a location-based management system for enterprise wireless lans ranveer chandra, jitendra padhye,...
Post on 21-Dec-2015
214 views
TRANSCRIPT
A Location-Based Management System for Enterprise Wireless LANs
Ranveer Chandra, Jitendra Padhye, Alec Wolman and Brian Zill
Microsoft Research
2
Wireless Network Woes
• Corporations spend lots of $$ on WLAN infrastructure– Worldwide enterprise WLAN business expected to grow
from $1.1 billion this year to $3.5 billion in 2009
• Wireless networks perceived to be “flaky”, less secure than wired networks– Users complain about:
• Lack of coverage, performance, reliability
• Authentication problems (802.1X protocol issues)
– Network administrators worry about• Providing adequate coverage, performance
• Security and unauthorized access
Better WLAN management system needed!
3
Typical Questions Asked by Network Administrators
• Are all areas of the building covered?
• Are there areas in the building where clients repeatedly switch between APs?
• Are there locations with very high loss rates?
• Where do most of the clients use the wireless network from? – Conference rooms? Offices?
Many problems are location-specific
4
Two Key Requirements for WLAN Management Systems
• Integrated, accurate location system
• Dense array of sensors– Complex, time-varying signal propagation indoor environments– Many channels need to be monitored
5
State of the Art
• AP-based monitoring [Aruba, AirDefense…]
– Pros: Easy to deploy (APs are under central control)– Cons:
• Can not detect coverage problems using AP-based monitoring• Single radio APs can not be effective monitors
• Specialized sensor boxes [Jigsaw, WIT – SIGCOMM 06]
– Pros: Can provide detailed analysis– Cons: Expensive, not scalable
• Monitoring by mobile clients [ClientConduit - Mobicom 04]
– Pros: Inexpensive, suitable for un-managed environments – Cons: Unpredictable coverage, client locations not known, battery
power may become an issue
6
Observations• Desktop PC’s with good wired connectivity are
ubiquitous in enterprises
• Outfitting a desktop PC with 802.11 wireless NIC is inexpensive– Wireless USB dongles are cheap
• As low as $6.99 at online retailers
– PC motherboards are starting to appear with 802.11 radios built-in
Combine to create a dense deployment of wireless sensors
DAIR: Dense Array of Inexpensive Radios
+
Details: HotNets’05, MobiSys’06
7
Commands
Wired Network
Database
AirMonitor
Summarized Data
Commands
and Database Queries
Data from
databaseData to
inference engineSummarized data
from Monitors
AirMonitor
Inference Engine
DAIR Architecture
Other data:AP locations,Floor Map,AP BSSIDs
AirMonitor
8
Advantages of DAIR Architecture
• Dense deployment of sensors – Without excessive cost– Robustness: Can tolerate loss of a few sensors– Can use very simple algorithms for analysis
• Stationary sensors:– Help build simple, yet accurate location system– Permit historical analysis
9
Testbed
98 meters x 32 meters150 offices and conference rooms.
Typical office size: 3 meters x 3 metersFull-height walls. Solid wood doors
59 AirMonitors.
10
Example Application
• Estimate transmission rate obtained by clients at various locations on the floor– Study impact of distance between AP and client on transmission
rate– Useful for detecting areas of poor coverage
• Design questions:– Which channels should the AirMonitors listen on?– What information should each AirMonitor record, and how to
analyze the information?– How to locate clients?
11
• Which channels should the AirMonitors listen on?
• What information should each AirMonitor record, and how to analyze the information?
• How to locate clients?
12
Channel Assignment
• Six APs (Aruba)– Known, fixed locations– Known, fixed BSSIDs
• But not fixed channels … – APs change channels (roughly once or twice a day)– Dynamic channel assignment by Aruba’s centralized controller
• Can’t assign AirMonitors to listen on fixed channels
13
AP Tracking
• AirMonitors “track” AP nearest to them– Start by scanning all channels– Once AP is found, stay on that channel– If no beacons are heard in 10 seconds, scan again
• Why nearest AP?– Most of the traffic near an AP is likely to be on the channel that
the AP is on
• Other schemes possible:– Strongest signal– Scanning
14
Testbed Map with AP Assignment
15
Which channels should the AirMonitors listen on?
