• Wireless Personal Area Networks (WPANs) provide wireless connections in personal

areas, which are generally point-to-point connections and small-scale network

connections.

▫ Features: easy-to-use, low-cost, and portable

▫ Main technologies: Bluetooth, ZigBee, and Near Field Communication (NFC),

working at the 2.4 GHz frequency band

▫ ZigBee applies to low-speed and low-power wireless networks, such as sensor

networks and wireless meter reading networks, as well as to smart toys, smart
homes, and smart agriculture.

▫ NFC is a short-distance high-frequency wireless communication technology.

Devices that use the NFC technology (such as smartphones) can exchange data
when they are close to each other.

• Wireless Local Area Networks (WLANs) use 2.4 GHz and 5 GHz frequency bands.

▫ High energy consumption

▫ Support for multiple users; flexible design

▫ Main technologies: 802.11n/ac/ax

• Wireless Metropolitan Area Networks (WMANs) are mainly used for backbone network
coverage.

▫ Frequencies must be applied before the WMAN is used. Public frequencies are
 acceptable but vulnerable to interference.

▫ Main technologies: WiMax (802.16)

• The term Wi-Fi suggests Wireless Fidelity, resembling the long-established audio-
equipment classification term Hi-Fi (used since 1950) or high fidelity (in use since the
1930s). Even the Wi-Fi Alliance itself has often used the phrase Wireless Fidelity in its
press releases and documents; the term also appears in a white paper on Wi-Fi from
ITAA. In fact, the word Wi-Fi is meaningless and not written in its entirety. If you ask a
common user what an 802.11 wireless network is, they may be confused, as most people
are used to calling it Wi-Fi. Wi-Fi is a market term, and people around the world use "Wi-
Fi" as a synonym for 802.11 wireless network.

• In 1999, several visionary companies formed the Wireless Ethernet Compatibility Alliance
(WECA), a global nonprofit association that aims to deliver the best user experience with
a new wireless network technology, regardless of brand. In 2000, the WECA adopted the
term "Wi-Fi" as its proprietary name for its technical work and announced its official name:
Wi-Fi Alliance.

• Wi-Fi products are rigorously tested by independent Authorized Test Laboratories of the
Wi-Fi Alliance. When a product successfully passes testing, the manufacturer or vendor is
granted the right to use the Wi-Fi logo, Wi-Fi CERTIFIED logo, and related trademarks.
The Wi-Fi Alliance uses the term "Wi-Fi CERTIFIED" to refer to these certified products.
Certification means that a product has been tested in numerous configurations with a
diverse sampling of other devices to validate interoperability with other Wi-Fi CERTIFIED
equipment operating in the same frequency band.
• Wireless networks adopt wireless network technologies defined by IEEE. When IEEE
officially defined the 802.11 standard in 1999, it selected and determined that the wireless
network technology invented by CSIRO is the best one in the world. Therefore, the
wireless network technology standard of CSIRO became the core technical standard of
Wi-Fi in 2010.
• The initial use of wireless networks can be traced back to World War II, when the U.S.
Army used radio signals for data transmission. They developed a radio transmission
technology, used together with a fairly high-intensity encryption technology, which was
widely used by the U.S. and Allied forces. They may not have thought that this radio
transmission technology would change our lives today.
• Many scholars took inspiration from this, and in 1971, researchers at the University of
Hawaii created the first radio communications network based on encapsulation
technology. This network, known as AlohaNet, is a fairly early WLAN. It consists of seven
computers that span four Hawaiian islands in a two-way star topology, with the central
computer on Oahu. Since then, wireless networks have been born.
• In 1990, the IEEE officially initiated the IEEE 802.11 project, and wireless network
technologies gradually became mature. Since the birth of the IEEE 802.11 (Wi-Fi)
standard, there have been 802.11a, 802.11b, 802.11g, 802.11e, 802.11f, 802.11h,
802.11i, 802.11j, 802.11n, 802.11ac, and 802.11ax. 802.11ax (Wi-Fi 6) has been
designed and launched to deliver high-speed, high-quality WLAN services for users.
• In 1993, AT&T released the 2.4 GHz WaveLAN, which provides a rate of 2 Mbps, and
completed the first large-scale installation of WaveLAN at Carnegie Mellon University. In
the same year, IEEE 802.11 selected the basis of the MAC protocol from the NCR,
Symbol Technologies, and Xircom proposals.
• Wi-Fi is based on the IEEE 802.11 standard. In 2018, the Wi-Fi Alliance launched the
"Generational Wi-Fi" marketing program. Based on major Wi-Fi technology (PHY)
versions, the Wi-Fi Alliance introduced consumer-friendly Wi-Fi generation names
(formatted as "Wi-Fi" followed by an integer) and encouraged people to use these Wi-Fi
generation names in industry terminology. Generation names do not affect the previous
certification program names. For previous certification programs (such as Wi-Fi
CERTIFIED ac or earlier programs), the original certification program names continue to
be used. Wi-Fi Alliance has not assigned new names to Wi-Fi generations prior to Wi-Fi 4.
• Wi-Fi 5 cannot meet the requirements of low service latency and high bandwidth in 4K/8K
video conferencing scenarios.

• Wi-Fi 6 works with Huawei SmartRadio technology to reduce the latency to 10 ms.
• Phase 1: In the era of basic mobile working, wireless networks were a supplement to
wired networks.

▫ The application of WaveLAN technology is considered as the earliest form of

enterprise WLAN. The Wi-Fi technology at an early stage was mainly used on IoT
devices such as wireless radios. However, with the introduction of 802.11a/b/g
standards, the advantages of wireless connectivity become more obvious.
Enterprises and consumers began to realize the potential of Wi-Fi, and wireless
hotspots emerged in coffee shops, airports, and hotels.

▫ Wi-Fi was also born during this period. It is a trademark of the Wi-Fi Alliance and
was created to drive the formulation of the 802.11b standard and compatibility
certification of Wi-Fi products worldwide. With the evolution of standards and the
popularity of standards-compliant products, people often equate Wi-Fi with the
802.11 standard.

▫ 802.11 is only one of many WLAN technologies and has become a mainstream
technology widely adopted in the industry. Therefore, when people talk about WLAN,
they usually refer to WLAN that uses Wi-Fi technology.

▫ This was the first phase of WLAN application, focusing mainly on implementing
wireless access. Its key value is to break away from the constraints of wired
networks so that devices can move within a certain range, that is, using wireless
networks to extend wired networks. However, in this phase, there were no specific
requirements on WLAN's security, capacity, and roaming performance. And an
access point, or AP, was used independently for networking coverage. Such an AP
is called a Fat AP.
• Planning

▫ Experience is required, and many factors need to be considered, such as channel

planning based on the field strength, interference, user quantity, wall structure,
mounting mode (wall-mounted or ceiling-mounted), etc.

▫ It is difficult to verify the effect after manual planning, for example, whether the
planned signals can completely cover desired areas.

• Deployment

▫ The efficiency in deploying a large number of devices is low.

▫ There are too many commands, and configuration items and procedures are prone
to errors.

• Monitoring

▫ There are many network KPIs, such as the CPU usage, memory usage, bandwidth
usage, number of access users, access rate, signal strength, and signal-to-noise
ratio (SNR). If you only view KPI data, network optimization cannot be performed.

• Fault diagnosis

▫ Using traditional ways to troubleshoot a large number of fault points is inefficient.

We need to find out how to quickly locate and rectify faults.
• If a wireless network needs to be deployed independently on a campus network where a
wired network has been deployed or the wireless network scale is large, it is
recommended that an independent AC be deployed.

• On a large campus network, ACs are typically connected to aggregation or core switches
in off-path mode.

• Tunnel forwarding is recommended in this scenario to reduce changes to the existing

wired network and facilitate centralized management and control on the AC. To improve
AC reliability, VRRP hot standby is usually deployed in the independent AC solution.
• ABCD

• ABCD
• Electromagnetic radiation consists of electromagnetic waves, which are synchronized
oscillations of electric and magnetic fields perpendicular to each other. Electromagnetic
waves travel through space to transmit energy in a direction perpendicular to the
electric and magnetic fields.

• Radio waves are electromagnetic waves emitted in the free space (including air and
vacuum), with frequencies lower than 300 GHz. (The lowest frequencies are different. The
commonly used lowest frequencies are 3 kHz to 300 GHz, 9 kHz to 300 GHz, and 10 kHz
to 300 GHz.)

• The current change in a conductor generates radio waves. Therefore, information can be
carried by radio waves through modulation. When an electromagnetic wave reaches the
receiver, the electromagnetic field change caused by the electromagnetic wave generates
current. Information can be extracted from current through demodulation. Information is
thus transmitted.
• The frequency is an important physical index of waves. The frequency of a wave is the
oscillation frequency of the wave, which is expressed in Hz. If a wave oscillates once per
second, the frequency is 1 Hz.

• A wave consists of consecutive crests and troughs. The distance between adjacent crests
or roughs is the wavelength. Waves vary in size from very long radio waves (as long as a
football field) to very short gamma-rays (shorter than the radius of an atom). A higher
frequency indicates a shorter wavelength.

• The frequency of radio waves ranges from 3 kHz to 300 GHz, and the wavelength ranges
from 0.1 mm to 10 km.
• WLANs use the 2.4 GHz frequency band (2.4–2.4835 GHz) and 5 GHz frequency band
(5.15–5.35 GHz and 5.725–5.85 GHz).
• Designed for Industrial, Scientific, and Medical (ISM), the 2.4 GHz and 5 GHz frequency
bands can be used without licenses or fees as long as the transmit power requirement
(generally less than 1 W) is met and no interference is caused to other frequency bands.
The free frequency band resources reduce WLAN deployment costs but cause co-channel
interference when multiple wireless communication technologies work on the same
frequency band. The frequency bands to be used by WLANs must comply with local laws
and regulations.
• ELF (3 Hz to 30 Hz): Submarine communication or direct conversion into sound
• SLF (30 Hz to 300 Hz): Direct conversion into sound or AC power transmission system
(50 Hz to 60 Hz)
• ULF (300 Hz to 3 kHz): Mine communication or direct conversion into sound
• VLF (3 kHz to 30 kHz): Direct conversion into sound, ultrasound, and geophysics research
• LF (30 kHz to 300 kHz): International broadcasting
• MF (300 kHz to 3 MHz): Amplitude Modulation (AM) broadcasting, maritime, and
aeronautical communication
• HF (3 MHz to 30 MHz): Short wave and civil radio stations
• VHF (30 MHz to 300 MHz): Frequency Modulation (FM) radio, TV broadcast, and
aeronautical communication
• UHF (300 MHz to 3 GHz): TV broadcasting, wireless telephone communication, wireless
network, and microwave oven
• SHF (3 GHz to 30 GHz): Wireless network, radar, and satellite receiving
• EHF (30 GHz to 300 GHz): Radio astronomy, remote sensing, and human body scanner
• 300 GHz or higher: Infrared ray, visible light, ultraviolet ray, and other rays
• Phase is a relative term that describes the relationship between two co-channel waves.
To measure the wave phase, the wavelength of a wave is divided into 360 parts and each
part is 1°. 0° is used as the propagation start time of a wave. If one wave starts to
propagate at 0° and the other wave starts to propagate at 90°, the two waves are 90°
out-of-phase. If electromagnetic waves with the same frequency start to propagate at
different time, the wave propagation is greatly affected.
• Source coding

▫ Source coding is a process of converting raw information into digital signals by using
a coding scheme. Source coding can reduce redundant information in the raw
information, by compressing the information to the maximum extent without
distortion.

• Channel coding

▫ Channel coding is a technology for correcting and detecting information errors to

improve channel transmission reliability. With wireless transmission that is prone to
noise interference, information arriving at the receiver may be erroneous. Channel
coding is introduced to restore information to the maximum extent at the receiver,
thereby reducing the bit error rate. WLANs use Binary Convolutional Code (BCC)
and Low Density Parity Check (LDPC).

▫ Channel coding adds redundant information to the raw information and therefore
increases the information length. The ratio of the number of pre-coding bits (that is,
raw information) to the number of post-coding bits is referred to as the coding
efficiency, also called the coding rate. Channel coding decreases the transmission
rate of valid information but increases the transmission success rate of valid
information. Therefore, the best performance and effectiveness can be achieved by
selecting a proper coding scheme for communication protocols.
• Modulation is classified the following types based on controlled signal parameters:

▫ AM: The amplitude of high-frequency carrier signals changes with the instantaneous
change of modulation signals. That is, the amplitude of a high-frequency signal is
changed by using a modulation signal, so that information of the modulation signal
is included in the high-frequency signal, the high-frequency signal is transmitted by
using an antenna, and then the modulation signal is also transmitted. The receiver
then can demodulate the modulation signal, that is, parse the amplitude of the high-
frequency signal to obtain the modulation signal.

▫ FM: It changes the carrier frequency according to modulation signals. The change of
the modulation wave frequency is determined by the size of a modulation signal,
and the change period is determined by the frequency of the modulation signal. The
amplitude of the modulation wave remains unchanged. The waveform of the FM
wave is like a spring that is compressed unevenly.

▫ PM: PM is a modulation mode in which the deviation value of the carrier phase
relative to the reference phase varies proportionally with the instantaneous value of
the modulation signal. That is, the initial phase of a carrier varies with the baseband
digital signal. For example, the digital signal 1 corresponds to the phase 180°, and
the digital signal 0 corresponds to the phase 0°.
• A carrier is a waveform that is modulated with an information bearing signal for the
purpose of conveying information. It is typically a sine wave. Generally, the frequency of a
sine carrier is required to be far higher than the bandwidth of a modulation signal;
otherwise, aliasing may occur, causing distortion of the transmitted signal.

• Generally, data to be sent has a low frequency. If the data is transmitted at the original
frequency, it is difficulty for the data to be received or synchronized. With carrier wave
transmission, data signals can be loaded onto carrier wave signals. The receiver receives
data signals at the carrier wave frequency. Meaningful and meaningless signal waves
have different amplitudes, so that the needed data signals can be extracted through
demodulation.

• Three properties (amplitude, frequency, and phase) of an electromagnetic wave can be

modulated to generate a carrier signal.
• The channel frequency bandwidth in 802.11b is 22 MHz. Currently, the single-channel
frequency bandwidth in 802.11n, 802.11ac, and 802.11ax is 20 MHz.
• The frequency of a channel is represented by its center frequency.

• The center frequency of channels 1 to 13 is calculated as follows: 2412 + (n – 1) x 5 MHz.

The center frequency of channel 14 is defined as 2.484 GHz. Currently, channel 14 can
be used only in a few countries, such as Japan.

• UNII: Unlicensed National Information Infrastructure

• The 5 GHz frequency band of Wi-Fi performs better than the 2.4 GHz frequency band in
terms of frequency, data rate, and anti-interference performance. However, as the 5 GHz
frequency band has higher frequencies and therefore has a shorter wavelength than the
2.4 GHz frequency band, it delivers poor signal penetration capabilities and shorter
transmission distances. The available channels on the 5 GHz frequency band vary in
different countries and regions. Its wide frequency bandwidth and reduced interference
make it suitable for high-speed transmission.
• In 802.11n, the maximum transmission rate changes with the number of spatial streams.
For example, an independent spatial stream supports a maximum rate of 150 Mbps, and
two independent spatial streams support 300 Mbps. An 802.11n device supports up to
4x4 MIMO, that is, a maximum of four spatial streams, with a rate of up to 600 Mbps. The
number of spatial streams determines the maximum physical transmission rate.

• In the MIMO system, the number of spatial streams is typically less than or equal to the
number of antennas. If the number of RX antennas is different from that of TX antennas,
the number of spatial streams is smaller than or equal to the minimum number of
antennas on the transmitter or receiver. For example, a 4x4 MIMO system can transmit
four ore fewer spatial streams, whereas a 3x2 MIMO system can transmit two or fewer
spatial streams.
• Compared with a single-radio AP, a dual-radio AP allows access of more STAs while
ensuring STA performance. For example, in a bandwidth-demanding scenario, a single
radio module can connect to 20 to 25 STAs. However, if an AP can work on both the 2.4
GHz and 5 GHz frequency bands, it can connect to 40 to 50 STAs.

• In this way, the access capacity is doubled in the same physical space. Therefore, dual-
radio APs are applicable to high-density scenarios, such as libraries, conference rooms,
academic lecture halls, and student dormitories.

• A three-radio AP provides one more radio than a dual-radio AP. This radio can be used
for service coverage to improve the user access capability or used for spectrum
monitoring, security scanning, and wireless location. It supports link aggregation of two
Ethernet interfaces, ensuring link reliability and improving the service load balancing
capability. Using three-radio APs effectively solves problems in high-density scenarios,
such as difficult STA access, data congestion, and poor roaming performance.
• Interference from non-Wi-Fi devices: Many household appliances, such as microwave
ovens, Bluetooth headsets, and infrared remote controls, work on the 2.4 GHz frequency
band. Consequently, a large number of 2.4 GHz channels are occupied, reducing the
utilization of Wi-Fi transmission channels.
• The actual wireless access rate is significantly different from the implementation rate due
to the following reasons:

▫ Distance: The distance to an AP and physical obstacles (such as walls, signal

barriers, or reflection materials) affects signal transmission and reduces the
transmission rate.

▫ Interference: Devices on other wireless networks working at the same frequency in

the same area affect network performance.

▫ Bandwidth sharing: The available bandwidth is shared by all users on the same
wireless network.
• Frequency hopping (FH or FHSS)

▫ FHSS is a method of transmitting radio signals by rapidly switching a carrier among

many frequency channels, using a pseudorandom sequence known to both
transmitter and receiver.

• Direct sequence (DS or DSSS)

▫ DSSS uses mathematics functions to spread power to wider frequency band.

• Orthogonal Frequency Division Multiplexing (OFDM)

▫ OFDM divides available channels into sub-channels and decodes some of the
signals on each sub-channel.

▫ The OFDM technology is used in 802.11n to 802.11ax. Therefore, this document

describes only the OFDM technology in detail.
• In OFDM, subcarriers are orthogonal and their spectrums are overlapped. Therefore, due
to high spectrum utilization, OFDM is widely applied, especially in preventing multipath
fading. It is also easily implemented.

• As shown in the figure above, a channel is considered as a lane. When OFDM is not
enabled, a single channel allows only one single subcarrier at a time, which is similar to
that only one vehicle can pass at a time, resulting in low efficiency. When OFDM is
enabled, a channel is divided into several sub-channels, so that multiple subcarriers can
be transmitted at the same time, thereby greatly improving channel utilization.
• OFDM divides a wide channel into multiple sub-channels, each of which is used for data
transmission.

• Subcarriers in an OFDM system overlap but do not interfere with each other because they
are orthogonal to each other. In mathematics, "orthogonal" is used to describe
independent projects.

• OFDM operates properly because the waveform of a subcarrier is not affected by other
subcarriers.
• To improve the throughput, 802.11ac introduces 256-QAM — a higher-order modulation
scheme with higher modulation efficiency. 256-QAM supports the coding rates of 3/4 and
5/6 and increases the number of MCS types to 10. In terms of MCS representation,
802.11ac eliminates MCS coding for each MIMO combination, reducing the number of
MCS types from dozens to 10. A higher MCS index indicates higher throughput due to the
difference in the number of bits represented by each subcarrier in different MCS types.
Each subcarrier (represented by a point in the constellation diagram) can carry data of 2
bits in BPSK, 4 bits in 16-QAM, 6 bits in 64-QAM, and 8 bits in 256-QAM.

• To improve the throughput, 802.11ax introduces 1024-QAM — a higher-order modulation

scheme with higher modulation efficiency. 1024-QAM supports the coding rates of 3/4 and
5/6 and increases the number of MCS types to 12. A higher MCS index indicates higher
throughput due to the difference in the number of bits represented by each subcarrier in
different MCS types. Each subcarrier can carry data of 2 bits in BPSK, 4 bits in 16-QAM, 6
bits in 64-QAM, 8 bits in 256-QAM, and 10 bits in 1024-QAM. The figures above show the
constellation diagrams of 256-QAM and 1024-QAM. A higher-order modulation scheme
provides higher modulation efficiency. However, efficiency improvement in different
modulation schemes is not linear and gradually becomes not obvious for higher-order
modulation schemes.
• OFDM:

▫ Users are differentiated by time segment. In each time segment, one user occupies
all subcarriers.

• OFDMA:

▫ An AP determines how to allocate channel resources based on communication

requirements of multiple users, and always allocates all available RUs in the
downlink direction. The AP may allocate the entire channel to one user at a time or
partition the channel to serve multiple users concurrently.

▫ In OFDMA mode, channel resources can be allocated more delicately, allowing

finer-grained QoS.

• RU:

▫ 802.11ax defines the RUs of different tones, including 26, 52, 106, 242, 484, 996,
and 2x996 tones. RUs with different tones are applicable when different channel
bandwidths are available: 484-tone RUs available only at 40 MHz, 80 MHz, or 160
MHz; 996-tone RUs available only at 80 MHz or 160 MHz; and 2x996-tone RUs
available only at 160 MHz.

