Tip of the Month

March 2001

Troubleshoot Smarter With Your Wireless LAN Analyzer

The widespread acceptance of wireless networks based on the IEEE 802.11b standard is presenting network analysts with new challenges. The most obvious is obtaining the proper Wired Equivalency Protocol (WEP) key to decrypt packets captured by your protocol analyzer. Without it, you can't even view the end-to-end IP addresses, only the end-to-end MAC and optional base station addresses.

Less obvious is that the physical placement of your analyzer is critical when analyzing wireless networks. You need to have a strong signal to lessen the possibility that you will receive frames with CRC (Cyclic Redundancy Check, a.k.a. FCS or Frame Check Sequence) errors. Unlike wired Ethernets where frames captured with CRC errors were most likely also received in error by the destination MAC node, a wireless frame received by a wireless analyzer with a CRC error may have been received just fine by the destination.

Thus, when checking your wireless infrastructure for suspect transmission or reception problems (remember, always troubleshoot your suspected networking problems from the bottom up) by say, a wireless laptop, place the analyzer as close to that laptop as possible and capture packets during a "problem" session. Then, check each frame for signal strength, CRC errors, and for the retry bit set in the 802.11 frame control header which indicates that the frame has been retransmitted. Do the same near the base station (if any) that the laptop is communicating with and then at the destination. Doing so will clear or vindicate the wireless layer for that user. Then, you can move upward and onward and troubleshoot IP, TCP, HTTP, etc., just like any other network.