Difference between revisions of "Network/Rogue Access Points"
(Import from 2018 wiki)
Latest revision as of 15:56, 20 January 2020
- 1 Policy
- 2 How big is the problem really?
- 3 I won't really be transmitting much data, it won't affect anyone
- 4 How about if I have a hidden SSID?
- 5 I'm in a far-flung corner of the field, nobody will see it
- 6 How about if I increase my beacon interval/rate?
- 7 How do you find rogue access points?
- 8 What will you do if you find a rogue access point?
The Electromagnetic Field NOC operates a strict policy prohibiting the use of rogue access points.
A rogue access point is defined as any device operating in the 2.4 GHz or 5 GHz spectrums, in any mode other than 802.11 client mode, that is operated by anyone other than the Electromagnetic Field NOC.
This includes access points, phones running Wifi tethering, laptops in ad-hoc (peer to peer) mode, and any other device interfering with the 2.4 GHz or 5 GHz spectrum without approval from the NOC.
Rogue access points are not a trivial affair, and we take the problem seriously. Every beacon transmitted consumes airtime significantly affects everyone around it. With 1,700 people densely packed and using an average of 2 wifi devices each, we cannot afford the loss of any airtime, let alone the enormous amount consumed by low data rate beacons.
How big is the problem really?
Substantial. And if you don't believe us, here are the calculations.
- Beacons are transmitted at the default interval of 102.4 milliseconds.
- Rogue AP beacons are (probably) transmitted at the lowest data rate (1 Mbps) and 802.11b long preamble is used.
- Beacons are 380 bytes without preamble.
- EMF NOC transmits 4 beacons for the 4 SSIDs we operate; 18 Mbps beacon-rate in 2.4GHz (802.11g) and 12 Mbps beacon-rate in 5GHz (802.11a).
- On average there will be 3 EMF APs within range on the same channel (at least on 2.4GHz).
- For mathematical simplicity, we assume that there are no collisions (this is unlikely, so this calculation is the best case).
Each beacon is transmitted every 102.4 milliseconds and is therefore transmitted 9.765625 times per second.
Long preamble is 144 bits and the PLCP header is 64 bits. Beacons of 380 bytes are 3040 further bits. Total size of a beacon frame is therefore 3248 bits. Each beacon is transmitted 9.765625 times per second so 31718.75 bits per second per beacon.
EMF transmits 4 beacons and there are an average of 3 APs in range on each channel. So 380625 bps are consumed by EMF beacons. At beacon-rate of 1 Mbps, this consumes 380.625 ms per second. However, in 2.4GHz EMF uses a beacon-rate of 18 Mbps, so it will consume 21.15 ms per second.
This means 97.89% of airtime is available for user data.
A single rogue access point added to the above equation causes the following changes:
An additional beacon of 3248 bits transmitted 9.765625 times per second. Another 31718.75 bits per second at 1 Mbps is therefore consumed, so 31.71875 ms of airtime is used per second.
The proportion airtime available for user data falls to 94.71%
Compared to the rogue access point not being present, the available bandwidth drops to 94.71 / 97.89 = 96.75%
The bottom line is obvious: every single rogue access point reduces the speed of everyone around it by about 4%.
I won't really be transmitting much data, it won't affect anyone
Irrelevant. It doesn't matter how much you use the rogue access point or even if you use it at all. Just having turned on means it's transmitting beacons and consuming airtime.
Irrelevant. You will still be transmitting beacons, the only difference is that the SSID field will be null. This is not a solution, it does not offer any improvement. Hidden SSIDs are not allowed. And we can find you just as easily with a hidden SSID, as you still transmit beacons.
I'm in a far-flung corner of the field, nobody will see it
Irrelevant. If any of our APs can see yours, they'll back off when they see your beacon and/or will collide with it and the airtime will still be wasted.
How about if I increase my beacon interval/rate?
Adjusting the beacon-interval would improve it somewhat, but not significantly. Increasing the beacon-rate does however improve it greatly.
Still, rogue access points are not allowed, irrespective of the beacon interval or data rate. Besides, most consumer access points do not offer any ability to alter the beacon interval/rate.
How do you find rogue access points?
A proportion of our access points run in monitor mode, monitoring the air quality around them. When they detect an unauthorised beacon, they raise an alert, and triangulation between monitor APs give us an exact location to within a few metres.
If there are not enough monitors in a location to triangulate, we fall back to a laptop and an antenna on a stick.
Failing that, we will shut off power to your area until you come forward or a neighbour rats you out.
What will you do if you find a rogue access point?
First, please don't put us in this situation; it is unpleasant for all involved, and we'd rather spend our time enjoying the event than being authoritarian.
In the first instance, we will inform you that running your own access point is not permitted and point you to this page to explain why. We hope that you will quickly turn it off and not argue.
If you refuse to turn it off or we later find that it has been turned on again, we will employ sanctions up to and including ejecting you from the site in accordance with the terms and conditions to which you agreed when purchasing a ticket.