• OFDMA working mode (as shown in the right figure): Users are differentiated by time-
frequency RUs. The resources of a channel are divided into small fixed time-frequency
blocks, which are known as RUs. In this mode, user data is carried on each RU. Therefore,
multiple users may simultaneously send data in each time segment when the total time-
frequency resources remain unchanged.
• Compared with OFDM, OFDMA has the following advantages:

▫ Finer resource allocation: The transmit power can be allocated based on the
channel quality, especially when the channel status of some nodes is not good. This
helps to allocate channel time-frequency resources in a more delicate manner.

▫ Better QoS: According to earlier 802.11 standards, one user occupies the entire
channel to transmit data. If a QoS node wants to send a data packet, it must wait
until the current sender releases the complete channel. This causes a long latency.
With OFDMA, however, one sender occupies only a part of the channel, which
reduces the access latency for QoS nodes.

• Note: 26-tone RUs are similar to radar signals, and may be detected by radars by mistake.

• The Wi-Fi 6 standard uses OFDMA to improve the spectrum utilization. For example, 80
MHz bandwidth can be divided into a maximum of 37 RUs, which can serve 37 users
concurrently.

• Wi-Fi 6 reduces the subcarrier spacing to 78.125 kHz from 312.5 kHz in Wi-Fi 5. This
means that Wi-Fi 6 achieves a four-fold increase in the number of subcarriers that in Wi-Fi
5 with the same channel bandwidth.
• In Wi-Fi 6, the minimum RU size and minimum subcarrier bandwidth are 2 MHz and
78.125 kHz, respectively. Therefore, the minimum RU type is 26-tone RU. By analogy,
there are 52-tone, 106-tone, 242-tone, 484-tone, and 996-tone RUs.

• An RU includes data subcarriers and pilot subcarriers. Data subcarriers are used to carry
data, and pilot subcarriers are used for channel estimation.
• Simply speaking, with CSMA/CA, a STA listens on the channel before sending data. If the
channel is busy, a collision exists and the STA waits for a period of time before sending
data. If the channel is not busy, the STA can directly send data.
• The basis for CSMA/CA is carrier sense. 802.11 proposes two carrier sense methods
based on medium characteristics of WLANs: physical and virtual carrier sense. These two
carrier sense methods may be performed at the same time. As long as either of the two
methods shows that the media is in use, the media is considered busy.

▫ Physical carrier sense: works at the PHY layer and depends on the medium in use
and modulation scheme. This method detects the signal energy from the received
radio frequency or antenna signals and estimates the busy or idle status of channels
based on the signal quality.

▫ Virtual carrier sense: works at the MAC layer. With this method, the transmit STA
notifies other STAs of the duration it needs to occupy the channel so that the other
STAs stop sending data during this period.

• "Virtual" herein means that other STAs do not send data because they receive
notifications from the transmit STA but do not actually detect the physical channel.
Notifications sent from the transmit STA are implemented by filling the Duration field of the
MAC frame header with the time (in μs) during which the STA will occupy the channel
after the current frame transmission is completed, including the time required by the
receive STA (destination) to send an ACK frame. When a STA other than the transmit
(source) and receive (destination) STAs detects the Duration field in the header of a MAC
frame that is being transmitted on a channel, the STA adjusts its own NAV.

• Collision detection cannot be used on WLANs. As long as data is transmitted, the

transmission of the entire frame must be completed. If a collision occurs during the
transmission on a WLAN, resources of the entire channel are wasted in this period of time.
Therefore, collisions should be minimized on WLANs.
• SIFS

▫ Features the shortest wait time and highest priority.

▫ Separates frames in each exchange.

▫ Allows a STA to switch from the transmit mode to the receive mode within this
period.

▫ SIFS applies to transmission of the following frames: ACK frames, CTS frames,
fragmented MAC frames, Probe Response frames, and frames sent from an AP to a
STA in PCF mode.

• DIFS

▫ Features the longest wait time and lowest priority.

▫ Transmits data frames and management frames in DCF mode.

▫ A DIFS is the shortest time for a medium to remain idle in competitive services. If
the medium is continuously idle for a time longer than the DIFS, a STA can access
the medium immediately.
• A STA needs to wait for another DIFS until the channel is idle because another STA may
have a high-priority frame to be sent. Higher-priority frames will be sent preferentially.

• If there is no higher priority frame, the STA is ready to send data.

• Before sending data, the STA sends RTS and CTS frames to avoid packet collision. This
is the virtual carrier sense mechanism, which enables a STA to notify all STAs of the
channel occupation duration (including the time required for the AP to send an ACK
frame). In this manner, all the other STAs stop sending data in this period of time, thereby
greatly reducing the chance of collision.

▫ With the virtual carrier sense mechanism, other STAs do not send data because
they receive notifications from the transmit STA (source) but do not actually detect
the physical channel. This achieves the same effect as that of channel detection by
other STAs. Notifications sent from the transmit STA are implemented by filling the
Duration field of the MAC frame header with the time (in μs) during which the STA
will occupy the channel after the current frame transmission is completed, including
the time required by the receive STA (destination) to send an ACK frame.

• When a STA detects the Duration field in the header of a MAC frame that is being
transmitted on a channel, the STA adjusts its own NAV. The NAV specifies the time
required for completing the transmission of a data frame so that the channel can be
switched to the idle state. Therefore, the STA determines that a channel is busy based on
physical carrier sense or virtual carrier sense at the MAC layer.
• 802.11 standards use the binary exponential backoff algorithm, but the specific
implementation is slightly different. For the ith backoff, one timeslot is randomly selected
from 22+i timeslots. That is, upon the first backoff, one timeslot is randomly selected from
8 timeslots (not two timeslots); and upon the second backoff, one timeslot is randomly
selected from 16 timeslots (not four timeslots). When the timeslot number reaches 255
(corresponding to the sixth backoff), the number does not increase anymore.
• When a STA that wants to send data selects a timeslot in the contention window using the
backoff algorithm, a backoff timer starts to count down from the selected timeslot. When
the backoff timer counts down to 0, the STA starts to send data. Alternatively, if the
channel is sensed busy before the backoff timer counts down to 0, the backoff timer is
frozen and waits for the channel to become idle again. After the DIFS elapses, the backoff
timer continues to count down (starting from the remaining time). This provision allows the
STA that continues to start the backoff timer to access the channel earlier.
• In the figure above, the backoff timer of STA3 counts down to zero first. Therefore, STA3
immediately sends the entire data frame. Note that the channel becomes idle immediately
after STA3 sends data. The backoff timer of STA3 keeps counting down. When STA3 is
sending data, other STAs sense the channel busy, freeze their backoff timers, and wait for
the channel to become idle.
• After STA3 finishes sending data, other STAs wait for a DIFS and their backoff timers start
to count down from their respective remaining times. Now, the backoff timer of STA4
reaches zero first, and STA4 is granted the transmission right. When STA4 sends data,
other STAs freeze their backoff timers until the remaining time expires, and then send
data. Freezing the remaining time of the backoff timer aims to make channel resources
fairer to all STAs.
• To resolve the hidden node problem on a WLAN, the IEEE 802.11 protocol allows a STA
to reserve access to a channel by using the RTS/CTS mechanism.

• With the RTS/CTS mechanism, a STA does not send data immediately after a DIFS.
Instead, the STA sends an RTS frame to apply for channel occupation. Other STAs that
receive the RTS frame respond with a CTS frame after an SIFS, informing the transmit
STA that they are ready to receive data. After successful RTS/CTS signal exchange (that
is, the handshake process is completed), the transmit STA starts to transmit data. In this
manner, when multiple STAs that are invisible to each other simultaneously attempt to
send signals to the same destination STA, only the STA that receives the CTS frame
returned by the destination STA can successfully send data, thereby avoiding collisions.
In this case, a collision (if any) may occur only when the RTS frame is transmitted. For the
STAs that did not receive the CTS frame from the destination STA, a contention
mechanism provided by the DCF is available to allocate random backoff timer values to
them. These STAs then will wait for a DIFS until the medium becomes idle again and
contend by sending RTS frames. This process continues until the STAs succeed in
sending data.

• The RTS/CTS mechanism improves transmission efficiency as follows:

▫ Mitigates the hidden node problem because long data frames can be sent only after
channel resources are successfully reserved.

▫ Involves only a short RTS or CTS frame collision (if any) duration because these
two frames are relatively small in size. Once the RTS and CTS frames are correctly
transmitted, subsequent data frames and ACK frames can be sent without any
collision.
• In practice, a bonded channel contains one primary channel and one auxiliary channel.
Hence, either a 40 MHz channel or a single 20 MHz channel can be used for transmitting
and receiving data.

• A small part of bandwidth is reserved between two 20 MHz channels to avoid mutual
interference. When channel bonding technology is used to achieve 40 MHz bandwidth,
the reserved bandwidth may also be used for communication, thereby further improving
throughput.

• Theoretically, a 40 MHz bonded channel can increase the spectrum utilization and double
the throughput compared with 20 MHz channels. However, the 2.4 GHz frequency band
has limited spectrum resources, and has only four non-overlapping channels that can form
at most two 40 MHz bonded channels that do not interfere with each other on the band.
Therefore, channel bonding on the 2.4 GHz frequency band is not practical on the live
network. Currently, channel bonding is mainly performed on the 5 GHz frequency band.
• Theoretically, a 40 MHz bonded channel can increase the spectrum utilization and double
the throughput compared with 20 MHz channels. However, the 2.4 GHz frequency band
does not support two 40 MHz bonded channels that do not interfere with each other due
to limited spectrum resources on the band. Only channels 1, 5, 9, and 13 can be bonded
to form two non-overlapping channels.

• A small part of bandwidth is reserved between two 20 MHz channels to avoid mutual
interference. When channel bonding technology is used to achieve 40 MHz bandwidth,
the reserved bandwidth may also be used for communication, thereby further improving
throughput.

• If two adjacent 20 MHz channels are bonded and the center frequency of the auxiliary 20
MHz channel is lower than that of the primary channel, the bonded channel is named
xxxplus. Otherwise, the bonded channel is named xxxminus.

▫ For example, on the 2.4 GHz frequency band, if channel 1 is used as the primary
channel in channel bonding, the bonded channel is known as channel 1plus,
indicating channel 1 is the primary channel, channel 5 is the auxiliary channel, and
the frequency bandwidth of the bonded channel is 40 MHz.

▫ If channel 5 is used as the primary channel, the bonded channel is known as

channel 5minus, indicating that channel 5 is the primary channel, channel 1 is the
auxiliary channel, and the frequency bandwidth of the bonded channel is 40 MHz.
• The 5 GHz frequency band has abundant spectrum resources. The FCC allocates 23 non-
overlapping 20 MHz channels. In China, there are five non-overlapping 20 MHz channels,
which are enough to be bonded into 40 MHz channels.
• Therefore, it is not recommended that 802.11n uses 40 MHz bandwidth on the 2.4 GHz
frequency band. That is, 802.11g and 802.11n usually have 20 MHz frequency
bandwidths deployed to obtain more channel resources, supporting cellular coverage.
• Two adjacent 20 MHz channels can be bonded into a 40 MHz channel. One of the two 20
MHz channels is the primary channel, and the other the auxiliary channel.
• Two adjacent 40 MHz channels can be bonded into an 80 MHz channel. In an 80 MHz
channel, one 20 MHz channel must be selected as the primary channel. The other 20
MHz channel in the 40 MHz channel containing the primary channel is known as the
auxiliary 20 MHz channel. The 40 MHz channel that does not contain the primary channel
is known as the auxiliary 40 MHz channel.
• Two adjacent 80 MHz channels can be bonded into a 160 MHz channel. In a 160 MHz
channel, one 20 MHz channel must be selected as the primary channel. The other 20
MHz channels in the 80 MHz channel containing the primary channel are known as
auxiliary 20 MHz channels. The 40 MHz channels that do not contain the primary channel
are known as auxiliary 40 MHz channels. The 80 MHz channel that does not contain the
primary channel is known as the auxiliary 80 MHz channel. On the 5 GHz frequency band,
a maximum of two 160 MHz channels can be formed.
• An 80+80 MHz channel is formed by bonding two non-adjacent 80 MHz channels.
Division of the primary and auxiliary channels is similar to that for a 160 MHz channel.
Compared with the 160 MHz channel solution, the 80+80 MHz channel solution can divide
more than three non-overlapping channels on the 5 GHz frequency band and therefore is
suitable for cellular channel planning, meeting wireless network deployment requirements.
• SISO

▫ Apparently, SISO transmission is unreliable and rate limited because there is only
one path between the TX antenna and RX antenna. To address this issue, we add
more antennas on the receiver (STA) so that two or more signals can be received
concurrently, achieving single-input multiple-output (SIMO).

• SIMO

▫ There are multiple paths between the TX antenna and RX antennas. Data is sent
from the same TX antenna, and therefore only one signal is transmitted, doubling
reliability. This mode is also known as receive diversity.

• MISO

▫ There are multiple paths between TX antennas and the RX antenna. Only one RX
antenna exists, and therefore the TX antennas can send only the same data along
the two paths. The effect is similar to that of SIMO. This mode is also known as
transmit diversity.

• MIMO

▫ MIMO technology allows multiple antennas to send and receive spatial streams
(multiple signals) simultaneously and to differentiate the signals sent to or received
from different spaces. By leveraging technologies such as spatial reuse (SR) and
space diversity (SD), MIMO improves the system capacity, coverage, and SNR
without increasing the occupied bandwidth.
• A router that supports MU-MIMO technology can transmit data simultaneously with a
plurality of STAs, which changes the serial transmission mode to parallel and shortens the
waiting time before STAs obtain data from the router wirelessly. Additionally, the
bandwidth resources obtained by each STA are not compromised. Therefore, this
technology maximizes the resource utilization and thereby increases the access capacity
of the router and the Internet access speed of STAs.
• Before SR was introduced, WLAN systems used the CSMA/CA mechanism. The
CSMA/CA mechanism allows only one link to transmit data at a time within the signal
coverage of a STA. This can be done only after the STA obtains the channel access right
through contention. The CSMA/CA mechanism enables all WLAN participants in a
collision domain to fairly share channels. However, when the number of WLAN
participants greatly increases, especially when there are a large number of APs with
OBSSs on the network, transmission efficiency decreases.

• 802.11 uses CSMA/CA at the MAC layer. It uses the half-duplex communication
mechanism, in which only one radio device can transmit data on the network at a time. If
an 802.11 STA detects a transmission signal (by checking the PHY header) from any
other 802.11 STA, the 802.11 STA delays its transmission. When APs and STAs are
deployed to work on the same channel and contend for signal transmission, they are
located in the same OBSS, which suffers from co-channel interference.

• 802.11ax devices distinguish BSSs by adding the BSS color field to the PHY header of a
packet. During contention, a node allocates a contention behavior at the MAC layer based
on the detected BSS color field value in the PHY header. If the BSS color field values are
the same, the nodes are in the same BSS, indicating intra-BSS contention. If the BSS
color field values are different, the nodes are in an OBSS, indicating inter-BSS contention.
• Based on the BSS coloring mechanism, wireless traffic is marked at the beginning of
transmission, which helps surrounding devices determine whether to the allow wireless
medium to be used at the same time. Even if the level of the detection signal from the
neighboring network exceeds the traditional signal detection threshold, the wireless
medium can be considered idle and new transmission is allowed as long as the transmit
power of the new transmission is lowered appropriately. The BSS coloring mechanism
aims to enable devices to distinguish between the transmissions on the local and
neighboring networks. The self-adaptive power and sensitivity thresholds allow dynamic
adjustment of the transmit power and signal detection threshold to increase SR efficiency
and minimize co-channel interference.
• If an 802.11ax AP detects an OBSS with the same color, the AP can change its own BSS
color to reduce co-channel interference. If two APs have the same BSS color, a BSS color
collision occurs. As shown in the figure above, if an 802.11ax AP detects different BSS
color field values from other APs or the AP itself, a BSS color collision is detected.
• If a STA detects a BSS color collision, it sends a color collision report to the associated
AP. The report contains BSS coloring information about all OBSSs it has detected.
• The AP informs all nodes within the same BSS of the BSS color change through a
Beacon frame that carries the new BSS color in the New BSS Color sub-field. The BSS
color change may also be notified through a Probe Response and a Reassociation
Response frame.
• When detecting a BSS color collision, an AP can change its own BSS color. The 802.11ax
draft amendment does not define the BSS coloring standard or a method for selecting a
new BSS color. WLAN vendors can customize BSS color selection protocols, such as the
Aerohive Channel Selection Protocol (ACSP).
• Each generation of new Wi-Fi standards can extend the battery life of STAs by supporting
faster and longer transmission to lower their power consumption. Wi-Fi 6 introduces target
wakeup time (TWT), which allows an AP to inform a STA when to sleep and provide a
scheduling table defining when the STA is awake. Even though a STA sleeps for a short
period of time each time, multiple sleeps significantly prolong the battery life of the STA.

• TWT was first proposed in the 802.11ah standard. This mechanism is designed to save
energy for IoT devices, especially for devices with low traffic volume such as smart
electricity meters. It allows IoT devices to stay in the sleep state as long as possible,
reducing power consumption. After a TWT agreement is established, a STA wakes up
after a longer period of time, without the need of receiving a Beacon frame. The 802.11ax
standard improves on TWT by defining rules for STA behaviors and implementing channel
access control on the premise of meeting energy saving requirements. TWT is classified
into unicast TWT and broadcast TWT.
• The IEEE 802.11 Working Group defines the standards related to:

▫ 802.11 PHY layer

▫ 802.11 MAC layer

• 802.11 PHY standards define the frequencies, MCSs, and maximum rates of wireless
standards.

▫ IEEE 802.11: In 1990, the IEEE Standards Association (IEEE-SA) set up the IEEE
802.11 Working Group, which defined 802.11 standards. The 802.11 standard
specifies the set of MAC layer and PHY protocols for implementing WLAN
communication. It defines signal characteristics and MCSs in data transmission at
the PHY. According to the 802.11 standard, WLANs work at frequencies from 2.4
GHz to 2.4835 GHz and the maximum data rate is 2 Mbps.

▫ IEEE 802.11a: Published in 1999, 802.11a defines the frequency of WLANs, which
is between 5.15 GHz and 5.825 GHz. The maximum data rate is 54 Mbps.

▫ IEEE 802.1b: IEEE 802.1b was approved in September 1999. According to 802.1b,
WLANs work at 2.4 GHz to 2.4835 GHz. The maximum data rate is 11 Mbps.

▫ IEEE 802.11g: IEEE 802.11g improves the data rate from 11 Mbps (802.11b) to 54
Mbps. 802.11g APs support access of 802.11b and 802.11g STAs.
• Different from 802.11a/b/g, 802.11n works in dual-band mode (2.4 GHz and 5 GHz
frequency bands). Therefore, 802.11n is compatible with 802.11a/b/g.
• To improve the QoS of real-time services, 802.11n defines single-user beamforming
technology to improve the signal receiving quality. It also incorporates the 802.11e (QoS)
standard amendment, requiring 802.11n devices to support 802.11e features. In addition,
802.11n uses antenna and wireless transmission technologies, which greatly increase the
transmission distance of WLANs to several kilometers while guaranteeing the data rate of
100 Mbps.
• 802.11n combines PHY and MAC layer technologies to improve the WLAN throughput.
The main PHY technologies include MIMO, MIMO-OFDM, 40 MHz channel bonding, and
short GI, which help to increase the PHY throughput to 600 Mbps. However, if only the
PHY rate is improved but the MAC layer functions such as air interface access are not
optimized, the PHY efficiency optimization cannot be achieved in 802.11n. This is similar
to a wide road. Traffic jams and low efficiency are still problems if traffic scheduling and
management are not optimized. To resolve such problem, 802.11n uses technologies
such as block acknowledgment and frame aggregation, which greatly improve the MAC
layer efficiency.
• Forward Error Correction (FEC): According to the basic principles of wireless
communication, to make information suitable for transmission over unreliable media such
as wireless channels, the transmitter encodes information to be sent and adds on
redundant information to improve the system's error correction capability and allow the
receiver to restore the original information. The QAM-64 encoding mechanism used by
802.11n can increase the coding rate of an FEC code (proportion of useful data) from 3/4
(in 802.11g) to 5/6. Therefore, with MIMO-OFDM, the physical rate of a spatial stream can
be improved from 58.5 Mbps in 802.11g to 65 Mbps (that is, 58.5 Mbps times 5/6 divided
by 3/4).
• 802.11n supports a maximum rate of 600 Mbps thanks to the following:

▫ Supports a maximum of four spatial streams.

▫ Supports channel bonding. In 5 GHz scenarios, each channel supports a maximum

of 108 subcarriers.

▫ Uses short GI technology, reducing the GI from 0.8 μs to 0.4 μs.

▫ Improves the coding rate from 3/4 to 5/6.

