802.11 Roaming – A Simple Real-World Introduction

Roaming in Wi-Fi means your device (like a phone or laptop) switches from one access point (AP) to another as you move around. The goal is to keep your connection alive without any noticeable drop – like walking through your office while on a call and not getting cut off. Sounds easy? It’s not.

Who Decides When to Roam?

Not the access point. Your device decides when to switch. Yep – the roaming logic lives in your phone, laptop, tablet, etc. And not all devices do this equally well. Some stick to weak signals way too long, which causes slow speeds and dropped connections. We call them "sticky clients."

How Roaming Actually Works

• Scanning: Your device scans for other APs nearby, either by listening passively or actively looking.
• Decision: If the current AP is weak and a better one is nearby, your device makes the switch.
• Authentication: It quickly authenticates with the new AP (can take time without proper setup).
• Association: The device finishes the handshake and gets back to work – ideally without interruption.

What Can Go Wrong?

• Some devices roam too late, hanging on to bad signals.
• Without fast roaming features, the switch can take hundreds of milliseconds – not great for voice or video.
• Enterprise security (like WPA2-Enterprise) can slow things down even more if not optimized.

Tools That Help: 802.11k, 802.11r, 802.11v

• 802.11k: Helps the client find nearby APs faster by providing a neighbor list.
• 802.11r: Speeds up authentication by preparing keys in advance (fast transition).
• 802.11v: Lets APs suggest better connections to clients (though clients don’t have to listen).

Tips That Actually Work

• Don’t max out AP transmit power – it makes roaming worse.
• Ensure a signal overlap of about 15–20% between APs.
• Enable 802.11k/r/v if your APs and devices support them.
• Use band steering to move devices from 2.4 GHz to the cleaner 5 GHz band.

Roaming can be smooth – or a total mess. It depends on good network design, client behavior, and whether your equipment supports the smarter roaming features. When everything’s in sync, you get seamless transitions, stable voice calls, and happy users. But if not? Expect complaints and poor performance.

Always test your environment. Know your clients. Tune your APs. Roaming is an art and a science – and when done right, it just works.

What the Heck is 802.11k?

Alright, so 802.11k is like the Wi-Fi version of “ask for directions before you get lost.” It doesn’t make your Wi-Fi faster, but it helps your device roam smarter. And yeah, that matters – especially when you're on a Zoom call or in the middle of a game and your phone suddenly decides it wants to stick to an AP with one bar just because it’s sentimental.

What Does It Do?

Basically, instead of having your device do a full-blown, energy-wasting scan to figure out where to roam next, 802.11k lets your access point (AP) hand over a nice little cheat sheet called a Neighbor Report.

This report tells your device: “Yo, these are the APs around here, this is where they hang out (channel/frequency), and yeah, that one over there has decent signal.” So now your device doesn't have to guess or panic scan like it lost its car keys.

How It Works (Real Talk)

• Your device asks the AP: “Hey man, got a list of APs around here?” – this happens through a special management frame.
• The AP replies: “Sure, here’s the neighbor report.” It includes BSSID, channels, and a little bonus info like whether the AP is even reachable.

So yeah, now your device has a roadmap. When the time comes to roam, it can make a decision fast and not wander around like a confused tourist in a subway station.

Extra Geek Stuff

802.11k also brings something called RCPI – that’s just a fancy way of measuring how strong a signal is. It crunches the signal in dBm and spits out a clean number between 0 and 220. So your device can say: “Nah, this AP is trash,” without guessing based on one bar and a prayer.

Why It’s Cool

• No more slow-ass roaming because your device keeps scanning every channel known to mankind
• Better call quality, better game performance, and less battery drain
• Works great with 802.11r (fast handshakes) and 802.11v (AP suggestions)

But Wait – 802.11k Ain’t Always Right

Yeah, 802.11k is supposed to help your device roam smarter, right? But here’s the kicker – it only works as well as the info it gets. If the controller’s got garbage neighbor data, guess what? Your roaming choices are garbage too.

