HANDS-ON THE DEPLOYMENT OF A LABORATORY WIRELESS NETWORK€¦ · HANDS-ON THE DEPLOYMENT OF A...

Studienseminar für Datentechnik

HANDS-ON THE DEPLOYMENT OF A LABORATORYLABORATORY

WIRELESS NETWORK

Binh Thuan Nguyeng yDiplom Informatik Student

Advisor: Prof. Jukan, Said Zaghloul, g

CONTENTSCONTENTS

1. Motivation

2. Background

b S d S f k3. Lab Setup and Software Packages

4. Demonstrations

5. Experimental Results

6. Summary and Conclusions

Folie 2

1 MOTIVATION1. MOTIVATION

H i th ti b t i l li t d i t ? How secure is the connection between wireless clients and access points ?We want to setup a wireless Lab, which offers very good security.

Solution: Radius

EAP E ibl A h i i P lEAP: Extensible Authentication ProtocolRADIUS: Remote Authentication Dial-In User ServiceAAA: Authentication, Authorization & Accounting

Folie 3

1 MOTIVATION1. MOTIVATION

From the network layer’s standpoint, how mobile is a user ?We want setup a wireless lab, which offers the mobile node‘s address to always remain the same, wherever it moves from a access point to another access point.

Solution: MIPv6

Folie 4

2 BACKGROUND2. BACKGROUND

What is RADIUS ? What is RADIUS ?Radius (Remote Authentication Dial-In User Service) is a networking protocol, which supports:

Centralized access Centralized access Authorization Accounting management

Properties of RADIUS The RADIUS protocol does not transmit passwords in cleartext

b t th N t k A S d RADIUS i between the Network Access Server and RADIUS server in our experiment.

RADIUS uses UDP as Transport Layer

Folie 5

2. BACKGROUND2. BACKGROUND

• How does EAP TTLS work ?• How does EAP-TTLS work ?

Folie 6


Folie 7

2 BACKGROUND2. BACKGROUND• What is Mobile IPv6 ? MIPv6 is a communication protocol to allow mobile device users can

access the difference Network by the same IP address The Mobile IPv6 protocol makes mandatory the use of IPsec

• IPSec (Internet Protocol Security)IPsec is a dual mode, end-to-end, security scheme operating at the Internet Layer (Layer 3) of the Internet Protocol Suite to:

- Protect the Binding Update/Binding Acknowledge messages for Home Registration

- Tunnel all traffic between Mobile Node and Home Agent when the Mobile Node is not at home

Folie 8


• How does Mobile IP work ?• How does Mobile IP work ?

Folie 9

3 LAB SETUP3. LAB SETUP

eth0 eth2

eth1 eth1eth4

eth0

HA: Home AgentAAA: RADIUS ServerMN: Mobile Node

Folie 10

AR: Access RouterAP: Access Point


• The Home Agent (as well as AAA Server) :• The Home Agent (as well as AAA-Server) :

eth4: 2001:db8:2::1 eth1: 2001:db8::1eth4: 2001:db8:2::1

eth0: Uni IP addresseth3: 192.168.1.3

• The Mobile Node :

ath0: 2001:db8::beef

Folie 11


• The Access Router 1:• The Access Router 1:

eth2: 2001:db8:3::1eth1: 2001:db8:2::2 eth2: 2001:db8:3::1eth1: 2001:db8:2::2

• The Access Router 2:

eth3: 2001:db8:2::3 eth4: 2001:db8:5::1

Folie 12


• The Access Point 1 (a PC):• The Access Point 1 (a PC):eth0: Uni IP address

ath0eth1

• The Access Point 2 (a Hardware Router):• The Access Point 2 (a Hardware Router):

Wire interface: 192.168.1.1

Wire interface Wireless interface

Folie 13


• Software packages:

Note Software VersionHome Agent MIPv6 kernel patch 2.6.22-14

• Software packages:

