Draft: Update in progress 31 March 2009: you may want to wait a week to read this

Minimizing WiFi Conflicts with Neighbors

Douglas B. Moran
Barron Park (Neighborhood) Association
Palo Alto CA 94306

Introduction

Wireless (WiFi) computer networks have become increasingly common in our neighborhood. For example, in 2005 from my house I could detect only two other WiFi networks. In May 2007, I routinely detect nine neighboring WiFi networks. In March 2009, using the same equipment from the same location, I detected between 14-42 WiFi networks, depending on the weather. To my surprise, my computer often sees a stronger signal from 1-3 of these than it does from my own WiFi access point in the very next room. Interference between networks can significantly slow all the involved networks. This advice has been written to help neighbors identify and minimize these problem. It has been structured to make it easy for you skip sections of no interest/relevance.

Reminder on security: No security is perfect—it is a tradeoff balancing risk against usability and cost. A high security system is often expensive and difficult to use. I will try to briefly explain the risks.

Advice in Brief:

  1. Check that you have turned on the highest level of encryption that all of your WiFi devices can support
  2. Set a meaningful SSID
  3. Survey for other WiFi devices
  4. Select a channel that minimizes conflicts, sticking to 1, 6 or 11
  5. If problems remain, strengthen the signal between your devices, by repositioning antennas or using directional antennas

Scope: This note is written to fill a gap between how to configure your own home WiFi network (in isolation) and how to configure a large enterprise's WiFi network. I won't repeat the former, and the latter is irrelevant because in those situations, all the WiFi devices are under the control of the network administrators for that enterprise (company). The focus will be on the interplay of separate WiFi networks in nearby residences. (If you know of a better resource in this niche, please let me know).

Target Audience: I have assumed that the typically reader has average computer literacy, but very limited familiarity with WiFi. Consequently, limited descriptions of the why's behind the actions are provided so that the reader can have basic intuitions about what s/he is doing, and know when s/he has a situation that falls outside the basic description. Note however that I am trying to provide a simple-enough description for the normal case, and will try to avoid.

Terminology, Basic:
More advanced terminology is at the end of this page, where it can be accessed as needed.

WiFi Client:
A system, such as a laptop, that uses WiFi to connect to the larger network, for example, to connect to your home network and through that to the Internet. Although laptops are currently the most common WiFi clients, WiFi-enabled printers, cameras and smartphones are increasingly present.
WiFi Adapter
The most common name for the WiFi network device on a WiFi Client.
WiFi Access Point (AP):
These are often referred to as WiFi routers because the physical device includes both a WiFi Access Point and a router, a pairing that is needed for the overwhelming majority of uses. However, when talking about connecting a WiFi client to the larger network, almost all the technical literature and advice refers to this as an Access Point because the router portion is irrelevant to the discussion. For consistency, I will use the term Access Point here.
WiFi Router
I will use this term when referring to the device itself. For example, there is a common configuration interface that handles both the Access Point and the Router components.


Sections


Provide a Meaningful SSID

The SSID (Station Set IDentifier) is the name broadcast by a WiFi access point to make it easier for clients to pick the intended access point from among all the ones it can hear.

Problems with identical SSIDs: Some vendors use identical SSID for all their units (for example, I can see 3 APs named "NETGEAR"). Not having an SSID name that is unique for your area can dramatically slow your network connection because the WiFi client's software presumes that all access points with the same SSID are on the same network, and thus are alternatives to be cycled through when trying to establish a connection (a valid assumption for corporate networks, hotels, auditoriums, ...).
What you perceive as a single WiFi connection is really a great many. For example, when the signal strength declines too much, the client invisibly does a reconnect, hoping to negotiate a faster connection. The cumulative effects of all these reconnections have delays while the client attempts futile negotiations with your neighbors' access points can be quite large.
Problems with identical and near-identical SSIDs: When you try to connect manually, you may well select the entry for your neighbor's access point instead of yours. Near-identical SSIDs are quite common: my computer can see seven that start with the prefix "2WIRE" and a 3-digit suffix.
In choosing a meaningful name for name for your SSID, one that identifies you to your neighbors can greatly simplify contacting each other when problem arise (some use their last name, but using a combination of first names is often equally as good). People wrongly assume that the strongest signals are from their closest neighbors, but many factors play a role in signal strength. For example, my computer gets a stronger signal from a neighbor four houses up on the opposite side of the street than it does from my next door neighbor.

