802.11 State Machine

In the wired world, to connect to the network you would plug in your Ethernet cable into the switch. In the wifi world, you must connect to the access point.

How does the station (STA) and access point agree to this connection?

I’m going to attempt to break it down step-by-step on this post.

In my example, I have one STA connecting to an open SSID. The summary of it all is as follows:

  1. STA is unauthenticated and unassociated
  2. STA becomes authenticated and unassociated
  3. STA becomes authenticated and associated
  4. STA clears security requirements such as 802.1X, if required

802.11 Authentication and Association


The STA begins the process by performing a passive or active scan. In the passive mode, the STA is listening for beacons from an access point. The beacon frame contains the BSSID which is the MAC address of the radio sourcing from the access point.

Beacon frame from Wireshark.

Wireshark capture of the beacon frame

The beacon frame is a type of management frame defined in 802.11-2007. It includes capability information and parameters.

Beacon Frame - CapabilitiesContinue Reading…

What You Need To Know About CCNA Security 210-260

CCNA Security logoCisco announced the end of CCNA Security v2.0 exam for November 30th, 2015. After that date, you may only take the new 210-260 exam.

You have the choice to pick either exam at the moment.

So what’s new with CCNA Security? What do you need to know between v2.0 and v3.0 (210-260). The CCNA Security is an Associate level exam from Cisco Systems, focusing on the Security track.

The prerequisites for this certification is a valid CCENT or CCNA Routing and Switching certification. At 90 minutes, you will be presented with 60-70 questions and it is proctored by Pearson Vue.

What’s New In 210-260?

Otherwise known as IINS or Implementing Cisco Network Security, this latest revision gets pared down from 9 objectives to 7. A couple of objectives were shuffled around and combined with others.

An example is the Security Concepts objective. I welcome this change as v2.0 used to have concepts scattered in different objectives. Most of these require you describe or identify common security concepts.

For many of the objectives, I welcome the configuration bullets. Many of them appear to be what’s required for real world work.Continue Reading…

What Is SNR – Signal To Noise Ratio

Imagine being at a large, crowded concert. Everyone is screaming and singing along to the music. You turn to your significant other and say how awesome the concert is. Even though you’re right next to each other, you can barely hear one another.

Speaking above the concert noise floor.

You have to speak loud above the concert noise floor to be heard.

The people around you and the band playing is called the noise floor. That is what would be the ambient noise for the duration of the concert.

You would have to speak above the noise floor for your partner to hear and understand what you’re saying. The difference between your voice and the noise floor is what SNR is.

It’s important to know that the receiving person not only HEAR you but also UNDERSTAND. This is comparable to saying a wireless radio has signal, but can’t demodulate a signal from an access point. The device radio must be able to demodulate in order to understand the bits.

Signal-To-Noise Ratio

SNR stands for Signal-to-Noise Ratio. SNR is a comparison of the signal to the background noise or otherwise known as noise floor. In fact, it’s not actually a ratio at all.

If the signal level is near the noise floor level then we witness data corruption. Not only is this bad for the sending and receiving radio, but also for surrounding radios (clients). The sender, such as an access point, will need to retransmit the frames back to the receiver because of data corruption. This is more known as retry rates.

A large retry rate decreases throughput. Everyone gets less airtime because of those retransmissions. Thus the wireless network appears slow, if not unusable. Frame retry rates as high as or above 15% should be looked into. And this could be a result of interference from neighboring access points, large number of clients, microwave ovens, bluetooth headsets, and other interferers.

Ideally, you want to aim for a higher SNR. I’d say 20 dB or greater is good SNR. Greater than 40 dB is even better!

Recommended minimum SNR for data is 18 dB and for voice over wifi it is 25 dB. As more interference is introduced, the SNR decreases because it raises the noise floor.

Continue Reading…