(AAA) MIPv6 DeamonRadvd

Racoon2 Mysql

0.41.00.6

5.0.45Mysql Freeradius Daloradius

1.1.30.9-7

Mobile Node MIPv6 kernel patch 2.6.22-14MIPv6 Deamon

Racoon2 Wpa_supplicant

0.40.6

0.5.8Access Router Rad d 1 0Access Router

1Radvd 1.0

Access Router 2

Radvd 1.0

Folie 14

2Access Point 1 Madwifi

Hostapd0.9.20.5.5


• The Problems:• The Problems:- MIPv6 Kernel patch- IPSec Configuration

C tifi t- Certificates

• The Goal:After the Setup, we should have a wireless lab which supports:- Security wireless authentication- MIPv6

Folie 15

4 DEMONSTRATIONS 4. DEMONSTRATIONS

• Radius:• Radius: Radius Connection (inclusive Handoff):

Trying to associate with 00:1c:f0:0f:20:16 (SSID='accesspointA' freq=2417 MHz)Associated with 00:1c:f0:0f:20:16f fCTRL-EVENT-EAP-STARTED EAP authentication startedCTRL-EVENT-EAP-METHOD EAP vendor 0 method 21 (TTLS) selectedCTRL-EVENT-EAP-SUCCESS EAP authentication completed successfullyWPA: Key negotiation completed with 00:1c:f0:0f:20:16 [PTK=CCMP GTK=CCMP]

CTRL EVENT DISCONNECTED Di t t k

WPA: Key negotiation completed with 00:1c:f0:0f:20:16 [PTK=CCMP GTK=CCMP]CTRL-EVENT-CONNECTED - Connection to 00:1c:f0:0f:20:16 completed (auth) [id=1

id_str=]WPA: Group rekeying completed with 00:1c:f0:0f:20:16 [GTK=CCMP]CTRL EVENT DISCONNECTED Di t t kCTRL-EVENT-DISCONNECTED - Disconnect event - remove keysTrying to associate with 00:1c:f0:0f:20:16 (SSID='accesspointA' freq=2417 MHz)Authentication with 00:00:00:00:00:00 timed out.Trying to associate with 00:1a:70:e0:f8:e4 (SSID='accesspointB' freq=2462 MHz)Associated with 00:1a:70:e0:f8:e4

CTRL-EVENT-DISCONNECTED - Disconnect event - remove keysTrying to associate with 00:1c:f0:0f:20:16 (SSID='accesspointA' freq=2417 MHz)Authentication with 00:00:00:00:00:00 timed out.Trying to associate with 00:1a:70:e0:f8:e4 (SSID='accesspointB' freq=2462 MHz)Associated with 00:1a:70:e0:f8:e4CTRL-EVENT-EAP-STARTED EAP authentication startedCTRL-EVENT-EAP-METHOD EAP vendor 0 method 21 (TTLS) selectedCTRL-EVENT-EAP-SUCCESS EAP authentication completed successfullyWPA: Key negotiation completed with 00:1a:70:e0:f8:e4 [PTK=CCMP GTK=TKIP]CTRL-EVENT-CONNECTED - Connection to 00:1a:70:e0:f8:e4 completed (reauth) [id=0 id str=]

CTRL-EVENT-EAP-STARTED EAP authentication startedCTRL-EVENT-EAP-METHOD EAP vendor 0 method 21 (TTLS) selectedCTRL-EVENT-EAP-SUCCESS EAP authentication completed successfullyWPA: Key negotiation completed with 00:1a:70:e0:f8:e4 [PTK=CCMP GTK=TKIP]CTRL-EVENT-CONNECTED - Connection to 00:1a:70:e0:f8:e4 completed (reauth) [id=0 id str=]

Folie 16

CTRL EVENT CONNECTED Connection to 00:1a:70:e0:f8:e4 completed (reauth) [id 0 id_str ]CTRL EVENT CONNECTED Connection to 00:1a:70:e0:f8:e4 completed (reauth) [id 0 id_str ]


• Radius:• Radius: Radius Connection (inclusive Handoff):