Some people turn of Broadcast SSID based upon erroneous advice from the early days of WiFi that this improved security. For explanation, see the Wikipedia article on SSID or the technical paper it references Debunking the Myth of SSID Hiding (1 Dec 2003).


Select a Channel

A lot of us here in Silicon Valley reflexively try to optimize things. Avoid the temptation—all we are doing here is avoid bad situations. An unnecessary conflict can arise when neighbors have gotten the same model WiFi router (for example, from their broadband provider) and thus all are using the same channel (pre-set) while other channels go under-used.

Use only channels 1, 6, 11. If you wonder why, read this

Analogy/Intuition: Analog TV and radio represent different approaches to avoiding interference between stations. With radio stations, not all the assignable frequencies can be used in an area because the station's signal extends into the adjacent frequencies. For example, the signal of a station broadcasting at 90.1 can typically be heard at 90.0 and 90.2 (although weaker). The solution is to leave gaps between the frequencies assigned to stations. TV takes a different approach: Each channel represents a block of frequencies that can fully accommodate the broadcast signal (plus a little padding), thereby allowing all channels to be assigned to stations.

WiFi Channels: The frequencies available to WiFi have been split into 15 channels (similar to TV), but a WiFi station signal spans five contiguous channels (similar to radio). For example, a WiFi station assigned to channel 6 is really using channels 4 through 8. There are only 11 named channels, because the two below channel 1 and above channel 11 cannot be at the center of a five-channel block. Channels 1, 6 and 11 are routinely referred to as the non-overlapping channels because those choices allow the use of all the available frequencies without interference between stations on different channels.

Why such a complicated sheme? The rough idea was that rather than having a station wait for all five stations to be clear, to send on just those that were clear, thereby maximizing the throughput for both the individual station and the group. In practice, it turned out to be better to wait and use all five channels.

What's the harm in using a channel other than the non-overlapping ones (1, 6 and 11)? If you were to set your station to use channel 4 and neighbor A is on channel 1 and neighbor B is on 6, your station overlaps both of them (channels 2&3 for A and 4-6 for B). Thus when either of them is sending, you can't, and when you are sending, neither of them can.

Survey Channel Usage near you

Before choosing which channel to use, survey what channels your neighbors are using. The software utility that comes with most WiFi clients will show the SSIDs (names) of the nearby stations, the channel used and often their signal strengths (this is commonly found under Site Survey or Networks). However, this utility may show only the "top" stations (for example, only the first four) and it may not show signal strength, in which case, see A better survey below for a (free) utility that does. Have your WiFI AP turned on so that you can compare its signal strength to those of neighbors. Remember that you are simply trying to avoid bad situations (above), not optimize your choice. What I do is eyeball the list of station: I look for a channel that has fewer competitors in terms of both being on the same channel and having lesser signal strength.
Reminder: Stations using channels 2-5 need to be treated as competitors on channels 1 and 6; similarly channels 7-10 are competitors for 6 and 11.

Effects of Weather: Moisture in the air can greatly diminish the strength of signals from your neighbors, so it is best to do the survey on a dry (normal) day. I was surprised how big an effect this was. I did an experiment with a neighbor across the street. On the day before a storm arrived, my signal strength measured in their house was 80% (effects of distance plus a scraggly sapling in between). After the storm and passed and we had had several hours of sun, the signal was so weak that I couldn't even establish a connection.

Intuition: The commonly available WiFi devices use microwave frequencies (2.4Ghz band). Microwave ovens work by the water molecules in the food absorbing energy from microwaves, transforming it into heat.

A better survey: There are multiple free programs that do WiFi surveys. My favorite is Network Stumbler (http://netstumbler.com then "Downloads", also available from http://stumbler.net), whose author happens to be a Barron Park resident. The big advantage is that they provide a bigger display of the data that is easier to work with and visualize. These programs give you more information than you need, expecting you to pick-and-choose. You can sort on the columns, reorder columns, ...


Strengthen your signal, if necessary

Reposition your antenna

Sometimes a small change in the position of your WiFi AP greatly changes the strength of the signal at your client. Typically, the signal is reflecting off enough different surfaces that repositioning any one obstruction (including your body) does not make much difference.

Similarly, if your signal is interfering with a neighbor's AP, moving it can dramatically reduce the interference. Walls tend to weaken signals more than glass windows (wood, plaster, "dry wall", concrete all contain many water molecules).

My experience is that using a survey tool, such as Network Stumbler (above), is the easiest way to see whether a move has any effect. Often putting the AP up high—for example on top of a bookcase—provides a stronger signal to your client because there are fewer intervening obstructions.

