These days the warehouse operation without Wi-Fi is impossible – wireless data acquisition terminals allow to perform the processes of goods flow inventory and accounting in any place, as well as to provide mobility of cash registers, weight scales, checkers, printers, information units (incl. video), workplaces. As a bonus you can get a transport for voice services and geolocation systems operation.
Why this topic is so relevant? Surprisingly, but 50 % of our projects on warehouse areas equipping with Wi-Fi are related with modernization of the existing Wi-Fi networks. The thing is that far too many people make mistakes at Wi-Fi network design stage, and these mistakes should be corrected later. But it involves expenses on additional equipment, movement, and even replacement of the existing solution; it means time, money and operational downtime.
FURTHER WE EXPLAIN WHAT MISTAKES MAY APPEAR AT WI-FI NETWORK PLANNING STAGE, HOW TO AVOID THEM AND DESIGN EVERYTHING PERFECTLY FROM THE START
Many people go with the network planning in warehouses, using experience of Wi-Fi access points allocation in offices, therefore they consider the point operating range as a circle of 17–25 m. But this is wrong!
Classic mistake – access point directional pattern, its lifting height, stacks height and stored goods type are not considered at planning.
What is “directional pattern”? If you are not familiar with this term, it’s easier to imagine the principle pf Wi-Fi access point signal radiation as a principle of a horn loudspeaker action.
Directional pattern defines in which direction an antenna will radiate more, concentrating the energy, and receive the response in a better way. Similar to the horn loudspeaker: we speak into it – we are heard better, we put it to ear – we hear better. But it should be understood, that it works only for the side, to which the horn loudspeaker is directed, from other sides the audibility immediately becomes worse.
For example, the radiation pattern of access points with omnidirectional "dipole" antennas, which are classic for office installations, looks like this:
It means that in horizontal plane the access point “radiates” almost the same to all sides. But in vertical plane the main radiated energy comes sideways. I.e. the access point copes well with its task of covering the specified radius in the office when it is mounted on a ceiling.
But in a warehouse, if lifting height is 18 meters or more and there are high stacks with radar absorbing goods, the following is possible:
It turns out, that the access point will “radiate” the space above the stacks well, but, being directly below it, you can get the low signal level, not to mention that the signal will not be propagating to the adjacent passages! Therefore, we make the conclusion, that not all access points are equally useful and applicable.
Also the following is often observed:
In this case the access point is located directly above the stack. If stack is high, goods on it can totally block the signal from it. Usually it happens, when planning and construction of wireless network are preformed before receiving the stacks location plans, which is absolutely discouraged. Therefore for the best coverage the access points should be located above the passages.
What access points should be used for warehouse planning?
Unfortunately, there is no single solution, since a lot of things will depend on various factors: on premises configuration, materials, stacks height, beams/ceiling boards configuration, possible places of access points location and many more. Therefore the right decision is to make an individual project specifically for your premise.
If you don’t have staff specialists, approach the companies, providing professional services for Wi-Fi network planning. Usually the cost includes theoretical planning using professional software (of Ekahau or Airmagnet Site Survey type), as well as on-site visit and measurements performing directly in your premises. Specialist on site, using telescope mast, will locate the selected type of access points on the corresponding height and will test the planning accuracy.
If for some reason you don’t want to use the professional services, then the reliable and universal solution for covering the long passages between the stacks is using the points with narrow-beam antennas, mounted on a wall at the start of the passage. Thus, without any problems you can cover the passage between the stacks for a distance of 100 m and more, and, what is more important, you don’t need to worry for access points safety anymore (in actual practice there are a lot of cases of damaging the access points and antennas, located in the stacks area, during goods handling). Due to beamed antennas the less access points are required for the area coverage, and they impact each other less, that is good for Wireless network operation stability.
Implementation of such design can be realized with access points with the ability to connect external panel antennas, for example, Cisco C9115AXE ($1.1k GPL) with the original AIR-ANT2566D4M-RS antenna ($800 GPL). Such antennas can be adjusted in both dimensions, so regardless of the height of the suspension and the length of the passage, it will be possible to choose the best way to place it
You can save on external antennas, for example, by purchasing a directional 3rd party panel antenna like dual-band Interline 4x4 MIMO IP-G10-F2458-HV-M instead of the original one. And for very budget solutions, MikroTik always has a wide selection of wireless products.
Also in some configurations it will be appropriate to use outdoor points with internal antennas, for example Ruckus T350
Network planning for low signal level. Many customers do not impose high requirements to Wi-Fi signal level in warehouses, since, according to them, they don’t need high rates for DAT operation. But in doing so, they become victims of a very tricky situation, related to peculiarities of Wi-Fi operation in a far-field.
Here for explaining the situation we have to dig into the technical terms. Indeed, the received signal level defines the selection of modulation and, as a result, the rate of connection to network. Look into the table of receiver sensitivity for a range of 2,4GHz for 802.11n for the same Cisco 1702i access points.