Trying to associate with 00:1c:f0:0f:20:16 (SSID='accesspointA' freq=2417 MHz)Associated with 00:1c:f0:0f:20:16CTRL EVENT EAP STARTED EAP th ti ti t t dCTRL-EVENT-EAP-STARTED EAP authentication startedCTRL-EVENT-EAP-METHOD EAP vendor 0 method 21 (TTLS) selectedCTRL-EVENT-EAP-SUCCESS EAP authentication completed successfullyWPA: Key negotiation completed with 00:1c:f0:0f:20:16 [PTK=CCMP GTK=CCMP]CTRL-EVENT-CONNECTED - Connection to 00:1c:f0:0f:20:16 completed (auth) [id=1 id_str=]p ( ) [ _ ]WPA: Group rekeying completed with 00:1c:f0:0f:20:16 [GTK=CCMP]CTRL-EVENT-DISCONNECTED - Disconnect event - remove keysTrying to associate with 00:1c:f0:0f:20:16 (SSID='accesspointA' freq=2417 MHz)Authentication with 00:00:00:00:00:00 timed out.

CTRL-EVENT-EAP-STARTED EAP authentication startedCTRL-EVENT-EAP-METHOD EAP vendor 0 method 21 (TTLS) selectedCTRL EVENT EAP SUCCESS EAP h i i l d f ll

Trying to associate with 00:1a:70:e0:f8:e4 (SSID='accesspointB' freq=2462 MHz)Associated with 00:1a:70:e0:f8:e4CTRL-EVENT-EAP-STARTED EAP authentication startedCTRL-EVENT-EAP-METHOD EAP vendor 0 method 21 (TTLS) selectedCTRL EVENT EAP SUCCESS EAP h i i l d f llCTRL-EVENT-EAP-SUCCESS EAP authentication completed successfullyWPA: Key negotiation completed with 00:1a:70:e0:f8:e4 [PTK=CCMP GTK=TKIP]CTRL-EVENT-CONNECTED - Connection to 00:1a:70:e0:f8:e4 completed (reauth) [id=0 id_str=]

CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfullyWPA: Key negotiation completed with 00:1a:70:e0:f8:e4 [PTK=CCMP GTK=TKIP]CTRL-EVENT-CONNECTED - Connection to 00:1a:70:e0:f8:e4 completed (reauth) [id=0 id_str=]

Folie 17


Radius Wireshark: Radius Wireshark:

Folie 18



Folie 19



AVP: l=58 t=Vendor-Specific(26) v=Microsoft(311)VSA l 52 t MS MPPE R K (17) E2FDF6715DCBFA8A91A024F9E83D3E68D51DC1D53BC3910FVSA: l=52 t=MS-MPPE-Recv-Key(17): E2FDF6715DCBFA8A91A024F9E83D3E68D51DC1D53BC3910F...

MS-MPPE-Recv-Key: E2FDF6715DCBFA8A91A024F9E83D3E68D51DC1D53BC3910F...AVP: l=58 t=Vendor-Specific(26) v=Microsoft(311)

VSA: l=52 t=MS-MPPE-Send-Key(16): EFD45FA0614C44F618A7894832431833DB83E2D540597DF6...VSA: l 52 t MS MPPE Send Key(16): EFD45FA0614C44F618A7894832431833DB83E2D540597DF6...MS-MPPE-Send-Key: EFD45FA0614C44F618A7894832431833DB83E2D540597DF6...

Folie 20


• MIPv6:• MIPv6: MIPv6 Connection:

Fri Nov 21 22:34:18 __md_discover_router: discover link on iface ath0 (6)Fri Nov 21 22:34:18 md change default router: add new router fe80:0:0:0:215:17ff:fe4a:5ff0 _ g _ f _ f ff f ff

on interface ath0 (6)Fri Nov 21 22:34:18 md_update_router_stats: add coa 2001:db8:5:0:217:9aff:feb7:5671 on

interface (6)Fri Nov 21 22:34:20 mn move: 1751

Fri Nov 21 22:34:20 mn_block_rule_add: blackhole is already set.Fri Nov 21 22:34:20 mn_send_home_bu: 789Fri Nov 21 22:34:20 mn_get_home_lifetime: CoA lifetime 2591998 s, HoA lifetime 4294967295 s, BU

