WiFi technology is improving day-by-day, but still users are complaining it is the same - they are getting slow speed on WiFi. Therefore, in this article I have tried to summarize some basic troubleshooting techniques to help everyday user increase their WiFi speed and get maximum out of their wireless connection.
APPLICABLE SCENARIOS
Huawei AR routers such as AR161-S
AR1220C can be used for WiFi services and they can work in 2 modes - AC mode or FAT mode - to provide WiFi services. AR WiFi mode is selected on the basis of the scenario they are deployed:
the AR router in Fat AP mode is used in relatively smaller spaces like a café, home, small enterprises and SOHO offices. In this scenario, the AR router is configured as Fat AP and provides WLAN access to stations;
the AR router is configured as an AC in a large enterprise scenario where multiple access points are required and policies are to be pushed on each AP through a central point of control.
Let’s start with troubleshooting the slow WiFi in smaller places.
TYPICAL NETWORKING FOR SMALL-SCALE PLACES
In small spaces, the AR router is configured as a FAT AP to provide WLAN services. In this scenario, typically we separate NMS and the AAA controller is not required. The below figure shows the typical scenario in a small-scale WLAN deployment in a café:
slow1
Source: Small Café Network
HOW TO DETERMINE THE WORKING MODE OF AN AR ROUTER
The first thing to check is wether the router you are setting up can support the Fat AP functionality or not. The easiest way to find out is to look at the model number of the AP. Typically, routers containing W in their model number can function as a FAT AP. For example, AR161W. Another method to find out is by logging in to the AR router and run following command:
<Huawei> display workmode wlan
Wlan Current WorkMode = ap
Wlan Config WorkMode = ap //ap indicates the Fat AP mode, and ac indicates the AC mode
HOW TO TEST THE WiFi SPEED
The WLAN network is a very complex end-to-end system which has a core network, access network, content resources and end-clients. Other than the end-client, all other devices are stationary and are almost irrelevant to the end-user. In most cases, the slow internet is caused by the end-device. In this case, a WiFi speed test is used as the first action.
WiFi SPEED TEST METHOD
To test the WiFi speed, carrier websites can be used to test the speed or, alternatively, you can use local speed test apps for the mobile devices to run speed test. Based on extensive research, users can refer to the following for the assessment of their internet connectivity:
Theoretical WiFi Speed (Mbit/s)
Theoretical WiFi Download Speed (MB/s)
Slow (< 60% of the Theoretical WiFi speed)
Normal (60% to 80% of the Theoretical WiFi speed)
Good (> 80% of the Theoretical WiFi speed)
10
1.25
< 6 Mbit/s bandwidth
6–8 Mbit/s bandwidth
> 8 Mbit/s bandwidth
20
2.5
< 12 Mbit/s bandwidth
12–16 Mbit/s bandwidth
> 16 Mbit/s bandwidth
50
6.25
< 30 Mbit/s bandwidth
30–40 Mbit/s bandwidth
> 40 Mbit/s bandwidth
100
12.5
< 60 Mbit/s bandwidth
60–80 Mbit/s bandwidth
> 80 Mbit/s bandwidth
200
25
< 120 Mbit/s bandwidth
120–160 Mbit/s bandwidth
> 160 Mbit/s bandwidth
300
37.5
< 180 Mbit/s bandwidth
180–240 Mbit/s bandwidth
> 240 Mbit/s bandwidth
500
62.5
< 300 Mbit/s bandwidth
300–400 Mbit/s bandwidth
> 400 Mbit/s bandwidth
Some speed test software may measure the WiFi download speed in the unit of MB/s, and will convert the unit into Mbit/s before displaying the test results. If the test results are still displayed in the unit of MB/s, multiply the value by 8 to obtain the actual WiFi speed in the unit of Mbit/s.
The theoretical WiFi speed is the smaller value between the wired bandwidth and the wireless link speed. For example, if the wired bandwidth is 200 Mbit/s and the wireless link speed negotiated between the router and STA is 300 Mbit/s, the theoretical WiFi speed is 200 Mbit/s.
SO, WHY IS MY WiFI STILL SO SLOW?
After an extensive research, there are mainly 7 reasons for a slow WiFi. These are briefly described below:
Poor WiFi signal strength
This can be because of incorrect antenna installation, co-channel interference on 2.4 GHz and 5Ghz channels and non-zero power level for WLAN radios.
