xirrus application note vowifi note – voice over wi-fi rev 102008 4 theory of operation voip over...

Application Note

Voice over Wi-Fi

Application Note – Voice over Wi-Fi

Rev 102008 2

Table of Contents

Table of Contents...................................................................................................................... 2Background............................................................................................................................... 3Description ................................................................................................................................ 3Theory of Operation.................................................................................................................. 4Threats..................................................................................................................................... 14Xirrus Security Measures....................................................................................................... 14Interaction with Other Features............................................................................................. 16Configuration .......................................................................................................................... 16Application Example............................................................................................................... 22Tips and Recommendations.................................................................................................. 25


Rev 102008 3

Background Recent advances have made voice services over Internet Protocol (VoIP) a viable alternative to traditional telephony systems. VoIP is able to better utilize network resources and be deployed for a much lower cost than traditional phone systems making it an attractive option for today’s enterprises. Another technology that has grown in popularity in recent years is Wireless Local Area Networks (WLANs). WLANs give users the mobility to move around a broad coverage area and still be connected to the networks, driving WLAN to become a ubiquitous networking technology that has been deployed globally. Motivated by these two popular technologies, Voice over Wi-Fi (VoWi-Fi) has emerged as a means to provide low-cost wireless voice services and increased mobility. VoWi-Fi poses significant challenges since the performance characteristics of wireless networks are inferior to their wired counterparts, and the IEEE 802.11-based WLAN was not originally designed to support delay-sensitive voice traffic. As more businesses migrating to IP-based infrastructure take advantage of cost savings and efficiencies inherent in an IP transport network, it is imperative that the quality of the voice services provided not be compromised. To ensure users receive the same voice quality as they receive from the standard public switched telephone network (PSTN), voice traffic must be guaranteed certain bandwidth, latency, and jitter requirements.

Description This application note will present Xirrus’ solution in overcoming the challenges in providing a high-performance, high-quality and uninterrupted voice services over the Wi-Fi infrastructure. There are several innovations embedded in Xirrus Arrays making them particularly powerful in the Voice over Wi-Fi context. These innovations include support for…

a) Quality of Service (IEEE 802.1p, IEEE 802.11e) for real-time services such as mobile VoIP to ensure that voice packets receive the preferential treatment they require.

b) Fast Roaming With Xirrus Roaming Protocol, users will be able to roam while maintaining a voice call and its voice quality.

c) Security mechanisms such as authentication and strong encryption making the conversation in a Wi-Fi context secure.


Rev 102008 4

Theory of Operation VoIP over Wi-Fi raises several deployment and planning issues concerning quality-of-service (QoS), call control, network capacity, provisioning, architecture and others. Crucial to the success of VoIP over Wi-Fi applications will be the ability of Wi-Fi technology to support and provision QoS capabilities. Furthermore, voice services inherently involve call control signaling that requires a high level of priority in order to meet the timing constraints of interfaces to external networks, such as the wireless cellular network or the PSTN. Steps also need to be taken to ensure that 802.11 clients who are roaming between APs do not experience extended delays in accessing centralized authentication servers as well as longer latencies in completing handoffs between APs. In the following sections, we’ll discuss methods commonly used to provide seamless and timely voice services over Wi-Fi to ensure good Quality of Experience (QoE) to the users. Quality of Service

With the increasing popularity of real-time, delay sensitive applications such as voice and video, Quality of Service (QoS) protocols are essential to enable high priority voice and video traffic to share the medium efficiently with lower priority data traffic. Service differentiation schemes have been proposed to provide better QoS for multimedia applications in IEEE 802.11 Wi-Fi. Service differentiation can be achieved using priority queue management schemes and/or using different MAC parameters for different classes of traffic.

Prioritization and Queuing Xirrus has support for QoS prioritization on both wired (IEEE 802.1p) and the wireless (IEEE802.11e) side of the Array.

IEEE 802.1p is a standard that provides traffic prioritization and it works at the media access control (MAC) framing layer of the OSI. It defines eight priority levels for wired networks. Each data packet may be tagged with a priority level. Since there are eight possible user priority levels and the Array implements four traffic classes*, user priorities are mapped to traffic classes as shown in the table 1 below. This table follows the mapping recommended by IEEE 802.11e. *802.11e defines 4 access categories (AC_BK, AC_BE, AC_VI, AC_VO), namely Background, Best Effort, Video and Voice. Xirrus array implements the same traffic categories as defined in 802.11e.


