About multiple SSID.
Last Post: August 7, 2006:
-
Hi guys!
Does anyone know where can I find the document or spec for multiple SSID?
Actually, I have one AP equipped with two SSIDs running in my environment.
The first SSID is named "Private" while the second one is named "Public".
Then, I try using two wireless clients to scan for the SSID broadcasted by the AP.
No matter how often I do the scanning, the network list of client A always shows only "Private" instead of "Public", and vice versa for client B.
I know both the SSIDs cannot be found by a single wireless client at the same time.
What confusing me is that how come client A never gets to discover the SSID called Public?
As a network administrator, what should I do if client A is only allowed to connect to "Public"?
Please help me on this.
Thank you very much. -
I don't think that there is a spec. for one AP supporting multiple SSIDs. I think that functionality is something that vendors made up. You would probably do best to speak with the vendor in question.
-
Hi Raul:
My advice to you is at the bottom. But first the background.
The IEEE 802.11 standard says nothing directly about "multiple SSID" access points (AP). The assumption throughout is that there are only three kinds of STA -- a non-AP STA that uses no AP and is a member of an IBSS, a non-AP STA that is associated with one infrastructure BSS, and an AP STA that contains an AP and initiates one infrastructure BSS.
The 802.11 standard requires a beacon producer to include its SSID in beacons and to respond to every probe request that matches its SSID. By definition a null SSID, also known as the broadcast or wildcard SSID, matches all SSIDs. Unfortunately the Wi-Fi Alliance does not enforce these two IEEE requirements and most vendors advertise as a (weak) security feature the ability to "hide" SSIDs from interlopers. Client STAs will only discover BSSs with hidden SSIDs if they probe for the actual SSIDs; otherwise they cannot join or associate.
Vendors have found that they can put multiple APs in a single STA. These APs share a single MAC and a single PHY. Each AP has its own SSID and produces its own stream of beacons, and each may or may not "hide" its SSID. Multiple APs in a single STA crudely extends the idea of virtual Ethernet LANs into the air by tying a single 802.3 vLAN to a single 802.11 SSID. (IEEE 802.1X assumes that a vLAN assignment, if any, follows user authentication and is transparent to the user. Having the user choose a vLAN by choosing from a list of SSIDs is crude, but serves the current marketplace.)
When Cisco introduced their multiple SSID feature, they only allowed the first SSID to be not hidden and all the others had to be hidden. Later they allowed all SSIDs to be not hidden. Cool.
My guess in your case is that you have hidden both SSIDs, one of your two clients is probing for the first SSID, and the other client is probing for the second SSID. Unhiding all your SSIDs may solve your problem, and in any case is the IEEE 802.11 right thing to do.
I hope this helps. Thanks /criss -
Firstly, thanks for your help Criss.
Actually, I did not hide my SSIDs.
There's a checkbox located at the right side of each SSID to hide the SSID. I'm sure I did not enable them. So what do you think anything else could have went wrong here?
By the way, since a specific client can always discover only one of the multiple SSIDs at the same time, what determines which of the two SSIDs will be discovered by a certain client?
Looking forward to hearing your opinion again.
Regards,
Alex -
Hi Raul:
I am out of theoretical ideas. Sorry. It's time to call in the "hands on" experts who have seen this one before.
Thanks. /criss -
Hi Criss,
It's ok. Thanks for your effort. -
What client package are you using? Is it possible you are using a client such as the WZC utility in Windows, and that each machine has the given SSID first on their priorty list for preferred networks?
Although I agree with sticking to the IEEE, here (am I really saying this?) I might suggest breaking with the standard. I've actually seen improved performance when multiple SSIDs departing from the same MAC *are* hidden - this way, the client HAS to enter (the unfortunate part) the SSID - but, it will be found when entered properly.
Best wishes! -
Hi Deedee:
I tried lots of the client utility for eg WZC, Broadcom, Odyssey client manager and etc. However, the results are still the same. If a specific wireless client found a certain SSID, it won't discover the other SSID when you scan for the network next time. This only happens when I set up multiple SSID. I would really like to know the mechanism involved in broadcasting the multiple SSID.
Regards,
Alex -
The mechanism is really up to the vendor - recommendations are put out by IEEE as described Criss above. Your best method to find out what is happening is to use a protocol analyzer, such as the free one offered by wildpackets.com (omnipeek personal). This will be your only real proof of what the vendor is doing. The only problem is, you need a driver supported by wildpackets, and MIMO equipment is unlikely to fall into this category as the IEEE hasn't even released the spec yet. This is why we discourage people from buying into the "pre-n" (802.11n) MIMO equipment at this stage of the game - we say - wait till the 802.11 folk release the spec.
Assuming all other requirements are met (you have the software, you have the right driver) - then you need to be sure you are using a matching client card. Because these unit are advertising backwards compatibility - you should be able to get "some" information using a Cisco, Proxim, or Netgear a/b/g card (the versions that have the atheros chipset in them - check with omnipeek to see which ones, or google on atheros).
Best Wishes,
- 1