Incorrect encryption in WEP/WPA/WPA2
Main reasons are the incorrect configuration of WEP and the TKIP encryption in WPA/WAP2.
WLAN rate limiting
STAs go offline
DNS Server not responding
This can be because of ARP request packets being discarded. The DNS request packet being discarded can be solved by checking the DNS proxy configuration.
Packet loss in a ping test
Reason usually is the ARP strict learning configuration. Or because of an IP conflict of the STAs.
IGMP Snooping disabled
HOW TO QUICKLY SPEED UP YOUR WiFi
There are some quick ways to improve the WiFi network and restarting the services is the fastest one. However, if it’s on live a network, it will affect users’ services. To minimize the impact, perform some operations for speeding up your WiFi during off-peak hours. The following are some of the ways to improve your WiFi Speed.
1. The first step is to observe if there are any metal objects, microwave links or any interference causing obstacle by the AP. If there is any, remove that and adjust the WiFi antennas accordingly.
2. Save the configuration on the router, power off and restart the device.
Note:
Restarting the router interrupts user services for 1 to 2 minutes.
3. For small enterprises, even completely resetting the device can help accelerate the device performance, as it completely clears the entries table. However, this is not recommended for medium-to-large enterprises.
Notes:
a) Restoring the factory settings to reset the WiFi parameters will interrupt the services for dozens of minutes. This mode applies to homes, shops, cafes and SOHOs where routers mainly provide WLAN services for users.
b) Manually deleting and resetting WiFi parameters will interrupt wireless services for dozens of minutes. This mode applies to small- and medium-sized enterprises, where routers not only provide WLAN access but also some wired services for users. Restoring the factory settings will affect the wired services as well. So, this is only recommended in the off-peak timings.
HOW TO MAXIMIZE YOUR WiFiPoor WiFi signal strength
As WLANs use radio signals to transmit service data, radio waves in the air are attenuated due to the impact of the surrounding environment. If the WiFi speed is slow, check the WiFi signal strength. The strength of WiFi signals received by a STA directly affects the WiFi speed.
After the STA is connected to a WLAN, the number of signal bars displayed on the STA directly shows the strength of the current WiFi signal. Generally, three or four bars indicate that the WiFi signal strength is normal, and zero to two bars indicate that the WiFi signal strength is poor. If the strength of signals received by the STA is poor, perform the following operations for quick troubleshooting:
1. verify that WiFi antennas are correctly installed and no obstacle exists around an AR router;
2. to better receive and transmit WiFi signals, keep the WiFi antennas vertical to the ground;
3. place the router in an open area without obstacles or interference sources (such as walls and metal objects). Try not to access a WLAN from a distant location;
4. check for interference to 2.4 GHz or 5 GHz radio signals.
Use dedicated WiFi signal test software to check the interference to radio signals, and observe the signal strength and co-channel or adjacent-channel interference.
If radio signals are severely interfered, perform manual radio calibration:
<Huawei> system-view
[Huawei] wlan ap
[Huawei-wlan-view] calibrate enable manual
[Huawei-wlan-view] calibrate manual startupIf the severe signal interference still persists after manual radio calibration, change the router's working channel.
If the router supports the 5 GHz frequency band, enable the WLAN function on the 5 GHz frequency band. Enable the WLAN function on the 5 GHz radio interface wlan-radio 0/0/1 so that high bandwidth on the 5 GHz frequency band is leveraged to forward services. Set the operating channel bandwidth of the 5 GHz radio to 80 MHz to provider a higher speed. For WLAN configurations on this frequency band, see those on the 2.4 GHz frequency band.
5. Verify that the power level of WLAN radios is 0.
Run the display actual channel-power command to check the power level of radios.
