jigsaw solving the puzzle of enterprise 802 11 analysis
Download
Skip this Video
Download Presentation
Jigsaw: Solving the Puzzle of Enterprise 802.11 Analysis

Loading in 2 Seconds...

play fullscreen
1 / 22

Jigsaw: Solving the Puzzle of Enterprise 802.11 Analysis - PowerPoint PPT Presentation


  • 88 Views
  • Uploaded on

Jigsaw: Solving the Puzzle of Enterprise 802.11 Analysis. Yu-Chung Cheng John Bellardo, Peter Benko, Alex C. Snoeren, Geoff Voelker, Stefan Savage. Enterprise 802.11?. Easy. Blanket the building with 802.11 APs for 100% coverage. A familiar story. “The wireless is being flaky.”.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Jigsaw: Solving the Puzzle of Enterprise 802.11 Analysis' - dieter-morin


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
jigsaw solving the puzzle of enterprise 802 11 analysis

Jigsaw: Solving the Puzzle of Enterprise 802.11 Analysis

Yu-Chung ChengJohn Bellardo, Peter Benko, Alex C. Snoeren,

Geoff Voelker, Stefan Savage

enterprise 802 11
Enterprise 802.11?

Easy. Blanket the building with 802.11 APs for 100% coverage

a familiar story
A familiar story...

“The wireless is being flaky.”

“Flaky how?”

“Well, my connections got dropped earlier and now things seem very sloooow.”

“OK, we will take a look”

Employee

“Wait, wait … it’s ok now”

“Mmm… well let us know if you have any more problems.”

Support

Now what?

what are the problems
What are the problems?
  • Contention with nearby wireless devices?
  • Bad AP channel assignments?
  • Microwave ovens?
  • Congestions in the Internet?
  • Bad interaction between TCP and 802.11?
  • Rogue access points?
  • Poor choice of APs (weak signal)?
  • Incompatible user software/hardware?
  • 802.11 DoS attack?!

Need to monitor the wireless network across time, locations, channels, and protocol layers

jigsaw
Jigsaw
  • Measure real large wireless networks
    • Collect every possible information
      • PHY/Link/IP/TCP/App layer trace
      • Collect every single wireless packet
    • Need many sniffers for 100% coverage
  • Provide global view of wireless networks across time, locations, channels, and protocol layers
new cse building at ucsd
New CSE building at UCSD
  • 150k square feet
    • 4 floors
  • >500 occupants
    • 150 faculty/staff
    • 350 students
  • Building-wide WiFi
    • 39 access points
    • 802.11b/g
      • Channel 1, 6, 11
    • 10 - 90 active clients anytime
    • Daily traffic ~5 GB
ucsd passive monitor system
UCSD passive monitor system
  • Overlays existing WiFi network
    • Series of passive sniffers
    • Blanket deployment over 4 floors
  • 39 sensor pods (156 radios)
    • 4 radios per pod, cover all channels in use
    • Captures all 802.11 activities
      • Including CRC/PHY events
    • Stream back over wired network to a centralized storage
jigsaw design
Jigsaw design

Traces synchronization and unification

L2 state reconstruction

TCP flow reconstruction

synchronization

TSF diff of two sniffers

TSF diff (us)

Time (s)

Synchronization
  • Create a virtual global clock
    • To keep unification working
    • Critical evidence for analysis
      • If A and B are transmitting at the same time they could interfere
      • If A starts transmitting after B has started then A can’t hear B
  • Require fine time-scales (10-50us)
    • NTP is >100 usec accuracy
    • 802.11 HW clocks (TSF) have 100PPM stability
traces synchronization and unification
Traces synchronization and unification
  • Sniffers label packets w/ local timestamp (TSF)
  • Need a global clock
  • Estimate the offset between TSF and the global clock for each sniffer
trace unification reality

JFrame 1

JFrame 2

JFrame 3

JFrame 4

JFrame 5

Trace unification (reality)

Jigsawunifiedtrace

Time

challenge sync at large scale

1

2

3

4

∆t1

∆t2

To

Challenge: sync at large-scale
  • How to bootstrap?
    • Goal: estimate the offset between TSF and the global clock for each sniffer
    • Time reference from one sniffer to the other
  • Sync across channels
    • Dual radios on same sniffer slaved to same clock
  • Manage TSF clock skews
    • Continuously re-adjust offsets when unifying frames
jigsaw in action
Jigsaw in action
  • Jigsaw unifies 156 traces into one global trace
  • Covers 99% of AP frames, 96% of client frames
slide16

PHY errors

CRC errors

L2-ACK

Beacon

Synchronized

Valid packets

jigsaw syncs 99 frames 20us
Jigsaw syncs 99% frames < 20us
  • Measure sync. quality by max dispersion per Jframe
  • 20 us is important threshold
    • 802.11 back-off time is 20 us
    • 802.11 inter frame time is 50 us
    • Sufficient to infer many 802.11 events
hidden terminal problems
Hidden terminal problems
  • Infer transmission failure by absence of ACK
  • Estimate conditional probability of loss given simultaneous transmission by some hidden-terminal
  • How much packet is lost due to hidden-terminal?

?

sender

receiver

hidden terminal

hidden terminal problems1
Hidden Terminal Problems
  • 10% of sender-receiver pairs have over 10% losses due to hidden terminals
trace analysis

TCP loss rate in wireless vs. in Internet

802.11 b/g interactions

ARP Broadcast Storms

Microwave Ovens

Trace analysis
moving forward
Moving forward
  • Developed “Jigsaw” that allows
    • 24x7 monitor system in UCSD CSE w/ 156 sniffers
    • Global fine-grained view of large wireless network (time, locations, channels)
    • Jigsaw software will be available shortly
  • Ongoing work
    • Root cause diagnoses of end-to-end performance in wireless networks
    • Standard wireless problem analysis
      • Ex. Exposed terminal problems
slide22
Q & A

Live traffic monitoring and more information at http://wireless.ucsdsys.net

ad