▫ Delivers a data rate of up to 300 Mbps with the 20 MHz channel bandwidth and 600
Mbps with the 40 MHz channel bandwidth.
• 802.11ac has made many technological innovations, and it takes a long time to market
these innovations into Wi-Fi products. Therefore, the Wi-Fi Alliance separated the
introduction of 802.11ac products into two phases: Wave 1 and Wave 2. In this way,
802.11ac products can be quickly launched to the market to meet the rapidly increasing
traffic requirements. Meanwhile, 802.11ac is evolvable to maintain the competitiveness of
Wi-Fi.
• 802.11ac also enables seamless roaming of enterprise or home users, while supporting
security, management, and diagnosis applications of Wi-Fi products during roaming.
• 802.11ac uses new technologies while extending original technologies to improve the
maximum throughput and the number of access users. The technologies include more
spatial streams, 256-QAM, and MU-MIMO.
• It defines downlink MU-MIMO (DL MU-MIMO) technology to support concurrent downlink
multi-user transmission.
• 802.11ac extends A-MPDU technology.
▫ 802.11n and later 802.11 standards introduce frame aggregation technology at the
MAC layer to aggregate MSDUs or MPDUs before encapsulating them into PHY
packets. In this way, multiple MSDUs or MPDUs share one PHY header, improving
encapsulation efficiency, saving air interface resources, and reducing the number of
times for preempting air interface resources.
▫ Upon an error in the transmission of an A-MSDU, the entire A-MSDU needs to
retransmitted. In contrast, each MPDU in an A-MPDU has their own MAC headers.
Upon an error in the transmission of an A-MPDU, only the MPDU with the error
needs to be retransmitted.
▫ 802.11ac data frames must be sent in A-MPDU mode. That is, A-MPDU cannot be
disabled.
• The Wi-Fi Alliance launched the "Wi-Fi CERTIFIED 6" certification program on September
16, 2019, and announced IEEE 802.11ax that operates on the 6 GHz frequency band as
Wi-Fi 6E on January 3, 2020.

• You may be very familiar with the concept of MU-MIMO. DL MU-MIMO introduced in
802.11ac may bring the following problems:

▫ Many STAs use single antennas, and dual-antenna STAs need to switch to the
single-stream DL MU-MIMO mode to prevent interference. The gain of an AP with
four antennas is moderate compared with that of a single-antenna STA.

▫ Even if an AP has eight antennas, it can exchange data with a maximum of only four
STAs.

▪ Channel probe responses from STAs are sent continuously, resulting in a high
overhead.

▪ Without UL MU enhancement, TCP/IP performance with TCP ACK in the

uplink direction is weakened.

▪ UL MU-MIMO was originally considered in 802.11ac, but was not introduced

due to implementation issues.

• 802.11ax enhances the MU-MIMO function by supporting UL MU-MIMO:

▫ Probe frames and data frames can be exchanged with multiple STAs to reduce the
overhead and the uplink response time.

▫ 8x8 DL/UL MU-MIMO is supported. The MU-MIMO throughput can be doubled or

quadrupled in single-user communication even if an AP works in single-
stream mode.
• Spatial stream

▫ Each of Huawei Wi-Fi 6 APs has four 2.4 GHz antennas and supports four spatial
streams on the 2.4 GHz frequency band. Due to protocol restrictions, the 5 GHz
frequency band can support a maximum eight spatial streams. Therefore, Huawei
Wi-Fi 6 APs support a maximum of eight spatial streams on the 5 GHz frequency
band.

• Coding scheme or number of code bits per subcarrier

▫ The coding scheme, also called the modulation scheme, converts signals generated
by a signal source into a form suitable for wireless transmission (that is, number of
bits that can be carried in one symbol).

▫ There are three basic modulation schemes: amplitude-shift keying (ASK),

frequency-shift keying (FSK), and phase-shift keying (PSK). Other modulation
schemes are all improvements or mixtures of these three schemes. For example,
quadrature amplitude modulation (QAM) used by Wi-Fi is considered as a mixture of
amplitude modulation and phase modulation.

▫ For example, 802.11ax uses 1024-QAM, which means that the size of data carried
by each subcarrier is 10 bits (that is, log21024). 802.11ac uses 256-QAM, defining
that the size of data carried by each subcarrier is 8 bits (log2256). To put it simply,
Wi-Fi 6 (802.11ax) uses 1024-QAM and each subcarrier transmits data of 10 bits
(2^10 = 1024), whereas Wi-Fi 5 (802.11ac) uses 256-QAM and each subcarrier
transmits data of 8 bits (2^8 = 256).
• 1. OFDM, OFDMA, MU-MIMO, QAM, Channel Bonding, BSS Coloring…

• 2. Frame Aggregation, Block Acknowledgement (BA), A-MPDU, RTS/CTS

• In the AC + Fit AP architecture, APs cannot work independently of the AC. Therefore,
communication protocols are required for the interconnection between the AC and APs.
The first tunnel communication protocol between APs and ACs, that is, LWAPP, was
developed by Cisco. Then, the Internet Engineering Task Force (IETF) set up a CAPWAP
working group in 2005 to tackle the problem that APs and ACs of different vendors cannot
communicate, and to research large-scale WLAN solutions and standardized tunnel
protocols for APs and ACs.

• The CAPWAP working group referred to the four different protocols above. LWAPP has a
complete protocol architecture and defines detailed packet structure and multiple control
messages. However, the effectiveness of the newly created security mechanism is yet to
be proven. The highlight of SLAPP is the DTLS technology, which is highly applauded in
the industry. CTP and WiCoP can satisfy the demands of a centralized WLAN
architecture. However, they have some drawbacks, especially in terms of security.

• The CAPWAP working group compared and evaluated the four protocols, and finally
developed the CAPWAP protocol, which is based on the LWAPP protocol and
incorporates DTLS technology and features of the other three protocols.
• Large-scale networking requires centralized management of multiple APs. However, the
traditional WLAN architecture can no longer meet the requirements of large-scale
networking. Therefore, the IETF set up a CAPWAP working group and developed the
CAPWAP protocol.

• CAPWAP is an application-layer protocol based on UDP transmission.

▫ CAPWAP functions in the transmission of two types of packets:

▪ Data packets, which are encapsulated and forwarded through the CAPWAP
data tunnel.

▪ Control packets, which are exchanged for AP management through the

CAPWAP control tunnel.

▫ CAPWAP data and control packets are transmitted on different UDP ports:

▪ The control packets are transmitted on UDP port of 5246.

▪ The data packets are transmitted on UDP port of 5247.

• Note: The Internet Engineering Task Force (IETF)

• CAPWAP is an application-layer protocol based on UDP transmission.

• CAPWAP functions in the transmission of two types of packets:

▫ Data packets, which are encapsulated and forwarded through the CAPWAP data
tunnel.

▫ Control packets, which are exchanged for AP management through the CAPWAP
control tunnel.

• In a CAPWAP data tunnel, the information exchanged between APs and the AC is 802.11
wireless data, which is encapsulated and forwarded by using CAPWAP, and the
information for maintaining the tunnel. In a CAPWAP control tunnel, the transmitted
control information includes not only the control information for the AC to perform working
parameter configuration on APs, but also the control information for maintaining the
CAPWAP session. In control packets, except for Discovery Request and Discovery
Response messages that are transmitted in plain text, the transmission of other requires
DTLS encryption. As for the transmission of data packets, DTLS is optional.
• The process for establishing a CAPWAP tunnel includes phases such as DHCP
interaction, Discovery, DTLS connection, Join, Image Data, Configuration Status, Data
Check, Run (data), Run (control), etc.
• The DHCP Ack message carries:

▫ IP address of an AP

▫ Lease duration

▫ Gateway

▫ DNS server IP

▫ (Optional) AC IP address list in the Option 43 field for an AP to discover an AC

▫ (Optional) Domain name of the DNS server in the Option 15 field

• DHCP mode:
▫ The AP obtains the AC IP address through a four-way DHCP handshake process.
▪ When no AC IP address list is preconfigured, the AP starts the dynamic AC
auto-discovery process. In this process, the AP obtains an IP address through
DHCP and the AC IP address list through the Option field in DHCP messages.
(The DHCP server is configured to carry Option 43 in the DHCP Offer
message, and Option 43 contains the AC IP address list.)
▪ First, the AP broadcasts a DHCP Discovery message to the DHCP server.
When receiving the DHCP Discovery message, the DHCP server
encapsulates the first unleased IP address and other TCP/IP configuration in a
DHCP Offer message containing the lease duration, and sends the message
to the AP.
▪ A DHCP Offer message can be a unicast or broadcast message. When the
AP receives DHCP Offer messages from multiple DHCP servers, it selects
only one DHCP Offer message (usually the first DHCP Offer message) and
broadcasts a DHCP Request message to all DHCP servers. Then the AP
unicasts a DHCP Request message to the selected DHCP server from which
will allocate an IP address.
▪ When the DHCP server receives the DHCP Request message, it responds
with a DHCP Ack message, which contains the IP address for the AP, lease
duration, gateway information, and DNS server IP address. By now, the lease
contract takes effect and the DHCP four-way handshake is completed.
• DTLS handshake:

▫ After the AP obtains the AC IP address, it negotiates with the AC. After the AP
receives a Discovery Response message from the AC, it starts to establish a
CAPWAP tunnel with the AC. The DTLS protocol can be used to encrypt and
transmit UDP packets.

▫ Datagram Transport Layer Security (DTLS)

• An AC determines whether an AP is allowed to access based on the following steps:

▫ 1. Check whether the AP is in the blacklist. If so, the AP access is not allowed. If
not, the AC precedes the step 2.

▫ 2. Check the AP authentication mode. If the AC does not have strict requirements
for the AP to join and the authentication mode is non-authentication, then all APs
that meet the condition in step 1 are allowed to join the AC. It is recommended that
MAC address or SN authentication be used to strictly control AP access. If MAC
address or SN authentication is used, the AC precedes the next step.

▫ 3. Check whether the AP with corresponding MAC address or SN is added offline. If

so, the AP is allowed to join the AC. Otherwise, the AC precedes the step 4.

▫ 4. Check whether the MAC address or SN of the AP is in the whitelist. If so, the AP
is allowed to join the AC. If not, the AC adds the AP to the unauthorized AP list.

▫ 5. Unauthorized APs can be manually configured to join the AC. If an AP is not

manually confirmed, it cannot connect to the AC.
• 1. Check whether the AP is in the blacklist.

▫ If so, the AC rejects the access of the AP. That is, the AC does not respond to the
AP's Discovery or Join Request message. As a result, the AP does not receive a
Discovery or Join Response message and cannot perceive the presence of the AC.
In this case, the AP continues to discover other ACs based on the preconfigured or
dynamically obtained AC list. If the timer for the AP to wait for the Join Response
message expires, the AP starts the AC discovery process again.

▫ If not, the AC precedes the next step.

• 2. Check whether the MAC address or SN of the AP is in the preconfigured-AP list,

containing the APs that went online or have been added in offline mode.

▫ If so, the AP joins the AC directly.

▫ If not, the AC precedes the next step.

• 3. Check whether the AP needs to be authenticated before going online.

▫ If not, the AP joins the AC directly.

▫ If so, the AC precedes the next step.

• 4. Check whether the MAC address or SN of the AP is in the whitelist.

▫ If so, the AP can join the AC after passing authentication.

▫ If not, the AC adds the AP to the unauthorized AP list. To allow the AP to join the
AC, you need to enter the MAC address or SN of the AP and manually confirm the
information to bring the AP online.
• The AP determines whether its system software version is the same as that specified in
the received Join Response message. If the two versions are different, the AP upgrades
its software version. After the AP is upgraded, the AP restarts automatically and repeats
all the previous authentication steps. If the two versions are the same or no version is
specified in the Join Response message, the AP can directly enter the next phase without
being upgraded.
• The AP sends a Keepalive message to the AC. A data tunnel is established after the
message is received by the AC, and then the AP enters the normal state.

• By default, the AP sends data heartbeat messages at an interval of 25s to check whether
the data link is normal.

• By default, the AP sends control heartbeat messages at an interval of 25s to check

whether the control link is normal.
• After an AP joins an AC, it sends a Configuration Status Request message containing its
configuration to the AC. This message is used to check whether the AP configuration
matches that on the AC. If the AP configuration is different from that on the AC, the AC
sends a Configuration Status Response message to the AP.

• Note: After an AP joins an AC, it obtains the current configuration from the AC. Then the
AC manages the AP and delivers service configurations to it.
• PS-Poll mode

▫ IEEE 802.11 defines two working modes for STAs: active mode and PS mode.

▫ When a STA is in PS mode, the AP needs to buffer the data destined for the STA,
and the power management bit in Beacon broadcast frames is set to 1.

▫ After the STA wakes up from the PS mode, it checks the power management bit in
Beacon frames. If the power management bit is set to 1, the STA enters the active
mode and sends a PS-Poll frame to the AP to retrieve the buffered data frames.

▫ By default, the duration of a PS-Poll frame is the time required to transmit an ACK
frame plus one short interframe space (SIFS).
• Active scanning:

▫ Sending a Probe Request frame containing an SSID: applies when a STA actively
scans wireless networks to access a specified wireless network.

▫ Sending a Probe Request frame containing no SSID: applies when a STA actively
scans wireless networks to determine whether wireless services are available.
• In passive scanning mode, a STA only listens to Beacon frames and does not send Probe
frames, which saves resources. However, it takes a longer time to obtain the AP list in this
mode than in active scanning mode. However, the time difference is only several seconds,
which is acceptable to users.

• A STA supports both passive scanning and active scanning, so that it can discover an AP
and connect to it quickly.

• After a STA is connected to an AP, both active scanning and passive scanning are
allowed. However, some vendors may not implement both active scanning and passive
scanning because this is not a mandatory requirement.

• The interval at which Beacon frames are sent can be dynamically adjusted. A shorter
interval indicates that an AP can be discovered earlier.
• A WLAN needs to ensure validity and security of STA access. Before accessing the
WLAN, a STA must pass identity authentication, which is known as link authentication.
Link authentication is usually considered as the start point for STAs to connect to an AP
and access the WLAN.

• Shared key authentication process

▫ A STA sends an Authentication Request message to an AP.

▫ The AP generates a challenge and sends it to the STA.

▫ The STA uses the preconfigured key to encrypt the challenge and sends it to the
AP.

▫ The AP uses the preconfigured key to decrypt the encrypted challenge and
compares the decrypted challenge with the challenge sent to the STA. If the two
challenges are the same, the STA is authenticated successfully. Otherwise, the STA
authentication fails.
• STA association in the AC + Fit AP architecture consists of the following steps:

▫ A STA sends an Association Request message to an AP. The Association Request

message carries the STA's parameters and the parameters selected by the STA
according to the service configuration, including the transmission rate, channel, and
QoS capabilities.

▫ The AP receives the Association Request message, encapsulates the message into
a CAPWAP message, and sends the CAPWAP message to the AC.

▫ The AC determines whether to authenticate the STA according to the received

Association Request message and replies with an Association Response message.

▫ The AP decapsulates the received Association Response message and sends it to

the STA.
• When a STA moves away from an AP, the link signal quality decreases gradually. If the
signal quality falls below the roaming threshold, the STA proactively roams to a nearby AP
with better signal quality.

• As shown in the figure, roaming is completed through the following steps:

▫ The STA has set up a link with AP1 and sends Probe Request frames on various
channels. After AP2 receives a Probe Request frame over channel 6 (channel used
by AP2), it sends a Probe Response frame to the STA on channel 6. After the STA
receives response frames, it evaluates which AP is more suitable to associate. In
this case, the STA determines to associate with AP2.

▫ The STA sends an Association Request frame to AP2 on channel 6, AP2 replies
with an Association frame, so the association between the STA and AP2 is
established. During the entire roaming process, the association relationship
between the STA and AP1 is maintained.

▫ To disassociate from AP1, the STA sends a Disassociation frame to AP1 over
channel 1 (channel used by AP1).
• Intra-AC roaming: A STA is associated with the same AC.
• Inter-AC roaming: A STA associates with different ACs.
• Inter-AC tunnel: To support inter-AC roaming, ACs in a mobility group need to
synchronize STA and AP information with each other. Therefore, the ACs set up a tunnel
to synchronize data and forward packets. An inter-AC tunnel is set up using the CAPWAP
protocol. As shown in the figure, AC1 and AC2 set up a tunnel for data synchronization
and packet forwarding.
• Mobility server
▫ To enable STA roaming between ACs in a mobility group, you can configure an AC
as the mobility server to maintain the membership table of the mobility group and
deliver member information to ACs in the group. In this way, ACs in the mobility
group can identify each other and set up inter-AC tunnels.
▫ A mobility server can be an AC outside or inside a mobility group.
▫ An AC can function as the mobility server of multiple mobility groups, but can be
added to only one mobility group.
▫ A mobility server managing other ACs in a mobility group cannot be managed by
another mobility server. That is, if an AC functions as a mobility server to
synchronize roaming configurations to other ACs, it cannot be managed by another
mobility server or synchronize roaming configurations from other ACs. (An AC with a
mobility group configured cannot be configured as a mobility server.)
▫ As a centralized configuration point, a mobility server must be able to communicate
with all managed ACs but does not need to provide high data forwarding capability.
• Layer 2 roaming: A STA switches between two APs (or multiple APs) that are bound to
the same SSID and have the same service VLAN ID (within the same IP address
segment). During roaming, the access attributes (such as the service VLAN and obtained
IP address) of the STA do not change, and packet loss and reconnection do not occur.

• Layer 3 roaming: Before and after roaming, the service VLANs of the SSIDs are different,
and APs provide different Layer 3 service networks with different gateways. In this case,
to ensure that the IP address of a roaming STA remains unchanged, the STA's traffic
needs to be sent back to the AP on the initial access network segment to implement inter-
VLAN roaming.

• Sometimes, two subnets may have the same service VLAN ID but are different subnets.
Based on the VLAN ID, the system may incorrectly consider that STAs roam between the
two subnets at Layer 2. To prevent this situation, configure a roaming domain to
determine whether the STAs roam within the same subnet. The system determines Layer
2 roaming only when STAs roam within the same VLAN and same roaming domain;
otherwise, the system determines Layer 3 roaming.
• Intra-AC roaming: If a STA roams within the coverage of the same AC, the roaming is
intra-AC roaming. As shown in the figure, the STA roams from HAP to FAP, which is intra-
AC roaming.
• In Layer 3 roaming, the STA is not in the same subnet before and after roaming. To
allow the STA to access the same network as before roaming, the STA's traffic needs to
be forwarded to the original subnet through a tunnel.

• In tunnel forwarding mode, service packets exchanged between the HAP and AC are
encapsulated through the CAPWAP tunnel, and the FAP and AC can be considered in the
same subnet. Instead of forwarding the packets back to the HAP, the AC directly forwards
the packets to the upper-layer network.
• In direct forwarding mode, the HAP functions as the home agent by default after a STA
roams to another AP.

• The STA's traffic is forwarded by the home agent to ensure that the STA can still access
the original network after roaming.
• If the AC and user gateway can communicate at Layer 2, you can configure the HAC as
the home agent to reduce traffic load on the HAP. This also reduces the length of the
tunnel between the FAP and the home agent, and improves the forwarding efficiency.
• In Layer 3 roaming, the STA is not in the same subnet before and after roaming. To allow
the STA to access the same network as before roaming, the STA's traffic needs to be
forwarded to the original subnet through a tunnel.

• In tunnel forwarding mode, service packets between the HAP and HAC are encapsulated
with the CAPWAP header. In this case, the HAP and HAC can be considered on the
same subnet. Instead of forwarding the packets back to the HAP, the HAC directly
forwards the packets to the upper-layer network.
• In direct forwarding mode, service packets between the HAP and HAC are not
encapsulated with the CAPWAP header. Therefore, whether the HAP and HAC reside on
the same subnet cannot be determined. In this case, packets are forwarded back to the
HAP by default. If the HAP and HAC reside on the same subnet, you can configure a
higher-performance HAC as the home agent. This reduces the load on the HAP and
improves the forwarding efficiency.
• In direct forwarding mode, service packets between the HAP and HAC are not
encapsulated with the CAPWAP header. Therefore, whether the HAP and HAC reside on
the same subnet cannot be determined. In this case, packets are forwarded back to the
HAP by default. If the HAP and HAC reside on the same subnet, you can configure a
higher-performance HAC as the home agent. This reduces the load on the HAP and
improves the forwarding efficiency.
• Configure a mobility group.

▫ If a mobility server is specified, configure the mobility group on the mobility server.

▫ If no mobility server is specified, configure a mobility group for each member AC.
• D

• ACD
• The 4 times bandwidth increase is based on theoretical rate. Currently, the theoretical rate
of the Wi-Fi 5 (wave2) is 2.5 Gbps. The theoretical rate of Wi-Fi 6 is 9.6 Gbps.

• The number of concurrent users is increased by 4 times. In real tests, at 2 Mbps per user,
Wi-Fi 5 can support 100 concurrent users, while Wi-Fi 6 can support 400.

• The service latency is 20 ms in the Wi-Fi 6 standard (the average latency of Wi-Fi 5 is
about 30 ms). With Huawei smart radio application acceleration technology, the service
latency can be further reduced to 10 ms.

• TWT: Wi-Fi 5 does not support this feature.

• OFDM:

▫ Users are differentiated by time. In each time segment, one user occupies all
subcarriers.

• OFDMA:

▫ An AP determines how to allocate channels based on communication requirements

of multiple users, and always allocates all available RUs in the downlink direction.
The AP may allocate the entire channel to one user at a time or partition the channel
to serve multiple users concurrently.

