WLAN eye in the sky

Security is the most frequent culprit in a WLAN configuration headache, but WLAN-specific network problems such as RF (radio frequency) interference, vendor interoperability, and traffic versus signal distribution all add to the pain. It’s enough to make you look back at copper with a certain fondness.

Getting a handle on all these issues requires a WLAN-specific network toolkit. Network Instruments let me take a look at its WLAN network analyser product, Observer 8.3, created to fill that need. Many will be familiar with Observer and Observer Suite, a mature product that has been managing wired networks for more than 10 years. Observer 8.3 has those features, but also includes wireless-specific tools.

Observer is a software application that gathers much of its information via software probes deployed elsewhere on the network. This can make initial configuration a bit of a headache because you must understand Observer’s core network analysis application before you can extend its use to the WLAN spectrum.

I tested Observer at the University of Hawaii’s Advanced Network Computing Lab. With the probe connected to the dual-function Orinoco NIC (network interface card), I was able to scan in both the 802.11a and 802.11b ranges, although not simultaneously.

A notebook is probably your best platform choice, but WLAN NIC selection is equally important because NI rewrites the drivers associated with the WLAN cards it supports. The benefit is that NI’s drivers allow you to do more than your NIC manufacturer’s native drivers; specifically, you can switch between promiscuous mode (analyser mode) and normal NIC operation without dragging yourself through a driver re-install. The downside is that you must stick to an approved wireless NIC from the list on NI’s Web site.

You must also add all the WEP (Wired Equivalent Privacy) keys your probe might run into; setting up multiple site profiles makes this easier. I was able to walk into any of the campus’s half-dozen or so wireless hot spots and create connectivity profiles for each site. This is a great option for consultants, because you can repeat this setup for multiple clients.

Observer provides a highly intuitive interface, resulting in a surprisingly quick learning curve. A Wireless Network Vital Signs screen is the usual entry point into an analysis session, and does a good job as a snapshot viewer of your WLAN. From here, you can get a clear picture of bandwidth utilisation, signal strength vs signal quality, and even the distribution of directed packets vs non-directed packets.

Once you have identified a potential problem, you can drill down to station-specific statistics via an Access Point Statistics screen or the more familiar Top Talkers view. The Access Point Statistics view provides a quick list of all access points in range as well as their associated names and addresses. You can also see any wireless stations connected to an access point; signal strength, signal quality, and data transfer rates for each access point; and, of course, each access point’s traffic totals. Frankly, I found this screen almost more valuable as a WLAN snapshot device than the Network Vital Signs screen.

For those doing wired network analysis with Observer, NI has added functionality to many existing screens. The Expert Analysis view, for example, now provides a Wireless Events view to manage real-time and post-capture mode analysis next to traditional wired equivalents. Administrators can see each station sending and each station receiving any tracked wireless event, with a colour-coded status indicator showing the event’s importance. A set of useful statistics includes the number of packets in an event and the number of associated send/receive attempts, as well as reported WEP errors.

Overall, Observer 8.3 is functionally superior to products in the freeware or shareware WLAN analyser arena and stands out among the growing list of commercial WLAN analysers.

I tested NI’s Observer 8.3 at the University of Hawaii’s Advanced Network Computing Lab using a preconfigured Compaq Evo n800 with a Pentium 4 2.4GHz CPU and 512MB of RAM. I checked that Observer could identify all access points, as well as their type (802.11a or 802.11b), and provide all required base statistics — MAC (media access control) and IP addresses, whether the device was WEP enabled, basic transfer rates — by visiting multiple wireless sites across the University of Hawaii campus. These were easy, but I couldn’t find a simple way to determine if the AP (access point) was in ad hoc or in infrastructure (bridge) mode, other than looking at its list of associated stations and making an educated guess.

I ran the device through a few scenario tests, including one where two stations had the same MAC address and several stations were attempting to use the same IP address. Observer had no trouble rooting out the problem in either situation. Finally, I used Observer’s inherent signal strength statistics to determine which APs were slightly out of range of one another and make appropriate adjustments in their placements to improve connectivity. w

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about CompaqNetwork InstrumentsNICOrinoco

Show Comments