Take a warehouse for example – those long aisles with directional antennas just covering one row at a time. The APs might not “see” each other well enough to report good neighbors. So what happens? The controller builds a neighbor report that looks good on paper but totally sucks in real life.

Your device ends up getting a suggestion like: “Hey, try this AP on channel 157!” – but that AP’s two aisles away behind 20 tons of steel racks. Signal? What signal?

Lesson learned: 802.11k needs real, solid neighbor relationships to be useful. Bad RF visibility = bad roaming decisions. So don’t just enable k and walk away. Make sure your APs actually know each other like good neighbors should.

802.11k makes your device smarter when it’s time to roam. It cuts the guesswork and the scanning drama, and helps everything just work smoother – if your device actually listens to it. (Looking at you, budget phones...)

What the Hell is 802.11r?

Alright, so 802.11r – also known as Fast BSS Transition (FT) – is Wi-Fi’s way of saying, “let’s not waste time when you switch access points.” You move from one room to another, still on that Zoom call? 802.11r is the thing that tries to keep that call alive without weird glitches or dropouts.

Why Even Bother?

Because some stuff – like Voice over WLAN – needs super low delay, like 150ms max, or it sounds like a robot drowning in a tunnel. So yeah, fast roaming matters.

How 802.11r Works (the chill version)

Instead of waiting till the last second, your device and the AP sort out the crypto stuff before the actual switch. So when it’s time to roam, the handshake’s basically done. Boom – seamless hop.

This works only if the APs and the device are in the same so-called “mobility domain.” They share this info via beacon and probe response frames. If the info doesn’t match? No roam for you, buddy.

The Two Roaming Flavors

• Over-the-Air FT: Your device talks directly to the new AP. Four quick frame exchanges...
• Over-the-DS FT: The device talks to the target AP through the current AP – like passing notes in class.

What’s the Big Win?

• Way less roaming delay – no more waiting around during key exchange
• Voice calls stay alive, video meetings don’t hiccup, online games don’t rage-quit
• It skips the slow 802.1X EAP stuff and just handles the final encryption keys fast

To make roaming really rock, 802.11r works best when you also turn on 802.11k (for knowing where the other APs are) and 802.11v (for a little friendly advice from the APs).

So yeah – 802.11r is your fast lane in the Wi-Fi world. You don’t see it, but your packets sure appreciate it.

So What’s the Deal with 802.11v?

Alright, 802.11v is the Wi-Fi feature that lets your access point (AP) say to your device: “Hey buddy, you're hanging on to the wrong AP – there’s a better one over there.” It’s like a polite nudge to go find better signal and less traffic. It doesn’t force anything, but it makes a solid suggestion.

What Does It Actually Do?

At the core, 802.11v adds something called BSS Transition Management. Fancy term, simple idea: The AP can suggest a better AP for your device to roam to. Think of it like your router playing traffic cop: “Move along, nothing to see here, the next one’s got more bars and fewer users.”

How It Works

While 802.11k gives your device a passive list of neighboring APs (kind of like a paper map), 802.11v is more like GPS with live traffic updates. The AP tells your device, in real time, where it should go next for better signal, less congestion, or just a stronger connection.

The cool part? It’s not just about signal strength – it also considers load and other network stats. So, your device gets a smart nudge, not just a “more bars = better” guess.

Why It’s Useful

• Makes roaming more efficient – less “Why did my Zoom call drop again?” moments
• Helps offload clients from overloaded APs
• Works great in busy networks – offices, campuses, warehouses, you name it
• Pairs well with 802.11r (for fast transitions) and 802.11k (for neighbor info)

But There’s a Catch (Of Course)

• Just because the AP suggests, doesn’t mean your device will listen
• Some devices ignore it completely – especially budget phones or stubborn legacy clients
• Requires proper support on both ends (AP and client)

802.11v gives your device friendly roaming advice. It’s like your AP saying, “Seriously, go talk to that guy – he’s got better signal and less baggage.” Doesn’t force you, just helps.

And when combined with 802.11k and 802.11r, it creates that smooth, almost magical Wi-Fi roaming experience – no lag, no drops, no drama.

