Mesh and WDS: Difference between revisions

From OLPC
Jump to navigation Jump to search
 
(22 intermediate revisions by 8 users not shown)
Line 1: Line 1:
{{OLPC}}
{{OLPC}}


= Wireless Distribution Systems =
= What are WDS frames? =


Wireless Distribution System (WDS) frames is a special type of data frame
A [http://en.wikipedia.org/wiki/Wireless_Distribution_System Wireless Distribution System] (WDS) is a system that enables the interconnection of access points wirelessly.

defined in the 802.11 standard that has 4 address fields (instead of 3). The
Early 802.11 access points could not allow wireless nodes to "roam" between access points.
More expensive 802.11 "bridges" offered that ability, but required each access point to be
connected by Ethernet to each other and to the larger Internet.
Later bridges such as the Cisco/Aironet 350 would allow
access points to connect back to the Internet and other access points over the air, in what we
call below a "Static WDS" configuration. Later equipment attempts to make WDS connections
automatically.

= WDS frames? =
WDS systems are implemented using a unique frame format for over-the-air packets.
WDS frames are defined in the 802.11 standard to have 4 address fields (instead of 3). The
standard defines the frame format but does not indicate how it should be used.
standard defines the frame format but does not indicate how it should be used.


Different 802.11 Access Point (AP) vendors have manufactured equipment that
Different 802.11 Access Point (AP) vendors have manufactured equipment that
uses WDS in different ways:
uses WDS frames in different ways:


== Static WDS ==
== Static WDS ==
Line 14: Line 25:
With this type of configuration, a number of WDS links (MAC addresses of other
With this type of configuration, a number of WDS links (MAC addresses of other
APs within range) are manually configured on each Access Point and recorded in
APs within range) are manually configured on each Access Point and recorded in
an internal WDS link table. All traffic from the BSS (the stations that are
an internal WDS link table. Client traffic that needs to relay through another
local to a given AP) is distributed through each WDS link using WDS frames.
access point or bridge is resent over the air toward its destination, using WDS frames.


== Dynamic WDS (aka Lazy-WDS) ==
== Dynamic WDS (aka Lazy-WDS) ==
Line 25: Line 36:
as WDS-capable.
as WDS-capable.


= APs that do Lazy-WDS =
=== APs that do Lazy-WDS ===


* Linksys WRT54G, undocumented. Cannot be turned off.
* Linksys WRT54G, undocumented. Cannot be turned off. [http://rgbdream.com/?p=44 Tutorial on using it].
* Buffalo WHR-HP-G54. Can be turned off.
* Buffalo WHR-HP-G54. Can be turned off.
* Apple Airport Express. Can be turned off. [default: off]. [http://rgbdream.com/?p=44 Tutorial on using it].


== XO use of WDS frames ==
= Interactions with xo's =


The Marvell wireless chip used in XO laptops is programmed with firmware that creates
OLPC mesh frames use WDS frame format augmented with a new mesh specific
a wireless mesh automatically. This is similar to Lazy-WDS in intent (any node can talk
header. Lazy-WDS APs will interpret mesh traffic as WDS, so the AP will
to any other node, even if they're outside of direct radio range; the packets are relayed via intermediate nodes). The implementation tries to follow the draft 802.11s standard (which is unfortunately
create a new WDS link for each xo in the vicinity. This has created numerous
not available on the Internet). OLPC mesh frames use WDS frame format augmented with a new mesh specific
header.

= Interactions Between XO's and other WDS nodes =

Lazy-WDS APs will interpret XO mesh traffic as WDS and
create a new WDS link for each XO in the vicinity. This has created numerous
problems:
problems:


Line 43: Line 62:
to the xo will be sent in WDS format. The xo's can differentiate normal WDS
to the xo will be sent in WDS format. The xo's can differentiate normal WDS
frames (sent from the AP) from OLPC mesh traffic (from other xo's), so this
frames (sent from the AP) from OLPC mesh traffic (from other xo's), so this
does not cause any user observable problem (#901).
does not cause any user observable problem ([http://dev.laptop.org/ticket/901 #901]).


== Spurious traffic ==
== Spurious traffic ==
Line 50: Line 69:
other WDS-peers. Because xo's are wrongfully recorded as WDS nodes, we've
other WDS-peers. Because xo's are wrongfully recorded as WDS nodes, we've
seen spurious authentication frames sent to them from the AP. That has the
seen spurious authentication frames sent to them from the AP. That has the
effect of waking up suspended xo's for no apparent reason (#3504).
effect of waking up suspended xo's for no apparent reason ([http://dev.laptop.org/ticket/3504 #3504]).