Rev 102008 5

User Priority Array Traffic Class (AC) Typical Use

0 (Default) 1 Best Effort - For the default priority, we don’t necessarily know anything about the type of traffic. Thus, it is treated as best effort traffic.

1 0 (Lowest priority) Background - Explicitly designated as low-priority and non-delay sensitive, it is given the lowest traffic class.

2 0 Spare

3 1 Excellent Effort

4 2 Controlled Load

5 2 Video

6 3 Voice

7 (highest priority) 3 (highest priority) Network Control Table 1: Mapping of User Priority level and Array traffic class as recommended by IEEE 802.11e

1) Wired QoS Prioritization (802.1p) The Xirrus Array is compliant with 802.1p as it is capable of grouping packets into separate traffic classes. By maintaining separate queues for different traffic classifications, such as voice, video, best effort and background traffic, the Array can differentiate among traffic types and prioritize them appropriately as seen in the diagram below. In this manner, packets in the voice queue will be transmitted ahead of packets contained in the data queue. Incoming packets are assigned QoS priority based on their SSID (if any) while outgoing packets are IEEE 802.1p tagged at the Ethernet port for upstream traffic thus enabling QoS at the edge of the network.


Rev 102008 6

Diagram 1: Quality of Service using 802.1p to differentiate and prioritize traffic types

2) Wireless QoS Prioritization (WMM) WMM (Wi-Fi Multimedia), a subset of the 802.11e draft standard, offers far more granular QoS mechanisms and prioritizes traffic according to four different access categories: best effort, background, video and voice; each with different maximum back-off times. Using EDCF (Enhanced Distributed Coordination Function), the Array tries to send data after detecting the medium is idle and then waits a period of time defined by the corresponding traffic category called the Arbitration Interframe Space (AIFS). A higher-priority traffic category will have a shorter AIFS than a lower-priority traffic category. Thus lower-priority traffic must wait longer than those with high-priority traffic before trying to access the medium. The voice-access category has the lowest maximum back-off time, giving it the highest probability of gaining access to the medium first. To avoid collisions, the different queues in the Array count down an additional random number of time slots, known as a contention window, before attempting to transmit data. If one of the queues in the Array starts to transmit before the countdown has ended, the rest of the queues wait for the next idle period, after which they continue the countdown where they left off. In the following example, the Array has traffic from 3 queues to send over the wireless network to the end devices: a phone, a set-top box, and a laptop with web application. After the Array has finished sending packets to the phone and receiving acknowledgement from the phone, there is a wait period called Arbitration Interframe Space (AIFS) before it attempts to send data again. This is based on traffic category priority. For traffic categories with higher priority, the wait period is shorter than for those with lower priority. The voice queue selects a random number at the beginning of its contention window and begins to count down. The other queues


Rev 102008 7

do the same as they wait to access the wireless network, but suspend the countdown once the Array starts to transmit voice traffic.

Diagram 2: Quality of Service using WMM to differentiate and prioritize traffic types

3) SpectraLink Voice Priority

In addition to using the previously described QoS methods when deploying any vendors’ VoIP equipment, Xirrus Arrays also have support for SpectraLink phones, which have their own proprietary form of QoS, called SpectraLink Voice Priority. As part of the MAC layer implementation of CSMA/CA (carrier sense multiple access/collision avoidance), random back-off is required after every packet transmission. The intent is to provide equal access to the media. With voice devices, the resulting variable delays are undesirable. SpectraLink lowers the maximum back-off of its handsets to 0, thereby decreasing the amount of time they wait to transmit. This implementation is compatible with the 802.11 standard, as 0 is a valid backoff number. The second modification required to ensure timely delivery of voice packets is to avoid letting them sit in queues, where they may wait for transmission until after their useful lifetimes have expired. Xirrus Arrays handle SVP by classifying and prioritizing SVP voice packets in the transmission queue. Nor additional configuration on the Array is required. Note: Xirrus Arrays are certified by Spectralink’s Voice Interoperability for Enterprise Wireless (VIEW) Certification Program, which supports voice applications where Spectralink voice packets are automatically classified and prioritized. No additional configuration on the Array is required.

