802.11 is commonly said to operate at data rates of 11 Mbps (802.11b) and 54 Mbps (802.11g and 802.11a), but these numbers don’t reflect the practical available throughput of an 802.11 network. This month, we’ll examine the disparity between the effective throughput and the reported data rate of an 802.11 network (and, to some degree, all wireless networks)
“Effective throughput” refers to the amount of data that a user perceives that he or she is able to transmit in a given amount of time. If the user sends a 10 MB (Megabyte) file across the network, and it takes 8 seconds, that equates to an effective throughput of 10 Mbps (Megabits per second). That number is calculated by converting 10 Mbytes to 80 Mbits and then dividing by 8 seconds.
The data rates associated with 802.11 networks reflect 802.11’s engineering details, not the practical results that real-world users should expect. When an 802.11 device transmits a packet, the bits that make up the packet are sent out the antenna into the air at some fixed rate. This is the “data rate” that is most commonly referred to when discussing 802.11. If the transmitter is using an 11 Mbps data rate, then, for the duration of the station’s transmission, it is sending eleven million 1’s and 0’s into the air every second (11 Mbps).
The discrepancy between the reported data rate and the effective throughput comes from network overhead. First of all, there are always going to be some periods of silence on a network, where no station is transmitting. Even if a station wants to transmit 100% of the time, the engineering requirements of the network mandate some silence. Any time there is silence, the effective throughput of the network drops below the data rate. A good analogy for this is the difference between traveling on an interstate highway and a smaller state highway. The speed limit (analogous to data rate) on the two roads might be the same, but the travel time (analogous to effective throughput) might be longer on the state highway, because there are occasional towns and intersections where the car slows down or stops. Second, some amount of the network’s available throughput is used for management traffic—that is, traffic between 802.11 stations that keeps the network running, but that is not directly related to carrying the users’ data. The combination of management traffic and mandated periods of network silence make up the overhead that reduces the effective throughput of 802.11 networks.
Dont' blame your computer or your wireless network - a 54 Mbps Wi-Fi connection doesn't give you 54 Mbps of throughput!
A third factor that reduces the effective throughput of 802.11 networks is packet corruption. If there is interference in the environment, packets can be corrupted. In that case, they will not be received and will have to be retransmitted. The bandwidth that was spent transmitting the corrupted packets will be wasted. We treat corruption overhead separately from mandated silence and management frames because all 802.11 networks are equally affected by mandated silence and management frames, while the amount of corruption that affects 802.11 networks varies from insignificantly low to excessively high.
What effective throughput can you realistically expect to get? An easy guideline to remember is 50% to 60% of the reported data rate. 50% is easy to calculate, so it’s used more often than 60%, even though 60% might reflect real-world results a little more accurately. That means that a network using 11 Mbps data rates should top out around an effective throughput of 5 or 6 Mbps. A network using 54 Mbps data rates should top out around 22 mbps.
It’s important to keep in mind that these numbers represent the maximum effective throughput that you should hope to receive, and that real-world results are often lower, usually due to packet corruption due to interference. If you find that your wireless network is achieving effective throughput rates significantly lower than 50% to 60% of the data rate, you might consider investigating whether interference is present. Remember that 802.11 has many different data rates that it can use, depending on how far you are from the access point (and other factors), so don’t always assume that you should be using 54 Mbps or 11 Mbps as the standard for comparison. Other possible data rates include 1, 2, 5.5, 11, 6, 9, 12, 18, 24, 36, 48, and 54 Mbps.
So, “who’s stealing your Wi-Fi bandwidth”? The answer may be, “nobody”! The difference between advertised data rates and effective throughput is all in the terminology, and as long as you understand what the speaker is referring to, you won’t be disappointed. Whenever you hear someone talking about 802.11 throughput, make sure to clarify whether he or she is talking about “data rates” (sometimes also called “modulation rates”) or “effective throughput”. This distinction is especially relevant when talking about 802.11n, the new 802.11 standard that is expected to be finalized in the next year or so. When discussing 802.11a, b, and g, people typically refer to the data rates, but for some reason, when discussing 802.11n, they typically refer to the effective throughput. This is probably a preferable method, as discussing the effective throughput leads to realistic expectations, while discussing data rates can lead to unrealistically high expectations of network performance.