▫ In OFDMA mode, channel resources can be allocated more delicately, allowing

finer-grained QoS.
• Each generation of new Wi-Fi standards can extend the battery life of STAs by supporting
faster and longer transmission to lower their power consumption. Wi-Fi 6 introduces target
wakeup time (TWT), which allows an AP to inform a STA when to sleep and provide a
scheduling table defining when the STA is awake. Even though the STA sleeps for a short
period of time each time, multiple sleeps significantly prolong the battery life of the STA.

• TWT wakes up the Wi-Fi function of STAs on demand, reducing the power consumption
of the STAs by 30%.

• TWT was first proposed in the 802.11ah standard. This mechanism is designed to save
energy for IoT devices, especially devices with low traffic volume such as smart meters.
This allows IoT devices to stay in the sleep state as long as possible, reducing power
consumption. After a TWT agreement is established, a STA wakes up after a longer
period of time, without the need of receiving a Beacon frame. The 802.11ax standard
improves on TWT by defining rules for STA behavior and implementing channel access
control on the premise of meeting energy saving requirements. TWT is classified into
unicast TWT and broadcast TWT.
• AC6800V is a high-performance wireless access controller (AC) designed for large
enterprise campuses, enterprise branches, and campus networks. Working with Huawei-
developed server platform, AC6800V can manage a maximum of 10K APs and provide up
to 60 Gbps forwarding performance.

• Large capacity and high performance: AC6800V provides 6 GE ports and 6 10GE ports,
as well as up to 60 Gbps forwarding performance. AC6800V can manage up to 10K APs
and 100K access users.

• Flexible data forwarding modes: direct forwarding and tunnel forwarding; flexible user
rights control: user- and role-based access control

• Abundant O&M methods: various network O&M methods, including eSight, web platform,
and Command Line Interface (CLI)
• AC6805 is a high-end wireless AC for large enterprise campuses, enterprise branches,
and school campuses. It can manage up to 6K access points (APs) and provide 40 Gbps
forwarding performance. It features high scalability and offers users considerable flexibility
in configuring the number of managed APs. Working with Huawei's full series 802.11ax,
802.11ac, and 802.11n APs, AC6805 delivers an adaptable solution for large and midsize
campus networks, enterprise office networks, wireless metropolitan area networks (MANs),
and hotspot coverage networks.
• Reset button:

▫ Press the reset button (for no more than 3 seconds) to reset the AC manually.
Resetting the AC will cause service interruption. Exercise caution when you press
the reset button.

▫ Press and hold down the reset button (for more than 5 seconds) to restore factory
defaults of the AC.

• Combo port:

▫ The combo port can be used as one 40GE QSFP+ Ethernet port or four 10GE SFP+
Ethernet ports. By default, QSFP+ port 1 works, and SFP+ ports 1 to 4 are
unavailable. When any SFP+ port is enabled, QSFP+ port 1 becomes unavailable.
• AirEngine 9700-M is a high-specification wireless access controller (AC) for midsize and
large enterprise campuses, enterprise branches, and school campuses. It can manage up
to 2000 access points (APs) and provide up to 20 Gbps forwarding performance. Working
with Huawei's full series 802.11ac and 802.11ax APs, AirEngine 9700-M delivers an
adaptable solution for midsize and large campus networks, enterprise office networks,
wireless metropolitan area networks (MANs), and hotspot coverage networks.
• Reset button:

▫ Press the reset button (for no more than 3 seconds) to reset the AC manually.
Resetting the AC will cause service interruption. Exercise caution when you press
the reset button.

▫ Press and hold down the reset button (for more than 5 seconds) to restore factory
defaults of the AC.

• Combo port:

▫ The combo port can be used as one 40GE QSFP+ Ethernet port or four 10GE SFP+
Ethernet ports. By default, QSFP+ port 1 works, and SFP+ ports 1 to 4 are
unavailable. When any SFP+ port is enabled, QSFP+ port 1 becomes unavailable.
• AC6508 is a small-capacity box wireless access controller (AC) for small and midsize
enterprises. It can manage up to 256 APs. In addition, the device integrates the GE
Ethernet switch function, achieving integrated access for wired and wireless users. The
number of APs that can be managed by the AC can be flexibly configured, providing good
scalability. Working with Huawei's full series 802.11ax, 802.11ac, and 802.11n APs,
AC6508 delivers an adaptable solution for small and midsize campus networks, enterprise
office networks, wireless metropolitan area networks (MANs), and hotspot coverage
networks.
• Reset button:

▫ Press the reset button (for no more than 3 seconds) to reset the AC manually.
Resetting the AC will cause service interruption. Exercise caution when you press
the reset button.

▫ Press and hold down the reset button (for more than 5 seconds) to restore factory
defaults of the AC.
• Huawei AirEngine 8760-X1-PRO is a next-generation flagship indoor access point (AP)
that complies with the Wi-Fi 6 standard. The AP uses built-in smart antennas to move Wi-
Fi signals with users, significantly enhancing users' wireless network experience. The AP
provides uplink optical and electrical ports, allowing customers to select different
deployment modes based on scenarios. These strengths make AirEngine 8760-X1-PRO
ideal for scenarios such as enterprise office, government, higher education, and
primary/secondary education.
• Security slot: connects to a security lock.

• 10GE1/PoE_IN: 100M/1000M/2.5G/5G/10G port that connects to the wired Ethernet and

supports PoE input.

• 10GE0/PoE_IN: 100M/1000M/2.5G/5G/10G port that connects to the wired Ethernet and

supports PoE input.

• USB: USB 2.0 port that connects to a USB flash drive or extends an IoT application.

• SFP+: Ethernet port that can work at the rate of 1 Gbps or 10 Gbps through auto-sensing
and works with a matching optical module.

• Default button: Reset button used to restore factory defaults and restart the device if you
press and hold down the button for more than 3 seconds.

• 48 V DC: input port for 48 V DC power supply.

• IoT slot: accommodates an IoT card to provide IoT functions.

• Radio port: a port of the built-in IoT antenna on the device.

• Huawei AirEngine 6760-X1 is an indoor AP in compliance with Wi-Fi 6 (802.11ax).
AirEngine 6760-X1 uses built-in smart antennas to move Wi-Fi signals with users,
significantly enhancing users' wireless network experience. AirEngine 6760-X1 provides
uplink optical and electrical ports, allowing customers to select different deployment
modes and saving customers' investment. These strengths make AirEngine 6760-X1 ideal
for scenarios such as enterprise office and education.
• Security slot: connects to a security lock.

• GE: 10M/100M/1000M port that connects to the wired Ethernet.

• 10GE/PoE_IN: 100M/1000M/2.5G/5G/10G port that connects to the wired Ethernet and

supports PoE input.

• USB: USB 2.0 port that connects to a USB flash drive or extends an IoT application.

• SFP+: Ethernet port that can work at the rate of 1 Gbps or 10 Gbps through auto-sensing
and works with a matching optical module.

• Default button: Reset button used to restore factory defaults and restart the device if you
press and hold down the button for more than 3 seconds.

• 48 V DC: input port for 48 V DC power supply.

• IoT slot: accommodates an IoT card to provide IoT functions.

• Radio port: a port of the built-in IoT antenna on the device.

• Huawei AirEngine 5760-51 is a wireless access point (AP) in compliance with the Wi-Fi 6
standard. The AP uses built-in smart antennas to move Wi-Fi signals with users,
significantly enhancing users' wireless network experience. These strengths make
AirEngine 5760-51 ideal for small and midsize enterprises, airports, railway stations,
stadiums, cafes, and recreation centers.
• Security slot: connects to a security lock.

• GE: 10M/100M/1000M port that connects to the wired Ethernet.

• USB: USB 2.0 port that connects to a USB flash drive or extends an IoT application.

• 5GE/PoE_IN: 100M/1000M/2.5G/5G port that connects to the wired Ethernet and supports
PoE input.

• 48 V DC: input port for 48 V DC power supply.

• Default button: Reset button used to restore factory defaults and restart the device if you
press and hold down the button for more than 3 seconds.

• IoT slot: accommodates an IoT card to provide IoT functions.

• Radio port: a port of the built-in IoT antenna on the device.

• AirEngine 5760-22W is a Huawei's Wi-Fi 6 wall plate access point (AP). With mounting
brackets, the AP can be easily mounted on junction boxes (86/118/120 mm) or on a wall.
The AP uses built-in smart antennas to move Wi-Fi signals with users, significantly
enhancing users' wireless network experience. The AP provides uplink optical and
electrical ports, allowing customers to select different deployment modes and saving
customers' investment. These strengths make AirEngine 5760-22W ideal for scenarios
with high-density rooms such as hotel guest rooms, dormitory rooms, and hospital wards.
• AirEngine 5760-22W can be used independently as a wall plate AP or as an RU working
with the central AP in an agile distributed Wi-Fi networking architecture.

• Captive screw hole: used to install a captive screw.

• 48 V DC: input port for 48 V DC power supply.

• USB port: USB 2.0 port that connects to a USB flash drive or other storage devices to
extend the storage space of the AP.

• Default button: Reset button used to restore factory defaults and restart the device if you
press and hold down the button for more than 3 seconds.

• GE3/PoE_OUT: 10M/100M/1000M auto-sensing port that connects to the wired Ethernet

and supports PoE output.

• GE0 to GE2: 10M/100M/1000M auto-sensing port that connects to the wired Ethernet.

• PASS-THRU: a pair of RJ45 passthrough ports for transparent data transmission and
interconnection with Ethernet cables or telephone lines.

• 2.5GE/PoE_IN: 100M/1000M/2.5G auto-sensing port that connects to the wired Ethernet.

The port can connect to a PoE power supply device to provide power for APs.

• SFP+: Ethernet port that can work at the rate of 1 Gbps or 10 Gbps through auto-sensing
and works with a matching optical module.
• AirEngine 9700D-M is a central AP launched by Huawei, and has four 10GE uplink ports
and twenty-four GE downlink ports. AirEngine 9700D-M can connect to remote units (RUs)
in compliance with Wi-Fi 6 through Ethernet cables to centrally process and forward
services. Such a wireless network formed by the central AP and RUs can fully utilize the
RU throughput. Additionally, only one AP license is required, reducing customer
investment. AirEngine 9700D-M can be deployed in an equipment room, weak-current
well, or corridor, and RUs are deployed in rooms. Such an architecture is recommended
for environments with high-density rooms and complex wall structure, such as schools,
hotels, hospitals, and office meeting rooms.

• The RUs do not occupy AC licenses. The AC needs to manage only the AirEngine
9700D-M. As a result, only 200 APs are required to cover nearly 10,000 rooms.
• AirEngine 9700D-M is a central AP launched by Huawei, and has four 10GE uplink ports
and twenty-four GE downlink ports. AirEngine 9700D-M can connect to remote units (RUs)
in compliance with Wi-Fi 6 through Ethernet cables to centrally process and forward
services. Such a wireless network formed by the central AP and RUs can fully utilize the
RU throughput. Additionally, only one AP license is required, reducing customer
investment. AirEngine 9700D-M can be deployed in an equipment room, weak-current
well, or corridor, and RUs are deployed in rooms. Such an architecture is recommended
for environments with high-density rooms and complex wall structure, such as schools,
hotels, hospitals, and office meeting rooms.
• GE electrical port: twenty-four 10M/100M/1000M auto-sensing Ethernet ports that are
used for downlink data transmission and support PoE output.
• SFP+: four 10GE SFP+ Ethernet ports that can work at the rate of 1000 Mbps through
auto-sensing. They can transmit and receive data at a rate of 1000 Mbps or 10 Gbps.
• Console port: connects to the maintenance terminal for AP configuration and
management.
• ETH: reserved for later use.
• USB port: USB 2.0 port that connects to a USB flash drive to transfer configuration files
and upgrade files.
• PNP: reset button. Pressing this button will restart the AP. Pressing and holding down this
button for more than 6 seconds will restore factory defaults of the AP and restart the AP.
• Ground point: connects a ground cable to the AP.
• Power socket: connects to the power supply through an AC power cable.
• AirEngine 8760R-X1E is a next-generation flagship outdoor AP in compliance with the Wi-
Fi 6 standard. It provides excellent outdoor coverage performance and IP68 waterproof,
dustproof, and surge protection capabilities. AirEngine 8760R-X1E provides uplink optical
and electrical ports, allowing customers to select different deployment modes and saving
customers' investment. These strengths make AirEngine 8760R-X1E ideal for high-
density scenarios such as stadiums, squares, pedestrian streets, and amusement parks.
• GE/PoE_OUT: 10M/100M/1000M port that connects to the wired Ethernet and supports
PoE output.

• 10GE/PoE_IN: 100M/1000M/2.5G/5G/10G port that connects to the wired Ethernet and

supports PoE input.

• Ground screw: connects a ground cable to the AP.

• Security slot: connects to a security lock.

• SFP+: Ethernet port that can work at the rate of 1 Gbps or 10 Gbps through auto-sensing
and works with a matching optical module.

• Default button: Reset button used to restore factory defaults and restart the device if you
press and hold down the button for more than 3 seconds.

• Antenna port: connects to a 2.4 GHz/5 GHz dual-band antenna for transmitting and
receiving service signals. The port type is N-type female. The 2.4G&5G_E/IoT port can be
connected to an IoT antenna.
• Advantages of smart antennas:

▫ Wide coverage: A smart antenna concentrates energy more effectively and has a
high gain, therefore providing wide coverage. A smart omnidirectional antenna's
coverage scope is equivalent to a directional antenna's coverage scope.

▫ High anti-interference capability: A smart antenna produces directional beams in

space, with the main lobe pointing to useful signals' direction of arrival and side
lobes and nulling beams point to interference signals' direction of arrival.

▫ Low radio pollution: Smart antennas provide satisfied power for STAs using low
transmit power. This reduces the pollution of electromagnetic waves to the
environment.
• When Ethernet cables are used as the power supply medium, DC resistance will cause
voltage drop and consumes power of the power supply end. Considering this, an Ethernet
cable with smaller DC resistance consumes less power of the system.
• Ethernet cable routing accounts for 50% to 60% of the entire network engineering
workload. In addition, there are some engineering activities that affect the buildings, such
as cable routing through walls and pipes, and cable burying. As such, high-spec Ethernet
cables are generally used to meet future network upgrade requirements. In addition,
signal crosstalk and Ethernet cable twisting, or even jumper connections may exist in
actual environments. With this in mind, it is recommended that the maximum length of an
Ethernet cable be 80 m.
• In outdoor scenarios, power supply and data transmission of an AP are generally
separated. PoE modules are connected to the nearest power grid (AC) to supply power to
APs. However, Ethernet cables are not long enough to meet data access requirements. In
this case, optical fibers are used to transmit data. Optical fibers can significantly increase
the data transmission distance between network nodes. For example, the transmission
distance can reach 550 m when multimode optical modules are used together with
multimode optical fibers. The transmission distance can reach 2 km, 10 km, or even 80
km when single-mode optical modules are used together with single-mode optical fibers.
• 1. A
• To distinguish BSSs, each BSS must have a unique BSSID. Therefore, the BSSID uses the
MAC address of the AP to ensure its uniqueness. BSSIDs reside at 802.11 MAC layer
and are used by APs to forward 802.11 packets.

• An SSID cannot be equal to a BSSID. Different BSSs can have the same SSID. If a BSSID
is compared to the "ID card" of a BSS, the SSID is the name of the BSS. The WLAN
names you search for on your STA are SSIDs.
• A BSSID uses the MAC address of an AP. Therefore, the number of required MAC
addresses is the same as the number of VAPs supported by an AP.

• The use of VAPs simplifies WLAN deployment, but it does not mean that we need to
configure as many as VAPs. VAPs must be planned based on actual requirements.
Simply increasing the number of VAPs will increase the time for STAs to find SSIDs and
makes AP configuration more complex. Additionally, a VAP is not equivalent to a real
AP. All VAPs virtualized from a physical AP share software and hardware resources of
the AP, and all users associated with these VAPs share the same channel resources. The
capacity of an AP will not change or multiply with the increasing number of VAPs.
• The uplink network of an AP is usually an Ethernet network. Therefore, to connect to
an uplink network, the AP must provide wired interfaces in addition to wireless radios.
After receiving wireless packets from a STA, an AP converts the packets into wired
packets and sends them to the uplink network. The uplink network then forwards the
packets to another AP. The uplink network of an AP can also be a wireless network.
For example, in areas where cables are difficult to lay out, APs can wirelessly connect
to other APs working in bridge mode or connect to a mobile network by extending the
LTE function on the APs.
• The SSID of each BSS is called an extended service set identifier (ESSID), which is used
to notify STAs of a continuous WLAN.
• Fat AP architecture
▫ This architecture is also called autonomous network architecture because it does
not require a dedicated device for centralized control and can implement
functions such as wireless user access, service data encryption, and service data
packet forwarding.
▫ Applicable scope: home
▫ Characteristics: A Fat AP works independently and requires separate
configurations. It provides only simple functions and is cost-effective.
▫ Disadvantages: The increase in the WLAN coverage area and the number of
access users requires more and more Fat APs. No unified control device is
available for these independently working Fat APs. Therefore, it is difficult to
manage and maintain the Fat APs.
• The AC and Fit APs communicate through CAPWAP. With CAPWAP, APs automatically
discover the AC, the AC authenticates the APs, and the APs obtain the software
package and the initial and dynamic configurations from the AC. CAPWAP tunnels are
established between the AC and APs. CAPWAP tunnels include control and data
tunnels. The control tunnel is used to transmit control packets (also called
management packets, which are used by the AC to manage and control APs). The data
tunnel is used to transmit data packets. The CAPWAP tunnels allow for Datagram
Transport Layer Security (DTLS) encryption, so that transmitted packets are more
secure.

• Compared with the Fat AP architecture, the "AC + Fit AP" architecture has the

following advantages:

• Configuration and deployment: The AC centrally configures and manages the

wireless network so that you do not need to configure each AP separately. In

addition, the channels and power of APs on the entire network are automatically

adjusted, eliminating the need for manual adjustment.

• Security: Fat APs cannot be upgraded in a unified manner, which cannot ensure

the latest security patches are installed for all AP versions. In the "AC + Fit AP"

architecture, security capabilities are mainly implemented on the AC, and we only
 need to perform the software upgrade and security configuration on the

AC. This allows for quick global security settings. Additionally, to prevent

malicious code from being loaded, the AC performs digital signature

authentication on the software, enhancing the security of the update

process. The AC also implements some security functions that are not

supported by the Fat AP architecture, including advanced security

features such as virus detection, uniform resource locator (URL) filtering,

and stateful inspection firewall.

• Upgrade and extension: The centralized management mode of this

architecture enables APs on the same AC to run the same software

version. When an upgrade is required, the AC obtains the new software

package or patch and then upgrades the AP version. The separation of AP

and AC functions prevents frequent AP version upgrades. We only need to

update the user authentication, network management, and security

functions on the AC.

• In Layer 2 networking, the AC and Fit APs are in the same broadcast domain. The Fit
APs can discover the AC through local broadcast. The networking, configuration, and
management are simple. However, this mode is not applicable to large-scale networks.

• In Layer 3 networking, the AC and Fit APs are in different network segments, making
the configuration complex. The intermediate network must ensure that the Fit APs and
AC are reachable to each other. Additional configurations are required to enable the
Fit APs to discover the AC. Layer 3 networking is suitable for medium- and large-scale
networks. When ACs and APs are connected through a Layer 3 network and the APs
discover an AC in DHCP/DNS mode (the AC functioning as the DHCP server), the
devices between the APs and the AC must support the DHCP relay function.
• To meet the requirements of large-scale networking, multiple APs on the network need
to be centrally managed. The traditional WLAN architecture cannot meet the
requirements of large-scale networking. Therefore, the Internet Engineering Task Force
(IETF) sets up the CAPWAP working group and formulates the CAPWAP protocol. This
protocol defines how an AC manages and configures APs. That is, a CAPWAP tunnel is
established between an AC and an AP, through which the AC manages and controls
the AP.

• CAPWAP is an application-layer protocol based on UDP.

▫ CAPWAP transports two types of messages at the transport layer:

▪ Service data traffic, which is encapsulated and forwarded through the

CAPWAP data tunnel

▪ Management traffic, which manages messages exchanged between the AP

and AC through the CAPWAP control tunnel.

▫ CAPWAP data and control packets are transmitted on different UDP ports:

▪ Management traffic: UDP port 5246

▪ Service data traffic: UDP port 5247

• In direct forwarding mode, wireless user service data is translated on the AP from
802.3 packets into 802.11 packets, which are then forwarded by an upstream
aggregation switch.

• The AC only manages APs, and service data is forwarded locally. Management traffic is
encapsulated in the CAPWAP tunnel and terminated on the AC, whereas AP service
data traffic is directly forwarded by the AP to a switching device without CAPWAP
encapsulation.

• The data forwarding mode is commonly used. Wireless user service data does not need
to be processed by an AC, eliminating the bandwidth bottleneck and facilitating the
usage of existing security policies. Therefore, this mode is recommended for converged
network deployment.

• Direct forwarding is often used in in-path networking mode. This networking mode

simplifies the network architecture and applies to small- and medium-scale centralized

WLANs.