In addition to the authentication frames, we have also observed the AP sending
NULL data frames to the xo's:

No. Time Source Destination Protocol Info
3816 9.233094 Cisco-Li_b8:6d:d3 QuantaMi_05:26:1f IEEE 802.11 Null function (No data),SN=2735,FN=0
4050 9.807919 Cisco-Li_b8:6d:d3 QuantaMi_05:26:1f IEEE 802.11 Null function (No data),SN=2747,FN=0
4316 10.428346 Cisco-Li_b8:6d:d3 QuantaMi_05:26:1f IEEE 802.11 Null function (No data),SN=2763,FN=0
4708 11.369663 Cisco-Li_b8:6d:d3 QuantaMi_05:26:1f IEEE 802.11 Null function (No data),SN=2780,FN=0
5132 12.399024 Cisco-Li_b8:6d:d3 QuantaMi_05:26:1f IEEE 802.11 Null function (No data),SN=2795,FN=0

It's been hypothesized (Rajesh) that Lazy-WDS APs may use NULL data frames to detect if WDS peers are alive.


== Denial of Service ==
== Denial of Service ==
Line 59: Line 90:
nodes in range as "WDS capable". Once a node is tagged as "WDS capable",
nodes in range as "WDS capable". Once a node is tagged as "WDS capable",
the wireless module will drop any non-WDS traffic to that destination. So
the wireless module will drop any non-WDS traffic to that destination. So
turning Lazy-WDS off will result in effectively cutting any communication with
'''turning Lazy-WDS off will result in effectively cutting any communication with all the xo's in range''', even if the xo is associated to the AP.
Note that this has only been observed on an access point that was re-imaged
all the xo's in range, even if the xo is associated to the AP.
to use the unsupported OpenWRT firmware.


== WDS-link table overflow ==
== WDS-link table overflow ==
Line 68: Line 100:
APs with a '''large''' number of WDS links. At some point the AP would mistakenly
APs with a '''large''' number of WDS links. At some point the AP would mistakenly
send traffic destined for one xo to a different node. It is not clear yet why
send traffic destined for one xo to a different node. It is not clear yet why
this happened (#4131).
this happened ([http://dev.laptop.org/ticket/4131 #4131]).

It's also reported that when that happens, infrastructure traffic slows down.
Round trip times between associated STAs are in the order of seconds.


== Duplicate frames ==
== Duplicate frames ==


Not sure why, but Lazy-WDS APs (at least the WRT54G) generate two WDS responses for each frame received
Not sure why, but Lazy-WDS APs (at least the WRT54G) generate two WDS responses for each frame received
from an associated station (#1863).
from an associated station ([http://dev.laptop.org/ticket/1863 #1863]).

== Neighboring Stations Lose Association ==

Several people have reported this, but we don't have a traffic capture to confirm that this is related to Lazy-WDS.

([http://dev.laptop.org/ticket/4805 #4805], [http://dev.laptop.org/ticket/4921 #4921])


= Solutions =
= Solutions =


Lazy-WDS is a flawed routing protocol that provides no protection against routing loops or changes in wireless link quality.
Ban Lazy-WDS APs accross the land. If that is not possible by tomorrow
APs that implement Lazy-WDS should be upgraded to support 802.11s.
morning, ask vendors to provide firmware upgrades that allow turning off WDS

entirely.
If that is not possible by tomorrow morning, ask vendors to provide firmware upgrades that allow turning off WDS/mesh
entirely.

To avoid these problems, OLPC decided to change frame formats to not use WDS frames for mesh broadcast traffic. That prevents the undesired interactions with Lazy-WDS equipment described in this page.

[[category:Network]]

Latest revision as of 18:15, 10 June 2008

  This page is monitored by the OLPC team.

Wireless Distribution Systems

A Wireless Distribution System (WDS) is a system that enables the interconnection of access points wirelessly.

Early 802.11 access points could not allow wireless nodes to "roam" between access points. More expensive 802.11 "bridges" offered that ability, but required each access point to be connected by Ethernet to each other and to the larger Internet. Later bridges such as the Cisco/Aironet 350 would allow access points to connect back to the Internet and other access points over the air, in what we call below a "Static WDS" configuration. Later equipment attempts to make WDS connections automatically.

WDS frames?

WDS systems are implemented using a unique frame format for over-the-air packets. WDS frames are defined in the 802.11 standard to have 4 address fields (instead of 3). The standard defines the frame format but does not indicate how it should be used.