Call Admission Control Call Admission Control (CAC) prevents oversubscription of VoIP networks. CAC is a concept that applies only to real time media traffic. It is a preventive congestion control procedure and is implemented on the Array to block traffic from forming any new connection when the current traffic load reaches the network capacity. CAC mechanisms complement the capabilities of QoS mechanism to protect voice traffic from the negative effects of other voice traffic and to keep excess voice traffic off the network. CAC is used to ensure there is enough bandwidth for the authorized flows. It starts to reject calls when either the Upstream/Downstream traffic exceeds pre-specified thresholds, or the number of calls being


Rev 102008 8

handled exceeds pre-specified limit. The Xirrus Array lets network administrators set the maximum number of phones that can connect to the Array at one time. Note: Currently this feature of the Xirrus Array applies only for SpectraLink phones.

In the following VoWi-Fi environment example, the phones are configured to use G711 codec (64kbps).

For any given call, bi-directional voice traffic will use up to 128kbps of the total bandwidth available per IAP. Supposes some tests* were carried out and concluded that a maximum of 12 concurrent calls (128 x 12 = 2Mbps) per IAP can be supported to obtain good voice quality before it starts to deteriorates across all the existing calls.

Without CAC

Diagram 3: Without CAC, MOS score will be affected when additional call is setup

All 12 of the existing calls have an average MOS# score of 4.1. After the association and call setup of the 13th phone on the same IAP, all of the concurrent calls may have their MOS drop to an average of 3.2 where users will experience clips. *This is an example. As network environment and requirement varies from site to site, Xirrus recommend users to conduct their own testing to conclude on the limit per IAP.

#MOS provides a numerical indication of the perceived quality of received media after compression and/or transmission. The MOS is expressed, as a single number in the range 1 to 5, where 1 is lowest perceived quality, and 5 is the highest perceived quality. MOS tests for voice are specified by ITU-T recommendation P.800.

MOS Quality Impairment 5 Excellent Imperceptible 4 Good Perceptible but not annoying 3 Fair Fair 2 Poor Annoying 1 Bad Very annoying

Table 2: Mean opinion score (MOS) The reason for this impairment is that the queuing mechanisms provide policing, not complete admission control. This means that if packets exceeding the configured or allowable rate are received, these packets are simply tail-dropped from the queue. There is no capability in the queuing mechanisms to distinguish which IP packet belongs to which voice call. Any packet exceeding the


Rev 102008 9

given rate will be dropped as measured by arrival rate within a certain period of time. Thus, all thirteen calls will experience packet loss, which is perceived as clips by the end users.

With CAC

Diagram 4: With CAC, MOS score will not be affected when a phone tries to associate and makes a call

All 12 of the existing calls have an average MOS score of 4.1. With CAC enabled, the 13th phone will not be allowed to be associated to the same IAP. Hence, the 12 existing calls can maintain a good voice quality of 4.1. Depending on the environment and setup of the phone, the phone may associate to another IAP in the network that has not yet exceeded the maximum number of the phones allowed.

Call Handoff / Roaming As mobility is the main push for VoWi-Fi, one needs to ensure that the wireless network infrastructure can provide uninterrupted voice services when a user moves from one Wi-Fi access point to another. To support seamless mobility, a large number of mobility management mechanisms in different layers have been proposed. These mechanisms are discussed below. Handoff consists of three stages:

1) Mobile device makes the handoff decision according to the received signal strength.

2) Mobile device performs layer-2 handoff to another access point, which can further be separated

into two steps. a. A mobile device does a channel scan to search for a better signal from another IAP

within the same Array or some other Array by broadcasting probe request frames to collect information, or directly collects information from received beacon frames. Depending on the signal strength of the responses, if the signal threshold is reached, mobile device will then make a decision to roam.

b. When a probe response is accepted by the mobile device, the mobile device will sent an 802.11 de-authentication to its original Array and an 802.11 authenticate and re-associate to the new Array.

