to appear with 802.11 radios built-in

Combine to create a dense deployment of wireless sensors

DAIR: Dense Array of Inexpensive Radios

+

Details: HotNets’05, MobiSys’06

7

Commands

Wired Network

Database

AirMonitor

Summarized Data

Commands

and Database Queries

Data from

databaseData to

inference engineSummarized data

from Monitors

AirMonitor

Inference Engine

DAIR Architecture

Other data:AP locations,Floor Map,AP BSSIDs

AirMonitor

8

Advantages of DAIR Architecture

• Dense deployment of sensors – Without excessive cost– Robustness: Can tolerate loss of a few sensors– Can use very simple algorithms for analysis

• Stationary sensors:– Help build simple, yet accurate location system– Permit historical analysis

9

Testbed

98 meters x 32 meters150 offices and conference rooms.

Typical office size: 3 meters x 3 metersFull-height walls. Solid wood doors

59 AirMonitors.

10

Example Application

• Estimate transmission rate obtained by clients at various locations on the floor– Study impact of distance between AP and client on transmission

rate– Useful for detecting areas of poor coverage

• Design questions:– Which channels should the AirMonitors listen on?– What information should each AirMonitor record, and how to

analyze the information?– How to locate clients?

11

• Which channels should the AirMonitors listen on?

• What information should each AirMonitor record, and how to analyze the information?

• How to locate clients?

12

Channel Assignment

• Six APs (Aruba)– Known, fixed locations– Known, fixed BSSIDs

• But not fixed channels … – APs change channels (roughly once or twice a day)– Dynamic channel assignment by Aruba’s centralized controller

• Can’t assign AirMonitors to listen on fixed channels

13

AP Tracking

• AirMonitors “track” AP nearest to them– Start by scanning all channels– Once AP is found, stay on that channel– If no beacons are heard in 10 seconds, scan again

• Why nearest AP?– Most of the traffic near an AP is likely to be on the channel that

the AP is on

• Other schemes possible:– Strongest signal– Scanning

14

Testbed Map with AP Assignment

15

Which channels should the AirMonitors listen on?

• What information should each AirMonitor record, and how to analyze the information?

• How to locate clients?

16

Information Gathering

• Reporting every packet to database not scalable.– Jigsaw and WIT [SIGCOMM 06]– Can overwhelm wired network and database.

• Each AirMonitor submits summary information– Aggregate packets for each <sender, receiver> pair– For each pair record aggregate statistics:

• Average signal strength, total number of packets and bytes

– Submission intervals randomized to avoid load spikes• 30-60 seconds.

17

Advantages and Disadvantages of Aggregation

• Advantage– Scalability: < 10Kbps traffic per AirMonitor

• Disadvantage: – Can’t perform packet-level analysis like Jigsaw/WIT– Difficult to combine observations from multiple

AirMonitors• Problem solved to some degree by density of sensors

18

Collecting Transmission Rate Data

1000 bytesClient

AP

Sndr Rcvr Rate History

C AP

1000 bytes

(54, 1000)

1000 bytes

(54, 2000)

300 bytes

Sndr Rcvr Rate History

AP C (54, 1000)AP C (6, 300)

Sndr Rcvr Rate History

AP C (6, 300)AM1

AM2AM3

(6, 300)

19

Correlating the Data

• Each AirMonitor has an incomplete view of the “reality”

• Simple technique:– For each direction (uplink or downlink), use data from AirMonitor that

heard the most packets

AirMonitor Sender Receiver Rate History

AM1 Client AP (54, 2000)

AM1 AP Client (6, 300)

AM2 AP Client (54, 1000) (6, 300)

AM3 AP Client (6, 300)

20

Advantages and Disadvantages

• Advantages:– Scalable– Requires only coarse-grained time synchronization– Accuracy improves with density of sensors

• Disadvantages:– Accuracy degrades at lower density– Does not permit packet-level analysis

21

Which channels should the AirMonitors listen on?

What information should each AirMonitor record, and how to analyze the information?

• How to locate clients?

22

Self-Configuring Location Service• Distinguishing features:

– Heuristics to automatically determine AirMonitor locations– Automatic profiling of environment– Can locate any Wi-Fi transmitter (including uncooperative

ones)– Office-level accuracy

• How it works:1. AirMonitors locate themselves2. AirMonitors regularly profile the environment to determine

radio propagation characteristics3. Inference engine uses profiles and observations from multiple

AirMonitors to locate clients

23

How do AirMonitors Locate Themselves?

• Monitor machine activity to determine primary user

• Look up ActiveDirectory to determine office number

• Parse office map to determine coordinates of the office– Assume AirMonitor to be located at the center of the office

• Verify and adjust coordinates by observing which AirMonitors are nearby

May not be available in all environments

24

DatabaseInference

Engine

Profiling the Environment

AM1 AM2 AM3

From To Signal Strength

AM1 AM2 60

AM2

AM2

AM3

AM1

AM3

AM2

55

33

39

25

Profiling the Environment

y = 60*e-0.11x

y = -1.4 x + 35.7

0

10

20

30

40

50

60

0 10 20 30 40

Distance

No

rmal

ized

Sig

nal

Str

eng

th

Profile is used to calculate expected signal strength

26

Locating a Client

Observed: 35

Observed RSSI: 50

Observed: 52 Observed: 35

Distance: 3, Expected RSSI: 43

Distance: 0, Expected RSSI: 60 Distance: 6.5, Expected RSSI: 31

Distance: 7.2, Expected RSSI: 27

Distance: 1.3, Expected RSSI: 52

Distance: 1.1, Expected RSSI: 53

Distance: 6, Expected RSSI: 31

Distance: 6.2, Expected RSSI: 30

?

