Jump to content.

Services/ Wireless Network

EECS maintains comprehensive IEEE 802.11n compliant wireless networks, covering Soda, Cory and Sutardja Dai Halls, among other places.

Centrally managed Cisco Aironet hardware allows multiple virtual wireless LANs on the same access point (WAP). This enables us to broadcast the campus wide AirBears signal as well as EECS specific WLANs, which offer better performance and security. Access to the higher performance EECS WLANs is restricted to people with IRIS accounts.

Wireless LANs

The wireless access points in EECS carries the following SSIDs:

EECS-Secure
This high-performance 802.11n WLAN offers the best security; WPA2 security with AES encryption and 802.1X authentication for registered devices.
EECS-Open
This WLAN replaced “EECS-11a”. EECS-Open is an unencrypted 802.11n WLAN with EECS LDAP based web authentication and is available only to registered devices.
EECS
The original WLAN in the EECS department. It offers weak WEP encryption and is broadcast only at 2.4GHz. Devices need to be registered to use this SSID and only the helpdesk is allowed to configure the WEP password on a device.
EECS-Guest
This WLAN is for guest access.
AirBears
AirBears is the campus wide wireless network. Traffic on AirBears is unencrypted and access is granted via web based CalNet authentication. EECS broadcasts the AirBears signal, but the access managers hardware is maintained by IST. Because it's a joint project, supporting AirBears in EECS can be difficult.

History

The first version of the EECS production wireless network infrastructure was officially deployed September 18, 2000. This network initially covered only Cory and Soda Halls. The network used the IEEE 802.11b protocol at 2.4GHz.

Our second generation wireless network adopted centrally managed Airespace access points which added support for 54Mbps 802.11a at 5GHz.

The current EECS wireless network is built upon Cisco Aironet access points and controllers and supports the next generation of WiFi wireless technology, 802.11n, at both 2.4GHz and 5GHz.

Performance

Our emphasis is on connectivity over the widest area within EECS rather than data throughput.

802.11b (discontinued on EECS networks as of 2012-01-31)

The 802.11b standard is an 11Mbps system. However, you're is unlikely to see performance in that range. Using 802.11b, transfer rates in the 3.2-5Mbps are possible in optimal conditions. In real world scenarios, 802.11a and 802.11n perform at similar percentages of their peak theoretical throughput.

802.11g

In the past, for 2.4GHz clients, EECS supported only 802.11b and not 802.11g (54Mbps). On our third generation network, we now support 802.11g in addition to 802.11n at 2.4GHz.

However, while 802.11g may appear faster on paper, it's usefulness in a large scale environment is limited.

One of the real weakness of 802.11b in the enterprise is the 3 channel limit of the 2.4GHz spectrum. 802.11g suffers from this same co-channel interference.

Additionally, unless you run an 802.11g network as a pure 802.11g net (with no b nodes) there is no throughput advantage of g over b. All g nodes throttle down to b speeds. Given the installed base of b nodes in our environment, it is not likely that we would see any performance gain with g.

802.11n

802.11n is an emerging standard that uses several schemes to increase data throughput 4-6 times over what is possible with 802.11a or 802.11g. To get the full benefit of 802.11n technology, you will need a recent wireless adapter. However, even legacy 802.11a/b/g clients experience better performance because the 802.11n Access Points are better at “hearing” client devices. As a consequence, the uplink data rate is higher.

Also, some WLANs are dual band enabled and work with either 2.4GHz or 5GHz clients. The 5GHz band is strongly preferred. Despite having less effective propagation at 5GHz, our dense WAP deployment mitigates this shortcoming.

5GHz is a much less crowded band with far less noise at this band and six channels instead of only three offered at 2.4GHz. Co-channel interference with other WiFi radios is greatly minimized. Additionally, 5GHz offers the capability of running 40Mhz wide channels instead of the usual 20MHz, further increasing throughput.

Dual band clients do not always make the best choice of band and we have disabled both the 1Mbps and 2Mbps data rates at 2.4GHz in an effort to mitigate this. Clients will more often choose 5GHz if they support it. This scheme is used successfully at many enterprises (especially in education) without adverse effects.

Access Control

All the wireless networks are configured such that all systems must be configured as DHCP clients.

On all the EECS specific WLANs, devices need to be registered. Some of the WLANs require additional encryption configuration.

Access control on AirBears is managed by a captive web portal and CalNet.

Encryption

Since 802.11 technology transmits directly into open air, traffic is vulnerable to attack without good encryption.

The original EECS WLAN requires use of WEP (wired equivalent privacy) encryption. This is a 128-bit encryption add-on that encrypts the data while it is traveling through the air. A password must be entered into the user's system by the helpdesk before the card can become associated with any EECS WAPs. Unfortunately WEP is weak and the encryption scheme has been broken.

AirBears and EECS-Open provide no encryption. When using these WLANs, you should always use higher layer encryption such as SSL or SSH for any authentication or critical traffic.

The EECS-Secure WLAN uses the WPA2-Enterprise protocol which provides a much stronger layer of security and integrated authentication.

These settings should be used to connect to EECS-Secure:

Other 2.4GHz & 5Ghz devices

Since there is a real possibility of other radio devices interfering with the wireless network, IRIS regulates the deployment of any other wireless equipment within the EECS service area. This includes both access points and non-802.11 devices.

IRIS networking staff will need to authorize the installation of any new devices using the 2.4GHz or 5GHz frequencies. While this may seem strict, with wireless the scope of research and production networks propagate through the same airspace. Unexpected problems are extremely difficult to detect and pinpoint.

Services Status

Resolved