3) Layer-3 roaming is performed to ensure the end-to-end connectivity when crossing layer 3 subnet boundaries.


Rev 102008 10

Lab tests indicate that handoff times usually take more than 150 milliseconds. The ITU has set recommendations for the maximum round trip delay in a voice system and the perceived quality of the voice channel. This recommendation is defined in ITU G.113 and is provided in the following table.

G.113 Delay Specification 0 to 150 msec acceptable to most applications 150 to 400 msec acceptable for international connections > 400 msec acceptable for public network operation

Table 3: ITU G.113 Delay Specification Any effects communication delay could have on voice quality for an implementation of VoIP over Wi-Fi can be improved by the methods discussed earlier, but larger issues arise when a user is handed off from one AP to another. In a Wi-Fi environment, the following capabilities are relevant to the network's ability to hand off active phone calls.

1) Device must know when a link has been lost

2) AP probe and associate

3) Authentication, security and routing updates

Xirrus has invented techniques to help reduce the delays incurred during an active call handoff. These techniques include support for 802.11i (WPA2 roaming) and fast roaming (WPA roaming).

802.11i/WPA2 802.11i was ratified in 2004 as an amendment to 802.11 for security enhancements. The Wi-Fi Alliance refers to their approved, interoperable implementation of the full 802.11i as WPA2, also called RSN (Robust Security Network). It details stronger encryption, authentication, and key management strategies. TKIP and CCMP protocols are used for more robust data protection while IEEE 802.1X authentication Pre-shared Key (PSK) version is used. 802.11i allows key caching for fast roaming as stations can pre-authenticate with Arrays and master keys can be cached by both station and Arrays (Authenticator).


Rev 102008 11

Diagram 5: Caching of Pairwise Master Key with 802.11i

Authentication Procedure

1) Phone A can pre-authenticate with Arrays and the Pairwise Master Keys (PMK) will be cached

by the phone and the Array. 2) Phone can request use of existing PMKID when associating to the new Array. 3) If Array has PMKID, 802.1x exchange need not take place, else full 802.1x exchange is

required. There will be minimal delay if the full 802.1x exchange is not required during roaming and this is very crucial in voice applications.

What is Fast Roaming (when using WPA) and how it works on Xirrus Array?

With traditional Wi-Fi networks, when a user crosses VLAN or subnet boundaries (i.e., roaming between domains), a new IP address must be obtained. To maintain sessions for real-time data traffic, such as voice and video, users must be able to maintain the same IP address through the entire session. This feature utilizes the Xirrus Roaming Protocol (XRP), which ensures fast and seamless roaming capabilities between IAPs or Arrays at Layer 2 and Layer 3 while maintaining security. Fast roaming eliminates long delays for re-authentication when WPA is used by sharing the initial association station keys derived via 802.1x Authentication Server with other Arrays prior to the station roaming, thus supporting time-sensitive applications such as Voice over Wi-Fi. XRP uses a discovery process to identify other Xirrus Arrays as fast roaming targets.

To use fast roaming, a user has to determine:

1) Which arrays that will share the key information

a. With all – Roaming information will be shared with all arrays on the same layer 2 subnet b. Within Range c. With specific targeted arrays

i. Layer 2 – Fast roaming targets are MAC addresses of the base IAP


Rev 102008 12

ii. Layer 3 – Fast roaming targets must be IP addresses

2) How the information is transported a. Broadcast – Information is broadcast in the L2 broadcast domain b. Tunneled - Fast roaming target Arrays must be explicitly specified

(via IP addresses) in this Layer 3 operation where key information is passed via tunnels

Layer 2 Fast Roaming with Xirrus Array

Diagram 6: Layer 2 Fast roaming and caching of Pairwise Master Key

In a Layer 2 network environment as shown above.

1) Phone A starts its authentication process to the Radius server while trying to associate with Array 1.

2) After successful authentication with fast roaming enabled, the Pairwise Master Keys (PMK) are shared with the targeted Arrays.

3) Phone A then initiates a call.

4) While on the call, Phone A moves to an area where the signal strength of Array 2 is much

stronger than Array 1. It then tries to associate with Array 2. With keys being cached in Array 2, phone A need not go through whole process of re-authentication, eliminating the long delay that would have incurred during the process.