_Fri Nov 21 22:34:20 mn_move: in foreign netFri Nov 21 22:34:20 mn_block_rule_add: blackhole is already set.Fri Nov 21 22:34:20 mn_send_home_bu: 789Fri Nov 21 22:34:20 mn_get_home_lifetime: CoA lifetime 2591998 s, HoA lifetime 4294967295 s, BU g f f , f ,

lifetime 262140 sFri Nov 21 22:34:20 process_first_home_bu: New bule for HAFri Nov 21 22:34:20 bul_add: Adding bule

g f f , f ,lifetime 262140 s

Fri Nov 21 22:34:20 process_first_home_bu: New bule for HAFri Nov 21 22:34:20 bul_add: Adding bule

Folie 21


• MIPv6:• MIPv6: MIPv6 Connection:Fri Nov 21 22:34:18 __md_discover_router: discover link on iface ath0 (6)Fri Nov 21 22:34:18 md_change_default_router: add new router fe80:0:0:0:215:17ff:fe4a:5ff0 on interface ath0 (6)Fri Nov 21 22:34:18 md_update_router_stats: add coa 2001:db8:5:0:217:9aff:feb7:5671 on interface (6)Fri Nov 21 22:34:20 mn_move: 1751Fri Nov 21 22:34:20 mn_move: in foreign netFri Nov 21 22:34:20 mn_block_rule_add: blackhole is already set.

F i N d h b 7Fri Nov 21 22:34:20 mn_send_home_bu: 789Fri Nov 21 22:34:20 mn_get_home_lifetime: CoA lifetime 2591998 s, HoA lifetime

4294967295 s, BU lifetime 262140 sFri Nov 21 22:34:20 process_first_home_bu: New bule for HAFri Nov 21 22:34:20 bul_add: Adding bule

Folie 22


MIPv6 Connection (from the MN Side): MIPv6 Connection (from the MN Side):== BUL_ENTRY ==Home address 2001:db8:0:0:0:0:0:beefCare-of address 2001:db8:5:0:217:9aff:feb7:5671

flags: IP6_MH_BU_HOME IP6_MH_BU_ACK IP6_MH_BU_KEYMFri Nov 21 22:34:20 mn send home bu: New bule for HA

Care of address 2001:db8:5:0:217:9aff:feb7:5671CN address 2001:db8:0:0:0:0:0:1lifetime = 262140, delay = 1500flags: IP6_MH_BU_HOME IP6_MH_BU_ACK IP6_MH_BU_KEYMFri Nov 21 22:34:20 mn send home bu: New bule for HAFri Nov 21 22:34:20 mn_send_home_bu: New bule for HAFri Nov 21 22:34:20 dump_migrate: ifindex 15Fri Nov 21 22:34:20 dump_migrate: hoa 2001:db8:0:0:0:0:0:beefFri Nov 21 22:34:20 dump_migrate: ha 2001:db8:0:0:0:0:0:1Fri Nov 21 22:34:20 dump_migrate: ipsec ESP

Fri Nov 21 22:34:20 mn_send_home_bu: New bule for HAFri Nov 21 22:34:20 dump_migrate: ifindex 15Fri Nov 21 22:34:20 dump_migrate: hoa 2001:db8:0:0:0:0:0:beefFri Nov 21 22:34:20 dump_migrate: ha 2001:db8:0:0:0:0:0:1Fri Nov 21 22:34:20 dump_migrate: ipsec ESPFri Nov 21 22:34:20 dump_migrate: ifindex 15Fri Nov 21 22:34:20 dump_migrate: hoa 2001:db8:0:0:0:0:0:beefFri Nov 21 22:34:20 dump_migrate: ha 2001:db8:0:0:0:0:0:1Fri Nov 21 22:34:20 dump_migrate: ocoa 2001:db8:0:0:0:0:0:beef

Fri Nov 21 22:34:20 dump_migrate: ifindex 15Fri Nov 21 22:34:20 dump_migrate: hoa 2001:db8:0:0:0:0:0:beefFri Nov 21 22:34:20 dump_migrate: ha 2001:db8:0:0:0:0:0:1Fri Nov 21 22:34:20 dump_migrate: ocoa 2001:db8:0:0:0:0:0:beefFri Nov 21 22:34:20 dump_migrate: ncoa 2001:db8:5:0:217:9aff:feb7:5671Fri Nov 21 22:34:20 dump_migrate: ipsec ESPFri Nov 21 22:34:20 mh_send: sending MH type 5from 2001:db8:0:0:0:0:0:beefto 2001:db8:0:0:0:0:0:1