Extension cables: Sometimes you might prefer to reposition just the antenna rather than the whole WiFi router. There are cables with the appropriate connectors (available at Fry's Electronic), but be warned that such cables result in some loss of signal strength, which may reduce or negate what was gained from repositioning the antenna. Be aware that there are three very different types of connectors (different sizes), so get the right one for your AP.

Higher-gain Antennas

When I read reviews for various models of WiFi routers, I was surprised by how many had signal strengths that dropped off precipitously, rather than gracefully degrading. Some were reviewed as working quite well in the same room but not much further. Many were reviewed as not being strong enough to reach the other end of the "typical" house or between floors. If you need a stronger signal and your WiFi router has a detachable antenna, one possible solution is to buy a high-gain antenna. This boosts both the signal it sends and the signal it receives (from the WiFi client).

Before buying one, find out the gain of the antenna on your WiFi router—this is typically in the manual or specification sheet that came with it. It is expressed in dB (decibels). Better models of WiFi routers often have antennas with higher gains than those provided by the lower end of "high gain antennas" that you can buy separately. However, do NOT buy a higher-gain antenna than you need: The typical ones are in the range of 5-10dB gain, but once it gets to 15dB, I have seen warnings about not staying within a foot (sometimes more) because of the harmful effects of that radiation.

Fry's Electronics has reasonable higher-gain antennas for less than $20, sometimes on sale for less than $10. I also have some extras from a project that never happened and am interested in selling them. Contact me. Again, be aware that there are three very different types of connectors: RP-SMA, TNC, MCX. The most common connector on consumer equipment is RP-SMA. The TNC connector is much larger. MCX is tiny and very rarely used (in my experience). Many antenna kits include adapters for one or both of the other connector types.

Directional Antenna

The most common high-gain antennas strengthen the signal in all directions, and are called omni-directional. Directional antennas use a reflector to focus most of the energy in one direction, weakening—not eliminating— it in other directions. For example, you may have a WiFi client at the other end of your house, or in the office you set up in your garage and you want to have a stronger signal between the AP and that client. Or you and a neighbor may be using the same channel, and the signal from them is stronger than from your WiFi client. A directional antenna pointed at your client and away from that neighbor increases sensitivity to the signal coming from your client while simultaneously decreasing sensitivity to the signals from that neighbor, in effect making your AP see your WiFi client's signal as stronger than that coming from your neighbor.

Again, there are cheap (under $10) directional antennas that can do this (and I have some I would like to sell). However, if the antenna on your WiFi router is not detachable, you can easily build a parabolic reflector that slides over it. One set of instructions is at http://freeantennas.com/projects/template/ These instructions are quite adequate, but not well written. If you are new to this sort of things, you may benefit from re-reading them before making a decision on whether this is something you want to do. A search of the Web will locate other plans, with various advantages and limitations. Many are intended for the hobbyist, not the consumer.


Check Encryption Status

Encryption of WiFi connections serves two purposes: It restricts who can connect to your network, and it makes it difficult for others to snoop on your transmissions.

Why Encrypt?

Many people say they care if other people connect through their WiFi to the Internet. But the risks are:

  1. Those other people are not connecting to the Internet, but to your home network, with the Internet one possible destination. If your computer has network shares—either intentionally or accidentally—information can be stolen from them, and virus, trojans, and other malicious software can be planted on your computer.
  2. If those people are conducting criminal activities (for example, uploading porn, releasing a virus) and the authorities trace it back, the trail stops at your house. There is likely less risk for a residential address than for a restaurant/coffee shop with free WiFi or a company with misconfigured WiFi. This problem has become well-enough known for enough time that it has appeared in the plots of a range of TV shows and even movies.
  3. The risk arises primarily from wardrivers—people who drive around looking for vulnerable WiFi access points, then park and connect.

Which Encryption Scheme?

In increasing levels of protection, the encryption schemes are: WEP, TKIP/WPA and WPA2 (also known as WPA-AES or simply AES).