5) All voice traffic now traverses through Array 2.

Array1

(100.100.0.10/24)

Array2

(100.100.0.20/24)

Array3(100.100.0.30/24)

Authentication

Sharing of authentication information Traffic flow

PhoneA PhoneA


Rev 102008 13

Layer 3 Fast Roaming with Xirrus Array

Mobile Wi-Fi VoIP users are likely to cross multiple roaming domains during a single session. Xirrus Layer 3 roaming allows a user to maintain the same IP address throughout an entire real-time data session. The Layer 3 session is maintained by establishing an SSL tunnel back to the originating Array.

Diagram 7: Layer 3 Fast roaming and caching of Pairwise Master Key In the Layer 3 network environment as shown above, the Xirrus Arrays will establish tunnels with all of the other target Arrays. 1) Phone A then starts its authentication process to the Radius server while trying to associate with

Array 1.

2) After successful authentication with fast roaming enabled, the Pairwise Master Keys (PMK) are shared with the targeted Arrays via the established tunnels.

3) Phone A then initiates a call.

4) While on the call, Phone A moves to an area where the signal strength of Array 2 is much

stronger than Array 1. It then tries to associate with Array 2. With keys being cached in Array 2, phone A need not go through whole process of re-authentication, eliminating the long delay that would have incurred during the process. A tunnel established between Array 2 and Array 1 ensures that the current voice session maintain the same IP address for the entire voice call.

Array1(100.100.1.10/24)

Array2(100.100.2.10/24) Array3(100.100.3.10/24)

PhoneA100.100.1.100

PhoneA100.100.1.100

0

PhoneA100.100.1.100

Authentication

Sharing of authentication information

Traffic Flow


Rev 102008 14

5) Any traffic transmitting to and from phone A now has to traverse via Array 1.

6) When phone A continues to roam to Array 3, it does not need to re-authenticate. Any traffic from phone A will now traverse from Array 3 to the Call server via Array 1 (i.e. via tunnel).

With the implementation of Fast Roaming and support for 802.11i, handoff latency of less than 60ms is achieved; well under the 150ms requirement for maintaining voice call integrity.

Security Measures To provide uninterrupted and secure voice services, one must ensure that the wireless network is capable of providing users with the following security precepts when deploying voice over Wi-Fi.

1) Reliability: Providers must guarantee the safe passage of voice packets through the network by

minimizing the effect of malicious attacks such as denial of service (DoS).

2) Confidentiality: Subscribers must be ensured that their calls are protected against unauthorized snooping or monitoring. Privacy is required for both voice media (content) and signaling.

3) Integrity: Both subscribers and providers should be assured that transmissions have not been

tampered with and that if they have, such alterations will be detected.

4) Authentication: Subscribers are guaranteed that their calls will reach the proper destination and service providers are guaranteed that subscribers are who they said they are and not rogue terminals attempting to gained unauthorized access.

This table summarizes Wi-Fi security issues in general and indicates the mechanisms available on the Xirrus Array for securing traffic traversing over the Wi-Fi network. For more details on configuring security parameters on Xirrus Array, please refer to the User Guide.

Threats Xirrus Security Measures Identity Fraud Authentication, Authorization Intrusion Firewall, MAC Filtering Monitoring Encryption Content Alteration Encryption Session Hijacking Firewall Session Disruption or Denial of Service

Prevention, Detection, Correction

Platform Attacks Enclosure with Kensington Lock Table 4: Wi-Fi Security Threats and Xirrus’ security solution


Rev 102008 15

Xirrus Security Measures

1) Authentication/Authorization methods include: a. Pre-shared Keys (PSKs) b. 802.1x with EAP (Extensible Authentication Protocol) authentication. EAP methods

include: 1) EAP-PEAP 2) EAP-TLS 3) EAP-TTLS 4) LEAP Pass Through

c. AC Filtering – Access control lists on Xirrus Array allows network administrators to

permit/deny access to devices based on their MAC addresses.

