Monday, November 8, 2010

Wake on Wireless LAN

Let me just get this out of the way - you will not implement Wake on Wireless LAN. I'm not hating on the technology, in-fact I think it's pretty cool. The simple fact is that there is not enough industry support for WoWLAN to make it feasible for most organizations.

However, WoWLAN is an interesting case study as more organizations move toward a mobile workforce where wireless networking is their primary connection. It provides insight into what technical hurdles must be crossed to achieve "Green IT" in a wireless world, provides lessons learned for organizations considering the "all-wireless" jump, and hopefully will compel large organizations to apply pressure to industry manufacturers to develop a suitable replacement technology.

WoWLAN Overview
Similar to Wake-on-LAN (WoL), Wake on Wireless LAN (WoWLAN) is a technology that allows remote wake-up of workstations from a standby power state to facilitate device management. WoWLAN is based on the well-established WoL standard used over wired Ethernet networks, and can provide similar functionality and benefits.

However, functionality is not entirely equivalent to WoL and there are a few serious limitations that may prevent organizations from considering WoWLAN a viable technology.

Benefits
The ability to place workstations into a low-power mode provides one primary benefit to the organization, reduced facilities operational expenses. Green IT initiatives are pushing most organizations to find operational areas where energy consumption can be reduced, either through process improvement, equipment consolidation, or virtualization.

One primary method organizations are achieving these savings are through smarter workstation power management practices. Purchasing Energy Star certified equipment and minimizing device power draw during off-hours allow organizations to save a considerable amount of money.

Consider that desktops consume between 100 - 250 Watts when powered on, and around 2 - 6 Watts when in sleep/standby. On the other hand, laptops require between 15 - 60 Watts of electricity to run when active, but only around 1-2 Watts when in sleep mode. That difference can translate into a large amount of savings just by placing devices into sleep/standby mode when no one is using them. Assuming the typical office worker is using the workstation for only 8-10 hours/day, most organizations could safely place the machines into sleep mode for 14-16 hours.

Let's take an example using a laptop, since that will be the primary use-case for WoWLAN. We'll use a Dell Latitude D630, a common corporate laptop for the masses. This particular model consumes 46.87 Watts active, and 2.04 Watts in standby mode. Let's also assume that this is a large organization with an inventory of 5,000 laptops and is paying $0.10 / kW-hour.

Prior to implementing the standby mode policy, energy consumption would have been:
     ( 46.87 W * 24 hours * 365 days / 1,000 W/kW ) * $0.10 * 5,000 laptops = $205,290/year

After implementing the policy, assuming a 9 hour work day, laptops will be placed in standby mode for 15 hours each day:
     [ ( 46.87 W * 9 hours) + (2.04 W * 15 hours ) ] * 365 days / 1,000 W/kW * $0.10 * 5,000 laptops = $82,568/year

Net Savings = $122,722/year (roughly 59% reduction in energy expense)

Technology Drivers
So, why not just implement our laptop standby policy, claim the expense reduction, pat ourselves on the back, and be done with it? Because most invasive IT processes run overnight when there is no user to impact. Just leaving a device in standby mode will cause all sorts of processes to break in almost any organization, big or small.

Some of the functional requirements for implementing Wake on Wireless LAN solutions include the following:

- Security Patching - typically scheduled for installation after business hours to reduce the impact to employees, security patching is one of those functions that needs to happen. Period. Running updates during the day is a quick way to frustrate and de-motivate employees. Even worse is scheduling it overnight, only to have a contradictory policy placing all workstations in standby every night preventing the patches from installing until the next morning when the employee returns to work and powers it back up. That's a quick way to make the IT department look incompetent and a major pain in the rear!

- Remote Desktop Access - some organizations support remote access for employees through a home computer with limited access to internal resources. Broader access can be granted by giving employees the ability to remote desktop into their corporate owned workstation sitting at work. This allows more functional access while maintaining close control over data exposure. In order to remote into the system, a method to wake it back up must be provided and reliably executed.