What’s the Deal with 802.11e? (a.k.a. Wi-Fi Traffic Cop)

Alright, so 802.11e is the Wi-Fi flavor that gives priority lanes to voice, video, and all the stuff people actually care about. No more one-size-fits-all nonsense. This thing showed up to fix the chaos when everyone’s screaming “ME FIRST” on the Wi-Fi highway.

Before 802.11e, life was rough. Every device had to fight the same way to talk. Netflix, your VoIP call, that random background app downloading updates – all in the same traffic jam. Enter EDCA – Enhanced Distributed Channel Access – the not-so-sexy hero of the wireless world.

So What’s Inside This Magic?

Access Categories (ACs): Four of 'em, like traffic lanes:

• AC_VO – Voice: VIP lane
• AC_VI – Video: almost VIP
• AC_BE – Best Effort: average Joe traffic
• AC_BK – Background: yeah, the basement

They’re based on those nerdy 802.1D user priorities (UP 0–7). More UP, more priority.

How Does It Actually Do the Prioritizing?

• Shorter wait times (called AIFS) for VIP traffic
• Smaller contention windows for high-priority frames – they cut in line, basically
• Probabilistic – so yeah, even VIPs don’t always win, but usually do

What’s This WMM Thing Then?

WMM = Wi-Fi Multimedia, the friendly label slapped on gear that supports this priority magic.

• WMM Power Save – helps your device nap smartly
• WMM Admission Control – tells devices when it’s okay to jump in (or not)

All baked into the Wi-Fi Alliance certs

Other Cool Bits Introduced

• New station types: QoS APs and QoS STAs
• QoS Control field added in the frame header – carries queue info
• Block ACKs: groups a bunch of ACKs into one – less chatter, more data

Is It Everywhere Now?

Pretty much. Since 2005, 802.11e made its way into the main standard. Any modern 802.11n/ac/ax gear worth its salt supports QoS. That old PCF stuff? Dead. Never took off anyway.

No WMM? No MCS Rates for You, Buddy

Here's a spicy little secret that wrecks Wi-Fi performance more often than you'd think: if WMM (Wi-Fi Multimedia) isn’t enabled – guess what? Your device won’t use MCS (Modulation and Coding Scheme) data rates. Yep, that’s right. No WMM = stuck at legacy 802.11a/b/g speeds. Party like it’s 2006.

Why? Because modern Wi-Fi (like 802.11n/ac/ax) requires WMM to use QoS features – and without QoS enabled, the standard says: “Nah bro, you don’t get the good stuff.”

So your 300 Mbps-rated client might suddenly be limping along at 54 Mbps max. And you sit there wondering why your enterprise network feels like dial-up during a Zoom call.

Pro tip: Always check if WMM is on – on your APs and in your client settings (especially on old printers, cheap IoT junk, or that one weird VoIP handset nobody wants to touch).

802.11e made Wi-Fi behave more like a polite dinner party and less like a fistfight in a bar. If you want smooth voice, decent video, and no rage during game night – this is the silent enabler you never thanked. But it’s there. Doing its job. Like a champ.

802.1X and Roaming – What’s the Deal?

Alright, so 802.1X isn’t a roaming protocol, but it plays a huge role in how roaming works in secure enterprise Wi-Fi. Basically, it's the gatekeeper. No handshake, no access.

So How Does It Work?

When your device wants to join a Wi-Fi network, it goes through a whole dance:

1. First it finds the network (scanning... always scanning).
2. Then it goes from "not connected" to "authenticated and associated."
3. With 802.1X, that means your device talks to the access point (AP), which then talks to a RADIUS server to check your creds (via EAP).
4. If all's good, it builds encryption keys through something called the 4-Way Handshake.

Roaming Before Fancy Tricks Like 802.11r

Now imagine you're walking from one AP to another – your device needs to reconnect, and with 802.1X that means doing that whole dance again. Every. Single. Time.

This can take 200–500 ms, which is fine for web surfing, but for voice or video calls? That lag is brutal. You’ll get dropped, stutter, or sound like a robot underwater.

