A small network at home or in a small office may consist of only a single access point. It covers some area and outside of coverage there is no network – very simple. To cover a larger office or a multi-storey home requires multiple access points. The users may move from the vicinity of one access point to the next. How does Wi-Fi roaming actually work?
Roaming
In the 802.11 standard the client devices choose the access point they want to associate with. APs don’t have any control over roaming. The good news is that no coordination is required for roaming. As long as the APs broadcast a network with the same name and the same password, the clients can transparently switch from one AP to another. Roaming works even across APs from different brands. You can have an Asus in the living room and a D-Link in the kitchen and your Skype call will transparently continue when you walk from room to room. No configuration is required.
The roaming above does require that the access points are just bare access points. Most consumer grade APs are also routers, firewalls and IP address dispensers. The Skype call will disconnect if the user moves from behind a firewall to behind another and even gets a new IP address. The interruption will not show up in browsing or email applications since they don’t require continuous connection.
Enterprise access points are typically plain access points and the firewall is at the uplink to Internet. In this scenario the roaming is seamless. You can achieve this with consumer grade equipment as well, but it will require some configuration changes.
Roaming problems
Sometimes the roaming is not seamless. The most common problem occurs when the client device won’t roam even when there is a better access point nearby. Most client devices won’t active look for better APs but will only start looking for one when the connection degrades significantly. For example Apple iOS devices will start looking for a new AP when the signal level drops below -70dBm. Most other vendors don’t publish exact figures but they are in the same range. For some reason the trigger is typically only signal strength or RSSI. Noise ratio (SNR) or even transmission errors or retries don’t matter if the received signal is strong enough.
Why would there be transmission errors if the signal is strong? If there is a big mismatch between AP and client transmit powers. The AP may transmit at 200mW when a cell phone may max out at 15mW. The phone will receive a strong signal from the AP while the AP can barely receive the phone. As long as there is some kind of connection the phone won’t even look at other APs. The current one is still showing “full bars”. Only when the connection is completely lost will the phone start scanning, which may take seconds. In that time all connections will break. This will occur even if the user is standing right below an AP.
Transmit power level mismatch is also the most common cause for uneven distribution of clients over the access points. In the worst case all client devices are associated with the AP in the lobby, if it covers the entire office. The devices associated with the lobby AP when they arrived and haven’t roamed since because the signal is strong enough. All other APs are underutilized while one or few are over utilized.
The solution to these roaming problems is to turn down the transmit power of the APs to better match the user devices. A big difference in power levels won’t do any good, it will only cause trouble. Transmit power is like good cognac or whiskey: enough is good, too much is bad.
802.11k, 802.11r and 802.11v
The basic principles of 802.11 roaming aren’t going to change. However, there are a few add-ons to help client devices with roaming.
802.11k adds a list of channels to all beacons the access point transmits. This list will tell clients which channels are in use for this network. The client devices won’t need to scan through the whole spectrum when looking for a new AP. The devices will typically listen on each channel for 200ms while scanning. If there are 24 channels on 5GHz it will take almost five seconds to scan through all of them.
802.11v adds information on access point utilization to the beacons. This will hint the clients to choose an AP with less load, even if the signal is slightly weaker. Data throughput may still be better than in a crowded cell.
802.11r standardizes client authentication improvements and is often known as Fast Roaming. In the common WPA2 Personal or Pre-Shared Key the authentication is fast enough already so there is no benefit in using 802.11r. However, in WPA2 Enterprise the AP has to contact a RAIDUS server to authenticate the client, which is slow. In 802.11r the client devices will pre-authenticate with nearby access points just in case it will need to roam. When it does, the authentication is already completed so the switch is quick.
802.11 k, r and v (or a subset) are either on, optional, off or unsupported depending on the system. If you have 802.11k and/or 802.11v then you should turn them on in a multi-AP environment. They may confuse some old Android devices so you need to test the effects in your network. In WPA2 Enterprise networks you should test 802.11r, but don’t turn it on in WPA2 Personal networks. 802.11r causes even more compatibility problems so you should again test the net effect.
Excelent post congrats, keep up the good work.
Thanks! I’be been very busy lately so there haven’t been new articles for a while, but there will be.
Very helpful information.
Thanks a lot.
Thank you, Petri.