• Direct forwarding can also be used in off-path networking mode. In this mode, wireless

user service data does not need to be processed by an AC, eliminating the bandwidth

bottleneck and facilitating the usage of existing security policies. This mode applies to

wired and wireless converged large-scale campus networks or HQ-branch scenarios.

• Tunnel forwarding is usually used together with off-path networking. The AC centrally
forwards data packets, which is secure and facilitates centralized management and
control. New devices can be easily deployed and configured, with small changes to the
live network. This forwarding mode applies to independent WLAN deployment or
centralized management and control on large-scale campus networks.
• The AC or an independent DHCP server (or a network device) can function as a DHCP
server to assign IP addresses to APs.

• If the AC or independent DHCP server is connected to APs across a Layer 3 network,

they must have a route between each other and a DHCP relay agent must be
configured on the intermediate network.
• Currently, the AC supports HSB of a single VRRP instance, but does not support load
balancing. HSB has the following characteristics:

▫ Uplinks can back up each other. The master and backup devices in a VRRP group
can track the status of uplink interfaces. The master/backup status of an AC may
be different from its downlink status.

▫ MSTP is used to prevent loops on multiple downlinks (including wired and

wireless links). When the MSTP status changes, the MAC/ARP entries on the links
are automatically deleted.

• During the network design, consider the redundancy design for devices and links and
deploy switchover policies. In this way, even if a single point of failure occurs, the
system functions are not affected. The AC backup design is essential to the "AC + Fit
AP" architecture.
• In addition to the active/standby HSB mode, the load balancing mode is supported. In

load balancing mode, you can specify AC1 as the active AC for some APs and AC2 as

the active AC for other APs, so that the APs set up primary CAPWAP tunnels with their

own active ACs.

• Dual-link HSB frees active and standby ACs from location restrictions and allows for

flexible deployment. The two ACs can implement load balancing to make efficient use

of resources. However, service switching takes a relatively long time.

• When the active AC fails, service traffic can be switched to the standby AC only if the
standby AC has the same session entries as the active AC. Otherwise, the session may
be interrupted. Therefore, a mechanism is required to synchronize session information
to the standby device when session entries are created or modified on the active
device. The HSB module provides the data backup function. It establishes an HSB
channel between two devices that back up each other, maintains the link status of the
HSB channel, and sends and receives packets.

• HSB service backup in real time involves backup for the following information:

▫ User data information

▫ CAPWAP tunnel information

▫ AP entries

▫ DHCP address information

• The HSB channel can be carried by a directly connected physical link between two ACs
or by a switch.
• When the CAPWAP tunnel between an AP and the active AC is disconnected, the AP
attempts to establish a CAPWAP tunnel with the standby AC. After the new CAPWAP
tunnel is established, the AP restarts and obtains configurations from the standby AC.
During this process, services are affected.
 WAN authentication bypass typically applies to HQ-branch networks where branch
networks connect to the HQ network across a WAN. In traditional solutions, most
WLAN services are centrally processed by ACs, posing high requirements for the WAN,
for example, large bandwidth, low delay, and high stability. However, in actual
scenarios, enterprise private lines are not often used between the HQ and branches.
They often lease carrier networks, so the quality of intermediate networks cannot be
ensured, resulting in poor network security and user experience.
 To solve the preceding problems, branch AP groups are created in branches, and
services such as user access and access authentication are processed by APs. This
approach reduces the dependency of branches on the HQ. If a branch is disconnected
from the HQ, branch users can still use the WLAN.
 Implementation process: In the "AC + Fit AP" architecture, user authentication is
performed on the AC, and only rights control is performed on the AP. Therefore, access
authentication configurations are not deployed on the AP. When the WAN is
interrupted and the AC and APs are disconnected, the APs need to have the local
authentication function configured and authenticate newly accessed STAs. In this case,
the AC needs to deliver access authentication configurations to the APs.
▫ Delivery of the same configuration information on the AP and AC: To reduce the
workload of the administrator, configurations in the VAP profile are reused for
the same configuration on the AP and AC. Delivered configurations include the
authentication profile bound to the VAP profile, as well as the 802.1X and MAC
access profiles bound to the authentication profile.

▫ Delivery of different configuration information on the AP and AC: Different

information includes local accounts required when local authentication is
performed for STAs and configurations related to the authentication
mode. For 802.1X users, a built-in RADIUS server needs to be configured
for processing EAP authentication packets. Different information on the
AP and AC is configured in the branch AP group view, and APs in the
same branch AP group have the same delivered information.
• Traditional network solutions have many network deployment problems, such as high
deployment costs and O&M difficulties. These problems are obvious in enterprises with
many branches or geographically dispersed branches. The cloud management
architecture can solve these problems. Using this architecture, devices can be managed
and maintained in a centralized manner at any place, greatly reducing network
deployment and O&M costs.

• After a cloud AP is deployed, the network administrator does not need to go to the site
for cloud AP software commissioning. After being powered on, the cloud AP
automatically connects to the specified cloud management platform to load system
files such as the configuration file, software package, and patch file. In this manner,
the cloud AP can go online with zero-touch configuration. The network administrator
can deliver configurations to the cloud AP through the cloud management platform at
anytime and anywhere, facilitating batch service configurations.
• Some micro and small enterprises need to build their own wireless networks that are
managed independently without the cloud management architecture. If the Fat AP
architecture is used, APs cannot be managed and maintained in a unified manner, and
users cannot enjoy good roaming experience. If the "AC + Fit AP" architecture is used,
only a few APs are required due to the small number of STAs and the small wireless
coverage area, but the AC and license costs are high. If an AP can manage other APs
and provide unified O&M capability and continuous roaming experience, the
enterprises' requirement can be met. The leader AP architecture designed by Huawei
will work.

• The leader AP architecture involves APs only. After purchasing APs, a user can set one
AP to the leader AP mode and connect the other APs to the network in Fit AP mode.
The other APs communicate with the leader AP at Layer 2. After the leader AP
broadcasts its role on the Layer 2 network, the other APs automatically discover and
connect to the leader AP. Similar to the AC, the leader AP provides unified access
management, configuration, and O&M based on CAPWAP tunnels, enabling centralized
wireless resource management and roaming management. Users only need to log in to
the leader AP and configure wireless services. After the configuration, all APs provide
the same wireless services, and STAs can roam between different APs.
• Simple network planning: The cloud-based or offline WLAN planning tool (WLAN
Planner) provides building drawings, automatic deployment, and many more
capabilities, making network planning easy and efficient.

• Simple network deployment: The cloud-based plug-and-play solution enables cloud

managed devices to automatically register with iMaster NCE-Campus over the Internet,
implementing zero touch provisioning (ZTP) and convenient deployment of vast
quantities of network devices.

• On-demand network expansion: iMaster NCE-Campus supports access management of

ultra-large-scale and cross-regional devices. Enterprises can purchase devices and cloud
services on demand to implement network expansion.

• On-demand management expansion: iMaster NCE-Campus supports multiple tenants.

Enterprises can select a network management mode based on their capabilities and
service requirements. In this way, enterprises can either manage and maintain their
networks by themselves, or authorize a managed service provider (MSP) to manage
and maintain their networks.

• Network data openness: iMaster NCE-Campus provides tenant-based terminal

authentication and statistics analysis data. Enterprise tenants can obtain data on
demand and analyze the data to boost business optimization.

• Network platform openness: Based on the software-defined networking (SDN)

architecture, iMaster NCE-Campus provides standard northbound APIs for partners and
enterprise customers to develop third-party applications and value-added services
(VASs), further building a cloud ecosystem together with Huawei and promoting
business innovation.
• In scenarios with densely distributed rooms, such as dormitories, hotels, and wards, a
large number of packets are sent to the AC if the "AC + Fit AP" architecture is used and
an AP is deployed in each room. As a result, the AC may become a performance
bottleneck. To address the performance bottleneck and signal coverage problems, we
can deploy the APs on corridors and install antennas in each room to provide signal
coverage. However, this solution has restrictions on the coverage distance because the
signal attenuation increases at a long distance. If multiple rooms share one AP, the
signal quality and performance are poor.

• Customer benefits:

1. Simple management: The AC only needs to manage a small number of central APs,
and only 200 APs require management to cover about 10,000 rooms.

2. Flexible deployment and full signal coverage without coverage holes: A central AP
connects to RUs through network cables, causing no wall penetration loss or feeder
loss and providing high-quality signal coverage. The RUs support various mounting
modes such as junction box-, wall-, and ceiling-mounting.

3. Long-distance coverage: Different from traditional APs with antennas that support
only 15 m coverage distance, the central AP can connect to RUs through network
cables at a maximum distance of 100 m, expanding the network deployment scope
by several times. If the central AP is deployed in a corridor, it can provide long-
distance coverage (exceeding 100 m).
• A
• A configuration file is a collection of command lines. Current configurations are stored in a
configuration file so that the configurations are still effective after the device restarts.
Users can view configurations in the configuration file and upload the configuration file to
other devices to implement batch configuration.

• A patch is a kind of software compatible with the system software. It is used to fix bugs in
system software. Patches can also fix system defects and optimize some functions to
meet service requirements.

• To manage files on a device, log in to the device through either of the following modes:

▫ Local login through the console port or Telnet.

▫ Remote login through FTP, TFTP, or SFTP.

• Storage media include SDRAM, flash memory, NVRAM, SD card, and USB.

▫ SDRAM stores the system running information and parameters. It is equivalent to a

computer's memory.

▫ NVRAM is nonvolatile. Writing logs to the flash memory consumes CPU resources
and is time-consuming. Therefore, the buffer mechanism is used. Specifically, logs
are first saved to the buffer after being generated, and then written to the flash
memory after the timer expires or the buffer is full.

▫ The flash memory and SD card are nonvolatile. Configuration files and system files
are stored in the flash memory or SD card. For details, see the product
documentation.

▫ SD cards are external memory media used for memory expansion. The USB is
considered an interface. It is used to connect to a large-capacity storage medium for
device upgrade and data transmission.

▫ Patch and PAF files are uploaded by maintenance personnel and can be stored in a
specified directory.
• BootROM is a set of programs added to the ROM chip of a device. BootROM stores the
device's most important input and output programs, system settings, startup self-check
program, and system automatic startup program.

• The startup interface provides the information about the running program of the system,
the running VRP version, and the loading path.
• To limit users' access permissions to a device, the device manages users by level and
establishes a mapping between user levels and command levels. After a user logs in to a
device, the user can use only commands of the corresponding levels or lower. By default,
the user command level ranges from 0 to 3, and the user level ranges from 0 to 15. The
mapping between user levels and command levels is shown in the table.
• Note: The login page, mode, and IP address may vary according to devices. For details,
see the product documentation.
• Use a console cable to connect the console port of a device with the COM port of a
computer. You can then use PuTTY on the computer to log in to the device and perform
local commissioning and maintenance. A console port is an RJ45 port that complies with
the RS232 serial port standard. At present, the COM ports provided by most desktop
computers can be connected to console ports. In most cases, a laptop does not provide a
COM port. Therefore, a USB-to-RS232 conversion port is required if you use a laptop.

• The console port login function is enabled by default and does not need to be pre-
configured.
• Many terminal simulators can initiate console connections. PuTTY is one of the options for
connecting to VRP. If PuTTY is used for access to VRP, you must set port parameters.
The figure in the slide shows examples of port parameter settings. If the parameter values
were ever changed, you need to restore the default values.

• After the settings are complete, click Open. The connection with VRP is then set up.
• By default, the SSH login function is disabled on a device. You need to log in to the device
through the console port and configure mandatory parameters for SSH login before using
the SSH login function.
• The CLI is an interface through which users can interact with a device. When the
command prompt is displayed after a user logs in to a device, it means that the user has
entered the CLI successfully.
• The user view is the first view displayed after you log in to a device. Only query and tool
commands are provided in the user view.

• In the user view, only the system view can be accessed. Global configuration commands
are provided in the system view. If the system has a lower-level configuration view, the
command for entering the lower-level configuration view is provided in the system view.
• After you log in to the system, the user view is displayed first. This view provides only
display commands and tool commands, such as ping and telnet. It does not provide any
configuration commands.

• You can run the system-view command in the user view to enter the system view. The
system view provides some simple global configuration commands.

• In a complex configuration scenario, for example, multiple parameters need to be

configured for an Ethernet interface, you can run the interface GigabitEthernet X
command (X indicates the number of the interface) to enter the GE interface view.
Configurations performed in this view take effect only on the specified GE interface.
• Note: "keyword" mentioned in this section means any character string except a parameter
value string in a command. The meaning is different from that of "keyword" in the
command format.
• The command help information displayed in this slide is for reference only, which varies
according to devices.
• VRP uses the file system to manages files and directories on a device. To manage files
and directories, you often need to run basic commands to query file or directory
information. Such commonly used basic commands include pwd, dir [/all] [ filename |
directory ], and more [ /binary ] filename [ offset ] [ all ].

• The pwd command displays the current working directory.

• The dir [/all] [ filename | directory ] command displays information about files in the current
directory.

• The more [/binary] filename [ offset ] [ all ] command displays the content of a text file.

• In this example, the dir command is run in the user view to display information about files
in the flash memory.

• Common commands for operating directories include cd directory, mkdir directory, and
rmdir directory.

• The cd directory command changes the current working directory.

• The mkdir directory command creates a directory. A directory name can contain 1 to 64
characters.
• The rmdir directory command deletes a directory from the file system. A directory to be
deleted must be empty; otherwise, it cannot be deleted using this command.

• The copy source-filename destination-filename command copies a file. If the target file
already exists, the system displays a message indicating that the target file will be
replaced. The target file name cannot be the same as the system startup file name.
Otherwise, the system displays an error message.

• The move source-filename destination-filename command moves a file to another

directory. The move command can be used to move files only within the same storage
medium.

• The rename old-name new-name command renames a directory or file.

• The delete [/unreserved] [ /force ] { filename | devicename } command deletes a file. If the
unreserved parameter is not specified, the deleted file is moved to the recycle bin. A file in
the recycle bin can be restored using the undelete command. However, if the /unreserved
parameter is specified, the file is permanently deleted and cannot be restored any more. If
the /force parameter is not specified in the delete command, the system displays a
message asking you whether to delete the file. However, if the /force parameter is
specified, the system does not display the message. filename specifies the name of the
file to be deleted, and devicename specifies the name of the storage medium.
• The reset recycle-bin [ filename | devicename ] command permanently deletes all or a
specified file in the recycle bin. filename specifies the name of the file to be permanently
deleted, and devicename specifies the name of the storage medium.
• Generally, more than one device is deployed on a network, and the administrator needs to
manage all devices in a unified manner. The first task of device commissioning is to set a
system name. A system name uniquely identifies a device. The default system name of an
AR series router is Huawei, and that of an S series switch is HUAWEI. A system name
takes effect immediately after being set.

• To ensure successful coordination with other devices, you need to correctly set the
system clock. System clock = Coordinated Universal Time (UTC) ± Time difference
between the UTC and the time of the local time zone. Generally, a device has default UTC
and time difference settings.

▫ You can run the clock datetime command to set the system clock of the device. The
date and time format is HH:MM:SS YYYY-MM-DD. If this command is run, the UTC
is the system time minus the time difference.

▫ You can also change the UTC and the system time zone to change the system
clock.

▪ The clock datetime utc HH:MM:SS YYYY-MM-DD changes the UTC.

▪ The clock timezone time-zone-name { add | minus } offset command

configures the local time zone. The UTC is the local time plus or minus the
offset.

▫ If a region adopts the daylight saving time, the system time is adjusted according to
the user setting at the moment when the daylight saving time starts. VRP supports
the daylight saving time function.
• Each type of user interface has a corresponding user interface view. A user interface view
is a command line view provided by the system for you to configure and manage all
physical and logical interfaces working in asynchronous interaction mode, implementing
unified management of different user interfaces. Before accessing a device, you need to
set user interface parameters. The system supports console and VTY user interfaces. The
console port is a serial port provided by the main control board of a device. A VTY is a
virtual line port. A VTY connection is set up after a Telnet or SSH connection is
established between a user terminal and a device, allowing the user to access the device
in VTY mode. Generally, a maximum of 15 users can log in to a device through VTY at the
same time. You can run the user-interface maximum-vty number command to set the
maximum number of users that can concurrently access a device in VTY mode. If the
maximum number of login users is set to 0, no user can log in to the device through Telnet
or SSH. The display user-interface command displays information about a user interface.

• The maximum number of VTY interfaces may vary according to the device type and used
VRP version.
• To run the IP service on an interface, you must configure an IP address for the interface.
Generally, an interface requires only one IP address. For the same interface, a newly
configured primary IP address replaces the original primary IP address.

• You can run the ip address { mask | mask-length } command to configure an IP address
for an interface. In this command, mask indicates a 32-bit subnet mask, for example,
255.255.255.0; mask-length indicates a mask length, for example, 24. Specify either of
them when configuring an IP address.

• A loopback interface is a logical interface that can be used to simulate a network or an IP

host. The loopback interface is stable and reliable, and can also be used as the
management interface if multiple protocols are deployed.

• When configuring an IP address for a physical interface, check the physical status of the
interface. By default, interfaces are up on Huawei routers and switches. If an interface is
manually disabled, run the undo shutdown command to enable the interface after
configuring an IP address for it.
• The reset saved-configuration command deletes the configurations saved in a
configuration file or the configuration file. After this command is run, if you do not run the
startup saved-configuration command to specify the configuration file for the next startup
or the save command to save current configurations, the device uses the default
parameter settings during system initialization when it restarts.

• The display startup command displays the system software for the current and next
startup, backup system software, configuration file, license file, and patch file, as well as
voice file.

• The startup saved-configuration configuration-file command configures the configuration

file for the next startup. The configuration-file parameter specifies the name of the
configuration file for the next startup.

• The reboot command restarts a device. Before the device reboots, you are prompted to
save configurations.
• For some devices, after the authentication-mode password command is entered, the
password setting page will be displayed automatically. You can then enter the password
at the page that is displayed. For some devices, you need to run the set authentication-
mode password password command to set a password.
• To save configurations, run the save command. By default, configurations are saved in
the vrpcfg.cfg file. You can also create a file for saving the configurations. In VRPv5, the
configuration file is stored in the flash: directory by default.
• The display startup command displays the system software for the current and next
startup, backup system software, configuration file, license file, and patch file, as well as
voice file.

▫ Startup system software indicates the VRP file used for the current startup.

▫ Next startup system software indicates the VRP file to be used for the next startup.

▫ Startup saved-configuration file indicates the configuration file used for the current
system startup.

▫ Next startup saved-configuration file indicates the configuration file to be used for
the next startup.

▫ When a device starts, it loads the configuration file from the storage medium and
initializes the configuration file. If no configuration file exists in the storage medium,
the device uses the default parameter settings for initialization.

• The startup saved-configuration [ configuration-file ] command sets the configuration file

for the next startup, where the configuration-file parameter specifies the name of the
configuration file.
• Fix system vulnerabilities: Enhance system stability and security, and improve the
resistance to viruses and Trojan horses.

• Optimize system resources: The hardware performance of the device can be fully used to
improve the system smoothness.

• Add new functions: Provide customers with required product features to improve user
experience.
• You can download the required system software from Huawei official website.
• Before using FTP to download files, ensure that the AC can communicate with the FTP
server and set up an FTP connection.
• To upgrade the functions or versions of an existing WLAN, perform an in-service upgrade
for APs or load patches on the WLAN.

• In an in-service upgrade, an AP is in normal or ver-mismatch state. If the AP finds that its

version is different from the version of the AP upgrade file specified on the AC, the AP
starts to upgrade its version.

• In an in-service upgrade, APs support several upgrade modes, including single AP

upgrade, AP type-based upgrade, and AP group-based upgrade.

▫ Upgrade of a single AP: allows you to upgrade a single AP to check whether the
upgrade version can function properly. If the upgrade is successful, upgrade other
APs in batches.

▫ AP type-based upgrade: allows you to upgrade APs of the same type.

▫ AP group-based upgrade: allows you to upgrade APs in the same AP group.

• Similar to the in-service upgrade, in-service patch loading allows you to load the patch for
a single AP, APs of a specified type, or APs in a specified AP group.

• Three AP upgrade modes are supported. Run the following commands as required.

▫ Run the ap-update mode ac-mode command to set AP upgrade to AC mode. By

default, the AC mode is used.

▫ Run the ap update mode ftp-mode command to set AP upgrade to FTP mode.

▫ Run the ap update mode sftp-mode command to set AP upgrade to SFTP mode.
• Before upgrading an AP through an AC, ensure that the AP can go online on the AC and
the AP upgrade file is saved in the root directory of the AC.
• If the AP is in vmiss state and cannot be upgraded for a long time, you can run the restart
command to restart the AP.
• 1. Prepare the environment: Configure the IP address and FTP server software on the
PC. Download the Fat AP software package of the target version to the FTP server.
Check network connectivity and the indicator states of the AP.

• 2. Check AP information: On the PC, log in to the AP through the console port to check
the version and working mode of the AP.

• 3. Start switching: Run the ap-mode-switch fat ftp filename server-ip-address user-name
password [ port] command in the system view. Then restart the AP.

