No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R008C00 CLI-based Configuration Guide

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
802.11r Fast Roaming

802.11r Fast Roaming

The 802.11r protocol uses the Fast BSS Transition (FT) function to reduce the number of information exchanges between users in the same mobile domain (MD) and does not require 802.1X authentication or key negotiation during STA roaming. Users are unaware of service interruption and experience low-latency data services during roaming, so their online experience is improved.

802.11r fast roaming supports the following two modes:
  • Over-the-Air: STAs communicate directly with the FAP for FT authentication.
  • Over-the-DS: STAs communicate with an AP for FT authentication through the HAP.
NOTE:
Currently, Huawei central APs support only the over-the-Air mode.
The principles for 802.11r fast roaming are as follows:
  • Figure 19-5 shows the intra-central AP 802.11r fast roaming process.
    Figure 19-5  Intra-central AP 802.11r fast roaming

    1. When a STA is connected to the Internet through RU_1 for the first time, the STA is authenticated by central AP and a PMK is generated.
      1. The central AP generates PMK-R0 (calculated based on the SSID, MDID, central AP MAC address, and STA MAC address) and PMK-R1 of each RU based on the PMK (calculated based on the PMK-R0, RU MAC address, and STA MAC address), and delivers the PMK-R1 to RU_1.
      2. The STA and central AP generate and install the pairwise transient key (PTK) and the group temporal key (GTK) by performing the 4-way and 2-way handshakes.
      NOTE:
      If open system authentication is used, no PMK is generated.
    2. The STA initiates an 802.11 FT authentication request to RU_2 during roaming, and delivers the PMK-R1 to RU_2.
    3. After receiving the request, RU_2 generates and installs a PTK according to PMK-R1 and information contained in the request frame. At the same time, RU_2 starts the re-association timer, and sends an 802.11 FT authentication response to the STA.
      NOTE:

      If 802.1X authentication is used, the RU reports FT authentication information to the central AP for processing during FT authentication. If open system or PSK authentication is used, the RU does not report FT authentication information.

    4. After receiving the response, the STA generates and installs a PTK based on the information contained in the response frame. The STA sends RU_2 a re-association request.
    5. After receiving the re-association request, RU_2 disables the re-association timer, and then sends a re-association response to the STA.
      NOTE:
      If a STA blacklist or whitelist is configured on the central AP, the RU reports re-association responses to the STA during FT re-association and then reports the STA's re-association request to the central AP for processing.
    6. After the STA receives the response frame, the roaming is complete.
  • Figure 19-6 shows the inter-central AP 802.11r fast roaming process.
    Figure 19-6  Inter-central AP 802.11r fast roaming

    1. When a STA is connected to the Internet through RU_1 for the first time, the STA is authenticated by Central AP_1 and a PMK is generated.
      1. Central AP_1 generates PMK-R0 (calculated based on the SSID, MDID, central AP MAC address, and STA MAC address) and PMK-R1 of each RU based on the PMK (calculated based on the PMK-R0, RU MAC address, and STA MAC address), and delivers the PMK-R1 to RU_1.
      2. The STA and central AP generate and install the pairwise transient key (PTK) and the group temporal key (GTK) by performing the 4-way and 2-way handshakes.
      3. The Central AP_1 synchronizes the PMK information to the Central AP_2 through the inter-central AP tunnel.
      NOTE:
      If open system authentication is used, no PMK is generated.
    2. The STA initiates an 802.11 FT authentication request to RU_2 during roaming.
    3. After receiving the request, RU_2 generates and installs a PTK according to PMK-R1 and information contained in the request frame. At the same time, RU_2 starts the re-association timer, and sends an 802.11 FT authentication response to the STA.
      NOTE:

      If 802.1X authentication is used, the RU reports FT authentication information to the central AP for processing during FT authentication. If open system or PSK authentication is used, the RU does not report FT authentication information.

    4. After receiving the response, the STA generates and installs a PTK based on the information contained in the response frame. The STA sends RU_2 a re-association request.
    5. After receiving the re-association request, RU_2 disables the re-association timer, and then sends a re-association response to the STA.
      NOTE:
      If a STA blacklist or whitelist is configured on the central AP, the RU reports re-association responses to the STA during FT re-association and then reports the STA's re-association request to the central AP for processing.
    6. After the STA receives the response frame of RU_2, the roaming is complete.
Translation
Download
Updated: 2019-01-11

Document ID: EDOC1000176006

Views: 116832

Downloads: 309

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next