• What information should each AirMonitor record, and how to analyze the information?
• How to locate clients?
16
Information Gathering
• Reporting every packet to database not scalable.– Jigsaw and WIT [SIGCOMM 06]– Can overwhelm wired network and database.
• Each AirMonitor submits summary information– Aggregate packets for each <sender, receiver> pair– For each pair record aggregate statistics:
• Average signal strength, total number of packets and bytes
– Submission intervals randomized to avoid load spikes• 30-60 seconds.
17
Advantages and Disadvantages of Aggregation
• Advantage– Scalability: < 10Kbps traffic per AirMonitor
• Disadvantage: – Can’t perform packet-level analysis like Jigsaw/WIT– Difficult to combine observations from multiple
AirMonitors• Problem solved to some degree by density of sensors
18
Collecting Transmission Rate Data
1000 bytesClient
AP
Sndr Rcvr Rate History
C AP
1000 bytes
(54, 1000)
1000 bytes
(54, 2000)
300 bytes
Sndr Rcvr Rate History
AP C (54, 1000)AP C (6, 300)
Sndr Rcvr Rate History
AP C (6, 300)AM1
AM2AM3
(6, 300)
19
Correlating the Data
• Each AirMonitor has an incomplete view of the “reality”
• Simple technique:– For each direction (uplink or downlink), use data from AirMonitor that
heard the most packets
AirMonitor Sender Receiver Rate History
AM1 Client AP (54, 2000)
AM1 AP Client (6, 300)
AM2 AP Client (54, 1000) (6, 300)
AM3 AP Client (6, 300)
20
Advantages and Disadvantages
• Advantages:– Scalable– Requires only coarse-grained time synchronization– Accuracy improves with density of sensors
• Disadvantages:– Accuracy degrades at lower density– Does not permit packet-level analysis
21
Which channels should the AirMonitors listen on?
What information should each AirMonitor record, and how to analyze the information?
• How to locate clients?
22
Self-Configuring Location Service• Distinguishing features:
– Heuristics to automatically determine AirMonitor locations– Automatic profiling of environment– Can locate any Wi-Fi transmitter (including uncooperative
ones)– Office-level accuracy
• How it works:1. AirMonitors locate themselves2. AirMonitors regularly profile the environment to determine
radio propagation characteristics3. Inference engine uses profiles and observations from multiple
AirMonitors to locate clients
23
How do AirMonitors Locate Themselves?
• Monitor machine activity to determine primary user
• Look up ActiveDirectory to determine office number
• Parse office map to determine coordinates of the office– Assume AirMonitor to be located at the center of the office
• Verify and adjust coordinates by observing which AirMonitors are nearby
May not be available in all environments
24
DatabaseInference
Engine
Profiling the Environment
AM1 AM2 AM3
From To Signal Strength
AM1 AM2 60
AM2
AM2
AM3
AM1
AM3
AM2
55
33
39
25
Profiling the Environment
y = 60*e-0.11x
y = -1.4 x + 35.7
0
10
20
30
40
50
60
0 10 20 30 40
Distance
No
rmal
ized
Sig
nal
Str
eng
th
Profile is used to calculate expected signal strength
26
Locating a Client
Observed: 35
Observed RSSI: 50
Observed: 52 Observed: 35
Distance: 3, Expected RSSI: 43
Distance: 0, Expected RSSI: 60 Distance: 6.5, Expected RSSI: 31
Distance: 7.2, Expected RSSI: 27
Distance: 1.3, Expected RSSI: 52
Distance: 1.1, Expected RSSI: 53
Distance: 6, Expected RSSI: 31
Distance: 6.2, Expected RSSI: 30
?
Adjust location to minimize error
27
Two Simpler Algorithms that Do Not Require Profiling
• StrongestAM– Client Location estimated as the location of AirMonitor that
heard the strongest signal– Can be used if there is one AirMonitor in every office
• Centroid– Find AirMonitor that heard the strongest signal – Find all AirMonitors that heard signal within 85% of strongest
signal strength – Client location estimated as the centroid of this group– Works well for our deployment
28
Accuracy of Location Estimation
21 locations, laptop client connected to corporate network, 802.11b/g
0
2
4
6
8
10
12
Profile-based StrongestAM Centroid
Err
or
(met
eres
)
Median
Max
29
Which channels should the AirMonitors listen on?
