5 GHz & Bandsteering - WLAN tips in practice check
Many WLAN recommendations promise to make your network faster and more secure. But not every tip is suitable for every network. We check the most popular statements and tell you what you need to do to make them actually help you.
Everything seems to have been said about WLAN: countless tips explain how to make the wireless network faster and more secure. And theoretically they are all correct. However, when it comes to WLAN, what really matters is practice - and that varies from radio network to radio network: whether a tip helps depends on how many devices work with which WLAN standard, which area the WLAN should cover and what interference it is exposed to. It may be that you are very satisfied with WLAN tips because they improve speed and range, but a friend gives you completely different suggestions because they worked well in his wireless network.
For this reason, we review commonly mentioned WLAN recommendations for speed and security. All have advantages and disadvantages that can make them ideal for one network, while less suitable for another. So you can decide for yourself which measures you want to use or adapt for your situation.
Speed: Is 5 GHz always the faster frequency?
Since there are WLAN devices with dual-band support that transmit over 2.4 and over 5 Ghz, the recommendation is: for higher speed, definitely use the 5 GHz frequency. Of course, this is not wrong: routers, repeaters and clients can use wider radio channels over 5 GHz, which enables a higher transmission rate. In addition, a significantly larger frequency spectrum is available for WLAN over 5 GHz - 455 MHz compared to 83.5 MHz for the 2.4 GHz frequency. This means more overlap-free channels, which is why more different radio networks can transmit over this frequency without interfering with each other. In addition, devices over 5 GHz are allowed to use a higher radiated power - 200 mW or 1 watt, depending on the channel - while over 2.4 GHz only a maximum of 100 mW is allowed. In practice, this usually ensures a comparable range, although radio waves on the 5 GHz frequency are generally subject to higher attenuation.
Depending on your conditions, the range problem can also be an important argument against 5 GHz: If the WLAN signal has to cross many walls and ceilings, the speed can be reduced so much that a connection via 2.4 GHz is the better solution.
In addition, most 5 GHz channels cannot be used with some dual-band devices: If routers or clients do not have the DFS (Dynamic Frequency Selection) function, they are only allowed to transmit on the lower channels 36 to 48. In this case, only one 80 MHz wide radio channel can be used, and your WLAN cannot avoid other radio networks in the neighbourhood that also transmit over this channel. As a result, the transmission speed is reduced because the networks have to wait for each other.
If the router understands DFS but some clients do not, they will not be able to access the WLAN if the base station uses a channel above 48. Then you have to set a fixed channel below that in the router, with the consequences mentioned for the speed.
Conclusion: In most cases, transmission over 5 GHz is faster. This is because almost everywhere there are still more WLAN devices using 2.4 than 5 GHz, so that even a transfer rate over 5 GHz that is not optimal is significantly better than data exchange over 2.4 GHz.
If you have problems with devices without DFS, you should think about replacing them so that you can actually use the speed advantages of 5 GHz.
Band steering: Using the same SSID for all WLANs?
Current WLAN routers promise to increase the speed for all devices via band steering: With this function, they can distribute WLAN clients optimally over the frequencies so that they do not interfere with each other and always have the best connection. For this, the WLANs over 2.4 and 5 GHz must have the same network identifier (SSID). Only then can the router redirect the clients without a longer pause.
However, you then leave the WLAN management completely to the router - you can no longer intervene manually. In addition, it usually remains unclear according to which rules the router distributes the clients. Only a few routers for private customers allow users to enter detailed instructions for band steering, for example, to specify that clients should change frequency at a certain data rate or signal strength.
In practice, this can lead to some WLAN clients switching between 2.4 and 5 GHz too late or not at all: Then they work slower than if you manually set them to the better frequency and slow down faster devices.
To benefit from band steering, you should therefore ensure that all WLAN devices are always running with up-to-date firmware and drivers. For clients, make sure they support the 802.11k and 802.11v WLAN standards, which improve band steering.
If you suspect that certain devices do not get along with band steering, you can check in the event log of the router, for example, whether it redirects these clients or whether they are permanently on the same frequency, even if they move away from the router. If band-steering is working, you will see an entry such as "WLAN device has been re-registered (band-steering)" under "System -' Events" on a Fritzbox, for example: Automatic WLAN band change for improved data transmission".
Conclusion: The more up-to-date the devices in your WLAN are, the higher the chances are that band steering will bring a speed advantage. If you do not want to rely on this function, you must define a separate SSID for each WLAN band and then connect the devices manually. This effort is worthwhile if you mainly bring stationary devices such as PCs or televisions into the wireless network in this way and the number of active clients in your wireless network does not change.
Switch off WLAN coexistence for more speed?