Network overhead reduces your real-world 802.11 throughput from the advertised data rates of 11 Mbps and 54 Mbps. In this article, we’ll break that overhead down into its component parts so that you can really understand what’s taking away that throughput and what you can do about it.
Interframe spacing (IFS) refers to a mandatory period of silence that occurs between each frame on an 802.11 network. The purpose of IFS is, most fundamentally, to allow stations to realize that an incoming packet has ended. Without a period of silence between each packet, two packets might “run together,” and stations might misinterpret them as a single large packet, resulting in data corruption. IFS serves the additional purpose of prioritizing certain types of traffic on the network. Packets that require immediate transmission, such as 802.11 acknowledgements, use a shorter IFS value than packets that don’t’ require immediate transmission. This means that higher-priority packets are guaranteed to get access to the network when they want it. Lower-priority packets have to wait.
Packet-level headers make up some of the overhead on an 802.11 network. Each packet on an 802.11 network is preceded by headers: a preamble, to indicate that the packet is about to begin; a PLCP header; an 802.11 MAC layer header; and so forth. These headers are present in every packet and take up some of the bandwidth that could otherwise be used to transmit data. When transmitting large packets, the headers make up a relatively small amount of overhead, proportionally speaking, but when transmitting small packets, the headers can use up a significant percentage of network bandwidth. It’s worthwhile to keep in mind that all 802.11 networks have at least some small packets, because each 802.11 data frame requires an 802.11 acknowledgement, and 802.11 acknowledgements are universally small.
Management frames are a third component of 802.11 network overhead. Access points send Beacons 10 times per second (by default, in most cases). Stations send Probe Requests to look for new access points. Stations send Association and Authentication frames as they join the network. For any one access point or station, the amount of management frames sent can be relatively small, but when the number of access points and stations increases, as it usually does, the amount of bandwidth eaten up by this management data can be significant. This drives home the importance of careful 802.11 channel management. If two access points are on separate channels, then their management frames will use up bandwidth on separate channels as well, leaving more bandwidth for the stations. If two access points are on the same channel, their management frames will use up bandwidth only on the channel, and stations on the channel will have less to work with.
The final component of 802.11 network overhead is corrupted frames. When a frame is corrupted, the bandwidth that was used to transmit that frame is essentially wasted. The previously-listed components of network overhead are essentially the same for all 802.11 networks, and there’s not very much you can do to manipulate them. Corrupted frames, by contrast, are probably something you can influence. If your network throughput is lower than you think it should be, use a protocol analyzer to look for corrupted frames and/or a spectrum analyzer to look for interference sources. Once you have identified the channels on which corruption and interference is occurring, move 802.11 stations to channels that are far from the channels affected by the corruption and interference. Alternatively, increase the signal strength at the client to give the devices enough signal-to-noise ratio to overpower the interference source.
The free tool, iperf, is useful for measuring 802.11 network throughput. This tool generates a stream of TCP or UDP packets to determine the maximum throughput of a network link. It is available from this link.
The unfortunate truth is that most of the overhead of an 802.11 network is the result of engineering choices that can’t be changed. Rather than getting frustrated that networks are not achieving the “promised” 11 Mbps or 54 Mbps, one should revise one’s expectations to take that overhead into account. Packet corruption due to insufficient signal strength or interference is the one component of overhead that can be addressed.
Ask the Expert
802.11a Channel Numbers
Why is it that 802.11a channel numbers go 40, 44, 36, 48, and so forth, instead of 1, 2, 3, 4, 5, like 802.11b/g channels? What happened to the in-between channels, and why don’t they start with 1?