Fri Nov 21 22:34:20 dump_migrate: ncoa 2001:db8:5:0:217:9aff:feb7:5671Fri Nov 21 22:34:20 dump_migrate: ipsec ESPFri Nov 21 22:34:20 mh_send: sending MH type 5from 2001:db8:0:0:0:0:0:beefto 2001:db8:0:0:0:0:0:1

Folie 23

to 2001:db8:0:0:0:0:0:1Fri Nov 21 22:34:20 mh_send: local CoA 2001:db8:5:0:217:9aff:feb7:5671Fri Nov 21 22:34:20 bul_update_timer: Updating timer



MIPv6 Connection (from the MN Side): MIPv6 Connection (from the MN Side):== BUL_ENTRY ==Home address 2001:db8:0:0:0:0:0:beefCare-of address 2001:db8:5:0:217:9aff:feb7:5671CN address 2001:db8:0:0:0:0:0:1lifetime = 262140, delay = 1500flags: IP6_MH_BU_HOME IP6_MH_BU_ACK IP6_MH_BU_KEYMFri Nov 21 22:34:20 mn_send_home_bu: New bule for HA

d f d Fri Nov 21 22:34:20 dump_migrate: ifindex 15Fri Nov 21 22:34:20 dump_migrate: hoa 2001:db8:0:0:0:0:0:beefFri Nov 21 22:34:20 dump_migrate: ha 2001:db8:0:0:0:0:0:1Fri Nov 21 22:34:20 dump_migrate: ipsec ESPp g pFri Nov 21 22:34:20 dump_migrate: ifindex 15Fri Nov 21 22:34:20 dump_migrate: hoa 2001:db8:0:0:0:0:0:beefFri Nov 21 22:34:20 dump_migrate: ha 2001:db8:0:0:0:0:0:1Fri Nov 21 22:34:20 dump migrate: ocoa 2001:db8:0:0:0:0:0:beef

Fri Nov 21 22:34:20 mh_send: sending MH type 5f 2001 db8 0 0 0 0 0 b f

Fri Nov 21 22:34:20 dump_migrate: ocoa 2001:db8:0:0:0:0:0:beefFri Nov 21 22:34:20 dump_migrate: ncoa 2001:db8:5:0:217:9aff:feb7:5671Fri Nov 21 22:34:20 dump_migrate: ipsec ESPFri Nov 21 22:34:20 mh_send: sending MH type 5f 2001 db8 0 0 0 0 0 b f

Folie 24

from 2001:db8:0:0:0:0:0:beefto 2001:db8:0:0:0:0:0:1Fri Nov 21 22:34:20 mh_send: local CoA 2001:db8:5:0:217:9aff:feb7:5671Fri Nov 21 22:34:20 bul_update_timer: Updating timer

from 2001:db8:0:0:0:0:0:beefto 2001:db8:0:0:0:0:0:1Fri Nov 21 22:34:20 mh_send: local CoA 2001:db8:5:0:217:9aff:feb7:5671Fri Nov 21 22:34:20 bul_update_timer: Updating timer


MIPv6 Connection (from the MN Side): MIPv6 Connection (from the MN Side):== BUL_ENTRY ==Home address 2001:db8:0:0:0:0:0:beefCare-of address 2001:db8:5:0:217:9aff:feb7:5671CN address 2001:db8:0:0:0:0:0:1lifetime = 262140, delay = 1500flags: IP6_MH_BU_HOME IP6_MH_BU_ACK IP6_MH_BU_KEYMFri Nov 21 22:34:20 mn_send_home_bu: New bule for HAFri Nov 21 22:34:20 dump migrate: ifindex 15Fri Nov 21 22:34:20 dump_migrate: ifindex 15Fri Nov 21 22:34:20 dump_migrate: hoa 2001:db8:0:0:0:0:0:beefFri Nov 21 22:34:20 dump_migrate: ha 2001:db8:0:0:0:0:0:1Fri Nov 21 22:34:20 dump_migrate: ipsec ESPFri Nov 21 22:34:20 dump migrate: ifindex 15Fri Nov 21 22:34:20 dump_migrate: ifindex 15Fri Nov 21 22:34:20 dump_migrate: hoa 2001:db8:0:0:0:0:0:beefFri Nov 21 22:34:20 dump_migrate: ha 2001:db8:0:0:0:0:0:1Fri Nov 21 22:34:20 dump_migrate: ocoa 2001:db8:0:0:0:0:0:beefFri Nov 21 22:34:20 dump_migrate: ncoa 2001:db8:5:0:217:9aff:feb7:5671Fri Nov 21 22:34:20 dump_migrate: ipsec ESPFri Nov 21 22:34:20 mh_send: sending MH type 5from 2001:db8:0:0:0:0:0:beefto 2001:db8:0:0:0:0:0:1