• 4. Verify the switching: Log in to the AP again and check the working mode of the AP.
• The default IP address of the AP is 169.254.1.1/24, the user name is admin, and the
password is admin@Huawei.com.
• Command: country-code country-code

▫ country-code: specifies a country code. The value is a string of characters in

enumerated type.

▫ The AC supports multiple country codes, such as:

▪ CN (default value): China

▪ AU: Australia

▪ CA: Canada

▪ DE: Germany

▪ FR: France

▪ US: United States

▪ ...
• Command: ssid ssid

▫ ssid: specifies an SSID. The value is a string of 1 to 32 case-sensitive characters. It

supports Chinese characters or Chinese + English characters, without tab
characters.

▫ To start an SSID with a space, you need to encompass the SSID with double
quotation marks ("), for example, " hello". The double quotation marks occupy two
characters. To start an SSID with a double quotation mark, you need to add a
backslash (\) before the double quotation mark, for example, \"hello. The backslash
occupies one character.
• Service Requirements

▫ An enterprise wants to enable users to access the Internet through a WLAN,

meeting the basic mobile office requirements.

• Networking Requirements

▫ DHCP deployment mode:

▪ Configure the switch as a DHCP server to allocate IP addresses to STAs.

• Configuration roadmap:

▫ Configure network connectivity between the AP and other network devices.

▫ Configure WLAN service parameters for STAs to access the WLAN.

• 1. Create VLANs and interfaces on S1, S2, and AC.

▫ Switch configuration:

▪ [SW]vlan batch 100

▪ [SW] interface GigabitEthernet 0/0/1

▪ [SW-GigabitEthernet0/0/1]port link-type trunk

▪ [SW-GigabitEthernet0/0/1]port trunk pvid vlan 100

▪ [SW-GigabitEthernet0/0/1]port trunk allow-pass vlan 100

▪ [SW-GigabitEthernet0/0/1]quit

▫ AP configuration:

▪ [AP]interface GigabitEthernet 0/0/0

▪ [AP-GigabitEthernet0/0/0]port link-type trunk

▪ [AP-GigabitEthernet0/0/0]port trunk pvid vlan 100

▪ [AP-GigabitEthernet0/0/0]port trunk allow-pass vlan 100

▪ [AP-GigabitEthernet0/0/0]quit
• 1. ABC
• As WLAN technologies use radio signals to transmit service data, service data can be
easily intercepted or tampered with by attackers when being transmitted on open wireless
channels. Configuring WLAN security can protect WLANs against attacks and secure
information and services of authorized users..

• WLAN security involves the following aspects:

▫ Perimeter security: An 802.11 network is subject to threats from unauthorized APs

and users, ad-hoc networks, and denial-of-service (DoS) attacks. A wireless
intrusion detection system (WIDS) can detect unauthorized users and APs. A
wireless intrusion prevention system (WIPS) can protect enterprise networks and
users against access from unauthorized devices.

▫ User access security: Link authentication and access authentication are used to
ensure validity and security of user access on wireless networks.

▫ Service security: Protects service data of authorized users from being intercepted by
unauthorized users during transmission.
• The STA sends an authentication request to the AP.

• The AP generates a random challenge and sends it to the STA.

• The STA uses the preset key to encrypt the challenge and sends the encrypted challenge
to the AP.

• The AP receives the encrypted challenge, decrypts it by using a preset key, and then
compares the decrypted challenge with the one previously sent to the STA. If they are the
same, the authentication is successful. Otherwise, the authentication fails.
• WEP uses the RC4 algorithm to encrypt data through a 64-bit, 128-bit, or 152-bit
encryption key. Each encryption key contains a 24-bit initialization vector (IV) generated
by the system. Therefore, the length of the key configured on the WLAN server and client
is 40 bits, 104 bits, or 128 bits. WEP uses a static key. All STAs associated with the same
SSID use the same key to join a WLAN.

• A WEP security policy defines a link authentication mechanism and a data encryption
mechanism.

▫ If open system authentication is used, WEP encryption is not required during link
authentication. After a user goes online, service data can be encrypted by WEP or
not, depending on the configuration.

▫ If shared key authentication is used, key negotiation is complete during link

authentication. After a user goes online, service data is encrypted using the
negotiated key.
• WEP shared key authentication uses the RC4 symmetric stream cipher to encrypt data.
Therefore, the same static key must be preconfigured on the server and clients. Both the
encryption mechanism and algorithm, however, are prone to security threats.

• To solve the problems with WEP, Wi-Fi Alliance introduced the Wi-Fi Protected Access
(WPA). In addition to the RC4 algorithm, WPA defines the Temporal Key Integrity Protocol
(TKIP) encryption algorithm on the basis of WEP, uses the 802.1X identity authentication
framework, and supports Extensible Authentication Protocol-Protected Extensible
Authentication Protocol (EAP-PEAP) and EAP-Transport Layer Security (EAP-TLS)
authentication.

• Subsequent to WPA, IEEE 802.11i defined WPA2, which uses a more secure encryption
algorithm: Counter Mode with CBC-MAC Protocol (CCMP).

• For the sake of better compatibility, both WPA and WPA2 can use 802.1X access
authentication and the TKIP or CCMP encryption algorithm. With almost the same security
level, WPA and WPA2 mainly differ in the protocol packet format.

• To sum up, the WPA or WPA2 security policy involves four phases: link authentication,
access authentication, key negotiation, and data encryption.
• In PSK authentication, a key must be configured on a STA. Then an AP negotiates with
the STA through four-way handshake to validate the STA's key. The WPA-PSK mode can
be used on networks with low security requirements.
• PSK authentication requires that a WLAN client and a WLAN server be configured with
the same pre-shared key. A client and a server authenticate each other through key
negotiation. During key negotiation, the client and server use their pre-shared keys to
decrypt the messages sent from each other. If the messages are successfully decrypted,
the client and server have the same pre-shared key.
• When PSK authentication is used in WPA/WPA2, only one pre-shared key needs to be
entered in advance on each WLAN node. Although the deployment is simple, the pre-
shared key is the same for all clients that connect to the same WLAN, which results in the
key being shared to unauthorized users.
• As shown in the figures, in WPA/WPA2-PSK authentication, all clients connected to the
specified SSID use the same key, which may bring security risks. In WPA/WPA2-PPSK
authentication, users connected to the same SSID can have different keys and be
authorized with different permissions. If a user has multiple client devices, these client
devices can connect to a WLAN using the same PPSK user account.
• WPA/WPA2-PPSK authentication has the following characteristics:
▫ Users connected to the same SSID can have different keys.
▫ This authentication mode is easy to configure and deploy.
▫ If a user has multiple client devices, these client devices can access a WLAN by
using the same PPSK user account.
▫ A PPSK user is bound to a user group or an authorized VLAN. Therefore, different
PPSK users can be authorized with different permissions.
• As WLANs use open transmission media, data is facing great risks if no encryption
mechanism is used on transmission links. Anyone with an appropriate tool can intercept
unprotected data transmitted on open transmission medium.

• Major objectives of communication security are confidentiality, integrity, and

authentication. When data is transmitted on a network, data protection protocols must
help network administrators achieve these objectives.

▫ Confidentiality means that data will not be intercepted by unauthorized parties.

▫ Integrity means that data is not being tampered with during transmission.

▫ Authentication is the basis for all security policies. Data validity partially depends on
reliability of the data source, so the data receiver must verify correctness of the data
source. A system must protect data through authentication. Authorization and
access control are both based on data authenticity. Before allowing a user to access
any data, the system must verify the user's identity.

• Authentication has been described in the preceding slides. Therefore, WLAN encryption is
to ensure data confidentiality and integrity.
• The 802.1X authentication system uses the Extensible Authentication Protocol (EAP) to
implement information exchange between the supplicant, authenticator, and
authentication server. Common 802.1X authentication protocols include Protected
Extensible Authentication Protocol (PEAP) and Transport Layer Security (TLS). Their
differences are as follows:

▫ PEAP: The administrator assigns a user name and password to the user. The user
enters the user name and password for authentication when accessing a WLAN.

▫ TLS: Users use certificates for authentication. This authentication mode is usually
used together with enterprise apps, such as Huawei AnyOffice.

• 802.1X authentication is recommended for employees of midsize to large enterprises.

• Definition:

▫ Portal authentication is also called web authentication. Generally, portal

authentication websites are referred to as web portals. When a user accesses the
Internet, the user must be authenticated on the web portal. If the user fails to be
authenticated, the user can access only specified network resources. The user can
access other network resources only after passing the authentication.

• Advantages:

▫ Ease of use: In most cases, portal authentication does not require the client to have
additional software installed and allows the client to be directly authenticated on a
web page.

▫ Convenient operations: Portal authentication achieves business expansion on the

portal page, including advertisement push and enterprise publicity.

▫ Mature technology: Portal authentication has been widely used in networks of

carriers, fast food chains, hotels, and schools.

▫ Flexible deployment: Portal authentication implements access control at the access

layer or at the ingress of key data.

▫ Flexible user management: Portal authentication can be performed on users based

on the combination of the user name and the VLAN, IP address, or MAC address.
• To use this function, you need to configure mixed authentication (MAC + Portal) on the
device, enable MAC address-prioritized portal authentication on the authentication server
(RADIUS server), and set the MAC address validity period.

• If a STA's MAC address is stored on the RADIUS server, the RADIUS server checks the
user name and password (both are the MAC address) and directly authorizes the STA.
Then the STA can access the network without entering the user name and password.

• If the STA's MAC address expires on the RADIUS server, the RADIUS server deletes the
STA's MAC address. MAC address authentication fails and the access device pushes the
portal authentication page to the STA. In this case, the user needs to enter the user name
and password for identity authentication.
• Command: security open

▫ Sets the WEP authentication mode to open.

• Command: security wep [ share-key | dynamic ]

▫ security wep: sets the WEP authentication mode to shared key.

▫ security wep share-key: When the WEP authentication mode is set to shared key:

▪ If this parameter is specified, the shared key is used to authenticate STAs and
encrypt service packets

▪ If this parameter is not specified, the shared key is used only to encrypt
service packets.

▫ A shared key is configured on STAs regardless of whether this parameter is

specified.

▫ security wep dynamic: Sets the WEP authentication mode to dynamic WEP.

• Command: wep key key-id { wep-40 | wep-104 | wep-128 } { pass-phrase | hex } key-value

▫ key-id: key index.

▫ wep-40: WEP-40 authentication.

▫ wep-104: WEP-104 authentication.

▫ wep-128: WEP-128 authentication.

▫ pass-phrase: key phrase.

▫ hex: hexadecimal number.

▫ key-value: displays the user password in cipher text.

• Command: security { wpa | wpa2 | wpa-wpa2 } psk { pass-phrase | hex } key-value { aes |
tkip | aes-tkip }

▫ wpa: configures WPA authentication.

▫ wpa2: configures WPA2 authentication.

▫ wpa-wpa2: configures WPA + WPA2 mixed authentication. STAs can be

authenticated using WPA or WPA2.

▫ psk: configures PSK authentication.

▫ pass-phrase: key phrase.

▫ hex: hexadecimal number.

▫ key-value: user password.

▫ aes: uses AES to encrypt data.

▫ tkip: uses TKIP to encrypt data.

▫ aes-tkip: configures AES + TKIP mixed encryption. After the authentication is

successful, STAs that support AES or TKIP can use the supported encryption
algorithm to encrypt data.
• Command: security { wpa | wpa2 | wpa-wpa2 } psk { pass-phrase | hex } key-value { aes |
tkip | aes-tkip }
▫ ppsk: configures PPSK authentication.
• Command: ppsk-user psk { pass-phrase | hex } key-value [ user-name user-name | user-
group user-group | vlan vlan-id | expire-date expire-date [ expire-hour expire-hour ] | max-
device max-device-number | branch-group branch-group | mac-address mac-address ]*
ssid ssid
▫ pass-phrase: key phrase.
▫ hex: hexadecimal number.
▫ key-value: displays the user password in cipher text.
▫ user-name user-name: specifies the name of a PPSK user.
▪ If you do not specify user-name when creating a PPSK user, the system
automatically generates the user name ppsk_auto_user_xxx, where xxx
indicates a number. If user-name is specified, the user name must be unique.
▫ user-group user-group: specifies the user group to which the PPSK user is bound.
▫ vlan vlan-id: specifies the authorized VLAN bound to the PPSK user.
▫ expire-date expire-date [ expire-hourexpire-hour ]: specifies the expiration date of
the PPSK user. The user cannot access the network after the specified date. If this
parameter is not specified, the validity period of the PPSK user expires on
December 31, 2099.
▫ branch-group branch-group: specifies the branch AP group to which the PPSK user
belongs.
▫ mac-address mac-address: specifies the MAC address bound to the PPSK user.
▫ ssid ssid: specifies the SSID of the PPSK user.
• The WLAN has been deployed and WLAN signals have been released.

• Configuration roadmap:

▫ Create two security profiles: Finance and RD.

▫ Bind the two security profiles to the corresponding VAP profiles.

• 1. AB
• Open a browse, enter http://IP address or https://IP address in the address box, for
example, http://169.254.1.1 or https://169.254.1.1, and press Enter. (169.254.1.1 is used
as an example here. Enter the actual IP address of the access interface.) The web
platform login page is displayed.

• Enter login information.

▫ Select a language.

▪ The web system supports English and Chinese and automatically adapts to
the language used by the web browser.

▫ Enter the user name and password.

▪ The default user name and password are admin and admin@huawei.com,
respectively.

▫ Click Login. The operation page is displayed.

▪ To ensure security of the web system, you are prompted to change the
password upon the first login, and log in again.

• Click the logout icon on the upper right of the page to return to the login page.

• After you successfully log in to the system, if no operation is performed in a specified

period (default: 10 minutes), the system automatically logs out. Click OK to return to the
login page.
• Regulatory domain profile:

▫ A regulatory domain profile provides configurations of the country code, calibration

channel set, and calibration bandwidth for APs.

▫ A country code identifies the country in which the APs are deployed. Country codes
regulate different AP radio attributes, including the transmit power and supported
channels. Correct country code configuration ensures that radio attributes of APs
comply with local laws and regulations.

• Configure a source interface or address on the AC.

▫ Specify a unique IP address, VLANIF interface, or loopback interface for each AC.
In this manner, APs connected to an AC can learn the specified IP address or the IP
address of the specified interface to establish CAPWAP tunnels with the AC for
communication. This specified IP address or interface is called the source address
or interface.

▫ APs can establish CAPWAP tunnels with the AC only after the AC's source interface
or address is specified.

▫ A VLANIF or loopback interface can be configured as the AC's source interface so

that the IP address of the source interface is used as the source address.

• Add APs: Configure the AP authentication mode and enable APs to go online.

▫ You can add APs by manual configuration, automatic discovery, and manual
confirmation, that is, importing APs before they go online, configuring the AC to
automatically discover APs, and manually confirming APs in the unauthenticated AP
list.
• There are a large number of APs on a WLAN, among which many require the same
configurations. To simplify AP configurations, add these APs to an AP group and perform
configurations uniformly in the AP group. However, APs may have different configurations.
These configurations cannot be uniformly performed but can be directly performed on
each AP. Each AP will be added and can be added to only one AP group when going
online. If an AP obtains both AP group and specific configurations from an AC, the AP
specific configurations are preferentially used.
• The following profiles can be bound to an AP group and AP: regulatory domain profile, AP
system profile, radio profile, and VAP profile. Regulatory domain profile:
▪ A country code identifies the country in which the APs are deployed. Country
codes regulate different AP radio attributes, including the transmit power and
supported channels. Correct country code configuration ensures that radio
attributes of APs comply with local laws and regulations.
▪ A calibration channel set limits the dynamic adjustment range for AP channels
when the radio calibration function is configured. Exclude radar channels and
the channels that are not supported by STAs from the calibration channel set.
▫ Radio profile:
▪ You can adjust and optimize radio parameters to adapt to different network
environments, enabling APs to provide required radio capabilities and
improving signal quality. After parameters in a radio profile are delivered to an
AP, only the parameters supported by the AP can take effect.
▪ Configurable parameters include the radio type, radio rate, multicast rate of
radio packets, and interval at which an AP sends Beacon frames.
• SSID profile: allows you to configure an SSID name for a WLAN and other functions,
including:

▫ SSID hiding: When creating a WLAN, configure an AP to hide the SSID name to
ensure WLAN security. In this manner, only the STAs that know the SSID can
connect to the WLAN.

▫ Maximum number of STAs on a VAP: More access STAs on a VAP indicate less
network resources that are available to each STA. To ensure Internet access
experience, you can configure a proper maximum number of access STAs on a
VAP based on site requirements.

▫ SSID hiding when the number of STAs reaches the maximum: With this function,
when the number of access STAs on a WLAN reaches the maximum, the SSID of
the WLAN is hidden so that new STAs cannot find the SSID.

• Security profile: allows you to configure a WLAN security policy to authenticate STAs and
encrypt STA packets, securing both the WLAN and STAs.

▫ A security profile supports various WLAN security policies including open-system

authentication, WEP, WPA/WPA2-PSK, and WPA/WPA2-802.1X.
• Switch configuration:

▫ [SW] vlan batch 100 101

▫ [SW] interface gigabitethernet 0/0/1

▫ [SW-GigabitEthernet0/0/1] port link-type access

▫ [SW-GigabitEthernet0/0/1] port default vlan 100

▫ [SW-GigabitEthernet0/0/1] quit

▫ [SW] interface gigabitethernet 0/0/2

▫ [SW-GigabitEthernet0/0/2] port link-type trunk

▫ [SW-GigabitEthernet0/0/2] port trunk allow-pass vlan 100 101

▫ [SW-GigabitEthernet0/0/2] quit
• 1. CD
• Regulatory domain profile:

▫ A regulatory domain profile provides configurations of the country code, calibration

channel set, and calibration bandwidth for APs.

▫ A country code identifies the country in which the APs are deployed. Country codes
regulate different AP radio attributes, including the transmit power and supported
channels. Correct country code configuration ensures that radio attributes of APs
comply with local laws and regulations.

• Configure a source interface or address on the AC.

▫ Specify a unique IP address, VLANIF interface, or loopback interface for each AC.
In this manner, APs connected to an AC can learn the specified IP address or the IP
address of the specified interface to establish CAPWAP tunnels with the AC for
communication. This specified IP address or interface is called the source address
or interface.

▫ APs can establish CAPWAP tunnels with the AC only after the AC's source interface
or address is specified.

▫ A VLANIF or loopback interface can be configured as the AC's source interface so

that the IP address of the source interface is used as the source address.

• Add APs: Configure the AP authentication mode and enable APs to go online.

▫ You can add APs by manual configuration, automatic discovery, and manual
confirmation, that is, importing APs before they go online, configuring the AC to
automatically discover APs, and manually confirming APs in the unauthenticated AP
list.
• There are a large number of APs on a WLAN, among which many require the same
configurations. To simplify AP configurations, add these APs to an AP group and perform
configurations uniformly in the AP group. However, APs may have different configurations.
These configurations cannot be uniformly performed but can be directly performed on
each AP. Each AP will be added and can be added to only one AP group when going
online. If an AP obtains both AP group and specific configurations from an AC, the AP
specific configurations are preferentially used.
• The following profiles can be bound to an AP group and AP: regulatory domain profile, AP
system profile, radio profile, and VAP profile. Regulatory domain profile:
▪ A country code identifies the country in which the APs are deployed. Country
codes regulate different AP radio attributes, including the transmit power and
supported channels. Correct country code configuration ensures that radio
attributes of APs comply with local laws and regulations.
▪ A calibration channel set limits the dynamic adjustment range for AP channels
when the radio calibration function is configured. Exclude radar channels and
the channels that are not supported by STAs from the calibration channel set.
▫ Radio profile:
▪ You can adjust and optimize radio parameters to adapt to different network
environments, enabling APs to provide required radio capabilities and
improving signal quality. After parameters in a radio profile are delivered to an
AP, only the parameters supported by the AP can take effect.
▪ Configurable parameters include the radio type, radio rate, multicast rate of
radio packets, and interval at which an AP sends Beacon frames.
• SSID profile: allows you to configure an SSID name for a WLAN and other functions,
including:

▫ SSID hiding: When creating a WLAN, configure an AP to hide the SSID name to
ensure WLAN security. In this manner, only the STAs that know the SSID can
connect to the WLAN.

▫ Maximum number of STAs on a VAP: More access STAs on a VAP indicate less
network resources that are available to each STA. To ensure Internet access
experience, you can configure a proper maximum number of access STAs on a
VAP based on site requirements.

▫ SSID hiding when the number of STAs reaches the maximum: With this function,
when the number of access STAs on a WLAN reaches the maximum, the SSID of
the WLAN is hidden so that new STAs cannot find the SSID.

• Security profile: allows you to configure a WLAN security policy to authenticate STAs and
encrypt STA packets, securing both the WLAN and STAs.