802.11a uses frequencies between 5 GHz and 6 GHz, but due to differences between the laws and regulations of individual countries, it doesn’t use exactly the same frequencies in every country. Because of these regulatory differences, the IEEE decided to use a versatile channel numbering scheme. The frequencies between 5 GHz and 6 GHz are divided into 5 MHz intervals, and each interval is assigned a sequential channel number. So, for example, a channel centered on the frequency 5.000 GHz would be channel 0, a channel centered on frequency 5.005 GHz would be channel 1, and so forth. The general formula for converting from a channel number to a frequency is
Frequency = 5 GHz + (5 MHz * Channel Number)
This starts to explain why the channel numbers don’t start with 1. In the United States, the rules under which 802.11a operates require that the lowest channel number be 36, which equates to a center frequency of 5.180 GHz. Use of frequencies below that number is prohibited by FCC regulations. So why not just call the channel that is at 5.180 GHz channel number 1? Because devices in other countries can use frequencies below 5.180, so what channel number would they use? Channel -1? A generic channel numbering method for all frequencies between 5 GHz and 6 GHz allows for unambiguous channel numbering no matter what frequencies a given country allows.
802.11a’s channel numbers skip frequencies for two reasons. First, 802.11 channels are spaced 20 MHz apart, to prevent interference between them. This means that two consecutive 802.11a channels have a difference of 4 channel numbers between them. Remember that each 802.11a channel number represents 5 MHz of spectrum, so a 20 MHz channel covers 4 channel numbers. This means that channels 36, 40, 44, and 52 are all consecutive 802.11a channels. Second, the channels skip numbers because the frequency bands 802.11a uses in the United States have gaps in them. This explains any skip in the channel numbers of more than four channel numbers.
In months past, Connect802 got wind of a vulnerability that could potentially allow hijacking of a computer via the computer’s wireless card. The security researchers who announced the vulnerability didn’t release its details, to give manufacturers time to fix it, which led some to question whether the vulnerability really existed. Due to these uncertainties, Connect802 has held off on reporting on this issue until now. The existence of the vulnerability has been confirmed and manufacturers are releasing patches.
The short version of the story is that any Wi-Fi adapter with Broadcom driver BCMWL5.SYS version 220.127.116.11 under Windows XP is vulnerable. Other versions of the same driver might also be vulnerable. The vulnerability results from Broadcom’s driver improperly parsing a Probe Response. A malformed Probe Response sent by an attacker can overflow a buffer in the receiving machine and allow “arbitrary kernel-mode code execution,” which can be turned into root-level ownership of the machine. Any machine with an affected driver is vulnerable as long as the wireless card is turned on. It doesn’t matter whether the card is associated to a network or not.
For more details, we point you to various articles that cover the topic fully, including an interview with Connect802’s own Joseph Bardwell. The original, questioned announcement is covered in this eWeek article: Hackers Expose ‘Critical’ Wi-Fi Driver Flaw. WiFi Net News covers the recent confirmation of the details of the vulnerability: Exploit released for Broadcom Driver: Windows, Other Platforms Can Be Hijacked. In this article, Broadcom says that they patched the vulnerability and distributed the patch to manufacturers, but it was then up to the manufacturers to incorporate the patch into their drivers and distribute it. Dell is one of the first vendors to release a patched driver. If you have a Dell wireless card, check this link to see if you are affected and to download the patch if you are.
When you're trying to specify what type of antenna cable you need to connect between an access point and some particular antenna it can be very confusing. There are Type N, SMA, TNC, MMCX, and other connector styles. Then, each one has a "standard" and a "reverse polarity" version, and then you select a male or female connector. Connect802 has tried to take some of the confusion out of the process by compiling a specifications page with pictures an descriptions of all the popular connector types.
Web Searching: The Connect802 Web Presence
At Connect802 we're your PAGE ONE resource for wireless networking!
Connect802 has the experience, expertise, and resources to help you with your wireless network system. Use your favorite search engine and see what Connect802 is doing. Each month we give you some suggested search terms for you to explore. Here's this month's list. As you look down the search engine results you'll find Connect802 either at the top, or on the first page (true for Google and Excite, unknown for the rest).