What information should each AirMonitor record, and how to analyze the information?
How to locate clients?
Example applicationStudy Impact of client/AP distance on
transmission rate
30
Bug!
• Downlink transmission rate was always 5.5Mbps regardless of client location
• Notified IT department
• Problem resolved after AP firmware was upgraded
31
Impact of Distance on Transmission Rate
Oct 2-6, 2006, 15 minute intervals802.11g clients
Byte-averaged transmission rate (Mbps)
10m < dist <= 20mdist <= 10m
dist > 20m
0
0.2
0.4
0.6
0.8
1
544536271890 0
0.2
0.4
0.6
0.8
1
544536271890
Byte-averaged transmission rate (Mbps)
Downlink Uplink
32
Impact of distance on Loss Rate
Downlink loss rates substantially higher than uplink loss rates
0
0.2
0.4
0.6
0.8
1
0 20 40 60 80 100Loss Rate (%)
dist <= 20mdist > 20m
0
0.2
0.4
0.6
0.8
1
0 20 40 60 80 100Loss Rate (%)
Downlink Uplink
33
Area of Poor Coverage
• Median downlink frame loss rates ~50%• Clients rapidly switch between 5 APs
34
System Scalability
• Additional load on desktops < 2-3%
• Wired network traffic per AirMonitor < 10Kbps
35
How many AirMonitors are needed?
• Depends on environmental factors, AP placement etc.
• In our environment:– With 59 AirMonitors:
• Median packet loss is 1.85%
• Max packet loss is 7%
– Results degraded significantly with less than 44 AirMoniors
36
Conclusion• Effective Wi-Fi monitoring systems need:
– Integrated location service– Dense deployment of Wi-Fi sensors
• DAIR architecture creates dense deployment of Wi-Fi sensors without excessive cost
• Built a practical Wi-Fi monitoring system using DAIR
37
Questions?
38
Backup slides
39
Command Processor
Filter Processor
Driver Interface
Filter
WiFi Parser
SQL Client
Remote Object
Command (Enable/Disable Filter/
Send Packets)Heart Beat
CommandIssuer
Custom Wireless Driver SQL Server
Deliver Packets to all the Registered Filters
Enable/Disable Filters
Enable/Disable Promiscuous/Logging
Summarized Packet Information
Dump summarized data into the SQL Tables
Get Packets/Info from the Device
Send Packets/Query Driver
DHCP Parser
Other Parser
Wired NIC Driver
FilterFilter
Sender
Packet
Packet Constructor
Send Packet
Monitor Architecture
40
Association vs. Distance
• Majority of the clients do not connect to the nearest AP
– Median distance between client and AP is 15 meters
0
0.1
0.2
0.3
0.4
0.5
0 to 10 10 to 20 20 to 30 30 to 40 40 ormore
Distance (in meters) from AP
Fra
ctio
n o
f S
essi
on
s
41
Requirements for a WLAN Management System
Integrated location service
Complex signal propagation in indoor
environment
Many orthogonal channels
Asymmetric links
Multiple monitorsDense deployment
Mobile Clients
Problems may be location-specific
Cope with incomplete data
Scalable Self-configuring
42
Other analysis• Correlation between loss rate and distance
– Calculating loss rate is complicated– Requires each AirMonitor to perform “address matching”, as
ACKs do not contain sender’s address– Estimating downlink loss rate is especially challenging, since
each AP talks to multiple clients
• Detection of RF holes– Locations from where clients repeatedly sends probe requests,
but get no probe response from corporate APs
• AP “flapping”– Clients repeatedly switch between several APs – Usually because they get poor service from all of them– Indicative of bad AP placement
43
Sample results
• One week of data (October 2006)– Monday to Friday, 8am to 8pm
• 59 AirMonitors
• System is currently operational, and our IT department uses the data ….
44
Frame Loss Rates – Downlink
0
0.2
0.4
0.6
0.8
1
0 20 40 60 80 100Loss Rate (%)
Fra
ctio
n
dist <= 20m
dist > 20m
Median loss rate 43% when distance between client and AP > 20 meters.
(20% when distance <= 20 meters)