POWER-LEVEL indicates the actual transmit power level of a radio. The value ranges from 0 to 12, and a larger value indicates a lower transmit power. In normal cases, the value of POWER-LEVEL is 0, indicating that a radio interface transmits signals at full power. If the value of POWER-LEVEL is not 0, run the following commands to set the power level to
Misconfigurations of the WEP/WPA/WPA2 enctryption (WEP vs WPA & WPA vs WPA2)
WLANs are easy to deploy and expand, flexible, and cost-effective. However, as WLANs use transmit data on open wireless channels through radio signals, service data may easily be intercepted or tampered with by attackers. To ensure WLAN access security, AR routers provide four security policies, namely, Wired Equivalent Privacy (WEP), WiFi Protected Access (WPA), WPA2, and WLAN Authentication and Privacy Infrastructure (WAPI). The Temporary Key Integrity Protocol (TKIP) encryption mode in WEP and WPA/WPA2 is not recommended in practice because this mode uses the Rivest Cipher 4 (RC4) algorithm, which is insecure and affects the wireless link speed. Small-scale networks do not have high security requirements, and the Counter Mode with the CBC-MAC Protocol (CCMP) encryption mode in WPA/WPA2 will suffice. The following can be used to troubleshoot the security issue.
1. Check the encryption mode configured on the router. Run the display this command in the WLAN security profile view to check the WLAN encryption configuration.
Information similar to the following indicates that the WEP security policy is configured. It is advised to change it to WPA/WPA2 by referring to Step 2.
Information similar to the following indicates that the WPA security policy is configured, with TKIP encryption in use. It is advised to change the encryption mode to CCMP by referring to Step 2.
Information similar to the following indicates that the WPA2 security policy is configured, with TKIP encryption in use. It is advised to change the encryption mode to CCMP by referring to Step 2.
2. Configure the WPA2 security policy and CCMP encryption.
WLAN rate limiting configurationIn WiFi access scenarios, rate limiting may be configured to protect network bandwidth resources, which in turn affects the WiFi speed of STAs. Therefore, upon a slow WiFi speed, check whether the WLAN rate limiting function is configured on an AR router. The following can be used to troubleshoot WLAN Rate limiting configurations.
Check whether the WLAN rate limiting function is configured. Run the display traffic-profile name profile-name command to check the configuration of the traffic profile.
If the WLAN rate limiting function is configured on the router, perform the following operations to cancel this configuration.
STAs are going offline
In wired scenarios, to defend against ARP address spoofing attacks, we usually configure ARP entry fixing on an AR router. Then the router can determine whether to update ARP entries based on whether the MAC addresses in the received ARP packets match those in the ARP table. However, in wireless scenarios, STAs may change flexibly, and their MAC addresses and access locations change frequently. If ARP entry fixing is configured, STAs will go offline due to abnormal ARP learning. If a STA goes offline, web pages may be opened slowly or fail to be opened on the STA.
Check whether ARP entry fixing is configured on the router. Run the display arp anti-attack configuration entry-check command to check the ARP entry fixing mode. disabled indicates that ARP entry fixing is disabled on the router. If the ARP entry fixing mode is not disabled, run the following commands to disable ARP entry fixing.
DNS server not respondingControl Plane Committed Access Rate (CPCAR) rate-limits protocol packets sent to the CPU, so that CPU resources are not occupied, preventing impact on other services. Different CPCAR values can be set for different protocol types. Packets whose rate exceeds the CPCAR value are discarded.
On a WLAN, the most likely protocol packets to be discarded are DNS Request and ARP Request packets. The reasons are as follows:
when accessing the URL of a website through a WLAN, a STA sends a DNS Request packet to the DNS server. The DNS server can be a DNS server on the public network or a gateway. When the DNS server functions as a gateway, a large number of DNS Request packets are generated if a large number of STAs access the network. When the number of DNS Request packets received by an AR router serving as the DNS server and gateway exceeds the CPCAR value, the router randomly discards the DNS Request packets. If the DNS Request packet of a STA is discarded, the DNS server will not respond to the STA. As a result, the requested web page loads slowly or fails to load;
on a WLAN, some STAs scan LAN segments and send ARP Request packets to all IP addresses on their local LANs. When the number of ARP Request packets received by the router exceeds the CPCAR value, the router randomly discards the ARP Request packets. If the ARP Request packet of a STA is discarded, the router cannot learn its ARP entry. As a result, the requested web page loads slowly. If the router keeps failing to learn ARP entries of the STA, the STA cannot access web pages;
the following method can be adopted to troubleshoot the DNS issue:
1. Check whether DNS or ARP Request packets are discarded on the router. Run the display cpu-defend statistics command for multiple times to check whether the Drop Packets values corresponding to arp-request and dns-request change.
If the Drop Packets value corresponding to arp-request keeps increasing, ARP Request packets are discarded. In this case, run the following commands to change the CPCAR value to 512 for ARP Request packets.