2) Encryption methods include: a. WPA2 with AES/TKIP

b. WPA with AES/TKIP

c. WEP (WEP-64 and WEP-128)

3) Firewall (Prevention, Detection, Correction)

a. The abg2 radio on every Xirrus Array can be configured as a monitor radio for Intrusion Detection/Prevention (IDS/IPS) of rogue AP and stations as well as Spectrum analysis.

1) Rogue AP/Stations

2) Spectrum Analyzer


Rev 102008 16

b. Array’s integrated firewall uses stateful inspection to speed the decision of whether to allow or deny traffic. Filters are also used to define the rules used for blocking or passing traffic.

Interaction with Other Features This section describes some of the operation interactions and dependencies that users should take note when deploying voice over Wi-Fi on Xirrus Arrays.

1) A VoIP specific SSID should be created to allow all voice traffic be set with the highest QoS level.

2) All other data traffic should be assigned appropriate QoS settings.

3) Any global filter list configured should not block any voice signaling (e.g. SIP, SKINNY, MGCP, MEGACO) or media traffic (e.g. RTP).

4) Care should be taken to ensure traffic limits per station in SSID configuration do not impact the

MOS score of voice calls. Users need to take into consideration of the bandwidth required based on the codecs supported by the phones.

5) Arrays should be configured to allow intra-station traffic such that phones associated within the

same array will be able to make calls between themselves.

6) MAC ACLs (access control list) can be created on the Array to ensure only VoIP phones are connecting to the network.

Configuration The configuration of features described in the earlier sections for voice over Wi-Fi deployment using Xirrus Array can be performed via the Web Management Interface (WMI) or Command Line Interface (CLI).

Configuration using Web Management Interface (WMI)

Quality of Service – Prioritization and Queuing It is recommended that QoS is implemented by separating voice and data traffic on separate SSIDs and prioritizing them accordingly.

1) Create separate VLANs for data and voice traffic. Go to VLANs-> VLAN Management, enter the vlan name and number for each VLAN created. In this example, VLAN Internet (vlan #100) and VLAN Voice (vlan # 200) are created. Save the configuration by clicking the Save button.


Rev 102008 17

2) Next, go to SSIDs ->SSID Management, create 2 SSIDs (E.g. Internet and Voice) and

bind the VLANs created in the previous step. QoS categories are then assigned to the different SSIDs. Please refer to page 5 for the appropriate QoS categories. Save the configuration by clicking the Save button.

3) End devices should now be able to connect to either of the 2 SSIDs for voice and data services respectively.


Rev 102008 18

Quality of Service – Call Admission Control To limit the number of phone connections on an IAP, go to IAPs -> Global Settings, under Station Management, set the max phones per IAP to the maximum supported. In this example as discussed in the earlier section Theory of Operation, 12 is the limit. Save the configuration by clicking the Save button. Up to 16 can be supported at one time.

Roaming/Call Hand-Off

1) Go to IAPs -> Global Settings to enable fast roaming.

2) Define the discovery mode to identify other Xirrus Arrays as fast roaming targets: a. Broadcast — the Array uses a broadcast technique to discover other Arrays that

may be target for fast roaming b. Tunneled – Fast roaming target Arrays must be explicitly specified

3) Specify the Fast Roaming Layer

a. 2 and 3 – enable roaming capabilities between IAPs or Arrays at Layer 2 and Layer 3 b. 2 only – enable roaming capabilities between IAPs or Arrays at Layer 2 only

4) Indicate how the Array share roaming information

a. With all Arrays (Layer 2 only) b. With Arrays within range (Layer 2 only) c. With specifically targeted Arrays (Layer 2 and Layer 3)

i. Add Arrays to the fast roaming target list (necessary only when tunneled mode and/or specifically targeted Arrays are selected) 1. If Layer 2 roaming is selected, enter MAC address (i.e. Gigabit1 MAC

address) of target Array 2. If Layer 3 roaming is selected, IP address/hostname of the target Array can be

used


Rev 102008 19

5) Save the configuration by clicking the Save button

Note: XRP uses the following ports that should not be blocked by the network/firewall:

- Layer 2 Roaming uses UDP to share PMK info between Arrays and uses Port 22610 - Layer 3 Roaming (Tunneling between Subnets) uses ports15000-17999

Configuration using Command Line Interface (CLI)

Quality of Service – Prioritization and Queuing 1) First, vlans are created under the vlan area of the CLI using the command.

vlan <vlan-name> number <vlan number>

2) Next, SSIDs are created under SSID section of the CLI using the command with vlan and

qos assigned to the newly created SSID.

ssid add <ssid name> vlan <vlan name> qos <qos catergory> enable

3) Save the configuration with the save command.