Different 802.11 Access Point (AP) vendors have manufactured equipment that uses WDS frames in different ways:

Static WDS

With this type of configuration, a number of WDS links (MAC addresses of other APs within range) are manually configured on each Access Point and recorded in an internal WDS link table. Client traffic that needs to relay through another access point or bridge is resent over the air toward its destination, using WDS frames.

Dynamic WDS (aka Lazy-WDS)

In this configuration an AP automatically learns about other WDS-capable APs. This is done by recording the addresses of all the sources of WDS traffic in the vicinity. We could not find documentation on whether only broadcast WDS traffic or just any WDS traffic will trigger an AP to add a record another AP as WDS-capable.

APs that do Lazy-WDS

XO use of WDS frames

The Marvell wireless chip used in XO laptops is programmed with firmware that creates a wireless mesh automatically. This is similar to Lazy-WDS in intent (any node can talk to any other node, even if they're outside of direct radio range; the packets are relayed via intermediate nodes). The implementation tries to follow the draft 802.11s standard (which is unfortunately not available on the Internet). OLPC mesh frames use WDS frame format augmented with a new mesh specific header.

Interactions Between XO's and other WDS nodes

Lazy-WDS APs will interpret XO mesh traffic as WDS and create a new WDS link for each XO in the vicinity. This has created numerous problems:

WDS responses to infra frames

At least in one AP (Linksys WRT54G) the WDS link will override the association table, so, even if the xo is associated with the AP, all traffic from the AP to the xo will be sent in WDS format. The xo's can differentiate normal WDS frames (sent from the AP) from OLPC mesh traffic (from other xo's), so this does not cause any user observable problem (#901).

Spurious traffic

When authentication is enabled, a Lazy-WDS AP will try to authenticate with other WDS-peers. Because xo's are wrongfully recorded as WDS nodes, we've seen spurious authentication frames sent to them from the AP. That has the effect of waking up suspended xo's for no apparent reason (#3504).

In addition to the authentication frames, we have also observed the AP sending NULL data frames to the xo's:

  No.  Time        Source                Destination           Protocol Info
  3816 9.233094    Cisco-Li_b8:6d:d3     QuantaMi_05:26:1f     IEEE 802.11 Null function (No data),SN=2735,FN=0
  4050 9.807919    Cisco-Li_b8:6d:d3     QuantaMi_05:26:1f     IEEE 802.11 Null function (No data),SN=2747,FN=0
  4316 10.428346   Cisco-Li_b8:6d:d3     QuantaMi_05:26:1f     IEEE 802.11 Null function (No data),SN=2763,FN=0
  4708 11.369663   Cisco-Li_b8:6d:d3     QuantaMi_05:26:1f     IEEE 802.11 Null function (No data),SN=2780,FN=0
  5132 12.399024   Cisco-Li_b8:6d:d3     QuantaMi_05:26:1f     IEEE 802.11 Null function (No data),SN=2795,FN=0

It's been hypothesized (Rajesh) that Lazy-WDS APs may use NULL data frames to detect if WDS peers are alive.

Denial of Service

OpenWRT is an open source version of the software that runs on the WRT54G. With that software, it is possible to turn off Lazy WDS. What is not possible, though, is to prevent the wireless firmware from internally tagging nodes in range as "WDS capable". Once a node is tagged as "WDS capable", the wireless module will drop any non-WDS traffic to that destination. So turning Lazy-WDS off will result in effectively cutting any communication with all the xo's in range, even if the xo is associated to the AP. Note that this has only been observed on an access point that was re-imaged to use the unsupported OpenWRT firmware.

WDS-link table overflow

The table of WDS-links must have a size limit. At OLPC headquarters, where there are over one hundred active xo's at any point in time, we could see APs with a large number of WDS links. At some point the AP would mistakenly send traffic destined for one xo to a different node. It is not clear yet why this happened (#4131).

It's also reported that when that happens, infrastructure traffic slows down. Round trip times between associated STAs are in the order of seconds.

Duplicate frames

Not sure why, but Lazy-WDS APs (at least the WRT54G) generate two WDS responses for each frame received from an associated station (#1863).

Neighboring Stations Lose Association

Several people have reported this, but we don't have a traffic capture to confirm that this is related to Lazy-WDS.

(#4805, #4921)

Solutions

Lazy-WDS is a flawed routing protocol that provides no protection against routing loops or changes in wireless link quality. APs that implement Lazy-WDS should be upgraded to support 802.11s.

If that is not possible by tomorrow morning, ask vendors to provide firmware upgrades that allow turning off WDS/mesh entirely.

To avoid these problems, OLPC decided to change frame formats to not use WDS frames for mesh broadcast traffic. That prevents the undesired interactions with Lazy-WDS equipment described in this page.