If the Drop Packets value corresponding to dns-request keeps increasing, DNS Request packets are discarded. In this case, run the following commands to change the CPCAR value to 512 for DNS Request packets.
After the fault is rectified, you are advised to delete cpu-defend policy dns and cpu-defend policy arp commands to restore default CPCAR values for ARP and DNS Request packets in order to protect CPU resources.
By default, the CPU attack defense policy default is applied to the router. The CPCAR values of various protocols have been specified in the CPU attack defense policy default and cannot be modified.
2. Check whether the DNS proxy function is configured. If DNS Request packets are discarded on the router, check whether the DNS proxy function is configured on the router. With this function, the gateway sends DNS Request packets from STAs to the CPU for processing, which aggravates discarding of DNS Request packets. Therefore, if DNS Request packets are discarded, deleting the DNS proxy configuration is recommended. Configure the DHCP function on the router to deliver the IP address of the DNS server on the public network to STAs so that the STAs can send DNS Request packets to the DNS server on the public network.
To check the DNS configuration, run the display current-configuration | include dns command.
If the preceding configuration is displayed, the DNS proxy function is configured on the router. In this case, delete the DNS proxy configuration and deliver the IP address of the DNS server on the public network to STAs through the DHCP function.
Web pages load slowly and packet loss occurs in a ping rest
If a STA is online on an AR router but cannot access the Internet, ping the IP address of the STA from the AR router to check whether packet loss occurs between the STA and the AR router. If the ping operation fails or some packets are lost, perform the following operations for troubleshooting:
Check whether strict ARP learning is configured on the router. With strict ARP learning enabled on the router, it learns ARP entries only when receiving ARP Reply packets in response to ARP Request packets sent by itself. The router will not learn the ARP entry of a STA when receiving an ARP Request packet initiated by the STA. As a result, the router cannot ping the STA, and the STA fails to access web pages.
Check whether an IP address conflict occurs on the network. When an attack occurs on the network, an IP address conflict may occur. The IP address conflict will lead to frequent route flapping on the router and cause packets to be sent to an incorrect STA. As a result, some packets are lost during the ping operation between the STA and the router, and web pages load slowly on the STA.
1. Check whether strict ARP learning is configured on the router.
Run the display arp learning strict command to check the configuration of strict ARP learning.
If strict ARP learning is configured on the device, perform the following operations to disable strict ARP learning in the system view and interface view in sequence.
2.Check whether the STA encounters an IP address conflict.
In most cases, IP addresses of STAs are automatically assigned from an address pool of the VLANIF interface. Run the display ip pool interface interface-pool-name conflict command to check information about conflicting IP addresses in the address pool.
After finding the conflicting IP address, locate the MAC address mapping this IP address so as to locate the STA and manually change its IP address. The following methods are available for you to locate the MAC address of a STA with a conflicting IP address.
The router records IP-MAC mappings for STAs it has learned in its ARP entries, including the STAs with conflicting IP addresses. Run the display arp command on the router to check ARP entries to find the MAC address mapping the conflicting IP address.
If the corresponding ARP entry is aged and no related information can be found, check logs about IP address conflicts. Run the display logbuffer command to view log information recorded in the log buffer. Search for AM/4/IPCONFLICTDTC in the log to view the MAC address mapping the conflicting IP address.
Video freezing occurs, which may be caused by the disabling of multicast IGMP snooping
In an HD VOD scenario, the multicast-to-unicast conversion function is required. After this function is enabled on an AR router, the router listens on IGMP Report and Leave messages to maintain multicast-to-unicast entries. Before sending a multicast packet to a STA, the router converts the packet into a unicast data packet according to the multicast-to-unicast entry, and sends the unicast packet to the STA. This prevents the router from sending multicast data packets to STAs that do not need the specified data, thereby improving transmission efficiency of multicast data streams.
Check whether the multicast-to-unicast conversion function is enabled on the router.
Run the display service-set id service-set-id command to check the configuration of multicast-to-unicast conversion in a service set.
If the multicast-to-unicast conversion function is disabled on the router, perform the following operations to enable the function.
CONCLUSIONWiFi networks can be as complex as the wired network itself, but by following some basic standard industry principles, it can be troubleshooted easily. While planning the WLAN for a building, try to keep things simple and follow the best practices offered by Huawei for both planning and configuration.