Close

HPE Aruba Networking Blogs

Openness is Critical to Find and Remediate Targeted Attacks

By Keith Parsons, Contributor

Like many industries, the Wireless LAN community is made up of people with a wide range of education and experience. Even those with decades of experience can still learn and adapt our view of how the invisible medium we work with works.

At Aruba's Atmosphere 2018 conference I had the opportunity to sit in a session by Eric Johnson (@ej_wireless on Twitter), also known as Dr. RF. It was an enlightening and entertaining discussion where I learned new aspects of topics I thought I learned and have repeated for 18 years. Truthfully, it was a bit humbling to know I didn't know what I thought I knew.

I'm only going to cover two of many "Eureka Effect" moments.

First – we've been using this simple Spectral Mask for OFDM signals for years since it was first introduced in 802.11a.

RFNutsandBolts_pic1.png

But in this session, I finally learned where it comes from… especially the 'shoulders'.

The first part is the digital signal – the OFDM portion. It looks something like this:

RFNutsandBolts_pic2.png

Note – this isn't exactly like what the spectral mask from IEEE shows.

We then need to add green in as the wideband channel noise floor…

RFNutsandBolts_pic3.png

Then we finally add in the blue 'noise' generated by the Power Amplifier's Non-Linearity. Based on keeping costs low, thermal noise low, we end up with PA's with less than perfect amplification.

RFNutsandBolts_Pic4.png

It might be possible to work this out of a Wi-Fi transmitter, but at a very high cost, both in terms of cost of goods sold, but power consumption and heat generation too – all three of which put this out of the range of even Enterprise-grade equipment, let alone consumer client devices.

This total amount of RF being transmitted results in the now familiar Spectral Mask used by the IEEE specifications. It is the combination of the Red Digital Signal, the Green Background Noise, and finally the Blue Power Amplifier's resulting noise to get the entire package we are used to seeing.

RFNutsandBolts_pic5.png

It is this 'shoulder' noise we are concerned with when adjacent channels are so close as to interfere with other RF signals on our primary channel in question.

This also deals with the reduction of power needed at various MCS rates as to not overpower and distort RF. This means going to higher MCS, with higher modulation schemes results in lower Transmit Power. Here is a table of Aruba's changes in Tx power based on MCS. Note the nearly 10X difference between BPSK and 256QAM!RFNutsandBolts_Pic6.png

We've always known there is a significant difference in the ability to transmit more or fewer bits per symbol based on changing of EVM (Error Vector Magnitude) to suit environmental conditions. But this is exacerbated by the necessary lowering of Tx power based on the above table.

RFNutsandBolts_Pic7.png

The second major learning experience concerned the supposed religious fervor of many to 'match' Tx power of the Access Points with the Tx power of client devices. The idea here it to try and keep both as close to possible to continue to have 'balanced' power between the two ends of this communication link.

Personally, I've not been a believer in this 'religion' – since I've seen high Tx power of AP's and low client Tx power situations work fine in the real world. But it has been a big source of contention with many who have listened to and believe. (If it was true that all communications need a balanced link – then packet analysis would show matched MCS upstream and downstream – and in the real world, this is a rarity.)

Not to mention – the 802.11 protocol requires an Acknowledgement for each Data frame sent. So 'one-way' communication isn't possible. Though it is possible, even highly probable, to have differing MCS and modulation schemes in uplink and downlink communications.

Finally, this session included a spreadsheet explaining the math behind allowing for mis-matched Tx power – yet still having link path loss nearly identical. Here's one example using 100mw of Tx power (20dBm) with an EIRP of 30dBm at the 4x4:4 AP with a 4dBi antenna, along with a standard 1x1:1 client device transmitting at 25mw (14dBm) with a 0 dBi antenna.

RFNutsandBolts_Pic8.png

When the Aruba Atmosphere 2018 session presentations are published online, I strongly recommend you take a chance to watch and review this session by Eric Johnson to delve deeper into these, and other RF basics.

I learned an amazing amount of details behind what I thought I knew of RF, and I think you will too!

The session title Basic Radio: RF Nuts and Bolts.