Introduction

Being most of the WiFi clients in today's world as mobile, support for roaming has become essential feature in the WiFi products than an optional feature.

What is WiFi Roaming ?

Roaming is a process of migrating from one WiFi AP to another WiFi AP. It is also referred as handoff. As opposed to cellular infrastructure, where roaming is managed and controlled by base station (equivalent to AP in WiFi), whereas in the WiFi infrastructure decision to roam is completely driven by WiFi Client

Default steps involved in WiFi connection

WiFi connection involves the below steps

1. Authentication

2. Association (re-Association)

3. EAP Authentication (Only for Enterprise security 802.1x EAP methods, like EAP-TLS, PEAP-MSChapv2, EAP-FAST, LEAP, PEAP-GTC, EAP-TTLS)

4. Key Handshake (WPA-PSK, WPA2-PSK along with EAP authentication methods)

The key difference between association and re-association frame is inclusion of previous AP's MAC address in re-association request. During roaming re-association request will be sent so that new AP can request the old AP for any buffered packets. New AP <---> Old AP communication is out side the scope of IEEE 802.11 and each vendor has their own implementation.

Additional Notes on WLAN Security Keys

This subsection describes the important details of WLAN security internals, which are key to understand the roaming. There are three keys involved in the secured WLAN connection. One is the master key, pairwise key and groupwise key.

Master key is derived for EAP security methods with SSL handshake during step-3 (EAP Authentication). Master key for PSK (WPA-PSK/WPA2-PSK) is same as pre-shared key entered by user.

Pairwise key is derived dynamically with 4-way handshake, which is used for encrypting/decrypting the unicast traffic between WiFi STA and WiFi AP. This key is unique for each association relation between a AP and STA.

Groupwise key is for encrypting/decrypting the multicast/broadcast traffic. As it is implicit that multicast/broadcast traffic is meant for multiple stations in each BSS, each BSS needs to have same groupwise key. AP shares the encrypted groupwise key during 4-way handshake to each STA. You might have a question that how does AP protects the integrity of groupwise key as its distributed to all stations in BSS? There is a provision in WLAN std to update the group key by doing a process of "group key rotation", which can be triggered on various scenarios like when a station leaves the BSS or periodically (most of the APs expose this periodic interval configuration)

Roaming Enhancement Standards

During the roaming process, STA needs to go through the same above steps. IEEE 802.11 std has provided few amendments to avoid some steps to improve the roaming time.

1. IEEE 802.11i (Key Caching)

2. IEEE 802.11r (Fast BSS Transition)

3. Cisco CCKM

1. IEEE 802.11i (Key Caching)

This amendment avoids the step-3 (EAP authentication) during the roaming process. This is mainly based on the fact of caching the master key derived during the step-3 (EAP authentication) of initial connection.

2. IEEE 802.11r (Fast BSS Transition)

This amendment avoids both step-3 and step-4 during roaming process. This is applicable for both EAP security methods and PSK methods.

3. Cisco CCKM

This is part of CCX (Cisco Compatible Extensions) standard. This feature allows avoiding step-3 and step-4 during roaming for EAP methods only.

Example Handoff

Below is a snapshot showing the handoff.

How is the Roaming Time (Hand off Delay) Calculated ?

There are various methods the roaming time is calculated. MAC level roaming time is from the time last probe request to last EAPOL packet (security key handshake step-4). Application level roaming time is from the last data packet received from previous AP to 1st data packet from new AP.

Application level time is more relevant in most cases, though this has dependency on network stack and especially the frequency (rate at which) of packets being generated from application.

Conclusion

In most of WiFi products usage, it is required to have minimal or no data loss (seamless handoff) to happen during roaming process.

Based on our experience, we always found that default WiFi drivers provided by WiFi chipset vendors may not have good roaming support. Prowess team has extensive experience in implementing the proprietary roaming optimizations and IEEE 802.11 Standards like IEEE 802.11r, 802.11k and 802.11v. Please refer to more details on enterprise roaming suite.

Please contact us to discuss your requirement.

Foot Notes

• IEEE 802.11f amendment was meant for AP to AP communication, but was cancelled before it reached to ratification stage.

#roaming #fastroaming #supplicant #wifiroaming #clientroaming #wifi #association #EAP #8021x #ccx #80211i #80211r #FT #CCKM