Many routers offer a setting for 2.4 GHz such as "WLAN coexistence active" or "20/40 MHz coexistence". Many WLAN forums debate whether the router should use this function or not. Basically, it gives you more speed if you switch off this option: Then the router uses wider 40 MHz radio channels over 2.4 GHz in any case and can transmit data faster, provided the WLAN clients also support this channel bandwidth. However, if you do not have any corresponding devices, switching off the option does not bring any advantages.
However, if other WLANs are operating in the neighbourhood, your router will interfere massively with them if the option is deactivated, or the neighbouring router with switched-off coexistence will negatively influence your WLAN. The coexistence function is intended to avoid this battle for dominance in the radio channel: If it is active, your router works with a 40 MHz channel until it detects another network on 2.4 GHz. Then it switches to 20 MHz so that each WLAN can operate as free of interference as possible.
Conclusion: With this option, you decide whether you want to be Tempo under all circumstances or prefer to be a nice neighbour. If your WLAN is alone in the neighbourhood, there is no reason why you should not switch off coexistence. If you only have one WLAN in the neighbourhood, you can make a mutually beneficial agreement: Your neighbour and you activate channels 12 and 13 in the respective router via 2.4 GHz. Then one sets its WLAN to channel 1, the other to channel 13. Then both radio networks can work with 40 MHz channels without interfering with each other.
Another way to combine high transfer rates and neighbourhood peace: Reduce the transmission power of the router so that its signals no longer reach the neighbouring WLANs.
Do you have to change the WLAN password regularly?
If your WLAN password is secure, you should not change it. Secure means that the effort for an attacker to find it out is too high: This should be the case for a password with ten characters, provided it cannot be found in any dictionary and has nothing to do with you.
But you should definitely change the WLAN password at least once: Because all WLAN routers are now sold with a preset WLAN key - and it is stored somewhere: Either it is on the router housing or on a piece of paper that came with the router. So you cannot rule out the possibility that this password remains unknown.
In this context, you should also think about whether you have already given the password to someone - for example, to a guest who needed to access the Internet quickly or to your friends at a party. In this case, it is advisable to change the Wi-Fi key.
Conclusion: Once you have created a sufficiently strong WLAN password, you no longer need to change it.
Should you make your network invisible?
At first glance, this is an obvious recommendation: Set the router to hide the network identifier (SSID) of your WLANs - what an attacker cannot see, he cannot attack.
However, this does not really hide your wireless network. Most analysis tools show the nameless WLAN and Windows recognises it as a "hidden network" among the available WLANs. This is because the SSID still appears during data transmission - with the hide option you only prevent the router from automatically sending out the WLAN identifier so that clients can find it. But the WLAN is still present, and therefore the router responds, for example, to known clients that send out the SSID in plain text in their connection request.
An attacker does not have to be particularly technically adept to discover what you want to hide - and possibly that is what makes an attack more attractive. Even if you want to register a new device in the WLAN, the hidden SSID makes the connection more difficult because you have to tell it not only the WLAN password but also the SSID beforehand.
A hidden SSID makes sense if you want to direct visitors to the WLAN intended for them at work or at home: Activate the guest WLAN and hide the SSID of your main WLAN so that no one tries to connect to the other network.
Conclusion: Hiding the SSID protects against random connection attempts, not against targeted attacks. It increases network security minimally - and only if you also use other, more sensible measures such as a strong WLAN password.
Block WLAN for unknown devices via MAC filter?
As with SSID hiding, the question with access restrictions via MAC address is: Does the measure bring more security than it causes effort?
With a MAC filter, you determine that only devices that the router knows can access the WLAN. It identifies them by means of the MAC address, which is actually unique for each device. The router uses this method, for example, for parental controls or for time restrictions on individual devices for online access.
However, it is not the WLAN hardware that reports its MAC address directly to the router, but the operating system: Since this transmission is not encrypted, the MAC address can be changed: There are numerous tools for this on the Internet. The children use this to give a device that has been blocked by parental controls a new MAC address, whereupon the router allows them unrestricted access as a new client. If you have locked out all unknown devices, the intruder must know the MAC address of a permitted device in order to trick the filter.
However, this measure increases the effort if you want to bring a new device into the WLAN: For the router to allow the connection, you must not only enter the SSID and password in the client when logging in, but also allow the MAC address in the router menu. If this does not happen every day, you often forget that a Mac filter is activated in the router and wonder why the WLAN connection with the new device is not established.
Conclusion: A MAC filter can be an additional piece in the mosaic for perfect network protection, but it causes additional effort when registering new devices. However, even this measure can be circumvented by dedicated attackers, which is why it must only be an additional security option. (PC-Welt)