Why It's a Problem

• Real-time apps (like VoIP) need super-fast transitions – we’re talking < 150 ms.
• 802.1X adds overhead that slows things down.
• Some phones or tablets don’t handle it well – they pause, scan, struggle.

So What Can We Do?

Enter the tweaks and workarounds. Engineers cooked up some tricks to speed up that slow handshake and make roaming smooth again:

• Preauthentication – your device checks in with nearby APs before it actually roams. If the key setup is already done, roaming's a breeze.
• PMK Caching – if your device reconnects to an AP it used before, it skips the full handshake.
• 802.11r – sets up keys before the switch. Like booking a hotel before arrival.

Preauthentication – Get Ready Before You Move

Preauthentication (aka “Vorauthentifizierung”) is like checking into the next hotel while you're still chilling in your current one. It came before 802.11r and speeds up the EAP handshake during roaming.

How It Works

• APs must be in the same ESS and advertise preauth support via Beacon frames (RSN IE).
• Your client begins forming a security association (RSNA) with a target AP before switching to it.
• If 802.1X auth works, they establish a PMKSA between device and target AP.
• Once roaming begins, the client skips full EAP and starts straight into the 4-Way Handshake.
• The Reassociation Request says: “Hey, I’ve got a PMK already” using PMKID in the RSN IE.

Why It Ain’t Perfect

• Doesn’t scale in big networks – APs must store PMKSAs for all clients.
• If the PMKSA expired? Back to full 802.1X handshake.

Preauth vs PMK Caching

• Preauth: Setup happens before you roam.
• PMK Caching: Reuse happens after you return to a previously used AP.

PMK Caching – The "Hey, We’ve Met Before" Trick

PMK Caching means your device remembers a good AP it connected with before. So next time it sees that AP? No small talk – straight to business.

How It Works

1. After successful 802.1X connection, device and AP save the PMKSA.
2. If the client comes back while the PMKSA is still valid, it sends a Reassociation Request with the PMKID.
3. The AP checks – if it has the PMKSA, it skips straight to the 4-Way Handshake. Done.

Difference to Preauth

• PMK Caching: You’ve been there before – reused keys.
• Preauth: You’re preparing for a visit – setting up new keys early.

Limitations

• Again, not great for big setups – lots of memory for many keys.
• If the key expired or isn’t cached? Full EAP again. Sorry, buddy.

The 4-Way Handshake – The Secret Wi-Fi Ritual

Here’s the real talk: the 4-Way Handshake is the behind-the-scenes bouncer that makes sure you and the AP can talk securely. It builds encryption keys and prevents your device from shouting secrets over the air.

How It Goes Down

1. Message 1: AP sends ANonce and optional PMKID.
2. Message 2: Client replies with SNonce + MIC. PTK is built on both sides.
3. Message 3: AP verifies MIC, sends GTK encrypted + MIC.
4. Message 4: Client says “Cool, we’re synced.” Encryption is now live.

Why It Matters

• PTK/GTK: PTK = unicast. GTK = broadcast/multicast.
• Preauth + PMK Caching: Lets you skip EAP and jump straight to the 4-Way Handshake during roaming.
• WPA3: The 4-Way Handshake still happens.
• Controlled Port: Locked until the handshake’s complete.
• Packet Capture: Want to decrypt traffic? Catch all 4 EAPOLs or forget it.

RCPI – The Wi-Fi Strength-o-Meter

RCPI (Received Channel Power Indicator) is the nerd-approved signal strength value standardized by 802.11k. It’s better than guessing with signal bars.

How It Works

• RCPI = INT((dBm + 110) * 2)
• Range: 0 (≤ -110 dBm) to 220 (≥ 0 dBm)
• Expected accuracy: ±5 dB
• Measured across all antennas during frame reception

Where It Lives

• Included in Association Response frame
• Supported by all PHY types (even if ac/ax defer to 11n for the math)

RCPI tells your device how "loud" the AP sounds. No voodoo – just numbers.