Folie 25Fri Nov 21 22:34:20 bul_update_timer: Updating timer



MIPv6 Connection (from the MN Side): MIPv6 Connection (from the MN Side):== BUL_ENTRY ==Home address 2001:db8:0:0:0:0:0:beefCare-of address 2001:db8:5:0:217:9aff:feb7:5671CN address 2001:db8:0:0:0:0:0:1CN address 2001:db8:0:0:0:0:0:1lifetime = 262140, delay = 1500flags: IP6_MH_BU_HOME IP6_MH_BU_ACK IP6_MH_BU_KEYMFri Nov 21 22:34:20 tunnel_mod: modifying tunnel 15 end points with from

2001:db8:5:0:217:9aff:feb7:5671 to 2001:db8:0:0:0:0:0:12001:db8:5:0:217:9aff:feb7:5671 to 2001:db8:0:0:0:0:0:1Fri Nov 21 22:34:20 __tunnel_mod: modified tunnel iface ip6tnl1 (15)from

2001:db8:5:0:217:9aff:feb7:5671 to 2001:db8:0:0:0:0:0:1Fri Nov 21 22:34:21 mn_recv_ba: 1039Fri Nov 21 22:34:21 mn recv ba: Got BA from 2001:db8:0:0:0:0:0:1 to home address

Fri Nov 21 22:34:21 mn_recv_ba: Dumping corresponding BULE

Fri Nov 21 22:34:21 mn_recv_ba: Got BA from 2001:db8:0:0:0:0:0:1 to home address2001:db8:0:0:0:0:0:beef with coa 2001:db8:5:0:217:9aff:feb7:5671 and status 0

Fri Nov 21 22:34:21 mn_recv_ba: Dumping corresponding BULE

Folie 26


MIPv6 Connection (from the MN Side): MIPv6 Connection (from the MN Side):== BUL_ENTRY ==Home address 2001:db8:0:0:0:0:0:beefCare-of address 2001:db8:5:0:217:9aff:feb7:5671CN address 2001:db8:0:0:0:0:0:1CN address 2001:db8:0:0:0:0:0:1lifetime = 262140, delay = 249033000flags: IP6_MH_BU_HOME IP6_MH_BU_ACK IP6_MH_BU_KEYMFri Nov 21 22:34:23 mpd_schedule_first_mps: schedule MPS in 2332795 s

Fri Nov 21 22:34:27 md update router stats: add coa 2001:db8:5:0:217:9aff:feb7:5671 on Fri Nov 21 22:34:27 md_update_router_stats: add coa 2001:db8:5:0:217:9aff:feb7:5671 on interface (6)

Folie 27

5 EXPERIMENTAL RESULTS 5. EXPERIMENTAL RESULTS

• How long is the connection time and how fast goes the signal down ?• How long is the connection time and how fast goes the signal down ?• Test Object:- An Access Point with a D-Link DWL-G520 and a Laptop with a DWL-650

wireless card :wireless card : Receiver Sensitivity: -68 dBm for 54 Mbps

-89 dBm for 1 MbpsT itt O t t P 15 dB ± 2dBTransmitter Output Power: 15 dBm ± 2dB

• Test Procedure:- A bash script is written to automatic establish and disestablish the

i l tiwireless connection- A script is run 1000 times

Folie 28


• The Floor Plan:• The Floor Plan:

1.75mAP

15m20m32m

Folie 29


• Signal To Noise Ratio :• Signal To Noise Ratio :

Folie 30


• Signal To Noise Ratio :• Signal To Noise Ratio :- The distance doesn’t mean everything in our experiment- The wireless environment are also calculated

Th th l d l d t fi t h f t th bil d- The path loss model are used to figure out how fast the mobile node signal will be lost when it’s moving.