- All-Wireless Network - many organizations are now purchasing laptops rather than desktops for their employees for a variety of benefits, including mobility and productivity. This is shifting network traffic from wired to wireless networks, and thus places additional requirements on wireless solutions than previously existed. Deploying an "all-wireless" office is reasonably possible using Wi-Fi networks today, requiring equivalent functionality of a wired network.

How it Works
Wake on Wireless LAN works very similarly to traditional WoL solutions. Components include a network management application software suite that provides workstation inventory and central policy controls, a master workstation on each broadcast domain (subnet) which is selected by the management suite, and the use of broadcast "magic" packets used to wake up the remote system.

Here is a sample wireless magic packet (download for reference):


Although the example above shows an unencrypted magic packet, the security of the frame will be dictated by the network policy attached to the wireless network. Therefore, broadcast frames including magic packets will be encrypted using the GTK (Group Temporal Key). Therefore, wireless workstations in standby mode need to remain associated to the BSS in order to properly receive the magic packet. Although subtle at first, this requirement has a pronounced effect on workstation behavior while in standby mode, forcing the wireless NIC to come out of power-save mode in order to send traffic and maintain status in the BSS at regular intervals. A "listen-only" approach is no longer sufficient. This behavior also impacts the power consumption of the workstation, and although not large amounts of power are required, over a period of time such as several hours this could drain a laptop batter dry (especially an old battery).

In order to support WoWLAN, the wireless infrastructure will need to be configured to allow broadcast wireless frames to traverse the network. Newer enterprise class wireless networks typically have advanced features that filter broadcast frames by default to improve performance of the network. That feature will need to be disabled to allow WoWLAN to function properly.

Enterprise class systems generally integrate well with DNS for workstation resolutions and wake-up, rather than relying on users to identify workstations by MAC addresses. This enables usability of the solution for employees.

Typically a wired workstation will be selected in the broadcast domain to serve as the master workstation due to preference for higher bandwidth workstations, especially if connected via gigabit Ethernet.

Configuration of the workstation's wireless adapter is required in order to allow the adapter to wake the system from a standby or low-power state. This is accomplished on Windows machines through the adapter properties dialog:

Additionally, most WoL management suites provide workstation agents that can run in the background to check-in to the management application for inventory, policy updates, as well as to allow the employee to override the corporate settings for a limited amount of time when necessary. An employee portal or tool front-end is usually also supplied to allow remote wake-up through a web interface that is easily accessible.

To wake up a machine, the employee logs into the web portal, enters the workstation DNS name or selects it from a list and confirms the selection. On the back-end, the management workstation queries the device in DNS and within it's inventory to discover it's current IP subnet and stored MAC address. The master workstation for the subnet is then contacted to begin transmitting the magic packet for a pre-determined interval. The packet is sent out the wireless LAN during the next DTIM period, during which the wireless workstation awakes from power-save mode upon seeing queued broadcast traffic indicated in the DTIM beacon and receives the magic packet instructing the workstation to fully wake from standby.

Having tested this setup, I can say this process works successfully.

Limitations
Although functional, WoWLAN does have some serious practical limitations. These limitations are fairly significant, and will likely prevent many organizations from deploying WoWLAN.

- Integrated Adapters Required - The wireless adapter is required to be integrated onto the motherboard in order to control the power state of the workstation (this category also includes mini-PCI and mini-PCIe adapters). Newer motherboards and plug-in wireless adapters do not have the required power connector and cable as some older systems provided. Therefore, external adapters that are not integrated into the motherboard will not be able to control the power circuity and thus cannot support WoWLAN.

- Limited On-Board Adapter Support - Notably, I have found that Intel adapters are the only ones which support WoWLAN. I am unaware of any other chipset manufacturer currently providing support for this feature. This is easily identified on Windows machines by checking for the presence of the power management tab and settings within the wireless adapter properties.

- Standby Mode Only - Because wireless clients must remain connected to the BSS at all times, standby mode is the lowest power state supported. Hibernation or full power off states will not work because no power is provided to the wireless NIC to maintain network association.

