802.11 Handoff performance -- Bibliography

Several phases are in the critical path of the 802.11 handoff process. For this reason, the handoff latency effect can be caused by a combination of different factors. This article collects scientific publications related to this topic.

→ Read more...

Performance of EAP and RADIUS authentication in roaming scenarios

The Extensible Authentication protocol (EAP), is the main component of the standard AAA (Authentication Authorization and Accounting) framework for network access control. AAA frameworks support cross-domain authentication that enables a certain access network to authenticate a roaming client that belongs to a remote network. The cross-domain authentication requires message exchange between the AAA server of the visited network and the AAA server of the client's home network. Because these inter-domain exchanges occur over the Internet, they are subject to degradations such as packet loss and network delays thus increasing the overall authentication time. When the client changes of access point, the same authentication procedure takes place again, disrupting the user traffic at each hand-off.

In this article, we examine the performance of inter-domain EAP authentication in terms of authentication delay using an emulated environment.

→ Read more...

Release engineering and methodology with CVS branching and merging

Release engineering is the collection of methods, tools and techniques for managing software products releases. Projects using CVS need to define a release cycle in order to facilitate the addition and integration of new features and bug fixes. This document described my own release engineering methodology based on CVS and three branches (Main trunk, new-release branches and new feature branches)

→ Read more...

Handoff performance in 802.11 wireless networks: Understanding the delays

Performance evaluation of wireless security systems - Part 3

In 802.11 wireless networks, handoff refers to the process that takes place when a station (STA) decides to change of access point (AP). As I explainted in the previous article of this series ( Part2: The 802.11 handoff process ), the handoff process can be subdivided into 4 phases, each of these phases introduce communication and processing overhead that contributes to the overall handoff delay. This article examines the factors affecting handoff performance in 802.11 wireless access networks by investigating each of the four handoff phases and understand how performance degradation can occur.

→ Read more...

The 802.11 handoff process

Performance evaluation of wireless security systems - Part 2

This second article in the series “Performance evaluation of wireless security systems” is an in depth review of the 802.11 handoff process that occurs when a station (STA) changes of access point (AP). Since in this series we are focusing on enterprise networks, we will examine the 802.11i handoff and authentication process relying on back-end RADIUS servers.

→ Read more...

Secure IPv6 over IPv4 Tunnels with racoon2

This document is a step by step tutorial for establishing an IPv4 tunnel secured with IPSec for encapsulating IPv6 traffic. The tunnel allows a host to connect to a router, establish a secure IPSec tunnel, then use that tunnel to receive router advertisements and configure a global IPv6 address and from there, connect the the IPv6 Internet.

→ Read more...

Wireless security (WPA/WAP2) with EAP-TLS using wpa_supplicant and client SSL certificates: Linux setup

More and more wireless access networks are adopting 802.11i, the latest IEEE wireless network security standard. This howto explains how to configure and run a 802.11i supplicant (wpa_supplicant) with EAP-TLS authentication on your wireless network device.

→ Read more...

Wireless router using FreeBSD

This is a howto for creating a wireless access point using a FreeBSD computer equipped with a wireless network interface.

→ Read more...

Mounting and Accessing Windows/Samba shares in Unix/Linux with Sharity

Sharity is a software package that runs on Unix machines and allows you to mount shares exported by Windows (NT, 95, for Workgroups, etc.), OS/2, samba etc. in your filesystem. It's NOT an ftp-like client like the smbclient program distributed with samba, it really mounts the shares in your filesystem just as NFS does. Since the major release 2, Sharity supports browsing (like the Windows “Network Neighborhood”) and has a GUI for the configuration. This howto explains how to use sharity to access Windows partitions from FreeBSD. The same procedure should apply to similar operating systems.

→ Read more...

Performance evaluation of wireless security systems and AAA (RADIUS) protocols

Large wireless enterprise networks and wireless internet service providers use AAA (Authentication Authorization and Accounting) protocols in combination with IEEE wireless network security standards to manage their access network. Depending on several factors (network delay, packet loss rate, …), the security and AAA operations may generate delays that can affect the over all quality of service. This is particularly true for VoIP users with high mobility. When the handoffs become frequent, these can translate into frequent service disruption which makes the deployment of real time applications in wireless networks a tricky matter.

It is essential thus, for a wireless internet service provider or an institution deploying a large wireless access network to constantly monitor and evaluate the performance of its AAA operations in order to guarantee stable and reliable service.

In this series of articles, I explain a method for efficiently assessing the performance of the security infrastructure supporting your wireless network using exclusively open source software namely tshark, awk, bash, gnuplot and wpa_supplicant.

→ Read more...

Older entries >>










Wireless Internet Security Performance RADIUS server Wireless Internet Security Performance RADIUS server