Help
FortiAP
FortiAP devices are thin wireless access points (AP) supporting the latest Wi-Fi technologies (multi-user MIMO 802.11ac Wave 1 and Wave 2, 4x4), as well as 802.11n, 802.11AX , and the demand for plug and play deployment.
laltuzar
Staff
Staff

Created on ‎05-23-2024 11:05 PM

Article Id 317009

Technical Tip: Wireless Roaming

Description

 

This article describes what roaming is and how it is performed.

 

Scope

 

FortiAPs any version.

 

Solution

 

Roaming is a client's ability to maintain its association with the wireless network while physically moving from one Access Point (FortiAP) coverage area to another, where another FortiAP of the same solution provides its network coverage. This ability allows a wireless client (station or STA) to seamlessly switch between different FortiAPs without losing connectivity to the network.

 

How do wireless clients locate FortiAPs:
STAs use active and/or passive scanning to locate WLANs. The below image explains the main difference.

 

Active and Passive scanningActive and Passive scanning

As can be noticed, Active scanning uses Probe Request and Probe Response frames, whereas Passive scanning uses Beacon frames.

 

When STAs use Passive scanning, for example, the STA receives the detailed information of the WLAN on the Beacon frame and this information helps the STA to determine if the source FortiAP is a good target for connection. On the other hand, if Active scanning is used, the STA receives the information via the Probe Response frame.

This information is similar to the Beacon frame. In this second scenario, the client will determine if that is a good target for its roaming process and it will move onto the Open System Authentication phase.

 

To simplify how roaming works, check the step-by-step process of roaming in wireless networks below. In this example, it is going to be assumed that the wireless client (STA) has been already associated and authenticated to an Access Point. It will be referred to it as AP1 and the second Access Point as AP2:

 

Notice that more protocols might be involved and therefore slightly change this process. See 802.11k, 802.11v, and 802.11r (Fast BSS Transition).

 

  1. Signal quality monitoring:
  • The STA constantly monitors the signal quality (RSSI, SNR) of the current AP (AP1).
  • When the signal quality drops below a predefined threshold (defined by each vendor), the STA begins the roaming process.
  • It is the client who decides when and where to roam, however, this decision might be influenced by signal strength received from an Access Point, Data rates supported and other parameters matching the client, and preference of 5GHz versus 2.4GHz.
  • There might be additional factors considered by the STAs, however since these client algorithms are defined by vendors, it is impossible to cover every factor used in the roaming process.

 

  1. Probe Request:

  • The STA sends a probe request to discover nearby 802.11 networks.
  • The Probe Request includes supported data rates, signal strength, and capabilities.
  • Access Points (APs) in range respond with probe responses containing network information. This includes the response from AP2.
  • The STA evaluates the received information and creates a list of candidate APs based on signal strength, capabilities, and policies (like security requirements and load balancing).

 

  1. Authentication:

  • Now that the STA has decided which AP to roam (AP2), it sends an 802.11 Authentication Request frame to AP2.
  • AP2 responds with an Authentication Response frame.
  • If successful, the STA is authenticated but not associated yet.

 

  1. Re-Association:

  • The STA sends a Re-Association Request to AP2.
  • The request includes encryption types and compatible capabilities.
  • AP2 responds with a Re-Association Response, granting network access and creating an Association ID.
  • The STA is now associated with the AP2, and data transfer can begin.

 

  1. Dynamic Roaming:

  • If the STA uses DHCP to get an IP, it will typically retain its address during the process. DHCP Request and DHCP Acknowledge messages should be seen at this step.
  • The new AP may need to retrieve the STA’s context (like security keys and QoS settings) from the old AP. This can be facilitated by protocols such as Inter-Access Point Protocol (IAPP) or IEEE 802.11r (Fast BSS Transition).
  • The network updates its data paths to route traffic.

 

As can be observed, monitoring signal quality on the STA and scanning for other FortiAPs are a critical part of roaming. On a network with poor wireless network design or fine-tuning, it might be observed that some STAs are still connected to a farther FortiAP, even though there is another one 'evidently' closer. However, the decision of roaming does not depend on the Wireless Controller (FortiGate in this case) or the FortiAP. This decision remains exclusively on the STA.

 

It is possible, however, to influence STA's decision in different ways:

  • Decrease TX power of nearby radios propagating its signal.
  • Configure Probe response suppression configurations on the VAP. See Ignoring weak or distant clients.

 

Let's remember that there must exist enough signal to allow the STA to perform a roam (secondary signal), but not so much as to flood the network with unnecessary signals.

Labels:
1122
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.