- AC Power State - During testing, one curious behavior seemingly played tricks on me for quite some time. It appears that power control of laptops by wireless adapters is quite sensitive to the AC power state. Wake-up from standby only appears to work when the laptop is placed into standby mode while connected to an AC electrical source and remains connected to that source until woken. If the laptop is removed from AC power while in standby, or initially placed into standby mode while on battery power, WoWLAN is ineffective. After thinking about this one, it is fairly logical to conclude that WoWLAN requires a certain amount of power draw by the wireless NIC to remain associated, possibly prompting concerns over battery life and integrity if WoWLAN were allowed to function while on battery power alone. Whatever the case, AC power is required at standby initiation and throughout the duration of low-power state.

- Negative Performance Impact - Allowing broadcast wireless frames across the wireless network will reduce network performance. This is an unfortunate side effect, but one that cannot be avoided. However, through proper architecture the negative impact can be greatly minimized. This includes blocking wireless client to client communication and isolating wireless clients on their own broadcast domain to minimize potential broadcast packets to the default gateway and potentially one wired master workstation for the subnet (strategically deployed by an administrator of course).

Conclusions
While technically feasible, Wake on Wireless LAN is saddled with severe limitations and lack of industry support. It is doubtful that most organizations could even consider a WoWLAN deployment unless running an environment composed entirely of Intel wireless adapters.

However, it appears that Intel has used its WoWLAN experiences and is bundling comparable functionality into its vPro feature line. Newer adapters that are vPro compatible (such as the Intel 6200 and 6300 models) claim to offer wireless system manageability and remote repair even when the system is in a completely powered off state. I suggest reading the vPro whitepaper linked above. It also clearly identifies the AC power state is still required to remotely wake a wireless client.

WoWLAN appears to have been a technology that missed wide adoption, but lives on through the learnings it provided. vPro stands ready to fill the gap, but requires newer hardware. I guess it's time to diligently update workstation requirements and purchase accordingly moving forward.

Additional Resources
Intel WoWLAN Technical Brief (Sorry for the 3rd party website link. Intel seems to have pulled this tech brief off their website. Not a good sign!)

Cheers,
-Andrew

P.S. - If any has any WoWLAN experiences, I would love to hear about it. Please share your testing, results, and success / failures with this feature.

17 comments:

  1. And a piece of useful online service that can be used with either WoL and WoWLAN - http://wakeonlan.me

    It can wake up computers remotely over the Internet, schedule the wakeups for necessary time and date, has WAP and Mobile/PDA version to quickly access it from portable devices.

    ReplyDelete
  2. Hi Alex,
    Thanks for the link! I'll have to check it out for consumer / home use.

    Andrew

    ReplyDelete
  3. Thanks for the info. Linksys/Cisco claims the WMP54G supports WoWLAN, but Windows 7 grays out the option in its adapter settings, so I think something is up.

    ReplyDelete
  4. Greetings Andrew!
    Came across your blog while searching for info on WoWLAN. Currently working as the tech admin at a large local high school in Finland and have got WoL already implemented. Ran into a wall concerning WoWLAN due to a lack of Intel network adapters on the laptops. Great post and site anyway!

    -Janne Cederberg
    MSc, MCP

    ReplyDelete
  5. Hi Janne,
    Thanks for reading and your feedback.

    Andrew

    ReplyDelete
  6. "Newer enterprise class wireless networks typically have advanced features that filter broadcast frames by default to improve performance of the network."

    Could you please elaborate? By "frames", I assume you're referring to filtering L2 traffic within a broadcast domain...

    Feature name?

    How do these filters account for ARP, DHCP, and the like?

    Thanks!

    ReplyDelete
  7. Hi Chris,
    Yes, that statement it meant filtering layer 2 broadcast and multicast frames from being transmitted out over the air. An example of this is the Cisco WLC performing ARP Proxy and DHCP Relay for clients, thus preventing the need for broadcast traffic to be sent to the clients over the air. Unless additional applications need broadcast or multicast enabled, it is disabled by default.