  1. The access point and all clients must use the same encryption scheme and key (multiple is possible, but not seen in consumer-grade equipment). This can be confusing because equipment from different vendors, and even different models from the same vendor, can use different names for the same scheme.
  2. WEP encryption is easily broken by software freely available on the Web. It should be treated as only good enough to keep neighbors from inadvertently connecting to your network, for example from a misplaced mouse click.
  3. TKIP vs. WPA: The difference is little or none. TKIP was created to allow hardware using WEP to have stronger encryption through a software (usually firmware) upgrade, and was refined into WPA. Because of the delay in "officially blessing" the final version of TKIP as "WPA", vendors releasing products in this gap had to use the name "TKIP" for WPA, that is, "TKIP" can be identical to "WPA", but not necessarily (there may be minor differences which may or may not matter to your set-up).
  4. Similarly, "AES" and "WPA-AES" used by some vendors to refer to WPA2 before it was officially blessed. I haven't heard of any differences that cause problems in normal environments.
  5. In one chipset used in many models of access points, the settings for WPA were hidden: You had to select WEP and then Advanced.
  6. If your WiFi access point provides several schemes for handling keys, you want to use PSK (Pre-Shared Keys), that is, keys that you type into each device. Some consumer-grade WiFi devices offer other mechanisms for sharing keys, but these are typically used only in larger enterprises.

MAC Address Filtering: Security by obscurity

If your WiFi devices can support on WEP encryption, you may want to turn on MAC Address Filtering. This feature is available on many WiFi routers as part of the functionality of the router, and is inherited by the WiFi AP. It has various uses for wired connections, but for WiFi connections, it is so easily defeated as to provide no actual protection. However, because it is so rarely used, defeating it is no part of the common "recipes" used by miscreants, and not something that they would likely identify, or otherwise think of, when they have problems breaking into your network.

The MAC Address (definition and how-to-find below) is the physical address for a network device, below the level of its Internet address. To use this feature, you need to first enter the MAC addresses for ALL your network devices, both hard-wired (example, your desktops) and WiFi (laptops, printers, smart phones, ...) and then enable the feature.
Advice: This feature is often deep in the configuration menu tree for the WiFi router, and often confusingly under Wireless Configuration or similar label.
Warning: Even if the label on this feature is Wireless MAC Filter, do not assume that it applies only to WiFi devices and not hard-wired devices. Experiment to confirm—I own one such model with this mislabeling.

Major disadvantage: Every time you want to add a new device to your network, you need to remember to add its MAC Address to this list. Adding new devices happens more often than you might think. For example, visiting relatives may want to connect their laptops to your network to check their email and the Web. That you have this feature turned on is very easy to forget (blush) and difficult to diagnose. And this is not something you want do be doing in the middle of such a visit.


How-To's

Finding a device's network address under MS Windows
Go to the Start menu, choose Run(different location under Vista), enter cmd and then type into the resulting command window the command ipconfig /all. A laptop computer often has two network devices, one for the Ethernet port and one for the WiFi adapter. The Description field typically contains a name that tell which is WiFi. Failing this, when the Ethernet port isn't plugged in, it typically has an IP Address of all zeros (as well as Default Gateway and DNS Servers).
Configuring your Access Point
Many WiFi Router come with a configuration that allows them to be plugged in and used with little or no configuration. Consequently, by the time you read this, you may Your WiFi Access Point comes with a default configuration that you access through your web browser. The address is typically of the form http://192.168.X.Y with different manufacturers using different values for X and Y with Y most often being 1, but sometimes 254. Some manufacturers are thoughtful enough to put this default address on the case, but you may have to go to the manual to find this.
Tip: If you can't find your manual, go to the manufacturer's web site and look under Support or Downloads (or just do a Web search for it).
Alternatively: On a computer that is hardwired to your WiFi router, do Finding a device's network address (above) and the value X will be the same as in the IP Address. For example, if the computer's IP Address is 192.168.12.2, then the address of the WiFi router is likely 192.168.12.1.


Terminology, Advanced (Optional, as needed):

MAC/Physical address
The MAC address (Media Access Control), sometimes referred to as the Physical Address, is the device address below the level of Internet addresses. Each network device (hardwired and WiFi) are assigned unique MAC addresses by their manufacturers, and it typically located somewhere on the product, typically on the same plate as the serial number. The common format is six pairs of hexadecimal digits (0-9A-F) separated by colons (sometimes hyphens), for example 01:23:45:67:89:AB.
On computers running MS Windows, you can find this by Finding a device's network address (above) and looking under "Physical Address" (MS uses hyphens for separators rather than colons). This is particularly useful for deskside computers where you would otherwise have to open the case to find the plate with this info.
On WiFi devices that you can configure from your computer through your Web Browser (such as your WiFi router), the MAC address is often available under a System Info, Managment, Status or similar tab.
Or you can just look a little harder to find where this is written on the device.

Copyright (c) Douglas B. Moran, 2007, 2009, All rights reserved.

Version Info: $Revision: $ $Date: $