Pages

Thursday, November 10, 2016

802.11r roaming (Fast BSS Transition)

 So far 802.11 standard not mentioned any specific roam implementation until 802.11r amendment. So that each vendor will do the research in different ways and will come up with different solution.  So we got different roaming techniques from diffrent vendors. But each roam technique have their own advantages and limitations. So 802.11r amendment came to standardize the roaming across different vendors and address all the existing limitations.

First we will understand the different available roam techniques and their limitations. Then we can go to 802.11r. Below are the different roam algorithms according to their priority from top to bottom.

CCKM : It is Cisco specific roam  technique only. We can’t roam with other vendor infra.

MoveOp : It is Motorola specific roam  technique only. We can’t roam with other vendor infra

Pre-auth : we need to pre-auth with many APs that will consume network resources. Each AP have to remember PMKSA of all the clients.

OKC :  Each vendor Implemented on their own way. So inter vendor roaming and inter controller roaming not possible.

PMK Caching: We need to maintain PMK caching for each AP. Which is not possible when we have large networks.

802.11r advantages:

1. we can roam across different vendors using the standardized roam technique.

2. We should able to  roam across entire ESS even APs may not be under same controller under same mobility domain.

3. We should able to reserve the required bandwidth at the time of connection it self.

4. Getting the AP neighbor reports .

5. We are able to roam less than 100 ms so that voice will continue without any breaks.


6. Authentication for the client device should be done only once.

FT  definitions:         


          Mobility Domain : A set of BSS (basic service sets), within the same ESS (extended service set), that support Fast BSS transitions.

 i.e  All the  APs under multiple controller will create one Mobility domain. So that client can roam between APs of different controller.

PMK-R0 :  First level of the Fast BSS Transition key hierarchy. Derived from MSK (say PMK). Usually it is controller which will hold the PMK.

PMK-R1 :  Second level of the Fast BSS Transition key hierarchy. Derived from PMK-R0.
                       Usually it is AP which will derive PMK-R1 keys.

FT Key Hierarchy:


FT Key Handling Process:


FT Methods:


Over-the-Air
        STA communicates directly with the target AP using FT authentication frames.
Over-the-DS
        STA communication to the target AP via current AP using FT Action frames.


Below is the snapshot of beacon which specifies the FT Authentication as part of AKMP suite. We can see Mobility domain Filed and FT capability  which tells it is using FT over Air or FT over DS.





FT Initial Association:


Below Capture will show us the FT Initial Association



Below packet shows the FT initial association request packet MDIE and RSNIE





Below packet shows the FT initial association response packet MDIE and FTIE





RSN Re-association (Over the Air):




Below capture shows the FT re-association procedure.



Below capture shows FT re-association request packet format



Below capture shows FT re-association response packet format


FT RSN Re-association (Over DS)