The SNB Answer Guy will be visiting us from time to time to explore and explain common topics in Wi-Fi and beyond. He'll be trolling the SNB Forums for topics or feel free to send your burning question to email@example.com.
One of the more frequent discussions on the SNB Forums, both for questions and recommended guidance, is the question about SSID's; should you use one for all your access points, routers and wireless extenders, or assign a different one to each?
Let's start by defining some terms:
- STA – Station – Every node in a 802.11 based network is a STA, or Station
- AP – Access Point – This is a STA configured in a Wireless LAN in Infrastructure Mode. The AP is the coordinator and master of a Basic Service Set, or BSS
- BSS – Basic Service Set – An AP, along with all client STAs associated with it.
- DS– Distribution System – The BSS is only the Wireless Side of your WLAN. For it to connect to the rest of the network, an AP has to have a DS behind it. In many cases, it's Ethernet at a logical level, even inside a Router/AP.
- SSID – Service Set Identifier – This is the name of the wireless LAN. It's what you see in the wireless setup of the client when searching for and attaching to a WLAN.
- BSSID – Basic Service Set Identifier – This is the unique MAC address of a particular AP within the BSS.
- ESS – Extended Service Set – An ESS is a collection of BSSes that share a common DS, along with common authenticators and addressing schemes
Now let's look at WLAN configurations, starting with the simplest and moving to the more complex.
Level 1 – Simple WiFi network
A simple WLAN – let's use a single radio Router/AP.
An SSID is assigned to the WLAN and the radio is enabled. On the client, the SSID is found, all the authentication parameters are entered (we all use WPA2-AES these days right?), and the client associates with the AP. We now have created a Basic Service Set. When adding a second client device, it is also part of that same BSS.
Single AP BSS
Level 2 – Dual Band/Dual Radio AP's
Now we replace the single Radio Router/AP with a shiny new concurrent dual-band Router AP – same thing, except now we have two AP's built into the Router/AP.
Here's where people start running into problems. But remember from above, we have a common DS, which means that both of those AP's inside share a common network with common authentication, addressing, routing. That second radio is just another AP, with its own unique BSSID.
Remember we mentioned above that BSSID and SSID are two different things. The SSID is the overall WLAN name; the BSSID is the MAC address of the AP. So we make both radios part of the common SSID.
Follow so far?
So let's configure the second radio in 5 GHz. Using the same SSID and common credentials, we can configure the AP to be another BSS inside our Wireless LAN. To the client, it looks like one single network, mainly because of the shared upstream DS.
So we have two BSS's sharing a common DS and we've now created an Extended Service Set.
Extended Service Set (ESS)
The client can then pick or choose which BSS to associate with. But since we've got a common DS and SSID, it doesn't need to get a new IP address and routing information. And with the common SSID, it doesn't need to reauthenticate, but just update the transient WPA2 keys. This is all handled at the Wi-Fi layer of the network. It's a lightweight (simple) process and takes usually less than a second.
Level 3 – More AP's
Now, let's step it up a bit by adding another AP, say one across the room.
Remember the basics. We still have a common DS behind that AP. So again, we use the same SSID and same authentication parameters. We can now start up another BSS (or two) inside the same Extended Service Set.
Walk away from the first AP, and towards the second AP and the client sees a new BSSID. But it sees the same SSID, so it knows that it can join the new BSSID, just updating the temporary WPA2 keys and using the same DHCP information for addressing and routing.
We could add 20 AP's to that DS, using common SSIDs, each having its own BSS. But being part of the larger ESS, the client STAs know that the backend network is the same.
The Choice – One SSID or Many?
Many AP's offer the ability to set a second SSID for the 5 GHz radio. This is indeed an option and one worth considering. With the additional AP's discussed in Level 3, we can assign even more SSID's. Some folks have legitimate reasons for explicitly controlling which STAs associate with which AP's. This is a valid approach, but brings on additional complexity when additional AP's or wireless extenders are deployed to improve coverage.
The challenge here is when using unique SSID's, one is telling the client that there are many networks out there. So moving from one SSID to the next now becomes a very expensive (in time) transition. The client has to detach from the current ESS/BSS, join a completely new BSS and request new routing information. Clients generally don't want to do this. So they'll camp on the current BSS until they lose its signal completely, then go back into system selection and find a good BSS to join up with.
Note there are some STAs that just refuse to move when one would expect them to. Or they select a band in a dual band deployment that they perhaps shouldn't. This is a bug. You can try updating the client drivers/firmware perhaps and if this doesn't fix things, report a bug to the vendor.
But Wait, There's More!
Since all AP's are part of the same ESS, they can, and will, sync up on the radio side for timing purposes. This lessens the chance of packet collisions on the 802.11 side, as everyone within range of the AP's can "hear" each other for the most part. But the AP's can definitely hear any client stations associated within that BSS.
More importantly, as our home networks become ever more complex with media streamers, handhelds, consoles, mobile handsets and the ability to move data around, the single SSID approach removes many layers of complexity at the network level. It's all one single network, and we leverage the power of the common WLAN and Distribution Network.
So don't worry, be happy. Use a single SSID, single WPA2-AES key and your STAs generally will be happy, and so will the users of your network. And your life as the administrator of that network will also be easier with a single configuration for all clients.