10 X

Whereas:

0 10 100

+ X

n : path loss exponentd0: the close-in reference distanced: the T-R distanceX: a Gaussian random variable

- The path loss exponent n in our experiment is 3.9- The shadowing variance in our experiment is 3.6

Folie 31

g p


The test result of the RADIUS connection

Folie 32

79.4% 72.5% 15m1.8m80%

80%

60% 60%

40%40%

20%

40%

20%

0.3% 0.1%2 3 4 5 6 7 10 11

0 02 3 4 5 6 7 10 13

66 8%20m 32m80%

30%66.8%

16 2%

27.2%60%

40%

30%

20%16.2%40%

20% 10%

0.9%03 4 5 6 7 11 14 >20

01 2 3 4 5 6 7 8 10 12 14 15 16 18 20 >20


The test result of the MIPv6 connection

Folie 34

72.4% 67.9%1.8m 15m80% 80%

60%

40%

60%

40%

0 5% 0 6%

20% 20%

0.5% 0.6%3 4 5 6 7 8 13 14 15 16 17 >20

0 03 4 5 6 7 8 13 14 15 16 >20

48.6%20m60%

40%

20.5%20%

03 4 5 6 7 8 10 11 13 14 15 16 17 19 >20


• The summary of the Radius and MIP Connection :

Radius

conn

ectMIPv6

ssib

le to

cIm

po

Folie 36


• The Timer:

RADIUS Radvd MIPv6

Resend: 5 secs Resend: 10 secs Resend: 10 secsIKE Phase 1: 15 secs IKE Phase 2: 10 secsIKE Phase 2: 10 secs

Folie 37

6 SUMMARY AND CONCLUSIONS 6. SUMMARY AND CONCLUSIONS

• Conclusions:• Conclusions:- The RADIUS can be operated in at the coverage limit 4 dBm Signal to

Noise ratioThe MIPv6 is impossible when the Signal to Noise ratio is under 10 dBm- The MIPv6 is impossible when the Signal to Noise ratio is under 10 dBm

- The MIPv6 can be operated in the office environment, which has a 2x20m distance between two access points

• Challenge and future works: MIPv6 deamon is still beta

I f i t i ibl t t t Iperf is not impossible to test MIPv6 Handoff is too long because of wpa_supplicant

Folie 38

Thank You Very MuchQ ti ?Question ?

Folie 39


• Radius:• Radius: The most successfully Radius Connection

79.4%72.5% 66.8%

800

66.8%600

27.2%400

200

1.75 15 20 320

Folie 40

1.75 15 20 32


• Radius:• Radius: The failed Radius Connection

16.2%160

120

80

40

0.3% 0.1% 0.9%

1.75 15 20 320

Folie 41

1.75 15 20 32


• MIPv6:• MIPv6: The most successfully MIP Connection

72.4% 67.9%800

48.6%600

400400

200

0%1.75 15 20 32

0

Folie 42

1.75 15 20 32


• MIPv6:• MIPv6: The failed MIP Connection

100%

1200

1000

800

600

20 5%

600

400

0.5% 0.6%

20.5%

1.75 15 20 32

200

0

Folie 43

1.75 15 20 32


• IPv6IPv6- Longer addresses- Stateless address

autoconfigurationautoconfiguration - Increase security- Support realtime data traffic

(quality of service)(quality of service)- Support mobility (MIPv6)

Next ength Type ReservedNext Header

ength Type Reserved

Checksum Data

Folie 44

Mobility Header IPSec Header


• How does Radius work ?• How does Radius work ?

NAS N t k A S

Folie 45

NAS: Network Access ServerAAA: Authentication, Authorization & Accounting

Date post:	02-Aug-2018
Category:	Documents
Upload:	hoangtuyen
View:	213 times
Download:	0 times

HANDS-ON THE DEPLOYMENT OF A LABORATORY WIRELESS NETWORK€¦ · HANDS-ON THE DEPLOYMENT OF A...

Documents