▫ A security profile supports various WLAN security policies including open-system

authentication, WEP, WPA/WPA2-PSK, and WPA/WPA2-802.1X.
• Command: option code [ sub-option sub-code ] { ascii ascii-string | hex hex-string | cipher
cipher-string | ip-address ip-address
▫ code: specifies the code of a user-defined option. The value is an integer that
ranges from 1 to 254, except values 1, 3, 6, 15, 44, 46, 50, 51, 52, 53, 54, 55, 57,
58, 59, 61, 82, 121, and 184.
▫ sub-option sub-code: specifies the code of a user-defined sub-option. The value is
an integer that ranges from 1 to 254. For details about well-known options, see RFC
2132.
▫ ascii | hex | cipher: specifies the user-defined option code as an ASCII character
string, hexadecimal character string, or ciphertext character string.
▫ ip-address ip-address: specifies the user-defined option code as an IP address.
• Command: regulatory-domain-profile name profile-name
▫ name profile-name: specifies the name of a regulatory domain profile. The value is a
string of 1 to 35 case-insensitive characters. It cannot contain question marks (?) or
spaces, and cannot start or end with double quotation marks (").
• Command: country-code country-code
▫ country-code: specifies a country code. The value is a string of characters in
enumerated type.
▫ The AC supports multiple country codes, such as:
▪ CN (default value): China
▪ FR: France
▪ US: United States
▪ ...
• Command: ap-group name group-name

▫ name group-name: specifies the name of an AP group. The value is a string of 1 to

35 characters. It does not contain question marks (?), slashes (/), or spaces, and
cannot start or end with double quotation marks (").
• Command: ap-id ap-id [ [ type-id type-id | ap-type ap-type ] { ap-mac ap-mac | ap-sn ap-sn
| ap-mac ap-mac ap-sn ap-sn } ]

▫ ap-id: specifies the ID of an AP. The value is an integer that ranges from 0 to 8191.

▫ type-id type-id: specifies the ID of an AP type. The value is an integer that ranges
from 0 to 255.

▫ ap-type ap-type: specifies the type of an AP. The value is a string of 1 to 31

characters.

▫ ap-mac ap-mac: specifies the MAC address of an AP. The value is in H-H-H format.
An H is a 4-digit hexadecimal number.

▫ ap-sn ap-sn: specifies the SN of an AP. The value is a string of 1 to 31 characters,

and can contain only letters and digits.
• Command: ssid ssid

▫ ssid: specifies an SSID. The value is a string of 1 to 32 case-sensitive characters. It

supports Chinese characters or Chinese + English characters, without tab
characters.

▫ To start an SSID with a space, you need to encompass the SSID with double
quotation marks ("), for example, " hello". The double quotation marks occupy two
characters. To start an SSID with a double quotation mark, you need to add a
backslash (\) before the double quotation mark, for example, \"hello. The backslash
occupies one character.
• Command: display vap { ap-group ap-group-name | { ap-name ap-name | ap-id ap-id } [
radio radio-id ] } [ ssid ssid ]

▫ ap-group ap-group-name: displays information about all service VAPs in a specified

AP group. The AP group must exist.

▫ ap-name ap-name: displays information about service VAPs on the AP with a

specified name. The AP name must exist.

▫ ap-id ap-id: displays information about service VAPs on the AP with a specified ID.
The AP ID must exist.

▫ radio radio-id: displays information about service VAPs of a specified radio. The
value is an integer that ranges from 0 to 2.

▫ ssid ssid: displays information about service VAPs of a specified SSID. The SSID
must exist.

• Command: display vap { all | ssid ssid }

▫ all: displays information about all service VAPs.

• Switch configuration:

▫ [SW] vlan batch 100 101

▫ [SW] interface gigabitethernet 0/0/1

▫ [SW-GigabitEthernet0/0/1] port link-type access

▫ [SW-GigabitEthernet0/0/1] port default vlan 100

▫ [SW-GigabitEthernet0/0/1] quit

▫ [SW] interface gigabitethernet 0/0/2

▫ [SW-GigabitEthernet0/0/2] port link-type trunk

▫ [SW-GigabitEthernet0/0/2] port trunk allow-pass vlan 100 101

▫ [SW-GigabitEthernet0/0/2] quit

• AC configuration:

▫ [AC] vlan batch 100 101

▫ [AC] interface gigabitethernet 0/0/1

▫ [AC-GigabitEthernet0/0/1] port link-type trunk

▫ [AC-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 101

▫ [AC-GigabitEthernet0/0/1] quit
• 1. B
• The binary command sets the file transfer mode to binary on an FTP client.

• By default, the file transfer mode is ASCII.

• The ASCII mode is used to transfer plaintext files, and the binary mode is used to transfer
application files, such as system software (with the file name extension of .cc or .pat),
images, video files, compressed files, and database files.
• Parameter description of the ping command

▫ -a: specifies the source IP address of the ICMP Echo Request message. If the
source IP address is not specified, the IP address of the outbound interface is used
as the source IP address of the ICMP Echo Request message.

▫ -c: specifies the number of times for sending ICMP Echo Request messages. The
default value is 5. If the network quality is poor, you can increase the parameter
value to determine the network quality based on the packet loss rate.

▫ -f: indicates that packets are not fragmented when they are sent. The device
discards the packets if the packet size exceeds the MTU.

▫ -s: specifies the length of an ICMP Echo Request message, excluding the IP header
and ICMP header.

▫ -t: specifies the timeout interval of ICMP Echo Reply messages. You can set a
larger timeout interval if the network is unstable. The default value is 2 seconds. If
the device receives no Echo Response message within 2 seconds, it determines
that the destination is unreachable.

▫ host: specifies the domain name or IP address of the destination host.

• Common states of an AP include:
▫ normal: The AP has successfully registered with the AC.
▫ fault: The AP fails to register with the AC. If an AP is in fault state, go to the next
check step.
▫ download: The AP is loading the system software during the upgrade. Wait until the
AP upgrade is complete and check the AP status again.
▫ committing: The AC is delivering services to the AP.
▫ config-failed: The AP fails to initialize the configuration. If an AP is in config-failed
state, check the network connectivity. Configure the AP and AC to ping each other.
Check whether packet loss occurs and whether the MTU value is small on the
intermediate network. If NAT traversal is configured on the intermediate network,
check whether NAT communication is normal. Run the display cpu-defend statistics
wired command to check the discarded CAPWAP packets in the statistics on
packets sent to the CPU. If a large number of packets are lost, check whether the
threshold is set properly. If the fault persists for a long time, collect related
information and contact technical support.
▫ name-conflicted: The name of the AP conflicts with that of another AP. If an AP is in
name-conflicted state, run the ap-rename ap-id ap-id new-name ap-name command
in the WLAN view to change the AP name.
▫ ver-mismatch: The AP version does not match the AC version. If an AP is in ver-
mismatch state, run the display ap version all command to check the AP version,
and run the display version command to check the AC version. Check whether the
AC version matches the AP version.
▫ standby: AP status on the standby AC.
▫ idle: After an AP is added offline, it is in idle state. If an AP is in this state, check
whether the AP is properly connected to the network.
• As shown in the figure, two AP signals are found on channel 1 and have similar
strengths. When the two APs have concurrent services, co-channel interference occurs,
degrading service quality.
• D
• BCD
• Baseband signal is an original analog or digital signal that is sent from a signal source and
has not been modulated. For example, sound waves emitted by people are analog
baseband signals, and signals from computers to peripherals such as monitors and
printers are baseband signals. The baseband signal has the following characteristics: 1.
low frequency; 2. poor anti-interference performance; 3. suitable for short-distance
transmission.

• Intermediate frequency (IF): In the traditional modulation and demodulation mode,

baseband signals are converted into IF signals before being converted into RF signals, or
received RF signals are also converted into IF signals before being converted into
baseband (I, Q) signals.

• Zero-IF (ZIF) is a modulation and demodulation method of directly converting between RF

signals and baseband signals without using IF signals.
• Guided waves refer to the electromagnetic waves transmitted along a transmission line in
a certain direction. Typical guided waves are the waves transmitted along parallel lines or
coaxial feeders, waves transmitted along waveguides, and waves transmitted along the
ground from the transmitter to the receiver.

• Free-space waves refer to the electromagnetic waves transmitted in free space.

• Omnidirectional antenna:
▫ An omnidirectional antenna radiates equal energy in all directions on the horizontal
plane and radiates different energy in different directions on the vertical plane.
▫ The radiation pattern of an omnidirectional antenna is similar to that of an
incandescent lamp, which radiates visible light in all directions on the horizontal
plane.
• Directional antenna:
▫ A directional antenna radiates energy more effectively in one direction than in others
on the horizontal and vertical planes.
▫ The radiation pattern of a directional antenna is similar to that of a flashlight, which
radiates visible light towards a certain direction. With the same radio energy, a
directional antenna provides a longer coverage distance than an omnidirectional
antenna in a particular direction.
• Smart antenna:
▫ A smart antenna is an array of low-gain antennas that have the same polarization
and are arranged and activated in a certain order. Based on the wave interference
theory, they provide radiation patterns with high directivity and form the beams in
expected directions. A smart antenna has multiple directional radiation patterns and
one omnidirectional radiation pattern on the horizontal plane.
▫ A smart antenna receives signals from transmitters in the omnidirectional pattern.
The smart antenna algorithm can determine the location of a transmitter based on
the received signals, and control the CPU to send control signals to the transmitter
in a directional radiation pattern with the direction of the maximum radiation.
• Indoor ceiling-mount antennas are light, good-looking, and easy to install, and have a low
gain (about 2 to 5 dBi). Such antennas are usually deployed in an indoor distribution
system. They are mounted on the ceiling or joists and connect to signal sources through
feeders.

• Indoor wall-mount antennas have similar advantages to those of indoor ceiling-mount

antenna, and have a gain of about 5 to 8 dBi. Such antennas are usually deployed in an
indoor distribution system or directly connect to signal sources to provide directional
coverage.

• Outdoor antennas are the most important part in an outdoor WLAN project. Antenna types
decide whether signals can be stably transmitted in a long distance. When selecting
antenna types, consider the antenna's coverage range and angle. For a short coverage
range, low-gain omnidirectional or directional antennas are recommended. For a long
coverage range, high-gain directional antennas are recommended. For outdoor long-
distance point-to-point transmission, high-gain small-angle antennas are recommended.

• Directional antennas can provide a high gain. Generally, an antenna with a smaller angle
provides a higher gain and therefore supports a longer signal transmission distance.
However, such antennas are difficult to install and adjust. They must be properly aligned
to each other on the transmitter and receiver to ensure efficient signal transmission.
Therefore, such antennas are suitable for long-distance transmission but must be properly
placed.
• Advantages of smart antennas:

▫ Large coverage area: Smart antennas bring centralized energy and high gain,
providing a large coverage range. The coverage range of a smart omnidirectional
antenna is equivalent to that of a directional antenna.

▫ High anti-interference capability: A smart antenna directs signals to a certain

direction to form directional beams. The main lobe points to the direction of arrival
(DOA) of usable signals, and side lobes and nulls point to the DOA of interference
signals.

▫ Low pollution to the environment: A smart antenna provides satisfied power for
STAs using low transmit power. This reduces the electromagnetic wave pollution to
the environment.
• An element with the arms of the same length is called a symmetric element. A half-wave
symmetric element has a length of 1/4 wavelength and a full length of 1/2 wavelength on
each arm.
• Half-wave symmetric elements can be used independently or as the feed source of a
parabolic antenna. In addition, multiple half-wave symmetric elements can constitute an
antenna array.
• When the two conducting wires are close to each other, the electric field is limited
between them and the radiation is weak. When two conducting wires are far away from
each other, the electric field is enlarged and the radiation is enhanced.
• When the two conducting wires are too close to each other and form a straight line, they
become an antenna.
• When the wire length is 1/4 of the signal wavelength, the radiation is the maximum, which
is called the basic element.
• When the two conducting wires are charged, an electric field is produced between the two
poles. A magnetic field is produced when current flows between the metal bodies.
• When the two conducting wires are slightly farther from each other, an electric field and a
magnetic field will be produced in the space around the metal bodies.
• If the conducting wires form a straight line, an electromagnetic field is produced outside
the wires.
• When the length of a conducting wire (L) is far smaller than the wavelength (λ), the
radiation is weak. When the conducting wire length is almost the same as the wavelength,
current on the conducting wire greatly increases, producing strong radiation. Such straight
conducting wire that can produce strong radiation is called element.
• Due to the characteristics of electrical waves, the horizontally polarized signals generate
current when approaching to the ground. Polarized current generates heat due to ground
impedance. As a result, electrical field signals are attenuated. The vertically polarized
signals do not generate current, so energy will not be attenuated. Therefore, vertical
polarization is widely used in mobile communication. For example, Huawei uses vertically
polarized antennas or ±45° dual-polarized antennas in wireless communication
systems.

• The polarization direction of the antenna is the electric field direction of the
electromagnetic field of antenna radiation.

▫ If the electric field of the radio wave is perpendicular to the ground, the radio wave is
a vertical polarization wave.

▫ If the electric field of the radio wave is parallel to the ground, the radio wave is a
horizontal polarization wave.
• A dual-polarized antenna is a combination of vertically polarized antennas and
horizontally polarized antennas, or a combination of +45° polarized antennas and -45°
polarized antennas.

• With development of new technologies, dual-polarized antennas are widely used now.
There are two polarization modes: vertical and horizontal polarization and ±45°
polarization. The ±45° polarization mode has better performance than the vertical and
horizontal polarization modes. Therefore, the ±45° polarization mode is used in most
cases. A dual-polarized antenna combines two orthogonal antennas with polarization
directions of +45° and –45° and works in duplex mode, which greatly reduces the
number of antennas in each cell. In addition, the orthogonal polarization (±45°) ensures
the good effect of receive diversity.

• Vertically and horizontally polarized waves are received by antennas with vertical and
horizontally polarization characteristics, respectively. Right-handed and left-handed
circular polarization waves are received using antennas with right-handed and left-handed
circular polarization characteristics, respectively. If the polarization direction of the
incoming waves is different from that of the receiving antenna, polarization loss occurs.
For example, polarization loss occurs when a +45° polarization antenna is used to
receive vertically or horizontally polarized waves, or when a vertically polarized antenna is
used to receive +45° polarization or –45° polarization waves. Similarly, when the
circular polarization antenna receives linear polarization waves or vice versa, signals are
attenuated. The received signals may be only a half of the total signals.
• As shown in the preceding figure, when the transmit antenna is vertically placed and the
receive antenna is horizontally placed, the receive antenna cannot receive signals from
the transmit antenna. The electric field polarization direction of electromagnetic waves
emitted by the transmit antenna is vertical. When the vertical electric field acts on the
receive antenna, the electrons on the antenna conductor cannot move under the electric
field. Therefore, the electric field cannot generate current.

• When both the transmit antenna and the receive antenna are placed vertically, the
polarization direction of electromagnetic waves emitted by the transmit antenna is vertical.
When the vertical electric field acts on the receive antenna, electrons on the antenna
move vertically under the electric field. Therefore, the receive antenna generates current.
• A gain is the ratio of the signal output of a system to the signal input of the same system.
Assume that the transmit antenna is an ideal undirectional source and the input power is
100 W. If the transmit antenna is a directional antenna with a gain of 13 dB (20 times the
original signal), only 5 W (100/20) of input power is required. That is, an antenna's gain is
the amplifier of input power of the undirectional ideal radiation source.

• If the antenna gain is measured based on half-wave symmetric elements, the gain unit is
dBd.

• When selecting gain, ensure that the beam matches the coverage distance. If the
coverage distance is small, select low-gain antennas with wide vertical lobes to ensure
the coverage effect in the area near the antenna.

• Typical WLAN antenna gains are as follows:

▫ Indoor and outdoor rod antenna: 2 to 3 dBi

▫ Indoor built-in antenna: 3 to 5 dBi

▫ Outdoor external omnidirectional antenna: 6 to 8 dBi

▫ Outdoor built-in sector or directional antenna: 8 to 14 dBi

• Both dBi and dBd are relative values used to represent the antenna gain, with different
references. The reference for dBi is an isotropic antenna, and that of dBd is a dipole.
Therefore, the values of dBi and dBd are slightly different. The unit energy radiated
uniformly by a wave source onto a sphere is smaller than the unit energy flattened on the
surface of an ellipsoid with its maximum radius. Therefore, the ratio of the energy received
at a point outside the space to the energy on the sphere is greater than that of the energy
received at the point outside the space to the energy on the ellipsoid. The gain expressed
in dBi is 2.15 greater than that expressed in dBd.
• dBm: absolute power value. Typical values are as follows:

▫ 0 dBm = 1 mW

▫ 3 dBm = 2 mW

▫ -3 dBm = 0.5 mW

▫ 10 dBm = 10 mW

▫ -10 dBm = 0.1 mW

• dB: relative power value

▫ For example, if the power of A is twice that of B, 10 x lg(power of A/power of B) = 10

x lg2 = 3 dB. That is, the power of A is 3 dB higher than that of B.

▫ When transmitting signals within 100 m on the 2.4 GHz frequency band, the power
loss of a 1/2-inch feeder is about 12.1 dB.

▫ If the power of A is 46 dBm and that of B is 40 dBm, the gain of A is 6 dB higher

than that of B.

▫ If the power of A is 12 dBd and that of B is 14 dBd, the gain of A is 2 dB lower than
that of B.
• Different antennas have different radiation patterns. Radiation patterns of some antennas
have many lobes. The lobe with the maximum radiation is the main lobe, and the other
lobes are back and side lobes. The areas between the main lobe and side lobes have
weak radiation.

• At the two sides of the main lobe, the radiation is reduced by 3 dB (power density is
reduced by half). The angle between the two sides is defined as beamwidth (also called
main-lobe width or half-power angle). A smaller beamwidth indicates better directionality,
larger coverage, and stronger anti-interference capabilities.

• When deploying antennas, note that side lobes will interfere with peripheral cells.
Generally, the main-lobe radiation needs to be enhanced, and side-lobe radiation needs
to be suppressed. However, in the areas near the antennas, we can enhance the side-
lobe radiation to eliminate coverage holes.

• There is another beamwidth (10 dB). It is the angle between the points in the main lobe
that are down from the maximum radiation by 10 dB (power density reduced to one tenth).
• The FBR is valid only for directional antennas. It refers to the ratio of the power density in
the antenna forward maximum radiation direction to the power density in the backward
maximum radiation direction within ±30-degree range. The FBR reflects the capability of
an antenna to suppress backward interference.

• Typical FBR value in a WLAN scenario: outdoor sector antenna > 20 dB

• To control the coverage area of an antenna and reduce interference, you need to adjust
the downtilt of the antenna.
• Two methods are available for adjusting the antenna downtilt:
▫ Mechanical downtilt: Adjust the antenna installation angle to increase the downtilt.
▪ When the mechanical downtilt exceeds the half-power beamwidth on the
vertical plane, the horizontal beam coverage of the base station antenna will
be deformed, which affects the coverage control of the sector. Therefore, the
mechanical downtilt cannot exceed the half-power beamwidth on the vertical
plane.
▫ Electrical downtilt: Adjust the phase of the antenna feed network to change the
downtilt. The electrical downtilt can be achieved in the following ways:
▪ Electrical downtilt with fixed beam: When designing antennas, deviate the
antenna main beam from the normal direction of the array antenna element at
a certain angle (such as 3°, 6°, or 9°) by controlling the amplitude and
phase of the radiating element. Along with the electrical downtilt, the
adjustment range could be from 18° to 20°.
▪ Continuous manual electrical tilt: When designing antennas, use adjustable
phase shifters to continuously adjust the direction of the main beam. The
adjustment range could be from 0° to 10°.
▪ Wire remote electrical tilt from the angle of depression: When designing this
type of base station, add a servomechanism. A precise motor is used to
control the phase shifter so that the electrical tilt can be remotely controlled.
However, due to the new active circuit, the reliability of the antenna decreases
and the surge protection problem becomes complicated.
• An antenna works on a certain frequency range (bandwidth) in both the transmit and
receive directions. This parameter is a nominal value by the manufacturer. For most base
station antennas, they are required to support the operating frequency range when the
VSWR value is less than or equal to 1.5. In most cases, the antenna's performance varies
according to the frequency. Performance degradation caused by this, however, is
acceptable.
• The transmit power can reach the maximum when the antenna operates at the center
frequency; therefore, the center frequency and frequency band can be determined
according to this rule.
• When the feeder and the antenna match each other, the energy of high frequency waves
is radiated. The waves that are on the feeder are only incident waves but not reflected
waves, and they are traveling waves. When the feeder and the antenna do not match
each other, only part of the energy of high frequency waves is radiated. Therefore, only
part of energy is absorbed, and the rest is reflected and forms reflected waves.
▫ The ratio of the reflected waves to the incident waves is the reflection coefficient,
which is recorded as R.
▫ VSWR is the ratio of power of standing wave antinode and amplitude of wave node
power. It is also called standing wave coefficient.
▫ The return loss (RL) is the ratio of reflected wave power and incident wave power on
the antenna connector.
▫ The VSWR and RL are both used to describe the status of antenna match. The
difference is that the VSWR is described by voltage, while the RL is described by
power.
• Frequency Band

▫ Select antennas based on the frequency band. To reduce engineering and purchase
costs, use broadband antennas when both the broadband and narrowband
antennas meet the specifications. A broadband antenna differs from a dual-band
antenna in that the broadband antenna does not have additional power feeding
ports.