Adjust location to minimize error

27

Two Simpler Algorithms that Do Not Require Profiling

• StrongestAM– Client Location estimated as the location of AirMonitor that

heard the strongest signal– Can be used if there is one AirMonitor in every office

• Centroid– Find AirMonitor that heard the strongest signal – Find all AirMonitors that heard signal within 85% of strongest

signal strength – Client location estimated as the centroid of this group– Works well for our deployment

28

Accuracy of Location Estimation

21 locations, laptop client connected to corporate network, 802.11b/g

0

2

4

6

8

10

12

Profile-based StrongestAM Centroid

Err

or

(met

eres

)

Median

Max

29

Which channels should the AirMonitors listen on?

What information should each AirMonitor record, and how to analyze the information?

How to locate clients?

Example applicationStudy Impact of client/AP distance on

transmission rate

30

Bug!

• Downlink transmission rate was always 5.5Mbps regardless of client location

• Notified IT department

• Problem resolved after AP firmware was upgraded

31

Impact of Distance on Transmission Rate

Oct 2-6, 2006, 15 minute intervals802.11g clients

Byte-averaged transmission rate (Mbps)

10m < dist <= 20mdist <= 10m

dist > 20m

0

0.2

0.4

0.6

0.8

1

544536271890 0

0.2

0.4

0.6

0.8

1

544536271890

Byte-averaged transmission rate (Mbps)

Downlink Uplink

32

Impact of distance on Loss Rate

Downlink loss rates substantially higher than uplink loss rates

0

0.2

0.4

0.6

0.8

1

0 20 40 60 80 100Loss Rate (%)

dist <= 20mdist > 20m

0

0.2

0.4

0.6

0.8

1

0 20 40 60 80 100Loss Rate (%)

Downlink Uplink

33

Area of Poor Coverage

• Median downlink frame loss rates ~50%• Clients rapidly switch between 5 APs

34

System Scalability

• Additional load on desktops < 2-3%

• Wired network traffic per AirMonitor < 10Kbps

35

How many AirMonitors are needed?

• Depends on environmental factors, AP placement etc.

• In our environment:– With 59 AirMonitors:

• Median packet loss is 1.85%

• Max packet loss is 7%

– Results degraded significantly with less than 44 AirMoniors

36

Conclusion• Effective Wi-Fi monitoring systems need:

– Integrated location service– Dense deployment of Wi-Fi sensors

• DAIR architecture creates dense deployment of Wi-Fi sensors without excessive cost

• Built a practical Wi-Fi monitoring system using DAIR

37

Questions?

38

Backup slides

39

Command Processor

Filter Processor

Driver Interface

Filter

WiFi Parser

SQL Client

Remote Object

Command (Enable/Disable Filter/

Send Packets)Heart Beat

CommandIssuer

Custom Wireless Driver SQL Server

Deliver Packets to all the Registered Filters

Enable/Disable Filters

Enable/Disable Promiscuous/Logging

Summarized Packet Information

Dump summarized data into the SQL Tables

Get Packets/Info from the Device

Send Packets/Query Driver

DHCP Parser

Other Parser

Wired NIC Driver

FilterFilter

Sender

Packet

Packet Constructor

Send Packet

Monitor Architecture

40

Association vs. Distance

• Majority of the clients do not connect to the nearest AP

– Median distance between client and AP is 15 meters

0

0.1

0.2

0.3

0.4

0.5

0 to 10 10 to 20 20 to 30 30 to 40 40 ormore

Distance (in meters) from AP

Fra

ctio

n o

f S

essi

on

s

41

Requirements for a WLAN Management System

Integrated location service

Complex signal propagation in indoor

environment

Many orthogonal channels

Asymmetric links

Multiple monitorsDense deployment

Mobile Clients

Problems may be location-specific

Cope with incomplete data

Scalable Self-configuring

42

Other analysis• Correlation between loss rate and distance

– Calculating loss rate is complicated– Requires each AirMonitor to perform “address matching”, as

ACKs do not contain sender’s address– Estimating downlink loss rate is especially challenging, since

each AP talks to multiple clients

• Detection of RF holes– Locations from where clients repeatedly sends probe requests,

but get no probe response from corporate APs

• AP “flapping”– Clients repeatedly switch between several APs – Usually because they get poor service from all of them– Indicative of bad AP placement

43

Sample results

• One week of data (October 2006)– Monday to Friday, 8am to 8pm

• 59 AirMonitors

• System is currently operational, and our IT department uses the data ….

44

Frame Loss Rates – Downlink

0

0.2

0.4

0.6

0.8

1

0 20 40 60 80 100Loss Rate (%)

Fra

ctio

n

dist <= 20m

dist > 20m

Median loss rate 43% when distance between client and AP > 20 meters.

(20% when distance <= 20 meters)