It would seem, that at signal level of -75dBm the maximum rate of client connection to access point should be achieved. But it should be noted, that Wi-Fi signal level can decrease by ten folds with adapter movement due to multibeam transmission. Therefore, actually, the most common reason for signal level jumps is a adapter obscuring with obstacle (body running out of the box, furniture item or barrier), that can easily result in the signal level drop by 10dB.
You can check it with ease: if you install some simple app like “Wi-Fi Analyser” on your phone, you can see, how the level of the received signal from you home router jumps on its own. Then try to stand on a path between your phone and the router or put a book on the router, you can firmly hold the phone with both hands in its upper part: as soon as the received signal starts to drop, the client adapter will not only try to switch to lower rate, but will also start an active roaming process, specifically – it will bounce by frequencies, searching for adjacent access points with higher signal level and trying to connect to them. In practice it will result in real lags, pretty visible and noticeable by user during client apps operation.
But the worst is ahead. There is a nuance: as known, Wi-Fi operates in half-duplex mode, i.e. at any one time it transfers or receives information from one client only. The nuance is in the fact, that by default the access point draws no distinction between the clients, operating with high and low rates: under equal competitive conditions of the network access over the same period of time the client, connected with a high rate, transfers the same amount of data as the client, connected with a low rate.
Clearly we have the following picture: let’s assume we have 2 clients, operating in 802.11n in a range of 2,4GHz. The first is connected with maximum rate of 150 Mb/s, the second – with minimum of 6 Mb/s
For ease of perception we will calculate using modulation rate, since the actual Wi-Fi rates are lower due to time of competing for media access, safeguards, service protocols operation, etc. Let’s assume that the first client transfers 1 Mb of information in 50 ms, while the second one – in 1500 ms. But there is a nuance: all the time, while the client with low connection rate transfers its data, the client with high rate stands idle.
By making simple mathematical proportion, it could be seen, that actually under the same activity the client with high data transfer rate obtains the rate of not 150 Mb/s, but 5 Mb/s, that is 30 times lower.
The real picture is worse than theoretical. There could be several clients in the far-field. Clients can be located in the far-field on the different sides of the access point. In this case they may “not hear” the start of data transfer from other client and try to transfer their data, thus creating an active interference.
It is possible to save the situation to some degree by lowering the values of RTS threshold / Fragmentation threshold, but this makes the band, available for transfer, even more narrow due to packet fragmentation and increased service traffic for RTS/CTS mechanism.
In our practice we had the cases, when just 5 “kind of” band-undemanding DATs, being in the far-field of a single access point at a theoretically acceptable level of -75 -80dBm, created network lags of 1–2 seconds, resulting in very unstable operation of an app.
By the way, the 802.11ac Wave2 or 802.11ax standard partially solves this problem, but it won’t help us in the warehouse designs (AP allows you to optimize the band only for a small number of CPE simultaneously working with the access point, and there are no terminal devices supporting the standard yet) .
Modern solutions also allow to setup Wi-Fi network to automatically de-associate the clients with low signal level by the specified threshold value. But for the client to have a place to connect, the network should provide the high signal level everywhere!
What signal level is considered high?
The professional community opinion is the following: Wi-Fi network should be designed at -67dBm (for instance, see Cisco Enterprise Mobility Design Guide). In general, I agree with this number, but I also want to clarify, that this is true regardless of Wi-Fi network load. Of course, in individual cases, when network load will indeed be low and no scaling is planned, the requirements can be lowered.
Attempts to “swindle” with signal level.
It is rather common, we have already reworked several such facilities. Access point with overstated radiation power, that, considering the beamed antennas, can easily “radiate” the territories with high signal level with radius of 200 m, is purchased. But at the same time the fact, that client device continues to operate with power of 50 mV and can not “hear” its access points, is completely ignored.
As a result, the client device has the full signal scale, but apps do not work.
It should be understood, that the access points with overstated power are used in two particular cases: the first one is arrangement of bridges, the second one is Metropolitan Access, i.e. arrangement of coverage in a city or other external sites, where Wi-Fi clients also include special, usually stationary devices with overstated transmitter power and the beamed antenna.
Planning by signal level only, without considering the frequency planning.
The thing is that another characteristic becomes effective at frequency planning – signal-to-noise ratio (SNR). It defines, how much the signal level from the operating access point is higher than all possible noises, interferences from adjacent intrinsic and foreign access points, as well as client devices. It should be understood, that the higher the network load, i.e. the more Wi-Fi devices you have and the more active they are, the more interferences they make for the adjacent access points, operating on the same channels as the devices.
Usually, at design stage the requirements are set for SNR value to be at least 20dB (somewhere even 25dB, and in modern All-wireless networks on the ax standard - all 30dB). This number is justified with the receiver sensitivity parameters, specified in IEEE standard, when the accepted levels of PER/BER (packet error rate/bit error rate) are achieved at SNR of 10dB (and 10dB is taken “as a reserve” specifically for the case of signal/noise/interference level jumps).