    You can read more on this capability in the Cisco Enterprise Mobility 4.1 Design Guide - Chapter 2

    Cheers,
    Andrew

    ReplyDelete
  8. I suspect the reason that the laptop must be connected to an AC source is to prevent startup when the laptop is not in a suitable environment. ie it is not in a laptop bag where it would overheat etc. Battery life I doubt is the issue.

    ReplyDelete
  9. Thanks for the info.

    I don't think "Security Patching" is a problem for WOL. I have been using WOL on my wired workstation for years. I always put my Windows PC to hibernate before I leave every day. This is what I have found for OS patching and hibernate: PC should download the patches during the office hours then install them at the scheduled time(usually 2am) even it is in hibernate state. Then it reboots to finish the installation by itself. Then when I arrive the next morning, I would notice the PC is ON. After I log in, it tells me the Windows updates have been installed. So this process does not bother me at all.

    ReplyDelete
  10. A very large downfall to this technology is startup time. Depending on the machine, it can take over 1 minute to start up a standard desktop or laptop computer. If you have an office of 5000 engineers that get paid $60,000 per year and one minute of their time per day is dedicated to starting up their computer...

    5000 engineers
    60000 dollars per year
    374400 minutes per work year (260 days)
    0.16 dollars per minute for each engineer
    801.3 startup dollars per day for all engineers
    208,333 startup dollars per year for all engineers

    This mitigates the energy consumption.

    ReplyDelete
    Replies
    1. Salaried employees are not paid by the minute or hour, but based on successfully completing their responsibilities. I don't think you can claim such a soft-cost of lost productivity. Electricity on the other hand is a hard-cost that actually affects the cash flow of a company.

      Regardless, power management on workstations can be scheduled to wake the device back up prior to office workers coming back in for work in the morning. This negates your argument in my opinion.

      Delete
    2. I agree with Andrew that scheduling the WOL negates the argument. And even if scheduling wouldn't be possible I would still have a bunch of things to attend to while the computers start-up in the morning. I don't sip coffee waiting at loading screens when I'm at work. It's called multitasking :)

      Delete
    3. Hello, I am trying to configure wake on wireless lan with atheros 9280 mini pci-e card, in windows 7 and redhAT 6.

      In windows 7 I can´t configure with any drivers modified or original, I read that one pin of the card is unconnected, but the chipset is capable to work with wowlan, the option in the power management to allow the device to bring the computer out to standby is greyed. With intel 6230 card it works in suspend mode

      In redhat 6.3 with kernel 3.6.11, I can manage with the iw comand updated with 3.7 version, but it does´nt work supposedly because the system has problems with the ifcfg80211 module that crashes because the kernel doesn´t work

      Do you know if with this atheros card can works with wowlan?¿

      Sorry for my horrible english but could be worse, I am from Spain .

      Delete
    4. Lets change this from engineers, also I notice you think they work 24 hour days.
      24 hours x 60 = 1440 minutes
      1440 minutes x 260 working days = 374400 working minutes, this is impossible to work constantly so lets turn this into 8 hour days, not 24 hour days.
      If we think of employees doing 8 hour days, forgetting lunch and breaks... That "wage" makes minutes more valuable.
      Lets face it, not many laptops or workstations boot to desktop in under a minute.

      5000 employees
      60000 dollars per year
      124800 minutes per work year (260 days)
      0.48 dollars per minute for each engineer
      2400 startup dollars per day for all engineers
      624,000 startup dollars per year for all engineers

      If we forget the WoWLAN being for wireless, and you get all workstations to boot on weekdays 5 - 10 minutes before they get to their desks, you immediately have gained productivity, saved wages on startup minutes etc etc...

      Delete
  11. I have Intel 7260 WiFi adapter and WoWOLAN works only in S3 state. Is Intel 7260 supports WoWLAN from power off (S5) state?

    ReplyDelete
  12. Hello,

    I have an embedded device using TI's Wilink 8 modules and running android ICS. I am able to put the device to suspend using iw utility. My next step is to test out the wakeup of the device. Is there any utility available that I can use to send magic packets to the device within a private network with IP - 172.30.144.192 to test waking up this device??

    ReplyDelete