Rev 102008 20

Quality of Service – Call Admission Control Call Admission Control configuration is done under the IAP global settings area of the CLI using the command

iap-phones <max phones allowed>


Rev 102008 21

Roaming/Call Hand-Off 1) At interface iap global setting level, configure the layer at which fast-roaming capabilities

will be enabled - fast-roaming layer <2-only/2-and-3>

2) Select the mode to identify other array as roaming targets and how the roaming information is shared - fast-roaming mode <broadcast/tunneled> <all/in-range/target-only>

3) If necessary, add the target Arrays using the command - fast-roaming add-target <MAC

address/IP address/hostname>


Rev 102008 22

Application Example This section demonstrates an Array deployment at conference/trade show used for both voice and data traffic.

Network Topology At this site, 12 Arrays are deployed to provide wireless coverage for 2 floor areas, mainly the show floor and the conference area (total coverage area of 1,000,000 square feet). At the show floor, Wi-Fi access is provided for laptops, VoIP phones as well as mobile-mobile convergence phones. While at the conference area, Wi-Fi access is provided only to laptops and VoIP phones. Over 600 concurrent users are provided with a total bandwidth of 9.7Gbps wireless traffic.


Rev 102008 23

Diagram 8: Deployment of Xirrus Arrays at a show


Rev 102008 24

Configuration With the support of 802.1q on the Array, data and voice traffic are separated into different VLANs which allow QoS prioritization to take place at the switches though it can be implemented on the Array as well. SSIDs in use

• Wireless – used by laptops • Wireless_11a – used by laptops • VoIP – used by VoIP phones • Mobile – used by mobile-mobile convergence phones

Diagram 7: Array configuration at the show floor

Diagram 8: Array configuration at the conference area


Rev 102008 25

Tips and Recommendations

When should QoS be enabled? QoS should be enabled when service differentiation is required and to prioritize traffic which is delay sensitive such as voice and video applications.

When is Call Admission Control used? CAC is used to prevent oversubscription of voice calls on the network by setting a value for the maximum number of phones that can associate to a single IAP. The parameter that sets CAC on the Xirrus Array is “Max Phones per IAP” (in the web management interface). The allowed values for this setting are from 0 to 16. Tests should be conducted to ensure data traffic also has its fair share of access to the wireless medium. It is recommended to enable Load Balancing when using CAC.

Note: CAC currently applies only to Spectralink Wi-Fi phones that are associated to the Array. The maximum value that should be set when using Spectralink phones is 12.

Will roaming work with other vendor’s AP? Yes but only for WPA2. All wireless access point vendors should support IEEE802.11i as described in the earlier section which allows pre-authentication of the clients to all APs on the Layer 2 subnet.

When do I use Layer 2 fast roaming? Layer 2 fast roaming is enabled when all the Arrays are on the same subnet within a single roaming domain that a user is likely to roam to.

When do I use Layer 3 fast roaming? Layer 3 fast roaming is enabled when some of the Arrays are on different subnets that a user is likely to roam to.

When do I select all, in-range or Targeted for the roaming information to be shared with? All-Mode allows sharing of roaming information with all Arrays on the same subnet. However, if the network has 100’s of Arrays on the same subnet, then this is a poor choice. For in-range mode to work, the monitor radio has to be up on the Array to listen for other Arrays in range. Targeted mode allows user to enter a specific list of Arrays to share info with. This may be the best approach if there are a lot of Arrays on a network and it doesn’t have the monitor on everywhere. Typically for Layer 2 roaming, In-range is the best option since most Array deployments will utilized the monitor radio. For Layer 3 roaming, Targeted is the only option.

xirrus application note vowifi note – voice over wi-fi rev 102008 4 theory of operation voip over...

Documents