How can the low SNR do harm? First of all, the errors will appear on receiver, resulting in repeating of data transfer, and it means significant lags in apps operation in Wi-Fi network for all connected clients (see above on half-duplex nature of Wi-Fi network) to the extent of its complete failure.
For instance, let’s examine the situation, when the access points in a range of 2,4GHz were set for a single operating channel (very realistic situation, especially in the lack of wireless network controller). External networks and interferences are absent. At load simulation in Wi-Fi network starting from 10 % (either rather high activity or a lot of clients) the access points and clients start to actively cause interferences for adjacencies, that is manifested in SNR level of less than 25dB (shown in grey in the figure).
In real practice the picture will be even worse. But the correct frequency arrangement solves the problem:
But with network load increase (simulated as 20 %) we can see the grey areas again:
What should we do? The problem is that to maintain the high signal level and to provide the lack of interference in a range of 2,4GHz is very problematic, since there are only 3 non-overlapping operating frequencies in this range (1-6-11, or you can use a partially intersecting 1-5-9-13 scheme - where allowed).
One of the ways is a power reduction of the access point transmitter. However, at the same time we also reduce its activity area, resulting in necessity of more equipment installation at a facility.
The most effective way to eliminate such problems is a transition to a frequency range of 5GHz, in which 24 non-overlapping channels can be used in the RF. Therefore with the same load parameters the picture at a frequency of 5GHz will look totally different:
Unfortunately, the usage of 5GHz range in Wi-Fi has its nuances:
- first of all, there are a lot of old client equipment, that operates in 2,4GHz frequency range only (especially relevant for warehouses, since the majority of such clients are old DATs)
- secondly, the signal at 5GHz frequency propagates worse (due to high value of energy dissipation in space or obstacles for such frequency, i.e. the heating is higher), than in a range of 2,4GHz. Therefore during network planning for 5GHz range it should be considered, that number of access points should be increased almost by 30 % (for individual cases it may be up to 100 %). For instance, in case of simulation of signal propagation in a crowd, the effective distance of Wi-Fi (for level of -67dBm) in various ranges will differ by a factor of 2. In real practice we will have the similar numbers
In practice, for typical installations in free premises the effective operating radius in a range of 2,4GHz is usually about 25 m, for 5GHz – 17 m.
What conclusions should be made?
- perform the frequency radio planning of a radio network, if possible develop the strategic frequency plan, or use wireless controller of Wi-Fi network for frequencies automatic selection
- at the stage of Wi-Fi network design plan everything for 5GHz frequency range, it can greatly help for network scaling. For instance, the voice services can be arranged, Wi-Fi video camera can be put somewhere or the remote workplace, demanding in terms of bandwidth, can be arranged without a problem in your warehouse in the future
We will not discuss here the specifics of authorization methods, since there are a lot of articles on that, but we will write about real situations.
The most common threat, observed by us during radio inspections, is the following:
Our colleague holds the mobile access point, that he can easily connect directly to the wired corporate network. It is hardly visible due to its small size.
- he wants access to the corporate network from mobile device
- there is no corporate Wi-Fi network, or it has limitations, or there is a bad signal on a workplace
- he has a malicious intent
- he has no free socket on a workplace to connect a laptop
In any case, in every second inspection we observe the pair of home Wi-Fi routers, brought by the employees and connected to the corporate network. I think, there is no need to describe the possible consequences of such actions, since you can imagine them by yourself (at the dark night the dark car approaches the building and the former employee, without leaving the car, using a laptop with Wi-Fi adapter with a beamed antenna, gets the access to your network “from the inside”).
This threat can be eliminated. MAC filtration on switch ports, authorization as per 802.1x and other NAC solutions will help. Then again, the unauthorized devices can be detected during radio survey.
Modern Wi-Fi solutions (especially with WIPS – wireless intrusion prevention system) can automatically detect such threat by observing the broadcast frame from the wireless and wired network simultaneously, considering that it did not pass through the corporate access points.
What about authorization and access control for Wi-Fi network?
PSK – non-safe due to public key. EAP methods (MSCHAP/TLS – login/password/certificates) generate significant administrative load, and also they are not as safe as it seems.
I recommend at least to create the target network segments with strict correspondence SSID – VLAN – service during planning, for instance, separate SSID for DAT with access to applications server only, separate SSID for VoIP, etc.
The following is the interesting architecture solution for arrangement of employees access to the corporate Wi-Fi network: use the standard method of connection with a public key (WPA2/PSK), and then use the corporate VPN client (e.g., Cisco Anyconnect VPN). I.e. Wi-Fi of client should be considered untrusted, like any other one connected through the public networks.
This will not just reduce the administrative load, but will also provide the single entry and control point, as well as high characteristics of network safety.
P.S. All images are made using Ekahau Site Survey Pro software.