• Beamwidth

▫ horizontal and vertical beamwidths are supported, which depend on and affect each
other. Antennas are selected based on the coverage range and interference control.
In urban areas, use antennas whose horizontal beamwidth is less than or equal to
65ºto reduce cell handovers. In suburban areas, use antennas with the horizontal
beamwidth of 80ºto 90ºto enhance coverage and avoid coverage holes.

• Gain

▫ Low-gain antennas have narrow beams and good directionality. They are mainly
used for indoor coverage and coverage hole compensation in outdoor areas, such
as behind buildings, new residential communities, and new professional markets.
Medium-gain antennas are applicable to urban areas. On the one hand, the volume
and size of such antennas are suitable. On the other hand, signals are evenly
distributed within a short coverage radius thanks to the large vertical beamwidth.
High-gain antennas are applicable to wide and open areas, for example, highways,
railways, tunnels, and long and narrow areas.
• For a coverage range of less than 300 m: Use omnidirectional antennas when the
coverage area is round or square and the antennas can be deployed in the center.

• For a coverage range of more than 300 m: Use directional antennas.

• Use directional antennas in long and narrow coverage areas, such as scenic spots,
streets, and tunnels.

• A pole is required for installing a directional antenna. The height of the pole depends on
its diameter, fixing mode, and wind speed. It is recommended that the length of a pole on
the rooftop be within 1 m to 3 m and not exceed 5 m.
• The radiation pattern is a graphical description of the relative field strength of the antenna.
As the antenna radiates to three-dimensional space, several patterns are required for
description.

• Dual-band antennas can work on both the 2.4 GHz and 5 GHz frequency bands. In this
way, dual-band APs can be configured with only one type of antenna, facilitating
installation and purchase. The antenna also features a low omnidirectional gain. It
achieves 360-degree coverage and reduces the maximum power density in the
omnidirectional direction with the same transmit power.
• Without specific bandwidth requirement: If the coverage range is less than 300 m,
antennas with the gain of 11 dBi ± 3 dBi are recommended.

• Without specific bandwidth requirement: If the coverage range is greater than or equal to
300 m, antennas with the gain of 18 dBi ± 3 dBi are recommended.
• Without specific bandwidth requirement: If the coverage range is less than 300 m,
antennas with the gain of 11 dBi ± 3 dBi are recommended.

• Without specific bandwidth requirement: If the coverage range is greater than or equal to
300 m, antennas with the gain of 18 dBi ± 3 dBi are recommended.
• This slide introduces the formula for calculating the signal field strength and the network
adapter parameters of common STAs.

• Note that the table lists common typical values, which may vary according to vendors.

• Formula for calculating the uplink signal field strength (without interference, cable loss,
and obstacle loss):

• Signal field strength = Transmit power + Transmit antenna gain – Transmission

attenuation value + Receive antenna gain

• For example, in a rural area, an external antenna (11 dBi) is connected to an AP, the
uplink signal field strength of a STA (a laptop as an example) on the 2.4 GHz frequency
band at 300 m is:

▫ 18 + 0 – 89.8 + 11 = –60.8 dBm.

▫ After the 10 dB system margin is subtracted from the signal field strength, we get
the optimal receiver sensitivity (–71 dBm) of the AP.
• An antenna has two horizontal and vertical beamwidths.

▫ Horizontal beamwidth: indicates the beamwidth after the main lobe power of the
horizontal beam decreases by 3 dB. It is also called horizontal half-power angle.

▫ Vertical beamwidth: indicates the beamwidth after the main lobe power of the
vertical beam decreases by 3 dB. It is also called vertical half-power angle

• There is another beamwidth (10 dB). It is the angle between the points in the main lobe
that are down from the maximum radiation by 10 dB (power density reduced to one tenth).
• Combiner, power splitter, and coupler are commonly used passive components used in
an indoor distribution system. The combiner is mainly applied to multi-system
(GSM/CDMA/3G/WLAN), or to different WLAN frequency bands. The coupler is used to
unequally divide power and splitter is used to equally divide power.
• The splitter equally divides energy to provide a wide frequency band by matching
cascaded impedance conversion lines and isolation resistors.

• The splitter cascades two, three, or four channels to distribute power.

• Note:

▫ A cavity splitter is applicable to high transmit power.

▫ The output arms of a cavity splitter are not isolated. Therefore, the cavity splitter
cannot be used as a combiner.

▫ When working for a long time, the cavity splitter is stabler than the microstrip splitter.

▫ When connecting passive components, consider port definition to ensure proper

system running.

▫ Passive components cannot work at overloaded power. Otherwise, the components

may be damaged or the active devices may be faulty.

▫ When connecting components, ensure that the interfaces are reliably connected.
Otherwise, interface performance may degrade and the system cannot work.
• Product type

▫ Couplers are classified into cavity coupler and microstrip coupler based on power
distribution.

▫ The couplers must be selected properly based on network construction

requirements.

• Note:

▫ A cavity coupler is applicable to high transmit power.

▫ When working for a long time, the cavity coupler is stabler than the microstrip
coupler.

▫ When connecting passive components, consider port definition to ensure proper

system running.

▫ Passive components cannot work at overloaded power. Otherwise, the components

may be damaged or the active devices may be faulty.

▫ When connecting components, ensure that the interfaces are reliably connected.
Otherwise, interface performance may degrade and the system cannot work.
• A combiner combines signals of multiple systems into a set of antenna system. In a
wireless antenna system, input and output signals on different frequency bands are
combined, and the antenna system is connected to the console through a feeder. This
saves feeders and prevents antenna switching.

• In the WLAN field, combiners include single-band combiners (2.4 GHz) and multi-band
combiners.

• The input port on a combiner limits the frequency.

• A combiner can reduce the number of antennas and feeders, save the antenna installation
space, and improve the isolation between transmitters. Common combiners include dual-
band combiners and triple-band combiners.
• A coaxial cable has the inner conductor and the outer shield sharing a geometric axis. A
common coaxial cable has an inner conductor surrounded by a tubular insulation layer,
surrounded by a tubular conducting shield. The cable is wrapped by a PVC jacket. The
coaxial cable transmits high-frequency signals with little loss, prevents interference, and
provides high bandwidth.

• There are two types of coaxial cables: 50 Ω and 75 Ω. The 75 Ω coaxial cable is used for
the CATV system, and the 50 Ω coaxial cable is used for radio communication.

• An RF coaxial cable transmits signals and energy within the radio frequency range. RF
coaxial cables are classified into three types based on functions: CATV coaxial cable,
radio coaxial cable, and leakage coaxial cable.

• When signals are transmitted in a feeder, impedance loss and media loss are generated.
The loss increases when the feeder length and working frequency increase. Therefore,
the feeder should not be too long.
• An RF coaxial connector (RF connector for short) is installed on a cable or instrument to
separate or combine electricity.

• Compared with other electrical components, the RF connector has a shorter history. The
UHF connector invented in 1930 is the earliest RF connector. During the World War II,
radar, broadcasting station, and microwave communication technologies developed fast.
Accordingly, the type N, C-type, BNC, and TNC connectors were developed. After 1958,
the SMA, SMB, and SMC connectors were developed. In 1964, the US issued the MIL-C-
39012 RF coaxial connector specifications. Then, the RF connectors were standardized
and commonly used.

• RF connector type:

• The major name of a converter is the connector name or fraction.

▫ For example, SMA-50JK represents the SMA-type 50 Ω converter. One end is male
and the other end is female. BNC/SMA-50JK represents the converter with BNC
male and SMA female, and the impedance is 50 Ω.
• Surge protection devices are usually deployed between the electrical conduction and
ground, and connected to the protected devices in parallel mode. When voltage exceeds
the upper limit, a surge protection device limits voltage to protect the device. When
voltage is restored, the surge protection device restores to ensure proper system power
supply.

• An antenna surge protector provides the following functions: transmits wireless signals
and protects interfaces, transmits control signals and protects receiving devices, protects
television satellite devices, monitors signal transmission, protects receiving devices,
protects wireless communication devices, and protects other radio devices.
• 1. AD

• 2. 23 dBm = ? mW

▫ +23 dBm can be divided into +10 dBm, +10 dBm, and +3 dBm.

▫ The calculation procedure is as follows:

▪ 1 mW x 10 = 10 mW

▪ 10 mW x 10 = 100 mW

▪ 100 mW x 2 = 200 mW
• A WLAN uses radio signals (high-frequency electromagnetic waves) to transmit data. The
strength of radio signals becomes weaker as the transmission distance increases. In
addition, adjacent radio signals cause interference overlapping. All these factors reduce
the signal quality or even cause network unavailability. To improve the WLAN quality and
meet customers' requirements on network construction, WLAN planning and design are
required. During WLAN planning and design, the AP models and quantity, installation
positions and modes, and cable deployment modes need to be planned to ensure
pervasive wireless network coverage, fast Internet access, and optimal network
experience. If WLAN planning and design are not performed in the early stage, rework
may be required after APs are installed. This is because network optimization after APs
are installed may require AP reinstallation and re-cabling.
• Specifying requirements

▫ Determine the network service type, user distribution, and service changes, and
determine the coverage target and key coverage areas.

• Site survey

▫ Collect information about the coverage area to guide subsequent solution design.

• Network solution design

▫ Coverage mode and device model selection

▫ Frequency planning

▫ Link budget

▫ Capacity planning

• Engineering implementation

• Acceptance test

▫ After the construction is complete, Huawei network test tools are used to perform
the acceptance test and issue the acceptance report. After the acceptance test is
passed, the entire network planning process is complete.

• Adjustment and optimization

▫ Optimize the AP and antenna layout based on the trial network quality evaluation
test.
• Signal coverage is not provided for areas with few wireless requirements, such as
bathrooms, staircases, equipment rooms, and archive rooms.

• Generally, the signal strength of indoor dual-band APs should be greater than -65 dBm,
and that of outdoor dual-band APs should be greater than -70 dBm.

• Concurrency indicates that both uplink and downlink services are performed.

• Common Internet access/Email sending and receiving: 512 kbit/s

• SD video: 2 Mbps

• Ceiling installation recommendation

• 100 m long-distance power supply through a PoE switch

• The coverage can be simply understood as the number of Wi-Fi signal bars on a mobile
phone.
• Before planning a project, communicate with the customer to determine the WLAN
coverage area based on the onsite environment and drawings.

• Key coverage area: dorm room, library, classroom, hotel room, lobby, meeting room,
office room, exhibition hall, etc.

• The area division must be confirmed with the customer and marked on the drawing
provided by the customer to facilitate subsequent planning.
• You can obtain the antenna gain from the product documentation.

• The attenuation value of the transmission distance is obtained through calculation.

• Formula for calculating the signal field strength (ignoring interference and cable loss):

• Received signal field strength = AP's transmit power + Antenna gain – Transmission
attenuation – Penetration loss

• When the signal transmission distance is 20 m, the signal field strength (5.8 GHz) is
calculated as follows:

• AP transmit power (20 dBm) + Antenna gain (omnidirectional antenna: 3 dBi) –

Transmission attenuation (92 dB) – Signal attenuation caused by obstacles (0 dB) = -69
dBm

• Antenna gain: Indoor APs generally use built-in omnidirectional antennas, and the
antenna gain is 3 dBi.
• EIRP: Effective Isotropic Radiated Power

• EIRP ≥ AP transmit power + MIMO gain + Antenna gain – Feeder loss

• AP selection: The stand is located outdoors. The customer requires the APs in
compliance with 802.11ax (Wi-Fi 6), so outdoor models with external antennas, such as
AirEngine 8760R-X1E (supporting PoE power supply), can be selected.

• Antenna selection

▫ Antenna gain: Determine the antenna gain based on the AP transmit power,
coverage distance, and bandwidth requirements.

▫ Antenna angle: The stadium is a high-density scenario. Therefore, the antenna

angle should be as small as possible. For example, ANT5G19D2NR (horizontal
angle 15° and vertical angle 15°) is used at 5.8 GHz frequency band.

▫ Antenna engineering parameters: The azimuth and downtilt are adjustable during
deployment. Plan the azimuth and downtilt based on site requirements.
• Total bandwidth = Number of users x Concurrency rate x Bandwidth for each user

• Number of APs = Total bandwidth/Bandwidth of each AP

• The maximum number of concurrent STAs (single radio) is based on the 5 GHz frequency
band.

• The maximum number of concurrent STAs (dual radios) is based on 2.4 GHz and 5 GHz
frequency bands.

• The maximum number of concurrent STAs (triple radios) is based on one 2.4 GHz
frequency band and two 5 GHz frequency bands.
• The preceding table assumes that the AP supports 802.11ax 8*8 HT20 mode. The
following sections assume that APs support 802.11ax 8*8 HT20 and STAs support
802.11ax dual spatial streams.
• Bandwidth required by a single user (Excellent) in a meeting room = 8*50% + 16*10% +
0.25*10% + 32*10% + 32*5% + 0.5*15% = 10.5 Mbps

• The total number of users refers to the total number of STAs connected to the WLAN in
this scenario.

• The number of concurrent STAs is the concurrency rate multiplied by the total number of
users, and refers to the number of users that are connected to the WLAN and transmit
data.

• The concurrency rate is an empirical value.

• Confirm with customers about available channels allowed by the local laws and
regulations.
▫ Query the local available channels in the channel compliance table and confirm with
the local user.
▫ For example, channels 1, 6, and 11 are available on the 2.4 GHz frequency band in
China.
▪ To prevent interference between channels, the interval between central
frequencies of each two channels in the 2.4 GHz frequency band must be
larger than or equal to 25 MHz. It is recommended that channels 1, 6, and 11
be used in overlapping mode.
▫ Available channels on the 5.8 GHz band: 149, 153, 157, 161, and 165
▫ Some channels may be reserved in different countries or regions. Therefore, you
need to confirm the reserved channels before the planning.
• Avoid co-channel interference.
▫ Do not use the same channel in any direction.
▫ In the case of multiple floors, avoid overlapping with channels of APs at the same or
adjacent floors.
▫ If channel overlapping cannot be avoided, reduce AP power to minimize the
overlapping areas.
▫ Channel compliance:
▫ The available channels and the maximum transmit power of radio signals in the
channels vary according to countries and regions. Radio signals in different
channels may have different signal strengths. 1/5/9/13
• For channel distribution, ensure the minimum co-channel interference and prevent cross-
layer interference.

• If the AP's channels conflict with channels of users' Wi-Fi devices, adjust the channel
distribution.

• If channel conflicts cannot be avoided by adjusting APs' channel distribution, discuss with
the owners of the Wi-Fi devices to re-distribute the channels.
• Local power supply is inconvenient. Exposed power cables affect the appearance and
bring security risks.
• The PoE module supplies power and does not require power supply. However, a potential
fault point is added, which is inconvenient for maintenance.
• PoE power supply is used, which facilitates construction and solves the problem of difficult
power supply. The power supply is stable and secure.
• Hybrid cable: Currently, optical data is transmitted over the network port, and the
transmission distance can reach 200 m.
▫ Advantage: The cost of one-time cabling is low and the service life is long. Hybrid
cables apply to long-distance power supply scenarios and reduces the PoE power
supply distance.
▫ Disadvantage: Hybrid optical-electrical switches are required, resulting in high costs.
Optical modules are expensive, and one cable occupies two physical ports (one
optical port and one electrical port). This means that more switches are used.
• Cabling design rules:

▫ In normal cases, the length of network cables cannot exceed 100 m due to signal
attenuation. However, in actual projects, network cables are used to supply power to
APs. If the length of a network cable exceeds 80 m, the network is affected.
Therefore, it is recommended that the length of a network cable be less than or
equal to 80 m.

▫ It is recommended that about 5 m be reserved for a network cable during AP

deployment so that you can adjust AP locations for WLAN signal optimization. If
signals are of poor quality, engineers can flexibly adjust AP locations to ensure good
coverage.

▫ To avoid interference of high-voltage cables, it is recommended that low-voltage

cables be deployed as far as possible from strong electromagnetic field.

▫ During cabling planning, communicate with the customer in advance about all the
lines to prevent the construction progress from being affected by the customer's
disagreement on the construction due to the property and aesthetic factors.
• Outdoor installation mode:

▫ The azimuth and downtilt of an antenna can be flexibly adjusted based on the
auxiliary mounting kits.

▫ An AP can be installed on a wall without adjusting the antenna angle.

▫ Outdoor omnidirectional antennas are installed at a height of 4 m to 6 m, and

directional antennas are installed at a height of 6 m to 8 m.
• Website access test
▫ Test objective: To verify that HTTP website access delay and success rate meet the
project design requirements and acceptance criteria.
▫ Test method: At each measurement point, use a STA to connect to the WLAN. Enter
the user name and password for web authentication, open homepages of different
portal websites, and record the access delay and success rate.
▫ Expected result: After the user enters the authentication user name and password,
the latency for displaying the authentication success page is less than or equal to
3s. The website access success rate is greater than or equal to 95%.
• DHCP test
▫ Test objective: To verify that STAs connected to the AP can obtain IP addresses.
▫ Test method: Set the number of test times in advance and interval between two
consecutive tests in advance. The STA successfully associates with the AP and
accesses the network. The STA connects to the AP through the wireless network
adapter to obtain an IP address.
▫ Expected result: The IP address can be obtained.
• File synchronization test on the intranet server:
▫ Test objective: To verify the download rate of the WLAN device.
▫ Test method: Associate a STA with an SSID and ping the test PC. Enable the STA
to download a 200 MB file from the intranet server.
▫ Expected result: The STA successfully associates with the SSID and pings the test
PC. If there is no interference, the download is complete within 3 minutes.
• Tool name: WLAN Planner
• Function: online network planning tool It does not need to be installed. You can use it
directly after logging in to it using a uniportal account. It supports automatic identification
of obstacles in drawings of .pdf, .jpg, .png, and .bmp formats. You do not need to
download the latest version or apply for a license. The Google Chrome browser is
recommended.
• To obtain the tool and manual, visit https://serviceturbo-cloud-
cn.huawei.com/#/toolappmarket.
• Tool name: CloudCampus APP
• Function: tool for WLAN project delivery throughout the project lifecycle
▫ AP Calculator: Quickly estimate the material list in the pre-sales phase to provide
guidance for quotation.
▫ Site Survey: Connect to WLAN Planner to record photos and texts based on
drawings.
▫ WLAN Planner: Connect to WLAN Planner to display network planning results,
heatmaps, and AP attributes anytime anywhere.
▫ WLAN Tester: Support one-click Wi-Fi health check, multi-point acceptance, and
roaming test to meet test requirements of daily Wi-Fi projects. In addition, Excel data
and Word reports can be exported. In addition, the antenna alignment function is
supported.
• To obtain the tool and manual, search for CloudCampus APP in Huawei AppGallery,
Google Play, or APP Store, or download CloudCampus_APP from the forum link.
• In the onsite environment, most buildings use concrete, glass walls, and wooden doors,
and there is no third-party or non-Wi-Fi interference source. Confirm with the customer
that cables are routed on the ceiling.

• Device selection:

▫ In indoor settled deployment scenarios, the latest indoor AirEngine Wi-Fi 6 model
can be used. Compared with a Wi-Fi 5 AP, the AirEngine Wi-Fi 6 indoor model has
higher performance, supports access of STAs complying with multiple protocols,
and has industry-leading smart antennas. Therefore, signals can move with users
and are more stable.

• Coverage design:

▫ Use obstacles with high signal attenuation, such as load-bearing walls, to divide a
large coverage area into multiple small coverage areas. In this project, the office
area and meeting room are divided into eight areas. A single AP can meet the
requirements of each area. Therefore, a total of eight APs are required.

• Deployment design:

▫ Each AP is deployed on the ceiling in the middle of a small coverage area.

Channels of an AP are staggered with that of other APs (such as 1/149, 6/153, and
11/157).
• Link to the planning tool: https://serviceturbo-
cloud.huawei.com/serviceturbocloud/#/Toolsummary?entityId=d59de9ac-e4ef-409e-bbdc-
eff3d0346b42
• The following figure shows the process of WLAN network planning in indoor scenarios.
• Create a project.
▫ Before you use WLAN Planner to plan the WLAN, you need to create a project,
select a country where the network is planned, and set the environment type.
• Import the drawing.
▫ After you create a project, you need to create a building and import the drawing, so
that you can set the environment type and deploy APs on the drawing to simulate
the WLAN planning.
• Configure the environment.
▫ You can set obstacles, coverage areas, and interference sources on the drawing to
simulate the actual environment, making the simulation more nature.
• Deploy APs.
▫ Automatically deploy APs.
▪ WLAN Planner automatically calculates the number, locations, and working
channels of APs based on the obstacle status (locations and types) and
requirements on the coverage areas (such as the AP type, minimum field
strength, and signal type), and places the calculated APs on the drawing.
▫ Deploy APs manually.
▪ Based on the actual environment and deployment experience, you can
manually deploy APs using the tool to meet users' signal coverage
requirements.
• 1. A

• 2. ABD

• Why is channel planning required? How to plan channels?

▫ To prevent interference between channels, the interval between central frequencies

of each two channels in the 2.4 GHz frequency band must be larger than or equal to
25 MHz. It is recommended that channels 1, 6, and 11 be used in overlapping
mode.

▫ In the 5.8 GHz frequency band, non-overlapping channels 149, 153, 157, 161, and
165 are used, with 20 MHz of separation between each two channels.